GreenTunnel, an anti-censorship utility designed to bypass the DPI system

栏目: IT技术 · 发布时间: 4年前

内容简介:GreenTunnel bypasses DPI (Deep Packet Inspection) systems found in many ISPs (Internet Service Providers) which block access to certain websites.

Green Tunnel

GreenTunnel, an anti-censorship utility designed to bypass the DPI system

GreenTunnel bypasses DPI (Deep Packet Inspection) systems found in many ISPs (Internet Service Providers) which block access to certain websites.

GreenTunnel, an anti-censorship utility designed to bypass the DPI system

How to use

Graphical user interface (GUI)

You can simply choose the suitable installation for your OS in the releases section.

Command-line interface (CLI)

You can install GreenTunnel using npm :

$ npm i -g green-tunnel

after installation you can run it using gt or green-tunnel commands.

$ gt --help
Usage: green-tunnel [options]
Usage: gt [options]

Options:
  --help, -h      Show help                                            [boolean]
  --version, -V   Show version number                                  [boolean]
  --ip            ip address to bind proxy server[string] [default: "127.0.0.1"]
  --port          port address to bind proxy server     [number] [default: 8000]
  --dns-type               [string] [choices: "https", "tls"] [default: "https"]
  --dns-server        [string] [default: "https://cloudflare-dns.com/dns-query"]
  --silent, -s    run in silent mode                  [boolean] [default: false]
  --verbose, -v   debug mode                              [string] [default: ""]
  --system-proxy  automatic set system-proxy           [boolean] [default: true]

Examples:
  gt
  gt --ip 127.0.0.1 --port 8000
  gt --dns-server https://doh.securedns.eu/dns-query
  gt --verbose 'green-tunnel:proxy*'

ISSUES:  https://github.com/SadeghHayeri/GreenTunnel/issues

for debug use verbose option:

$ green-tunnel --verbose 'green-tunnel:*'

Docker

$ docker run -p 8000:8000 sadeghhayeri/green-tunnel

envs

  • PORT
  • VERBOSE
  • SILENT
  • DNS_TYPE
  • DNS_SERVER

usage:

$ docker run -e 'PORT=1000' -p 8000:1000 sadeghhayeri/green-tunnel

Tested on

  • MacOS Catalina with node 12
  • Ubuntu 18.04 with node 8
  • Windows 10 with node 8

FAQ

How does it work?

HTTP

There are gaps in providers in DPI. They happen from what the DPI rules write for ordinary user programs, omitting all possible cases that are permissible by standards. This is done for simplicity and speed. Some DPIs cannot recognize the HTTP request if it is divided into TCP segments. For example, a request of the form

GET / HTTP/1.0`
Host: www.youtube.com
...

we send it in 2 parts: first comes GET / HTTP/1.0 \n Host: www.you and second sends as tube.com \n ... . In this example, ISP cannot find blocked word youtube in packets and you can bypass it!

HTTPS

Server Name Indication (SNI) is an extension to TLS (Transport Layer Security) that indicates the actual destination hostname a client is attempting to access over HTTPS. For this Web Filter feature, SNI hostname information is used for blocking access to specific sites over HTTPS. For example, if the administrator chooses to block the hostname youtube using this feature, all Website access attempts over HTTPS that contain youtube like www.youtube.com in the SNI would be blocked. However, access to the same hostname over HTTP would not be blocked by this feature. GreenTunnel tries to split first CLIENT-HELLO packet into small chunks and ISPs can't parse packet and found SNI field so bypass traffic!

DNS

When you enter a URL in a Web browser, the first thing the Web browser does is to ask a DNS (Domain Name System) server, at a known numeric address, to look up the domain name referenced in the URL and supply the corresponding IP address. If the DNS server is configured to block access, it consults a blacklist of banned domain names. When a browser requests the IP address for one of these domain names, the DNS server gives a wrong answer or no answer at all. GreenTunnel use DNS over HTTPS and DNS over TLS to get real IP address and bypass DNS Spoofing.

Development notes

GreenTunnel is an open-source app and I really appreciate other developers adding new features and/or helping fix bugs. If you want to contribute to GreenTunnel, you can fork this repository, make the changes and create a pull request.

However, please make sure you follow a few rules listed below to ensure that your changes get merged into the main repo. The rules listed below are enforced to make sure the changes made are well-documented and can be easily kept track of.

  • ⇄ Pull requests and ★ Stars are always welcome.
  • For bugs and feature requests, please create an issue.
  • Make sure your pull request has an informative title. You should use prefixes like ADD: , FIX: , etc at the start of the title which describes the changes followed by a one-line description of the changes. Example: ADD: Added a new feature to GreenTunnel
  • Commits in your fork should be informative, as well. Make sure you don't combine too many changes into a single commit.

TODO List

  • enable/disable proxy on windows
  • HTTPHandler
  • add CLI arguments
  • catch all exceptions
  • add preferences menu
  • fix close button

Donation

Love GreenTunnel? Please consider donating to sustain our activities.

Bitcoin:3C5sj5BJ3n5gYJR27uxowdsgGCq2vjdhn5

License

Licensed under the MIT license. See LICENSE .


以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持 码农网

查看所有标签

猜你喜欢:

本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们

创新公司

创新公司

[美]艾德·卡特姆、埃米·华莱士 / 靳婷婷 / 中信出版社 / 2015-2 / 49.00元

●《玩具总动员》《海底总动员》《机器人瓦力》《飞屋环游记》等14部脍炙人口的动画长片, 近30次奥斯卡奖, 7部奥斯卡最佳动画长片,7次金球奖; ●几乎每一部电影一上映都位居票房榜首,所有电影都曾进入影史票房总榜前50,每一部电影都是商业与艺术的双赢。 ●即便新兴动画公司不断涌现,皮克斯始终保持动画界的王者之位,这一切背后的秘密就在于:不断推动创新的创意管理方式。 你可以从本书......一起来看看 《创新公司》 这本书的介绍吧!

HTML 压缩/解压工具
HTML 压缩/解压工具

在线压缩/解压 HTML 代码

JSON 在线解析
JSON 在线解析

在线 JSON 格式化工具

MD5 加密
MD5 加密

MD5 加密工具