support virtual TUN device Solve some problems

Pantyhose-X commented 5 months ago

Describe your feature / Опишите ваше предложение

create virtual TUN mode to DPI all traffic throughout the system, including terminals Wintun ligolo-ng wireguard TUN Universal TUN/TAP driver tun2socks tun2proxy https://www.kernel.org/doc/html/v6.1/networking/tuntap.html https://developer.android.com/develop/connectivity/vpn

GoodbyeDPI Problems

TUN will fix some protocols that don't go DPI, such as twitch's wss://irc-ws.chat.twitch.tv

I can't possibly make a --blacklist for every domain, it's a huge pain in the ass and you'd be wasting a lot of time ? example twitch.tv # I also need to add www.twitch.tv and gql.twitch.tv, At this point I can access twitch but I can't play the video! I also need to add static-cdn.jtvnw.net sb.scorecardresearch.com d2v02itv0y9u9t.cloudfront.net *.pdx01.abs.hls.ttvnw.net

cloudflare warp cfwarp_daemon_dns checks

query:("A", "video-edge-e1b330.pdx01.abs.hls.ttvnw.net.") answers:[("A", "science-edge-external-prod-73889260.us-west-2.elb.amazonaws.com.", "52.35.242.178","100.21.152.166","35.161.63.176","35.82.119.237","54.68.217.85","54.186.159.181","54.68.95.149","100.20.106.132")] authority:[] additional:[("CNAME", "video-edge-e1b330.pdx01.abs.hls.ttvnw.net.", "spade.sci.twitch.tv."), ("CNAME", "spade.sci.twitch.tv.", "science-edge-external-prod-73889260.us-west-2.elb.amazonaws.com.")]
query:("A", "edge.ads.twitch.tv.") answers:[("A", "edge.ads.twitch.tv.", "18.238.192.87","18.238.192.25","18.238.192.9","18.238.192.106")] authority:[] additional:[]
query:("A", "vod-secure.twitch.tv.") answers:[("A", "ds0h3roq6wcgc.cloudfront.net.", "18.155.202.125","18.155.202.85","18.155.202.93","18.155.202.95")] authority:[] additional:[("CNAME", "vod-secure.twitch.tv.", "ds0h3roq6wcgc.cloudfront.net.")]
query:("A", "supervisor.ext-twitch.tv.") answers:[("A", "dxtkri2c61io4.cloudfront.net.", "108.138.246.94","108.138.246.123","108.138.246.36","108.138.246.10")] authority:[] additional:[("CNAME", "supervisor.ext-twitch.tv.", "dxtkri2c61io4.cloudfront.net.")]

GoodbyeDPI should make sure it resolves the dns correctly first, then DPI no longer needs the `--blacklist`.

I did not write dlive.tv to --blacklist I don’t know why the DPI can not work

ValdikSS commented 4 months ago

I have an idea to rebuild the architecture, but it won't be TAP/TUN or other interface emulation. It has more limitations than benefits for this case: you'll need to manage routing tables in the app, DHCP, manage routing and NAT itself, etc.

Pantyhose-X commented 4 months ago

Overlay networking VPN

does not need to pay for VPN servers any more. overlay networking since each node is both a server and a client overlay networking to create a direct encrypted tunnel between two nodes even if they’re both behind firewalls. Each node doesn’t even need to know the other’s IP address before starting the connection.
idea

CDN, Website, ActivityPub, Fediverse, Router, Android, iOS, Linux, BSD, "Domain generation algorithm" "Fast flux" All use overlay networking Allow users in censored countries to use your network connection to access the network. Help people in censored countries bypass censorship by running the

Hyprspace n2n nebula qaul

P2P Hypercore Protocol and pinecone and libp2p and devp2p bittorrent WebRTC gemini Earthstar Pigeon geneva Protocol

IRainman commented 6 days ago

I have an idea to rebuild the architecture, but it won't be TAP/TUN or other interface emulation. It has more limitations than benefits for this case: you'll need to manage routing tables in the app, DHCP, manage routing and NAT itself, etc.

The TUN interface only will need to provide DPI fixes method and config for it. The all case of routing and other staff can be done with operating system itself.

ValdikSS / GoodbyeDPI