Closed 00enterausername00 closed 1 week ago
Have you tried providing domains that should be proxified as multiple -pattern [domain|regex]
options directly to Spoof-DPI?
Consider posting logs.
Tried it with this command:
spoof-dpi -addr 0.0.0.0 -debug -pattern .googlevideo.com -pattern .youtube.com -pattern .ytimg.com -pattern .ggpht.com -pattern .nhacmp3youtube.com
Same result. Here are the logs:
CONNECT report.appmetrica.yandex.net:443 HTTP/1.1 Host: report.appmetrica.yandex.net Proxy-Connection: keep-alive Connection: keep-alive
DEBU[2024-08-19T23:01:36+03:00] [DNS] report.appmetrica.yandex.net resolving with system dns DEBU[2024-08-19T23:01:36+03:00] [PROXY] Start HTTPS
DEBU[2024-08-19T23:01:36+03:00] [HTTPS] New connection to the server report.appmetrica.yandex.net 10.0.1.5:50538 DEBU[2024-08-19T23:01:36+03:00] [HTTPS] Sent 200 Connection Estabalished to 10.0.1.113:63133 DEBU[2024-08-19T23:01:36+03:00] [HTTPS] Client sent hello 517bytes
DEBU[2024-08-19T23:01:36+03:00] [HTTPS] Writing plain client hello to report.appmetrica.yandex.net DEBU[2024-08-19T23:01:36+03:00] [PROXY] Request from 127.0.0.1:50539CONNECT p158-caldav.icloud.com:443 HTTP/1.1 Host: p158-caldav.icloud.com User-Agent: Mac+OS+X/10.15.7 (19H2026) CalendarAgent/930.5.1 Connection: keep-alive Proxy-Connection: keep-alive
DEBU[2024-08-19T23:01:36+03:00] [DNS] p158-caldav.icloud.com resolving with system dns DEBU[2024-08-19T23:01:36+03:00] [PROXY] Start HTTPS
DEBU[2024-08-19T23:01:36+03:00] [HTTPS] New connection to the server p158-caldav.icloud.com 10.0.1.5:50540 DEBU[2024-08-19T23:01:36+03:00] [HTTPS] Sent 200 Connection Estabalished to 127.0.0.1:50539 DEBU[2024-08-19T23:01:36+03:00] [HTTPS] Client sent hello 517bytes
DEBU[2024-08-19T23:01:36+03:00] [HTTPS] Writing plain client hello to p158-caldav.icloud.com DEBU[2024-08-19T23:01:39+03:00] [PROXY] Request from 10.0.1.113:63134CONNECT 6s3yaq-skadsdkless.appsflyersdk.com:443 HTTP/1.1 Host: 6s3yaq-skadsdkless.appsflyersdk.com Proxy-Connection: keep-alive Connection: keep-alive
DEBU[2024-08-19T23:01:39+03:00] [DNS] 6s3yaq-skadsdkless.appsflyersdk.com resolving with system dns DEBU[2024-08-19T23:01:39+03:00] [PROXY] Start HTTPS
DEBU[2024-08-19T23:01:39+03:00] [HTTPS] New connection to the server 6s3yaq-skadsdkless.appsflyersdk.com 10.0.1.5:50541 DEBU[2024-08-19T23:01:39+03:00] [HTTPS] Sent 200 Connection Estabalished to 10.0.1.113:63134 DEBU[2024-08-19T23:01:39+03:00] [HTTPS] Client sent hello 517bytes
DEBU[2024-08-19T23:01:39+03:00] [HTTPS] Writing plain client hello to 6s3yaq-skadsdkless.appsflyersdk.com DEBU[2024-08-19T23:01:41+03:00] [HTTPS] Error reading from 10.0.1.113:63133 timed out DEBU[2024-08-19T23:01:41+03:00] [HTTPS] Closing client Connection.. 10.0.1.113:63133 DEBU[2024-08-19T23:01:41+03:00] [HTTPS] Error reading from 10.0.1.113:63134 timed out DEBU[2024-08-19T23:01:41+03:00] [HTTPS] Closing client Connection.. 10.0.1.113:63134 DEBU[2024-08-19T23:01:41+03:00] [HTTPS] Closing server Connection.. report.appmetrica.yandex.net 10.0.1.5:50538 DEBU[2024-08-19T23:01:41+03:00] [HTTPS] Error reading from 213.180.193.226:443 timed out DEBU[2024-08-19T23:01:41+03:00] [HTTPS] Error reading from 18.165.142.169:443 timed out DEBU[2024-08-19T23:01:41+03:00] [HTTPS] Closing server Connection.. 6s3yaq-skadsdkless.appsflyersdk.com 10.0.1.5:50541
I don't own any iOS-based devices, so I tried to reproduce it on Android, without any luck, unfortunately. Looks like the YM app for Android sends requests to proxy.mob.maps.yandex.net
to fetch street view data. The app bypasses the proxy when it sends requests to this specific domain. Not sure, how it works on iOS.
В общем проблема была в самом наличии переадресации через http прокси. В иос нет возможности указать отдельно http и https и нет возможности использовать только один из них. Пришлось поднять openvpn, указав в его конфиге переадресацию только на https прокси - в таком виде все работает.
This may be related to an issue with HTTP packet processing that was fixed by #229 and #230. The fix was merged to main, but has not been released yet.
Thanks to the author for a great app! I noticed a strange peculiarity. When redirecting traffic from iPhone via SpoofDPI, blocked sites work fine, but panoramas in the Yandex.maps app stop working. I tried limiting the list of proxied domains via privoxy, but it didn't help. Here is the list of domains that are redirected to SpoofDPI: .googlevideo.com .youtube.com .ytimg.com .ggpht.com .nhacmp3youtube.com
Client information
OS: server: macos, linux client: ios
Version: 0.10.8
Command to run spoof-dpi: spoof-dpi -addr 0.0.0.0