Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Is it possible to run it on linux-based router e.g. OpenWrt? #29

Open
LGA1150 opened this issue Feb 10, 2018 · 6 comments
Open

Is it possible to run it on linux-based router e.g. OpenWrt? #29

LGA1150 opened this issue Feb 10, 2018 · 6 comments

Comments

@LGA1150
Copy link

LGA1150 commented Feb 10, 2018

No description provided.

@gkso
Copy link
Collaborator

gkso commented Feb 11, 2018

Ideally, if all the dependencies can be found in the OpenWrt environment, then it should work. Otherwise you may need to modify the code more or less. The two mandatory components are libnetfilter_queue and redis.

@LGA1150
Copy link
Author

LGA1150 commented Jun 11, 2018

Router does not generate packets but forwards them.
It will be better if INTANG is implemented with netfilter module and iptables extension.
If so, we can use commands like iptables -A FORWARD -p tcp -m conntrack --ctstate NEW -j INTANG --fake-syn to apply one of its strategies.

@gkso
Copy link
Collaborator

gkso commented Jun 11, 2018

Sorry, I don't see the reason why routers cannot generate packets. Actually, libnetfilter_queua and netfilter kernel module should have the same effect, and libnetfilter_queue is easier to implement those strategies and much more flexible since it's running in user mode in spite of more performance overhead (also, kernel modules are much more risky).

@LGA1150
Copy link
Author

LGA1150 commented Sep 25, 2018

I've just written a iptables target module to send TCP insertion packets

@st1905
Copy link

st1905 commented Oct 21, 2018

#40

root@LEDE:~/INTANG# cat /var/log/intangd.log
1540132618.508477 [INFO] Current version: 7
1540132618.513820 [INFO] Starting redis server.
1540132618.634555 [DEBUG] Adding iptables rules.
1540132619.708050 [DEBUG] unbinding existing nf_queue handler for AF_INET (if any)
1540132619.708953 [DEBUG] binding nfnetlink_queue as nf_queue handler for AF_INET
1540132619.709727 [DEBUG] binding this socket to queue 1
1540132619.710490 [DEBUG] setting copy_packet mode
1540132619.711616 [DEBUG] Init DNS client.
1540132619.712450 [DEBUG] Init ev watchers.
1540132619.713310 [DEBUG] Loading TTL from file.
1540132619.716525 [INFO] Building sync connection with redis server.
1540132619.723990 [INFO] Sync connection built successfully.
1540132619.727939 [DEBUG] Using public DNS resolver #3: 216.146.36.36
1540132619.728574 [INFO] Connecting to TCP DNS server.

Just stops there. Daemon stops runing but no info regarding the exit also it doest print out info like "Loading TTL from redis." "Async connection built successfully." "Connected to TCP DNS server."

It just doesn`t connect to tcp dns server and daemon exits afterwards.

@st1905
Copy link

st1905 commented Sep 23, 2019

I've just written a iptables target module to send TCP insertion packets

I have used your kernel module && extension and it is working perfectly against Turkish internet providers. Tested against multiple blocked sites, imgur, pastebin,wikipedia etc...

Its so easy to use and i believe it will work seamlessly with OpenWrt.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants