GoodbyeDPI — Deep Packet Inspection circumvention utility (for Windows)
Bugfix release:
--max-payload
in -5 and -6 modes
--max-payload
to zero
Known bugs:
--set-ttl
after --auto-ttl
does not work (does not disable auto-ttl) despite Fake requests, TTL: fixed
in the status line (since v0.2.0)--max-payload 1200
would skip HTTP request block circumvention if the payload is large (if there's a lot of cookies for example).Quick bugfix for the domain names which contain hyphen (-
), which were not processed correctly in v0.2.0.
Known bugs:
-5
and -6
modes activate --max-payload
, but it's not mentioned in the help message.New features:
--min-ttl
option which prevents Fake TTL Packet in --set-ttl
mode from being sent if TTL distance is lower than the defined value--allow-no-sni
option. Useful to process the packet with --blacklist
option, when SNI can't be detected for any reason (more info: https://github.com/ValdikSS/GoodbyeDPI/commit/cc1676ad92c85011f14c5fa2c9628ba34d3412ae)--max-payload
) to reduce large download/upload CPU consumption (more info: https://github.com/ValdikSS/GoodbyeDPI/commit/d7c681d1a249f2ebe2fe9dc2e08a2da5f1fd8fc7)This release also has small bug fixes.
-5
and -6
modes now use --max-payload=1200
by default.
Known bugs:
--blacklist
is used, domain names which contain hyphen (-
) are not considered as blocked even if they are in the blacklist.--blacklist
is used in combination with --allow-no-sni
, TLS circumvention techniques are applied to all domains with hyphen (even not in blacklist).-5
and -6
modes activate --max-payload
, but it's not mentioned in the help message.-5
mode, which is default now when you start the program without options. It should work on overwhelming majority of DPI systems out of the box.New censorship circumvention method:
--wrong-seq
)New features:
--blacklist
option now also applies to TLS (HTTPS websites)--auto-ttl
) ← very convenient-5
(now default) with native reversed fragmentation and fake packet auto-ttl, and -6
with wrong-seq instead of auto-ttl.Other changes:
--set-ttl
, --wrong-chksum
, --wrong-seq
) now applies each method to each packet separately, and doesn't combine all methods for a single packet.New feature: --native-frag
non-Window-Size TCP segmentation and it's companion --reverse-frag
, which sends segments in the reverse order to workaround TLS terminators issues with fragmented packets.
This is faster and more compatible than using Window Size shrinking.
Bugfix: Fix fake packet handling without other modifying parameters (#150)
New feature: Fake Packet Mode, activate with --set-ttl
and --wrong-chksum
options.
This feature is surprisingly effective against many DPI systems.
Known bugs: fake HTTP packets are not getting sent if only Fake Packet Mode is activated, without any other HTTP options (https://github.com/ValdikSS/GoodbyeDPI/issues/150)
This is third release candidate of v0.1.5
This is second release candidate of v0.1.5
This is first release candidate of v0.1.5
--dnsv6-addr
and --dnsv6-port
)--ip-id
)