突破 GFW 的 SNI 封锁，Socks5代理版本

June 26, 2019, 9:27 am

≫ Next: Haven

≪ Previous: G20习特会将有什么“成果”？作者: 何清涟

bypass-GFW-SNI-proxy

DNS 方式请参考 bypass-GFW-SNI/main。

此“半” POC 程序可以在不自行架设境外服务器的情况下，直接访问符合特定条件的被中国防火长城（“GFW”）屏蔽的站点。TL;DR，是通过类似域前置的方式突破了 GFW 的 SNI 封锁。

特定条件

存在可以访问的上游无污染 DNS ，使其解析被封锁域名，且返回的 IP 可以正常进行 TLS 握手。

其中：

访问境外 DNS 皆存在 DNS 污染。但目前 GFW 仅污染 53 端口，并没有屏蔽使用 DNS over TLS 或者 DNS over HTTPS技术的 DNS 服务商及相应端口，例如 1.1.1.1 或 8.8.8.8。
大型境外被封禁网站多为直接封禁 IP。但目前 GFW 仅有 IPv4 黑名单，还未封禁 IPv6 地址，而国内大型运营商，例如中国联通，已开始分配 IPv6 地址，并可以通过其连接互联网。
某些被封禁域名使用了非独立 IP 的 CDN，例如 Cloudflare 免费版，因此强制需要 SNI，否则无法成功握手。或者因为配置了多证书，导致返回的默认证书并非欲访问域名。

样例

有 IPv4 接口: Amazon、Reddit、Steam、Wikipedia、Yahoo、Twitch 等。
有 IPv6 接口: Google、Youtube、Facebook 等。
依然无法访问: Twitter（因 IPv4 地址黑名单，且没有配置 IPv6）等，未使用 HTTPS 技术的网站，以及符合其中.3 条件的域名。

实现

定义

代理地址: 用户自行配置的监听 Socks5 代理地址
上游无污染 DNS: 解析存在于自定域名列表里的域名时会请求的上游 DNS。
自签发 CA 证书: 为本地中间人攻击而自签的 CA 证书。
原网站证书: 原网站的正常证书。
本地 XX: 程序内所运行的相应 XX 服务。

准备

系统信任自签发 CA 证书。
启动程序，程序会监听代理地址。
浏览器或系统代理设置为代理地址。

流程

假设浏览器通过代请求 example.com。本地服务器将会通过上游无污染 DNS 解析 example.com，并尝试和解析出的 IP 逐一进行 TLS 握手，且握手信息中的 Server Name 将被替换为 IP 地址本身，这可以使远程网络服务器返回默认的 TLS 证书。若握手失败，则表明连接超时，或者 IP 地址已被 GFW 列为黑名单，或者出现其中.3 的情况；若握手成功，则程序将会使用原本的域名，即 example.com，校验原网站证书的有效性。若校验失败，则表明要么原网站被中间人攻击，要么出现其中.3 的情况。

若一切成功，则表明已成功访问被封锁网站。此时浏览器将会和本地服务器进行 TLS 握手，而本地服务器将会根据握手中的 SNI 使用自签发 CA 证书签发 SSL 证书。此时本地 TLS 握手成功，并且程序将开始转发数据。

运行

基于 Go Debug 信息以及目前程序完整度，将暂时不考虑分发已编译二进制。

运行此程序，你需要在电脑上安装 Go 运行环境，同时 go get 下列包：

github.com/Sirupsen/logrus: 程序所使用的日志包。
github.com/armon/go-socks5: Socks5 代理服务器包。
github.com/miekg/dns: DNS 请求包。
golang.org/x/net/publicsuffix: 域名匹配以及证书签发所需的 Public Suffix 列表。

最后，go run main.go 便可启动程序。详细流程参考实现—准备。

配置

常量

const 中有 8 个可配置参数，分别为：

caCert: 自签发 CA 证书路径。
caKey: 自签发 CA 证书所对应的私钥路径。
gfwDNS: 上游无污染 DNS 地址（需要为 IP:端口格式）。
certExpire: 证书签发过期时间。
dialTimeout: TCP 握手超时时间。
cacheAddrTtl: 可用解析 IP 缓存时长（TTL）。
proxyAddr: 代理地址。
logLevel: 日志详细度，参见日志包文档。

其中：

caCert 和 caKey 需要你的证书及私钥格式为 PEM。同时，caKey 默认你的私钥算法为 RSA。如果你的私钥算法不是 RSA，请自行修改 var 中 caPriKey 的变量类型，和 init() 函数中的相关调用。

与 DNS 有关的参数 gfwDNS 在更改时可能需要与 var 中的 gfwDnsCli 中的 New 函数所对应地同时进行更改。更详细地说，需要更改其中新建 dns.Client 的 Net 参数，其与 DNS 所须的请求方式有关。参见 DNS 包文档。

FROM https://github.com/bypass-GFW-SNI/proxy

-------

突破 GFW 的 SNI 封锁.

bypass-GFW-SNI

代理方式请参考 bypass-GFW-SNI/proxy。

特定条件

存在可以访问的上游无污染 DNS ，使其解析被封锁域名，且返回的 IP 可以正常进行 TLS 握手。

其中：

访问境外 DNS 皆存在 DNS 污染。但目前 GFW 仅污染 53 端口，并没有屏蔽使用 DNS over TLS 或者 DNS over HTTPS技术的 DNS 服务商及相应端口，例如 1.1.1.1 或 8.8.8.8。
大型境外被封禁网站多为直接封禁 IP。但目前 GFW 仅有 IPv4 黑名单，还未封禁 IPv6 地址，而国内大型运营商，例如中国联通，已开始分配 IPv6 地址，并可以通过其连接互联网。
某些被封禁域名使用了非独立 IP 的 CDN，例如 Cloudflare 免费版，因此强制需要 SNI，否则无法成功握手。或者因为配置了多证书，导致返回的默认证书并非欲访问域名。

样例

有 IPv4 接口: Amazon、Reddit、Steam、Wikipedia、Yahoo、Twitch 等。
有 IPv6 接口: Google、Youtube、Facebook 等。
依然无法访问: Twitter（因 IPv4 地址黑名单，且没有配置 IPv6）等，未使用 HTTPS 技术的网站，以及符合其中.3 条件的域名。

实现

定义

自定域名列表: 可自行设置的被封禁域名列表。
上游默认 DNS: 解析不存在于自定域名列表里的域名时会转发请求的上游 DNS。
上游无污染 DNS: 解析存在于自定域名列表里的域名时会请求的上游 DNS。
自签发 CA 证书: 为本地中间人攻击而自签的 CA 证书。
原网站证书: 原网站的正常证书。
本地 XX: 程序内所运行的相应 XX 服务。

准备

系统信任自签发 CA 证书。
配置好自定域名列表。
启动程序，程序会监听 localhost 上的 443（TCP）、53（UDP）和 80（TCP）端口，从而实现本地 DNS 和本地网络服务器。
配置系统 DNS 为 localhost。

流程

假设要请求的是 example.com，且其存在于自定域名列表内。

浏览器请求 https://example.com，系统使用本地 DNS 解析 example.com。此时若域名不在自定域名列表内，本地 DNS 将会把 DNS 请求转发给上游默认 DNS，接着就如普通网络请求那样。如不在，也就是域名为 example.com，本地 DNS 则会返回一个 loopback 地址。

此时浏览器将会和本地服务器进行 TLS 握手，而本地服务器将会根据握手中的 SNI 使用自签发 CA 证书签发 SSL 证书。此时 TLS 握手成功，并且浏览器将传送数据。

本地服务器将会通过上游无污染 DNS 解析 example.com，并尝试和解析出的 IP 逐一进行 TLS 握手，且握手信息中的 Server Name 将被替换为 IP 地址本身，这可以使远程网络服务器返回默认的 TLS 证书。若握手失败，则表明连接超时，或者 IP 地址已被 GFW 列为黑名单，或者出现其中.3 的情况；若握手成功，则程序将会使用原本的域名，即 example.com，校验原网站证书的有效性。若校验失败，则表明要么原网站被中间人攻击，要么出现其中.3 的情况。

若一切成功，则表明已成功访问被封锁网站，并且本地服务器将开始转发远端数据。

运行

基于 Go Debug 信息以及目前程序完整度，将暂时不考虑分发已编译二进制。

运行此程序，你需要在电脑上安装 Go 运行环境，同时 go get 下列包：

github.com/Sirupsen/logrus: 程序所使用的日志包。
github.com/miekg/dns: 本地 DNS 以及 DNS 请求核心包。
golang.org/x/net/publicsuffix: 域名匹配以及证书签发所需的 Public Suffix 列表。

最后，go run main.go 便可启动程序。详细流程参考实现—准备。

配置

常量

const 中有 10 个可配置参数，分别为：

caCert: 自签发 CA 证书路径。
caKey: 自签发 CA 证书所对应的私钥路径。
defDNS: 上游默认 DNS 地址（需要为 IP:端口格式）。
gfwDNS: 上游无污染 DNS 地址（需要为 IP:端口格式）。
certExpire: 证书签发过期时间。
dialTimeout: TCP 握手超时时间。
pollInterval: 配置文件更改检测间隔。
cacheAddrTtl: 可用解析 IP 缓存时长（TTL）。
logLevel: 日志详细度，参见日志包文档。
configFile: 自定域名列表文件路径。

其中：

与 DNS 有关的两个参数 defDNS 和 gfwDNS 在更改时可能需要与 var 中的 defDnsCli和 gfwDnsCli 中的 New 函数所对应地同时进行更改。更详细地说，需要更改其中新建 dns.Client 的 Net 参数，其与 DNS 所须的请求方式有关。参见 DNS 包文档。

configFile 的格式为纯文本格式，一行一个合法的域名，如此样例文件。在匹配时将会匹配所有这些域名的子域名。gfwlist-to-domain 可以将 GFW List 转换成符合此程序要求的文件。同时，程序将会轮询并检测配置文件是否有变化并实时更新，所以增减域名列表不需要重启程序。

同时，程序监听的 53 和 80 端口是可选的，在 main() 函数的两个 Goroutine（go func() {...}()）的函数注释或开头加入 return 便可。详细对应位置可通过阅读注释找到。

若不监听 53 端口，则程序将无法自动将域名解析至回环地址，用户也无法将 DNS 设置为 localhost。若此时依然想使用此程序，需手动配置 Hosts 文件，并将需要的域名，包括子域名，映射为本地回环地址。

若不监听 80 端口，则在不小心访问被封锁域名的 80 端口时将会出现无法访问的情况；或者若未配置 DNS 也未配置 Hosts 的话，将会被 GFW 所阻拦。

FROM https://github.com/bypass-GFW-SNI/main

↧

Haven

June 26, 2019, 10:06 am

≫ Next: Breaking WPA2 by forcing nonce reuse

≪ Previous: 突破 GFW 的 SNI 封锁，Socks5代理版本

Haven is for people who need a way to protect their personal spaces and possessions without compromising their own privacy, through an Android app and on-device sensors https://guardianproject.github.io/haven/

Haven is for people who need a way to protect their personal areas and possessions without compromising their privacy. It is an Android application that leverages on-device sensors to provide monitoring and protection of physical areas. Haven turns any Android phone into a motion, sound, vibration and light detector, watching for unexpected guests and unwanted intruders. We designed Haven for investigative journalists, human rights defenders and people at risk of forced disappearance to create a new kind of herd immunity. By combining the array of sensors found in any smartphone, with the world's most secure communications technologies, like Signal and Tor, Haven prevents the worst kind of people from silencing citizens without getting caught in the act.

View our full Haven App Overview presentation for more about the origins and goals of the project.

Announcement and Public Beta

We are announcing Haven today, as an open-source project, along with a public beta release of the app. We are looking for contributors who understand that physical security is as important as digital, and who have an understanding and compassion for the kind of threats faced by the users and communities we want to support. We also think it is cool, cutting-edge and making use of encrypted messaging and onion routing in whole new ways. We believe Haven points the way to a more sophisticated approach to securing communication within networks of things and home automation system.

Learn more about the story of this project at the links below:

Project Team

Haven was developed through a collaboration between Freedom of the Press Foundation and Guardian Project. Prototype funding was generously provided by FPF, and donations to support continuing work can be contributed through their site: https://freedom.press/donate-support-haven-open-source-project/

Safety through Sensors

Haven only records when triggered by sound and motion and stores everything locally on the device. You can position the device's camera to capture visible motion or place your phone somewhere discreet to listen for noises. Receive secure notifications of intrusion events instantly or access logs remotely later.

The following sensors are monitored for a measurable change, and then recorded to an event log on the device:

Accelerometer: phone's motion and vibration
Camera: motion in the phone's visible surroundings from front or back camera
Microphone: noises in the environment
Light: change in light from ambient light sensor
Power: detect device being unplugged or power loss

Building

The application can be built using Android Studio and Gradle. It relies on a number of third-party dependencies, all of which are free, open-source, and listed at the end of this document.

Install

You can currently get the Haven BETA release in one of three ways:

Download Haven from Google Play
First, install F-Droid the open-source app store, and second, add our Haven Nightly "Bleeding Edge" repository by scanning the QR Code below:

or add this repository manually in F-Droid's Settings->Repositories: https://guardianproject.github.io/haven-nightly/fdroid/repo/

Grab the APK files from the GitHub releases page

You can, of course, build the app yourself, from source.

If you are an Android developer, you can learn more about how you can make use of F-Droid in your development workflow, for nightly builds, testing, reproducibility and more here: F-Droid Documentation

Why no iPhone Support?

While we hope to support a version of Haven that runs directly on iOS devices in the future, iPhone users can still benefit from Haven today. You can purchase an inexpensive Android phone for less than $100 and use it as your "Haven Device"; leaving it behind whilst you keep your iPhone on you. If you run Signal on your iPhone you can configure Haven on Android to send encrypted notifications, with photos and audio, directly to you. If you enable the "Tor Onion Service" feature in Haven (requires installation of "Orbot" app as well) you can remotely access all Haven log data from your iPhone using the Onion Browser app.

So, no, iPhone users we didn't forget about you and we hope you will pick up an inexpensive Android burner today!

Usage

Haven is meant to provide a smooth onboarding experience that walks users through configuring the sensors on their device to best detect intrusions into their environment. The current implementation has some of this implemented, but we are looking to improve this user experience dramatically.

Main view

The application's main view allows the user to select which sensors to use along with their corresponding levels of sensitivity. A security code is required to disable monitoring, which must be provided by the user. A phone number can be set, to which a message will be sent if any of the sensors are triggered.

Notifications

When one of the sensors is triggered (reaches the configured sensitivity threshold), notifications are sent through the following channels (if enabled):

SMS: a message is sent to the number specified when monitoring started
Signal: if configured, can send end-to-end encryption notifications via Signal

Note that it is not necessary to install the Signal app on the device that runs Haven. Doing so may invalidate the app's previous Signal registration and safety numbers. Haven uses normal APIs to communicate via Signal.

Notifications are sent through a service running in the background that is defined in class MonitorService.

Remote Access

All event logs and captured media can be remotely accessed through a Tor Onion Service. Haven must be configured as an Onion Service and requires the device to also have Orbot: Tor for Android installed and running.

ATTRIBUTIONS

This project contains source code or library dependencies from the following projects:

SecureIt project available at: https://github.com/mziccard/secureit Copyright (c) 2014 Marco Ziccardi (Modified BSD)
libsignal-service-java from Open Whisper Systems: https://github.com/WhisperSystems/libsignal-service-java(GPLv3)
Guardian Project fork of signal-cli from AsamK: https://github.com/AsamK/signal-cli , https://github.com/guardianproject/signal-cli-android (GPLv3)
JayDeep's AudioWife: https://github.com/jaydeepw/audio-wife (MIT)
AppIntro: https://github.com/apl-devs/AppIntro (Apache 2)
Guardian Project's NetCipher: https://guardianproject.info/code/netcipher/ (Apache 2)
NanoHttpd: https://github.com/NanoHttpd/nanohttpd (BSD)
MaterialDateTimePicker from wdullaer: https://github.com/wdullaer/MaterialDateTimePicker (Apache 2)
Fresco Image Viewer: https://github.com/stfalcon-studio/FrescoImageViewer (Apache 2)
Facebook Fresco Image Library: https://github.com/facebook/fresco (BSD)
Audio Waveform Viewer: https://github.com/derlio/audio-waveform (Apache 2)
FireZenk's AudioWaves: https://github.com/FireZenk/AudioWaves (MIT)
MaxYou's SimpleWaveform: https://github.com/maxyou/SimpleWaveform (MIT)
Siralam's fork of CameraViewPlus: https://github.com/siralam/CameraViewPlus (Apache License 2.0)
Halil Ozercan's BetterVideoPlayer: https://github.com/halilozercan/BetterVideoPlayer
Reneto Silva's easyrs: https://github.com/silvaren/easyrs (MIT)
Google's libphonenumber: https://github.com/googlei18n/libphonenumber (Apache License 2.0)
Mike Penz's AboutLibraries: https://github.com/mikepenz/AboutLibraries (Apache License 2.0)

from https://github.com/guardianproject/haven

↧

Breaking WPA2 by forcing nonce reuse

June 26, 2019, 10:15 am

≫ Next: linux桌面系统上的翻墙工具-intang

≪ Previous: Haven

INTRODUCTION

We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on.The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.

The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks. For more information about specific products, consult the database of CERT/CC, or contact your vendor.

The research behind the attack will be presented at the Computer and Communications Security (CCS) conference, and at the Black Hat Europe conference. Our detailed research paper can already be downloaded.

Update October 2018: we have a follow-up paper where we generalize attacks, analyze more handshakes, bypass Wi-Fi's official defense, audit patches, and enhance attacks using implementation-specific bugs.

DEMONSTRATION

As a proof-of-concept we executed a key reinstallation attack against an Android smartphone. In this demonstration, the attacker is able to decrypt all data that the victim transmits. For an attacker this is easy to accomplish, because our key reinstallation attack is exceptionally devastating against Linux and Android 6.0 or higher. This is because Android and Linux can be tricked into (re)installing an all-zero encryption key (see below for more info). When attacking other devices, it is harder to decrypt all packets, although a large number of packets can nevertheless be decrypted. In any case, the following demonstration highlights the type of information that an attacker can obtain when performing key reinstallation attacks against protected Wi-Fi networks:

Our attack is not limited to recovering login credentials (i.e. e-mail addresses and passwords). In general, any data or information that the victim transmits can be decrypted. Additionally, depending on the device being used and the network setup, it is also possible to decrypt data sent towards the victim (e.g. the content of a website). Although websites or apps may use HTTPS as an additional layer of protection, we warn that this extra protection can (still) be bypassed in a worrying number of situations. For example, HTTPS was previously bypassed in non-browser software, in Apple's iOS and OS X, in Android apps, in Android apps again, in banking apps, and even in VPN apps.

DETAILS

Our main attack is against the 4-way handshake of the WPA2 protocol. This handshake is executed when a client wants to join a protected Wi-Fi network, and is used to confirm that both the client and access point possess the correct credentials (e.g. the pre-shared password of the network). At the same time, the 4-way handshake also negotiates a fresh encryption key that will be used to encrypt all subsequent traffic. Currently, all modern protected Wi-Fi networks use the 4-way handshake. This implies all these networks are affected by (some variant of) our attack. For instance, the attack works against personal and enterprise Wi-Fi networks, against the older WPA and the latest WPA2 standard, and even against networks that only use AES. All our attacks against WPA2 use a novel technique called a key reinstallation attack (KRACK):

Key reinstallation attacks: high level description

In a key reinstallation attack, the adversary tricks a victim into reinstalling an already-in-use key. This is achieved by manipulating and replaying cryptographic handshake messages. When the victim reinstalls the key, associated parameters such as the incremental transmit packet number (i.e. nonce) and receive packet number (i.e. replay counter) are reset to their initial value. Essentially, to guarantee security, a key should only be installed and used once. Unfortunately, we found this is not guaranteed by the WPA2 protocol. By manipulating cryptographic handshakes, we can abuse this weakness in practice.

Key reinstallation attacks: concrete example against the 4-way handshake

As described in the introduction of the research paper, the idea behind a key reinstallation attack can be summarized as follows. When a client joins a network, it executes the 4-way handshake to negotiate a fresh encryption key. It will install this key after receiving message 3 of the 4-way handshake. Once the key is installed, it will be used to encrypt normal data frames using an encryption protocol. However, because messages may be lost or dropped, the Access Point (AP) will retransmit message 3 if it did not receive an appropriate response as acknowledgment. As a result, the client may receive message 3 multiple times. Each time it receives this message, it will reinstall the same encryption key, and thereby reset the incremental transmit packet number (nonce) and receive replay counter used by the encryption protocol. We show that an attacker can force these nonce resets by collecting and replaying retransmissions of message 3 of the 4-way handshake. By forcing nonce reuse in this manner, the encryption protocol can be attacked, e.g., packets can be replayed, decrypted, and/or forged. The same technique can also be used to attack the group key, PeerKey, TDLS, and fast BSS transition handshake.

Practical impact

In our opinion, the most widespread and practically impactful attack is the key reinstallation attack against the 4-way handshake. We base this judgement on two observations. First, during our own research we found that most clients were affected by it. Second, adversaries can use this attack to decrypt packets sent by clients, allowing them to intercept sensitive information such as passwords or cookies. Decryption of packets is possible because a key reinstallation attack causes the transmit nonces (sometimes also called packet numbers or initialization vectors) to be reset to their initial value. As a result, the same encryption key is used with nonce values that have already been used in the past. In turn, this causes all encryption protocols of WPA2 to reuse keystream when encrypting packets. In case a message that reuses keystream has known content, it becomes trivial to derive the used keystream. This keystream can then be used to decrypt messages with the same nonce. When there is no known content, it is harder to decrypt packets, although still possible in several cases (e.g. English text can still be decrypted). In practice, finding packets with known content is not a problem, so it should be assumed that any packet can be decrypted.

The ability to decrypt packets can be used to decrypt TCP SYN packets. This allows an adversary to obtain the TCP sequence numbers of a connection, and hijack TCP connections. As a result, even though WPA2 is used, the adversary can now perform one of the most common attacks against open Wi-Fi networks: injecting malicious data into unencrypted HTTP connections. For example, an attacker can abuse this to inject ransomware or malware into websites that the victim is visiting.

If the victim uses either the WPA-TKIP or GCMP encryption protocol, instead of AES-CCMP, the impact is especially catastrophic. Against these encryption protocols, nonce reuse enables an adversary to not only decrypt, but also to forge and inject packets. Moreover, because GCMP uses the same authentication key in both communication directions, and this key can be recovered if nonces are reused, it is especially affected. Note that support for GCMP is currently being rolled out under the name Wireless Gigabit (WiGig), and is expected to be adopted at a high rate over the next few years.

The direction in which packets can be decrypted (and possibly forged) depends on the handshake being attacked. Simplified, when attacking the 4-way handshake, we can decrypt (and forge) packets sent by the client. When attacking the Fast BSS Transition (FT) handshake, we can decrypt (and forge) packets sent towards the client. Finally, most of our attacks also allow the replay of unicast, broadcast, and multicast frames. For further details, see Section 6 of our research paper.

Note that our attacks do not recover the password of the Wi-Fi network. They also do not recover (any parts of) the fresh encryption key that is negotiated during the 4-way handshake.

Android and Linux

Our attack is especially catastrophic against version 2.4 and above of wpa_supplicant, a Wi-Fi client commonly used on Linux. Here, the client will install an all-zero encryption key instead of reinstalling the real key. This vulnerability appears to be caused by a remark in the Wi-Fi standard that suggests to clear the encryption key from memory once it has been installed for the first time. When the client now receives a retransmitted message 3 of the 4-way handshake, it will reinstall the now-cleared encryption key, effectively installing an all-zero key. Because Android uses wpa_supplicant, Android 6.0 and above also contains this vulnerability. This makes it trivial to intercept and manipulate traffic sent by these Linux and Android devices. Note that currently 50% of Android devices are vulnerable to this exceptionally devastating variant of our attack.

Assigned CVE identifiers

The following Common Vulnerabilities and Exposures (CVE) identifiers were assigned to track which products are affected by specific instantiations of our key reinstallation attack:

CVE-2017-13077: Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way handshake.
CVE-2017-13080: Reinstallation of the group key (GTK) in the group key handshake.
CVE-2017-13081: Reinstallation of the integrity group key (IGTK) in the group key handshake.
CVE-2017-13082: Accepting a retransmitted Fast BSS Transition (FT) Reassociation Request and reinstalling the pairwise encryption key (PTK-TK) while processing it.
CVE-2017-13084: Reinstallation of the STK key in the PeerKey handshake.
CVE-2017-13086: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake.
CVE-2017-13087: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.
CVE-2017-13088: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame.

Note that each CVE identifier represents a specific instantiation of a key reinstallation attack. This means each CVE ID describes a specific protocol vulnerability, and therefore many vendors are affected by each individual CVE ID. You can also read vulnerability note VU#228519 of CERT/CC for additional details on which products are known to be affected.

PAPER

Our research paper behind the attack is titled Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2 and will be presented at the Computer and Communications Security (CCS) conference on Wednesday 1 November 2017.

Although this paper is made public now, it was already submitted for review on 19 May 2017. After this, only minor changes were made. As a result, the findings in the paper are already several months old. In the meantime, we have found easier techniques to carry out our key reinstallation attack against the 4-way handshake. With our novel attack technique, it is now trivial to exploit implementations that only accept encrypted retransmissions of message 3 of the 4-way handshake. In particular this means that attacking macOS and OpenBSD is significantly easier than discussed in the paper.

We would like to highlight the following addendums and errata:

Addendum: wpa_supplicant v2.6 and Android 6.0+

Linux's wpa_supplicant v2.6 is also vulnerable to the installation of an all-zero encryption key in the 4-way handshake. This was discovered by John A. Van Boxtel. As a result, all Android versions higher than 6.0 are also affected by the attack, and hence can be tricked into installing an all-zero encryption key. The new attack works by injecting a forged message 1, with the same ANonce as used in the original message 1, before forwarding the retransmitted message 3 to the victim.

Addendum: other vulnerable handshakes

After our initial research as reported in the paper, we discovered that the TDLS handshake and WNM Sleep Mode Response frame are also vulnerable to key reinstallation attacks.

Selected errata

In Figure 9 at stage 3 of the attack, the frame transmitted from the adversary to the authenticator should say "ReassoReq(ANonce, SNonce, MIC)" instead of "ReassoResp(..)".
Section 3.1: figure 3 contains a simplified description of the state machine (not figure 2).
Section 4.2: "It is essential that the broadcast frame we replay is sent after (not before) the retransmission of group message 1". A similar change should be made in Section 4.3: "Again it is essential that the broadcast frame we want to replay is sent after (not before) the retransmission of group message 1".

Citation example and bibtex entry

Please cite our research paper and not this website (or cite both). You can use the following example citation or bibtex entry:

Mathy Vanhoef and Frank Piessens. 2017. Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2. In Proceedings of the 24th ACM Conference on Computer and Communications Security (CCS). ACM.

@inproceedings{vanhoef-ccs2017,
  author        = {Mathy Vanhoef and Frank Piessens},
  title         = {Key Reinstallation Attacks: Forcing Nonce Reuse in {WPA2}},
  booktitle     = {Proceedings of the 24th ACM Conference on Computer and Communications Security (CCS)},
  year          = {2017},
  publisher     = {ACM}
}

TOOLS

We have made scripts to detect whether an implementation of the 4-way handshake, group key handshake, or Fast BSS Transition (FT) handshake is vulnerable to key reinstallation attacks. These scripts are available on github, and contain detailed instructions on how to use them.

We also made a proof-of-concept script that exploits the all-zero key (re)installation present in certain Android and Linux devices. This script is the one that we used in the demonstration video. It will be released once everyone has had a reasonable chance to update their devices (and we have had a chance to prepare the code repository for release). We remark that the reliability of our proof-of-concept script may depend on how close the victim is to the real network. If the victim is very close to the real network, the script may fail because the victim will always directly communicate with the real network, even if the victim is (forced) onto a different Wi-Fi channel than this network.

Q&A

Is there a higher resolution version of the logo?

Yes there is. And a big thank you goes to Darlee Urbiztondo for conceptualizing and designing the logo!

Do we now need WPA3?

No, luckily implementations can be patched in a backwards-compatible manner. This means a patched client can still communicate with an unpatched access point (AP), and vice versa. In other words, a patched client or access point sends exactly the same handshake messages as before, and at exactly the same moment in time. However, the security updates will assure a key is only installed once, preventing our attack. So again, update all your devices once security updates are available. Finally, although an unpatched client can still connect to a patched AP, and vice versa, both the client and AP must be patched to defend against all attacks!

Should I change my Wi-Fi password?

Changing the password of your Wi-Fi network does not prevent (or mitigate) the attack. So you do not have to update the password of your Wi-Fi network. Instead, you should make sure all your devices are updated, and you should also update the firmware of your router. Nevertheless, after updating both your client devices and your router, it's never a bad idea to change the Wi-Fi password.

I'm using WPA2 with only AES. That's also vulnerable?

Yes, that network configuration is also vulnerable. The attack works against both WPA1 and WPA2, against personal and enterprise networks, and against any cipher suite being used (WPA-TKIP, AES-CCMP, and GCMP). So everyone should update their devices to prevent the attack!

You use the word "we" in this website. Who is we?

I use the word "we" because that's what I'm used to writing in papers. In practice, all the work is done by me, with me being Mathy Vanhoef. My awesome supervisor is added under an honorary authorship to the research paper for his excellent general guidance. But all the real work was done on my own. So the author list of academic papers does not represent division of work :)

Is my device vulnerable?

Probably. Any device that uses Wi-Fi is likely vulnerable. Contact your vendor for more information, or consult this community maintained list on GitHub.

What if there are no security updates for my router or access point? Or if it does not support 802.11r?

Routers or access points (APs) are only vulnerable to our attack if they support the Fast BSS Transition (FT) handshake, or if they support client (repeater) functionality. First, the FT handshake is part of 802.11r, and is mainly supported by enterprise networks, and not by home routers or APs. Additionally, most home routers or APs do not support (or will not use) client functionality. In other words, your home router or AP likely does not require security updates. Instead, it are mainly enterprise networks that will have to update their network infrastructure (i.e. their routers and access points).

That said, some vendors discovered implementation-specific security issues while investigating our attack. For example, it was discovered that hostapd reuses the ANonce value in the 4-way handshake during rekeys. Concretely this means that, even if your router or AP does not support 802.11r, and even if it does not support client functionality, it might still have to be updated. Contact your vendor for more details.

Finally, we remark that you can try to mitigate attacks against routers and APs by disabling client functionality (which is for example used in repeater modes) and disabling 802.11r (fast roaming). Additionally, update all your other client devices such as laptops and smartphones. If one or more of your client devices is not receiving updates, you can also try to contact your router's vendor and ask if they have an update that prevents attacks against connected devices.

Is it sufficient to patch only the access point? Or to patch only clients?

Currently, all vulnerable devices should be patched. In other words, patching the AP will not prevent attacks against vulnerable clients. Similarly, patching all clients will not prevent attacks against vulnerable access points. Note that only access points that support the Fast BSS Transition handshake (802.11r) can be vulnerable.

That said, it is possible to modify the access point such that vulnerable clients (when connected to this AP) cannot be attacked. However, these modifications are different from the normal security patches that are being released for vulnerable access points! So unless your access point vendor explicitly mentions that their patches prevent attacks against clients, you must also patch clients.

Can we modify an access point to prevent attacks against the client?

It's possible to modify the access point (router) such that connected clients are not vulnerable to attacks against the 4-way handshake and group key handshake. Note that we consider these two attacks the most serious and widespread security issues we discovered. However, these modifications only prevent attacks when a vulnerable client is connected to such a modified access point. When a vulnerable client connects to a different access point, it can still be attacked.

Technically, this is accomplished by modifying the access point such that it does not retransmit message 3 of the 4-way handshake. Additionally, the access point is modified to not retransmit message 1 of the group key handshake. The hostapd project has such a modification available. They are currently evaluating to which extend this impacts the reliability of these handshakes. We remark that the client-side attacks against the 4-way handshake and group key handshake can also be prevented by retransmitting the above handshake messages using the same (previous) EAPOL-Key replay counter. The attack against the group key handshake can also be prevented by letting the access point install the group key in a delayed fashion, and by assuring the access point only accepts the latest replay counter (see section 4.3 of the paper for details).

On some products, variants or generalizations of the above mitigations can be enabled without having to update products.For example, on some access points retransmissions of all handshake messages can be disabled, preventing client-side attacks against the 4-way and group key handshake (see for example Cisco).

How did you discover these vulnerabilities?

When working on the final (i.e. camera-ready) version of another paper, I was double-checking some claims we made regarding OpenBSD's implementation of the 4-way handshake. In a sense I was slacking off, because I was supposed to be just finishing the paper, instead of staring at code. But there I was, inspecting some code I already read a hundred times, to avoid having to work on the next paragraph. It was at that time that a particular call to ic_set_key caught my attention. This function is called when processing message 3 of the 4-way handshake, and it installs the pairwise key to the driver. While staring at that line of code I thought “Ha. I wonder what happens if that function is called twice”. At the time I (correctly) guessed that calling it twice might reset the nonces associated to the key. And since message 3 can be retransmitted by the Access Point, in practice it might indeed be called twice. “Better make a note of that. Other vendors might also call such a function twice. But let's first finish this paper...”. A few weeks later, after finishing the paper and completing some other work, I investigated this new idea in more detail. And the rest is history.

The 4-way handshake was mathematically proven as secure. How is your attack possible?

The brief answer is that the formal proof does not assure a key is installed only once. Instead, it merely assures the negotiated key remains secret, and that handshake messages cannot be forged.

The longer answer is mentioned in the introduction of our research paper: our attacks do not violate the security properties proven in formal analysis of the 4-way handshake. In particular, these proofs state that the negotiated encryption key remains private, and that the identity of both the client and Access Point (AP) is confirmed. Our attacks do not leak the encryption key. Additionally, although normal data frames can be forged if TKIP or GCMP is used, an attacker cannot forge handshake messages and hence cannot impersonate the client or AP during handshakes. Therefore, the properties that were proven in formal analysis of the 4-way handshake remain true. However, the problem is that the proofs do not model key installation. Put differently, the formal models did not define when a negotiated key should be installed. In practice, this means the same key can be installed multiple times, thereby resetting nonces and replay counters used by the encryption protocol (e.g. by WPA-TKIP or AES-CCMP).

Some attacks in the paper seem hard

We have follow-up work making our attacks (against macOS and OpenBSD for example) significantly more general and easier to execute. So although we agree that some of the attack scenarios in the paper are rather impractical, do not let this fool you into believing key reinstallation attacks cannot be abused in practice.

If an attacker can do a man-in-the-middle attack, why can't they just decrypt all the data?

As mentioned in the demonstration, the attacker first obtains a man-in-the-middle (MitM) position between the victim and the real Wi-Fi network (called a channel-based MitM position). However, this MitM position does not enable the attacker to decrypt packets! This position only allows the attacker to reliably delay, block, or replay encrypted packets. So at this point in the attack, they cannot yet decrypt packets. Instead, the ability to reliably delay and block packets is used to execute a key reinstallation attack. After performing a key reinstallation attack, packets can be decrypted.

Does an attacker to have be near your network in order to attack it?

An adversary has to be within range of both the client being attacked (meaning the smartphone or laptop) and the network itself. This means an adversary on the other side of the world cannot attack you remotely. However, the attacker can still be relatively far way. That's because special antenna can be used to carry out the attack from two miles to up to eight miles in ideal conditions. Additionally, the attacker is not competing with the signal strength of the real Wi-Fi network, but instead uses so-called Channel Switch Announcements to manipulate and attack the client. As a result, it is possible to successfully carry out attacks even when far away from the victim.

Are people exploiting this in the wild?

We are not in a position to determine if this vulnerability has been (or is being) actively exploited in the wild. That said, key reinstallations can actually occur spontaneously without an adversary being present! This may for example happen if the last message of a handshake is lost due to background noise, causing a retransmission of the previous message. When processing this retransmitted message, keys may be reinstalled, resulting in nonce reuse just like in a real attack.

Should I temporarily use WEP until my devices are patched?

NO! Keep using WPA2.

Will the Wi-Fi standard be updated to address this?

There seems to be an agreement that the Wi-Fi standard should be updated to explicitly prevent our attacks. These updates likely will be backwards-compatible with older implementations of WPA2. Time will tell whether and how the standard will be updated.

Is the Wi-Fi Alliance also addressing these vulnerabilities?

For those unfamiliar with Wi-Fi, the Wi-Fi Alliance is an organization which certifies that Wi-Fi devices conform to certain standards of interoperability. Among other things, this assures that Wi-Fi products from different vendors work well together.

The Wi-Fi Alliance has a plan to help remedy the discovered vulnerabilities in WPA2. Summarized, they will:

Require testing for this vulnerability within their global certification lab network.
Provide a vulnerability detection tool for use by any Wi-Fi Alliance member (this tool is based on my own detection tool that determines if a device is vulnerable to some of the discovered key reinstallation attacks).
Broadly communicate details on this vulnerability, including remedies, to device vendors. Additionally, vendors are encouraged to work with their solution providers to rapidly integrate any necessary patches.
Communicate the importance for users to ensure they have installed the latest recommended security updates from device manufacturers.

Why did you use match.com as an example in the demonstration video?

Users share a lot of personal information on websites such as match.com. So this example highlights all the sensitive information an attacker can obtain, and hopefully with this example people also better realize the potential (personal) impact. We also hope this example makes people aware of all the information these dating websites may be collecting.

How can these types of bugs be prevented?

We need more rigorous inspections of protocol implementations. This requires help and additional research from the academic community! Together with other researchers, we hope to organize workshop(s) to improve and verify the correctness of security protocol implementations.

Why the domain name krackattacks.com?

First, I'm aware that KRACK attacks is a pleonasm, since KRACK stands for key reinstallation attack and hence already contains the word attack. But the domain name rhymes, so that's why it's used.

Did you get bug bounties for this?

Hackerone has awarded a bug bounty for our research under their Internet Bug Bounty (IBB) award program.

How does this attack compare to other attacks against WPA2?

This is the first attack against the WPA2 protocol that doesn't rely on password guessing. Indeed, other attacks against WPA2-enabled network are against surrounding technologies such as Wi-Fi Protected Setup (WPS), or are attacks against older standards such as WPA-TKIP. Put differently, none of the existing attacks were against the 4-way handshake or against cipher suites defined in the WPA2 protocol. In contrast, our key reinstallation attack against the 4-way handshake (and against other handshakes) highlights vulnerabilities in the WPA2 protocol itself.

Are other protocols also affected by key reinstallation attacks?

We expect that certain implementations of other protocols may be vulnerable to similar attacks. So it's a good idea to audit security protocol implementations with this attack in mind. However, we consider it unlikely that other protocol standards are affected by similar attacks (or at least so we hope). Nevertheless, it's still a good idea to audit other protocols!

When did you first notify vendors about the vulnerability?

We sent out notifications to vendors whose products we tested ourselves around 14 July 2017. After communicating with these vendors, we realized how widespread the weaknesses we discovered are (only then did I truly convince myself it was indeed a protocol weaknesses and not a set of implementation bugs). At that point, we decided to let CERT/CC help with the disclosure of the vulnerabilities. In turn, CERT/CC sent out a broad notification to vendors on 28 August 2017.

Why did OpenBSD silently release a patch before the embargo?

OpenBSD announced an errata on 30 August 2017 that silently prevented our key reinstallation attacks. More specifically, patches were released for both OpenBSD 6.0 and OpenBSD 6.1.

We notified OpenBSD of the vulnerability on 15 July 2017, before CERT/CC was involved in the coordination. Quite quickly, Theo de Raadt replied and critiqued the tentative disclosure deadline: “In the open source world, if a person writes a diff and has to sit on it for a month, that is very discouraging”. Note that I wrote and included a suggested diff for OpenBSD already, and that at the time the tentative disclosure deadline was around the end of August. As a compromise, I allowed them to silently patch the vulnerability. In hindsight this was a bad decision, since others might rediscover the vulnerability by inspecting their silent patch. To avoid this problem in the future, OpenBSD will now receive vulnerability notifications closer to the end of an embargo.

So you expect to find other Wi-Fi vulnerabilities?

“I think we're just getting started.” — Master Chief, Halo 1

Where can I learn more about key reinstallation attacks?

Good technical information and comments:

Selected newspapers with high-level information:

from https://www.krackattacks.com/

↧

linux桌面系统上的翻墙工具-intang

June 26, 2019, 10:27 am

≫ Next: AutoIPTV

≪ Previous: Breaking WPA2 by forcing nonce reuse

INTANG is a project for circumventing the "TCP reset attack" from the Great Firewall of China (GFW) by disrupting/desynchronizing the TCP Control Block (TCB) on the censorship devices. INTANG runs as a client-side only tool in background to protect the TCP connections from being interfered (or even monitored) by the GFW. It works on TCP/IP layers instead of application layer, thus considered more general and can help all application layer protocols, e.g. HTTP, DNS over TCP, OpenVPN, Tor, evading censorship. It can also be run on a proxy to make the deployment easier for those who are incapable of running INTANG (using OSes other than Linux or doesn't have root privillige).

Platform

Linux (must has netfilter supported in kernel)

Tested with Ubuntu 12.04/14.04/16.04.

Dependencies

libnetfilter-queue-dev
libnfnetlink-dev
redis-server
libhiredis-dev
libev-dev
python-redis (optional)
python-scapy (optional)

Compilation

Install prerequisite packages:

Compile:

And the binary will be located under bin folder.

How to Run

Use run.sh to start the daemon. Logs are by default written to /var/log/intangd.log. If you want to test a specific strategy, use run.sh . Strategy IDs can be checked with run.sh -h.
Use stop.sh to stop the daemon. It simply send SIGINT signal to the daemon.

The daemon needs root privilege to run. If you are using Virtual Machine, you'll need to configure the networks in Bridge Mode.

from https://github.com/seclab-ucr/INTANG

↧

AutoIPTV

June 26, 2019, 10:47 am

≫ Next: 用macOS机器的networksetup命令来管理网络

≪ Previous: linux桌面系统上的翻墙工具-intang


AutoIPTV is the best free source of IPTV that actively finds new links and also actively removes the broken links from the playlists. This maximizes our user experience compared to other free IPTV services. There are constantly new features being implemented for our users, as well as a feature that helps to reduce buffering in most cases. We are always in search for better IPTV streaming players for our users across many platforms and devices to ensure most pleasant streaming experience.


Smart TV Smart IPTV SS IPTV

Kodi SimpleStream Pro PVR IPTV Simple Client



tvOS Flex IPTV iPlayTV GSE Smart IPTV

iOS Flex IPTV GSE Smart IPTV



Android GSE Smart IPTV Simple IPTV IPTV Extreme Perfect Player IPTV

Macintosh VLC Media Player GSE Smart IPTV



Windows VLC Media Player from https://freeiptv.io

↧

用macOS机器的networksetup命令来管理网络

June 26, 2019, 8:48 pm

≫ Next: 【年代向錢看】川普反中打貿易戰、科技戰、还打金融戰! 川普"金融制裁"伊朗，給中共高官看!

≪ Previous: AutoIPTV

主要的原因是需要在电脑上同时连接内外网的时候，每次都需要在我所使用的 Wi-Fi 网卡上附加一个我们内网的 IP：172.28.20.1/16 之后再加上一个路由。但是每次重启电脑后都得重新添加。当然，我们可以以脚本的形式在登录时进行执行，或者用 automator 建立一个小程序，给用户进行 LoginItems 内弄上。但这觉得都不是根本的解决办法。

一句话介绍

networksetup 是在系统偏好设置中对网络设定进行配置的工具。 networksetup 命令最少需要 admin 权限。大多数的配置命令都需要 root 权限。

在任何需要密码的地方，可以用 - 代替，表示从标准输入读入密码。

概要

networksetup [-listnetworkserviceorder] [-listallnetworkservices] [-listallhardwareports] [-detectnewhardware] [-getmacaddress hardwareport]
             [-getcomputername] [-setcomputername computername] [-getinfo networkservice] [-setmanual networkservice ip subnet router]
             [-setdhcp networkservice [clientid]] [-setbootp networkservice] [-setmanualwithdhcprouter networkservice ip]
             [-getadditionalroutes networkservice]
             [-setadditionalroutes networkservice [dest1 mask1 gate1] [dest2 mask2 gate2] ... [destN maskN gateN]] [-setv4off networkservice]
             [-setv6off networkservice] [-setv6automatic networkservice] [-setv6linklocal networkservice]
             [-setv6manual networkservice address prefixLength router] [-getv6additionalroutes networkservice]
             [-setv6additionalroutes networkservice [dest1 prefixlength1 gate1] [dest2 prefixlength2 gate2] ... [destN prefixlengthN gateN]]
             [-getdnsservers networkservice] [-setdnsservers networkservice dns1 [dns2] [...]] [-getsearchdomains networkservice]
             [-setsearchdomains networkservice domain1 [domain2] [...]] [-create6to4service networkservicename] [-set6to4automatic networkservice]
             [-set6to4manual networkservice relayAddress] [-getftpproxy networkservice]
             [-setftpproxy networkservice domain portnumber authenticated username password] [-setftpproxystate networkservice on | off]
             [-getwebproxy networkservice] [-setwebproxy networkservice domain portnumber authenticated username password]
             [-setwebproxystate networkservice on | off] [-getsecurewebproxy networkservice]
             [-setsecurewebproxy networkservice domain portnumber authenticated username password] [-setsecurewebproxystate networkservice on | off]
             [-getstreamingproxy networkservice] [-setstreamingproxy networkservice domain portnumber authenticated username password]
             [-setstreamingproxystate networkservice on | off] [-getgopherproxy networkservice]
             [-setgopherproxy networkservice domain portnumber authenticated username password] [-setgopherproxystate networkservice on | off]
             [-getsocksfirewallproxy networkservice] [-setsocksfirewallproxy networkservice domain portnumber authenticated username password]
             [-setsocksfirewallproxystate networkservice on | off] [-getproxybypassdomains networkservice]
             [-setproxybypassdomains networkservice domain1 [domain2] [...]] [-getproxyautodiscovery networkservice]
             [-setproxyautodiscovery networkservice on | off] [-getpassiveftp networkservice] [-setpassiveftp networkservice on | off]
             [-getairportnetwork device] [-setairportnetwork device network [password]] [-getairportpower device] [-setairportpower device on | off]
             [-listpreferredwirelessnetworks hardwareport] [-addpreferredwirelessnetworkatindex hardwareport network index securitytype [password]]
             [-removepreferredwirelessnetwork hardwareport network] [-removeallpreferredwirelessnetworks hardwareport]
             [-getnetworkserviceenabled networkservice] [-setnetworkserviceenabled networkservice on | off]
             [-createnetworkservice networkservicename hardwareport] [-renamenetworkservice networkservice newnetworkservicename]
             [-duplicatenetworkservice networkservice newnetworkservicename] [-removenetworkservice networkservice]
             [-ordernetworkservices service1 [service2] [service3] [...]] [-getMTU hardwareport] [-setMTU hardwarePort value]
             [-listvalidMTUrange hardwareport] [-getmedia hardwareport] [-setmedia hardwareport subtype [option1] [option2] [...]]
             [-listvalidmedia hardwareport] [-createVLAN name parentdevice tag] [-deleteVLAN name parentdevice tag] [-listVLANs]
             [-listdevicesthatsupportVLAN] [-isBondSupported device] [-createBond name [device1] [device2] [...]] [-deleteBond bond]
             [-addDeviceToBond device bond] [-removeDeviceFromBond device bond] [-listBonds] [-showBondStatus bond] [-listpppoeservices]
             [-showpppoestatus name] [-createpppoeservice device name account password [pppoeName]] [-deletepppoeservice service]
             [-setpppoeaccountname service account] [-setpppoepassword service password] [-connectpppoeservice service]
             [-disconnectpppoeservice service] [-listlocations] [-getcurrentlocation] [-createlocation location [populate]]
             [-deletelocation location] [-switchtolocation location] [-listalluserprofiles] [-listloginprofiles service]
             [-enablesystemprofile service on | off] [-enableloginprofile service profile on | off] [-enableuserprofile profile on | off]
             [-import8021xProfiles service path] [-export8021xProfiles service path yes | no] [-export8021xUserProfiles path yes | no]
             [-export8021xLoginProfiles service path yes | no] [-export8021xSystemProfile service path yes | no]
             [-settlsidentityonsystemprofile service path passphrase] [-settlsidentityonuserprofile profile path passphrase]
             [-deletesystemprofile service] [-deleteloginprofile service profile] [-deleteuserprofile profile] [-version] [-help] [-printcommands]

下面是所有的 flags 列表及他们的描述：

网络服务

-listnetworkserviceorder

按照与一个连接的相关性列出网络服务及其对应的 Port 。含有 * 说明这个服务不可用。如：

 networksetup -listnetworkserviceorder
An asterisk (*) denotes that a network service is disabled.
(1) Wi-Fi
(Hardware Port: Wi-Fi, Device: en0)

(2) iPhone USB
(Hardware Port: iPhone USB, Device: en4)

(3) Bluetooth PAN
(Hardware Port: Bluetooth PAN, Device: en2)

(4) Thunderbolt Bridge
(Hardware Port: Thunderbolt Bridge, Device: bridge0)

-listallnetworkservices

这个只是简单的列出网络服务名称而已。

networksetup -listallnetworkservices  
An asterisk (*) denotes that a network service is disabled.
Wi-Fi
iPhone USB
Bluetooth PAN
Thunderbolt Bridge

-listallhardwareports

这个会列出所有硬件端口，包含对应的设备名称及地址。

networksetup -listallhardwareports  

Hardware Port: Wi-Fi
Device: en0
Ethernet Address: 34:36:3b:17:ac:be

Hardware Port: Bluetooth PAN
Device: en2
Ethernet Address: 34:36:3b:17:ac:bf

Hardware Port: Thunderbolt 1
Device: en1
Ethernet Address: 32:00:17:5f:00:00

Hardware Port: Thunderbolt Bridge
Device: bridge0
Ethernet Address: 32:00:17:5f:00:00

VLAN Configurations
===================

-detectnewhardware

检测网络硬件，并为这个硬件建立一个默认的网络服务。

-getmacaddress hardwareport

获取硬件接口的网卡地址。比如以太网或者是 Wi-Fi。

networksetup -getmacaddress 'Wi-Fi'                                                                                                                             130 ↵
Ethernet Address: 34:36:3b:17:ac:be (Hardware Port: Wi-Fi)

-getcomputername

获取计算机名称

networksetup -getcomputername      
我的电脑的MacBook Air

-setcomputername

设置计算机名称

networksetup -setcomputername "Angel's MacBook Air"

-getinfo netwokservice

获取网络服务的信息。IP 地址，子网掩码，下一跳路由，硬件地址

networksetup -getinfo "Wi-Fi"
DHCP Configuration
IP address: 192.168.0.8
Subnet mask: 255.255.255.0
Router: 192.168.0.1
Client ID: 
IPv6: Automatic
IPv6 IP address: none
IPv6 Router: none
Wi-Fi ID: 34:36:3b:17:ac:be

-setmanual networkservice ip subnet router

设置网络服务的 IP，子网，下一跳路由。

-setdhcp networkservice [clientid]

设置使用 DHCP 自动获取IP地址，。 clientid 是可选的，可以将其设置为 Empty 来清空已设置的 clientid。

-setbootp networkservice

设置网络服务使用 bootp

-setmanualwithdhcprouter networkservice ip

手动指定一个 dhcp 池内的地址。

-getadditionalroutes networkservice

获取附加的路由。

-setadditionalroutes networkservice [dest1 mask1 gate1] [dest2 mask2 gate2] … [destN maskN gateN]

设置附加的路由。

networksetup -setadditionalroutes "Wi-Fi" 172.230.1.1 255.255.0.0 172.28.20.1

-setv{4 | 6}off networkservice

用来关闭 IPv4 或者 IPv6 协议。

-setv6automatic networkservice

自动设置 IPv6 地址。

-setv6linklocal networkservice

设置 IPv6 只使用本地链路地址。

-setv6manual ip prefixlength router

设置 IPv6 地址。包括 IP, 前缀, 及路由

-getv6additionalroutes networkservice

获取 IPv6 附加路由。

-setv6additionalroutes networkservice [dest1 prefixlength1 gate1] [dest2 prefixlength2 gate2] … [destN prefixlengthN gateN]

设置 IPv6 附加路由

-getdnsservers networkservice

获取 DNS 服务器。

-setdnsservers networkservice dns1 [dns2] […]

设置 DNS 服务器。

networksetup -setdnsservers "Wi-Fi" 8.8.8.8 114.114.114.114

-getsearchdomains networkservice

为指定的网络服务显示出域名。这个我们本机一般不会用到。

-setsearchdomains networkservice domain1 [domain2] […]

对网络服务指定域名。可设置多个呢。如果要清除的话，指定为 aemptya。

-create6to4service -

建立一个 IPv6 -> IPv4 的网络服务。

-set6to4automatic -

-set6to4manual - -

-getftpproxy networkservice

获取 ftp 代理情况。

Enabled: No
Server: 
Port: 0
Authenticated Proxy Enabled: 0

-setftpproxy networkservice domain portnumber authenticated username password

设置 ftp 代理信息。authenticated 可以是 [ on | off ]。如果设置为 on，那么需要输入后面的账户和密码。

-setftpproxystate networkservice on | off

开/关 ftp 代理。

-getwebproxy networkservice

获取 web 代理信息。

-setwebproxy networkservice domain portnumber authenticated username password

设置 web 代理。

-setwebproxystate networkservice on | off

开关 web 代理。

-getsecurewebproxy networkservice

-setsecurewebproxy networkservice domain portnumber authenticated username password

-setsecurewebproxystate networkservice on | off

-getstreamingproxy networkservice

-setstreamingproxy networkservice domain portnumber authenticated username password

-setstreamingproxystate networkservice on | off

-getgopherproxy networkservice

-setgopherproxy networkservice domain portnumber authenticated username password

-setgopherproxystate networkservice on | off

-getsocksfirewallproxy networkservice

-setsocksfirewallproxy networkservice domain portnumber authenticated username password

-setsocksfirewallproxystate networkservice on | off

-getproxybypassdomains networkservice

-setproxybypassdomains networkservice domain1 [domain2] […]

-getproxyautodiscovery networkservice

-setproxyautodiscovery networkservice on | off

-getpassiveftp networkservice

FTP 被动模式是否开启。

-setpassiveftp networkservice {on | off}

设置被动 FTP 模式。

-setautoproxyurl networkservice url

设置自动代理配置的url。

-getautoproxyurl networkservice

获取上面配置的信息。

networksetup -getautoproxyurl "Wi-Fi"
URL: http://127.0.0.1:1089/proxy.pac
Enabled: Yes

-setsocksfirewallproxystate networkservice on | off

设置是否开启 SOCKS 防火墙代理。

-getairportnetwork hardwareport

显示当前的 Wi-Fi 网络。

networksetup -getairportnetwork en0                                                                                                                              
Current Wi-Fi Network: 360WiFi-8471A7-5G

-setairportnetwork hardwareport network [password]

连接一个 Wi-Fi 热点的意思。

-getairportpower hardwareport

看一下 Wi-Fi 是开还是关。

-setairportpower hardwareport on | off

开关 Wi-Fi。

-listpreferredwirelessnetworks hardwareport

列出首选的 Wi-Fi 网络热点信息。

networksetup -listpreferredwirelessnetworks en0 | head
Preferred networks on en0:
 360WiFi-8471A7
 real_602
 nmj602_5G
 nmj504
 HUAWEI-E5Mini-5FF7
 iPhone
 D-GuiYang
 360WiFi-DD0658
 Wo4G-G7DQ

-addpreferredwirelessnetworkatindex hardwareport network index securitytype [password]

添加 Wi-Fi 网络信息。

-removepreferredwirelessnetwork hardwareport network

移除 Wi-Fi 网络。

-removeallpreferredwirelessnetworks hardwareport

移除所有的 Wi-Fi 网络。

-getnetworkserviceenabled networkservice

查看网络服务是否开启。

-setnetworkserviceenabled networkservice on | off

开/关一个网络服务

-createnetworkservice networkservicename hardwareport

在硬件端口 hadrwareport 上建立网络服务 networkservicename。建立后默认会开启。

-renamenetworkservice networkservice newnetworkservicename

重命名网络服务

-duplicatenetworkservice networkservice newnetworkservicename

复制网络服务。

-removenetworkservice networkservice

删除网络服务

-ordernetworkservices service1 [service2] [service3] […]

排序网络服务。

-getMTU hardwareport

获取 MTU 以太网一般是1468

-setMTU hardwarePort value

手动设置 MTU

-listValidMTURange hardwareport

查看有效的 MTU值。

networksetup -listValidMTURange en0
Valid MTU Range: 1280-1500

-getMedia hardwareport

获取当前媒介的设置及端口上的活跃媒介或设备。

-setMedia hardwareport subtype [option1] [option2] […]

指定端口的媒介类型。

-listValidMedia hardwareport

列出可用的媒介。

-createVLAN name parentdevice tag

在父设备 parentdevice，创建 Vlan ，标签 tag。

-deleteVLAN name parentdevice tag

删除 Vlan

-listVLANs

列出V Vlan

-listdevicesthatsupportVLAN

列出支持 Vlan 的设备。

-isBondSupported device

设备是否支持 bond。

networksetup -isBondSupported "Wi-Fi"
NO

-createBond name [device1] [device2] […]

建立聚合链路

-deleteBond bond

删除链路聚合。

-addDeviceToBond device bond

为链路添加设备

-listBonds

列出聚合链路

-showBondStatus bond

查看链路聚合状态

pppoe相关

-listpppoeservices

-showpppoestatus name

-createpppoeservice device name account password [pppoeName]

-deletepppoeservice service

-setpppoeaccountname service account

-setpppoepassword service password

-connectpppoeservice service

-disconnectpppoeservice service

-listlocations

位置列表

-getcurrentlocation

当前位置

-createlocation location [populate]

创建位置

-deletelocation location

删除位置

-switchtolocation location

切换位置。

↧

【年代向錢看】川普反中打貿易戰、科技戰、还打金融戰! 川普"金融制裁"伊朗，給中共高官看!

June 27, 2019, 1:05 am

≫ Next: PAC文件生成器

≪ Previous: 用macOS机器的networksetup命令来管理网络

↧

PAC文件生成器

June 26, 2019, 9:09 pm

≫ Next: 天亮時分 G20川习会后，川普将迅速启动加税的三大理由之一是习近平见了四拨不该见的人

≪ Previous: 【年代向錢看】川普反中打貿易戰、科技戰、还打金融戰! 川普"金融制裁"伊朗，給中共高官看!

https://pac.newfuture.cc/

Proxy Auto-Config generator.

自动生成PAC代理配置文件(自动跳过内网,局域网和ipv6)

Usage(使用)

在https://pac.newfuture.cc(此站支持ipv6) 根据本机端口选择的pac

使用场景:

Firefox 在网络代理设置填入自动代理脚本地址即可
Chrome SwitchyOmega 等代理插件选择在线PAC模式填写对应的URL即可
windows 系统设置->网络->代理->自动代理，代理脚本，填入对应的URL即可
使用ss 在线代理填入url，作用同上
Windwos版ss客户端本地代理在此选择 pac.txt 替换本地pac.txt即可

Contribution

只需要修改配置即可(其中;为注释):

主机白名单：主机列表按格式添加新的一行即可(域名或者IP,支持正则表达式)
ip网段白名单：网段列表按格式添加一行ip和子网掩码即可
增加代理地址：代理列表按格式添加一行代理主机和端口即可
添加新的目录：复制nku目录到新的目录(需以字母或者数字开头否则被忽略)修改对应配置即可,(生成是会自动扫描目录)

Build

可以本机手动编译或者Travis自动编译生成:

手动编译(需要node)：运行 ./run.js即可
自动编译: 每次提交合并后会自动编译，并把生成结果自动发步到gh-pages分支(网站)

from https://github.com/NewFuture/pac

------

类似的服务：https://github.com/txthinking/blackwhite

↧

天亮時分 G20川习会后，川普将迅速启动加税的三大理由之一是习近平见了四拨不该见的人

June 26, 2019, 10:44 pm

≫ Next: 利用DDDproxy翻墙

≪ Previous: PAC文件生成器

↧

利用DDDproxy翻墙

June 27, 2019, 8:07 am

≫ Next: 美财长：美中贸易协议完成90% 特朗普：达不成协议将对更多中国商品加征关税

≪ Previous: 天亮時分 G20川习会后，川普将迅速启动加税的三大理由之一是习近平见了四拨不该见的人

登陆linux vps.

git clone https://github.com/wdongxv/DDDProxy dddproxy
cd dddproxy

[root@host dddproxy]# ls
DDDProxy install.py localServer.py remoteServer.py
Dockerfile LICENSE readme.md
[root@host dddproxy]# python install.py remoteServer
（会提示你设置端口和密码。记下所设置的端口和密码）
install remoteServer on linux
Enter Bind Port(empty for default):2255
Enter passphrase(empty for random):
Enter same passphrase again:
Write file /usr/lib/systemd/system/dddproxy_remoteServer.service
Created symlink from /etc/systemd/system/multi-user.target.wants/dddproxy_remoteServer.service to /usr/lib/systemd/system/dddproxy_remoteServer.service.
[root@host dddproxy]# lsof -i:2255
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
python 29129 root 3u IPv4 311926 0t0 TCP *:vrtp (LISTEN)
[root@host dddproxy]#

(服务器上，运行安装命令python install.py remoteServer后，不需要运行python remoteServer.py ,服务器端即可运行起来）

在本地机器mac上，
git clone https://github.com/wdongxv/DDDProxy dddproxy
cd dddproxy
python install.py localServer
python localServer.py
不要关闭此terminal.
然后，用浏览器打开http://127.0.0.1:8080，在“远程服务地址设置”栏，填写你的服务器的ip地址,以及在服务器上运行python install.py remoteServer时，所设置的端口和密码。然后，在“代理地址列表”栏，添加被封的域名.

为chrome浏览器安装switchyomega插件.在switchyomega插件页面，新建情景模式，情景模式名称填写dddproxy，选择情景模式的类型为PAC情景模式，点击“创建”，点击刚刚创建的情景模式dddproxy，在‘PAC 网址’栏里，填写http://127.0.0.1:8080/pac ，保存更改，然后在该情景模式的最下面的长方形框里会显示pac文件的内容，不过此时，该框里的内容是不能编辑的。我们删掉‘PAC 网址’栏里的内容，然后‘pac脚本‘框里的内容就能编辑了，在var domainList那一行里，在已有的域名旁边添加其他被封的域名，比如我的域名briten.info .该域名今天被封，所以非添加不可。像这样添加："facebook.net", "allinfa.com", "fc2.com", "boxun.com",
保存更改。即可在chrome浏览器里翻墙,比如访问boxun.com

项目地址：https://github.com/wdongxv/DDDProxy

这是原创文章。

↧

美财长：美中贸易协议完成90% 特朗普：达不成协议将对更多中国商品加征关税

June 27, 2019, 8:04 am

≫ Next: 专访: “现在是中美两国对抗的新页”

≪ Previous: 利用DDDproxy翻墙

美国财政部长姆努钦星期三（6月26日）说，美国和中国的贸易协议“大约90%”已经完成。

姆努钦在接受美国消费者新闻与商业频道的采访时表示，双方已经成功了90%。最终达成协议有路可寻。

美国总统特朗普和中国国家主席习近平将在日本大阪的20国集团峰会期间举行会谈，希望能缓解双方长达11个月的贸易战。

姆努钦说，他坚信，特朗普总统和习近平主席本周末在即将举行的20国集团峰会期间在陷入僵局的贸易谈判中能取得进展。他说：“我们希望听到的信息是，他们愿意回到谈判桌来，继续谈判，因为我认为，贸易平衡和继续发展这种关系，对他们的经济，对美国的经济都会带来好的结果。”

姆努钦没有说明协议最后10%的部分包含哪些详细内容，以及阻碍达成贸易协议的症结是什么。

姆努钦说，“我希望，我们能向前推动一项计划，特朗普总统和习近平主席工作关系非常密切。我们在上一届20国集团峰会上进行了卓有成效地会谈。”

姆努钦补充说，他希望今年底之前能达成协议，但是他表示,“适当的努力必须到位。”

另一方面，美国银行美林对投资者的一份调查显示，大约三分之二的人预计，特朗普和习近平本周末的会谈不会达成协议，但双方也不会加征新的关税。

特朗普：若美中达不成贸易协议将对更多中国商品加征关税

美国总统特朗普星期三（6月26日）表示，如果他同中国领导人习近平达不成贸易协议，将对输美的中国商品加征额外的关税。

特朗普星期三接受美国福克斯商业网络电视台采访时说，“如果那不起作用，如果我们达不成协议，我会加征额外的关税，非常可观的额外关税。”

不过，特朗普保留了两国领导人在日本20国集团峰会上达成协议，避免再加征关税的可能性。

特朗普还表示，他希望同中国达成一项贸易协议，但是他对“目前的现状很满意”。

一方面，特朗普强调同中国达成贸易协议的重要性，另一方面，他也表示，关税对美国经济有好处。他说，在关税问题上，他跟很多人的看法不同，指出自从美国对2500亿美元中国商品加征25%的关税后，“我们的股市冲天”。他说，中国比美国更需要一个协议。

特朗普说，如果美中双方谈判再次陷入僵局，他准备对剩余的3250亿美元输美中国商品加征关税。不过，他说，他对下阶段采取不同的战略持开放态度，即加征10%的关税，而不是25%。他说，这样的关税幅度人们能够应付。

美国之音等综合

↧

专访: “现在是中美两国对抗的新页”

June 27, 2019, 9:15 am

≫ Next: 年代向錢看川普貿易戰B計畫課10%,中國大外宣計畫揭秘

≪ Previous: 美财长：美中贸易协议完成90% 特朗普：达不成协议将对更多中国商品加征关税

虽然报导传出中国与美国可望在G20峰会的特习会之后，同意贸易战休兵并恢复贸易谈判。然而，专家却认为即便如此，也不会停止两国持续在不同领域激烈竞争，因为中美两国本质上的差异仍然存在。

德国之声中文网）德国之声: 根据香港南华早报报导，中国与美国传出已在特朗普与习近平周六会面前同意贸易战休兵，而美国贸易谈判代表姆努钦周三在接受访问时也说，最终的贸易协议目前已完成90%。您认为在这样的前提下，周六 (6月29日) 的会面会如何发展呢?

克普利: 以周六的特习会来说，正面的结果会是双方同意重启贸易谈判、降低彼此公开言论中的火药味、并继续讨论贸易谈判中的关键性议题。我不认为中美两国在周六的会面后，会做出突破性的让步。换句话说，中美两国之间仍存在本质上的差异，而贸易仅是两国对抗当中的其中一个面向。我们必须明白现在是中美两国对抗的新页，而两国也会持续在不同领域激烈竞争，这点是不会改变的。

举例来说，中国一定不会支持美国对伊朗进行制裁，因为中国希望可以从与伊朗跟中东的关系中来持续获得利益。换句话说，中国不可能轻易终止任何与其地缘政治利益相关的计划。正因如此，我认为中美双方有机会在周六的会晤后，同意贸易战休兵、重启贸易谈判并针对核心问题进行讨论。

另一个令我担忧的点是美国的贸易战策略很不一致，而这是特朗普上台后一直存在的问题。特朗普身边的贸易团队分成两派。强硬派的人士一直想切断中美之间的贸易链接，并全面打击中国的贸易利益。这包括终止所有的美国技术转移并重整含有美国技术的供应链。从这点来看，他们的其中一个目标是全面击溃华为，而他们也将现在视为对抗中国的最佳时机。

另一派的人士则希望能促使中国持续开放市场，并藉此提升美国公司在中国的市占率。他们希望透过推动市场开放来促使中国终止企业补助与强迫技术转移。然而，问题是我们不知道哪一派的策略比较有影响力，而我们也无法预测美国政府每周的策略变化。这样的策略不一致性也让预估贸易战的影响变得更加困难。

德国之声: 如果中国与美国在周六的会谈后决定重启贸易谈判，亚洲各国经济可能会如何应对?

"即使中美两国重返谈判桌，两国仍将持续在不同领域激烈竞争"

克普利: 如果美国在会后决定对剩余的所有中国进口商品征收25%的关税，那这对亚洲各国经济可能会有很负面的影响。因为对复合式的供应链来说，他们可能已习惯将东南亚制造的零件用在中国生产的商品中，所以加收关税将对整个供应链造成附带性的损害。但这样的结果也会加速供应链的转移，因为更多公司跟产业会加紧脚步把供应链从中国移到世界其他地方，而这也包含东南亚。这样的过程能造福包含越南、新加坡、马来西亚、印度尼西亚与泰国在内的一些国家。

如果中美同意重启贸易谈判的话，亚洲各国的经济应该会有些正面响应。然而，我们必须明白即便美国开始释出善意，区域性的供应链仍会持续分化，而中国产业也会持续意识到它们过于仰赖外国技术的事实。

艾立克斯.克普利 (Alex Capri) 是新加坡国立大学商学院访问学者。

↧

年代向錢看川普貿易戰B計畫課10%,中國大外宣計畫揭秘

June 27, 2019, 4:14 pm

≫ Next: 叶永烈：台湾人为什么都会讲普通话？

≪ Previous: 专访: “现在是中美两国对抗的新页”

↧

叶永烈：台湾人为什么都会讲普通话？

June 27, 2019, 4:51 pm

≫ Next: 翻墙工具-uProxy

≪ Previous: 年代向錢看川普貿易戰B計畫課10%,中國大外宣計畫揭秘

　　
　　来到台湾，我发现台湾人的普通话，普遍比香港人好。
　　
　　在台湾，把普通话叫做“国语”。细细探究起来，其实“国语”一词早已有之。1902年，京师大学堂（北京大学的前身）总教习吴汝伦前往日本考察，见到日本正在推广“国语”，又称“共同语”。吴汝伦回国之后，提出中国也应该推广国语。他以为，中国的国语以北京话为基准。台湾一直沿用国语一词至今。
　　
　　现在台湾会说国语的人，将近百分之九十。五十岁以下不会说国语的人很少。
　　
　　在台湾是怎么学普通话的？台湾中小学都实行“国语教育”，老师用国语讲课，学生要用国语回答问题，所以从小就学习讲国语。
　　
　　在1945年日本投降前，在台湾会讲国语的人并不多。那时候，台湾人主要讲方言——闽南话和客家话。此外，那就是日语。
　　
　　从明朝以来，大批福建人移民台湾。他们讲闽南话。如今，台湾最多的是闽南人，占总人口的百分之七十三。闽南话成了台湾最主要的方言，称为“台语”或者“台湾话”。
　　
　　后来，来自广东（主要是广东梅州一带）的移民也大批移居台湾，他们讲客家话。如今在台湾，客家人占总人口的百分之十二。
　　
　　台湾的原住民已经成了名副其实的少数民族，只占总人口的百分之二。原住民讲南岛语言。
　　
　　除了闽南人、客家人、原住民之外，还有占总人口百分之十三的外省人。外省人来自中国大陆各省，大部分都会讲国语。
　　
　　就语言的“沟通度”（最大指数是1.000）而言，据调查, 在台北，国语的沟通度为0.985, 接近于1.000，差不多是全民共通语；闽南语的沟通度是0.495，近一半，是次要交际语；客家语则为0.001, 仅是纯粹的族群内用语。
　　
　　在台湾，大部分人既会讲国语，又会讲闽南语。这样的“双语族”占总人口的百分之七十。不过，在我“听”来，这些“双语族”所讲的国语，往往带有明显的“台湾腔”。
　　
　　也有的只会讲国语，不会讲闽南语（主要是外省人），大约占总人口的百分之之十一。这些人的国语，则带有原省籍的口音。
　　
　　大约正是因为台湾的国语“沟通度”几乎达到百分之百，所以我来到台湾，与台湾朋友沟通无语言障碍，讲普通话可以走遍台湾，深感方便。同样，大批台胞来到大陆经商、旅游，也无语言障碍，非常方便。
　　
　　追根溯源，国语在台湾如此普及，要感谢国民党政府当年大力推行的“国语运动”。
　　
　　在台湾，虽然由于彼此都讲国语，交流无碍，但是毕竟两岸隔阂多年，诸多用语习惯不同，有时要想一下，才明白对方的意思。也有时需要连蒙带猜。还有的时候，蒙也蒙不明白，猜也猜不出来！
　　
　　其实，这种语言、文字上的差异，当台湾作家琼瑶的电视剧在大陆上演时，大陆观众往往不明白剧中的一些对白。琼瑶颇有感触地说：
　　
　　“重要的原因是两岸语言文化的差异。我是一个台湾作家，像让内地观众不理解的‘我好感动’、‘好心痛’这些词是台湾人生活中最口语化的语言，我只能用我生活环境中的语言写作，而且我写得已经很口语化了。台湾最普通的话是‘很震撼’，我给学员们讲写作会说‘写东西有两种，一种是很震撼，另一种是轻轻淡淡如水’，估计这样的话在你们眼里也是很不口语的吧？”
　　
　　琼瑶又说，“同样，我看内地的电视剧，像台湾的电视台播过的《雍正王朝》和《大宅门》，也会觉得演员说话怎么这么说呢？内地的许多词我都不懂，像‘后怕’、‘车子追尾’这些内地的口语是台湾的普通话里根本没有的词。不过，我最近也正在努力地跟内地的朋友学习内地的口语。”
　　
　　跟台湾人打交道，我发现有的常用词，台湾人的发音与大陆人不同。比如，我在美国旧金山观看台湾颁发电影“金马奖”的实况转播时，台湾主持人把“主角”、“配角”的角念成“脚”，而不念“觉”，以为念错了。可是，到了台湾，发现那里人人都念“脚”，方知按照台湾的国语是这么念的。又如，“癌症”在台湾，都被念成“炎”症。我开玩笑地说，癌症病人到了台湾，病情就大大减轻，只成了“炎”症而已！
　　
　　台湾朋友常说“男生”、“女生”，在大陆人听来，仿佛是指“男学生”、“女学生”，其实是指年轻的男人与女人。
　　
　　不过，令我感到奇怪的是，台湾人讲“国语”，总是把“我和你”的“和”念成“汗”。这是为什么呢？
　　
　　有人探根求源，这才发现，把“和”念成“汗”原本是北京的土语。从 1946年5月1日起，台湾电台由“老北京”齐铁根先生每日清晨七时起作“国语读音示范”，播讲民众国语读本、国语会话。齐铁根先生按照北京土话把“和”念成“汗”。从此，那么多的台湾人，都把“和”念成“汗”！

↧

翻墙工具-uProxy

June 27, 2019, 4:56 pm

≫ Next: ocproxy

≪ Previous: 叶永烈：台湾人为什么都会讲普通话？

uProxy is a browser extension that lets users share their internet connection.

Status

Please read the uProxy Coding Guide to learn more about contributing to uProxy. For a high level technical overview of uProxy, see the uProxy Design Doc.

Tools

uProxy is built using the following tools:

Grunt to write the tasks that build uProxy
TypeScript as the primary language we code in; this compiles to JavaScript. It gives us type-checking and has some syntax improvements on JS, while letting us incrementally migrate and easily include external JS packages and frameworks.
Jasmine for testing
Polymer for UI
Travis for continuous integration

To manage dependencies we use:

npm to install node modules that we use for our build process. (Specified in package.json)
Bower to install libraries that we use in the UI (specified in bower.json) including Polymer.

Build

Prerequisites

Yarn. If you have npm, you can install with npm install -g --production yarn.
grunt-cli (once you've installed NPM, simply execute yarn global add --prod grunt-cli)

Building

First, to install required NPMs and configure the build/ directory for TypeScript compilation, execute:

yarn

Then, to compile the TypeScript code and build uProxy and all of the demo apps, execute:

grunt

Having problems? To clean up from a partial, broken, or extremely out-dated build, try executing this command before repeating the above steps:

yarn run clean

IDE

Visual Studio Code supports TypeScript compilation, search, and refactoring out of the box - just point it at the directory containing your uProxy clone.

Run

uProxy

Chrome

These are the steps to try uProxy in the Chrome browser.

In Chrome, go to chrome://extensions, make sure 'Developer mode' is enabled
Click 'Load unpacked extension...' and select build/src/chrome/app
Click 'Load unpacked extension...' and select build/src/chrome/extension

You need both the uProxy Chrome App and the uProxy Extension.

You can use grunt build_chrome from the root directory of the repository to re-compile just Chrome components.

Firefox

These are the steps to try uProxy in the Firefox browser.

To run the add-on you need to have the Firefox add-on SDK installed. Instructions can be found here: https://developer.mozilla.org/en-US/Add-ons/SDK/Tutorials/Installation
- A quick way to get started is to download/extract the zip mentioned in "Prerequisites"
Run cd build/src/firefox
Run cfx run and Firefox should launch with the uProxy add-on installed

You can use grunt build_firefox from the root directory of the repository to compile just Firefox comonents.

Demo apps

These can be found at build/src/samples/. They are a mix of web sites, browser extensions (Chrome and Firefox), and Node.js apps.

To run web apps:

start a webserver, e.g. python -m SimpleHTTPServer
open the relevant HTML file in your browser, e.g. http://localhost:8000/build/src/samples/simple-freedom-chat/main.html.

To run Chrome apps:

open chrome://extensions, enable check Developer Mode, and load the unpacked extension from the relevant directory, e.g. build/src/samples/simple-socks-chromeapp/.

To run Firefox add-ons:

install jpm via NPM, e.g. yarn install jpm -g, cd to the relevant directory, e.g. build/src/samples/simple-socks-firefoxapp/, and execute jpm run -b `which firefox` .

To run Node.js apps:

Directly run node with the entry point, e.g. node build/src/samples/zork-node/index.js

Note: until freedom-for-node supports core.rtcpeerconnection, this sample will not work

Development and re-building uProxy

uProxy uses the Grunt build system for its build tasks. Here is a list of uProxy's Grunt commands:

build - Builds everything, making stuff in the build directory (and runs tests).
build_chrome - Build Chrome app and extension * build_chrome_app - Build just Chrome app * build_chrome_ext - Build just Chrome extension
build_firefox - Build just Firefox
dist - Generates distribution files, including the Firefox xpi
clean - Cleans up
test - Run unit tests
integration_test - Run integration tests
everything - 'build', 'test' and then 'integration_test'

The easiest way to stay current is to pull changes, run grunt build to build your distribution, and re-run as you make changes to the files.

Before submitting any changes to the repository, make sure to run grunt test to make sure it passes all unit tests. Failing tests are enough to immediately reject submissions. :)

uProxy for Mobile

The development for mobile platforms uses the Cordova Chrome Apps (CCA) tool, also known as the Chrome Apps for Mobile Toolchain. You can find the platform-specific information below:

Android Development

Layout of files

Configuration and setup files

Gruntfile.js a file that specifies common tasks, e.g. how to build and package uProxy.
bower.json specifies dependent libraries from Bower.
package.json specifies dependent libraries from NPM.
.gitignore what git should ignore
.bowerrc tells bower where to put files
.travis.yml Travis auto-testing
tools directory contains some typescript and javascript to help Grunt.
third_party/tsd.json specifies the typescript definitions to use

Source code

src holds all source code; no compiled files
src/generic_ui generic user interface code
src/generic_core generic uproxy core-functionality code
src/chrome/app code specific to the chrome app
src/chrome/extension code specific to the chrome extension
src/firefox code specific to firefox
third_party holds external libraries we depend on that are copied into this repository
node_modules dynamically generated npm module dependencies
scraps temporary holding for sharing scraps of code

Dynamically created directories (grunt clean should remove them)

build created by grunt tasks; holds the built code, but none of the code that was compiled.
build/dist created by grunt tasks; holds final distribution versions
.grunt holds grunt cache stuff
.tscache holds typescript cache stuff

from https://github.com/UWNetworksLab/uProxy-p2p

↧

ocproxy

June 27, 2019, 5:12 pm

≫ Next: linux桌面系统上的vpn程序htun

≪ Previous: 翻墙工具-uProxy

ocproxy is a user-level SOCKS and port forwarding proxy for OpenConnect based on lwIP. When using ocproxy, OpenConnect only handles network activity that the user specifically asks to proxy, so the VPN interface no longer "hijacks" all network traffic on the host.

Basic usage

Commonly used options include:

  -D port                   Set up a SOCKS5 server on PORT
  -L lport:rhost:rport      Connections to localhost:LPORT will be redirected
                            over the VPN to RHOST:RPORT
  -g                        Allow non-local clients.
  -k interval               Send TCP keepalive every INTERVAL seconds, to
                            prevent connection timeouts

ocproxy should not be run directly. Instead, it should be started by openconnect using the --script-tun option:

openconnect --script-tun --script \
"./ocproxy -L 2222:unix-host:22 -L 3389:win-host:3389 -D 11080" \
    vpn.example.com

Once ocproxy is running, connections can be established over the VPN link by connecting directly to a forwarded port or by utilizing the builtin SOCKS server:

ssh -p2222 localhost
rdesktop localhost
socksify ssh unix-host
tsocks ssh 172.16.1.2
...

OpenConnect can (and should) be run as a non-root user when using ocproxy.

Using the SOCKS5 proxy

tsocks, Dante, or similar wrappers can be used with non-SOCKS-aware applications.

Sample tsocks.conf (no DNS):

server = 127.0.0.1
server_type = 5
server_port = 11080

Sample socks.conf for Dante (DNS lookups via SOCKS5 "DOMAIN" addresses):

resolveprotocol: fake
route {
        from: 0.0.0.0/0 to: 0.0.0.0/0 via: 127.0.0.1 port = 11080
        command: connect
        proxyprotocol: socks_v5
}

FoxyProxy can be used to tunnel Firefox or Chrome browsing through the SOCKS5 server. This will send DNS queries through the VPN connection, and unqualified internal hostnames (e.g. http://intranet/) should work. FoxyProxy also allows the user to route requests based on URL patterns, so that (for instance) certain domains always use the proxy server but all other traffic connects directly.

It is possible to start several different instances of Firefox, each with its own separate profile (and hence, proxy settings):

# initial setup
firefox -no-remote -ProfileManager

# run with previous configured profile "vpn"
firefox -no-remote -P vpn

Building ocproxy

Dependencies:

libevent >= 2.0: *.so library and headers
autoconf
automake
gcc, binutils, make, etc.

Building from git:

./autogen.sh
./configure
make

Other possible uses for ocproxy

Routing traffic from different applications/browsers through different VPNs (or no VPN)
Connecting to multiple VPNs or sites concurrently, even if their IP ranges overlap or their DNS settings are incompatible
Situations in which root access is unavailable or undesirable; multiuser systems

It is possible to write a proxy autoconfig (PAC) script that decides whether each request should use ocproxy or a direct connection, based on the domain or other criteria.

ocproxy also works with OpenVPN; the necessary patches are posted here.

Network configuration

ocproxy normally reads its network configuration from the following environment variables set by OpenConnect:

INTERNAL_IP4_ADDRESS: IPv4 address
INTERNAL_IP4_MTU: interface MTU
INTERNAL_IP4_DNS: DNS server list (optional but recommended)
CISCO_DEF_DOMAIN: default domain name (optional)

The VPNFD environment variable tells ocproxy which file descriptor is used to pass the tunneled traffic.

vpnns (experimental)

Another approach to solving this problem is to create a separate network namespace (netns). This is supported by Linux kernels >= v3.8.

This starts up an application in a fresh user/net/uts/mount namespace:

vpnns -- google-chrome --user-data-dir=/tmp/vpntest

vpnns -- firefox -no-remote -P vpn

vpnns -- transmission-gtk

Initially it will not have any network access as the only interface present in the netns is the loopback device. The application should still be able to talk to Xorg through UNIX sockets in /tmp.

The next step is to connect to a VPN and invoke vpnns --attach to pass the VPN traffic back and forth:

openconnect --script "vpnns --attach" --script-tun vpn.example.com

openvpn --script-security 2 --config example.ovpn \
        --dev "|HOME=$HOME vpnns --attach"

These commands connect to an ocserv or openvpn gateway, then tell vpnns to set up a tunnel device, default route, and resolv.conf inside the namespace created above. On success, the web browser will have connectivity. When the VPN disconnects, the browser will lose all connectivity, preventing leaks.

vpnns can be rerun multiple times if the connection fails or if the VPN client crashes. If run without arguments, it will open a shell inside the namespace.

Some differences between vpnns and ocproxy:

No proxies are involved, so apps should not require any special configuration.
vpnns is better-suited for hard-to-proxy protocols such as VOIP or BitTorrent.
vpnns will only ever run on Linux.
vpnns may interfere with dbus connections.

Unlike previous approaches to the problem (e.g. anything that involves running ip netns), vpnns does not require root privileges or changing the host network configuration.

The --name option allows additional (and separate) namespaces to be created.

If your X server is a version that uses abstract sockets only (and UNIX sockets in /tmp are disabled), you can re-enable UNIX sockets by adding -listen unix to /etc/X11/xinit/xserverrc.

The OpenVPN example requires out-of-tree patches. Updated openvpn and ocproxy packages are available for Ubuntu 14.04 LTS and 16.04 LTS:

sudo -s
apt-get install software-properties-common
add-apt-repository --yes ppa:cernekee
apt-get update
apt-get install ocproxy openvpn

from https://github.com/cernekee/ocproxy

↧

linux桌面系统上的vpn程序htun

June 27, 2019, 6:37 pm

≫ Next: nspawn.org：简单的 systemd 发行版容器

≪ Previous: ocproxy

https://github.com/rofl0r/htun

↧

nspawn.org：简单的 systemd 发行版容器

June 27, 2019, 7:47 pm

≫ Next: TLS-Proxy

≪ Previous: linux桌面系统上的vpn程序htun

nspawn.org：简单的 systemd 发行版容器
如果你想要运行一个发行版容器，而又不想被 docker 一类的重量级方案打扰，现在有一个新的简单方案了。

nspawn.org 目前提供了 Arch、CentOS、Debian、Fedora、Ubuntu 的各版本镜像，并可以直接用 systemd-nspawn 的验证机制进行签名验证。

推荐的用法是使用其提供的 “nspawn” 工具。下面以创建一个 Fedora 30 容器为例：

1、获取工具：

$ wget https://raw.githubusercontent.com/nspawn/nspawn/master/nspawn
$ chmod +x nspawn

2、获取 Fedora 30 镜像：

$ sudo ./nspawn init fedora/30/tar

3、启动容器并获取 shell：

$ sudo machinectl start fedora-30-tar
$ sudo machinectl shell fedora-30-tar
Connected to machine fedora-30-tar. Press ^] three times within 1s to exit session.
[root@fedora30 ~]#

一些背景：容器默认的存储路径在 /var/lib/machines/。nspawn.org 的创建者是 shibumi，目前是 Arch Linux Trusted User。所有的镜像使用 mkosi 制作，定义文件均在 GitHub 上。除了 nspawn 容器镜像，这个站点还提供可引导的 GPT-UEFI 镜像。

https://nspawn.org/images/

---------------------------------

systemd-nspawn 踩坑记

最近把自己的网络服务都迁移到了一台新的服务器，尝试了全新的部署方式（systemd-nspawn），正好踩中了一些坑，所以随便写写记录一下，也算是重新开始做起博客这件事情了吧。

What & Why

以前我使用的是一台在 online.net 捡来的特价独服，因为只有一个人使用，所以我直接在主机上开了很多个 KVM 虚拟机，使用（几乎是）一个服务一个虚拟机的方式来部署自己的服务。这在一个人使用的时候确实没有什么太大的问题，唯一的问题可能就是因为自己懒，而虚拟机的数量太多，所以经常忘记更新 / 维护那些虚拟机。

而这次则是捡特价弄了一台特别划算的 E5-2680v2 的独服（购买的时候下单的是 E5-2660v1，但是不知道是商家特别有钱还是那天机房小哥心情好，给弄了一台 E5-2680v2），几个人合用一台。因为是合用，所以大家各自开了一个 KVM 虚拟机，各自隔离。这时候，我就不能再使用虚拟机的方式来隔离自己的服务了，因为我本身已经被隔离在了一个虚拟机里，双重虚拟机可从来都不是什么好主意。

所以我转向了容器方案。其中，Docker 不太适合我的情况 —— 我并不是希望把所有服务都做成不可变的镜像然后到处部署，我的目的仅仅是简单的隔离（看起来整洁 / 给有些傲娇的应用提供最适合的环境）。因此，我转向了 systemd-nspawn，毕竟我是 Systemd 的~~卖底裤~~粉丝（雾），而且自带 Systemd 的 ArchLinux 在安装完成后就自带这个东西。

于是，我成功开始了踩坑之旅。（大量 dirty fix 预警）

非特权用户 (Private Users)

按照 ArchWiki 上的说明，使用各个发行版的 bootstrap 工具在 /var/lib/machines 下创建目录并部署系统是一个很快的工作。然而，当我部署成功并尝试启动容器的时候，我却根本看不到任何反应，无论 machinectl status 还是 systemctl status 都没法给出任何有用的信息。

再次查看 /var/lib/machines 下我部署的目录的时候，发现里面文件的权限全部被修改成了奇怪的 UID 和 GID 值。从 ArchWiki 上的描述来看，这似乎是启用了 Private Users 的正常现象。然而，死马当活马医，我尝试在 /etc/systemd/nspawn/myContainer.nspawn (myContainer 是我的容器的名字) 里面加入了

[Exec]
PrivateUsers=no

然后容器就神奇般地可以启动了。不过这样启动以后，尝试访问容器的时候，会发现里面的程序一定会报一大堆权限问题 —— 因为之前已经用 Private User 起过容器。所以，我的做法是，直接重新部署一遍……

然而这个问题并没有被彻底解决，我到现在也不能理解为什么使用 Private User 会导致无法启动，而且 systemd-nspawn 完全没有给我任何有用的错误信息。更奇怪的是，我直接用命令行的 systemd-nspawn 去启动容器是完全正常的，而使用 systemd-nspawn@.service 就必须关掉 Private Users 才能正常使用。鉴于我的使用场景并不需要多么严格的安全策略（另一方面，Linux 下的容器这个概念本身也不是用来做安全的），我暂时并没有去处理这个问题。所以，这算是一个 dirty fix 吧。

无法访问容器的 TTY

容器起来了，我遇到的第二个问题就是无法访问容器的 TTY。

尝试执行 machinectl login myContainer, 直接给我扔了一个 protocol error 出来。在 Google 上找了很久也没有找到任何一个人遇到类似的问题。最多只有进入了容器的登录界面却无法登录的问题，而遇到那种问题的人至少已经获得了容器的一个 Login Shell, 而我则是什么都没有……

是的，这个问题我也完全不知道怎么解决。当时我折腾了很久，然后怀疑是一个临时性的 bug —— 毕竟 ArchLinux 喜欢 break 东西。所以我决定作为一个临时的解决方案，先手动使用 systemd-nspawn 命令启动容器进去，配置好 openssh，然后用 machinectl 启动容器，并在外面直接使用 ssh 访问容器内部的 shell。是的，你没有看错，直接在 /var/lib/machines 使用 systemd-nspawn -b -D myContainer 命令启动容器是完全可以访问容器内的 shell 的，而从外面使用 machinectl login 或者 machinectl shell 就是不行的……

而当我下笔写这篇博客的时候，我尝试再次复现这个错误，却发现现在已经完全正常了，使用 machinectl login 可以获取到容器的正常的 Login Shell... 天知道把我折腾的要死要活的那个问题是怎么回事…… 而且从出现那个问题到现在我并没有更新服务器上的任何软件，也没有针对这个问题做任何处理…… 而当时我重启了不知道多少遍都完全没有作用。

假如你遇到这个问题，也许你坐和放宽一下，就好了。

容器内的内核模块问题 (OverlayFS / ip6tables / FUSE ...)

遇到这种问题其实觉得自己很智障，但是还是要花几句话说一次，容器内是没有办法加载内核模块的，而 Linux 启动的时候默认很多模块都没有加载。那些模块正常情况下会被使用它们的程序自动加载，但是在容器里这是不行的。所以如果你在使用程序的时候遇到这种问题，请记住在主机里加载它需要的模块后再试（推荐加入 /etc/modules-load.d/ 自动载入）

Systemd-nspawn 内运行 Docker

这个需求看起来很无厘头，但是我觉得我的使用场景是有道理的。我有一个 Mastodon 节点，这个东西是主要使用 Ruby on Rails 编写但同时有很多其他依赖的东西。在以前的机器上，我是使用 docker-compose 通过容器的组合在一个虚拟机里直接部署上这一系列依赖。而现在我需要迁移到我的新独服上，我不能使用虚拟机，也不想自找麻烦手动部署，也不想让 Docker 产生的一大堆网络接口之类的东西挂在主机的 namespace 里。总而言之，因为这种 Ruby on Rails 程序是好多个大怪兽，虽然各自有笼子，但是因为数量比较多，分散放置还是感觉很凌乱，所以我想进一步把它们的笼子也都关进一个动物园里统一管理。

但是问题来了，systemd-nspawn 似乎并不支持在它内部再启动 Docker 容器。尝试使用 Docker 容器会直接带来 Operation not permitted 异常。从 https://github.com/opencontainers/runc/issues/1456 了解到，Docker 依赖了 cgroups 功能，并且需要比较高的权限，而在默认情况下，systemd-nspawn 是隔离了 cgroup 命名空间的，而且也没有给予不必要的权限。所以，作为测试，我在 /etc/systemd/nspawn/myContainer.nspawn 里加入了

[Exec]
Capability=all

[Files]
Bind=/sys/fs/cgroup

这在事实上把主机的 cgroup 命名空间共享给了容器里的系统，并给予了所有可以给予的 Capabilities。同时，还需要关闭 systemd-nspawn 的 cgroup 隔离功能，只需要 systemctl edit systemd-nspawn@myContainer

[Service]
Environment=SYSTEMD_NSPAWN_USE_CGNS=0

到了这一步，我期望 Docker 已经可以使用了，但是很不幸的是，并不能。这回出现的是一个莫名奇妙的 session key 无法创建的异常。这次这个异常我就完全没有看懂了……

还好，经过一番 Google，我了解到这其实是因为 Docker 在尝试使用 kernel keyring，而这个功能是不支持(ref: https://github.com/moby/moby/issues/10939)命名空间隔离的。所以，为了安全，systemd-nspawn 默认把与此相关的系统调用都过滤掉了，不允许内部的系统调用。因此，只需要开启这两个系统调用的权限（在 /etc/systemd/nspawn/myContainer.nspawn 的 [Exec] 段中加入）

SystemCallFilter=add_key keyctl

然后重启 nspawn 容器即可使用 Docker。

在 Docker 正常运行之后，我发现一个问题，那就是它在使用非常慢、非常不科学的 vfs 作为存储后端。根据文档，这个存储后端会对每个 layer 都创建一个拷贝。于是我想起来了遇到的上一个问题 —— 主机没有加载 OverlayFS 的内核模块，因此默认的 overlay2 存储后端加载失败了。尝试在主机上加载 overlay 模块，然后重新启动容器里的 Docker，发现 overlay2 存储后端果然已经在正确运行了。

以上文档我已经写入 ArchWiki 上的对应章节, 因为我发现我在整个网络上都找不到关于这件事情的文档，有的只是一段 Twitter 对话，而且他们其实还并没有解决这个问题……希望我并不是唯一一个有这种奇葩需求的人吧。

当然，这么做以后，这个 nspawn 容器就成为了名副其实的特权容器，拥有很多很多高权限操作的能力。考虑到我的本意仅仅是出于洁癖一般的理由，这个问题我觉得并不是非常大……总之，给大家一个参考。

容器内使用 FUSE

FUSE 是指用户态文件系统，比如 sshfs, ntfs-3g 等。想要直接在 systemd-nspawn 容器里使用它们是会直接失败的。当然，这个解决办法很简单，因为这仅仅是因为容器里没有 /dev/fuse。

首先要确保主机上加载了 fuse 内核模块。然后，你需要在 /etc/systemd/nspawn/myContainer.nspawn 加入

[Exec]
Capability=CAP_MKNOD
DeviceAllow=/dev/fuse rwm

（注：如果你前面已经 Capability 设为 all 了，那就不用再单独设置一次 CAP_MKNOD 了）

然后在容器里执行

mknod /dev/fuse c 10 229

即可。

其他：网络配置

网络配置这算是一点附加说明，就是如果你想要给容器使用静态 IP，或者你想给容器使用 IPv6，你需要首先在 /etc/systemd/nspawn/myContainer.nspawn 里给容器增加一个网络接口

[Network]
VirtualEthernetExtra=name_on_host:name_in_container

然后分别在主机和容器里配置对应的网络接口即可。

当然，你可能也需要

[Network]
Private=true
VirtualEthernet=true

虽然这些应该是默认的。

结论

Systemd 坑很多，而且很玄学.

↧

TLS-Proxy

June 28, 2019, 3:02 am

≫ Next: 华为败诉！被认定为窃取硅谷初创公司的商业机密；中国或许被堵死出路

≪ Previous: nspawn.org：简单的 systemd 发行版容器

V2Ray+WebSocket+TLS+web模式的 C 语言极简实现.

简单介绍

tls-proxy 可以看作为 V2Ray 的 WebSocket + TLS + Web 方案的 C 语言极简实现版，使用 libevent2 轻量级事件通知库编写。在硬件资源有限的环境中（如树莓派 3B，这也是我写 tls-proxy 的根本原因），tls-proxy 的资源占用更少，且代理速度比同等条件下的 v2ray 快的多（速度基本与 ss/ssr-libev 持平），同时又不降低安全性。

tls-proxy 支持 TCP 和 UDP 协议的代理（与 v2ray 一样，UDP 流量使用 TCP 传输，尽可能减少特征），通信过程：
source-socket <-> tls-client <-> web-server(eg: nginx) <-> tls-server <-> destination-socket->->->->
tls-client 与 web-server 之间使用 HTTPS 协议（TLS1.2），web-server 与 tls-server 之间使用 websocket 协议。

版本历史

tls-proxy v1.0
初始版本，TCP 和 UDP 都有问题（TCP 套接字处理不当，导致尾部数据丢失；UDP 实现过于简单粗暴，不支持 QUIC 协议），基本无法正常使用，所以此版本仅供娱乐。

tls-proxy v1.1
当前版本，在 v1.0 的基础上修复了 TCP 缓冲区数据残留问题，修正了 UDP 的代理逻辑，支持 QUIC 等"有状态"的 UDP 上层协议（LRU Cache），暂未发现日常使用问题。

编译方法

本地编译，以 linux x86_64 为例

# uthash
cd /tmp
git clone https://github.com/troydhanson/uthash

# base64
cd /tmp
git clone https://github.com/aklomp/base64
cd base64
make

# openssl
cd /tmp
wget https://www.openssl.org/source/openssl-1.1.0i.tar.gz
tar xvf openssl-1.1.0i.tar.gz
cd openssl-1.1.0i
./Configure linux-x86_64 --prefix=/tmp/openssl --openssldir=/tmp/openssl no-shared # for linux x86_64
make -j`nproc`&& make install -j`nproc`

# libevent
cd /tmp
git clone https://github.com/libevent/libevent libevent-sources
cd libevent-sources
./autogen.sh
./configure --prefix=/tmp/libevent --enable-shared=no --enable-static=yes --disable-samples --disable-debug-mode --disable-malloc-replacement CPPFLAGS='-I/tmp/openssl/include' LDFLAGS='-L/tmp/openssl/lib' LIBS='-lssl -lcrypto -ldl'
make && make install

# tls-proxy
cd /tmp
git clone https://github.com/zfl9/tls-proxy
cd tls-proxy
gcc -I/tmp/uthash/include -I/tmp/base64/include -I/tmp/libevent/include -std=c11 -Wall -Wextra -Wno-format-overflow -O3 -s -pthread -o tls-server tls-server.c /tmp/base64/lib/libbase64.o /tmp/libevent/lib/libevent.a
gcc -I/tmp/uthash/include -I/tmp/base64/include -I/tmp/libevent/include -I/tmp/openssl/include -std=c11 -Wall -Wextra -Wno-format-overflow -O3 -s -pthread -o tls-client tls-client.c /tmp/base64/lib/libbase64.o /tmp/libevent/lib/libevent.a /tmp/libevent/lib/libevent_openssl.a /tmp/openssl/lib/libssl.a /tmp/openssl/lib/libcrypto.a -ldl
cp -af tls-client tls-server /usr/local/bin

# delete files
cd /
rm -fr /tmp/uthash
rm -fr /tmp/base64
rm -fr /tmp/openssl*
rm -fr /tmp/libevent*
rm -fr /tmp/tls-proxy

交叉编译，在 linux x86_64 上编译 linux aarch64 上用的 tls-proxy（RPi3B）

#交叉编译工具链的前缀
ARCH='aarch64-linux-gnu'

# uthash
cd /tmp
git clone https://github.com/troydhanson/uthash

# base64
cd /tmp
git clone https://github.com/aklomp/base64
cd base64
make CC=$ARCH-gcc LD=$ARCH-ld OBJCOPY=$ARCH-objcopy

# openssl
cd /tmp
wget https://www.openssl.org/source/openssl-1.1.0i.tar.gz
tar xvf openssl-1.1.0i.tar.gz
cd openssl-1.1.0i
./Configure linux-aarch64 --prefix=/tmp/openssl --openssldir=/tmp/openssl no-shared
make CC=$ARCH-gcc RANLIB=$ARCH-ranlib -j`nproc`&& make install -j`nproc`

# libevent
cd /tmp
git clone https://github.com/libevent/libevent libevent-sources
cd libevent-sources
./autogen.sh
./configure --host=$ARCH --prefix=/tmp/libevent --enable-shared=no --enable-static=yes --disable-samples --disable-debug-mode --disable-malloc-replacement CPPFLAGS='-I/tmp/openssl/include' LDFLAGS='-L/tmp/openssl/lib' LIBS='-lssl -lcrypto -ldl'
make && make install

# tls-proxy
cd /tmp
git clone https://github.com/zfl9/tls-proxy
cd tls-proxy
$ARCH-gcc -I/tmp/uthash/include -I/tmp/base64/include -I/tmp/libevent/include -std=c11 -Wall -Wextra -Wno-format-overflow -O3 -s -pthread -o tls-server tls-server.c /tmp/base64/lib/libbase64.o /tmp/libevent/lib/libevent.a
$ARCH-gcc -I/tmp/uthash/include -I/tmp/base64/include -I/tmp/libevent/include -I/tmp/openssl/include -std=c11 -Wall -Wextra -Wno-format-overflow -O3 -s -pthread -o tls-client tls-client.c /tmp/base64/lib/libbase64.o /tmp/libevent/lib/libevent.a /tmp/libevent/lib/libevent_openssl.a /tmp/openssl/lib/libssl.a /tmp/openssl/lib/libcrypto.a -ldl

交叉编译，在 linux x86_64 上编译 Android 8.1.0 (aarch64) 上用的 tls-proxy

#交叉编译工具链的前缀
ARCH='aarch64-linux-android'

# uthash
cd /tmp
git clone https://github.com/troydhanson/uthash

# base64
cd /tmp
git clone https://github.com/aklomp/base64
cd base64
make CC=$ARCH-gcc LD=$ARCH-ld OBJCOPY=$ARCH-objcopy

# openssl
cd /tmp
wget https://www.openssl.org/source/openssl-1.1.0i.tar.gz
tar xvf openssl-1.1.0i.tar.gz
cd openssl-1.1.0i
./Configure linux-aarch64 --prefix=/tmp/openssl --openssldir=/tmp/openssl no-shared
make CC=$ARCH-gcc RANLIB=$ARCH-ranlib -j`nproc`&& make install -j`nproc`

# libevent
cd /tmp
git clone https://github.com/libevent/libevent libevent-sources
cd libevent-sources
./autogen.sh
./configure --host=$ARCH --prefix=/tmp/libevent --enable-shared=no --enable-static=yes --disable-samples --disable-debug-mode --disable-malloc-replacement CPPFLAGS='-I/tmp/openssl/include' LDFLAGS='-L/tmp/openssl/lib' LIBS='-lssl -lcrypto -ldl'
make && make install

# tls-proxy
cd /tmp
git clone https://github.com/zfl9/tls-proxy
cd tls-proxy
$ARCH-gcc -I/tmp/uthash/include -I/tmp/base64/include -I/tmp/libevent/include -std=c11 -Wall -Wextra -Wno-format-overflow -O3 -s -pie -fPIE -pthread -o tls-server tls-server.c /tmp/base64/lib/libbase64.o /tmp/libevent/lib/libevent.a
$ARCH-gcc -I/tmp/uthash/include -I/tmp/base64/include -I/tmp/libevent/include -I/tmp/openssl/include -std=c11 -Wall -Wextra -Wno-format-overflow -O3 -s -pie -fPIE -pthread -o tls-client tls-client.c /tmp/base64/lib/libbase64.o /tmp/libevent/lib/libevent.a /tmp/libevent/lib/libevent_openssl.a /tmp/openssl/lib/libssl.a /tmp/openssl/lib/libcrypto.a -ldl

使用方法

如果你会使用 v2ray 的 websocket + tls + web 模式，那么 tls-proxy 对你来说很容易上手，因为使用方法基本一致。

前提条件

一个域名
一个 SSL 证书
一个 Web 服务器

SSL 证书免费的有很多，如果你没有 SSL 证书，请先申请一张（不建议使用自签发的 SSL 证书，因为不会被 tls-client 所信任，除非你将自签发的根证书添加到 tls-client 主机的 CA 文件中）；为什么需要一个域名？因为 tls-client 强制校验 SSL 证书对应的域名，如果 SSL 证书上的域名与指定的域名不一致，则会断开与 Web 服务器的连接；Web 服务器需要配置 HTTPS，以下的 Web 服务器均以 Nginx 为例，其它服务器请自行斟酌。

配置 Nginx

1、修改 /etc/nginx/nginx.conf，在 http 配置段中添加如下配置（根据情况自行修改）：

http {
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;    # 禁用 SSLv2、SSLv3
ssl_dhparam /etc/nginx/ssl/dhparam.pem; # 指定 DH-param 文件
ssl_session_cache shared:SSL:50m;       # 启用 SSL 会话缓存，50 MB
ssl_session_timeout60m;                # 设置 SSL 会话缓存超时时间，60 min
ssl_session_tickets on;                 # 启用 SSL Session Ticket 会话恢复功能
resolver8.8.8.8;                       # 设置 DNS 域名解析服务器
ssl_stapling on;                        # 启用 OCSP Stapling，优化 TLS 握手
ssl_stapling_verify on;                 # 启用对 OCSP responses 响应结果的校验
ssl_prefer_server_ciphers on;           # 进行 TLS 握手时，优先选择服务器的加密套件
ssl_ciphers"ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA";
add_header Strict-Transport-Security "max-age=63072000" always;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
}

2、使用 openssl 生成 dhparam.pem 文件（/etc/nginx/ssl/dhparam.pem）

#需要执行很长时间，请不要中断它
mkdir -p /etc/nginx/ssl
cd /etc/nginx/ssl
openssl dhparam -out dhparam.pem 4096

3、配置与 tls-server 相关的 vhost，根据实际情况修改

server {
listen80 reuseport fastopen=3 default_server;
server_name www.example.com;
return301 https://www.example.com$request_uri;
}

server {
listen443 ssl reuseport fastopen=3 default_server;
server_name www.example.com;

root    /srv/http/www.example.com;
index   index.html;

ssl on;
ssl_certificate"/etc/nginx/ssl/www.example.com.crt";
ssl_certificate_key"/etc/nginx/ssl/www.example.com.key";

location ~* \.(jpg|jpeg|png|gif|ico|(css|js)(\?v=.*)?)$ {
expires60d;
    }

## tls-proxy
location/tls-proxy {
if ($http_some_header != 'some_header_value') {
return404;
        }
proxy_http_version1.1;
proxy_read_timeout3650d;
proxy_send_timeout3650d;
proxy_connect_timeout3s;
proxy_pass http://127.0.0.1:60080;
proxy_set_header Connection "Upgrade";
proxy_set_header Upgrade $http_upgrade;
    }
}

/tls-proxy 可以改为你喜欢的任意 URI；tls-server 默认监听地址为 127.0.0.1:60080/tcp；说明一下 $http_some_header 语句的作用：即使别人知道你的 URI，如果它没有设置正确的 HTTP 头部（在这里就是 Some-Header咯，去掉开头的 http_，下划线换成连字符，大小写不敏感），并且对应的头部的值不是 some_header_value（这就相当于你的密码了，请任意发挥），那么还是白搭，Nginx 会返回 404 Not Found 给它（这种情况也适合于 GFW 的主动探测）。

在上面的配置中，我们的自定义头部（为叙述方便，以下将自定义头部称为认证头部、密码头部）只有一个 value（可以理解为只有一个密码），实际上我们可以为密码头部设置多个密码（即多个 value），假设我们的密码头部仍然为 Some-Header，现在我们需要为 tls-proxy 设置两个访问密码，一个是 some_header_value_a、一个是 some_header_value_b，则将上面的 location /tls-proxy 配置块改为：

location/tls-proxy {
set$verified0;
if ($http_some_header = 'some_header_value_a') {
set$verified1;
    }
if ($http_some_header = 'some_header_value_b') {
set$verified1;
    }
if ($verified != 1) {
return404;
    }
proxy_http_version1.1;
proxy_read_timeout3650d;
proxy_send_timeout3650d;
proxy_connect_timeout3s;
proxy_pass http://127.0.0.1:60080;
proxy_set_header Connection "Upgrade";
proxy_set_header Upgrade $http_upgrade;
}

依此类推，如果想要设置三个访问密码，再添加一个类似的 if ($http_some_header = 'some_header_value_c') 语句即可。

4、使用 nginx -t 检查配置文件是否有语法错误，然后 systemctl reload nginx.service 使其生效。

配置 tls-server

将 tls-proxy 目录下的 tls-server.service systemd 服务文件拷贝到 /etc/systemd/system/ 目录下，然后执行 systemctl daemon-reload 使其生效。tls-server 默认只启用一个工作线程（-j 参数），而在 tls-server.service服务文件中，默认设置的是 -j2，也就是两个工作线程，一般推荐使用 1 ~ 4 个工作线程，再多也没啥用，浪费资源。如果需要修改线程数，请编辑 /etc/systemd/system/tls-server.service 服务文件，将 -j2 改为 -jN（N 为你想设置的线程数），注意，修改 service 文件之后需要执行 systemctl daemon-reload 生效。最后，执行 systemctl start tls-server.service 来启动 tls-server。

配置 tls-client

将 tls-proxy 目录下的 tls-client.service systemd 服务文件拷贝到 /etc/systemd/system/ 目录下，然后使用文本编辑器打开 /etc/systemd/system/tls-client.service 文件，主要需要修改 tls-client 的命令行参数，目前 tls-client 的命令行参数有：

$ tls-client -h
usage: tls-client <OPTIONS>. OPTIONS have these:
 -s <server_host>        server host. can't use IP address
 -p         server port. the default port is 443
 -c         CA file location. eg: /etc/ssl/cert.pem
 -P         websocket request line uri. eg: /tls-proxy
 -H      websocket request headers. allow multi line
 -b      tcp & udp listen address. default: 127.0.0.1
 -t      tcp port (iptables xt_tproxy). default: 60080
 -u      udp port (iptables xt_tproxy). default: 60080
 -j      number of worker thread (for tcp). default: 1
 -T                      disable tcp transparent proxy
 -U                      disable udp transparent proxy
 -v                      show version and exit
 -h                      show help and exit

其中必须要指定的参数有：-s 指定服务器的域名、-c 指定本机 CA 文件路径、-P 指定请求的 URI。因为我们在 Nginx 中配置了自定义头部 Some-Header: some_header_value\r\n，所以还需要指定一个 -H 参数，注意，此参数指定的 HTTP 头部必须以 \r\n 结尾，且必须放在 $'' 里面（否则不会进行转义），即 -H $'Some-Header: some_header_value\r\n'，-H 参数中允许设置多个自定义头部（HTTP 协议使用 \r\n 作为行结束符）。如果头部设置不正确，则 tls-client 会因为收到 404 Not Found 响应而提示 bad response。tls-client 和 tls-server 一样，默认都是启用一个工作线程，所以如果你需要启用多个线程，请指定 -j 参数（不要奇怪 tls-client 的 UDP 监听线程为什么只有一个，因为我需要在内部保持 UDP 的状态，所以必须只能有一个 UDP 套接字，也就是说，tls-client 的 -j 参数只针对 TCP 代理套接字）。

关于 tls-client 的 -c 参数：前面说了，tls-client 会对 SSL 证书进行校验，确认 SSL 证书是否可信，所以 tls-client 需要知道本机的 CA 文件路径（每个发行版的 CA file 文件路径都不太相同，ArchLinux 中是 /etc/ssl/cert.pem）。为什么不取消证书验证这个步骤？原因不用我说吧，一切都是为了安全啊。如果你不知道当前系统的 CA 文件路径，请在 Bash 中执行 curl -v https://www.baidu.com |& awk '/CAfile:/ {print $3}' 命令，输出的字符串即为本机的 CA 文件路径（别跟我说 curl command not found，要么装 curl，要么自己找 CA file 去）。

最后，执行 systemctl daemon-reload 重载服务文件，然后执行 systemctl start tls-client.service 启动 tls-client。

配置 iptables 规则

tls-client 默认监听地址：127.0.0.1:60080/tcp、127.0.0.1:60080/udp；TCP 和 UDP 的透明代理都必须使用 iptables-TPROXY 方式（注意不是 iptables-REDIRECT）；这里给个简单的 bash 脚本，示例如何使用 iptables-TPROXY 来透明代理本机以及内网的 TCP 和 UDP 流量（没错，tls-client 一般用在 Linux 网关上，提供全局透明代理，当然也可以在普通 Linux 主机上使用，代理本机的 TCP 和 UDP）。注意，此脚本只是作为一个例子，实际上我们还需要配置分流规则（如 gfwlist、chnroute），如果你需要分流的话，请使用 ss-tproxy 代理脚本。

#!/bin/bash

server='www.example.com'#服务器的域名
intranet_nic='lan0'#本机内网网卡
extranet_nic='wan0'#本机外网网卡

functionstart {
    systemctl start tls-client.service

    iptables -t mangle -N SETMARK
    iptables -t mangle -A SETMARK -d 0/8        -j RETURN
    iptables -t mangle -A SETMARK -d 10/8       -j RETURN
    iptables -t mangle -A SETMARK -d 127/8      -j RETURN
    iptables -t mangle -A SETMARK -d 169.254/16 -j RETURN
    iptables -t mangle -A SETMARK -d 172.16/12  -j RETURN
    iptables -t mangle -A SETMARK -d 192.168/16 -j RETURN
    iptables -t mangle -A SETMARK -d 224/4      -j RETURN
    iptables -t mangle -A SETMARK -d 240/4      -j RETURN
    iptables -t mangle -A SETMARK -d $server    -j RETURN
    iptables -t mangle -A SETMARK -j MARK --set-mark 0x2333

    iptables -t mangle -A OUTPUT -o $extranet_nic -p tcp -j SETMARK
    iptables -t mangle -A OUTPUT -o $extranet_nic -p udp -j SETMARK

    iptables -t mangle -A PREROUTING -i $intranet_nic -p tcp -j SETMARK
    iptables -t mangle -A PREROUTING -i $intranet_nic -p udp -j SETMARK

    iptables -t mangle -A PREROUTING -m mark --mark 0x2333 -p tcp -j TPROXY --on-ip 127.0.0.1 --on-port 60080
    iptables -t mangle -A PREROUTING -m mark --mark 0x2333 -p udp -j TPROXY --on-ip 127.0.0.1 --on-port 60080

    ip route add local 0/0 dev lo table 100
    ip rule add fwmark 0x2333 table 100
}

functionstop {
    ip rule del table 100 &>/dev/null
    ip route flush table 100 &>/dev/null

    iptables -t mangle -F
    iptables -t mangle -X

    systemctl stop tls-client.service
}

case$1in
    start) start;;
    stop)  stop;;
*) echo"usage: $(basename $0) start|stop";exit 1;;
esac