GitHub

Project Description: GoodbyeDPI

What is the project about?

GoodbyeDPI is a command-line utility designed to circumvent Deep Packet Inspection (DPI) systems used by Internet Service Providers (ISPs) to block access to specific websites.

What problem does it solve?

It helps users bypass internet censorship implemented by ISPs that use DPI technology to restrict access to certain online content. It works against both passive DPI (which only monitors traffic) and active DPI (which actively modifies traffic).

What are the features of the project?

  • Passive DPI circumvention: Blocks DPI-generated redirect or TCP reset packets.
  • Active DPI circumvention: Employs various techniques, including:
    • TCP fragmentation.
    • HTTP header manipulation (e.g., modifying the Host header).
    • Adding extra spaces in HTTP requests.
    • Sending fake HTTP/HTTPS packets with modified TTL, checksum, or sequence numbers.
  • DNS redirection: Optionally redirects DNS requests to a specified DNS server (and port) to prevent DNS poisoning. Supports IPv6 DNS as well.
  • Blacklist support: Can apply circumvention techniques only to specific websites listed in a text file.
  • Configurable: Offers numerous command-line options to fine-tune the circumvention methods.
  • Service Installation: Can be installed as a Windows service for persistent operation.
  • QUIC/HTTP3 blocking: Can block QUIC/HTTP3 to force fallback to TCP.
  • Fake Request Mode: Sends fake packets with various options like custom TTL, incorrect checksum, or incorrect sequence numbers.
  • Native Fragmentation: Fragments packets without shrinking the Window Size.
  • Reverse Fragmentation: Fragments packets and sends them in reversed order.
  • Fake Packet Generation: Generates fake packets from HEX values, SNI domain names, or random data.
  • Max Payload Limit: Skips processing of packets with large payloads to reduce CPU usage.
  • Legacy and Modern Modesets: Provides predefined modesets for easy configuration.

What are the technologies used in the project?

  • C (programming language): The core application is written in C.
  • WinDivert: A user-mode packet capture and (re)injection driver for Windows. This is the key component that allows GoodbyeDPI to intercept and modify network traffic.
  • Windows Filtering Platform (WFP): WinDivert utilizes WFP to set filters and redirect packets.
  • GNU Make and mingw: Used for building the project from source.

What are the benefits of the project?

  • Bypasses censorship: Allows users to access websites blocked by their ISP.
  • Preserves privacy: Makes it more difficult for ISPs to track online activity by interfering with DPI's ability to classify traffic.
  • Configurable and adaptable: Users can adjust the settings to work with different DPI systems and network conditions.
  • Open-source: The code is publicly available, allowing for community review and contributions.

What are the use cases of the project?

  • Accessing blocked websites: The primary use case is to unblock websites that are restricted by an ISP.
  • Circumventing content filtering: Can be used to bypass any form of content filtering based on DPI.
  • Improving online privacy: Reduces the effectiveness of DPI-based surveillance.
  • Testing network security: Can be used to test the effectiveness of DPI systems.
GoodbyeDPI screenshot