What is Active DPI?
Active DPI is a technology that monitors and analyzes network traffic and actively intervenes in it. It is used in many areas such as network security, content filtering, censorship applications and network management. Active DPI can redirect traffic, stop it or enforce certain security policies, which is the main difference that distinguishes it from passive DPI.
What is Passive DPI?
Passive DPI (Deep Packet Inspection) is a type of DPI that analyzes data packets on the network but does not alter the flow or content of those packets. Passive DPI is used to monitor, analyze and gather information about network traffic, but does not intercept or redirect data packets. This type of DPI is typically used for network monitoring, traffic analysis, security audits and network performance monitoring.
Bypassing Censorship Using Zapret
Censorship has become a major challenge today, affecting internet freedom worldwide. I decided to write this article after the recent censorship events in Turkey, and for those who don't trust VPN companies, I'm going to tell you about another alternative. Various tools and techniques have been developed to counteract restrictions and allow users to access blocked content. One of these tools is Zapret, a standalone DPI bypass tool designed primarily for a Russian audience to combat censorship imposed by Roskomnadzor. However, its utility extends beyond Russia, providing a solution to circumvent HTTP(S) website blocking and resist signature TCP/UDP protocol discovery globally.
Before I continue, I would like to point out that this guide provides a technical overview of how to use Zapret to effectively circumvent censorship. I would like to address those who impose censorship here: censorship is not a barrier, but it is to your detriment. When a crime occurs on the platforms you restrict and you request data, the platform's response will be:• We do not provide services in your country, so we do not give you this data
How to use Zapret?
First, I created a clone of the repository from GitHub:
git clone https://github.com/bol-van/zapret.gitThen navigate to the cloned directory and run the following command to install the required binaries:
./install_bin.shOnce you have successfully installed the binaries, the next step is to determine the most effective parameters to circumvent DPI (Deep Packet Inspection). To do this, run the blockcheck.sh script as root. This script analyzes your network environment and determines the best parameters to circumvent DPI:
sudo ./blockcheck.shIt will ask you to enter the URL of a blocked website. After entering the URL, the script will output a summary with the recommended parameters for circumventing DPI.
Then run install_easy.sh and follow the on-screen instructions, setting the parameters as suggested by blockcheck.sh:
sudo ./install_easy.shEdit the configuration file to include the recommended parameters:
NFQWS_OPT_DESYNC=” — dpi-desync=fake — dpi-desync-ttl=0-dpi-desync-ttl6=0-dpi-desync-fooling=badsum”
NFQWS_OPT_DESYNC_HTTP=””
NFQWS_OPT_DESYNC_HTTPS=””
NFQWS_OPT_DESYNC_HTTP6=””
NFQWS_OPT_DESYNC_HTTPS6=””
NFQWS_OPT_DESYNC_QUIC=” — dpi-desync=fake-dpi-desync-repeats=6"
NFQWS_OPT_DESYNC_QUIC6=”” Empty the NFQWS_OPT_DESYNC= file and put the recommended parameters from blockcheck.sh, in this case:
NFQWS_OPT_DESYNC=" - dpi-desync=fake - dpi-desync-ttl=4"For NFQWS_OPT_DESYNC_QUIC, use it if any parameter is suggested by blockcheck.sh. In our case it works without the need for bypass.
You may need to change some settings when running the script, such as the keepalive setting. The script will guide you through the process. Try and test different settings to find the most effective configuration for your network environment.
The install_easy.sh script will do the rest of the work for you, including setting iptables rules and starting the zapret service.
Thank you for reading my article, I wish you many unimpeded days :)
→ ←