-
Notifications
You must be signed in to change notification settings - Fork 69
/
nfqws.conf
41 lines (29 loc) · 1.58 KB
/
nfqws.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
# Provider network interface, e.g. eth3
# You can specify multiple interfaces separated by space, e.g. ISP_INTERFACE="eth3 nwg1"
ISP_INTERFACE="eth3"
# All arguments here: https://github.com/bol-van/zapret (search for `nfqws` on the page)
# HTTP(S) strategy
NFQWS_ARGS="--dpi-desync=fake,multisplit --dpi-desync-split-pos=1,midsld --dpi-desync-ttl=0 --dpi-desync-repeats=16 --dpi-desync-fooling=badseq,md5sig --dpi-desync-fake-tls=/opt/etc/nfqws/tls_clienthello.bin"
# QUIC strategy
NFQWS_ARGS_QUIC="--filter-udp=443 --dpi-desync=fake --dpi-desync-repeats=11 --dpi-desync-fake-quic=/opt/etc/nfqws/quic_initial.bin"
# UDP strategy (doesn't use lists from NFQWS_EXTRA_ARGS)
NFQWS_ARGS_UDP="--filter-udp=50000-50099 --dpi-desync=fake --dpi-desync-any-protocol --dpi-desync-repeats=6 --dpi-desync-cutoff=n2"
# auto - automatically detects blocked resources and adds them to the auto.list
NFQWS_EXTRA_ARGS="--hostlist=/opt/etc/nfqws/user.list --hostlist-auto=/opt/etc/nfqws/auto.list --hostlist-auto-debug=/opt/var/log/nfqws.log --hostlist-exclude=/opt/etc/nfqws/exclude.list"
# list - applies rules only to domains in the user.list
#NFQWS_EXTRA_ARGS="--hostlist=/opt/etc/nfqws/user.list"
# all - applies rules to all traffic except domains from exclude.list
#NFQWS_EXTRA_ARGS="--hostlist-exclude=/opt/etc/nfqws/exclude.list"
# IPv6 support
IPV6_ENABLED=1
# TCP ports for iptables rules
TCP_PORTS=443
# UDP ports for iptables rules
UDP_PORTS=443,50000:50099
# Keenetic policy name
POLICY_NAME="nfqws"
# Syslog logging level (0 - silent, 1 - debug)
LOG_LEVEL=0
NFQUEUE_NUM=200
USER=nobody
CONFIG_VERSION=5