mirror of
https://github.com/apernet/OpenGFW.git
synced 2024-12-23 01:19:21 +08:00
docs: trivial updates
This commit is contained in:
parent
99403d3150
commit
7441d24aea
14
README.md
14
README.md
@ -3,7 +3,6 @@
|
|||||||
[![License][1]][2]
|
[![License][1]][2]
|
||||||
|
|
||||||
[1]: https://img.shields.io/badge/License-MPL_2.0-brightgreen.svg
|
[1]: https://img.shields.io/badge/License-MPL_2.0-brightgreen.svg
|
||||||
|
|
||||||
[2]: LICENSE
|
[2]: LICENSE
|
||||||
|
|
||||||
**[中文文档](README.zh.md)**
|
**[中文文档](README.zh.md)**
|
||||||
@ -20,11 +19,12 @@ Linux that's in many ways more powerful than the real thing. It's cyber sovereig
|
|||||||
## Features
|
## Features
|
||||||
|
|
||||||
- Full IP/TCP reassembly, various protocol analyzers
|
- Full IP/TCP reassembly, various protocol analyzers
|
||||||
- HTTP, TLS, DNS, SSH, and many more to come
|
- HTTP, TLS, DNS, SSH, and many more to come
|
||||||
- "Fully encrypted traffic" detection for Shadowsocks,
|
- "Fully encrypted traffic" detection for Shadowsocks,
|
||||||
etc. (https://gfw.report/publications/usenixsecurity23/data/paper/paper.pdf)
|
etc. (https://gfw.report/publications/usenixsecurity23/data/paper/paper.pdf)
|
||||||
- Trojan (proxy protocol) detection based on Trojan-killer (https://github.com/XTLS/Trojan-killer)
|
- Trojan (proxy protocol) detection based on Trojan-killer (https://github.com/XTLS/Trojan-killer)
|
||||||
- [WIP] Machine learning based traffic classification
|
- [WIP] Machine learning based traffic classification
|
||||||
|
- Full IPv4 and IPv6 support
|
||||||
- Flow-based multicore load balancing
|
- Flow-based multicore load balancing
|
||||||
- Connection offloading
|
- Connection offloading
|
||||||
- Powerful rule engine based on [expr](https://github.com/expr-lang/expr)
|
- Powerful rule engine based on [expr](https://github.com/expr-lang/expr)
|
||||||
@ -112,4 +112,4 @@ to [Expr Language Definition](https://expr-lang.org/docs/language-definition).
|
|||||||
- `drop`: For UDP, drop the packet that triggered the rule, continue processing future packets in the same flow. For
|
- `drop`: For UDP, drop the packet that triggered the rule, continue processing future packets in the same flow. For
|
||||||
TCP, same as `block`.
|
TCP, same as `block`.
|
||||||
- `modify`: For UDP, modify the packet that triggered the rule using the given modifier, continue processing future
|
- `modify`: For UDP, modify the packet that triggered the rule using the given modifier, continue processing future
|
||||||
packets in the same flow. For TCP, same as `allow`.
|
packets in the same flow. For TCP, same as `allow`.
|
||||||
|
12
README.zh.md
12
README.zh.md
@ -3,7 +3,6 @@
|
|||||||
[![License][1]][2]
|
[![License][1]][2]
|
||||||
|
|
||||||
[1]: https://img.shields.io/badge/License-MPL_2.0-brightgreen.svg
|
[1]: https://img.shields.io/badge/License-MPL_2.0-brightgreen.svg
|
||||||
|
|
||||||
[2]: LICENSE
|
[2]: LICENSE
|
||||||
|
|
||||||
OpenGFW 是一个 Linux 上灵活、易用、开源的 [GFW](https://zh.wikipedia.org/wiki/%E9%98%B2%E7%81%AB%E9%95%BF%E5%9F%8E)
|
OpenGFW 是一个 Linux 上灵活、易用、开源的 [GFW](https://zh.wikipedia.org/wiki/%E9%98%B2%E7%81%AB%E9%95%BF%E5%9F%8E)
|
||||||
@ -18,10 +17,11 @@ OpenGFW 是一个 Linux 上灵活、易用、开源的 [GFW](https://zh.wikipedi
|
|||||||
## 功能
|
## 功能
|
||||||
|
|
||||||
- 完整的 IP/TCP 重组,各种协议解析器
|
- 完整的 IP/TCP 重组,各种协议解析器
|
||||||
- HTTP, TLS, DNS, SSH, 更多协议正在开发中
|
- HTTP, TLS, DNS, SSH, 更多协议正在开发中
|
||||||
- Shadowsocks 等 "全加密流量" 检测 (https://gfw.report/publications/usenixsecurity23/data/paper/paper.pdf)
|
- Shadowsocks 等 "全加密流量" 检测 (https://gfw.report/publications/usenixsecurity23/data/paper/paper.pdf)
|
||||||
- 基于 Trojan-killer 的 Trojan 检测 (https://github.com/XTLS/Trojan-killer)
|
- 基于 Trojan-killer 的 Trojan 检测 (https://github.com/XTLS/Trojan-killer)
|
||||||
- [开发中] 基于机器学习的流量分类
|
- [开发中] 基于机器学习的流量分类
|
||||||
|
- 同等支持 IPv4 和 IPv6
|
||||||
- 基于流的多核负载均衡
|
- 基于流的多核负载均衡
|
||||||
- 连接 offloading
|
- 连接 offloading
|
||||||
- 基于 [expr](https://github.com/expr-lang/expr) 的强大规则引擎
|
- 基于 [expr](https://github.com/expr-lang/expr) 的强大规则引擎
|
||||||
@ -105,4 +105,4 @@ workers:
|
|||||||
- `allow`: 放行连接,不再处理后续的包。
|
- `allow`: 放行连接,不再处理后续的包。
|
||||||
- `block`: 阻断连接,不再处理后续的包。如果是 TCP 连接,会发送 RST 包。
|
- `block`: 阻断连接,不再处理后续的包。如果是 TCP 连接,会发送 RST 包。
|
||||||
- `drop`: 对于 UDP,丢弃触发规则的包,但继续处理同一流中的后续包。对于 TCP,效果同 `block`。
|
- `drop`: 对于 UDP,丢弃触发规则的包,但继续处理同一流中的后续包。对于 TCP,效果同 `block`。
|
||||||
- `modify`: 对于 UDP,用指定的修改器修改触发规则的包,然后继续处理同一流中的后续包。对于 TCP,效果同 `allow`。
|
- `modify`: 对于 UDP,用指定的修改器修改触发规则的包,然后继续处理同一流中的后续包。对于 TCP,效果同 `allow`。
|
||||||
|
Loading…
Reference in New Issue
Block a user