docs: add SOCKS5

This commit is contained in:
Toby 2024-01-26 14:03:22 -08:00
parent fe2ff6aa69
commit 90542be7f2
2 changed files with 10 additions and 2 deletions

View File

@ -20,7 +20,7 @@ Linux that's in many ways more powerful than the real thing. It's cyber sovereig
## Features
- Full IP/TCP reassembly, various protocol analyzers
- HTTP, TLS, DNS, SSH, and many more to come
- HTTP, TLS, DNS, SSH, SOCKS5, and many more to come
- "Fully encrypted traffic" detection for Shadowsocks,
etc. (https://gfw.report/publications/usenixsecurity23/data/paper/paper.pdf)
- Trojan (proxy protocol) detection based on Trojan-killer (https://github.com/XTLS/Trojan-killer)
@ -103,6 +103,10 @@ to [Expr Language Definition](https://expr-lang.org/docs/language-definition).
a: "0.0.0.0"
aaaa: "::"
expr: dns != nil && dns.qr && any(dns.questions, {.name endsWith "v2ex.com"})
- name: block google.com:80 via SOCKS5
action: block
expr: string(socks5?.req?.addr) endsWith "google.com" && socks5?.req?.port == 80
```
#### Supported actions

View File

@ -18,7 +18,7 @@ OpenGFW 是一个 Linux 上灵活、易用、开源的 [GFW](https://zh.wikipedi
## 功能
- 完整的 IP/TCP 重组,各种协议解析器
- HTTP, TLS, DNS, SSH, 更多协议正在开发中
- HTTP, TLS, DNS, SSH, SOCKS5, 更多协议正在开发中
- Shadowsocks 等 "全加密流量" 检测 (https://gfw.report/publications/usenixsecurity23/data/paper/paper.pdf)
- 基于 Trojan-killer 的 Trojan 检测 (https://github.com/XTLS/Trojan-killer)
- [开发中] 基于机器学习的流量分类
@ -99,6 +99,10 @@ workers:
a: "0.0.0.0"
aaaa: "::"
expr: dns != nil && dns.qr && any(dns.questions, {.name endsWith "v2ex.com"})
- name: block google.com:80 via SOCKS5
action: block
expr: string(socks5?.req?.addr) endsWith "google.com" && socks5?.req?.port == 80
```
#### 支持的 action