OpenGFW is a flexible, easy-to-use, open source implementation of GFW on Linux OpenGFW 是 GFW 在 Linux 上的灵活、易于使用的开源实现
Go to file
2024-06-13 00:06:57 +01:00
.github/workflows Revert "ci: install pcap for build 2" 2024-05-08 19:26:19 +08:00
analyzer feat: tor analyzer (phase 1) 2024-06-13 00:06:57 +01:00
cmd feat: tor analyzer (phase 1) 2024-06-13 00:06:57 +01:00
docs docs: move to website 2024-03-29 13:06:29 -07:00
engine Reapply "Merge pull request #132 from eddc005/feat-pcap" 2024-05-08 19:13:49 +08:00
io feat(pcap): impl realtime wait() with time offset 2024-05-08 19:45:10 +08:00
modifier first 2024-01-19 16:45:01 -08:00
ruleset feat: tor analyzer (phase 1) 2024-06-13 00:06:57 +01:00
.gitignore docs: move to website 2024-03-29 13:06:29 -07:00
go.mod feat: dns lookup function 2024-04-03 20:02:57 -07:00
go.sum feat: dns lookup function 2024-04-03 20:02:57 -07:00
LICENSE first 2024-01-19 16:45:01 -08:00
main.go first 2024-01-19 16:45:01 -08:00
README.ja.md docs: update readme feature list 2024-04-01 21:49:06 -07:00
README.md docs: update readme feature list 2024-04-01 21:49:06 -07:00
README.zh.md docs: update readme feature list 2024-04-01 21:49:06 -07:00

OpenGFW

Quality check status License

中文文档 日本語ドキュメント

OpenGFW is your very own DIY Great Firewall of China (https://en.wikipedia.org/wiki/Great_Firewall), available as a flexible, easy-to-use open source program on Linux. Why let the powers that be have all the fun? It's time to give power to the people and democratize censorship. Bring the thrill of cyber-sovereignty right into your home router and start filtering like a pro - you too can play Big Brother.

Documentation site: https://gfw.dev/

Telegram group: https://t.me/OpGFW

Caution

This project is still in very early stages of development. Use at your own risk. We are looking for contributors to help us improve and expand the project.

Features

  • Full IP/TCP reassembly, various protocol analyzers
    • HTTP, TLS, QUIC, DNS, SSH, SOCKS4/5, WireGuard, OpenVPN, and many more to come
    • "Fully encrypted traffic" detection for Shadowsocks, VMess, etc. (https://gfw.report/publications/usenixsecurity23/en/)
    • Trojan (proxy protocol) detection
    • [WIP] Machine learning based traffic classification
  • Full IPv4 and IPv6 support
  • Flow-based multicore load balancing
  • Connection offloading
  • Powerful rule engine based on expr
  • Hot-reloadable rules (send SIGHUP to reload)
  • Flexible analyzer & modifier framework
  • Extensible IO implementation (only NFQueue for now)
  • [WIP] Web UI

Use cases

  • Ad blocking
  • Parental control
  • Malware protection
  • Abuse prevention for VPN/proxy services
  • Traffic analysis (log only mode)
  • Help you fulfill your dictatorial ambitions