After two years of idle development, a new version of GoodbyeDPI has been released, a program for Windows OS to bypass blocking of Internet resources carried out using Deep Packet Inspection systems on the side of Internet providers. The program allows you to access websites and services blocked at the state level, without using VPN, proxies and other methods of tunneling traffic, only through non-standard manipulation of packets at the network, transport and session levels of the OSI model. The code is written in C and distributed under the Apache 2.0 license.
A significant innovation in the new version is the Auto TTL feature, which automatically calculates the Time to live field value for a forged HTTP or TLS ClientHello request so that it is recognized by the DPI system but not received by the destination host. Also added to the program is a method for fragmenting (segmenting) requests without reducing the TCP Window Size value of the incoming packet, which previously caused problems with access to some resources whose software stack expected a complete TLS ClientHello request from the client in one packet. Bypass methods have shown their effectiveness in Russia, Indonesia, South Korea, Turkey, Iran and other countries with Internet blocking.
Addition: The other day we also published the release of PowerTunnel 2.0, a cross-platform implementation of GoodbyeDPI written in Java and supporting work on Linux and Android. In the new version, PowerTunnel is completely rewritten and transformed into a full-fledged proxy server, expandable through plugins. The functionality related to bypassing blocking is included in the LibertyTunnel plugin. The code has been translated from the MIT license to GPLv3.
The zapret utility is also regularly updated, offering DPI bypass tools for Linux and BSD systems. Update 42, released in early December, added the blockcheck.sh script to diagnose the causes of access problems and automatically select a strategy to bypass the block.
Source: opennet.ru