From 858928a17f48c271fa8080710bb24c3bddc4736a Mon Sep 17 00:00:00 2001 From: wangyu- Date: Sat, 5 Aug 2017 23:10:26 -0700 Subject: [PATCH 1/3] Update README.md --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 10153d9..f6cffad 100755 --- a/README.md +++ b/README.md @@ -9,11 +9,11 @@ encrypt your traffic with aes128cbc,protects data integrity by md5 or crc32,prot ### Simulated TCP Handshake simulated 3-way handshake,simluated seq ack_seq. Simluated tcp options:MSS,sackOk,TS,TS_ack,wscale. Provides real-time delivery ,no tcp over tcp problem when using openvpn. ### Connnection Recover -After connection timeouts,the client will re-connect.if re-connection is successful,the previous connection will be recovered,and all old udp conversations will stay vaild. +After connection timeouts,the client will re-connect.if re-connection is successful,the previous connection will be recovered,and all existed udp conversations will stay vaild. ### Other Features Multiplexing ,one client supports multi udp connections,all of those traffic will share one raw connection -Multiple Client Support,one server supports multiple client. +Multiple Clients Support,one server supports multiple clients. NAT Supported,all 3 modes work in NAT environment @@ -76,7 +76,7 @@ other options: -h,--help print this help message ``` ### iptables rule -this programs sends packet via raw socket.In faketcp mode,Linux Kernel TCP packet processing has to be blocked by a iptables rule on both side,otherwise Kernel will automatically send RST for unrecongized TCP packet and you will sustain from stability/peformance problem.You can use -a option to let the program automatically add/del iptables rules on start/exit.You can also use the -g option to generate iptables rule and add it manually. +this programs sends packet via raw socket.In faketcp mode,Linux Kernel TCP packet processing has to be blocked by a iptables rule on both sides,otherwise Kernel will automatically send RST for unrecongized TCP packet and you will sustain from stability/peformance problem.You can use -a option to let the program automatically add/del iptables rule on start/exit.You can also use the -g option to generate iptables rule and add it manually. ### cipher-mode and auth-mode Its suggested to use aes128cbc + md5 to obtain maxmized security.If you want to run the program on a router,you can try xor+simple,it can fool Packet Inspection by firewalls most time, but it cant protect you from serious attackers. Mode none is only for debug,its not suggest to set cipher-mode or auth-mode to none. ### seq-mode From 9884544e344164563976be5374c3d592f5d39d01 Mon Sep 17 00:00:00 2001 From: wangyu- Date: Sat, 5 Aug 2017 23:11:36 -0700 Subject: [PATCH 2/3] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index f6cffad..35575c3 100755 --- a/README.md +++ b/README.md @@ -95,14 +95,14 @@ vultr $2.5/monthly plan(single core 2.4ghz cpu,512m ram), #### server host bandwagonhost $3.99/annually(single core 2.0ghz cpu,128m ram) ### Test1 -cipher_mode: xor  auth_mode: simple +raw_mode: faketcp cipher_mode: xor  auth_mode: simple ![image4](images/image4.PNG) (reverse speed is simliar and not uploaded) ### Test2 -cipher_mode: aes128cbc  auth_mode: md5 +raw_mode: faketcp cipher_mode: aes128cbc  auth_mode: md5 ![image5](images/image5.PNG) From 9593528dd41c61f6ed5d9d8a171fbdae97112d3d Mon Sep 17 00:00:00 2001 From: wangyu- Date: Sat, 5 Aug 2017 23:21:09 -0700 Subject: [PATCH 3/3] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 35575c3..6766c42 100755 --- a/README.md +++ b/README.md @@ -91,9 +91,9 @@ iperf3 -c 10.222.2.1 -P40 iperf3 -c 10.222.2.1 -P40 -R ``` #### client host -vultr $2.5/monthly plan(single core 2.4ghz cpu,512m ram), +vultr $2.5/monthly plan(single core 2.4ghz cpu,512m ram,location:Tokyo,Japan), #### server host -bandwagonhost $3.99/annually(single core 2.0ghz cpu,128m ram) +bandwagonhost $3.99/annually(single core 2.0ghz cpu,128m ram,location:Los Angeles,USA) ### Test1 raw_mode: faketcp cipher_mode: xor  auth_mode: simple