Делаю по инструкции, blockcheck в конце выдал
* SUMMARY
ipv4 youtube.com curl_test_http : working without bypass
ipv4 youtube.com curl_test_https_tls12 : tpws --split-tls=sni
ipv4 youtube.com curl_test_https_tls12 : nfqws --dpi-desync=split2 --dpi-desync-split-pos=50
Please note this SUMMARY does not guarantee a magic pill for you to copy/paste and be happy.
Understanding how strategies work is very desirable.
This knowledge allows to understand better which strategies to prefer and which to avoid if possible, how to combine strategies.
Blockcheck does it's best to prioritize good strategies but it's not bullet-proof.
It was designed not as magic pill maker but as a DPI bypass test tool.
press enter to continueСделал
root@ryzen:/opt/zapret# ./install_easy.sh
* checking system
system is based on systemd
* checking executables
found architecture "x86_64"
* checking privileges
* checking readonly system
* checking location
running from /opt/zapret
* checking DNS
system DNS is working
* checking virtualization
running on bare metal
* stopping zapret service
Failed to disable unit: Unit file zapret.service does not exist.
Failed to stop zapret.service: Unit zapret.service not loaded.
select firewall type :
1 : iptables
2 : nftables
your choice (default : iptables) :
selected : iptables
* checking prerequisites
required utilities exist : curl ip6tables ipset iptables
* installing binaries
x86_64 is OK
installing binaries ...
linking : ../binaries/x86_64/ip2net => /opt/zapret/ip2net
linking : ../binaries/x86_64/mdig => /opt/zapret/mdig
linking : ../binaries/x86_64/nfqws => /opt/zapret/nfq
linking : ../binaries/x86_64/tpws => /opt/zapret/tpws
enable ipv6 support (default : N) (Y/N) ?
select MODE :
1 : tpws
2 : tpws-socks
3 : nfqws
4 : filter
5 : custom
your choice (default : tpws) : 1
selected : tpws
TPWS_OPT="--hostspell=HOST --split-http-req=method --split-pos=3 --oob"
do you want to edit the options (default : N) (Y/N) ? Y
..edited..
TPWS_OPT="--hostspell=HOST --split-http-req=method --split-pos=3 --oob --split-tls=sni"
do you want to edit the options (default : N) (Y/N) ?
select LAN interface to operate in router mode. select NONE for local outgoing traffic only.
WARNING ! This installer will not configure routing, NAT, ... for you. Its your responsibility.
LAN interface :
1 : NONE
2 : enp25s0
3 : lo
4 : virbr0
5 : virbr0-nic
your choice (default : NONE) :
selected : NONE
select WAN interface for tpws operations. select ANY to operate on any interface.
WAN interface :
1 : ANY
2 : enp25s0
3 : lo
4 : virbr0
5 : virbr0-nic
your choice (default : ANY) : 2
selected : enp25s0
enable http support (default : Y) (Y/N) ?
enable https support (default : Y) (Y/N) ?
select filtering :
1 : none
2 : ipset
3 : hostlist
4 : autohostlist
your choice (default : none) : 2
selected : ipset
do you want to auto download ip/host list (default : Y) (Y/N) ?
1 : get_user.sh
2 : get_antifilter_ip.sh
3 : get_antifilter_ipsmart.sh
4 : get_antifilter_ipsum.sh
5 : get_antifilter_ipresolve.sh
6 : get_antifilter_allyouneed.sh
7 : get_reestr_resolve.sh
8 : get_reestr_preresolved.sh
9 : get_reestr_preresolved_smart.sh
your choice (default : get_antifilter_ipsmart.sh) :
selected : get_antifilter_ipsmart.sh
* installing zapret service
Created symlink /etc/systemd/system/multi-user.target.wants/zapret.service → /opt/zapret/init.d/systemd/zapret.service.
Created symlink /etc/systemd/system/zapret.service → /opt/zapret/init.d/systemd/zapret.service.
* downloading blocked ip/host list
setting high oom kill priority
clearing all known DNS caches
DNS is working
digging 6 ipv4 domains : /opt/zapret/ipset/zapret-hosts-user-exclude.txt
mdig stats : 00:00:00 : domains=6 success=4 error=2
digging 1 ipv4 domains : /opt/zapret/ipset/zapret-hosts-user.txt
mdig stats : 00:00:00 : domains=1 success=0 error=1
digging 0 ipv4 domains : /opt/zapret/ipset/zapret-hosts-user-ipban.txt
mdig stats : 00:00:00 : domains=0 success=0 error=0
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 416k 100 416k 0 0 438k 0 --:--:-- --:--:-- --:--:-- 437k
setting high oom kill priority
reloading ipset backend (forced-update)
Adding to ipset zapret : /opt/zapret/ipset/zapret-ip.txt
Adding to ipset zapret : /opt/zapret/ipset/zapret-ip-user.txt
Adding to ipset ipban : /opt/zapret/ipset/zapret-ip-user-ipban.txt
Adding to ipset nozapret : /opt/zapret/ipset/zapret-ip-exclude.txt
* installing zapret-list-update timer
Failed to disable unit: Unit file zapret-list-update.timer does not exist.
Failed to stop zapret-list-update.timer: Unit zapret-list-update.timer not loaded.
Created symlink /etc/systemd/system/timers.target.wants/zapret-list-update.timer → /opt/zapret/init.d/systemd/zapret-list-update.timer.
Created symlink /etc/systemd/system/zapret-list-update.timer → /opt/zapret/init.d/systemd/zapret-list-update.timer.
* starting zapret service
press enter to continueПолучаю на ютубе
Ошибка. Повторите попытку позже. Идентификатор воспроизведения: ...И ЛОР тоже не грузится.
Попробовал по-другому
root@ryzen:/opt/zapret# ./install_easy.sh
* checking system
system is based on systemd
* checking executables
found architecture "x86_64"
* checking privileges
* checking readonly system
* checking location
running from /opt/zapret
* checking DNS
system DNS is working
* checking virtualization
running on bare metal
* stopping zapret service
Removed /etc/systemd/system/multi-user.target.wants/zapret.service.
Removed /etc/systemd/system/zapret.service.
select firewall type :
1 : iptables
2 : nftables
your choice (default : iptables) :
selected : iptables
* checking prerequisites
required utilities exist : curl ip6tables ipset iptables
* installing binaries
x86_64 is OK
installing binaries ...
linking : ../binaries/x86_64/ip2net => /opt/zapret/ip2net
linking : ../binaries/x86_64/mdig => /opt/zapret/mdig
linking : ../binaries/x86_64/nfqws => /opt/zapret/nfq
linking : ../binaries/x86_64/tpws => /opt/zapret/tpws
enable ipv6 support (default : N) (Y/N) ?
select MODE :
1 : tpws
2 : tpws-socks
3 : nfqws
4 : filter
5 : custom
your choice (default : tpws) : 3
selected : nfqws
NFQWS_OPT_DESYNC="--dpi-desync=fake --dpi-desync-ttl=0 --dpi-desync-ttl6=0 --dpi-desync-fooling=badsum"
NFQWS_OPT_DESYNC_HTTP=""
NFQWS_OPT_DESYNC_HTTPS=""
NFQWS_OPT_DESYNC_HTTP6=""
NFQWS_OPT_DESYNC_HTTPS6=""
NFQWS_OPT_DESYNC_QUIC="--dpi-desync=fake --dpi-desync-repeats=6"
NFQWS_OPT_DESYNC_QUIC6=""
do you want to edit the options (default : N) (Y/N) ? Y
..edited..
NFQWS_OPT_DESYNC="--dpi-desync=fake --dpi-desync-ttl=0 --dpi-desync-ttl6=0 --dpi-desync-fooling=badsum"
NFQWS_OPT_DESYNC_HTTP=""
NFQWS_OPT_DESYNC_HTTPS="--dpi-desync=split2 --dpi-desync-split-pos=50"
NFQWS_OPT_DESYNC_HTTP6=""
NFQWS_OPT_DESYNC_HTTPS6=""
NFQWS_OPT_DESYNC_QUIC="--dpi-desync=fake --dpi-desync-repeats=6"
NFQWS_OPT_DESYNC_QUIC6=""
do you want to edit the options (default : N) (Y/N) ?
select WAN interface for nfqws operations. select ANY to operate on any interface.
WAN interface :
1 : ANY
2 : enp25s0
3 : lo
4 : virbr0
5 : virbr0-nic
your choice (default : enp25s0) : 2
selected : enp25s0
enable http support (default : Y) (Y/N) ?
enable keep alive support only if DPI checks every outgoing packet for http signature
dont enable otherwise because it consumes more cpu resources
enable http keep alive support (default : N) (Y/N) ?
enable https support (default : Y) (Y/N) ?
enable quic support (default : N) (Y/N) ?
select filtering :
1 : none
2 : ipset
3 : hostlist
4 : autohostlist
your choice (default : ipset) :
selected : ipset
do you want to auto download ip/host list (default : Y) (Y/N) ?
1 : get_user.sh
2 : get_antifilter_ip.sh
3 : get_antifilter_ipsmart.sh
4 : get_antifilter_ipsum.sh
5 : get_antifilter_ipresolve.sh
6 : get_antifilter_allyouneed.sh
7 : get_reestr_resolve.sh
8 : get_reestr_preresolved.sh
9 : get_reestr_preresolved_smart.sh
your choice (default : get_antifilter_ipsmart.sh) :
selected : get_antifilter_ipsmart.sh
* installing zapret service
Created symlink /etc/systemd/system/multi-user.target.wants/zapret.service → /opt/zapret/init.d/systemd/zapret.service.
Created symlink /etc/systemd/system/zapret.service → /opt/zapret/init.d/systemd/zapret.service.
* downloading blocked ip/host list
setting high oom kill priority
clearing all known DNS caches
DNS is working
digging 6 ipv4 domains : /opt/zapret/ipset/zapret-hosts-user-exclude.txt
mdig stats : 00:00:00 : domains=6 success=4 error=2
digging 1 ipv4 domains : /opt/zapret/ipset/zapret-hosts-user.txt
mdig stats : 00:00:00 : domains=1 success=0 error=1
digging 0 ipv4 domains : /opt/zapret/ipset/zapret-hosts-user-ipban.txt
mdig stats : 00:00:00 : domains=0 success=0 error=0
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 416k 100 416k 0 0 511k 0 --:--:-- --:--:-- --:--:-- 511k
setting high oom kill priority
reloading ipset backend (forced-update)
Adding to ipset zapret : /opt/zapret/ipset/zapret-ip.txt
Adding to ipset zapret : /opt/zapret/ipset/zapret-ip-user.txt
Adding to ipset ipban : /opt/zapret/ipset/zapret-ip-user-ipban.txt
Adding to ipset nozapret : /opt/zapret/ipset/zapret-ip-exclude.txt
* installing zapret-list-update timer
Removed /etc/systemd/system/zapret-list-update.timer.
Removed /etc/systemd/system/timers.target.wants/zapret-list-update.timer.
Created symlink /etc/systemd/system/timers.target.wants/zapret-list-update.timer → /opt/zapret/init.d/systemd/zapret-list-update.timer.
Created symlink /etc/systemd/system/zapret-list-update.timer → /opt/zapret/init.d/systemd/zapret-list-update.timer.
* starting zapret service
press enter to continue
Та же самая ошибка на ютубе, но ЛОР есть.
Только тапками и помидорами не кидайтесь, а помогите по-доброму, а то я новичок.
UPD
UPD 2
