What does HackerNews think of GreenTunnel?
GreenTunnel is an anti-censorship utility designed to bypass the DPI system that is put in place by various ISPs to block access to certain websites.
On Windows:
- GoodbyeDPI: https://github.com/ValdikSS/GoodbyeDPI (https://ntc.party/c/community-software/goodbyedpi/8)
On Mac / Linux:
- GreenTunnel: https://github.com/SadeghHayeri/GreenTunnel (https://www.npmjs.com/package/green-tunnel)
On Android:
- Intra: https://github.com/jigsaw-code/intra (https://play.google.com/store/apps/details?id=app.intra)
- (I co-maintain this) Rethink DNS + Firewall: https://github.com/celzero/rethink-app (https://play.google.com/store/apps/details?id=com.celzero.br...)
Apps that manipulate TCP packets locally to break fingerprinting [0] like GoodbyeDPI (Windows) [1], GreenTunnel (cross platform CLI) [2], Intra (Android) [3] have been adequate.
[0] https://nitter.net/vinifortuna/status/1304189371688660992 (https://twitter.com/vinifortuna/status/1304189371688660992)
[1] https://github.com/ValdikSS/GoodbyeDPI
They monitor all DNS requests(no matter who provides the DNS server). So the solution is DNS over HTTPS.
The SNI method is a bit tricky. ESNI does prevent the blocking, but currently it’s rarely implemented by websites. One other solution is TCP fragmentation. Split the packet containing SNI into two. This prevents them from catching the whole URL mentioned in the SNI. Thus, they are unable to block it.
One such tool: https://github.com/SadeghHayeri/GreenTunnel