Releases: txthinking/tun2brook
Releases · txthinking/tun2brook
v20240607
v20240606
Support User System
v20240404
support fragment
v20240214
bugfix
v20240102
- 修复: 未自动 bypass bypassDNS IP
- New: auto bypass brooklinks IP from script
v20240101
tun2brook v20240101: see which application is creating TCP and UDP network connections
Release Note
- Optimization: When exiting tun2brook, automatically restore the system DNS to its original state.
- New: See which program is creating TCP and UDP network connections.
- New: It also means that it is possible to use scripts to perform network control for specific applications.
- Tip: macOS, in Brook GUI and Shiliew App mode,
appidis application bundle id
Install via nami
nami install tun2brook
FUCK Windows Defender
Usage
run tun2brook
sudo tun2brook -l 'brook:https://...' --log /tmp/a.log
Windows open terminal as admin, and remove sudo
follow log
tail -f /tmp/a.log
create TCP connection
curl --http2 https://http3.ooo -v
curl --http2 -4 https://http3.ooo -v
curl --http2 -6 https://http3.ooo -v
create UDP connection
curl --http3-only https://http3.ooo -v
curl --http3-only -4 https://http3.ooo -v
curl --http3-only -6 https://http3.ooo -v
If your curl does not support HTTP3, see here
Linux, macOS log:
{"action":"PROXY","appid":"/Users/fuck/.nami/bin/curl","brooklink":"default","content":"137.184.237.95:443","iface":"","kind":"TCP","time":"2023-12-15T16:24:31+08:00"}
{"action":"PROXY","appid":"/Users/fuck/.nami/bin/curl","brooklink":"default","content":"[2604:a880:4:1d0::4cf:b000]:443","iface":"","kind":"TCP","time":"2023-12-15T16:25:29+08:00"}
{"action":"PROXY","appid":"/Users/fuck/.nami/bin/curl","brooklink":"default","content":"137.184.237.95:443","iface":"","kind":"UDP","time":"2023-12-15T16:21:41+08:00"}
{"action":"PROXY","appid":"/Users/fuck/.nami/bin/curl","brooklink":"default","content":"[2604:a880:4:1d0::4cf:b000]:443","iface":"","kind":"UDP","time":"2023-12-15T16:22:43+08:00"}
You can see
/Users/fuck/.nami/bin/curlwho is creatingTCPandUDPconnection
Windows log:
{"action":"PROXY","appid":"C:\\Users\\cloud\\.nami\\bin\\curl.exe","brooklink":"default","content":"137.184.237.95:443","iface":"","kind":"TCP","time":"2023-12-15T16:24:31+08:00"}
{"action":"PROXY","appid":"C:\\Users\\cloud\\.nami\\bin\\curl.exe","brooklink":"default","content":"[2604:a880:4:1d0::4cf:b000]:443","iface":"","kind":"TCP","time":"2023-12-15T16:25:29+08:00"}
{"action":"PROXY","appid":"C:\\Users\\cloud\\.nami\\bin\\curl.exe","brooklink":"default","content":"137.184.237.95:443","iface":"","kind":"UDP","time":"2023-12-15T16:21:41+08:00"}
{"action":"PROXY","appid":"C:\\Users\\cloud\\.nami\\bin\\curl.exe","brooklink":"default","content":"[2604:a880:4:1d0::4cf:b000]:443","iface":"","kind":"UDP","time":"2023-12-15T16:22:43+08:00"}
You can see
C:\\Users\\cloud\\.nami\\bin\\curl.exewho is creatingTCPandUDPconnection
With FakeDNS
run tun2brook
sudo tun2brook -l 'brook:https://...' --log /tmp/a.log --fakeDNS --script ./a.tengo
Windows open terminal as admin, and remove sudo
a.tengo(click to show)
text := import("text")
dnsquery_handler := func(m){
if m.domain == "dns.google" {
return {block: true}
}
}
address_handler := func(m) {
if m.ipaddress {
if m.ipaddress == "8.8.8.8:853" || m.ipaddress == "8.8.8.8:443" || m.ipaddress == "8.8.4.4:853" || m.ipaddress == "8.8.4.4:443" || m.ipaddress == "[2001:4860:4860::8888]:853" || m.ipaddress == "[2001:4860:4860::8888]:443" || m.ipaddress == "[2001:4860:4860::8844]:853" || m.ipaddress == "[2001:4860:4860::8844]:443" {
return { block: true }
}
}
if m.domainaddress {
if text.has_prefix(m.domainaddress, "dns.google:") {
return { block: true }
}
}
}
handler := func(){
if in_dnsquery {
return dnsquery_handler(in_dnsquery)
}
if in_address {
return address_handler(in_address)
}
}
out := handler()
create TCP connection
curl --http2 https://http3.ooo -v
create UDP connection
curl --http3-only https://http3.ooo -v
Linux, macOS log:
{"action":"PROXY","appid":"/Users/fuck/.nami/bin/curl","brooklink":"default","content":"http3.ooo:443","iface":"","kind":"TCP","time":"2023-12-15T16:33:58+08:00"}
{"action":"PROXY","appid":"/Users/fuck/.nami/bin/curl","brooklink":"default","content":"http3.ooo:443","iface":"","kind":"UDP","time":"2023-12-15T16:34:39+08:00"}
Compared to before, you can see
TCPandUDPdomain addresshttp3.ooo:443
Windows log:
{"action":"PROXY","appid":"C:\\Users\\cloud\\.nami\\bin\\curl.exe","brooklink":"default","content":"http3.ooo:443","iface":"","kind":"TCP","time":"2023-12-15T16:33:58+08:00"}
{"action":"PROXY","appid":"C:\\Users\\cloud\\.nami\\bin\\curl.exe","brooklink":"default","content":"http3.ooo:443","iface":"","kind":"UDP","time":"2023-12-15T16:34:39+08:00"}
Compared to before, you can see
TCPandUDPdomain addresshttp3.ooo:443
v20230805
Pragrammable
in_dnsquery.appidworks on Linuxin_address.appidworks on Linux
Bugfix
v20230607
- --defaultInterface4 value Windows Only. Choose your default ipv4 interface, your can get it from $ netsh interface ipv4 show interfaces
- --defaultInterface6 value Windows Only. Choose your default ipv6 interface, your can get it from $ netsh interface ipv6 show interfaces
v20230606
多个 server,编程控制选择哪一个
Multiple servers, programmatically control which one to choose
f := func() {
if in_brooklinks {
return {a: "brook:https://...", b: "brook:https://..."}
}
if in_address {
if in_address.domainaddress {
if in_address.domainaddress == "example.com:443" {
return { "brooklinkkey": "a" }
}
if in_address.domainaddress == "example2.com:443" {
return { "brooklinkkey": "b" }
}
}
return
}
}
out := f()