From 6dc74b0e1449c2813838fa3f747f5416503b5fcf Mon Sep 17 00:00:00 2001
From: ValdikSS <iam@valdikss.org.ru>
Date: Wed, 31 Jul 2024 12:58:02 +0300
Subject: [PATCH] New modes: -8 and -9

-8 is -7 with added --wrong-seq, it sends two subsequent fake packets, one with
incorrect sequence, and another one with incorrect checksum.

-9 is -8 with QUIC block.
---
 README.md        |  4 ++++
 src/goodbyedpi.c | 11 ++++++++++-
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 16fe92d5..f9067805 100644
--- a/README.md
+++ b/README.md
@@ -81,6 +81,10 @@ Modern modesets (more stable, more compatible, faster):
  -5          -f 2 -e 2 --auto-ttl --reverse-frag --max-payload (this is the default)
  -6          -f 2 -e 2 --wrong-seq --reverse-frag --max-payload
  -7          -f 2 -e 2 --wrong-chksum --reverse-frag --max-payload
+ -8          -f 2 -e 2 --wrong-seq --wrong-chksum --reverse-frag --max-payload
+ -9          -f 2 -e 2 --wrong-seq --wrong-chksum --reverse-frag --max-payload -q
+
+ Note: combination of --wrong-seq and --wrong-chksum generates two different fake packets.
 ```
 
 To check if your ISP's DPI could be circumvented, first make sure that your provider does not poison DNS answers by enabling "Secure DNS (DNS over HTTPS)" option in your browser.
diff --git a/src/goodbyedpi.c b/src/goodbyedpi.c
index fd912b08..d396e8c8 100644
--- a/src/goodbyedpi.c
+++ b/src/goodbyedpi.c
@@ -648,7 +648,7 @@ int main(int argc, char *argv[]) {
         max_payload_size = 1200;
     }
 
-    while ((opt = getopt_long(argc, argv, "1234567pqrsaf:e:mwk:n", long_options, NULL)) != -1) {
+    while ((opt = getopt_long(argc, argv, "123456789pqrsaf:e:mwk:n", long_options, NULL)) != -1) {
         switch (opt) {
             case '1':
                 do_passivedpi = do_host = do_host_removespace \
@@ -689,6 +689,12 @@ int main(int argc, char *argv[]) {
                 do_wrong_seq = 1;
                 max_payload_size = 1200;
                 break;
+            case '9': // +7+8
+                do_block_quic = 1;
+                // fall through
+            case '8': // +7
+                do_wrong_seq = 1;
+                // fall through
             case '7':
                 do_fragment_http = do_fragment_https = 1;
                 do_reverse_frag = do_native_frag = 1;
@@ -961,6 +967,9 @@ int main(int argc, char *argv[]) {
                 " -5          -f 2 -e 2 --auto-ttl --reverse-frag --max-payload (this is the default)\n"
                 " -6          -f 2 -e 2 --wrong-seq --reverse-frag --max-payload\n"
                 " -7          -f 2 -e 2 --wrong-chksum --reverse-frag --max-payload\n"
+                " -8          -f 2 -e 2 --wrong-seq --wrong-chksum --reverse-frag --max-payload\n"
+                " -9          -f 2 -e 2 --wrong-seq --wrong-chksum --reverse-frag --max-payload -q\n\n"
+                "Note: combination of --wrong-seq and --wrong-chksum generates two different fake packets.\n"
                 );
                 exit(EXIT_FAILURE);
         }