From 6c0c3498bdbfd1560b7d6d3bcc0d1d7342be2812 Mon Sep 17 00:00:00 2001
From: remittor <remittor@gmail.com>
Date: Wed, 16 Oct 2024 16:31:27 +0300
Subject: [PATCH] Add params DESYNC_MARK and DESYNC_MARK_POSTNAT

---
 .../luci-static/resources/view/zapret/settings.js      | 10 ++++++++++
 zapret/sync_config.sh                                  |  2 ++
 zapret/zapret.config                                   |  2 ++
 3 files changed, 14 insertions(+)

diff --git a/luci-app-zapret/htdocs/luci-static/resources/view/zapret/settings.js b/luci-app-zapret/htdocs/luci-static/resources/view/zapret/settings.js
index 44f0270..46a0ac4 100644
--- a/luci-app-zapret/htdocs/luci-static/resources/view/zapret/settings.js
+++ b/luci-app-zapret/htdocs/luci-static/resources/view/zapret/settings.js
@@ -108,6 +108,16 @@ return view.extend({
         o.rmempty = false;
         o.default = 0;
 
+        o = s.taboption(tabname, form.Value, 'DESYNC_MARK', _('DESYNC_MARK'));
+        //o.description = _("nfqws option for DPI desync attack");
+        o.rmempty     = false;
+        o.datatype    = 'string';
+
+        o = s.taboption(tabname, form.Value, 'DESYNC_MARK_POSTNAT', _('DESYNC_MARK_POSTNAT'));
+        //o.description = _("nfqws option for DPI desync attack");
+        o.rmempty     = false;
+        o.datatype    = 'string';
+
         /* NFQWS_OPT_DESYNC tab */
 
         tabname = 'nfqws_params';
diff --git a/zapret/sync_config.sh b/zapret/sync_config.sh
index 7f9f48a..f9f928d 100755
--- a/zapret/sync_config.sh
+++ b/zapret/sync_config.sh
@@ -46,6 +46,8 @@ sync_param INIT_APPLY_FW
 sync_param DISABLE_IPV4
 sync_param DISABLE_IPV6
 sync_param MODE_FILTER
+sync_param DESYNC_MARK
+sync_param DESYNC_MARK_POSTNAT
 sync_param NFQWS_OPT_DESYNC str
 sync_param NFQWS_OPT_DESYNC_SUFFIX str
 sync_param MODE_HTTP
diff --git a/zapret/zapret.config b/zapret/zapret.config
index f6332dc..69fdde8 100644
--- a/zapret/zapret.config
+++ b/zapret/zapret.config
@@ -7,6 +7,8 @@ config main 'config'
 	option DISABLE_IPV4 '0'
 	option DISABLE_IPV6 '1'
 	option MODE_FILTER 'hostlist'
+	option DESYNC_MARK '0x40000000'
+	option DESYNC_MARK_POSTNAT '0x20000000'
 	option NFQWS_OPT_DESYNC '--dpi-desync=fake,split2 --dpi-desync-ttl=7 --dpi-desync-ttl6=0 --dpi-desync-repeats=20 --dpi-desync-fooling=md5sig,badseq --dpi-desync-fake-tls=/opt/zapret/files/fake/tls_clienthello_www_google_com.bin'
 	option NFQWS_OPT_DESYNC_SUFFIX ''
 	option MODE_HTTP '1'