GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → blechschmidt → freebind

blechschmidt / freebind

Licence: GPL-3.0 license
IPv4 and IPv6 address rate limiting evasion tool

Programming Languages

c
50402 projects - #5 most used programming language
Makefile
30231 projects

Labels

socketipv6ipv4rate-limitingsubnetrate-limitevasionipv4-addressipv6-addressfreebindanyipip-rate-limit

Projects that are alternatives of or similar to freebind

ipv6calc
ipv6calc
Stars: ✭ 33 (-62.5%)
Mutual labels:  ipv6, ipv4, ipv4-address, ipv6-address
geoip
🌚 🌍 🌝 GeoIP 规则文件加强版,同时支持定制 V2Ray dat 格式路由规则文件 geoip.dat 和 MaxMind mmdb 格式文件 Country.mmdb。Enhanced edition of GeoIP files for V2Ray, Xray-core, Trojan-Go, Clash and Leaf, with replaced CN IPv4 CIDR available from ipip.net, appended CIDR lists and more.
Stars: ✭ 524 (+495.45%)
Mutual labels:  ipv6, ipv4, ipv4-address, ipv6-address
PHP-IPAddress
IP Address utility classes for PHP
Stars: ✭ 63 (-28.41%)
Mutual labels:  ipv6, ipv4, subnet, ipv6-address
Geolocate-IP-Browser-Extension
A browser extension, which shows you the origin of your IP address.
Stars: ✭ 21 (-76.14%)
Mutual labels:  ipv6, ipv4, ipv4-address, ipv6-address
Ipnetwork
IPNetwork command line and C# library take care of complex network, IP, IPv4, IPv6, netmask, CIDR, subnet, subnetting, supernet, and supernetting calculation for .NET developers. It works with IPv4 as well as IPv6, is written in C#, has a light and clean API, and is fully unit-tested
Stars: ✭ 276 (+213.64%)
Mutual labels:  ipv6, ipv4, subnet
Netaddr
A network address manipulation library for Python
Stars: ✭ 648 (+636.36%)
Mutual labels:  ipv6, ipv4, subnet
Ip
🌏根据IpV4、IpV6地址获取定位信息的PHP🐘组件 PHP components that obtain location information based on IpV4, IpV6 addresses
Stars: ✭ 23 (-73.86%)
Mutual labels:  ipv6, ipv4, ipv4-address
Ineter
Fast Java library for working with IP addresses, ranges, and subnets
Stars: ✭ 39 (-55.68%)
Mutual labels:  ipv6, ipv4, subnet
Ipaddress
Java library for handling IP addresses and subnets, both IPv4 and IPv6
Stars: ✭ 197 (+123.86%)
Mutual labels:  ipv6, ipv4, subnet
Plibsys
Highly portable C system library: threads and synchronization primitives, sockets (TCP, UDP, SCTP), IPv4 and IPv6, IPC, hash functions (MD5, SHA-1, SHA-2, SHA-3, GOST), binary trees (RB, AVL) and more. Native code performance.
Stars: ✭ 402 (+356.82%)
Mutual labels:  socket, ipv6, ipv4
Iptools
PHP Library for manipulating network addresses (IPv4 and IPv6)
Stars: ✭ 163 (+85.23%)
Mutual labels:  ipv6, ipv4, subnet
fakeroute
IPv4 and IPv6 traceroute fake hop generator through IP spoofing
Stars: ✭ 75 (-14.77%)
Mutual labels:  ipv6, ipv4, ipv6-address
ipv6
IPv6-adresse.dk source & data
Stars: ✭ 27 (-69.32%)
Mutual labels:  ipv6, ipv4, ipv6-address
ip
Immutable value object for IPv4 and IPv6 addresses, including helper methods and Doctrine support.
Stars: ✭ 212 (+140.91%)
Mutual labels:  ipv6, ipv4
IP2Location-C-Library
IP2Location C library enables the user to find the country, region, city, coordinates, zip code, time zone, ISP, domain name, connection type, area code, weather station code, weather station name, mobile, usage types, etc that any IP address or hostname originates from.
Stars: ✭ 37 (-57.95%)
Mutual labels:  ipv6, ipv4
tracetrout
A magical reverse traceroute HTTP(S) server
Stars: ✭ 48 (-45.45%)
Mutual labels:  ipv6, ipv4
whereabouts
An HTTP service for mapping IPv4 and IPv6 addresses to cities, countries & continents
Stars: ✭ 16 (-81.82%)
Mutual labels:  ipv6, ipv4
ip2location-nginx
Nginx module that allows user to lookup for geolocation information using IP2Location database.
Stars: ✭ 33 (-62.5%)
Mutual labels:  ipv6, ipv4
hphr
Halophile Router (a VyOS-based, SaltStack-automated, NetBox-configured router for small provider networks)
Stars: ✭ 39 (-55.68%)
Mutual labels:  ipv6, ipv4
FireflySoft.RateLimit
It is a rate limiting library based on .Net standard.
Stars: ✭ 76 (-13.64%)
Mutual labels:  rate-limiting, rate-limit
View All Similar Projects ➔

Freebind

Make use of any IP address from a prefix that is routed to your machine.

With the introduction of IPv6, single machines often get prefixes with more than one IP address assigned. However, without AnyIP and socket freebinding, many applications lack support to dynamically bind to arbitrary unconfigured addresses within these prefixes. Freebind enables the IP_FREEBIND socket option by hooking into socket library calls using LD_PRELOAD.

IPv6 services employing rate limiting often ban per /128 or per /64 in order to minimize collateral damage. If you have a statically routed prefix that is smaller than the prefix being banned, you can make use of freebind, which will bind sockets to random IP addresses from specified prefixes.

Usage

Installing

Clone and cd into the git repository, then run make install. In order for packetrand to be built successfully, libnetfilter-queue-dev is required.

Setup

Assume your ISP has assigned the subnet 2a00:1450:4001:81b::/64 to your server. In order to make use of freebinding, you first need to configure the Linux AnyIP kernel feature in order to be able to bind a socket to an arbitrary IP address from this subnet as follows:

ip -6 route add local 2a00:1450:4001:81b::/64 dev lo

Example

Having set up AnyIP, the following command will bind wget's internal socket to a random address from the specified subnet:

freebind -r 2a00:1450:4001:81b::/64 wget -qO- ipv6.wtfismyip.com/text

In practice, running this command multiple times will yield a new IP address every time.

UDP per packet randomization

The freebind program is only suitable for assigning one IP address per socket. It will not assign a random IP address per packet. Therefore, packetrand making use of the netfilter API is included for use in scenarios that require a fresh IP address per outgoing packet.

Setup

Imagine you want to randomize source addresses for DNS resolving. The following command has iptables pass outgoing DNS packets to the packetrand userspace program:

ip6tables -I OUTPUT -j NFQUEUE -p udp --dport 53 --queue-num 0 --queue-bypass
ip6tables -I INPUT -j NFQUEUE -p udp --sport 53 --queue-num 0 --queue-bypass

Afterwards, the packetrand daemon could be invoked as follows, where 0 is the netfilter queue number:

packetrand 0 2a00:1450:4001:81b:: 2a00:1450:4001:81b::/64

This will cause packetrand to rewrite the source address of outgoing packets to a random address from the specified prefix and translate back the destination address of incoming packets to 2a00:1450:4001:81b:: which is supposed to be the address which the socket is bound to.

Source port randomization

You can use the -r switch in order to randomize source ports per packet.

packetrand 0 -r 53

In this case, all outgoing UDP packets that are handled by the queue have their source port randomized and 53 is the port number for incoming packets to be rewritten to.

Limitations

  • IPv6 extension headers are not yet supported

Notes

The application will only work if your internet service provider provides you with a routed prefix.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].