Expand description
§VCL Traffic Obfuscation
Makes VCL Protocol traffic indistinguishable from regular HTTPS/TLS to bypass Deep Packet Inspection (DPI) used by ISPs like МТС, Beeline.
§Techniques
1. Packet Padding — random padding to disguise payload size patterns
2. Timing Jitter — random delays to disguise traffic timing patterns
3. TLS Mimicry — wrap packets to look like TLS 1.3 records
4. HTTP/2 Mimicry — wrap packets to look like HTTP/2 DATA frames
5. Size Normalization— normalize packet sizes to common HTTPS sizes§Example
use vcl_protocol::obfuscation::{Obfuscator, ObfuscationConfig, ObfuscationMode};
let config = ObfuscationConfig::tls_mimicry();
let mut obf = Obfuscator::new(config);
let data = b"secret VCL packet";
let obfuscated = obf.obfuscate(data);
let restored = obf.deobfuscate(&obfuscated).unwrap();
assert_eq!(restored, data);Structs§
- Obfuscation
Config - Configuration for traffic obfuscation.
- Obfuscator
- Traffic obfuscator — wraps and unwraps VCL packets.
Enums§
- Obfuscation
Mode - Obfuscation mode — how to disguise VCL traffic.
Functions§
- looks_
like_ http2 - Check if raw bytes look like an HTTP/2 DATA frame.
- looks_
like_ tls - Check if raw bytes look like a TLS Application Data record.
- recommended_
mode - Returns the recommended
ObfuscationModefor a given network environment.