diff --git a/DOMAINconfig.txt b/DOMAINconfig.txt
index 545f1c5..a788676 100644
--- a/DOMAINconfig.txt
+++ b/DOMAINconfig.txt
@@ -1,115 +1,115 @@
-104.19.112.153
-longlivemarxleninmaoism.online
-bu2021.xyz
-annas-archive.se
-zh.annas-archive.se
-www.v2ray.com
-
-104.19.112.151
-www.mediafire.com
-gfw.report
-google.louiesun.workers.dev
-bbs.revolutionfront2023.top
-revolutionfront2023.top
-maoism.freeflarum.com
-
-76.76.21.61
-^*.vercel.app
-^vercel.app
-
-157.230.193.220
-^clb.org.hk
-
-89.187.187.19
-^player.odycdn.com
-^thumbnails.odycdn.com
-
-192.250.237.151
-^www.bannedthought.net
-
-135.148.102.40
-^uploads-v4.odysee.com
-
-13.107.139.11
-^onedrive.live.com
-
-87.250.250.50
-^disk.yandex.com
-
-104.19.112.154
-www.pixiv.net
-i.pximg.net
-www.pximg.net
-accounts.pixiv.net
-
-104.19.112.156
-stackpath.bootstrapcdn.com
-maxcdn.bootstrapcdn.com
-medium.com
-cdn-client.medium.com
-glyph.medium.com
-miro.medium.com
-odysee.com
-api.na-backend.odysee.com
-api.odysee.com
-naked-api.na-backend.odysee.com
-
-104.19.113.157
-z-library.rs
-zh.z-library.rs
-reader.z-library.rs
-dlz1.fcdn.sk
-cdn.croxy.network
-apkmirror.com
-www.apkmirror.com
-
-104.20.76.252
-^www.matrix.org
-^matrix.org
-^matrix-client.matrix.org
-
-143.244.204.138
-^www.croxy.network
-
-193.218.118.42
-^libgen.rs
-
-176.123.7.105
-^zh.singlelogin.re
-^singlelogin.re
-
-35.186.227.193
-www.freenom.com
-
-116.202.120.165
-^www.torproject.org
-^dist.torproject.org
-^blog.torproject.org
-
-95.216.163.36
-^bridges.torproject.org
-
-185.15.59.224
-^wikipedia.org
-^*.wikipedia.org
-^wikimedia.org
-
-23.184.48.154
-^archive.ph
-
-52.250.42.157
-^duckduckgo.com
-^external-content.duckduckgo.com
-
-185.199.111.153
-^mlmmlm-icu.github.io
-^louiesun.github.io
-
-20.205.243.166
-^github.com
-
-180.163.150.34
--www.gstatic.cn
-
-114.250.70.34
--www.recaptcha.net
+104.19.112.153
+longlivemarxleninmaoism.online
+bu2021.xyz
+annas-archive.se
+zh.annas-archive.se
+www.v2ray.com
+
+104.19.112.151
+www.mediafire.com
+gfw.report
+google.louiesun.workers.dev
+bbs.revolutionfront2023.top
+revolutionfront2023.top
+maoism.freeflarum.com
+
+76.76.21.61
+^*.vercel.app
+^vercel.app
+
+157.230.193.220
+^clb.org.hk
+
+89.187.187.19
+^player.odycdn.com
+^thumbnails.odycdn.com
+
+192.250.237.151
+^www.bannedthought.net
+
+135.148.102.40
+^uploads-v4.odysee.com
+
+13.107.139.11
+^onedrive.live.com
+
+87.250.250.50
+^disk.yandex.com
+
+104.19.112.154
+www.pixiv.net
+i.pximg.net
+www.pximg.net
+accounts.pixiv.net
+
+104.19.112.156
+stackpath.bootstrapcdn.com
+maxcdn.bootstrapcdn.com
+medium.com
+cdn-client.medium.com
+glyph.medium.com
+miro.medium.com
+odysee.com
+api.na-backend.odysee.com
+api.odysee.com
+naked-api.na-backend.odysee.com
+
+104.19.113.157
+z-library.sk
+zh.z-library.sk
+reader5.z-library.sk
+dlz1.fcdn.sk
+cdn.croxy.network
+apkmirror.com
+www.apkmirror.com
+
+104.20.76.252
+^www.matrix.org
+^matrix.org
+^matrix-client.matrix.org
+
+143.244.204.138
+^www.croxy.network
+
+193.218.118.42
+^libgen.rs
+
+176.123.7.105
+^zh.singlelogin.re
+^singlelogin.re
+
+35.186.227.193
+www.freenom.com
+
+116.202.120.165
+^www.torproject.org
+^dist.torproject.org
+^blog.torproject.org
+
+95.216.163.36
+^bridges.torproject.org
+
+185.15.59.224
+^wikipedia.org
+^*.wikipedia.org
+^wikimedia.org
+
+23.184.48.154
+^archive.ph
+
+52.250.42.157
+^duckduckgo.com
+^external-content.duckduckgo.com
+
+185.199.111.153
+^mlmmlm-icu.github.io
+^louiesun.github.io
+
+20.205.243.166
+^github.com
+
+180.163.150.34
+-www.gstatic.cn
+
+114.250.70.34
+-www.recaptcha.net
diff --git a/config.json b/config.json
index f78e367..96f3d56 100644
--- a/config.json
+++ b/config.json
@@ -1,27 +1,27 @@
-{
- "output_data": false,
- "listen_PORT": 2500,
- "num_TCP_fragment": 0,
- "num_TLS_fragment": 2,
- "my_socket_timeout": 180,
- "domains": {
- "freezhihu.org": {
- "IP": "104.19.112.120",
- "TCP_frag": 0,
- "TCP_sleep": 0.01,
- "TLS_frag": 6
- },
- "greatfire.org": {
- "IP": "104.19.112.120",
- "TCP_frag": 0,
- "TCP_sleep": 0.01,
- "TLS_frag": 6
- },
- "null": {
- "IP": "127.0.0.1",
- "TCP_frag": 0,
- "TCP_sleep": 0.001,
- "TLS_frag": 0
- }
- }
+{
+ "output_data": false,
+ "listen_PORT": 2500,
+ "num_TCP_fragment": 0,
+ "num_TLS_fragment": 2,
+ "my_socket_timeout": 180,
+ "domains": {
+ "freezhihu.org": {
+ "IP": "104.19.112.120",
+ "TCP_frag": 0,
+ "TCP_sleep": 0.01,
+ "TLS_frag": 6
+ },
+ "greatfire.org": {
+ "IP": "104.19.112.120",
+ "TCP_frag": 0,
+ "TCP_sleep": 0.01,
+ "TLS_frag": 6
+ },
+ "null": {
+ "IP": "127.0.0.1",
+ "TCP_frag": 0,
+ "TCP_sleep": 0.001,
+ "TLS_frag": 0
+ }
+ }
}
\ No newline at end of file
diff --git a/default.aproj b/default.aproj
index 4af9d36..92aa925 100644
--- a/default.aproj
+++ b/default.aproj
@@ -1,14 +1,14 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/main.aardio b/main.aardio
index 3446d65..652928c 100644
--- a/main.aardio
+++ b/main.aardio
@@ -1,391 +1,392 @@
-import win.ui;
-import win.ui.menu;
-/*DSG{{*/
-mainForm = win.form(text="Unofficial_Z_Access";right=757;bottom=467)
-mainForm.add(
-BTgo={cls="button";text="GO";left=684;top=2;right=757;bottom=23;dr=1;dt=1;z=3};
-EDurl={cls="edit";text="https://bu2021.xyz/";left=1;top=0;right=681;bottom=24;aw=1;dl=1;dr=1;dt=1;edge=1;z=2};
-mainWeb={cls="custom";text="自定义控件";left=0;top=28;right=753;bottom=467;db=1;dl=1;dr=1;dt=1;z=1}
-)
-/*}}*/
-
-var HostResolverLine="";
-var QUICLine="";
-var HostLine="";
-var CMDLine='--host-resolver-rules="MAP bu2021.xyz 104.16.187.17:443,MAP annas-archive.se 104.16.187.17:443,MAP zh.annas-archive.se 104.16.187.17:443,MAP z-library.rs 104.16.187.17:443,MAP zh.z-library.rs 104.16.187.17:443,MAP reader.z-library.rs 104.16.187.17:443,MAP dlz1.fcdn.sk 104.16.187.17:443,MAP cdn.croxy.network 104.16.187.17:443" -origin-to-force-quic-on=bu2021.xyz:443,annas-archive.se:443,zh.annas-archive.se:443,z-library.rs:443,zh.z-library.rs:443,reader.z-library.rs:443,dlz1.fcdn.sk:443,cdn.croxy.network:443 --host-rules="MAP www.croxy.network 143.244.204.138,MAP libgen.is 193.218.118.42,MAP libgen.rs 193.218.118.42,MAP zh.singlelogin.re 176.123.7.105,MAP singlelogin.re 176.123.7.105" --ignore-certificate-errors';
-//var CMDLine='--proxy-server=127.0.0.1:2500';
-import wsock.tcp.simpleHttpServer;
-var webbase=wsock.tcp.simpleHttpServer.startUrl()
-//var url="https://zh.z-library.se/";
-
-var url="/web/index.html";
-
-if(_ARGV["c"])
-{
- import fsys.file;
-
- var cfg;
- if(_ARGV["c"]!="")
- cfg=fsys.file(_ARGV["c"]);
- else
- cfg=fsys.file("CMDconfig.txt");
- if(!fsys.file.is(cfg))
- {
- win.msgboxErr("No Config File! ","ERROR!");
- return;
- }
- CMDLine=cfg.read();
- cfg.close();
-}
-
-if(_ARGV["d"]||_STUDIO_INVOKED)
-{
- HostResolverLine="";
- QUICLine="";
- import fsys.file;
- var cfg;
- if(_ARGV["d"]!=""&&_ARGV["d"]!=null)
- cfg=fsys.file(_ARGV["d"]);
- else
- cfg=fsys.file("DOMAINconfig.txt");
- if(!fsys.file.is(cfg))
- {
- win.msgboxErr("No Config File! ","ERROR!");
- return;
- }
-
- while(1)
- {
- var IP=cfg.read();
- var d=IP;
- while(1)
- {
- d=cfg.read();
- if(d=="") break 1;
- else if(!d) break 2;
-
- if(string.unpack(d,1,1)==string.unpack("^"))
- {
- d=string.slice(d,2,-1,true);
- HostLine=HostLine+"MAP "+d+" "+IP+",";
- }
- else if(string.unpack(d,1,1)==string.unpack("-"))
- {
- d=string.slice(d,2,-1,true);
- HostResolverLine=HostResolverLine+"MAP "+d+" "+IP+":443,";
- }
- else
- {
- HostResolverLine=HostResolverLine+"MAP "+d+" "+IP+":443,";
- QUICLine=QUICLine+d+":443,";
- }
- }
- }
-
- cfg.close();
-
- if(HostResolverLine!="") HostResolverLine=string.slice(HostResolverLine,1,-2,true);
- if(QUICLine!="") QUICLine=string.slice(QUICLine,1,-2,true);
- if(HostLine!="") HostLine=string.slice(HostLine,1,-2,true);
-
- CMDLine="";
- if(HostResolverLine!="") CMDLine=CMDLine+'--host-resolver-rules="'+HostResolverLine+'" ';
- if(QUICLine!="") CMDLine=CMDLine+'-origin-to-force-quic-on='+QUICLine+' ';
- if(HostLine!="") CMDLine=CMDLine+'--host-rules="'+HostLine+'" --ignore-certificate-errors ';
-
- if(CMDLine!="") CMDLine=string.slice(CMDLine,1,-2,true);
-}
-if(_ARGV["p"]||_STUDIO_INVOKED)
-{
- import fsys.file;
- import web.json;
-
-
- var fcfg=fsys.file("config.json")
- if(!fsys.file.is(fcfg))
- {
- win.msgboxErr("No Config File! ","ERROR!");
- return;
- }
- var cfg=fcfg.read(-1)
- //win.msgbox(cfg)
- fcfg.close()
-
-
- cfg=web.json.parse(cfg)
- //win.msgbox(cfg)
-
- var VarietesofCode=/**class TrieNode {
- constructor(value){
- this.value = value;
- this.num=1;
- this.deep=0;
- this.son=[];
- this.isEnd=false;
- }
- findNode(value){
- for(let i=0;i=8192) win.msgbox("Too long CMDLine, and this may cause Error. ","Warning");
-var view=web.view(mainForm.mainWeb,0,CMDLine);
-view.go(webbase+"/web/index.html");
-//win.msgbox(webbase)
-
-mainForm.show();
-
-import fsys.file
-wrt=fsys.file("CMDline.txt","w")
-wrt.write(CMDLine)
-wrt.close()
-
-var AndroidLine=CMDLine;
-var ReplaceTable={
- ['"'] = "\"+'"'
-};
-AndroidLine=string.replace(AndroidLine,".|:",ReplaceTable);
-AndroidLine='echo "_'+" "+AndroidLine+'" > chrome-command-line';
-wrt=fsys.file("AndroidECHO.txt","w")
-wrt.write(AndroidLine)
-wrt.close()
-
-if(_ARGV["o"])
-{
- url=webbase+"/CMDline.txt";
-}
-else if(_ARGV["a"])
-{
- url=webbase+"/AndroidECHO.txt";
-}
-else if(_ARGV["g"]) url=_ARGV["g"];
-else if(_ARGV["h"])
-{
- url=webbase+"/help.html";
-}
-
-
-view.go(webbase+url);
-
-mainForm.BTgo.oncommand = function(id,event){
- if(mainForm.EDurl.text=="index") mainForm.EDurl.text=webbase+"/web/index.html"
- if(mainForm.EDurl.text=="proxypac") mainForm.EDurl.text=webbase+"/proxy.pac"
- if(mainForm.EDurl.text=="cmdline") mainForm.EDurl.text=webbase+"/CMDline.txt"
- if(mainForm.EDurl.text=="androidecho") mainForm.EDurl.text=webbase+"/AndroidECHO.txt"
- view.go(mainForm.EDurl.text)
-}
-
-mainForm.EDurl.oncommand = function(id,event){
-
-}
-
-return win.loopMessage();
-
-/* You may need:
-// from: https://chromium.googlesource.com/chromium/src/+/refs/heads/main/components/network_session_configurator/common/network_switch_list.h
-// Copyright 2017 The Chromium Authors
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-// This file deliberately has no header guard, as it's inlined in a number of
-// files.
-// no-include-guard-because-multiply-included
-// Disables the QUIC protocol.
-NETWORK_SWITCH(kDisableQuic, "disable-quic")
-// Disables the HTTP/2 protocol.
-NETWORK_SWITCH(kDisableHttp2, "disable-http2")
-// Enables Alternate-Protocol when the port is user controlled (> 1024).
-NETWORK_SWITCH(kEnableUserAlternateProtocolPorts,
- "enable-user-controlled-alternate-protocol-ports")
-// Enables the QUIC protocol. This is a temporary testing flag.
-NETWORK_SWITCH(kEnableQuic, "enable-quic")
-// Ignores certificate-related errors.
-NETWORK_SWITCH(kIgnoreCertificateErrors, "ignore-certificate-errors")
-// Specifies a comma separated list of host-port pairs to force use of QUIC on.
-NETWORK_SWITCH(kOriginToForceQuicOn, "origin-to-force-quic-on")
-// Disables known-root checks for outgoing WebTransport connections.
-NETWORK_SWITCH(kWebTransportDeveloperMode, "webtransport-developer-mode")
-// Specifies a comma separated list of QUIC connection options to send to
-// the server.
-NETWORK_SWITCH(kQuicConnectionOptions, "quic-connection-options")
-// Specifies a comma separated list of QUIC client connection options.
-NETWORK_SWITCH(kQuicClientConnectionOptions, "quic-client-connection-options")
-// Specifies the maximum length for a QUIC packet.
-NETWORK_SWITCH(kQuicMaxPacketLength, "quic-max-packet-length")
-// Specifies the version of QUIC to use.
-NETWORK_SWITCH(kQuicVersion, "quic-version")
-// Allows for forcing socket connections to http/https to use fixed ports.
-NETWORK_SWITCH(kTestingFixedHttpPort, "testing-fixed-http-port")
-NETWORK_SWITCH(kTestingFixedHttpsPort, "testing-fixed-https-port")
-// Comma-separated list of rules that control how hostnames are mapped.
-//
-// For example:
-// "MAP * 127.0.0.1" --> Forces all hostnames to be mapped to 127.0.0.1
-// "MAP *.google.com proxy" --> Forces all google.com subdomains to be
-// resolved to "proxy".
-// "MAP test.com [::1]:77 --> Forces "test.com" to resolve to IPv6 loopback.
-// Will also force the port of the resulting
-// socket address to be 77.
-// "MAP * baz, EXCLUDE www.google.com" --> Remaps everything to "baz",
-// except for "www.google.com".
-//
-// These mappings apply to the endpoint host in a net::URLRequest (the TCP
-// connect and host resolver in a direct connection, and the CONNECT in an http
-// proxy connection, and the endpoint host in a SOCKS proxy connection).
-//
-// TODO(mmenke): Can we just remove this? host-resolver-rules is more generally
-// useful.
-NETWORK_SWITCH(kHostRules, "host-rules")
-// Enable "greasing" HTTP/2 frame types, that is, sending frames of reserved
-// types. See https://tools.ietf.org/html/draft-bishop-httpbis-grease-00 for
-// more detail.
-NETWORK_SWITCH(kHttp2GreaseFrameType, "http2-grease-frame-type")
-// If request has no body, close the stream not by setting END_STREAM flag on
-// the HEADERS frame, but by sending an empty DATA frame with END_STREAM
-// afterwards. Only affects HTTP/2 request streams, not proxy or bidirectional
-// streams.
-NETWORK_SWITCH(kHttp2EndStreamWithDataFrame, "http2-end-stream-with-data-frame")
-
+import win.ui;
+import win.ui.menu;
+/*DSG{{*/
+mainForm = win.form(text="Unofficial_Z_Access";right=757;bottom=467)
+mainForm.add(
+BTgo={cls="button";text="GO";left=684;top=2;right=757;bottom=23;dr=1;dt=1;z=3};
+EDurl={cls="edit";text="https://bu2021.xyz/";left=1;top=0;right=681;bottom=24;aw=1;dl=1;dr=1;dt=1;edge=1;z=2};
+mainWeb={cls="custom";text="自定义控件";left=0;top=28;right=753;bottom=467;db=1;dl=1;dr=1;dt=1;z=1}
+)
+/*}}*/
+
+var HostResolverLine="";
+var QUICLine="";
+var HostLine="";
+var CMDLine="";
+//var CMDLine='--proxy-server=127.0.0.1:2500';
+import wsock.tcp.simpleHttpServer;
+var webbase=wsock.tcp.simpleHttpServer.startUrl()
+//var url="https://zh.z-library.se/";
+
+var url="/web/index.html";
+
+if(_ARGV["c"])
+{
+ import fsys.file;
+
+ var cfg;
+ if(_ARGV["c"]!="")
+ cfg=fsys.file(_ARGV["c"]);
+ else
+ cfg=fsys.file("CMDconfig.txt");
+ if(!fsys.file.is(cfg))
+ {
+ win.msgboxErr("No Config File! ","ERROR!");
+ return;
+ }
+ CMDLine=cfg.read();
+ cfg.close();
+}
+
+if(true)
+{
+ HostResolverLine="";
+ QUICLine="";
+ import fsys.file;
+ var cfg;
+ if(_ARGV["d"]!=""&&_ARGV["d"]!=null)
+ cfg=fsys.file(_ARGV["d"]);
+ else
+ cfg=fsys.file("DOMAINconfig.txt");
+ if(!fsys.file.is(cfg))
+ {
+ win.msgboxErr("No Config File! ","ERROR!");
+ return;
+ }
+
+ while(1)
+ {
+ var IP=cfg.read();
+ var d=IP;
+ while(1)
+ {
+ d=cfg.read();
+ if(d=="") break 1;
+ else if(!d) break 2;
+
+ if(string.unpack(d,1,1)==string.unpack("^"))
+ {
+ d=string.slice(d,2,-1,true);
+ HostLine=HostLine+"MAP "+d+" "+IP+",";
+ }
+ else if(string.unpack(d,1,1)==string.unpack("-"))
+ {
+ d=string.slice(d,2,-1,true);
+ HostResolverLine=HostResolverLine+"MAP "+d+" "+IP+":443,";
+ }
+ else
+ {
+ HostResolverLine=HostResolverLine+"MAP "+d+" "+IP+":443,";
+ QUICLine=QUICLine+d+":443,";
+ }
+ }
+ }
+
+ cfg.close();
+
+ if(HostResolverLine!="") HostResolverLine=string.slice(HostResolverLine,1,-2,true);
+ if(QUICLine!="") QUICLine=string.slice(QUICLine,1,-2,true);
+ if(HostLine!="") HostLine=string.slice(HostLine,1,-2,true);
+
+ CMDLine="";
+ if(HostResolverLine!="") CMDLine=CMDLine+'--host-resolver-rules="'+HostResolverLine+'" ';
+ if(QUICLine!="") CMDLine=CMDLine+'-origin-to-force-quic-on='+QUICLine+' ';
+ if(HostLine!="") CMDLine=CMDLine+'--host-rules="'+HostLine+'" --ignore-certificate-errors ';
+
+ if(CMDLine!="") CMDLine=string.slice(CMDLine,1,-2,true);
+}
+if(_ARGV["p"]||_STUDIO_INVOKED)
+{
+ import fsys.file;
+ import web.json;
+
+
+ var fcfg=fsys.file("config.json")
+ if(!fsys.file.is(fcfg))
+ {
+ win.msgboxErr("No Config File! ","ERROR!");
+ return;
+ }
+ var cfg=fcfg.read(-1)
+ //win.msgbox(cfg)
+ fcfg.close()
+
+
+ cfg=web.json.parse(cfg)
+ //win.msgbox(cfg)
+
+ var VarietesofCode=/**class TrieNode {
+ constructor(value){
+ this.value = value;
+ this.num=1;
+ this.deep=0;
+ this.son=[];
+ this.isEnd=false;
+ }
+ findNode(value){
+ for(let i=0;i=8192) win.msgbox("Too long CMDLine, and this may cause Error. ","Warning");
+var view=web.view(mainForm.mainWeb,0,CMDLine);
+view.go(webbase+"/web/index.html");
+//win.msgbox(webbase)
+
+mainForm.show();
+
+import fsys.file
+wrt=fsys.file("CMDline.txt","w")
+wrt.write(CMDLine)
+wrt.close()
+
+var AndroidLine=CMDLine;
+var ReplaceTable={
+ ['"'] = "\"+'"'
+};
+AndroidLine=string.replace(AndroidLine,".|:",ReplaceTable);
+AndroidLine='echo "_'+" "+AndroidLine+'" > chrome-command-line';
+wrt=fsys.file("AndroidECHO.txt","w")
+wrt.write(AndroidLine)
+wrt.close()
+
+if(_ARGV["o"])
+{
+ url=webbase+"/CMDline.txt";
+}
+else if(_ARGV["a"])
+{
+ url=webbase+"/AndroidECHO.txt";
+}
+else if(_ARGV["g"]) url=_ARGV["g"];
+else if(_ARGV["h"])
+{
+ url=webbase+"/help.html";
+}
+
+
+view.go(webbase+url);
+
+mainForm.BTgo.oncommand = function(id,event){
+ if(mainForm.EDurl.text=="index") mainForm.EDurl.text=webbase+"/web/index.html"
+ if(mainForm.EDurl.text=="proxypac") mainForm.EDurl.text=webbase+"/proxy.pac"
+ if(mainForm.EDurl.text=="cmdline") mainForm.EDurl.text=webbase+"/CMDline.txt"
+ if(mainForm.EDurl.text=="androidecho") mainForm.EDurl.text=webbase+"/AndroidECHO.txt"
+ view.go(mainForm.EDurl.text)
+}
+
+mainForm.EDurl.oncommand = function(id,event){
+
+}
+
+return win.loopMessage();
+
+/* You may need:
+// from: https://chromium.googlesource.com/chromium/src/+/refs/heads/main/components/network_session_configurator/common/network_switch_list.h
+// Copyright 2017 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+// This file deliberately has no header guard, as it's inlined in a number of
+// files.
+// no-include-guard-because-multiply-included
+// Disables the QUIC protocol.
+NETWORK_SWITCH(kDisableQuic, "disable-quic")
+// Disables the HTTP/2 protocol.
+NETWORK_SWITCH(kDisableHttp2, "disable-http2")
+// Enables Alternate-Protocol when the port is user controlled (> 1024).
+NETWORK_SWITCH(kEnableUserAlternateProtocolPorts,
+ "enable-user-controlled-alternate-protocol-ports")
+// Enables the QUIC protocol. This is a temporary testing flag.
+NETWORK_SWITCH(kEnableQuic, "enable-quic")
+// Ignores certificate-related errors.
+NETWORK_SWITCH(kIgnoreCertificateErrors, "ignore-certificate-errors")
+// Specifies a comma separated list of host-port pairs to force use of QUIC on.
+NETWORK_SWITCH(kOriginToForceQuicOn, "origin-to-force-quic-on")
+// Disables known-root checks for outgoing WebTransport connections.
+NETWORK_SWITCH(kWebTransportDeveloperMode, "webtransport-developer-mode")
+// Specifies a comma separated list of QUIC connection options to send to
+// the server.
+NETWORK_SWITCH(kQuicConnectionOptions, "quic-connection-options")
+// Specifies a comma separated list of QUIC client connection options.
+NETWORK_SWITCH(kQuicClientConnectionOptions, "quic-client-connection-options")
+// Specifies the maximum length for a QUIC packet.
+NETWORK_SWITCH(kQuicMaxPacketLength, "quic-max-packet-length")
+// Specifies the version of QUIC to use.
+NETWORK_SWITCH(kQuicVersion, "quic-version")
+// Allows for forcing socket connections to http/https to use fixed ports.
+NETWORK_SWITCH(kTestingFixedHttpPort, "testing-fixed-http-port")
+NETWORK_SWITCH(kTestingFixedHttpsPort, "testing-fixed-https-port")
+// Comma-separated list of rules that control how hostnames are mapped.
+//
+// For example:
+// "MAP * 127.0.0.1" --> Forces all hostnames to be mapped to 127.0.0.1
+// "MAP *.google.com proxy" --> Forces all google.com subdomains to be
+// resolved to "proxy".
+// "MAP test.com [::1]:77 --> Forces "test.com" to resolve to IPv6 loopback.
+// Will also force the port of the resulting
+// socket address to be 77.
+// "MAP * baz, EXCLUDE www.google.com" --> Remaps everything to "baz",
+// except for "www.google.com".
+//
+// These mappings apply to the endpoint host in a net::URLRequest (the TCP
+// connect and host resolver in a direct connection, and the CONNECT in an http
+// proxy connection, and the endpoint host in a SOCKS proxy connection).
+//
+// TODO(mmenke): Can we just remove this? host-resolver-rules is more generally
+// useful.
+NETWORK_SWITCH(kHostRules, "host-rules")
+// Enable "greasing" HTTP/2 frame types, that is, sending frames of reserved
+// types. See https://tools.ietf.org/html/draft-bishop-httpbis-grease-00 for
+// more detail.
+NETWORK_SWITCH(kHttp2GreaseFrameType, "http2-grease-frame-type")
+// If request has no body, close the stream not by setting END_STREAM flag on
+// the HEADERS frame, but by sending an empty DATA frame with END_STREAM
+// afterwards. Only affects HTTP/2 request streams, not proxy or bidirectional
+// streams.
+NETWORK_SWITCH(kHttp2EndStreamWithDataFrame, "http2-end-stream-with-data-frame")
+
*/
\ No newline at end of file
diff --git a/py/server.py b/py/server.py
new file mode 100644
index 0000000..dbfe4b9
--- /dev/null
+++ b/py/server.py
@@ -0,0 +1,468 @@
+#!/usr/bin/env python3
+from pathlib import Path
+import socket
+import requests
+import threading
+import time
+import random
+import json
+import sys
+import ahocorasick
+import dns.message # --> pip install dnspython
+import dns.rdatatype
+import base64
+
+
+listen_PORT = 2500 # pyprox listening to 127.0.0.1:listen_PORT
+
+
+log_every_N_sec = 30 # every 30 second , update log file with latest DNS-cache statistics
+
+allow_insecure = True # set true to allow certificate domain mismatch in DoH
+my_socket_timeout = 120 # default for google is ~21 sec , recommend 60 sec unless you have low ram and need close soon
+first_time_sleep = 0.1 # speed control , avoid server crash if huge number of users flooding
+accept_time_sleep = 0.01 # avoid server crash on flooding request -> max 100 sockets per second
+output_data=True
+
+
+
+domain_settings={
+ "null": {
+ "IP": "127.0.0.1",
+ "TCP_frag": 114514,
+ "TCP_sleep": 0.001,
+ "TLS_frag": 114514,
+ "num_TCP_fragment": 37,
+ "num_TLS_fragment": 37,
+ }
+}
+
+num_TCP_fragment = 37
+num_TLS_fragment = 37
+TCP_sleep = 0.001
+TCP_frag=0
+TLS_frag=0
+doh_server="https://127.0.0.1/dns-query"
+DNS_log_every=1
+
+domain_settings=None
+domain_settings_tree=None
+
+
+DNS_cache = {} # resolved domains
+IP_DL_traffic = {} # download usage for each ip
+IP_UL_traffic = {} # upload usage for each ip
+
+with open("config.json",'r', encoding='UTF-8') as f:
+ config = json.load(f)
+ output_data=config.get("output_data")
+
+ my_socket_timeout=config.get("my_socket_timeout")
+ listen_PORT=config.get("listen_PORT")
+
+ num_TCP_fragment=config.get("num_TCP_fragment")
+ num_TLS_fragment=config.get("num_TLS_fragment")
+ TCP_sleep=config.get("TCP_sleep")
+ TCP_frag=config.get("TCP_frag")
+ TLS_frag=config.get("TLS_frag")
+ doh_server=config.get("doh_server")
+ domain_settings=config.get("domains")
+ DNS_log_every=config.get("DNS_log_every")
+
+ # print(set(domain_settings.keys()))
+ domain_settings_tree=ahocorasick.AhoCorasick(*domain_settings.keys())
+
+try:
+ with open("DNS_cache.json",'r+', encoding='UTF-8') as f:
+ DNS_cache=json.load(f)
+except Exception as e:
+ print("ERROR DNS query: ",repr(e))
+
+cnt_chg = 0
+
+class GET_settings:
+ def __init__(self):
+ self.url = doh_server
+ self.req = requests.session()
+ self.fragment_proxy = {
+ 'https': 'http://127.0.0.1:'+str(listen_PORT)
+ }
+
+
+
+ def query_DNS(self,server_name):
+ quary_params = {
+ # 'name': server_name, # no need for this when using dns wire-format , cause 400 err on some server
+ 'type': 'A',
+ 'ct': 'application/dns-message',
+ }
+
+
+ print(f'online DNS Query',server_name)
+ try:
+ query_message = dns.message.make_query(server_name,'A')
+ query_wire = query_message.to_wire()
+ query_base64 = base64.urlsafe_b64encode(query_wire).decode('utf-8')
+ query_base64 = query_base64.replace('=','') # remove base64 padding to append in url
+
+ query_url = self.url + query_base64
+
+
+ ans = self.req.get( query_url , params=quary_params , headers={'accept': 'application/dns-message'} , proxies=self.fragment_proxy)
+
+ # Parse the response as a DNS packet
+ if ans.status_code == 200 and ans.headers.get('content-type') == 'application/dns-message':
+ answer_msg = dns.message.from_wire(ans.content)
+
+ resolved_ip = None
+ for x in answer_msg.answer:
+ if (x.rdtype == dns.rdatatype.A):
+ resolved_ip = x[0].address # pick first ip in DNS answer
+ DNS_cache[server_name] = resolved_ip
+ # print("################# DNS Cache is : ####################")
+ # print(DNS_cache) # print DNS cache , it usefull to track all resolved IPs , to be used later.
+ # print("#####################################################")
+ break
+
+ print(f'online DNS --> Resolved {server_name} to {resolved_ip}')
+ return resolved_ip
+ else:
+ print(f'Error DNS query: {ans.status_code} {ans.reason}')
+ return "127.0.0.1"
+ except Exception as e:
+ print("ERROR DNS query: ",repr(e))
+
+ def query(self,domain):
+ res=domain_settings_tree.search(domain)
+ # print(domain,'-->',sorted(res,key=lambda x:len(x),reverse=True)[0])
+ try:
+ res=domain_settings.get(sorted(res,key=lambda x:len(x),reverse=True)[0])
+ except:
+ res={}
+
+ if res.get("IP")==None:
+ if DNS_cache.get(domain)!=None:
+ res["IP"]=DNS_cache[domain]
+ else:
+ res["IP"]=self.query_DNS(domain)
+ global cnt_chg
+ cnt_chg=cnt_chg+1
+ if cnt_chg>DNS_log_every:
+ cnt_chg=0
+ with open("DNS_cache.json",'w', encoding='UTF-8') as f:
+ json.dump(DNS_cache,f)
+ # res["IP"]="127.0.0.1"
+ if res.get("TCP_frag")==None:
+ res["TCP_frag"]=TCP_frag
+ if res.get("TCP_sleep")==None:
+ res["TCP_sleep"]=TCP_sleep
+ if res.get("TLS_frag")==None:
+ res["TLS_frag"]=TLS_frag
+ if res.get("num_TCP_fragment")==None:
+ res["num_TCP_fragment"]=num_TCP_fragment
+ if res.get("num_TLS_fragment")==None:
+ res["num_TLS_fragment"]=num_TLS_fragment
+ print(domain,'-->',res)
+ return res
+
+
+
+class ThreadedServer(object):
+ def __init__(self, host, port):
+ self.DoH=GET_settings()
+ self.host = host
+ self.port = port
+ self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+ self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
+ self.sock.bind((self.host, self.port))
+ self.sni = b""
+ self.settings = {
+ "IP": "127.0.0.1",
+ "frag": 114514,
+ "sleep": 0.001
+ }
+
+ def listen(self):
+ self.sock.listen(128) # up to 128 concurrent unaccepted socket queued , the more is refused untill accepting those.
+
+ while True:
+ client_sock , client_addr = self.sock.accept()
+ client_sock.settimeout(my_socket_timeout)
+
+ time.sleep(accept_time_sleep) # avoid server crash on flooding request
+ thread_up = threading.Thread(target = self.my_upstream , args =(client_sock,) )
+ thread_up.daemon = True #avoid memory leak by telling os its belong to main program , its not a separate program , so gc collect it when thread finish
+ thread_up.start()
+
+
+
+ def handle_client_request(self,client_socket):
+ # Receive the CONNECT request from the client
+ data = client_socket.recv(16384)
+
+
+ if(data[:7]==b'CONNECT'):
+ server_name , server_port = self.extract_servername_and_port(data)
+ elif( (data[:3]==b'GET')
+ or (data[:4]==b'POST')
+ or (data[:4]==b'HEAD')
+ or (data[:7]==b'OPTIONS')
+ or (data[:3]==b'PUT')
+ or (data[:6]==b'DELETE')
+ or (data[:5]==b'PATCH')
+ or (data[:5]==b'TRACE') ):
+
+ q_line = str(data).split('\r\n')
+ q_req = q_line[0].split()
+ q_method = q_req[0]
+ q_url = q_req[1]
+ q_url = q_url.replace('http://','https://')
+ print('************************@@@@@@@@@@@@***************************')
+ print('redirect',q_method,'http to HTTPS',q_url)
+ response_data = 'HTTP/1.1 302 Found\r\nLocation: '+q_url+'\r\nProxy-agent: MyProxy/1.0\r\n\r\n'
+ client_socket.sendall(response_data.encode())
+ client_socket.close()
+ return None
+ else:
+ print('Unknown Method',str(data[:10]))
+ response_data = b'HTTP/1.1 400 Bad Request\r\nProxy-agent: MyProxy/1.0\r\n\r\n'
+ client_socket.sendall(response_data)
+ client_socket.close()
+ return None
+
+
+ print(server_name,'-->',server_port)
+ self.sni=bytes(server_name,encoding="utf-8")
+
+ try:
+ server_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+ server_socket.settimeout(my_socket_timeout)
+ server_socket.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1) #force localhost kernel to send TCP packet immediately (idea: @free_the_internet)
+
+ try:
+ socket.inet_aton(server_name)
+ # print('legal IP')
+ server_IP = server_name
+ except socket.error:
+ # print('Not IP , its domain , try to resolve it')
+ self.settings=self.DoH.query(server_name)
+ if self.settings==None:
+ self.settings={}
+ server_IP=self.settings.get("IP")
+
+
+ try:
+ server_socket.connect((server_IP, server_port))
+ # Send HTTP 200 OK
+ response_data = b'HTTP/1.1 200 Connection established\r\nProxy-agent: MyProxy/1.0\r\n\r\n'
+ client_socket.sendall(response_data)
+ return server_socket
+ except socket.error:
+ print("@@@ "+server_IP+":"+str(server_port)+ " ==> filtered @@@")
+ # Send HTTP ERR 502
+ response_data = b'HTTP/1.1 502 Bad Gateway (is IP filtered?)\r\nProxy-agent: MyProxy/1.0\r\n\r\n'
+ client_socket.sendall(response_data)
+ client_socket.close()
+ server_socket.close()
+ return server_IP
+
+
+ except Exception as e:
+ print(repr(e))
+ # Send HTTP ERR 502
+ response_data = b'HTTP/1.1 502 Bad Gateway (Strange ERR?)\r\nProxy-agent: MyProxy/1.0\r\n\r\n'
+ client_socket.sendall(response_data)
+ client_socket.close()
+ server_socket.close()
+ return None
+
+
+
+
+
+
+
+ def my_upstream(self, client_sock):
+ first_flag = True
+ backend_sock = self.handle_client_request(client_sock)
+
+ if(backend_sock==None):
+ client_sock.close()
+ return False
+
+ if( isinstance(backend_sock,str) ):
+ this_ip = backend_sock
+ if(this_ip not in IP_UL_traffic):
+ IP_UL_traffic[this_ip] = 0
+ IP_DL_traffic[this_ip] = 0
+ client_sock.close()
+ return False
+
+
+ this_ip = backend_sock.getpeername()[0]
+ if(this_ip not in IP_UL_traffic):
+ IP_UL_traffic[this_ip] = 0
+ IP_DL_traffic[this_ip] = 0
+
+
+ while True:
+ try:
+ if( first_flag == True ):
+ first_flag = False
+
+ time.sleep(first_time_sleep) # speed control + waiting for packet to fully recieve
+ data = client_sock.recv(16384)
+ #print('len data -> ',str(len(data)))
+ #print('user talk :')
+
+ if data:
+ thread_down = threading.Thread(target = self.my_downstream , args = (backend_sock , client_sock) )
+ thread_down.daemon = True
+ thread_down.start()
+ # backend_sock.sendall(data)
+ send_data_in_fragment(self.sni,self.settings,data,backend_sock)
+ IP_UL_traffic[this_ip] = IP_UL_traffic[this_ip] + len(data)
+
+ else:
+ raise Exception('cli syn close')
+
+ else:
+ data = client_sock.recv(16384)
+ if data:
+ backend_sock.sendall(data)
+ IP_UL_traffic[this_ip] = IP_UL_traffic[this_ip] + len(data)
+ else:
+ raise Exception('cli pipe close')
+
+ except Exception as e:
+ print('upstream : '+ repr(e) + 'from' , self.sni )
+ time.sleep(2) # wait two second for another thread to flush
+ client_sock.close()
+ backend_sock.close()
+ return False
+
+
+
+
+ def my_downstream(self, backend_sock , client_sock):
+ this_ip = backend_sock.getpeername()[0]
+
+ first_flag = True
+ while True:
+ try:
+ if( first_flag == True ):
+ first_flag = False
+ data = backend_sock.recv(16384)
+ if data:
+ client_sock.sendall(data)
+ IP_DL_traffic[this_ip] = IP_DL_traffic[this_ip] + len(data)
+ else:
+ raise Exception('backend pipe close at first')
+
+ else:
+ data = backend_sock.recv(16384)
+ if data:
+ client_sock.sendall(data)
+ IP_DL_traffic[this_ip] = IP_DL_traffic[this_ip] + len(data)
+ else:
+ raise Exception('backend pipe close')
+
+ except Exception as e:
+ print('downstream '+' : '+ repr(e) , self.sni)
+ time.sleep(2) # wait two second for another thread to flush
+ backend_sock.close()
+ client_sock.close()
+ return False
+
+
+
+ def extract_servername_and_port(self,data):
+ host_and_port = str(data).split()[1]
+ host,port = host_and_port.split(':')
+ return (host,int(port))
+
+
+def split_other_data(data, num_fragment, split):
+ # print("sending: ", data)
+ L_data = len(data)
+
+ if num_fragment==0|L_data==1:
+ split(data)
+ return
+ indices = random.sample(range(1,L_data-1), min(num_fragment,L_data-2))
+ indices.sort()
+ # print('indices=',indices)
+
+ i_pre=0
+ for i in indices:
+ fragment_data = data[i_pre:i]
+ i_pre=i
+ # sock.send(fragment_data)
+ # print(fragment_data)
+ split(new_frag=fragment_data)
+
+ fragment_data = data[i_pre:L_data]
+ split(fragment_data)
+# http114=b""
+
+def split_data(data, sni, L_snifrag, num_fragment,split):
+ stt=data.find(sni)
+
+ L_sni=len(sni)
+ L_data=len(data)
+
+ if L_snifrag==0:
+ split_other_data(data, num_fragment, split)
+ return sni
+
+ split_other_data(data[0:stt+L_snifrag], num_fragment, split)
+
+ nst=L_snifrag
+
+ while nst<=L_sni:
+ fragment_data=data[stt+nst:stt+nst+L_snifrag]
+ split(fragment_data)
+ nst=nst+L_snifrag
+
+ split_other_data(data[stt+nst:L_data], num_fragment, split)
+
+ return data[stt:stt+L_sni]
+
+def send_data_in_fragment(sni, settings, data , sock):
+ print("To send: ",len(data)," Bytes. ")
+ if output_data:
+ print("sending: ",data,"\n")
+ base_header = data[:3]
+ record=data[5:]
+ TLS_ans=b""
+ def TLS_add_frag(new_frag):
+ nonlocal TLS_ans,base_header
+ TLS_ans+=base_header + int.to_bytes(len(new_frag), byteorder='big', length=2)
+ TLS_ans+=new_frag
+ print("adding frag:",len(new_frag)," bytes. ")
+ if output_data:
+ print("adding frag: ",new_frag,"\n")
+ first_sni_frag=split_data(record, sni, settings.get("TLS_frag"), settings.get("num_TLS_fragment"),TLS_add_frag)
+
+ print("TLS fraged: ",len(TLS_ans)," Bytes. ")
+ if output_data:
+ print("TLS fraged: ",TLS_ans,"\n")
+
+ T_sleep=settings.get("TCP_sleep")
+ def TCP_send_with_sleep(new_frag):
+ nonlocal sock,T_sleep
+ sock.sendall(new_frag)
+ print("TCP send: ",len(new_frag)," bytes. And 'll sleep for ",T_sleep, "seconds. ")
+ if output_data:
+ print("TCP send: ",new_frag,"\n")
+ time.sleep(T_sleep)
+ split_data(TLS_ans, first_sni_frag, settings.get("TCP_frag"), settings.get("num_TCP_fragment"),TCP_send_with_sleep)
+
+ print("----------finish------------")
+
+def start_server():
+ print ("Now listening at: 127.0.0.1:"+str(listen_PORT))
+ ThreadedServer('',listen_PORT).listen()
+
+if (__name__ == "__main__"):
+ start_server()
\ No newline at end of file
diff --git a/web.src/help.md b/web.src/help.md
index 1e3332d..272e8ca 100644
--- a/web.src/help.md
+++ b/web.src/help.md
@@ -1,374 +1,374 @@
-## 访问更多域名
-
-如果你是从github直接下载的release,exe同级目录下应该提供了`DragTheDomainConfigFileHere.bat`。
-
-这会使用一个我自用的配置文件,也就是同目录下的`DOMAINconfig.txt`。这样可以访问更多网站,注意其对子域名敏感(子域名需要单独配置)。
-
-对于该文件`DOMAINconfig.txt`的编辑,请往下翻。
-
-## 命令行参数帮助
-
-鉴于本应用名字较长,我强烈建议您把他的名字改短一点,比如`zlib.exe`。
-
-默认接下来您已经进行了重命名。
-
-### `-h`
-
-打开帮助,也就是显示此文件。
-
-### `-g url`
-
-打开后跳转到url,而不是默认开始页。
-注意:`url`必须带协议头,如:`https://1919810.com`。
-
-### `-c [FILE]`
-
-使用命令行配置文件。
-
-如果有`[FILE]`,程序读取`FILE`,否则程序会尝试读取同一目录下的`CMDconfig.txt`。
-
-该文件包含命令行。(通常用于开发人员)
-
-```text
---host-resolver-rules="MAP zh.z-library.re [2606:4700:3033::ac43:aa46]:443,MAP bu2021.xyz [2606:4700:3033::6815:3e2]:443" -origin-to-force-quic-on=zh.z-library.se:443,bu2021.xyz:443
-```
-
-### `-d`
-
-根据域名进行配置,要求IP支持QUIC,且能访问(一般指ping得通)(**必须支持QUIC**)。
-
-如果有`[FILE]`,程序读取`FILE`,否则程序会尝试读取同一目录下的`DOMAINconfig.txt`。
-
-我们通过空行来分割多个IP的配置,每份配置的第一行是该IP(支持IPv6),接下来若干行是你的域名(不包含协议头,如`https://`)。**注意,该方法对域名极其敏感,子域名是不一样的域名。如`www.pixiv.net`和`pixiv.net`不一样,`z-library.se`和`zh.z-library.se`不一样,*请注意。***
-
-由于`-origin-to-force-quic-on`不支持通配符,所以除非你理解这个程序在干什么,不建议使用类似`*.114514.com`之类的通配符。
-
-接下来任意多行是需要启用工具的域名,尽量不要太多,Windows命令行的长度是有限制的。(好像是$8192$个字符)
-
-这个域名有两个工具选择,QUIC和丢弃sni。
-
-+ 如果是QUIC,直接写上来。
-+ 如果是丢弃sni,在行首加上`^`。(这是因为严格上来讲丢弃sni是非正常做法,所以使用特殊标识)
-+ 如果只是修改dns,在行首加上`-`
-
-以下是一个可行的配置:(这两个IP分别是CloudFlare的IPv4与IPv6之一,为了演示分开)。
-
-```plaintext
-[2606:4700:3033::ac43:aa46]
-zh.z-library.se
-bu2021.xyz
-annas-archive.se
-longlivemarxleninmaoism.online
-zlib-articles.se
-zh.zlib-articles.se
-
-114.250.70.34
--www.recaptcha.net
-
-172.64.145.17
-www.pixiv.net
-
-116.202.120.165
-^www.torproject.org
-```
-
-### `-o`
-
-页面将显示打开此次程序的浏览器命令行参数。
-
-### `-a`
-
-显示Android开启设置文本。
-
-见Android设置帮助。
-
-## 使用自己的浏览器
-
-给你的浏览器(比如说`chrome.exe`)传参打开即可。
-
-比如
-
-```bash
-chrome.exe --host-resolver-rules="MAP zh.z-library.re [2606:4700:3033::ac43:aa46]:443,MAP bu2021.xyz [2606:4700:3033::6815:3e2]:443" -origin-to-force-quic-on=zh.z-library.se:443,bu2021.xyz:443 --host-rules="MAP libgen.rs 193.218.118.42,MAP zh.singlelogin.re 176.123.7.105,MAP singlelogin.re 176.123.7.105" --ignore-certificate-errors
-```
-
-## 安卓配置指南
-
-***本指南极其复杂,在决定踏上这条路前请三思!***
-
-本教程测试于MIUI14(国内版)。
-
-**遇到类似不安全或病毒报警,请自行判断是否继续。**
-
-为了省流,我不打算配图片
-
-### 第一部分:准备文件
-
-#### 两个安装包
-
-(`.apk`),提供的是两个链接,不保证可以下载。
-
-+ [Termux](https://www.downkuai.com/android/140917.html)(知道F-droid的,推荐从Fdroid下载;如果你用电脑进行ADB,则不需要)
-+ [KiWiBrowser](https://www.onlinedown.net/soft/10107048.htm)(建议用链接里的版本,切记不要`安全下载`!否则后果自负)(其他基于Chromium的浏览器也可,比如Chromium, Chrome, UngoogledChromium, Bromite,我之所以推荐kiwi是因为他支持扩展,这也是我自用的浏览器之一,且是最常用的浏览器)
-
-#### 一句命令
-
-先关闭本软件,再点开本软件安装包同级目录下的`GetAndroidADBCommandLine.bat`,本软件会重新打开,然后复制上面的第一行内容(以`_`开头)
-
-你会得到类似这样的东西:
-
-```text
-echo "_ --host-resolver-rules=\"MAP bu2021.xyz 172.64.145.17:443,MAP annas-archive.se 172.64.145.17:443\" -origin-to-force-quic-on=bu2021.xyz:443,annas-archive.se:443 --host-rules=\"MAP libgen.rs 193.218.118.42,MAP zh.singlelogin.re 176.123.7.105,MAP singlelogin.re 176.123.7.105\" --ignore-certificate-errors" > chrome-command-line
-```
-
-### 第二部分:开启ADB
-
-这里提供一个MIUI下利用Termux作为终端的例子。
-
-#### 安装Termux并作准备
-
-进入Termux后,是一个命令行界面。
-
-你可以考虑换清华源,见[镜像站官方帮助文档](https://mirrors.tuna.tsinghua.edu.cn/help/termux/)
-
-依次执行以下命令:(如果遇到提问,直接`Enter`走默认)
-
-```bash
-apt update
-apt upgrade
-pkg install android-tools
-```
-
-#### 连接ADB
-
-其他系统(UI)请自行搜索或探索办法。
-
-请务必连上WIFI(其实不重要,但是MIUI无线调试必须连wifi才能开启,所以这个网慢不慢不重要,其实这个操作根本不用连网)
-
-1. 点开`设置`
-2. 点开`我的设备`
-3. 点开`全部参数于信息`
-4. 快速点击`MIUI版本`五次,会看到消息框`您现在处于开发者模式!`
-5. 不停点击返回回到`设置`根菜单
-6. 找到`更多设置`,进入
-7. 进入`开发者选项`
-8. 找到`无线调试`,进入,启用
-9. 与之前开启的`Termux`窗口分屏(小窗也可以,不能切后台,重要!)
-10. 点开使用配对码配对设备
-11. 会弹出来一个报告小窗窗,上面有`WLAN配对码`,是6个数字,记下来,比如说是`114514`;还有一个`IP地址和·端口`(显示在报告小窗上那个),记下来,比如说是`192.168.2.114:42257`
-12. 进入`Termux`,打命令并`Enter`
-
- ```bash
- adb pair 192.168.2.224:42257 114514
- ```
-
- 根据上一步得到数据自行修改)。然后应该会显示类似`Pair Successfully`之类的,你没看到`Error`或者`ERR`就行。
-13. 回到无线调试设置,你应该会看到一个已配对设备,继续。这次我们选在主窗口上的`IP地址和端口`,记下来,比如说是`192.168.2.114:42819`。
- 键入并`Enter`
-
- ```bash
- adb connect 192.168.2.114:42819
- ```
-
- 应该返回`Connected Successfully`之类的,然后无线调试窗口的已配对设备会显示已连接,连接完成。`Termux`不要退出。
-
-#### 设置command-line
-
-上一步完成后,继续键入命令并`Enter`(比如说在`Termux`里)。
-
-```bash
-adb shell
-cd /data/local/tmp
-```
-
-然后把你之前获取的那段命令键入并`Enter`,比方说
-
-```bash
-echo "_ --host-resolver-rules=\"MAP bu2021.xyz 172.64.145.17:443,MAP annas-archive.se 172.64.145.17:443\" -origin-to-force-quic-on=bu2021.xyz:443,annas-archive.se:443 --host-rules=\"MAP libgen.rs 193.218.118.42,MAP zh.singlelogin.re 176.123.7.105,MAP singlelogin.re 176.123.7.105\" --ignore-certificate-errors" > chrome-command-line
-```
-
-接下来
-
-```bash
-echo "$( 我这里收集了上述特殊情况:
->
-> + Pornhub的IP是可以直连的,但是用HostRules实现的域前置使用了IP作为sni,而这个ip在黑名单里。
-> + Odysee的账号网址`odysee.tv`使用了Cloudfare CDN,无法域前置,但是手动关闭了QUIC。
-> + TorProject的域前置实现比较魔幻,有的时候会当成IP直连,甚至因服务器IP而异。
-
-### 其他情况
-
-如果出现HTTP协议,或者非标准端口,请采用`CMDconfig`。
-
-
-或者自己编写命令行。请参考:Chromium NewWork Configs Codes:
-
-```java
-// from: https://chromium.googlesource.com/chromium/src/+/refs/heads/main/components/network_session_configurator/common/network_switch_list.h
-// Copyright 2017 The Chromium Authors
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-// This file deliberately has no header guard, as it's inlined in a number of
-// files.
-// no-include-guard-because-multiply-included
-// Disables the QUIC protocol.
-NETWORK_SWITCH(kDisableQuic, "disable-quic")
-// Disables the HTTP/2 protocol.
-NETWORK_SWITCH(kDisableHttp2, "disable-http2")
-// Enables Alternate-Protocol when the port is user controlled (> 1024).
-NETWORK_SWITCH(kEnableUserAlternateProtocolPorts,
- "enable-user-controlled-alternate-protocol-ports")
-// Enables the QUIC protocol. This is a temporary testing flag.
-NETWORK_SWITCH(kEnableQuic, "enable-quic")
-// Ignores certificate-related errors.
-NETWORK_SWITCH(kIgnoreCertificateErrors, "ignore-certificate-errors")
-// Specifies a comma separated list of host-port pairs to force use of QUIC on.
-NETWORK_SWITCH(kOriginToForceQuicOn, "origin-to-force-quic-on")
-// Disables known-root checks for outgoing WebTransport connections.
-NETWORK_SWITCH(kWebTransportDeveloperMode, "webtransport-developer-mode")
-// Specifies a comma separated list of QUIC connection options to send to
-// the server.
-NETWORK_SWITCH(kQuicConnectionOptions, "quic-connection-options")
-// Specifies a comma separated list of QUIC client connection options.
-NETWORK_SWITCH(kQuicClientConnectionOptions, "quic-client-connection-options")
-// Specifies the maximum length for a QUIC packet.
-NETWORK_SWITCH(kQuicMaxPacketLength, "quic-max-packet-length")
-// Specifies the version of QUIC to use.
-NETWORK_SWITCH(kQuicVersion, "quic-version")
-// Allows for forcing socket connections to http/https to use fixed ports.
-NETWORK_SWITCH(kTestingFixedHttpPort, "testing-fixed-http-port")
-NETWORK_SWITCH(kTestingFixedHttpsPort, "testing-fixed-https-port")
-// Comma-separated list of rules that control how hostnames are mapped.
-//
-// For example:
-// "MAP * 127.0.0.1" --> Forces all hostnames to be mapped to 127.0.0.1
-// "MAP *.google.com proxy" --> Forces all google.com subdomains to be
-// resolved to "proxy".
-// "MAP test.com [::1]:77 --> Forces "test.com" to resolve to IPv6 loopback.
-// Will also force the port of the resulting
-// socket address to be 77.
-// "MAP * baz, EXCLUDE www.google.com" --> Remaps everything to "baz",
-// except for "www.google.com".
-//
-// These mappings apply to the endpoint host in a net::URLRequest (the TCP
-// connect and host resolver in a direct connection, and the CONNECT in an http
-// proxy connection, and the endpoint host in a SOCKS proxy connection).
-//
-// TODO(mmenke): Can we just remove this? host-resolver-rules is more generally
-// useful.
-NETWORK_SWITCH(kHostRules, "host-rules")
-// Enable "greasing" HTTP/2 frame types, that is, sending frames of reserved
-// types. See https://tools.ietf.org/html/draft-bishop-httpbis-grease-00 for
-// more detail.
-NETWORK_SWITCH(kHttp2GreaseFrameType, "http2-grease-frame-type")
-// If request has no body, close the stream not by setting END_STREAM flag on
-// the HEADERS frame, but by sending an empty DATA frame with END_STREAM
-// afterwards. Only affects HTTP/2 request streams, not proxy or bidirectional
-// streams.
-NETWORK_SWITCH(kHttp2EndStreamWithDataFrame, "http2-end-stream-with-data-frame")
-```
-
-
-
-## 有问题请加Github issue。
-
-## 版权声明
-
-本文档除引用的Chromium源码外部分按照[GFDL](https://www.gnu.org/licenses/fdl-1.3.html#license-text)提供。
-
-[^1]: 比如说,`www.pixiv.net`和`pixiv.net`不一样,`z-library.se`和`zh.z-library.se`不一样。
-
+## 访问更多域名
+
+如果你是从github直接下载的release,exe同级目录下应该提供了`DragTheDomainConfigFileHere.bat`。
+
+这会使用一个我自用的配置文件,也就是同目录下的`DOMAINconfig.txt`。这样可以访问更多网站,注意其对子域名敏感(子域名需要单独配置)。
+
+对于该文件`DOMAINconfig.txt`的编辑,请往下翻。
+
+## 命令行参数帮助
+
+鉴于本应用名字较长,我强烈建议您把他的名字改短一点,比如`zlib.exe`。
+
+默认接下来您已经进行了重命名。
+
+### `-h`
+
+打开帮助,也就是显示此文件。
+
+### `-g url`
+
+打开后跳转到url,而不是默认开始页。
+注意:`url`必须带协议头,如:`https://1919810.com`。
+
+### `-c [FILE]`
+
+使用命令行配置文件。
+
+如果有`[FILE]`,程序读取`FILE`,否则程序会尝试读取同一目录下的`CMDconfig.txt`。
+
+该文件包含命令行。(通常用于开发人员)
+
+```text
+--host-resolver-rules="MAP zh.z-library.re [2606:4700:3033::ac43:aa46]:443,MAP bu2021.xyz [2606:4700:3033::6815:3e2]:443" -origin-to-force-quic-on=zh.z-library.se:443,bu2021.xyz:443
+```
+
+### `-d`
+
+根据域名进行配置,要求IP支持QUIC,且能访问(一般指ping得通)(**必须支持QUIC**)。
+
+如果有`[FILE]`,程序读取`FILE`,否则程序会尝试读取同一目录下的`DOMAINconfig.txt`。
+
+我们通过空行来分割多个IP的配置,每份配置的第一行是该IP(支持IPv6),接下来若干行是你的域名(不包含协议头,如`https://`)。**注意,该方法对域名极其敏感,子域名是不一样的域名。如`www.pixiv.net`和`pixiv.net`不一样,`z-library.se`和`zh.z-library.se`不一样,*请注意。***
+
+由于`-origin-to-force-quic-on`不支持通配符,所以除非你理解这个程序在干什么,不建议使用类似`*.114514.com`之类的通配符。
+
+接下来任意多行是需要启用工具的域名,尽量不要太多,Windows命令行的长度是有限制的。(好像是$8192$个字符)
+
+这个域名有两个工具选择,QUIC和丢弃sni。
+
++ 如果是QUIC,直接写上来。
++ 如果是丢弃sni,在行首加上`^`。(这是因为严格上来讲丢弃sni是非正常做法,所以使用特殊标识)
++ 如果只是修改dns,在行首加上`-`
+
+以下是一个可行的配置:(这两个IP分别是CloudFlare的IPv4与IPv6之一,为了演示分开)。
+
+```plaintext
+[2606:4700:3033::ac43:aa46]
+zh.z-library.se
+bu2021.xyz
+annas-archive.se
+longlivemarxleninmaoism.online
+zlib-articles.se
+zh.zlib-articles.se
+
+114.250.70.34
+-www.recaptcha.net
+
+172.64.145.17
+www.pixiv.net
+
+116.202.120.165
+^www.torproject.org
+```
+
+### `-o`
+
+页面将显示打开此次程序的浏览器命令行参数。
+
+### `-a`
+
+显示Android开启设置文本。
+
+见Android设置帮助。
+
+## 使用自己的浏览器
+
+给你的浏览器(比如说`chrome.exe`)传参打开即可。
+
+比如
+
+```bash
+chrome.exe --host-resolver-rules="MAP zh.z-library.re [2606:4700:3033::ac43:aa46]:443,MAP bu2021.xyz [2606:4700:3033::6815:3e2]:443" -origin-to-force-quic-on=zh.z-library.se:443,bu2021.xyz:443 --host-rules="MAP libgen.rs 193.218.118.42,MAP zh.singlelogin.re 176.123.7.105,MAP singlelogin.re 176.123.7.105" --ignore-certificate-errors
+```
+
+## 安卓配置指南
+
+***本指南极其复杂,在决定踏上这条路前请三思!***
+
+本教程测试于MIUI14(国内版)。
+
+**遇到类似不安全或病毒报警,请自行判断是否继续。**
+
+为了省流,我不打算配图片
+
+### 第一部分:准备文件
+
+#### 两个安装包
+
+(`.apk`),提供的是两个链接,不保证可以下载。
+
++ [Termux](https://www.downkuai.com/android/140917.html)(知道F-droid的,推荐从Fdroid下载;如果你用电脑进行ADB,则不需要)
++ [KiWiBrowser](https://www.onlinedown.net/soft/10107048.htm)(建议用链接里的版本,切记不要`安全下载`!否则后果自负)(其他基于Chromium的浏览器也可,比如Chromium, Chrome, UngoogledChromium, Bromite,我之所以推荐kiwi是因为他支持扩展,这也是我自用的浏览器之一,且是最常用的浏览器)
+
+#### 一句命令
+
+先关闭本软件,再点开本软件安装包同级目录下的`GetAndroidADBCommandLine.bat`,本软件会重新打开,然后复制上面的第一行内容(以`_`开头)
+
+你会得到类似这样的东西:
+
+```text
+echo "_ --host-resolver-rules=\"MAP bu2021.xyz 172.64.145.17:443,MAP annas-archive.se 172.64.145.17:443\" -origin-to-force-quic-on=bu2021.xyz:443,annas-archive.se:443 --host-rules=\"MAP libgen.rs 193.218.118.42,MAP zh.singlelogin.re 176.123.7.105,MAP singlelogin.re 176.123.7.105\" --ignore-certificate-errors" > chrome-command-line
+```
+
+### 第二部分:开启ADB
+
+这里提供一个MIUI下利用Termux作为终端的例子。
+
+#### 安装Termux并作准备
+
+进入Termux后,是一个命令行界面。
+
+你可以考虑换清华源,见[镜像站官方帮助文档](https://mirrors.tuna.tsinghua.edu.cn/help/termux/)
+
+依次执行以下命令:(如果遇到提问,直接`Enter`走默认)
+
+```bash
+apt update
+apt upgrade
+pkg install android-tools
+```
+
+#### 连接ADB
+
+其他系统(UI)请自行搜索或探索办法。
+
+请务必连上WIFI(其实不重要,但是MIUI无线调试必须连wifi才能开启,所以这个网慢不慢不重要,其实这个操作根本不用连网)
+
+1. 点开`设置`
+2. 点开`我的设备`
+3. 点开`全部参数于信息`
+4. 快速点击`MIUI版本`五次,会看到消息框`您现在处于开发者模式!`
+5. 不停点击返回回到`设置`根菜单
+6. 找到`更多设置`,进入
+7. 进入`开发者选项`
+8. 找到`无线调试`,进入,启用
+9. 与之前开启的`Termux`窗口分屏(小窗也可以,不能切后台,重要!)
+10. 点开使用配对码配对设备
+11. 会弹出来一个报告小窗窗,上面有`WLAN配对码`,是6个数字,记下来,比如说是`114514`;还有一个`IP地址和·端口`(显示在报告小窗上那个),记下来,比如说是`192.168.2.114:42257`
+12. 进入`Termux`,打命令并`Enter`
+
+ ```bash
+ adb pair 192.168.2.224:42257 114514
+ ```
+
+ 根据上一步得到数据自行修改)。然后应该会显示类似`Pair Successfully`之类的,你没看到`Error`或者`ERR`就行。
+13. 回到无线调试设置,你应该会看到一个已配对设备,继续。这次我们选在主窗口上的`IP地址和端口`,记下来,比如说是`192.168.2.114:42819`。
+ 键入并`Enter`
+
+ ```bash
+ adb connect 192.168.2.114:42819
+ ```
+
+ 应该返回`Connected Successfully`之类的,然后无线调试窗口的已配对设备会显示已连接,连接完成。`Termux`不要退出。
+
+#### 设置command-line
+
+上一步完成后,继续键入命令并`Enter`(比如说在`Termux`里)。
+
+```bash
+adb shell
+cd /data/local/tmp
+```
+
+然后把你之前获取的那段命令键入并`Enter`,比方说
+
+```bash
+echo "_ --host-resolver-rules=\"MAP bu2021.xyz 172.64.145.17:443,MAP annas-archive.se 172.64.145.17:443\" -origin-to-force-quic-on=bu2021.xyz:443,annas-archive.se:443 --host-rules=\"MAP libgen.rs 193.218.118.42,MAP zh.singlelogin.re 176.123.7.105,MAP singlelogin.re 176.123.7.105\" --ignore-certificate-errors" > chrome-command-line
+```
+
+接下来
+
+```bash
+echo "$( 我这里收集了上述特殊情况:
+>
+> + Pornhub的IP是可以直连的,但是用HostRules实现的域前置使用了IP作为sni,而这个ip在黑名单里。
+> + Odysee的账号网址`odysee.tv`使用了Cloudfare CDN,无法域前置,但是手动关闭了QUIC。
+> + TorProject的域前置实现比较魔幻,有的时候会当成IP直连,甚至因服务器IP而异。
+
+### 其他情况
+
+如果出现HTTP协议,或者非标准端口,请采用`CMDconfig`。
+
+
+或者自己编写命令行。请参考:Chromium NewWork Configs Codes:
+
+```java
+// from: https://chromium.googlesource.com/chromium/src/+/refs/heads/main/components/network_session_configurator/common/network_switch_list.h
+// Copyright 2017 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+// This file deliberately has no header guard, as it's inlined in a number of
+// files.
+// no-include-guard-because-multiply-included
+// Disables the QUIC protocol.
+NETWORK_SWITCH(kDisableQuic, "disable-quic")
+// Disables the HTTP/2 protocol.
+NETWORK_SWITCH(kDisableHttp2, "disable-http2")
+// Enables Alternate-Protocol when the port is user controlled (> 1024).
+NETWORK_SWITCH(kEnableUserAlternateProtocolPorts,
+ "enable-user-controlled-alternate-protocol-ports")
+// Enables the QUIC protocol. This is a temporary testing flag.
+NETWORK_SWITCH(kEnableQuic, "enable-quic")
+// Ignores certificate-related errors.
+NETWORK_SWITCH(kIgnoreCertificateErrors, "ignore-certificate-errors")
+// Specifies a comma separated list of host-port pairs to force use of QUIC on.
+NETWORK_SWITCH(kOriginToForceQuicOn, "origin-to-force-quic-on")
+// Disables known-root checks for outgoing WebTransport connections.
+NETWORK_SWITCH(kWebTransportDeveloperMode, "webtransport-developer-mode")
+// Specifies a comma separated list of QUIC connection options to send to
+// the server.
+NETWORK_SWITCH(kQuicConnectionOptions, "quic-connection-options")
+// Specifies a comma separated list of QUIC client connection options.
+NETWORK_SWITCH(kQuicClientConnectionOptions, "quic-client-connection-options")
+// Specifies the maximum length for a QUIC packet.
+NETWORK_SWITCH(kQuicMaxPacketLength, "quic-max-packet-length")
+// Specifies the version of QUIC to use.
+NETWORK_SWITCH(kQuicVersion, "quic-version")
+// Allows for forcing socket connections to http/https to use fixed ports.
+NETWORK_SWITCH(kTestingFixedHttpPort, "testing-fixed-http-port")
+NETWORK_SWITCH(kTestingFixedHttpsPort, "testing-fixed-https-port")
+// Comma-separated list of rules that control how hostnames are mapped.
+//
+// For example:
+// "MAP * 127.0.0.1" --> Forces all hostnames to be mapped to 127.0.0.1
+// "MAP *.google.com proxy" --> Forces all google.com subdomains to be
+// resolved to "proxy".
+// "MAP test.com [::1]:77 --> Forces "test.com" to resolve to IPv6 loopback.
+// Will also force the port of the resulting
+// socket address to be 77.
+// "MAP * baz, EXCLUDE www.google.com" --> Remaps everything to "baz",
+// except for "www.google.com".
+//
+// These mappings apply to the endpoint host in a net::URLRequest (the TCP
+// connect and host resolver in a direct connection, and the CONNECT in an http
+// proxy connection, and the endpoint host in a SOCKS proxy connection).
+//
+// TODO(mmenke): Can we just remove this? host-resolver-rules is more generally
+// useful.
+NETWORK_SWITCH(kHostRules, "host-rules")
+// Enable "greasing" HTTP/2 frame types, that is, sending frames of reserved
+// types. See https://tools.ietf.org/html/draft-bishop-httpbis-grease-00 for
+// more detail.
+NETWORK_SWITCH(kHttp2GreaseFrameType, "http2-grease-frame-type")
+// If request has no body, close the stream not by setting END_STREAM flag on
+// the HEADERS frame, but by sending an empty DATA frame with END_STREAM
+// afterwards. Only affects HTTP/2 request streams, not proxy or bidirectional
+// streams.
+NETWORK_SWITCH(kHttp2EndStreamWithDataFrame, "http2-end-stream-with-data-frame")
+```
+
+
+
+## 有问题请加Github issue。
+
+## 版权声明
+
+本文档除引用的Chromium源码外部分按照[GFDL](https://www.gnu.org/licenses/fdl-1.3.html#license-text)提供。
+
+[^1]: 比如说,`www.pixiv.net`和`pixiv.net`不一样,`z-library.se`和`zh.z-library.se`不一样。
+
diff --git a/web.src/index.md b/web.src/index.md
index e2061e1..2e9f8d5 100644
--- a/web.src/index.md
+++ b/web.src/index.md
@@ -1,6 +1,6 @@
# 本版本发行宣言
-本版本是Zlibrary的非官方中国客户端,由某个初中生编写,其实十分简单。
+本版本是Zlibrary的非官方中国客户端,由某个初中生(现高一)编写,其实十分简单。
#### 网页加载可能比较慢(国外服务器)。当前页面也是一个初始加载较慢时的默认页面。
@@ -108,9 +108,9 @@ DNS污染无法处理,有很多安全DNS。QUIC可能被处理,有一定漏
好的,到了这里。
-#### 请访问[Zlibrary](https://z-library.rs)
+#### 请访问[Zlibrary](https://zh.z-library.sk)
-#### Zlibrary[线路二](https://zh.singlelogin.re)
+#### Zlibrary[线路二](https://zh.singlelogin.re) (会被zlib重定向到线路一)
或者自己去[搜](https://cn.bing.com)个网站玩玩