You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If I am understanding the code correctly, OnFirewallCheck(FirewallRequest request) in program.cs is meant to decide weather to filter or not. So far, I've used the ip addresses and compared them to the known ips that I'd like to filter. The problem is that domains stay the same and servers (along with IPs) change.
The approach I wanted to try out is to inspect SNI server names in TLS client hello packages. The problem is that HandleNewTcpConnection is called before client hello is sent, and you only get to decide based on ips. Am I missing something or is this the end of story with regard to SNI filtering?
The text was updated successfully, but these errors were encountered:
If I am understanding the code correctly, OnFirewallCheck(FirewallRequest request) in program.cs is meant to decide weather to filter or not. So far, I've used the ip addresses and compared them to the known ips that I'd like to filter. The problem is that domains stay the same and servers (along with IPs) change.
The approach I wanted to try out is to inspect SNI server names in TLS client hello packages. The problem is that HandleNewTcpConnection is called before client hello is sent, and you only get to decide based on ips. Am I missing something or is this the end of story with regard to SNI filtering?
The text was updated successfully, but these errors were encountered: