| (function (context, trackingId, options) { | |
| const history = context.history; | |
| const doc = document; | |
| const nav = navigator || {}; | |
| const storage = localStorage; | |
| const encode = encodeURIComponent; | |
| const pushState = history.pushState; | |
| const typeException = 'exception'; | |
| const generateId = () => Math.random().toString(36); | |
| const getId = () => { |
| # 你可以从该 URL 下载这个配置文件: http://surge.run/config-example/ios.conf | |
| # 用编辑器编辑后,再通过 iTunes, URL, AirDrop 或者 iCloud Drive 复制回 iOS 设备 | |
| # Version 2.0 | |
| [General] | |
| # 日志等级: warning, notify, info, verbose (默认值: notify) | |
| loglevel = notify | |
| # 跳过某个域名或者 IP 段,这些目标主机将不会由 Surge Proxy 处理。(在 macOS | |
| # 版本中,如果启用了 Set as System Proxy, 那么这些值会被写入到系统网络代理 | |
| # 设置中.) |
All of the below properties or methods, when requested/called in JavaScript, will trigger the browser to synchronously calculate the style and layout*. This is also called reflow or layout thrashing, and is common performance bottleneck.
Generally, all APIs that synchronously provide layout metrics will trigger forced reflow / layout. Read on for additional cases and details.
elem.offsetLeft, elem.offsetTop, elem.offsetWidth, elem.offsetHeight, elem.offsetParent
| #!/bin/sh | |
| # | |
| # pptpd installation script on my own CentOS 7 box. | |
| # inspired by: https://www.digitalocean.com/community/questions/how-to-install-pptp-vpn-on-centos-7 | |
| # and http://unix.stackexchange.com/questions/150837/redhat-centos-7-firewalld-best-practice-for-pptp-or-l2tp-ipsec-rules | |
| # | |
| # Author: 2015 Steve Yang <me@iyyang.com> | |
| # The script comes with ABSOLUTELY NO WARRANTY. | |
| <!-- Include jQuery from somewhere, must use version 1.8 or above --> | |
| <script type="text/javascript" src="//ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script> | |
| <!-- Include latest jquery.scrollTo, can download from https://github.com/flesler/jquery.scrollTo/releases --> | |
| <script type="text/javascript" src="//cdn.jsdelivr.net/jquery.scrollto/2.1.2/jquery.scrollTo.min.js"></script> | |
| <!-- Initialize the plugin, the contents of the script can be inlined here, of course --> | |
| <script type="text/javascript" src="js/init.js"></script> |
| To send the ip addres of the client/webbrowser to the server/webserver behind it there are a few options: | |
| 1- option forwardfor | |
| 2- send-proxy | |
| 3- source 0.0.0.0 usesrc clientip | |
| 1- option forwardfor | |
| This is an easy option to configure in haproxy, it does require that http layer7 processing is used 'mode http' and the webserver/ webapplication that wants to log or use the ip of the client must use the http-header 'X-Forwarded-For' to read the clientip. | |
| 2- send-proxy / send-proxy-v2 / send-proxy-* | |
| This is can be used both with mode tcp and http, it does however require that the server also understands the proxyprotocol. Some applications have added support for this protocol which adds a few bytes with ip information before the actual request. |
由于路由管控系统的建立,实时动态黑洞路由已成为最有效的封锁手段,TCP连接重置和DNS污染成为次要手段,利用漏洞的穿墙方法已不再具有普遍意义。对此应对方法是多样化协议的VPN来抵抗识别。这里介绍一种太简单、有时很朴素的“穷人VPN”。
朴素VPN只需要一次内核配置(Linux内核),即可永久稳定运行,不需要任何用户态守护进程。所有流量转换和加密全部由内核完成,原生性能,开销几乎没有。静态配置,避免动态握手和参数协商产生指纹特征导致被识别。并且支持NAT,移动的内网用户可以使用此方法。支持广泛,基于L2TPv3标准,Linux内核3.2+都有支持,其他操作系统原则上也能支持。但有两个局限:需要root权限;一个隧道只支持一个用户。
朴素VPN利用UDP封装的静态L2TP隧道实现VPN,内核XFRM实现静态IPsec。实际上IP-in-IP隧道即可实现VPN,但是这种协议无法穿越NAT,因此必须利用UDP封装。内核3.18将支持Foo-over-UDP,在UDP里面直接封装IP,与静态的L2TP-over-UDP很类似。
| $ LD_PRELOAD=$PWD/sendmsg.so dig twitter.com @8.8.8.8 | |
| ;; Warning: Message parser reports malformed message packet. <-- malformed 因为把压缩指针当作域名一部分了 | |
| ;; Question section mismatch: got twitter.com/RESERVED0/CLASS256 | |
| ; <<>> DiG 9.9.5-3-Ubuntu <<>> twitter.com @8.8.8.8 | |
| ;; global options: +cmd | |
| ;; Got answer: | |
| ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44722 | |
| ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1 |