Basically, the tool achieves two things:
- Evading the Chinese DPI engine by rewriting the TCP window size during the TCP handshake. This leads to a fragmented cipher list which does not seem to be recognized by the GFC.
- Blocking scanners with two dirty hacks.
I removed the "two dirty hacks" because they sometimes made a bridge unusable - especially if there is lots of packet loss between client and bridge. So the tool only conducts window size rewriting now.
I've been testing it for several days on my EC2 bridge. The bridge has seen many Chinese users and still remains unblocked.
Cheers, Philipp