Skip to content

VinciyS/NetForge

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.gitignore
.gitignore
 
 
DPI_Engine.c
DPI_Engine.c
 
 
LICENSE
LICENSE
 
 
NetMedic.py
NetMedic.py
 
 
README.md
README.md
 
 
main.py
main.py
 
 

Repository files navigation

NetForge 🔧

Linux Network Control Center — A terminal-based, real-time network management tool.

N E T F O R G E  //  Network Manipulation Center  //  TTL:65 | Iface:eth0  ● LIVE

Features

Module Description
TTL Bypass Temporarily or permanently bypass ISP tethering restrictions
DPI Engine Bypass SNI-based blocks by fragmenting TLS Client Hello packets (C + NFQUEUE)
MTU Optimization Finds the optimal MTU value for the current network
Network Diagnostics Checks internet connectivity and DNS status
Policy Routing Routes traffic based on interface (gaming / secure / download modes)
Fix My Internet Resets the network stack, renews IP, flushes DNS
Live Monitor Displays download/upload speed, TCP/UDP connections, and process table

Installation

Requirements

# Python dependencies
pip install rich psutil --break-system-packages

# System tools
sudo apt install iptables iproute2 conntrack libnetfilter-queue-dev gcc

Compile DPI Engine

gcc DPI_Engine.c -o DPI_Engine -lnetfilter_queue

Run

sudo python3 net_forge.py

Root privileges are required for iptables, sysctl, and raw socket access.

Architecture

netforge/
├── net_forge.py          # Main application (Python + Rich TUI)
├── DPI_Engine.c          # TLS fragmentation engine (C)
├── DPI_Engine            # Compiled binary (generated after building the engine)
├── NetMedic.py           # Network recovery module
└── README.md

How the DPI Engine Works

TCP:443 packet
      │
iptables NFQUEUE → DPI_Engine.c
      │
Detect TLS Client Hello (0x16 0x03 ... 0x01)
      │
Split packet into two fragments → SNI never appears in a single packet
      │
Fragment 1 → NF_ACCEPT (kernel stack remains consistent)
Fragment 2 → Raw socket + SO_MARK=1 (bypasses NFQUEUE)

How Policy Routing Works

Application traffic
      │
iptables mangle → mark packet with fwmark (0x10, 0x11)
      │
ip rule → "if mark=0x10 use table 100"
      │
ip route table 100 → gateway = eth0

Modules

TTL Bypass

ISPs often detect tethering by analyzing TTL values. Packets sent directly from a device usually have a TTL of 64, while packets passing through a hotspot appear as 63.

NetForge modifies the TTL value to 65, making both cases appear identical from the ISP's perspective.

Policy Routing Scenarios

Scenario Effect
Gaming Mode UDP traffic → low latency interface, HTTP → secondary interface
Secure Mode SSH + HTTPS → stable interface
Download Mode Steam / torrent ports → secondary interface

Required Permissions

Permission Purpose
CAP_NET_ADMIN iptables, ip rule, ip route
CAP_NET_RAW Raw socket access (DPI Engine)
CAP_SYS_ADMIN sysctl configuration

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages