I am currently building a DPI circumvention tool using pydivert (python binding for windivert). and after both my own testing and looking at other similar tools, no bypassing app seems to implement ip fragmentation. they only implement tcp segmentation. Why is this? Also i tried using pydivert and scapy to fragment packets, but in either case no website loaded, checking wireshark it seems to just send the fragments over and over because it seems that my device is not receving any ACKs back(?). I can show code snippets if anyone is interested.
check this tool
I had read that section before, but felt a little confused. Why are they filtered?
Also i did some testing locally (i set up 3 servers in the same lan and sent ip fragments from one end to the other using python socket) and ip fragmentation similarly failed, is this a Windows issue (in my three server setup the server that sends the fragments is windows but the receving end is ubuntu)? Using wireshark i could see the fragments being delivered successfully but theyre just not acknowledged(?).
I’m writing my dissertation about this topic and it would be helpful if I could understand more on why “the internet is hostile” and exactly how it is, who drops the packets? windows? windivert? ubuntu?
- It’s hard to work with IP-fragmented packets on OS level as they tend to be reassembled on several network levels.
- IP (v4) fragmentation is frequently filtered in some networks, and is officially considered fragile.