Skip to content

Releases: txthinking/brook

v20240606

10 May 09:51
@txthinking txthinking
v20240606
c5416fb
Compare
Choose a tag to compare
v20240606 Latest
Latest

CLI

  • Each subcommand has a --example argument, for example brook server --example
  • brook link --token: A token represents a user's identity. A string encoded in hexadecimal. Server needs to have --userAPI enabled. Note that: Only supported by the brook GUI(except for OpenWrt) and tun2brook. However, it is more recommended to use the user system to build token with brook link, such as brook-user-system.
  • brook --userAPI: When you build your own user system, Brook Server will send GET request to your userAPI to check if token is valid, for example: https://your-api-server.com/a_unpredictable_path. Yes, it is recommended to add an unpredictable path to your https API, of course, you can also use the http api for internal network communication. The request format is https://your-api-server.com/a_unpredictable_path?token=xxx. When the response is 200, the body should be the user's unique identifier, such as user ID; all other status codes are considered to represent an illegitimate user, and in these cases, the body should be a string describing the error. It should be used with --serverLog and server/wsserver/wssserver/quicserver with brook protocol. For more information, please read https://github.com/txthinking/brook/blob/master/protocol/user.md
  • brook --userAPIValidCacheTime: Once a token is checked and valid, the userAPI will not be requested to validate again for a certain period (s). A reasonable value must be set, otherwise it will affect the performance of each incoming connection (default: 3600)
  • brook --userAPIInvalidCacheTime: Once a token is checked and invalid, the userAPI will not be requested to validate again for a certain period (s). A reasonable value must be set, otherwise it will affect the performance of each incoming connection. Note that this may affect the user experience, when you change the user status from invalid to valid in your user system. (default: 1800)
  • brook --tag: Tag can be used to the process, will be append into log or serverLog, such as: 'key1:value1'. All tags will also be appended as query parameters one by one to the userAPI
  • brook --pid: A file path used to store pid. Send SIGUSR1 to me to reset the --serverLog file on unix system
  • brook --blockDomainList: One domain per line, suffix match mode. https://, http:// or local file absolute path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt. Works with server/wsserver/wssserver/quicserver
  • brook --blockCIDR4List: One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr4.txt. Works with server/wsserver/wssserver/quicserver
  • brook --blockCIDR6List: One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr6.txt. Works with server/wsserver/wssserver/quicserver
  • brook --blockGeoIP: Block IP by Geo country code, such as US. Works with server/wsserver/wssserver/quicserver
  • brook --blockListUpdateInterval: Update list --blockDomainList,--blockCIDR4List,--blockCIDR6List interval, second. default 0, only read one time on start (default: 0)
  • brook link --udpoverstream: When server is brook quicserver, UDP over Stream. Under normal circumstances, you need this parameter because the max datagram size for QUIC is very small. Note: only brook CLI and tun2brook suppport for now (default: false)

GUI

  • support brook link --fragment
  • support brook link --token. However, it is more recommended to use the user system to build token with brook link, such as brook-user-system
  • Fake DNS and Block Google Secure DNS module have been enabled by default.

Documentation

https://brook.app

Assets 34

v20240404

06 Mar 06:08
@txthinking txthinking
v20240404
a5e14db
Compare
Choose a tag to compare
v20240404

Brook v20240404: Speed limit, IP count limit, Traffic statistics, Configure file

CLI

contains some experimental features

  • brook --speedLimit: Limit speed (b), such as 500kb/s: 500000, works with server/wsserver/wssserver/quicserver
  • brook --ipLimitMax: Limit the number of client IP addresses, be careful when using this parameter, as the client may have dynamic IP. Works with server/wsserver/wssserver/quicserver
  • brook --ipLimitInterval: Interval (s) for ipLimitMax
  • brook --ipLimitWait: How long (s) to wait for recovery after exceeding ipLimitMax
  • brook relayoverbrook --link
  • brook dnsserveroverbrook --link
  • brook wssclient --link
  • brook link --fragment When server is brook wssserver, split the ClientHello into multiple fragments and then send them one by one with delays (millisecond). The format is min_length:max_length:min_delay:max_delay, cannot be zero, such as 50:100:10:50, Note that: Currently only supported by the brook CLI and tun2brook.
  • brook --serverLog: Enable server log, traffic and more. A valid value is file path or 'console'. Mutually exclusive with the --log parameter. Works with server/wsserver/wssserver/quicserver

--serverLog format

{"bytes":"2190","dst":"8.8.8.8:53","from":"34.105.110.232:49514","network":"tcp","time":"2024-02-26T09:56:12Z"}
{"bytes":"2237","dst":"8.8.8.8:53","from":"34.105.110.232:49331","network":"udp","time":"2024-02-26T09:57:12Z"}

You can tally traffic from --serverLog, for example by using a jb script to sum up the traffic from the /tmp/brook.log log file.

jb 'var s=0; read_file("/tmp/brook.log").trim().split("\n").map(v=>JSON.parse(v)).forEach(v=> s+= v.bytes ? parseInt(v.bytes) : 0); echo(s)'
  • Support CAC configure file

We known this:

brook server -l :9999 -p hello

Then, create a file /root/any_name:

server -l :9999 -p hello

We can run it like this:

brook /root/any_name

GUI:

  • New: Brook OpenWRT GUI
    • Installing an ipk will automatically install dependencies.
    • Connect and disconnect auto-configure OpenWRT, no need to manually configure some settings in OpenWRT as before.
    • And some optimizations.
  • bugfix

Other

  • IPvBar: Display domain, IP and IP location on Chrome

Comment

Brook v20240404: 限速,限制客户端 IP 数量,流量统计,配置文件

CLI

含一些实验性功能

  • brook --speedLimit: 服务端限速
  • brook --ipLimitMax: 限制客户端 IP 数量
  • brook --ipLimitInterval: 周期
  • brook --ipLimitWait: 周期内触及 --ipLimitMax 数量后等待多久恢复
  • brook relayoverbrook --link
  • brook dnsserveroverbrook --link
  • brook wssclient --link
  • brook link --fragment 当服务器是brook wssserver时,将ClientHello拆分成多个分片,然后逐个延迟发送(毫秒为单位)。格式为 min_length:max_length:min_delay:max_delay,值不能为零,例如 50:100:10:50。需要注意的是:目前仅由brook CLI和tun2brook支持。
  • brook --serverLog: 服务端日志,包含每个连接的流量统计

--serverLog 格式如下

{"bytes":"2190","dst":"8.8.8.8:53","from":"34.105.110.232:49514","network":"tcp","time":"2024-02-26T09:56:12Z"}
{"bytes":"2237","dst":"8.8.8.8:53","from":"34.105.110.232:49331","network":"udp","time":"2024-02-26T09:57:12Z"}

可以从 --serverLog 里统计流量,比如用 jb 脚本统计 /tmp/brook.log 日志里的流量总和

jb 'var s=0; read_file("/tmp/brook.log").trim().split("\n").map(v=>JSON.parse(v)).forEach(v=> s+= v.bytes ? parseInt(v.bytes) : 0); echo(s)'
  • 支持 CAC 配置文件

我们知道这样:

brook server -l :9999 -p hello

现在, 创建一个文件 /root/any_name:

server -l :9999 -p hello

我们就可以这样:

brook /root/any_name

GUI:

  • 新增:Brook OpenWRT 图形客户端
    • 安装 ipk 时会自动安装依赖
    • 连接和断开自动配置 OpenWRT,无需再向以前一样手动去 OpenWRT 里配置一些东西
    • 以及一些细节的优化
  • bugfix

周边

  • IPvBar:显示域名,IP,IP 归属地的浏览器扩展

讨论

Assets 34

v20240214

14 Jan 10:24
@txthinking txthinking
v20240214
034a4ba
Compare
Choose a tag to compare
v20240214

GUI:

  • Removed proxy mode. All in TUN mode. Life is short, I use Brook
  • Modularized all features
  • Rewrote UI
  • iOS: Memory optimization
  • Linux/Windows: Disconnecting will automatically restore the system DNS to its original state. Other platforms do not have this concern.
  • Linux/Windows: You can now identify which programs are initiating TCP and UDP network connections. This also means that you can use scripts to control network access for specific applications. This feature has been completed in the previous macOS version. There is no such API for iOS. Android can bypass the app.
  • Windows: Package using the new msix format. Here and Here
  • Windows: Developed and tested under Windows 11
  • Linux: Optimized startup way
  • Added Test IPv4 tool
  • Added Test IPv6 tool
  • ipk: Removed. Might write a new UI
  • If you signin: Connect API over your Brook only Mode. You must ensure your Brook Server works.
  • Updated documentation: https://brook.app

GUI:

  • 移除 proxy 模式。全端默认 TUN 模式。人生苦短,我用 Brook
  • 将所有功能模块化
  • 重写 UI
  • iOS: 内存优化
  • Linux/Windows: 断开自动将系统 DNS 恢复如初。其他端无此顾虑
  • Linux/Windows: 可以知道是哪个程序在发起 TCP 和 UDP 网络连接。也意味着可以用脚本来针对具体应用程序来进行网络控制。macOS 端上一个版本已完成。iOS 端无此 API。Android 端可以 bypass app
  • Windows: 使用新的 msix 格式打包。这里这里
  • Windows: 在 Windows 11 下开发测试
  • Linux: 优化启动方式
  • 新增 Test IPv4 工具
  • 新增 Test IPv6 工具
  • ipk: 移除. 可能,后续会写一个新的 UI
  • If you signin: Connect API over your Brook only Mode. You must ensure your Brook Server works
  • 文档更新: https://brook.app

CLI

Assets 34

v20230606

28 May 13:21
@txthinking txthinking
v20230606
6e7a3e6
Compare
Choose a tag to compare
v20230606

Mac

  • 增加 App 模式,可以看到每个网络请求是哪个 App 发起的
  • 可以跳过 App,可以选择跳过 App 即直连,也可以用脚本控制仅部分 App 可联网或阻断网络,或走不同的 Server,等等
  • 上架 Mac App Store

Windows

  • 可以手动选择当前默认的网卡

iOS, Mac, Android, Linux, Windows

  • 可细粒度编程控制选择走指定的 Server,比如根据目的地,App,等等

可编程

  • in_brooklinks: 连接之前,预定义多个 brook link,之后可编程指定连接哪个
  • in_dnsquery
    • appid: 发起网络请求的 App. 仅 Mac
    • interface: 发起网络请求的网络接口. 仅 Mac
  • in_dnsquery.out
    • brooklinkkey: 当需要连接代理服务器时,转而连接 通过 in_brooklinks 的 key 指定的 brook link
  • in_address
    • appid: 发起网络请求的 App. 仅 Mac
    • interface: 发起网络请求的网络接口. 仅 Mac
  • in_address.out
    • brooklinkkey: 当需要连接代理服务器时,转而连接 通过 in_brooklinks 的 key 指定的 brook link

资源

Mac

  • App Mode, You can see which app initiated each network request
  • Bypass App,You can choose to bypass the app and let it connect directly, or you can use scripts to control only some apps to connect to the Internet or block the network, or use different servers, etc.
  • Available on the Mac App Store

Windows

  • You can manually select the current default network interface

iOS, Mac, Android, Linux, Windows

  • Fine-grained programming control to go to the specified server, such as according to the destination, App, etc.

Programmable

  • in_brooklinks: Before connecting, Predefine multiple brook links, and then programmatically specify which one to connect to
  • in_dnsquery
    • appid: Which app initiated the network request. Mac Only
    • interface: Which interface initiated the network request. Mac Only
  • in_dnsquery.out
    • brooklinkkey: When need to connect the Server,instead, connect to the brook link specified by the key in_brooklinks
  • in_address
    • appid: Which app initiated the network request. Mac Only
    • interface: Which interface initiated the network request. Mac Only
  • in_address.out
    • brooklinkkey: When need to connect the Server,instead, connect to the brook link specified by the key in_brooklinks

Resource

Assets 48

v20230601

14 May 02:46
@txthinking txthinking
v20230601
4808d8f
Compare
Choose a tag to compare
v20230601

Documentation 新域名

https://brook.app

CLI

  • brook --dialWithNIC
  • brook --dialWithDNS
  • brook --dialWithDNSPrefer
  • brook dhcpserver --interface
  • brook dnsserver
  • brook dnsclient
  • brook dohserver
  • brook dohclient
  • brook wssclient --tlsfingerprint
  • brook relayoverbrook --tlsfingerprint
  • brook dnsserveroverbrook --tlsfingerprint
  • brook tproxy --tlsfingerprint
  • brook link --tlsfingerprint

图形客户端

  • 桌面客户端菜单自适应固定打开状态
  • 在 Intel Mac、Linux 和 Windows 上优化绕过 CIDR TUN 模式的连接时间
  • 脚本:in_address.out.bypass 在 Intel Mac、Linux 和 Windows 上可用
  • 绕过 Geo IP 可在 Intel Mac、Linux 和 Windows 上可用
  • 支持 --tlsfingerprint brook link
  • 脚本: in_guiconfig 弃用

GUI

  • Desktop GUI drawer can be fixed
  • Optimize connecting time in bypass CIDR TUN mode on intel Mac, Linux and Windows
  • Script: in_address.out.bypass is available on intel Mac, Linux and Windows
  • Bypass Geo IP is available on intel Mac, Linux and Windows
  • --tlsfingerprint with brook link
  • Script: in_guiconfig deprecated
Assets 49

v20230404.5.1

27 Apr 01:40
@txthinking txthinking
v20230404.5.1
def8b33
Compare
Choose a tag to compare
v20230404.5.1

Documentation

https://brook.app

CLI

  • brook --dialWithNIC
  • brook --dialWithDNS
  • brook --dialWithDNSPrefer
  • brook dhcpserver --interface
  • brook dnsserver
  • brook dnsclient
  • brook dohserver
  • brook dohclient
  • brook wssclient --tlsfingerprint
  • brook relayoverbrook --tlsfingerprint
  • brook dnsserveroverbrook --tlsfingerprint
  • brook tproxy --tlsfingerprint
  • brook link --tlsfingerprint

GUI

  • Optimize connecting time in bypass CIDR TUN mode on intel Mac, Linux and Windows
  • Script: in_address.out.bypass is available on intel Mac, Linux and Windows
  • Bypass Geo IP is available on intel Mac, Linux and Windows
  • Android/intel Mac/Linux/Windows: --tlsfingerprint with brook link

tun2brook

--script same as GUI

图形客户端

  • 在 Intel Mac、Linux 和 Windows 上优化绕过 CIDR TUN 模式的连接时间
  • 脚本:in_address.out.bypass 在 Intel Mac、Linux 和 Windows 上可用
  • 绕过 Geo IP 可在 Intel Mac、Linux 和 Windows 上可用
  • Android/intel Mac/Linux/Windows: 支持 --tlsfingerprint brook link
Assets 45

v20230404

24 Mar 09:03
@txthinking txthinking
v20230404
510c330
Compare
Choose a tag to compare
v20230404

Documentation

https://txthinking.github.io/brook/

v20230404

CLI

  • --prometheus basic prometheus support
  • --prometheusPath

GUI

  • Echo Client: one-click TCP and UDP ping with address
  • bugfix

v20230401

CLI

GUI

  • OpenWRT:
  • iOS / M1 Mac
    • Dark Mode
    • Shortcut
  • Android
    • Dark Mode
    • Shortcut
  • Linux
    • Dark Mode
    • Shortcut
  • Intel Mac
    • Dark Mode
    • Shortcut
  • Windows
    • Dark Mode
    • Shortcut
    • System Tray
Assets 45

v20230401

19 Mar 09:38
@txthinking txthinking
v20230401
dde0f08
Compare
Choose a tag to compare
v20230401

Documentation

https://txthinking.github.io/brook/

CLI

GUI

Assets 45

v20230122

20 Jan 06:48
@txthinking txthinking
v20230122
860db32
Compare
Choose a tag to compare
v20230122

CLI

🇬🇧 CLI Documentation 🇨🇳 CLI 文档

GUI

🇬🇧 GUI Documentation 🇨🇳 GUI 文档

Programmable

in_httprequest:

  • fix the Content-Length problem when modifying the Body

in_dnsquery:out:

  • forcefakedns
  • system

brook module:

  • iosapponmac
  • cidrcontainsip
  • parseurl
  • parsequery
  • map2query
  • bytes2ints
  • ints2bytes
  • bytescompare
  • bytescontains
  • byteshasprefix
  • byteshassuffix
  • bytesindex
  • byteslastindex
  • bytesreplace
  • pathescape
  • pathunescape
  • queryescape
  • queryunescape
  • hexdecode
  • hexencode
Assets 45

v20230101

01 Jan 02:48
@txthinking txthinking
v20230101
bab614d
Compare
Choose a tag to compare
v20230101

CLI

  • brook echoserver: new command
  • brook echoclient: new command
  • brook markdown renamed to brook mdpage

Documentation

GUI

  • Linux GUI Client
  • Edge is no longer needed. Temporarily no System tray.
  • Desktop tun mode supports bypass on
  • Hosts: like /etc/hosts
  • Log View Plus: filter condition
  • MITM Log View: HTTP/HTTPS request and response
  • Programmable: Everything is possible

GUI Documentation

CLI

  • brook echoserver: 新命令
  • brook echoclient: 新命令
  • brook markdown 重命名 brook mdpage

文档

GUI

  • Linux 图形客户端
  • Edge 不再需要. 暂无 System tray.
  • 桌面 tun 模式支持 bypass 开启
  • Hosts, 就像 /etc/hosts
  • Log View Plus: 过滤条件
  • MITM Log View: HTTP/HTTPS 请求和响应日志
  • 可编程: 一切皆有可能

GUI 文档

Assets 45