[{"data":1,"prerenderedAt":66},["ShallowReactive",2],{"\u002Fblog\u002Fresolving-office-network-throttling":3},{"id":4,"title":5,"body":6,"date":57,"description":5,"extension":58,"image":59,"meta":60,"minRead":59,"navigation":61,"path":62,"seo":63,"stem":64,"__hash__":65},"blog\u002Fblog\u002Fresolving-office-network-throttling.md","一次解决办公室限速的经历",{"type":7,"value":8,"toc":48},"minimark",[9,14,18,22,25,28,31,35,38,41,45],[10,11,13],"h3",{"id":12},"_1","1.",[15,16,17],"p",{},"前段时间公司被收购，换了办公地，新办公室限速1mb且域名黑名单。",[10,19,21],{"id":20},"_2","2.",[15,23,24],{},"做了些前期验证，上游使用了H3C的交换机，试验了V7N和特殊端口隧道（53，443），结果均无效。随后还想尝试 ICMP 隧道，但估计即使能穿透也承载不了大流量，遂放弃。",[15,26,27],{},"继续推测如果限速发生在四层，通过模拟多终端合并流量似乎可以解决。这个思路和宽带多拨比较相似。试验的结果，只能多线程合并流量，浏览网页等单线程场景没有效果，而且此方案无法解决黑名单的问题。",[15,29,30],{},"剩下白名单了。",[10,32,34],{"id":33},"_3","3.",[15,36,37],{},"幸运的事，在一次手工下载Windows补丁包时，发现竟然速度。说明确实有白名单，问题转向如何骗过系统识别。接下来的事情就简单了，尝试在数据包头伪造HTTP请求发出，外部一台机器收到请求后去掉伪造的部分，便可绕过流控系统。",[15,39,40],{},"最后剩下的全局转发是在虚拟机里完成的。虚拟机中搭建V7N服务器，将所有出网请求拦截并通过隧道发出去。",[10,42,44],{"id":43},"_4","4.",[15,46,47],{},"后续问题：白名单不稳定可能随时改动",{"title":49,"searchDepth":50,"depth":50,"links":51},"",2,[52,54,55,56],{"id":12,"depth":53,"text":13},3,{"id":20,"depth":53,"text":21},{"id":33,"depth":53,"text":34},{"id":43,"depth":53,"text":44},"2017-05-18","md",null,{},true,"\u002Fblog\u002Fresolving-office-network-throttling",{"title":5,"description":5},"blog\u002Fresolving-office-network-throttling","T57EhBRqFNEsEjLGGSSZ9YeDY7bMo78kKnquPiWEUD4",1780419652851]