AZEN-SGG/amnezia-client
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
amnezia-client/client/containers/containers_defs.cpp
pokamest c7cd8e4c80 Minor ui fixes and refactoring
2023-10-15 02:30:42 +01:00

319 lines
14 KiB
C++
Raw Blame History

#include "containers_defs.h"
QDebug operator<<(QDebug debug, const amnezia::DockerContainer &c)
{
QDebugStateSaver saver(debug);
debug.nospace() << ContainerProps::containerToString(c);
return debug;
}
amnezia::DockerContainer ContainerProps::containerFromString(const QString &container)
{
QMetaEnum metaEnum = QMetaEnum::fromType<DockerContainer>();
for (int i = 0; i < metaEnum.keyCount(); ++i) {
DockerContainer c = static_cast<DockerContainer>(i);
if (container == containerToString(c))
return c;
}
return DockerContainer::None;
}
QString ContainerProps::containerToString(amnezia::DockerContainer c)
{
if (c == DockerContainer::None)
return "none";
if (c == DockerContainer::Cloak)
return "amnezia-openvpn-cloak";
QMetaEnum metaEnum = QMetaEnum::fromType<DockerContainer>();
QString containerKey = metaEnum.valueToKey(static_cast<int>(c));
return "amnezia-" + containerKey.toLower();
}
QString ContainerProps::containerTypeToString(amnezia::DockerContainer c)
{
if (c == DockerContainer::None)
return "none";
if (c == DockerContainer::Ipsec)
return "ikev2";
QMetaEnum metaEnum = QMetaEnum::fromType<DockerContainer>();
QString containerKey = metaEnum.valueToKey(static_cast<int>(c));
return containerKey.toLower();
}
QVector<amnezia::Proto> ContainerProps::protocolsForContainer(amnezia::DockerContainer container)
{
switch (container) {
case DockerContainer::None: return {};
case DockerContainer::OpenVpn: return { Proto::OpenVpn };
case DockerContainer::ShadowSocks: return { Proto::OpenVpn, Proto::ShadowSocks };
case DockerContainer::Cloak: return { Proto::OpenVpn, Proto::ShadowSocks, Proto::Cloak };
case DockerContainer::Ipsec: return { Proto::Ikev2 /*, Protocol::L2tp */ };
case DockerContainer::Dns: return {};
case DockerContainer::Sftp: return { Proto::Sftp };
default: return { defaultProtocol(container) };
}
}
QList<DockerContainer> ContainerProps::allContainers()
{
QMetaEnum metaEnum = QMetaEnum::fromType<DockerContainer>();
QList<DockerContainer> all;
for (int i = 0; i < metaEnum.keyCount(); ++i) {
all.append(static_cast<DockerContainer>(i));
}
return all;
}
QMap<DockerContainer, QString> ContainerProps::containerHumanNames()
{
return { { DockerContainer::None, "Not installed" },
{ DockerContainer::OpenVpn, "OpenVPN" },
{ DockerContainer::ShadowSocks, "ShadowSocks" },
{ DockerContainer::Cloak, "OpenVPN over Cloak" },
{ DockerContainer::WireGuard, "WireGuard" },
{ DockerContainer::Awg, "AmneziaWG" },
{ DockerContainer::Ipsec, QObject::tr("IPsec") },
{ DockerContainer::TorWebSite, QObject::tr("Website in Tor network") },
{ DockerContainer::Dns, QObject::tr("Amnezia DNS") },
{ DockerContainer::Sftp, QObject::tr("Sftp file sharing service") } };
}
QMap<DockerContainer, QString> ContainerProps::containerDescriptions()
{
return { { DockerContainer::OpenVpn,
QObject::tr("OpenVPN is the most popular VPN protocol, with flexible configuration options. It uses its "
"own security protocol with SSL/TLS for key exchange.") },
{ DockerContainer::ShadowSocks,
QObject::tr("ShadowSocks - masks VPN traffic, making it similar to normal web traffic, but is "
"recognised by analysis systems in some highly censored regions.") },
{ DockerContainer::Cloak,
QObject::tr("OpenVPN over Cloak - OpenVPN with VPN masquerading as web traffic and protection against "
"active-probbing detection. Ideal for bypassing blocking in regions with the highest levels "
"of censorship.") },
{ DockerContainer::WireGuard,
QObject::tr("WireGuard - New popular VPN protocol with high performance, high speed and low power "
"consumption. Recommended for regions with low levels of censorship.") },
{ DockerContainer::Awg,
QObject::tr("AmneziaWG - Special protocol from Amnezia, based on WireGuard. It's fast like WireGuard, "
"but very resistant to blockages. "
"Recommended for regions with high levels of censorship.") },
{ DockerContainer::Ipsec,
QObject::tr("IKEv2 - Modern stable protocol, a bit faster than others, restores connection after "
"signal loss. It has native support on the latest versions of Android and iOS.") },
{ DockerContainer::TorWebSite, QObject::tr("Deploy a WordPress site on the Tor network in two clicks.") },
{ DockerContainer::Dns,
QObject::tr("Replace the current DNS server with your own. This will increase your privacy level.") },
{ DockerContainer::Sftp,
QObject::tr("Creates a file vault on your server to securely store and transfer files.") } };
}
QMap<DockerContainer, QString> ContainerProps::containerDetailedDescriptions()
{
return {
{ DockerContainer::OpenVpn,
QObject::tr(
"The time-tested most popular VPN protocol.\n\n"
"Uses a proprietary security protocol with SSL/TLS for encryption and key exchange and supports "
"various authentication methods, making it suitable for a variety of devices and operating "
"systems.\n\n"
"* Normal power consumption on mobile devices\n"
"* Flexible customisation to suit user needs to work with different operating systems and devices.\n"
"* Recognised by DPI analysis systems and therefore susceptible to blocking.\n"
"* Can operate over both TCP and UDP network protocols.") },
{ DockerContainer::ShadowSocks,
QObject::tr("Based on the SOCKS5 proxy protocol, which protects the connection using the AEAD cipher - "
"roughly along the same lines as SSH tunnelling. A Shadowsocks connection is difficult to "
"identify because it is virtually identical to a normal HTTPS connection.\n\n"
"However, some traffic analysis systems can still recognise a ShadowSocks connection, so in "
"countries with high levels of censorship we recommend using OpenVPN in conjunction with Cloak.\n"
"* Average power consumption on mobile devices (higher than OpenVPN).\n"
"* It is possible to configure the encryption protocol.\n"
"* Recognised by some DPI analysis systems\n"
"* Works only via TCP network protocol\n") },
{ DockerContainer::Cloak,
QObject::tr("This is a combination of the OpenVPN protocol and the Cloak plugin designed specifically for "
"blocking protection.\n\n"
"OpenVPN provides a secure VPN connection by encrypting all Internet traffic between the client "
"and the server.\n\n"
"Cloak protects OpenVPN from detection and blocking. \n\n"
"Cloak can modify packet metadata so that it completely masks VPN traffic as normal web traffic, "
"and also protects the VPN from detection by Active Probing. This makes it very resistant to "
"being detected\n\n"
"Immediately after receiving the first data packet, Cloak authenticates the incoming connection. "
"If authentication fails, the plugin masks the server as a fake website and your VPN becomes "
"invisible to analysis systems.\n\n"
"If there is a high level of Internet censorship in your region, we advise you to use only "
"OpenVPN over Cloak from the first connection\n"
"* High power consumption on mobile devices\n"
"* Flexible settings\n"
"* Not recognised by DPI analysis systems\n"
"* Works via TCP network protocol\n") },
{ DockerContainer::WireGuard,
QObject::tr("A relatively new popular VPN protocol with a simplified architecture.\n"
"Provides stable VPN connection, high performance on all devices. Uses hard-coded encryption "
"settings. WireGuard compared to OpenVPN has lower latency and better data transfer throughput.\n"
"* Low power consumption on mobile devices.\n"
"* Minimum number of settings.\n"
"* Easily recognised by DPI analysis systems, susceptible to blocking.\n"
"* Works via UDP network protocol.\n") },
{ DockerContainer::Awg, QObject::tr("AmneziaWG container") },
{ DockerContainer::Ipsec,
QObject::tr("A modern stable protocol.\n\n"
"IKEv2 with IPSec encryption layer. Transmits data over fixed UDP ports 500 and 4500 protecting "
"them with strong 3DES and AES crypto algorithms. Allows very fast switching between networks "
"and devices. Due to its security, stability and speed, IKEv2 is currently one of the best VPN "
"solutions for mobile devices. Vulnerable to detection and blocking.\n"
"* Low power consumption, on mobile devices\n"
"* Minimal configuration.\n"
"* Recognised by DPI analysis systems.\n"
"* Works only over UDP network protocol\n") },
{ DockerContainer::TorWebSite, QObject::tr("Website in Tor network") },
{ DockerContainer::Dns, QObject::tr("DNS Service") },
{ DockerContainer::Sftp, QObject::tr("Sftp file sharing service - is secure FTP service") }
};
}
amnezia::ServiceType ContainerProps::containerService(DockerContainer c)
{
return ProtocolProps::protocolService(defaultProtocol(c));
}
Proto ContainerProps::defaultProtocol(DockerContainer c)
{
switch (c) {
case DockerContainer::None: return Proto::Any;
case DockerContainer::OpenVpn: return Proto::OpenVpn;
case DockerContainer::Cloak: return Proto::Cloak;
case DockerContainer::ShadowSocks: return Proto::ShadowSocks;
case DockerContainer::WireGuard: return Proto::WireGuard;
case DockerContainer::Awg: return Proto::Awg;
case DockerContainer::Ipsec: return Proto::Ikev2;
case DockerContainer::TorWebSite: return Proto::TorWebSite;
case DockerContainer::Dns: return Proto::Dns;
case DockerContainer::Sftp: return Proto::Sftp;
default: return Proto::Any;
}
}
bool ContainerProps::isSupportedByCurrentPlatform(DockerContainer c)
{
#ifdef Q_OS_WINDOWS
return true;
#elif defined(Q_OS_IOS)
switch (c) {
case DockerContainer::WireGuard: return true;
case DockerContainer::OpenVpn: return true;
case DockerContainer::Awg: return true;
case DockerContainer::Cloak:
return true;
// case DockerContainer::ShadowSocks: return true;
default: return false;
}
#elif defined(Q_OS_MAC)
switch (c) {
case DockerContainer::WireGuard: return true;
case DockerContainer::Ipsec: return false;
default: return true;
}
#elif defined(Q_OS_ANDROID)
switch (c) {
case DockerContainer::WireGuard: return true;
case DockerContainer::OpenVpn: return true;
case DockerContainer::ShadowSocks: return true;
case DockerContainer::Awg: return true;
case DockerContainer::Cloak: return true;
default: return false;
}
#elif defined(Q_OS_LINUX)
switch (c) {
case DockerContainer::WireGuard: return true;
case DockerContainer::Ipsec: return false;
default: return true;
}
#else
return false;
#endif
}
QStringList ContainerProps::fixedPortsForContainer(DockerContainer c)
{
switch (c) {
case DockerContainer::Ipsec: return QStringList { "500", "4500" };
default: return {};
}
}
bool ContainerProps::isEasySetupContainer(DockerContainer container)
{
switch (container) {
case DockerContainer::WireGuard: return true;
case DockerContainer::Awg: return true;
case DockerContainer::Cloak: return true;
default: return false;
}
}
QString ContainerProps::easySetupHeader(DockerContainer container)
{
switch (container) {
case DockerContainer::WireGuard: return tr("Low");
case DockerContainer::Awg: return tr("Medium or High");
case DockerContainer::Cloak: return tr("Extreme");
default: return "";
}
}
QString ContainerProps::easySetupDescription(DockerContainer container)
{
switch (container) {
case DockerContainer::WireGuard: return tr("I just want to increase the level of my privacy.");
case DockerContainer::Awg: return tr("I want to bypass censorship. This option recommended in most cases.");
case DockerContainer::Cloak:
return tr("Most VPN protocols are blocked. Recommended if other options are not working.");
default: return "";
}
}
int ContainerProps::easySetupOrder(DockerContainer container)
{
switch (container) {
case DockerContainer::WireGuard: return 3;
case DockerContainer::Awg: return 2;
case DockerContainer::Cloak: return 1;
default: return 0;
}
}
bool ContainerProps::isShareable(DockerContainer container)
{
switch (container) {
case DockerContainer::TorWebSite: return false;
case DockerContainer::Dns: return false;
case DockerContainer::Sftp: return false;
default: return true;
}
}
Reference in a new issue View git blame Copy permalink