Releases: txthinking/brook
Releases · txthinking/brook
v20240606
CLI
- Each subcommand has a
--example
argument, for examplebrook server --example
brook link --token
: A token represents a user's identity. A string encoded in hexadecimal. Server needs to have --userAPI enabled. Note that: Only supported by the brook GUI(except for OpenWrt) and tun2brook. However, it is more recommended to use the user system to build token with brook link, such as brook-user-system.brook --userAPI
: When you build your own user system, Brook Server will send GET request to your userAPI to check if token is valid, for example: https://your-api-server.com/a_unpredictable_path. Yes, it is recommended to add an unpredictable path to your https API, of course, you can also use the http api for internal network communication. The request format is https://your-api-server.com/a_unpredictable_path?token=xxx. When the response is 200, the body should be the user's unique identifier, such as user ID; all other status codes are considered to represent an illegitimate user, and in these cases, the body should be a string describing the error. It should be used with --serverLog and server/wsserver/wssserver/quicserver with brook protocol. For more information, please read https://github.com/txthinking/brook/blob/master/protocol/user.mdbrook --userAPIValidCacheTime
: Once a token is checked and valid, the userAPI will not be requested to validate again for a certain period (s). A reasonable value must be set, otherwise it will affect the performance of each incoming connection (default: 3600)brook --userAPIInvalidCacheTime
: Once a token is checked and invalid, the userAPI will not be requested to validate again for a certain period (s). A reasonable value must be set, otherwise it will affect the performance of each incoming connection. Note that this may affect the user experience, when you change the user status from invalid to valid in your user system. (default: 1800)brook --tag
: Tag can be used to the process, will be append into log or serverLog, such as: 'key1:value1'. All tags will also be appended as query parameters one by one to the userAPIbrook --pid
: A file path used to store pid. Send SIGUSR1 to me to reset the --serverLog file on unix systembrook --blockDomainList
: One domain per line, suffix match mode. https://, http:// or local file absolute path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt. Works with server/wsserver/wssserver/quicserverbrook --blockCIDR4List
: One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr4.txt. Works with server/wsserver/wssserver/quicserverbrook --blockCIDR6List
: One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr6.txt. Works with server/wsserver/wssserver/quicserverbrook --blockGeoIP
: Block IP by Geo country code, such as US. Works with server/wsserver/wssserver/quicserverbrook --blockListUpdateInterval
: Update list --blockDomainList,--blockCIDR4List,--blockCIDR6List interval, second. default 0, only read one time on start (default: 0)brook link --udpoverstream
: When server is brook quicserver, UDP over Stream. Under normal circumstances, you need this parameter because the max datagram size for QUIC is very small. Note: only brook CLI and tun2brook suppport for now (default: false)
GUI
- support
brook link --fragment
- support
brook link --token
. However, it is more recommended to use the user system to build token with brook link, such as brook-user-system - Fake DNS and Block Google Secure DNS module have been enabled by default.
Documentation
v20240404
Brook v20240404: Speed limit, IP count limit, Traffic statistics, Configure file
CLI
contains some experimental features
- brook --speedLimit: Limit speed (b), such as 500kb/s: 500000, works with server/wsserver/wssserver/quicserver
- brook --ipLimitMax: Limit the number of client IP addresses, be careful when using this parameter, as the client may have dynamic IP. Works with server/wsserver/wssserver/quicserver
- brook --ipLimitInterval: Interval (s) for ipLimitMax
- brook --ipLimitWait: How long (s) to wait for recovery after exceeding ipLimitMax
- brook relayoverbrook --link
- brook dnsserveroverbrook --link
- brook wssclient --link
- brook link --fragment When server is brook wssserver, split the ClientHello into multiple fragments and then send them one by one with delays (millisecond). The format is min_length:max_length:min_delay:max_delay, cannot be zero, such as 50:100:10:50, Note that: Currently only supported by the brook CLI and tun2brook.
- brook --serverLog: Enable server log, traffic and more. A valid value is file path or 'console'. Mutually exclusive with the --log parameter. Works with server/wsserver/wssserver/quicserver
--serverLog format
{"bytes":"2190","dst":"8.8.8.8:53","from":"34.105.110.232:49514","network":"tcp","time":"2024-02-26T09:56:12Z"}
{"bytes":"2237","dst":"8.8.8.8:53","from":"34.105.110.232:49331","network":"udp","time":"2024-02-26T09:57:12Z"}
You can tally traffic from --serverLog, for example by using a jb
script to sum up the traffic from the /tmp/brook.log
log file.
jb 'var s=0; read_file("/tmp/brook.log").trim().split("\n").map(v=>JSON.parse(v)).forEach(v=> s+= v.bytes ? parseInt(v.bytes) : 0); echo(s)'
- Support CAC configure file
We known this:
brook server -l :9999 -p hello
Then, create a file /root/any_name
:
server -l :9999 -p hello
We can run it like this:
brook /root/any_name
GUI:
- New: Brook OpenWRT GUI
- Installing an ipk will automatically install dependencies.
- Connect and disconnect auto-configure OpenWRT, no need to manually configure some settings in OpenWRT as before.
- And some optimizations.
- bugfix
Other
- IPvBar: Display domain, IP and IP location on Chrome
Brook v20240404: 限速,限制客户端 IP 数量,流量统计,配置文件
CLI
含一些实验性功能
- brook --speedLimit: 服务端限速
- brook --ipLimitMax: 限制客户端 IP 数量
- brook --ipLimitInterval: 周期
- brook --ipLimitWait: 周期内触及 --ipLimitMax 数量后等待多久恢复
- brook relayoverbrook --link
- brook dnsserveroverbrook --link
- brook wssclient --link
- brook link --fragment 当服务器是brook wssserver时,将ClientHello拆分成多个分片,然后逐个延迟发送(毫秒为单位)。格式为 min_length:max_length:min_delay:max_delay,值不能为零,例如 50:100:10:50。需要注意的是:目前仅由brook CLI和tun2brook支持。
- brook --serverLog: 服务端日志,包含每个连接的流量统计
--serverLog 格式如下
{"bytes":"2190","dst":"8.8.8.8:53","from":"34.105.110.232:49514","network":"tcp","time":"2024-02-26T09:56:12Z"}
{"bytes":"2237","dst":"8.8.8.8:53","from":"34.105.110.232:49331","network":"udp","time":"2024-02-26T09:57:12Z"}
可以从 --serverLog 里统计流量,比如用 jb 脚本统计 /tmp/brook.log
日志里的流量总和
jb 'var s=0; read_file("/tmp/brook.log").trim().split("\n").map(v=>JSON.parse(v)).forEach(v=> s+= v.bytes ? parseInt(v.bytes) : 0); echo(s)'
- 支持 CAC 配置文件
我们知道这样:
brook server -l :9999 -p hello
现在, 创建一个文件 /root/any_name
:
server -l :9999 -p hello
我们就可以这样:
brook /root/any_name
GUI:
- 新增:Brook OpenWRT 图形客户端
- 安装 ipk 时会自动安装依赖
- 连接和断开自动配置 OpenWRT,无需再向以前一样手动去 OpenWRT 里配置一些东西
- 以及一些细节的优化
- bugfix
周边
- IPvBar:显示域名,IP,IP 归属地的浏览器扩展
v20240214
GUI:
- Removed proxy mode. All in TUN mode. Life is short, I use Brook
- Modularized all features
- Rewrote UI
- iOS: Memory optimization
- Linux/Windows: Disconnecting will automatically restore the system DNS to its original state. Other platforms do not have this concern.
- Linux/Windows: You can now identify which programs are initiating TCP and UDP network connections. This also means that you can use scripts to control network access for specific applications. This feature has been completed in the previous macOS version. There is no such API for iOS. Android can bypass the app.
- Windows: Package using the new msix format. Here and Here
- Windows: Developed and tested under Windows 11
- Linux: Optimized startup way
- Added Test IPv4 tool
- Added Test IPv6 tool
- ipk: Removed. Might write a new UI
- If you signin: Connect API over your Brook only Mode. You must ensure your Brook Server works.
- Updated documentation: https://brook.app
GUI:
- 移除 proxy 模式。全端默认 TUN 模式。人生苦短,我用 Brook
- 将所有功能模块化
- 重写 UI
- iOS: 内存优化
- Linux/Windows: 断开自动将系统 DNS 恢复如初。其他端无此顾虑
- Linux/Windows: 可以知道是哪个程序在发起 TCP 和 UDP 网络连接。也意味着可以用脚本来针对具体应用程序来进行网络控制。macOS 端上一个版本已完成。iOS 端无此 API。Android 端可以 bypass app
- Windows: 使用新的 msix 格式打包。这里 和 这里
- Windows: 在 Windows 11 下开发测试
- Linux: 优化启动方式
- 新增 Test IPv4 工具
- 新增 Test IPv6 工具
- ipk: 移除. 可能,后续会写一个新的 UI
- If you signin: Connect API over your Brook only Mode. You must ensure your Brook Server works
- 文档更新: https://brook.app
CLI
- brook proxy: OpenWRT: 完美支持 IPv4/IPv6/TCP/UDP. Native IPv6
- brook tproxy: OpenWRT: Perfect support for IPv4/IPv6/TCP/UDP. Native IPv6
- brook --clientHKDFInfo: Do not use it unless you know what it is.
- brook --serverHKDFInfo: Do not use it unless you know what it is.
- brook ipcountry: Get the country of a specific IP.
v20230606
Mac
- 增加 App 模式,可以看到每个网络请求是哪个 App 发起的
- 可以跳过 App,可以选择跳过 App 即直连,也可以用脚本控制仅部分 App 可联网或阻断网络,或走不同的 Server,等等
- 上架 Mac App Store
Windows
- 可以手动选择当前默认的网卡
iOS, Mac, Android, Linux, Windows
- 可细粒度编程控制选择走指定的 Server,比如根据目的地,App,等等
可编程
- in_brooklinks: 连接之前,预定义多个 brook link,之后可编程指定连接哪个
- in_dnsquery
- appid: 发起网络请求的 App. 仅 Mac
- interface: 发起网络请求的网络接口. 仅 Mac
- in_dnsquery.out
- brooklinkkey: 当需要连接代理服务器时,转而连接 通过 in_brooklinks 的 key 指定的 brook link
- in_address
- appid: 发起网络请求的 App. 仅 Mac
- interface: 发起网络请求的网络接口. 仅 Mac
- in_address.out
- brooklinkkey: 当需要连接代理服务器时,转而连接 通过 in_brooklinks 的 key 指定的 brook link
资源
- 文档: https://brook.app
- Pastebin: https://paste.brook.app/
- 独立脚本例子: https://github.com/txthinking/bypass
- 脚本生成器: https://modules.brook.app
- 博客: https://www.txthinking.com/talks/
- YouTube: https://www.youtube.com/txthinking
- Telegram: https://t.me/s/txthinking_news
- Brook Plus 免费计划
Mac
- App Mode, You can see which app initiated each network request
- Bypass App,You can choose to bypass the app and let it connect directly, or you can use scripts to control only some apps to connect to the Internet or block the network, or use different servers, etc.
- Available on the Mac App Store
Windows
- You can manually select the current default network interface
iOS, Mac, Android, Linux, Windows
- Fine-grained programming control to go to the specified server, such as according to the destination, App, etc.
Programmable
- in_brooklinks: Before connecting, Predefine multiple brook links, and then programmatically specify which one to connect to
- in_dnsquery
- appid: Which app initiated the network request. Mac Only
- interface: Which interface initiated the network request. Mac Only
- in_dnsquery.out
- brooklinkkey: When need to connect the Server,instead, connect to the brook link specified by the key in_brooklinks
- in_address
- appid: Which app initiated the network request. Mac Only
- interface: Which interface initiated the network request. Mac Only
- in_address.out
- brooklinkkey: When need to connect the Server,instead, connect to the brook link specified by the key in_brooklinks
Resource
- Documentation: https://brook.app
- Pastebin: https://paste.brook.app/
- Standalone Script Example: https://github.com/txthinking/bypass
- Brook Script Builder: https://modules.brook.app
- Blog: https://www.txthinking.com/talks/
- YouTube: https://www.youtube.com/txthinking
- Telegram: https://t.me/s/txthinking_news
v20230601
Documentation 新域名
CLI
- brook --dialWithNIC
- brook --dialWithDNS
- brook --dialWithDNSPrefer
- brook dhcpserver --interface
- brook dnsserver
- brook dnsclient
- brook dohserver
- brook dohclient
- brook wssclient --tlsfingerprint
- brook relayoverbrook --tlsfingerprint
- brook dnsserveroverbrook --tlsfingerprint
- brook tproxy --tlsfingerprint
- brook link --tlsfingerprint
图形客户端
- 桌面客户端菜单自适应固定打开状态
- 在 Intel Mac、Linux 和 Windows 上优化绕过 CIDR TUN 模式的连接时间
- 脚本:in_address.out.bypass 在 Intel Mac、Linux 和 Windows 上可用
- 绕过 Geo IP 可在 Intel Mac、Linux 和 Windows 上可用
- 支持 --tlsfingerprint brook link
- 脚本: in_guiconfig 弃用
GUI
- Desktop GUI drawer can be fixed
- Optimize connecting time in bypass CIDR TUN mode on intel Mac, Linux and Windows
- Script: in_address.out.bypass is available on intel Mac, Linux and Windows
- Bypass Geo IP is available on intel Mac, Linux and Windows
- --tlsfingerprint with brook link
- Script: in_guiconfig deprecated
v20230404.5.1
Documentation
CLI
- brook --dialWithNIC
- brook --dialWithDNS
- brook --dialWithDNSPrefer
- brook dhcpserver --interface
- brook dnsserver
- brook dnsclient
- brook dohserver
- brook dohclient
- brook wssclient --tlsfingerprint
- brook relayoverbrook --tlsfingerprint
- brook dnsserveroverbrook --tlsfingerprint
- brook tproxy --tlsfingerprint
- brook link --tlsfingerprint
GUI
- Optimize connecting time in bypass CIDR TUN mode on intel Mac, Linux and Windows
- Script: in_address.out.bypass is available on intel Mac, Linux and Windows
- Bypass Geo IP is available on intel Mac, Linux and Windows
- Android/intel Mac/Linux/Windows: --tlsfingerprint with brook link
tun2brook
--script same as GUI
图形客户端
- 在 Intel Mac、Linux 和 Windows 上优化绕过 CIDR TUN 模式的连接时间
- 脚本:in_address.out.bypass 在 Intel Mac、Linux 和 Windows 上可用
- 绕过 Geo IP 可在 Intel Mac、Linux 和 Windows 上可用
- Android/intel Mac/Linux/Windows: 支持 --tlsfingerprint brook link
v20230404
Documentation
https://txthinking.github.io/brook/
v20230404
CLI
- --prometheus basic prometheus support
- --prometheusPath
GUI
- Echo Client: one-click TCP and UDP ping with address
- bugfix
v20230401
CLI
- --log make log better
- --tag name this brook process into log
- --dialWithIP4 Select the outgoing network card
- --dialWithIP6
- --dialWithSocks5
- brook tproxy:
- better and better on dual-stack network
- --disableA
- --disableAAAA
- --bypassGeoIP
- --redirectDNS
- bugfix
- cookbook: Turn any Linux into a router with two Brook commands
- cookbook: 使用 Brook 两条命令把任意 Linux 变成路由器
- brook quicserver
- brook quicclient
- brook dhcpserver
- cookbook: Turn any Linux into a router with two Brook commands
- cookbook: 使用 Brook 两条命令把任意 Linux 变成路由器
GUI
- OpenWRT:
- better and better on dual-stack network
- Rewrite UI, similar to other GUI clients
- bugfix
- cookbook: Brook OpenWRT Router
- cookbook: Brook OpenWRT 路由器
- iOS / M1 Mac
- Dark Mode
- Shortcut
- Android
- Dark Mode
- Shortcut
- Linux
- Dark Mode
- Shortcut
- Intel Mac
- Dark Mode
- Shortcut
- Windows
- Dark Mode
- Shortcut
- System Tray
v20230401
Documentation
https://txthinking.github.io/brook/
CLI
- --log make log better
- --tag name this brook process into log
- --dialWithIP4 Select the outgoing network card
- --dialWithIP6
- --dialWithSocks5
- brook tproxy:
- better and better on dual-stack network
- --disableA
- --disableAAAA
- --bypassGeoIP
- --redirectDNS
- bugfix
- cookbook: Turn any Linux into a router with two Brook commands
- cookbook: 使用 Brook 两条命令把任意 Linux 变成路由器
- brook quicserver
- brook quicclient
- brook dhcpserver
- cookbook: Turn any Linux into a router with two Brook commands
- cookbook: 使用 Brook 两条命令把任意 Linux 变成路由器
GUI
- OpenWRT:
- better and better on dual-stack network
- Rewrite UI, similar to other GUI clients
- bugfix
- cookbook: Brook OpenWRT Router
- cookbook: Brook OpenWRT 路由器
- iOS / M1 Mac
- Dark Mode
- Shortcut
- Android
- Dark Mode
- Shortcut
- Linux
- Dark Mode
- Shortcut
- Intel Mac
- Dark Mode
- Shortcut
- Windows
- Dark Mode
- Shortcut
- System Tray
- Bug: v20230401. wsserver and wssserver. Connectivity Check. 连通性检测. HTTP/1.1 400 Bad Request
- Bug: v20230401. Cannot Import Servers. 无法导入服务器列表
v20230122
CLI
🇬🇧 CLI Documentation 🇨🇳 CLI 文档
GUI
🇬🇧 GUI Documentation 🇨🇳 GUI 文档
Programmable
in_httprequest:
- fix the Content-Length problem when modifying the Body
in_dnsquery:out:
- forcefakedns
- system
brook module:
- iosapponmac
- cidrcontainsip
- parseurl
- parsequery
- map2query
- bytes2ints
- ints2bytes
- bytescompare
- bytescontains
- byteshasprefix
- byteshassuffix
- bytesindex
- byteslastindex
- bytesreplace
- pathescape
- pathunescape
- queryescape
- queryunescape
- hexdecode
- hexencode
v20230101
CLI
- brook echoserver: new command
- brook echoclient: new command
- brook markdown renamed to brook mdpage
GUI
- Linux GUI Client
- Edge is no longer needed. Temporarily no System tray.
- Desktop tun mode supports bypass on
- Hosts: like /etc/hosts
- Log View Plus: filter condition
- MITM Log View: HTTP/HTTPS request and response
- Programmable: Everything is possible
CLI
- brook echoserver: 新命令
- brook echoclient: 新命令
- brook markdown 重命名 brook mdpage
GUI
- Linux 图形客户端
- Edge 不再需要. 暂无 System tray.
- 桌面 tun 模式支持 bypass 开启
- Hosts, 就像 /etc/hosts
- Log View Plus: 过滤条件
- MITM Log View: HTTP/HTTPS 请求和响应日志
- 可编程: 一切皆有可能