support virtual TUN device Solve some problems

[Pantyhose-X]

Describe your feature / Опишите ваше предложение

create virtual TUN mode to DPI all traffic throughout the system, including terminals
Wintun
ligolo-ng
wireguard TUN
Universal TUN/TAP driver
tun2socks
tun2proxy
https://www.kernel.org/doc/html/v6.1/networking/tuntap.html
https://developer.android.com/develop/connectivity/vpn

GoodbyeDPI Problems

TUN will fix some protocols that don't go DPI, such as twitch's wss://irc-ws.chat.twitch.tv

I can't possibly make a --blacklist for every domain, it's a huge pain in the ass and you'd be wasting a lot of time ?
example
twitch.tv # I also need to add www.twitch.tv and gql.twitch.tv, At this point I can access twitch but I can't play the video! I also need to add static-cdn.jtvnw.net sb.scorecardresearch.com d2v02itv0y9u9t.cloudfront.net *.pdx01.abs.hls.ttvnw.net

cloudflare warp cfwarp_daemon_dns checks

query:("A", "video-edge-e1b330.pdx01.abs.hls.ttvnw.net.") answers:[("A", "science-edge-external-prod-73889260.us-west-2.elb.amazonaws.com.", "52.35.242.178","100.21.152.166","35.161.63.176","35.82.119.237","54.68.217.85","54.186.159.181","54.68.95.149","100.20.106.132")] authority:[] additional:[("CNAME", "video-edge-e1b330.pdx01.abs.hls.ttvnw.net.", "spade.sci.twitch.tv."), ("CNAME", "spade.sci.twitch.tv.", "science-edge-external-prod-73889260.us-west-2.elb.amazonaws.com.")]
query:("A", "edge.ads.twitch.tv.") answers:[("A", "edge.ads.twitch.tv.", "18.238.192.87","18.238.192.25","18.238.192.9","18.238.192.106")] authority:[] additional:[]
query:("A", "vod-secure.twitch.tv.") answers:[("A", "ds0h3roq6wcgc.cloudfront.net.", "18.155.202.125","18.155.202.85","18.155.202.93","18.155.202.95")] authority:[] additional:[("CNAME", "vod-secure.twitch.tv.", "ds0h3roq6wcgc.cloudfront.net.")]
query:("A", "supervisor.ext-twitch.tv.") answers:[("A", "dxtkri2c61io4.cloudfront.net.", "108.138.246.94","108.138.246.123","108.138.246.36","108.138.246.10")] authority:[] additional:[("CNAME", "supervisor.ext-twitch.tv.", "dxtkri2c61io4.cloudfront.net.")]

GoodbyeDPI should make sure it resolves the dns correctly first, then DPI no longer needs the --blacklist.

I did not write dlive.tv to --blacklist I don’t know why the DPI can not work

[ValdikSS]

I have an idea to rebuild the architecture, but it won't be TAP/TUN or other interface emulation. It has more limitations than benefits for this case: you'll need to manage routing tables in the app, DHCP, manage routing and NAT itself, etc.

[Pantyhose-X]

Overlay networking VPN

• does not need to pay for VPN servers any more.
  overlay networking since each node is both a server and a client
  overlay networking to create a direct encrypted tunnel between two nodes even if they’re both behind firewalls. Each node doesn’t even need to know the other’s IP address before starting the connection.
• idea

CDN, Website, ActivityPub, Fediverse, Router, Android, iOS, Linux, BSD, "Domain generation algorithm" "Fast flux" All use overlay networking
Allow users in censored countries to use your network connection to access the network.
Help people in censored countries bypass censorship by running the

Hyprspace
n2n
nebula
qaul

P2P
Hypercore Protocol and pinecone and libp2p and devp2p
bittorrent
WebRTC
gemini
Earthstar
Pigeon
geneva Protocol

[IRainman]

I have an idea to rebuild the architecture, but it won't be TAP/TUN or other interface emulation. It has more limitations than benefits for this case: you'll need to manage routing tables in the app, DHCP, manage routing and NAT itself, etc.

The TUN interface only will need to provide DPI fixes method and config for it. The all case of routing and other staff can be done with operating system itself.

[lepz0r]

geneva Protocol

geneva is actually a DPI circumvention tool just like GoodbyeDPI, but it's for Linux only, more versatile & it's slow as it's written in Python