Adding decky-spoof-dpi plugin at v0.12.0-1

[ohaiibuzzle]

Decky-SpoofDPI

This plugin uses SpoofDPI in order to fragment TCP sessions and circumvent some network traffic filtering engine utilizing deep packet inspection.

Task Checklist

Developer

• I am the original author or an authorized maintainer of this plugin.
• I have abided by the licenses of the libraries I am utilizing, including attaching license notices where appropriate.

Plugin

• I have verified that my plugin works properly on the Stable and Beta update channels of SteamOS.
• I have verified my plugin is unique or provides more/alternative functionality to a plugin already on the store.

Backend

• Yes: I am using a custom backend other than Python.
• No: I am using a tool or software from a 3rd party FOSS project that does not have it's dependencies statically linked.
• Yes: I am using a custom binary that has all of it's dependencies statically linked.

Community

• I have tested and left feedback on two other pull requests for new or updating plugins.
• I have commented links to my testing report in this PR.

Testing

• Tested on SteamOS Preview update channel.

[TrainDoctor]

@ohaiibuzzle please fix this PR to actually include the directory so CI can run and so I can review the PR.

[TrainDoctor]

Please fix lack of proper submodule directory for plugin.

[ohaiibuzzle]

@TrainDoctor I've added the directories, also, pushed a small update for a typo in README.md

[ohaiibuzzle]

I forgot to change plugin informations (within plugin.json). Backend code is unchanged. Please check if any other changes are necessary

[TrainDoctor]

@ohaiibuzzle is there a good way to test you're plugins core functionality? Any DNS servers that a user could set their deck to that would be performing DPI for traffic blocking? I think this is the primary reason why the plugin hasn't been tested (imo) yet.

[ohaiibuzzle]

@TrainDoctor I think the main functionality of the plugin would be to:

• Correctly set the Steam HTTP Proxy options
• Correctly set the SpoofDPI runtime options
• Auto start SpoofDPI with Steam (prevent failure)

Testing SpoofDPI itself should be possible by observing the output of the Deck using Wireshark and look at the fragmented TCP sessions for HTTPS requests. Content filtering DNS servers actually don’t try to mess with the TLS section of HTTPS and just return localhost for blocked domains.

The kind of block SpoofDPI is meant for is mainly only use by censorship engines/network firewalls which is to reset the TCP connection when the plain text Host: header during TLS handshake is detected and matched. This plugin merely bundles a version of it and provides a GUI in Decky.

[TrainDoctor]

@TrainDoctor I think the main functionality of the plugin would be to:
Testing SpoofDPI itself should be possible by observing the output of the Deck using Wireshark and look at the fragmented TCP sessions for HTTPS requests. Content filtering DNS servers actually don’t try to mess with the TLS section of HTTPS and just return localhost for blocked domains.

The kind of block SpoofDPI is meant for is mainly only use by censorship engines/network firewalls which is to reset the TCP connection when the plain text Host: header during TLS handshake is detected and matched. This plugin merely bundles a version of it and provides a GUI in Decky.

Thanks for the information. I forsee testing this as being a problem for most as testers would need to be in a region where their packets are being analyzed by one entity or another. I would love for this plugin to be on the store so if you need assistance in gaining testers I will do my best to assist.

[EMERALD0874]

@ohaiibuzzle Your PR has been updated to use the latest version of the PR template. I also fixed a merge conflict for you. Please see the Community section of the Task Checklist regarding testing two other PRs to get the quickest response from our team. There are additional comments in the Markdown when you edit the PR text which you may find helpful. Thanks!