Librebasics is a small project of mine to get free internet on FreeBasics internet connections provided by FaceBook available primarily in India, Thailand, and developing African nations. It’s currently in a very early stage, but I will constantly update this page with information I gather about their DPI (Deep Packet Inspection) as time goes on, along with my methods for evasion.
Right now As of writing this I am in Thailand (see /travel), where one of the primary mobile providers has FreeBasics by default if you run out of credit, so I naturally decided to find a way around that.
Their DPI is very strict, appearing to possibly check HTTPS certificates, and check both the request headers and responses of all HTTP connections, other protocols will be strictly disallowed, and other ports other than 443/80 blocked (mostly?? TODO: investigate this)
I am not sure if this is to do with time or location, but previously when I have been limited to Facebook-only access on TrueMove, it has not taken me through FreeBasics, and during this time, Facebook chat and calling was not available. When audio/video calls is possible it would be a good idea to attempt tunneling data over the webrtc connection which is established, or perhaps even fool the DPI and start my own connection (I do not know much about webrtc, or how Facebook uses it).
The main rules I have found are…
Hostheader is a FreeBasics-permitted URL
While this may sound unusually complicated, it is quite simple to make this work straight on a phone, without a any computer (you will need root, of course)
To make this work on my phone I used Termux, and ProxyDroid. Termux was really the main piece in making this setup so easy, it is a very useful tool. Crowbar as mentioned before can compile in an android shell with no configuration, in Termux just run
apt install golang, then
go get the repo.
To make this even easier and cooler to use after it has been set up, try installing
Termux:Widget, so you can have a stop and start shortcut for the proxy tunnel components on your home screen, along with the proxy toggle widget available from ProxyDroid.
Well, once I have an array of good bypass methods, I may package this and sell it. Of course I will not hold back information from any tech literate people who are interested, but I’m still not going to baby you by giving you my 30 line long Node.js script I used to replace the headers (PS. they don’t filter “X-“ headers), just write one yourself in a not so garbage language.