### Start Brook Server Source: https://github.com/txthinking/brook/blob/master/README.md Starts a Brook server listening on port 9999 with the password 'hello'. This is a basic server setup command. ```bash brook server -l :9999 -p hello ``` -------------------------------- ### Install Nami Package Manager Source: https://github.com/txthinking/brook/blob/master/README.md Installs the Nami package manager, which is used to install Brook. Run this command in your terminal. ```bash bash <(curl https://bash.ooo/nami.sh) ``` -------------------------------- ### Install Brook using Nami Source: https://github.com/txthinking/brook/blob/master/README.md Installs the Brook application using the Nami package manager. Ensure Nami is installed first. ```bash nami install brook ``` -------------------------------- ### Brook Link Protocol Example Source: https://github.com/txthinking/brook/blob/master/protocol/brook-link-protocol.md An example of a Brook link protocol URL for a server configuration. ```plaintext brook://server?password=hello&server=1.2.3.4%3A9999 ``` -------------------------------- ### Run Brook Server with User API Source: https://github.com/txthinking/brook/blob/master/protocol/user.md Command to start the Brook Server, enabling the user system with a specified user log file and User API endpoint. The listen address and password are also configured. ```bash brook --userLog /path/to/log.txt --userAPI https://your-api-server.com/a_unpredictable_path server --listen :9999 --password hello ``` -------------------------------- ### Encode Token in Hexadecimal Source: https://github.com/txthinking/brook/blob/master/protocol/user.md Example of encoding a generated token into hexadecimal format. This is a crucial step for token representation. ```plaintext hex_encode(your_encrypt_or_session_function(user id)) // 3ae6afc9fad94abd8985d8ecc77afb273ae6afc9fad94abd8985d8ecc77afb273ae6afc9fad94abd8985d8ecc77afb27 ``` -------------------------------- ### Generate UUID Token Source: https://github.com/txthinking/brook/blob/master/protocol/user.md Example of generating a universally unique identifier (UUID) and removing hyphens to use as a token. This method ensures token unpredictability. ```javascript crypto.randomUUID().replaceAll('-', '') // 3ae6afc9fad94abd8985d8ecc77afb27 ``` -------------------------------- ### User Traffic Log Entry Source: https://github.com/txthinking/brook/blob/master/protocol/user.md Example log entry from the user log file, detailing traffic information including bytes transferred, destination, source, network type, timestamp, and the associated user ID. ```json {"bytes":"2190","dst":"8.8.8.8:53","from":"34.105.110.232:49514","network":"tcp","time":"2024-02-26T09:56:12Z","user":"9"} {"bytes":"2237","dst":"8.8.8.8:53","from":"34.105.110.232:49331","network":"udp","time":"2024-02-26T09:57:12Z","user":"9"} ``` -------------------------------- ### Brook Server User API Request Source: https://github.com/txthinking/brook/blob/master/protocol/user.md Illustrates the GET request format that Brook Server sends to your User API to validate a token. The token is appended as a query parameter. ```http GET https://your-api-server.com/a_unpredictable_path?token=xxx ``` -------------------------------- ### Valid User API Response (200 OK) Source: https://github.com/txthinking/brook/blob/master/protocol/user.md Example of a successful response from your User API when a token is valid. It should return HTTP status code 200 and the user's unique identifier in the body. ```http HTTP/1.1 200 OK Content-Length: 1 Content-Type: text/plain; charset=utf-8 9 ``` -------------------------------- ### Invalid User API Response (Non-200) Source: https://github.com/txthinking/brook/blob/master/protocol/user.md Example of an unsuccessful response from your User API when a token is invalid or the user cannot be served. It should return a non-200 status code and a reason in the body. ```http HTTP/1.1 400 BAD REQUEST Content-Length: 22 Content-Type: text/plain; charset=utf-8 The user 9 has expired ``` -------------------------------- ### Combine Modules for ipio/openwrt Source: https://github.com/txthinking/brook/blob/master/programmable/modules/readme.md Combines multiple module scripts into a single script file for use with ipio or openwrt. This involves concatenating header, module, and footer files. ```bash cat _header.tengo > my.tengo cat block_google_secure_dns.tengo >> my.tengo cat block_aaaa.tengo >> my.tengo cat _footer.tengo >> my.tengo ``` -------------------------------- ### Generate Brook Link with Token Source: https://github.com/txthinking/brook/blob/master/protocol/user.md Command to generate a Brook client link, specifying the server address, password, and the user token for authentication. ```bash brook link --server 1.2.3.4:9999 --password hello --token xxx ``` -------------------------------- ### Brook GUI Module Definition Source: https://github.com/txthinking/brook/blob/master/programmable/modules/readme.md Defines a Brook module with various handler functions for network events like DNS queries, addresses, HTTP requests, and responses. Use this to customize Brook's behavior. ```go modules = append(modules, { // If you want to predefine multiple brook links, and then programmatically specify which one to connect to, then define `brooklinks` key a function brooklinks: func(m) { // Please refer to the example in `brooklinks.tengo` }, // If you want to intercept and handle a DNS query, then define `dnsquery` key a function, `m` is the `in_dnsquery` dnsquery: func(m) { // Please refer to the example in `block_aaaa.tengo` }, // If you want to intercept and handle an address, then define `address` key a function, `m` is the `in_address` address: func(m) { // Please refer to the example in `block_google_secure_dns.tengo` }, // If you want to intercept and handle a http request, then define `httprequest` key a function, `request` is the `in_httprequest` httprequest: func(request) { // Please refer to the example in `ios_app_downgrade.tengo` or `redirect_google_cn.tengo` }, // If you want to intercept and handle a http response, then define `httpresponse` key a function, `request` is the `in_httprequest`, `response` is the `in_httpresponse` httpresponse: func(request, response) { // Please refer to the example in `response_sample.tengo` } }) ``` -------------------------------- ### KEY Generation Source: https://github.com/txthinking/brook/blob/master/protocol/brook-wsserver-protocol.md Explains the generation of the AES key using HKDF_SHA256 with a user-defined password, a nonce, and specific info. The info can be customized via command-line arguments. ```plaintext KEY: AES key, 32 bytes - KEY: HKDF_SHA256(Password, Nonce, Info) - Password: User-defined password - Nonce: 12 bytes - Info: [0x62, 0x72, 0x6f, 0x6f, 0x6b]. Note that this can be overwrite by `brook link --clientHKDFInfo` and `brook link --serverHKDFInfo` ``` -------------------------------- ### Initialize Vue App for Brook Script Gallery Source: https://github.com/txthinking/brook/blob/master/docs/index.html This snippet initializes a Vue.js application to fetch and display Brook scripts from a remote JSON file. It handles loading states, error display, and user agent detection for mobile devices. ```javascript window.addEventListener("DOMContentLoaded", async (e) => { Vue.use(TDesign); new Vue({ el: '#app', data() { return { zh: navigator.language.toLowerCase().startsWith("zh-"), wx: navigator.userAgent.toLowerCase().indexOf("micromessenger") != -1, mob: /iPhone|iPod|Android/i.test(navigator.userAgent), ing: false, list: [], err: false, error: '', } }, async mounted() { this.ing = true; try { var res = await fetch('https://raw.githubusercontent.com/txthinking/brook/refs/heads/master/programmable/gallery.json') if (res.status != 200) throw await res.text() this.list = JSON.parse(await res.text()) } catch (e) { this.err = true this.error = e.toString() } this.ing = false; }, methods: { async expand(v) { this.ing = true; try { v.expanded = !v.expanded if (!v.script && v.expanded) { var res = await fetch(v.url) if (res.status != 200) throw await res.text() v.script = await res.text() } } catch (e) { this.err = true this.error = e.toString() } this.ing = false; }, async copy(s) { await navigator.clipboard.writeText(s) }, async confirm(e) { this.err = false this.error = '' }, async close(e) { this.err = false this.error = '' }, }, }) }); ``` -------------------------------- ### First Fragment for Client to Server TCP Source: https://github.com/txthinking/brook/blob/master/protocol/brook-server-protocol.md Specifies the content of the initial fragment in client-to-server TCP communication, including Unix Timestamp and DST Address. ```plaintext Unix Timestamp + DST Address ``` -------------------------------- ### DST Address Format Source: https://github.com/txthinking/brook/blob/master/protocol/brook-wsserver-protocol.md Defines the structure of the Destination Address (DST Address) which includes Address Type (ATYP), IP/Domain, and Port. ATYP specifies the address format (IPv4, Domain, IPv6). ```plaintext ATYP + IP/Domain + PORT - ATYP: 1 byte - 0x01: IPv4 - 0x03: Domain - 0x04: IPv6 - IP/Domain: 4/n/16 bytes - If ATYP is 0x01, then this is IPv4, 4 bytes - If ATYP is 0x03, then this is domain, n bytes, and the first byte is the domain length - If ATYP is 0x04, then this is IPv6, 16 bytes - Port: 2 bytes - Big Endian 16-bit unsigned integer ``` -------------------------------- ### Fragment for Client to Server UDP Source: https://github.com/txthinking/brook/blob/master/protocol/brook-server-protocol.md Defines the structure of the fragment in client-to-server UDP communication, including Unix Timestamp, DST Address, and Data. ```plaintext Unix Timestamp + DST Address + Data ``` -------------------------------- ### Fragment for Server to Client UDP Source: https://github.com/txthinking/brook/blob/master/protocol/brook-server-protocol.md Specifies the content of the fragment in server-to-client UDP communication, consisting of DST Address and Data. ```plaintext DST Address + Data ``` -------------------------------- ### DST Address Structure Source: https://github.com/txthinking/brook/blob/master/protocol/brook-server-protocol.md Defines the structure of a Destination Address (DST Address) in the Brook protocol, consisting of ATYP, IP/Domain, and Port. ```plaintext ATYP + IP/Domain + PORT ``` -------------------------------- ### Client to Server UDP (UDP over TCP) Protocol Source: https://github.com/txthinking/brook/blob/master/protocol/brook-wsserver-protocol.md Outlines the protocol for client-to-server UDP traffic encapsulated within TCP over WebSocket. It specifies nonce, fragment length, and initial fragment content. ```plaintext [Standard WebSocket Protocol Header] + Client Nonce + [AES_GCM(Fragment Length) + AES_GCM(Fragment)]... > The maximum length of `AES_GCM(Fragment Length) + AES_GCM(Fragment)` is 65507 bytes, but the maximum length if the first one is 2048 bytes - Client Nonce: 12 bytes, randomly generated - The nonce should be recalculated when it is not used for the first time, the calculation method: add `1` to the first 8 bytes according to the Little Endian 64-bit unsigned integer - Fragment Length: Big Endian 16-bit unsigned integer - Fragment: Actual data being proxied - The first Fragment should be: ``` Unix Timestamp + DST Address ``` - [`Unix Timestamp`](https://en.wikipedia.org/wiki/Unix_time): If it is not odd, it should be increased by 1. Big Endian 32-bit unsigned integer ``` -------------------------------- ### Client to Server TCP Protocol Source: https://github.com/txthinking/brook/blob/master/protocol/brook-wsserver-protocol.md Describes the data structure for client-to-server TCP communication over WebSocket. It includes a client nonce and encrypted fragments. ```plaintext [Standard WebSocket Protocol Header] + Client Nonce + [AES_GCM(Fragment Length) + AES_GCM(Fragment)]... > The maximum length of `AES_GCM(Fragment Length) + AES_GCM(Fragment)` is 2048 bytes - Client Nonce: 12 bytes, randomly generated - The nonce should be recalculated when it is not used for the first time, the calculation method: add `1` to the first 8 bytes according to the Little Endian 64-bit unsigned integer - Fragment Length: Big Endian 16-bit unsigned integer - Fragment: Actual data being proxied - The first Fragment should be: ``` Unix Timestamp + DST Address ``` - [`Unix Timestamp`](https://en.wikipedia.org/wiki/Unix_time): If it is not even, it should be increased by 1. Big Endian 32-bit unsigned integer ``` -------------------------------- ### Client to Server UDP Protocol Source: https://github.com/txthinking/brook/blob/master/protocol/brook-server-protocol.md Outlines the data format for client-to-server UDP communication in Brook. The maximum total packet size is 65507 bytes. ```plaintext Client Nonce + AES_GCM(Fragment) ``` -------------------------------- ### Server to Client TCP Protocol Source: https://github.com/txthinking/brook/blob/master/protocol/brook-server-protocol.md Details the data format for server-to-client TCP communication in Brook. The maximum length of each fragment payload is 2048 bytes. ```plaintext Server Nonce + [AES_GCM(Fragment Length) + AES_GCM(Fragment)]... ``` -------------------------------- ### Server to Client TCP Protocol Source: https://github.com/txthinking/brook/blob/master/protocol/brook-wsserver-protocol.md Details the data structure for server-to-client TCP communication over WebSocket. It includes a server nonce and encrypted fragments. ```plaintext [Standard WebSocket Protocol Header] + Server Nonce + [AES_GCM(Fragment Length) + AES_GCM(Fragment)]... > The maximum length of `AES_GCM(Fragment Length) + AES_GCM(Fragment)` is 2048 bytes - Server Nonce: 12 bytes, randomly generated - The nonce should be recalculated when it is not used for the first time, the calculation method: add `1` to the first 8 bytes according to the Little Endian 64-bit unsigned integer - Fragment Length: Big Endian 16-bit unsigned integer - Fragment: Actual data being proxied ``` -------------------------------- ### Client to Server TCP Protocol Source: https://github.com/txthinking/brook/blob/master/protocol/brook-server-protocol.md Describes the data format for client-to-server TCP communication in Brook. The maximum length of each fragment payload is 2048 bytes. ```plaintext Client Nonce + [AES_GCM(Fragment Length) + AES_GCM(Fragment)]... ``` -------------------------------- ### Server to Client UDP Protocol Source: https://github.com/txthinking/brook/blob/master/protocol/brook-server-protocol.md Describes the data format for server-to-client UDP communication in Brook. The maximum total packet size is 65507 bytes. ```plaintext Server Nonce + AES_GCM(Fragment) ``` -------------------------------- ### Server to Client UDP (UDP over TCP) Protocol Source: https://github.com/txthinking/brook/blob/master/protocol/brook-wsserver-protocol.md Describes the protocol for server-to-client UDP traffic over TCP via WebSocket. It includes server nonce and encrypted fragments. ```plaintext [Standard WebSocket Protocol Header] + Server Nonce + [AES_GCM(Fragment Length) + AES_GCM(Fragment)]... > The maximum length of `AES_GCM(Fragment Length) + AES_GCM(Fragment)` is 65507 bytes - Server Nonce: 12 bytes, randomly generated - The nonce should be recalculated when it is not used for the first time, the calculation method: add `1` to the first 8 bytes according to the Little Endian 64-bit unsigned integer - Fragment Length: Big Endian 16-bit unsigned integer - Fragment: Actual data being proxied ``` -------------------------------- ### Brook Link Protocol Structure Source: https://github.com/txthinking/brook/blob/master/protocol/brook-link-protocol.md The basic structure of a Brook link protocol URL. ```plaintext brook://KIND?QUERY ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.