DefaultTunMode returns a new default TunMode with IP-only DNS capture and replay (not all DNS traffic but only the DNS traffic sent to [tcp/udp]handler.fakedns is captured and replayed to the remote DoH server) and with firewall disabled.

GetDialerOpts returns current dialer options.

L3 returns the string'd repr of engine.

NewAuthProxyOptions returns a new ProxyOptions object with authentication object.

NewDNSOptions returns a new DNSOpitons object.

NewProxyOptions returns a new ProxyOptions object.

NewTunMode returns a new TunMode object.

SetDialerOpts sets the dialer options to use.

BlockModeFilter filters packets on connection establishment.

BlockModeFilterProc determines owner-uid of a tcp/udp connection from procfs before filtering.

BlockModeNone filters no packet.

BlockModeSink blackholes all packets.

DNSModeIP redirects DNS requests sent to the IP endpoint set by VPN.

DNSModeNone does not redirect DNS queries sent to the tunnel.

DNSModePort redirects all DNS requests on port 53.

IP4, IP46, IP6 are string'd repr of Ns4, Ns46, Ns6.

IP4, IP46, IP6 are string'd repr of Ns4, Ns46, Ns6.

IP4, IP46, IP6 are string'd repr of Ns4, Ns46, Ns6.

NICID is the default network interface card ID for the network stack.

2.

6.

4.

PtModeAuto does not enforce (but may still use) 6to4 protocol translation.

PtModeForce64 enforces 6to4 protocol translation.

Android implements 464Xlat out-of-the-box, so this zero userspace impl.

RetryAfterSplit retries connection as-is after split fails.

RetryNever never retries.

RetryWithSplit connects as-is, but retries with split.

SplitAuto is the default dial strategy; chosen by the engine.

SplitDesync splits the first TCP segment after desynchronizing the connection by sending a different, but fixed, first TCP segement to the censor.

SplitNever doesn't muck; connects as-is.

SplitTCP splits the first TCP segment.

SplitTCPOrTLS splits first TCP segment or fragments the TLS SNI header.

Debug is a global flag to enable debug behaviour.

EndpointIndependentFiltering is a global flag to enable endpoint-independent filtering for UDP as per RFC 4787.

EndpointIndependentMapping is a global flag to enable endpoint-independent mapping for UDP as per RFC 4787.

Loopingback is a global flag to adjust netstack behaviour wrt preventing split dialing, closing tunfd without delay etc.

SingleThreaded is a global flag to run Netstack's packet forwarder in a single-threaded mode.

DialerOpts define dialer options.

DNSOptions define https or socks5 proxy options.

ProxyOptions define https or socks5 proxy options.

TunMode specifies dns, firewall, xlat, and ip modes.