anti-dpi software
4.7k
Stars
180
Forks
4
Open issues
4
Contributors
AI Analysis
Zapret2 is a standalone anti-DPI (Deep Packet Inspection) tool designed to bypass network censorship, VPN blocks, and protocol-level filtering without requiring external servers. It targets embedded devices (OpenWrt routers) and traditional systems (Linux, FreeBSD, OpenBSD, Windows), using a Lua-based strategy system to allow network specialists and developers to craft custom DPI evasion techniques rather than relying on hardcoded C implementations.
Inferred from signals mentioned in the README (tests, CI, type safety) — not a review of the actual code.
AI's overall editorial judgment — not an average of the bars above, can weigh other factors too.
Lua-scriptable DPI circumvention tool for embedded Linux routers and low-power devices
zapret2 is a successor to the original zapret project, designed as a DPI (Deep Packet Inspection) evasion tool that runs autonomously without external servers. It targets embedded devices like OpenWrt routers but also supports Linux, FreeBSD, OpenBSD, and Windows. The core innovation is replacing hardcoded C-based traffic manipulation strategies with Lua scripts, making DPI evasion tactics modifiable by network-literate users without C expertise. It addresses the rapid arms race between network blocking and circumvention, where techniques become outdated quickly and require frequent adaptation.
zapret2 emerged in late 2025 as an architectural redesign of zapret (15,575 stars), which suffered from inflexible C-based strategy implementation. The original zapret's nfqws1 component was overly complex and required deep C coding skills to adapt to new blocking techniques. zapret2 decouples packet manipulation logic into Lua, enabling rapid iteration without recompilation.
The project gained 4,624 stars and 177 forks in approximately 7 months (Nov 2025–Jun 2026), acquiring 72 stars in the final week. This is modest compared to the parent zapret project (15k stars) but steady for a specialized technical tool. Growth likely driven by users seeking alternatives to zapret's rigidity and by the appeal of Lua-based extensibility for advanced users. The donation solicitation (crypto wallets in README) suggests awareness of funding challenges.
adoption not verified. The README targets 'enthusiasts' and explicitly states it is 'not a ready solution for dummies.' No case studies, deployment counts, ISP/corporate usage, or user testimonials are documented. The emphasis on OpenWrt routers suggests potential embedded device adoption, but this is not confirmed with concrete evidence. The recent cryptocurrency donation addresses suggest a small dedicated user base willing to support development, but scope is unknown.
Based on README, zapret2 uses a two-layer design: a C kernel (nfqws2 and winws2) that intercepts and dissects packets, plus a Lua scripting layer for DPI evasion strategies. C handles packet capture (nfqws via iptables/nftables on Linux, ipfw/pf on BSD, windivert on Windows), parsing (TLS/QUIC decryption), and binary manipulation. Lua receives packet data as structured trees (similar to Wireshark dissectors) and can modify packets via helper functions. The project provides a Lua standard library of helpers and a pre-built library of strategies that port nfqws1 capabilities with greater flexibility. README claims this design enables non-C programmers to write new DPI evasion tactics.
not documented in README
Last push was 2026-06-25 (4 days before evaluation date), indicating active development. Repository was created 2025-11-17, making it approximately 7 months old. The consistent weekly star growth and recent commits suggest ongoing maintenance, though the project is still young relative to the parent zapret. No information on CI/CD, automated testing, or release cadence is visible in the README excerpt.
ADOPT IF: you are a network engineer or developer who understands packet-level DPI techniques, run routers or low-power Linux devices, need to customize DPI evasion strategies rapidly, and are willing to write or modify Lua code. AVOID IF: you want a ready-made, zero-configuration solution; you lack networking/packet analysis knowledge; you need GUI management or commercial support; you run only Windows desktops/servers. MONITOR IF: you currently use zapret and are frustrated by inflexibility; you run OpenWrt and want a scriptable alternative to hardcoded tools; you observe DPI blocking techniques changing faster than zapret can respond.
Independent dimensions
Mainstream potential
3/10
Technical importance
6/10
Adoption evidence
2/10
- Adoption likely remains a small, technically sophisticated niche. The explicit statement 'not a ready solution for dummies' and requirement for Lua scripting and packet knowledge will naturally limit user base.
- DPI evasion is an adversarial arms race; techniques may become obsolete rapidly. The project's flexibility helps but does not guarantee long-term viability if blocking technology evolves faster than community strategies.
- Early-stage project maturity (7 months old) means API, configuration format, and Lua library may still be unstable. Documentation appears limited (the README mentions a lengthy 'manual.md' but full content is truncated).
- Regulatory and legal uncertainty: DPI circumvention tools operate in a legally murky space in many jurisdictions. This could affect adoption and community growth.
- Windows support appears incomplete (README cuts off mid-sentence about windivert limitations). Reliance on platform-specific packet capture mechanisms (nfqws, ipfw, pf, windivert) means porting to new platforms is non-trivial.
zapret2 will likely remain a specialized tool for advanced users and network enthusiasts rather than mainstream adoption. It may consolidate a dedicated following among OpenWrt users and network admins who need DPI flexibility, but will not challenge GoodbyeDPI or zapret for broader market share. Success will depend on whether the Lua extensibility model gains traction among the DPI-evasion community and whether community-contributed strategies prove effective and easy to share.
Newsletter
Get analyses like this every Monday
Free weekly digest of the most interesting open-source discoveries.
Languages
Information
- Language
- C
- Last updated
- 6d ago
- Created
- 8mo ago
- Analyzed with
- anthropic/claude-haiku-4-5
Stars over time
Contributors over time
Top 100 contributors only — repos with more will plateau at 100.
Open issues
Top contributors
Recent releases
Similar repos
youtubediscord/zapret
Zapret is a GUI launcher and strategy collection for bypassing network blocking...
| Repository | Stars | Week Δ | Language | Score | Updated |
|---|---|---|---|---|---|
|
|
4.7k | +54 | C | 7/10 | 6d ago |
|
|
15.6k | — | C | 7/10 | 1mo ago |
|
|
1.3k | — | Python | 7/10 | 1d ago |
|
|
1.5k | — | Shell | 6/10 | 15h ago |
|
|
1.6k | — | Go | 7/10 | 3d ago |
|
|
28.5k | — | C | 7/10 | 6mo ago |
Much larger user base and simpler deployment model (Windows-focused, single executable). zapret2 is more flexible via Lua scripting but requires deeper technical knowledge and system-level packet interception setup.
Parent project with established user base. zapret2 trades user-friendliness and pre-baked strategies for architectural flexibility and adaptability. Users of zapret likely consider zapret2 only if they need to customize DPI evasion tactics.
Go-based alternative. Less information available, but smaller star count suggests narrower or less active adoption than both zapret and zapret2.
Shell-based wrapper for zapret targeting specific services. Simpler, more targeted use case than zapret2's general DPI toolkit, but lacks extensibility.
Python wrapper/fork of zapret. Similar positioning to Sergeydigl3's variant but in Python. Again, narrower scope than zapret2.