-
Notifications
You must be signed in to change notification settings - Fork 4.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[discussion] 近期大范围的服务器封锁及对策 #1237
Comments
只封了443端口,使用移动宽带,暂时改用8443正常 |
换udp类的2个 hy或tuic |
现在也会封8443端口了 |
我又换成50000了 |
你的预判已经被预判到了 |
3台主机全部封锁443端口 A主机Vless+xtls B主机trojan+xtls C主机trojan+ xtls, AB主机为一个供应商,C为另外一个,所有主机22端口可直接登录,443端口503,C主机直接更换为VMESS随机端口可正常使用,AB更改为VMESS不行,B主机更换IP后trojan或vless依然不行,改为vmess随机端口正常 |
非443端口被封2个,一个是vless+xtls,一个是vless+ws,换端口后修复。 |
被封后,把vmess+tls+ws的域名打开了CloudFlare CDN的代理。原端口恢复正常访问。 |
经过实验重新配置为vless+tls+ws 域名开启cloudflare CDN,tls完全加密,443可访问,问题修复 |
GFW 针对Cloudflare 并不敢大规模应用封锁。许多合法的政府官方网站也运行在上面,而且Cloudflare的服务器遍布世界各地,IP段太多容易误封,因此只敢针对SNI进行过滤。此种方法确实对V2ray可行。 |
10.3 被ban 443 |
腾讯和AWS的,hysteria UDP高位端口都被封了。 |
This comment was marked as outdated.
This comment was marked as outdated.
可以啊,新加坡能跑满 |
This comment was marked as outdated.
This comment was marked as outdated.
套CDN肯定没问题,但是降速也是明显的,本来CN2的线路套了CDN,不知道绕到哪去了 |
提醒一下,使用CF代理非HTML内容违反了其TOS(用户服务协议),在账户层面上有违规封号的风险。 |
也是无奈之举,cn2 gia的线路被迫走cdn😂 |
Tls over Tls could be detected. |
赞成使用uTls,这两天已经被封两次了 |
难怪这几天Xray速度暴增。我这里Xray+WS+TLS(Nginx)+Nginx网站镜像+IPv6,一直很稳。 |
در تاریخ پنجشنبه 6 اکتبر 2022، 17:27 Chou Linxi ***@***.***>
نوشت:
… 难怪这几天Xray速度暴增。我这里Xray+WS+TLS(Nginx)+Nginx网站镜像+IPv6,一直很稳。
—
Reply to this email directly, view it on GitHub
<#1237 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/A3OJEPZZWBWZJYGLFFCGJXTWB3LFHANCNFSM6AAAAAAQ4ZHZCE>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
请问xray如何配置uTLs,客户端和服务器端的xray版本都是1.6.0 |
配了,可能没用的 你实在要试,开xray前置 vless tcp tls方式,客户端加参数,比如在v2rayn ng里用,只能用自定义配置的方式 |
2022.10.05, 2022.10.07 vless+xtls回落vmess回落trojan端口456被封,更换 vless+tls回落 2345端口被封,vmess http伪装正常,naiveproxy正常 |
服务器:vless+xtls , |
不点亮小云朵使用自选/优选ip也是可以的,效果等同套CDN |
请问使用CF优选IP速度怎么样?能达到CN2 GIA速度百分之多少?我用的搬瓦匠CN2东京机房,正考虑用CDN保护一下 |
2022.10.08 切换到 vless+ws+cloudflare cdn, 上网一小时,被封了俩端口 |
Could you show your server and client configuration, including firewalls
settings?
…----------------------------------------
*From: *Donotinvert ***@***.***>
*To: *XTLS/Xray-core ***@***.***>
*CC: *Nanyu ***@***.***>; Comment ***@***.***>
*Date: *Nov 9, 2022 09:31:59
*Subject: *Re: [XTLS/Xray-core] [discussion] 近期大范围的服务器封锁及对策 (Issue #1237)
xray vmess+tls+ws 大流量被封端口 2022-10-20 到 2022-11-9
断断续续3次封端口,换端口解决,但是估计很快又会被封.
—
Reply to this email directly, view it on
GitHub[#1237 (comment)],
or
unsubscribe[https://github.com/notifications/unsubscribe-auth/AKGBAYCY3L6CTKR3ZABFEQ3WHNVQ5ANCNFSM6AAAAAAQ4ZHZCE].
You are receiving this because you commented.[Tracking
image][https://github.com/notifications/beacon/AKGBAYC7PBQWX2ECXIAHS7TWHNVQ5A5CNFSM6AAAAAAQ4ZHZCGWGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTSN7WQKE.gif]Message
ID: ***@***.***>
|
My firewall has opened several ports, including 443 80 and several ports in use. And I'm using this example as my configuration: |
试一下pre release里的vision流控?
…---原始邮件---
发件人: ***@***.***>
发送时间: 2022年11月9日(周三) 晚上6:03
收件人: ***@***.***>;
抄送: ***@***.******@***.***>;
主题: Re: [XTLS/Xray-core] [discussion] 近期大范围的服务器封锁及对策 (Issue #1237)
Could you show your server and client configuration, including firewalls settings?
…
---------------------------------------- From: Donotinvert @.> To: XTLS/Xray-core @.> CC: Nanyu @.>; Comment @.**> *Date: Nov 9, 2022 09:31:59 Subject: Re: [XTLS/Xray-core] [discussion] 近期大范围的服务器封锁及对策 (Issue #1237)
xray vmess+tls+ws 大流量被封端口 2022-10-20 到 2022-11-9 断断续续3次封端口,换端口解决,但是估计很快又会被封. — Reply to this email directly, view it on GitHub[#1237 (comment)], or unsubscribe[https://github.com/notifications/unsubscribe-auth/AKGBAYCY3L6CTKR3ZABFEQ3WHNVQ5ANCNFSM6AAAAAAQ4ZHZCE]. You are receiving this because you commented.[Tracking image][https://github.com/notifications/beacon/AKGBAYC7PBQWX2ECXIAHS7TWHNVQ5A5CNFSM6AAAAAAQ4ZHZCGWGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTSN7WQKE.gif]Message ID: @.>
My firewall has opened several ports, including 443 80 and several ports in use. And I'm using this example as my configuration:
https://github.com/XTLS/Xray-examples/blob/main/VMess-Websocket-TLS
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you commented.Message ID: ***@***.***>
|
No, all servers we are using survive. So we would like to see if there
are some flaws in others configuration. (and תודה לאל for the good
luckiness)
…----------------------------------------
*From: *LittleMing ***@***.***>
*To: *XTLS/Xray-core ***@***.***>
*CC: *Nanyu ***@***.***>; Comment ***@***.***>
*Date: *Nov 9, 2022 10:06:47
*Subject: *Re: [XTLS/Xray-core] [discussion] 近期大范围的服务器封锁及对策 (Issue #1237)
试一下pre release里的vision流控?
---原始邮件---
发件人: ***@***.***>
发送时间: 2022年11月9日(周三) 晚上6:03
收件人: ***@***.***>;
抄送: ***@***.******@***.***>;
主题: Re: [XTLS/Xray-core] [discussion] 近期大范围的服务器封锁及对策 (Issue #1237)
Could you show your server and client configuration, including
firewalls settings?
…
---------------------------------------- From: Donotinvert @.> To:
XTLS/Xray-core @.> CC: Nanyu @.>; Comment @.**> *Date: Nov 9,
2022 09:31:59 Subject: Re: [XTLS/Xray-core] [discussion] 近期大范围的服务器封锁及对策
(Issue #1237)
xray vmess+tls+ws 大流量被封端口 2022-10-20 到 2022-11-9
断断续续3次封端口,换端口解决,但是估计很快又会被封. — Reply to this email directly, view it on
GitHub[#1237 (comment)], or
unsubscribe[https://github.com/notifications/unsubscribe-auth/AKGBAYCY3L6CTKR3ZABFEQ3WHNVQ5ANCNFSM6AAAAAAQ4ZHZCE].
You are receiving this because you commented.[Tracking
image][https://github.com/notifications/beacon/AKGBAYC7PBQWX2ECXIAHS7TWHNVQ5A5CNFSM6AAAAAAQ4ZHZCGWGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTSN7WQKE.gif]Message
ID: @.>
My firewall has opened several ports, including 443 80 and several
ports in use. And I'm using this example as my configuration:
https://github.com/XTLS/Xray-examples/blob/main/VMess-Websocket-TLS
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you commented.Message ID:
***@***.***>
—
Reply to this email directly, view it on
GitHub[#1237 (comment)],
or
unsubscribe[https://github.com/notifications/unsubscribe-auth/AKGBAYC4ZJREXX5RCFB36K3WHNZTNANCNFSM6AAAAAAQ4ZHZCE].
You are receiving this because you commented.[Tracking
image][https://github.com/notifications/beacon/AKGBAYGQ3NI245VTHSHDQV3WHNZTNA5CNFSM6AAAAAAQ4ZHZCGWGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTSN7ZGD6.gif]Message
ID: ***@***.***>
|
@Donotinvert Did you set out Nginx/Caddy as your proxyer, and if it is
any ports relating vmess or bless that was exposed to outside?
…----------------------------------------
*From: *Donotinvert ***@***.***>
*To: *XTLS/Xray-core ***@***.***>
*CC: *Nanyu ***@***.***>; Comment ***@***.***>
*Date: *Nov 9, 2022 10:03:39
*Subject: *Re: [XTLS/Xray-core] [discussion] 近期大范围的服务器封锁及对策 (Issue #1237)
Could you show your server and client configuration, including
firewalls settings?
…[https://#]
---------------------------------------- /From: /Donotinvert /*@*/.///>
/To: /XTLS/Xray-core /*@*/.///> /CC: /Nanyu /*@*/.///>; Comment
/*@*/./**> *Date: /Nov 9, 2022 09:31:59 /Subject: /Re: [XTLS/Xray-core]
[discussion] 近期大范围的服务器封锁及对策 (Issue
#1237[#1237])
xray vmess+tls+ws 大流量被封端口 2022-10-20 到 2022-11-9
断断续续3次封端口,换端口解决,但是估计很快又会被封. — Reply to this email directly, view it on
GitHub[#1237
(comment)[#1237 (comment)]],
or
unsubscribe[https://github.com/notifications/unsubscribe-auth/AKGBAYCY3L6CTKR3ZABFEQ3WHNVQ5ANCNFSM6AAAAAAQ4ZHZCE].
You are receiving this because you commented.[Tracking
image][https://github.com/notifications/beacon/AKGBAYC7PBQWX2ECXIAHS7TWHNVQ5A5CNFSM6AAAAAAQ4ZHZCGWGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTSN7WQKE.gif]Message[https://github.com/notifications/beacon/AKGBAYC7PBQWX2ECXIAHS7TWHNVQ5A5CNFSM6AAAAAAQ4ZHZCGWGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTSN7WQKE.gif%5DMessage]
ID: /*@*/.///>
My firewall has opened several ports, including 443 80 and several
ports in use. And I'm using this example as my configuration:
https://github.com/XTLS/Xray-examples/blob/main/VMess-Websocket-TLS
—
Reply to this email directly, view it on
GitHub[#1237 (comment)],
or
unsubscribe[https://github.com/notifications/unsubscribe-auth/AKGBAYGGZE5PBIV6MRHPYZDWHNZHVANCNFSM6AAAAAAQ4ZHZCE].
You are receiving this because you commented.[Tracking
image][https://github.com/notifications/beacon/AKGBAYHCELWSIZ33J32N3FDWHNZHVA5CNFSM6AAAAAAQ4ZHZCGWGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTSN7Y5EK.gif]Message
ID: ***@***.***>
|
@cross-hello Yes, I'm using Nginx as my proxyer, And vmess ports are not directly exposed to outside. |
多谢, 我去了解一下这个功能. |
@Donotinvert If it is ok please provide detailed configuration file of server and client(remove sensitive info), including VPS locate zone, your current province position. |
@Donotinvert then what about client, could you export one configuration here also? |
Are you a contributors or ? can you tall me why you need this ?
|
@Donotinvert Not, just a ordinary visitor. |
@cross-hello Okay,thank you for help me, I try changing the setting to "false". |
@Donotinvert What is server status now? If the blockade happens again? |
情况十分类似,非 443 ,vless + ws + tls |
Still blocked ports. |
我也要试试cdn了 三天两头换端口太麻烦了😭 |
问题是 现在有啥解决办法吗? |
可试试如下配置: |
昨天圣诞活动增加了两台VPS,才用一天今天两台都被封端口了。还好我旧机器还好好的。 |
你那边可以用吗?方便分享一个 json 配置吗? |
当然可用。三种配置中你准备采用那种配置? |
都可以吧 |
参考 https://github.com/lxhao61/integrated-examples 示例及带 TLSv1.2 标记修改。 |
现在用nginx+tls+v2ray(vmess)+ws路径分流用个几小时就被封,但是同样的配置用apache2+tls+v2ray(vmess)+ws路径分流就不会,nginx和apache2都伪装站点了的 |
nginx几分钟不到就封了,都是封端口。前端都是伪装的视频站,emby或者alist。Apache2就没问题 |
我不是专业的,但是看过NIGNX官网,上面有很多国内专业人员参与,当时我就不再使用这个软件部署xray了. |
https://github.com/chika0801/Xray-examples/blob/main/warning.md#memo-5 上面 |
页面找不到 |
https://github.com/chika0801/Xray-examples/blob/main/tips.md |
信息源是:
net4people/bbs#129
大规模封锁现象指:
自北京时间2022年10月3日起,超过一百名用户报告他们至少有一台基于TLS的翻墙服务器被封锁了。被封锁的服务器使用的协议包括了trojan,Xray,V2Ray TLS+Websocket,VLESS,以及gRPC。我们还未收到任何naiveproxy被封锁的消息。
当前“结论”:
基于以上信息,我们推测(但还未进行实证性的测量),这些封锁可能与翻墙软件客户端发出的Clienthello指纹相关。开发者们或许可以考虑采用uTLS。这个论文阅读小组,这篇总结,以及这篇博文都是关于TLS指纹的,也许会有帮助。
请问xray这边是否需要做针对性的调整?
The text was updated successfully, but these errors were encountered: