GFW seems to find Fragmented configurations #2504
Comments
|
@WickedSick277 Just as rprx think. Iran government noticed that |
|
@WickedSick277 If you are talking about iran, use ip segmentation instead. It still works great. Feel free to experiment with different settings. |
首先六个月是怎么来的,其次想识别分片属于是有手就行,若你报告的情况为真,not surprised 此外我注意到在伊朗,不同地区、不同 ISP 适合不同的分片策略,若你可以透漏城市、ISP,其他人即可验证你所报告的情况 换句话说根据此前的报告,有些地区、ISP 本来就用不了特定的分片策略,不过你是本来能用但现在不能用了,这是值得注意的 此前的一些讨论见 #1996 #1988 #2000 #2002 #2021 #2131 #2232 #716 (reply in thread) #2281 (reply in thread) #2392 #2451 |
It's almost 5 months since this repository: https://github.com/GFW-knocker/gfw_resist_tls_proxy |
v1.8.4 中我重构了 fragment 相关代码,效果是一样的,也经过了测试,但为了排除这一因素的影响,你可以试一下 v1.8.3
可能是 ISP 想在一定程度上封禁 CF 的分片,但漏了一些 IP,也可能是仅一些中间设备有禁分片功能,路由经过就会被禁 |
Hello everyone.
I've been using fragment since ~6 months ago.
Recently i realized that GFW seems like to "find" Fragmenting.
Issue:
I have two EXACT same configs. tested on same router.
, but the fragmented one doesn't work on Windows. while the regular one works well.
I have tried diffrent length and interval setting for Fragment, still no lucks.
clients tested on Windows: Nekoray, V2rayN both with XRay core updated to 1.8.4.
config example below:
{ "dns": { "hosts": { "domain:googleapis.cn": "googleapis.com" }, "servers": [ "8.8.8.8" ] }, "inbounds": [ { "listen": "127.0.0.1", "port": 2081, "protocol": "socks", "settings": { "auth": "noauth", "udp": true, "userLevel": 8 }, "sniffing": { "destOverride": [ "http", "tls" ], "enabled": true }, "tag": "socks" }, { "listen": "127.0.0.1", "port": 9090, "protocol": "http", "settings": { "userLevel": 8 }, "tag": "http" } ], "log": { "loglevel": "warning" }, "outbounds": [ { "mux": { "concurrency": 8, "enabled": false }, "protocol": "vless", "settings": { "vnext": [ { "address": "xxxxxxxxxxxxxxx", "port": 443, "users": [ { "encryption": "none", "flow": "", "id": "xxxxxxxxxxxxxxx", "level": 8, "security": "auto" } ] } ] }, "streamSettings": { "sockopt" : { "dialerProxy" : "fragment" }, "network": "ws", "security": "tls", "tlsSettings": { "allowInsecure": false, "alpn": [ "http/1.1" ], "fingerprint": "ios", "publicKey": "", "serverName": "xxxxxxxxxxxxxxx", "shortId": "", "show": false, "spiderX": "" }, "wsSettings": { "headers": { "Host": "xxxxxxxxxxxxxxx" }, "path": "/vless?ed=2048" } }, "tag": "proxy" }, { "protocol" : "freedom", "settings" : { "fragment" : { "packets" : "tlshello", "interval" : "10-20", "length" : "5-30" } }, "tag" : "fragment", "streamSettings" : { "sockopt" : { "tcpNoDelay" : true } } }, { "tag" : "direct", "protocol" : "freedom" }, { "protocol": "blackhole", "settings": { "response": { "type": "http" } }, "tag": "block" } ], "policy": { "levels": { "8": { "connIdle": 300, "downlinkOnly": 1, "handshake": 4, "uplinkOnly": 1 } }, "system": { "statsOutboundUplink": true, "statsOutboundDownlink": true } }, "routing": { "domainStrategy": "AsIs", "rules": [ { "ip": [ "8.8.8.8" ], "outboundTag": "proxy", "port": "53", "type": "field" }, { "domain":[ "ext:iran.dat:ads" ], "outboundTag":"block", "type":"field" }, { "ip":[ "geoip:ir" ], "outboundTag":"direct", "type":"field" }, { "domain": ["regexp:.+\\.ir$","ext:iran.dat:other" ], "outboundTag":"direct", "type":"field" } ] } }The text was updated successfully, but these errors were encountered: