-
-
Notifications
You must be signed in to change notification settings - Fork 5.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SS servers are getting blocked #1719
Comments
my ss server is blocked too |
+1 |
It seems to happen at regular intervals. Not systematically, but on certain days, several IPs all get blocked at the same time. |
Is there any program/website that can check ss server connectivity in China unicom, mobile, telecom every minute? |
Evidence: v2ex |
Guys you can try to change your ip and use port 80 ++ietf poly1305 , it should work well |
Got blocked, too. Changing port works but blocked again after about one day (slight use). All packets from that server port gets dropped. I'm changing cipher to chacha20-ietf-poly1305 and see what will happen. Not very optimistic, though. |
Some of mine are blocked too. After some research I find this paper participle interesting:
If that's why, no matter how ports and algorithm are changed, the servers will be kept blocked. Download link (PDF): |
got blocked+1 |
@hrimfaxi no mention of false positive rate and costing in the paper. Seems to me the experiments were run entirey in a controlled lab setting. No proof that it's been implemented in real world. |
@hrimfaxi I wouldn’t put too much weight on that paper.
|
Are you also use port 443? @luxin88 @martincz @leonshaw @zyf2008Neptune etc. 你们被封的端口也是和 OneHappyForever 一样使用的是 443 吗?加密模式呢? |
@paperbag not 443, but higher than 1024 |
@paperbag 端口8088,加密chacha20-ietf-poly1305只要登一次第二天端口就会被墙,过几天整个VPS的IP就可能被墙。 |
@zyf2008Neptune 加密方式没问题, 高位端口的问题,你换IP 再换用八零端口 |
@kang000feng 不存在的,一样封,因为ip被盯上了 |
@luxin88 你换IP后后再按上面配置就不会被盯上了,至少至今没有收到被封的报告 |
@paperbag I'm using some arbitrary port. |
@leonshaw same here. |
CHINA UNICOM - all my 5 ss servers got blocked a few hours ago. |
My vps is dead. The first only to seal off the port, I modified the port and then continue to use the day. Then my ip was completely sealed off. Now I have no longer dare to continue to use my other vps. Afraid they are dead |
My vultr and do got blocked too, with port 10369 and aes-256-gcm. But one survived : the one I brought from third-party, two months ago, with rc4-md5-6,origin, plain.It seems all they traffic exchange by another China mainland Aliyun server to the overseas |
My US VPS got blocked too, It's my spare VPS, I just used it for a little while. What version of shadowsocks-libev are you using? What operating system are you using? What did you do? What is your config in detail (with all sensitive info masked)? Hope this information can help improve shadowsocks. :) |
Can you please post your rough location. The blocking is usually not uniform. It;s worst around Beijing, but I heard in Guangdong it's fine. Roughly translated: 北京有问题,广东小问题 |
Guys you really need to put simple-obfs on top of ss, without obfuscation the wall can just blanket block traffic it doesn't recognize, not much tech needed. It's under the Shadowsocks project too, check it out. |
IP blocked!
several VPS were blocked at the same time( 10:00 am), which some have large traffic, some only have small. hope this report is useful |
I noticed a similar thing. IP blocks happen around 10 am these past few days |
IP blocked again. 10-19 about 9:50 AM change to libev 3.1.0 AEAD chacha20-itef-poly1305, still useless I think the wall watch the import VPS and ip ranges, cut off any large encryption traffic. |
Got blocked, too. Can't ping my server IP. |
My VPS port with SS was lower than 1000 and the cipher was chacha20-ietf-poly1305. Two of my friends , their VPS are running with RC4-MD5 (one uses the sampe port as mine, the other is with port 5353 ), so far so good. |
I think this is really good. The more info we can get, the more chance we'll have to do something about it. Let’s see if servers get blocked at 10 am today like last time |
IP blocked again with AEAD cipher. about 9:10 AM today. |
My vps is ok in last week, aead + obfs. |
我的也是被墙好几次,然后我加了层stunnel,在境内做了中转,现在是正常运行一个多星期。看支持一层SSL/TLS是有必要了。 |
我是9号两台端口被封,奇怪的是还包括电脑连接的goflyway的端口。第二天一台IP被封,ping发现是ip从2到180都封了,所以也不清楚是谁造成的。 |
@v2abcd why not just use ss's subproject obfs? which has ssl obfs support. |
Anyone using simple-obfs? What has been your experience? Anyone got d using that plugin? What port would you recommend using? |
use obfs with http port 80, blocked again. try TLS one more time |
Do you any guys know the strategy of blocking? |
Do you guys use ip addresses or url for the server address? |
是否可以用随机添加数据的方式来消除流量特征? |
^That's what obfs does. It actually goes one step further and makes it look like normal website traffic, so your traffic doesn't stand out as something unknown. |
Please report any general issue here: https://github.com/shadowsocks/shadowsocks-org/issues This issue tracker is only for shadowsocks-libev related bug reporting. |
What version of shadowsocks-libev are you using?
Several servers, with different versions
What operating system are you using?
Windows, iOS, Android, Mac OS
What did you do?
Use shadowsocks to connect to the internet
What did you expect to see?
Sites loading
What did you see instead?
VPS IP got banned
What is your config in detail (with all sensitive info masked)?
Shadowsocks protocol
Port 443
encryption chacha20
IMPORTANT: my vps running vpn software like Cisco openconnect did not get blocked. Could it be that they can now recognize shadowsocks traffic from vpn and block only those vps?
The text was updated successfully, but these errors were encountered: