Closed cornzzy closed 4 months ago
me too . But I did not test any of those reddit wiki methods . My outline server was working perfectly fine for twenty days . Today it is blocked for all ISPs. I feel that its just depends on the amount of internet usage of the users ( Not just for ShadowSocks, for all protocols ) . If less than ~100 gigs of traffic is consumed per month, the probability of blocking is less. Anyway... this is just a guess . do v2ray or hysteria work better in Iran? I i don't know what to do . Should I buy a server with outline or ...
@ParsaJR If it's for personal/family usage, read this https://github.com/Jigsaw-Code/outline-server/issues/1319 It won't get blocked on a clean IP.
@cornzzy Thanks . Are you saying that it can be solved with prefix? So why did you say if it is for personal or family use? What did you mean by this?
The TLS ClientHello
prefix works for personal use and you should use it. It becomes different when clients connect from many different ISPs.
alright thanks
I used much less traffic and applied prefix. But surprisingly, it was closed earlier than the previous ones. Shadow-socks doesn't seem to work well for us ( at least for me ) . I went to the hysteria protocol ... just so you know
I believe we need to be cautious about exposing ports, as attackers can easily identify a server with abnormal ports open.
There are two types of ports to consider:
Additionally, it is crucial to block access from all Iran domains on your server. I have provided a script to help with this: https://github.com/pedinil/IRiptables
adding customize port sudo bash -c "$(wget -qO- https://raw.githubusercontent.com/Jigsaw-Code/outline-apps/master/server_manager/install_scripts/install_server.sh)" install_server.sh \ --keys-port=80 --api-port=443
The issue is not with port or Iranian websites. Good luck, hope you can get it to work for you.
Thank you for your comment. This issue happened to me before, and I was able to resolve it by changing the port. However, I want to clarify that using an unusual port is not recommended.
But there should be more factors
Random port takes hours to get detected. TCP only connection on 443 with TLS prefix on a clean IP can give you a week or two for family usage. If money isn't an issue, Azure IP doesn't get blocked at all but it's $80 per TB (GFW treats it differently).
Guys, I have since switched to Hysteria 2. Still not blocked after 3 months of use. I used about 2 terabytes of traffic... I just wanted to say that hysteria2 seems to be more reliable for Iranians. (Maybe there is a solution for Outline too, which I didn't test, but anyway)
Guys, I have since switched to Hysteria 2. Still not blocked after 3 months of use. I used about 2 terabytes of traffic... I just wanted to say that hysteria2 seems to be more reliable for Iranians. (Maybe there is a solution for Outline too, which I didn't test, but anyway)
does it have the managment portal ? and which protocol it is using
does it have the managment portal ? and which protocol it is using
management portal? Do you mean to create users and such? I don't think it has. I don't use it for commercial purposes. I started it manually with the configuration of the yaml file exactly according to its own document. https://v2.hysteria.network/docs/getting-started/Server
I have been trying every possible combination of configuration options:
TLS ClientHello
andTLS Application Data
prefixes.aes-256-gcm
andchacha20-ietf-poly1305
There are different kinds of blockages:
The two-hop solution Creating a tunnel like
client -> Iran server -> foreign server
works but it makes no sense to use it with Outline because two-hop works with anything such as OpenVPN and WireGuard and doesn't get blocked.I've spent countless resources for the above statements. My strongest guess is it's coming from the end-user's usage.