Maybe the GFW can identification the MTProxy

[DavidDen]

When I build up a MTProxy, the GFW will block the MTProxy port very quick.

[DavidDen]

If I change a port, it can use about 30 mins

[imliuruiqi]

Mine worked for about 1day.... Then it can't be connected.

[jazhLeo]

what am i, just 5 second....

[iseki0]

After 12:00 today, my all proxy (include my self server) has been blocked by GFW.
SSH connect ok, only MTProxy has been blocked.

[number201724]

Similarly, I am in Shenzhen and it is banned within 30 days.

[jmluang]

blocked suddenly. change port not work.

[number201724]

blocked suddenly. change port not work.

No, I am different from yours. After I was banned, even if I used telnet to test, I could not connect, and the entire port was disabled.

[Baz2013]

me too, I changed a port , it worked less than five minutes.

[summershrimp]

pass -v param and paste the log here? Mine shows

[2747][2019-03-22 16:07:26.838420 local] New connection xxxx ->xxxx
[2747][2019-03-22 16:07:29.766274 local] trying to determine connection type
[2747][2019-03-22 16:07:29.767066 local] invalid "random" 64-byte header, entering global skip mode
[2747][2019-03-22 16:07:30.938654 local] New connection xxxx -> xxxx
[2747][2019-03-22 16:07:31.711521 local] socket 79: disconnected (epoll_ready=2005), cleaning
[2747][2019-03-22 16:07:31.712199 local] Closing connection socket #79
[2747][2019-03-22 16:07:31.720602 local] socket 80: disconnected (epoll_ready=2005), cleaning
[2747][2019-03-22 16:07:31.721360 local] Closing connection socket #80
[2747][2019-03-22 16:07:32.877193 local] socket 82: disconnected (epoll_ready=2005), cleaning
[2747][2019-03-22 16:07:32.877631 local] socket 81: disconnected (epoll_ready=2005), cleaning
[2747][2019-03-22 16:07:32.877913 local] Closing connection socket #82
[2747][2019-03-22 16:07:32.878143 local] Closing connection socket #81

and even with another port, issue same.

[Yesterday17]

IPv6 works well. Only IPv4 is blocked. I'm using IPv6 address instead now but I don't have IPv6 all the time.(cry)

[SheffieldLee]

Me too

[imliuruiqi]

port unblocking after about 2days

[Yesterday17]

I'm using port forwarding to solve the problem. I ported port 3000-5000 to the origin port, and when a port is blocked, i can use another port instead(until the ip is banned).

[lut777]

same problem. The IP could be pinged, but the port could not be curled. obviously, the port has been banned by GFW.

[suncunhu]

fxxk, gfw On PC, I can use local socks5 replace MTProxy, avoid change vps MTProxy port frequently However, It's a little difficult on mobile phone, because I'm uncertain local socks5 port, so can't do this way

[fa1247]

Me too. If I open MTproxy on a random port, it will be blocked in minutes, or worse, in seconds. Maybe MTProto has some obvious features that make it easy to be detected. We have been forced to give up using mtproto. Please do something. Thanks.

[SheffieldLee]

I can connect again, how about you?

[jkoyp3vk]

Same to me. Socks running well but MTProxy doesn't work sooner after I change the port. What a pity.

[joeyxworks]

Same. Have anyone tried domain name instead?

[fa1247]

Same. Have anyone tried domain name instead?

I have tried. Same.

[liaogang]

+1. Now I'm using shadowsocks instead. iOS 11.

[Vivapercuore]

same as me. I have 8 server of MTproxy & 4-6 server's prot blocked every day

[jay816314]

Same. Use brook/v2ray instead.

[CicoZhang]

Thank you guys for sharing this information. I am not alone. My mom complained to me about this and now I am sure about the cause.

[Vivapercuore]

Same. Use brook/v2ray instead.

use v2ray/Brook work as MTproxy inner telegram?

[jay816314]

Same. Use brook/v2ray instead.

use v2ray/Brook work as MTproxy inner telegram?

No, it's another application. Proxy inner telegram only support MTproxy and SOCKS5. You can try using SOCKS5, it works for me now.

[Vivapercuore]

Same. Use brook/v2ray instead.

use v2ray/Brook work as MTproxy inner telegram?

No, it's another application. Proxy inner telegram only support MTproxy and SOCKS5. You can try using SOCKS5, it works for me now.

yes,it work well on pc , but ... mobile...

[jay816314]

yes,it work well on pc , but ... mobile...

SOCKS5 work on my mobile(iOS)。

[gouff]

This tool should be upgrade to face the upgraded GFW.

[wi1dcard]

目前我探索的解决方案有三，都是通过国内机器做跳板：

1. 使用国内机器 + iptables + ss-redir + Python 版本 MTProto Proxy，将 MTProto 的流量转发给 ss-redir：https://lifetyper.com/posts/use_ssr_to_redirect_mtproto_proxy_inside_gfw.html （官方 C 语言版本的 MTProto Proxy 使用 iptables NAT redirect 似乎无效，水平有限，原因暂时未知）

2. 国内搭建 Socks5 代理，使用 iptables 将目标 IP 为 AS62041、AS59930 全部转发到 ss-redir；对于其它目标 IP 段的流量留在国内，以防被滥用。

3. 国内搭建 V2ray 转发 MTProto 流量到 VMess / Shadowsocks: https://steemit.com/cn/@v2ray/v2ray-mtproto

以上三个方案效果如下，延迟差距不大。

[sqliuchang]

目前我探索的解决方案有三，都是通过国内机器做跳板：

1. 使用国内机器 + iptables + ss-redir + Python 版本 MTProto Proxy，将 MTProto 的流量转发给 ss-redir：https://lifetyper.com/posts/use_ssr_to_redirect_mtproto_proxy_inside_gfw.html （官方 C 语言版本的 MTProto Proxy 使用 iptables NAT redirect 似乎无效，水平有限，原因暂时未知）
2. 国内搭建 Socks5 代理，使用 iptables 将目标 IP 为 AS62041、AS59930 全部转发到 ss-redir；对于其它目标 IP 段的流量留在国内，以防被滥用。
3. 国内搭建 V2ray 转发 MTProto 流量到 VMess / Shadowsocks: https://steemit.com/cn/@v2ray/v2ray-mtproto

我现在是套一层kcptun，类似于V2ray转发。 目前国内跳板是腾讯云学生机，1M的带宽聊天还算能用。 还有就是家里的路由器，但是开着kcptun cpu负载略大，作为备用方案。

[wi1dcard]

@sqliuchang 我是考虑到给女票用，所以需要满足两个条件：

1. 4G 也能用
2. 不要求手机上安装 SS 等第三方软件

其实如果家里路由器可以玩的话，就有很多方式解决了，不用 kcptun 也可以，直接用 SS 也没问题。另外，kcptun 基于 Golang，不知道是不是我的姿势不对，总感觉 Golang 对于 ARM / Mips 的优化似乎真的不太好，资源占用很高，可能 Golang 的初衷也不是针对这些小型设备的吧。另外 KCP 也是真真的烧性能... GCP 每月 5 刀的实例只能跑到 20Mbps 左右 CPU 就爆满了。

[sqliuchang]

@sqliuchang 我是考虑到给女票用，所以需要满足两个条件：

1. 4G 也能用
2. 不要求手机上安装 SS 等第三方软件

我傻了，我和你一模一样的情况，我也是考虑怎么让女票用起来方便。。。 最终我还是给她装了shadowrocket，添加好节点和场景，让她4G开代理，自己路由器直连。

其实如果家里路由器可以玩的话，就有很多方式解决了，不用 kcptun 也可以，直接用 SS 也没问题。

有公网ip的宽带在老家，所以老家的路由器基本上是当成国内跳板来使用的。主要还是考虑在外面的时候手机怎么用tg。

另外，kcptun 基于 Golang，不知道是不是我的姿势不对，总感觉 Golang 对于 ARM / Mips 的优化似乎真的不太好，资源占用很高，可能 Golang 的初衷也不是针对这些小型设备的吧。另外 KCP 也是真真的烧性能... GCP 每月 5 刀的实例只能跑到 20Mbps 左右 CPU 就爆满了。

是的，我老家的K3路由器开在normal模式平均负载提高0.7左右，fast2就更高了，还什么都没干CPU就快满载了。所以最近也一直在考虑要不要上个配置好点的软路由，玩玩虚拟机啥的。

[wi1dcard]

@sqliuchang Shadowrocket 确实不错，我之前也在用，不过现在转投 Quantummult 了，路由规则很强大。

另外，我也是买的软路由，不过没有上虚拟机、Koolshare 改版 OpenWrt 之类的，是自己直接配置的 Ubuntu Server，感觉比较干净。看起来渣渣 CPU 的 x86 机器都能随便秒掉 Mips / ARM，我家百兆宽带，重度 SS 用户，CPU 和内存几乎一直维持在很低的状态：