Open lostsoul6 opened 1 year ago
All the Transports Protocols gost support is list here.
What you need is CDN to hide IP.
Generally speaking, CDN is used to support HTTP , HTTPS, and WebSocket protocol.
I don't know wether gost support CDN usage. But, in theory, they works.
So, you can try HTTP , HTTPS, and WebSocket with CDN.
Tunnel based on these transport protocals.
You may change the transport protocal in examples to a kind protocal listed here.
tcp - raw TCP
tls - TLS
mtls - Multiplex TLS, add multiplex on TLS (2.5+)
ws - Websocket
mws - Multiplex Websocket (2.5+)
wss - Websocket Secure Websocket based on wss
mwss - Multiplex Websocket Secure, multiplex on TLS secured Websocket (2.5+)
kcp - KCP (2.3+)
quic - QUIC (2.4+)
ssh - SSH (2.4+)
h2 - HTTP2 (2.4+)
h2c - HTTP2 Cleartext (2.4+)
obfs4 - OBFS4 (2.4+)
ohttp - HTTP Obfuscation (2.7+)
otls - TLS Obfuscation (2.11+)
How to use costume sni when connecting to an external server?
You can try this.
./gost -L sni://:443
./gost -L :1080 -F sni://server_ip:443?host=example.com
Offical doc about sni at: https://gost.run/tutorials/protocols/sni/
I feel that the Chinese document has more information than the English one 😒 Are these settings correct? I want to encrypt sni with tls
./gost -L sni+tls://:443?certFile=cert.pem&keyFile=key.pem
./gost -L :1080 -F sni+tls://origin.example.com:443?host=cloudflare.example.com&?secure=true&serverName=origin.example.com
@omid-j-d In Iran datacenters , they have limited upload speed to internet . Now tunnels don't work properly . Can we bypass limitation with sni+tls method ?
@omid-j-d In Iran datacenters , they have limited upload speed to internet . Now tunnels don't work properly . Can we bypass limitation with sni+tls method ?
No, the only way to solve this issue is to use dedicated servers, colocation and buy bandwidth. In my opinion, trying to use cloudflare is self-indulgent, thanks to stupid non-experts and youtubers who don't care about anything but views. Cloudflare is nothing interesting. If you want to use cloudflare, use the v2rayf client (from It uses the same technology as goodbye dpi) In general, I personally just wanted to answer the questions of all those who are involved in this dirty topic, and I realized that the answer is "it's not worth it".
@omid-j-d There are many bugs in DPI. So we can use. For example ICMP, DNS etc.
Hello Friends ,
I have a domestic and foreign VPS and I use gost tunnel . The issue is that today the IP of foreign VPS was blocked in the domestic VPS and no traffic could reach it .
I was using gost's forward+tls on the domestic server : -L=tcp://:2053 -F forward+tls://100.100.100.100:9000
My question is , is there any way to hide the foreign VPS IP behind CDN and use a domain there for example ?
Is there any specific tunnel or method that can hide foreign VPS IP or make the tunnel hard to detect ?
Thanks .