今天是不是墙升级了,挂了3台vps,都是本地tcp端口丢弃,vps收不到数据包 #2358
Replies: 16 comments 19 replies
-
|
变智能了。443被BAN,换IP后起流量不到1分钟又被BAN,过几分钟没流量又恢复,再起流量再被BAN,玩不过了。不过如果走V6还可以 |
Beta Was this translation helpful? Give feedback.
-
|
是的,昨天端口被封,换了端口,今天发现除了443 80 22 其他都被墙了 :( |
Beta Was this translation helpful? Give feedback.
-
|
我也是挂了3台😭 vless+ws+tls |
Beta Was this translation helpful? Give feedback.
-
|
If you are using WebSocket or gRPC transport, try relaying them through major CDNs. They may be able to resurrect your server. Also, in case of an emergency, don't forget that you can ssh into GitHub codespaces and do magical things with them. |
Beta Was this translation helpful? Give feedback.
-
Because that command still opens single TCP connection. You need to open multiple TCP connections to avoid congestion. |
Beta Was this translation helpful? Give feedback.
-
|
what? Don't you talk about just ssh? |
Beta Was this translation helpful? Give feedback.
-
|
Ok, don't talk about it. A boring toy |
Beta Was this translation helpful? Give feedback.
-
|
I am talking about a backup for people who can not access their server. |
Beta Was this translation helpful? Give feedback.
-
Doesn't look like anything to me. |
Beta Was this translation helpful? Give feedback.
-
|
vless+ws+tls 被封了 vultr的服务器 |
Beta Was this translation helpful? Give feedback.
-
|
连续两天早上起来发现端口都不可用了 🐶 。 |
Beta Was this translation helpful? Give feedback.
-
|
对,昨天早上封了一批,今天早上又封了一批。。。离谱啊 |
Beta Was this translation helpful? Give feedback.
-
|
连续三天换端口,每次减持到午夜,端口再次被打死,测试并没有所有端口封住。443,80,还有一个其他服务的5000 都正常。 |
Beta Was this translation helpful? Give feedback.
-
|
搞个大内存的香港 VPS, 弄个GUI xrdp 远程桌面凑活用一下先 :( |
Beta Was this translation helpful? Give feedback.
-
|
תודה אתה
And תודה לאל
Feb 28, 2023 17:58:46 Johmy Engrish ***@***.***>:
… I am talking about a backup for people who can not access their server.
—
Reply to this email directly, view it on GitHub[#2358 (reply in thread)], or unsubscribe[https://github.com/notifications/unsubscribe-auth/AKGBAYAHAIMKO24GUPJVXA3WZXD5NANCNFSM6AAAAAAVJLS26A].
You are receiving this because you commented.[Tracking image][https://github.com/notifications/beacon/AKGBAYB3YV2DPJW5HRZJGJTWZXD5NA5CNFSM6AAAAAAVJLS26CWGG33NNVSW45C7OR4XAZNRIRUXGY3VONZWS33OINXW23LFNZ2KUY3PNVWWK3TUL5UWJTQAJZ4LE.gif]
|
Beta Was this translation helpful? Give feedback.
-
|
看样子都是没套cdn导致封ip?如果墙能识别tls加密的流量进而封端口,那么挂不挂cdn在墙面前不都一样么。为什么套用了cdn就没事? |
Beta Was this translation helpful? Give feedback.
-
|
因为一台CDN后面不是你的一台VPS,搞不好后面是一堆微软、亚马逊等等其他公司,所以封CDN应该会慎重得多。 |
Beta Was this translation helpful? Give feedback.
-
|
https反而特征更明显不安全,而且https后一般是墙ip,普通的非加密流量被发现只是墙端口 |
Beta Was this translation helpful? Give feedback.
-
|
IP可以Ping通,但是Telnet所有端口都没有回应,不知道开完会能不能恢复 |
Beta Was this translation helpful? Give feedback.
-
|
三个月 以后
hamlin ***@***.***> 于2023年3月6日周一 15:21写道:
… IP可以Ping通,但是Telnet所有端口都没有回应,不知道开完会能不能恢复
—
Reply to this email directly, view it on GitHub
<#2358 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AIG3A6SRR76LUWVFOI2HYKTW2WF6XANCNFSM6AAAAAAVJLS26A>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
Beta Was this translation helpful? Give feedback.
-
|
没想到现在每天早上还是被ban端口,,下次试试纯tcp流量吧 |
Beta Was this translation helpful? Give feedback.
-
|
测试了,纯tcp也不行,基本也是秒封,而且是和tls一样,直接封ip地址。 |
Beta Was this translation helpful? Give feedback.
-
|
今天我的也挂了,简单的tcp+tls |
Beta Was this translation helpful? Give feedback.
-
|
看来还是要ws了,因为只会封端口,换个端口就恢复了。 |
Beta Was this translation helpful? Give feedback.
-
|
https://web.archive.org/web/20230331092744/https://www.aodun.com.cn/security_info/vpn |
Beta Was this translation helpful? Give feedback.
-
|
所以一键脚本团灭,因为脚本没法设置cdn,不能抱跨国企业高级ip的大腿? |
Beta Was this translation helpful? Give feedback.
-
是不是1号上的呀, 1号就不好使了。。。现在CDN苟延残喘 |
Beta Was this translation helpful? Give feedback.
-
|
确实应该升级了,去年很稳,这几个月老换端口 |
Beta Was this translation helpful? Give feedback.
-
|
真的没撒必要折腾,都是一路折腾过来的人,从ss到v2ray到trojan, |
Beta Was this translation helpful? Give feedback.
-
今天是不是墙升级了,挂了3台vps,都是本地tcp端口丢弃,vps收不到数据包
各位有这种情况吗?
帖子补充,目前已知
针对普通ws的非https流量,仅封锁去程端口(小概率性被检测到,永久性封端口)
针对https加密流量,封ip(基本百分百检测到,不封端口,24小时后有概率性自动解封ip,443恢复可用)
被检测到不是立即封ip而是记录起来隔天早上统一时间段去执行封禁,都是每天早上5点开始到7点执行封禁端口或ip
缓解方法,加上cdn后,墙已经不知道你的服务器真实ip了。正如v2开发者表示 被墙的都是没用cdn隐藏ip保护
本来还想说试试自动 换端口的,,,搜了一下发现别人已经试过了,都是秒封
#2363
不知道纯tcp流量会怎么样,不进行ws伪装域名之类,会不会好一点
但是v2的纯tcp流量抓包发现首个数据包有个固定的特征码用于验证,有个固定的头部,目前已知的是SS AEAD不受任何影响
帖子补充
测试了,纯tcp也不行,基本也是秒封,而且是和tls一样,直接封ip地址。
Beta Was this translation helpful? Give feedback.
All reactions