xray/vless/xtls/trojan all speed limited as of today

[masoudelete]

I have a server which I am it's only user.
I made it using https://github.com/XTLS/Xray-core oneclick scripts with a fake website.

it worked very well on all isp's but as of today all of my protocols(vless xtls, trojan,...) are throttled to 10 or 20kb/s and I was just wondering why that is.

is it possible that they have found a way to fingerprint these protocols? is my IP got greylisted or is it just bulk throttling a range of ips

if you have a similar problem please share
and if there is a better protocol than xray-core please let me know
i'm ready to share any test or log file

[Azadzadeh]

is my IP got greylisted or is it just bulk throttling a range of ips

I've put together a website. here is a post to test whether your domain/IP is "dirty" (on the list) or not.

@Msadr471 @arandomgstring @free-the-internet

[arandomgstring]

@Azadzadeh

My two cents (that you may like to add to your website):

1. Not receiving PING from an IP doesn't always indicate a blockage. Many Windows Servers by default block ping requests. Therefore, even a clean healthy IP might respond with timeouts only. If the VPS owner can connect to server via SSH or RDC or whatever, that means the IP itself is not blocked, rather, firewall doesn't let ping requests to go through.

2. SSH too works fine. But port 22 isn't pretty. To use SSH, one can simply run a command like ssh -D xxxx user@host -p yyyy where xxxx is a local port on user's device which is 100% arbitrary and yyyy is ssh port of server. Then with a proxifier (or any other application) you can tunnel all requests to xxxx which will be redirected to host:yyyy. I have tested this, and it works like a charm for now. Http Injector on android can be used for a similar purpose. On IOS it seems everything needs payment (dah) but perhaps termux can be used. Haven't tested this, I am poor and don't have IPhone.

And finally I think Iranians need a real forum for these type of discussions. Github is fine, but I don't want it to be blocked. Maybe an onion site would be nice. It can even contain a market for proxies, so that developers sell what they have made with crypto or whatever.

[Azadzadeh]

1. Many Windows Servers by default block ping requests.

I guess some corporate routers do drop ICMP requests, but not all of them. If the user doesn't see any ICMP request getting passed (and is not under a corporate firewall), and lives in Iran, I think we can say with 99% certainty that the IP is blocked. I think the user should also do a mtr test to be sure.

have you seen a situation in iran where the ping failed but the IP was accessible (and the user was not under some local firewall)?

Then with a proxifier (or any other application) you can tunnel all requests to xxxx which will be redirected to host:yyyy

I mentioned this in here. Or did you mean creating a tun device so all programs would be redirected by default?

[arandomgstring]

@Azadzadeh

have you seen a situation in iran where the ping failed but the IP was accessible (and the user was not under some local firewall)?

Of course. That's why I have mentioned this anyway. Note that I didn't mean user's (or ISP's) firewall, rather I meant the proxy server's firewall. Your windows server's firewall might be configured to drop ICMP requests.

I mentioned this in here. Or did you mean creating a tun device so all programs would be redirected by default?

I don't see anything related to SSH though. Note that SSH itself can act as a socks5 proxy.

[Azadzadeh]

I don't see anything related to SSH though. Note that SSH itself can act as a socks5 proxy.

here I linked to this guide: https://github.com/HirbodBehnam/V2Ray-Installer/blob/master/Guides/SSH.md

Note that I didn't mean user's (or ISP's) firewall, rather I meant the proxy server's firewall

changed this section now to reflect your note.

[Hadi-1624]

@arandomgstring I have a problem with using ssh as a proxy
Youtube will not load, any ideas why this is?
i'm using windows 10's openssh client, i bind it to port 9999 and i use proxifier.

I hope an onion site pops up for these sorts of discussions, we really do need it.

[arandomgstring]

@Hadi-1624
If other websites work (and you see your IP has changed) then it's DNS problem. In proxifier, click on name resolution, and check resolve hostnames through proxy. Also it might be a good idea of you open CMD and run ipconfig /flushdns as well.

[liulilittle]

I have a server which I am it's only user. I made it using https://github.com/XTLS/Xray-core oneclick scripts with a fake website.

it worked very well on all isp's but as of today all of my protocols(vless xtls, trojan,...) are throttled to 10 or 20kb/s and I was just wondering why that is.

is it possible that they have found a way to fingerprint these protocols? is my IP got greylisted or is it just bulk throttling a range of ips

if you have a similar problem please share and if there is a better protocol than xray-core please let me know i'm ready to share any test or log file

You can use various tools, such as speedtest-cli, iperf, and so on, to verify whether the rate is limited to the entire machine IP or only to some tcp application layer protocols.

If it's just speed limiting for specific the SSL/TLS/HTTP protocols, then there are many solutions, you can use shadowsocks, uds, frp, ppp tools, etc.

Simple solution:

1. Speed limiting http traffic (excluding https traffic) can be changed to http traffic
2. Use other tcp application-layer proxy protocols that support encryption, such as uds, frp, and shadowsocks

Except the gfw in mainland china, firewalls of other countries or governments do not limit the speed of secondary protocols [such as trojan or v2ray] working on http-transparency or https protocols.