Add an option to deny all client connections without random padding #248
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Surprisingly, discovered just now that there is already an issue created for this topic: #200 |
|
Awesome, thanks! |
|
سلام کسی هست ایدی ادمین این کانال رو داشته باشه |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
It seems that some russian ISPs started to detect MTProto connections in a much more aggressive way, so any connections without random padding ('dd') will cause an automatic server ban by DPI systems. The solution is to spread a new proxy server info with 'dd' prefix in the secret key with all users, but still, anyone with the old secret key can unmask the server.
This pull request adds an option to deny all client connections without random padding mode.
Btw, many third-party MTProto-proxy implementations already have such feature.