klzgrad

我暂时在这做点笔记。 我也有类似情况，但可能跟trojan并没有关系。 TLS直连正常网站，会出现几次reset，然后又恢复正常。reset很明显是GFW注入的。判断依据是(1)连发3个reset，序列号分布均匀；(2)IP TTL与原站点不一致，而且>64。  然后很快就好了 

I can add it but what json structure you want for doing this?

Hi @mholt, can you choose one json format for multiple basicauths from below so I can start making a PR? 1. ```json "basicauths": [ {"user": "me", "password": "hunter"} ] ```...

Forward proxy in Caddy1 implements its own basicauth to try to avoid side channel attacks with this https://github.com/caddyserver/forwardproxy/blob/247c0bafaabd39e17ecf82c2c957c46957c2efcc/forwardproxy.go#L177-L182 I'll have to remove this constant time compare if I'm to do...

Since I am mentioned here it seems I'm obligated say a few words. I think there is some dysfunction in the community. It was much earlier than November 2019 when...

If TCP-in-TCP performance is not a concern, why not Tor over TCP/IP over HTTP? This setup seems to satisfy the described requirements and there are good userspace TCP/IP stacks already....

Is it necessary to have byte-millisecond-perfect traffic profiles to render traffic analysis unusable in practice? Part of the design requires running real applications for generating interactive behaviors which seems too...

I guess not. This idea requires crafting CRL and other fields in the certificates. Creating true certificates with modified CRL and other fields is too costly for probes like this,...

I agree with and commend the general idea of layering circumvention traffic above widely used software stack repurposed as the transport (or parasitization, not sure if this feels a bit...

@wkrp I stand corrected. Thank you for pointing this out.