Modern firewall-penetration protocols for Tor in China
Reports on https://github.com/net4people/bbs/issues and https://forum.torproject.org say that both obfs4 and snowflake are blocked by the GFW. There are also doubts about whether the new WebTunnel pluggable transport will work. The GFW detects and blocks WebSocket-based proxies.
This is a proof-of-concept for more modern firewall-penetration protocols.
To test these protocols in action, set up an Xray server and client using the latest techniques, for example, https://cscot.pages.dev/2023/07/02/xray-reality-h2. If you follow the sample configuration in that article, you will have a SOCKS5 proxy listening on port 10808
on your client.
Download and install the Tor Browser from https://www.torproject.org.
When you run the Tor Browser for the first time, click Configure Connection.
Scroll down and click the Settings button at the bottom to configure how you connect to the internet. Check I use a proxy to connect to the Internet. The type is SOCKS5, the address is 127.0.0.1
, and the port is 10808
. Click OK.
I have found it more reliable to click Select a Built-In Bridge. This should not be necessary, since the Xray server is already outside the GFW. Perhaps it helps because built-in bridges are faster than random entry nodes. Select obfs4. Click Connect.
Now you can test your connection by trying to reach a Tor-only site.
BBC News in simplified Chinese:
https://www.bbcweb3hytmzhn5d532owbu6oqadra5z3ar726vq5kgwwn6aucdccrad.onion/zhongwen/simp
DW News in simplified Chinese:
https://www.dwnewsgngmhlplxy6o2twtfgjnrnjxbegbwqx6wnotdhkzt562tszfid.onion/zh/?zhongwen=simp
New York Times in simplified Chinese:
https://cn.nytimesn7cgmftshazwhfgzm37qxb44r64ytbb2dj3x62d2lljsciiyd.onion