Where was your test network?
Remote Testing with the Outline SDK
You can use the Outline SDK Tools to test different strategies remotely.
Here I test a fetch from Bee Line:
go run github.com/Jigsaw-Code/outline-sdk/x/examples/fetch@latest -transport "$SERVER_BEELINE" https://ipinfo.io/org
AS16345 PJSC "Vimpelcom"
$SERVER_BEELINE
is a socks5://...
url pointing to a SOCKS5 server running on Bee Line.
Here is a blocked website:
go run github.com/Jigsaw-Code/outline-sdk/x/examples/fetch@latest -transport "$SERVER_BEELINE|override:host=cloudflare.net" -method HEAD -v https://meduza.io
2024/04/29 15:49:50 HTTP request failed: Head "https://meduza.io": EOF
(I’m using override
to bypass DNS blocking)
TLS Record fragmentation bypasses blocking:
go run github.com/Jigsaw-Code/outline-sdk/x/examples/fetch@latest -transport "$SERVER_BEELINE|override:host=cloudflare.net|tlsfrag:1" -method HEAD -v https://meduza.io
[DEBUG] 2024/04/29 15:50:35.534519 main.go:106: Expires: [Mon, 29 Apr 2024 19:51:05 GMT]
[DEBUG] 2024/04/29 15:50:35.535194 main.go:106: Alt-Svc: [h3=":443"; ma=86400]
[DEBUG] 2024/04/29 15:50:35.535205 main.go:106: Cache-Control: [public, max-age=30]
[DEBUG] 2024/04/29 15:50:35.535211 main.go:106: Last-Modified: [Mon, 29 Apr 2024 19:25:15 GMT]
[DEBUG] 2024/04/29 15:50:35.535215 main.go:106: Cf-Cache-Status: [HIT]
[DEBUG] 2024/04/29 15:50:35.535220 main.go:106: X-Content-Type-Options: [nosniff]
[DEBUG] 2024/04/29 15:50:35.535225 main.go:106: Date: [Mon, 29 Apr 2024 19:50:35 GMT]
[DEBUG] 2024/04/29 15:50:35.535229 main.go:106: X-Cg-Cache-Status: [HIT]
[DEBUG] 2024/04/29 15:50:35.535233 main.go:106: Age: [168]
[DEBUG] 2024/04/29 15:50:35.535237 main.go:106: Strict-Transport-Security: [max-age=31536000; includeSubDomains; preload]
[DEBUG] 2024/04/29 15:50:35.535243 main.go:106: Server: [cloudflare]
[DEBUG] 2024/04/29 15:50:35.535247 main.go:106: Cf-Ray: [87c1d2664d33614a-KJA]
[DEBUG] 2024/04/29 15:50:35.535250 main.go:106: Content-Type: [text/html; charset=utf-8]
[DEBUG] 2024/04/29 15:50:35.535311 main.go:106: Connection: [keep-alive]
Testing Shadowsocks
To fetch with Shadowsocks:
go run github.com/Jigsaw-Code/outline-sdk/x/examples/fetch@latest -transport "$OUTLINE_SERVER" https://ipinfo.io/org
AS14061 DigitalOcean, LLC
Where $OUTLINE_SERVER
is a ss://
Shadowsocks key.
Now we can do a two-hop test by piping the transports. Here we connect to Bee Line, then fetch ipinfo.io via the Outline Server. We seem to get timeouts for HTTP:
go run github.com/Jigsaw-Code/outline-sdk/x/examples/fetch@latest -transport "$SERVER_BEELINE|$OUTLINE_SERVER" http://ipinfo.io/org
2024/04/29 15:58:02 HTTP request failed: Get "http://ipinfo.io/org": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
exit status 1
And HTTPS:
go run github.com/Jigsaw-Code/outline-sdk/x/examples/fetch@latest -transport "$SERVER_BEELINE|$OUTLINE_SERVER" https://ipinfo.io/org
2024/04/29 16:00:07 HTTP request failed: Get "https://ipinfo.io/org": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
exit status 1
When I use a prefix that simulates a TLS Handshake Record the HTTP fetch succeeds:
$ go run github.com/Jigsaw-Code/outline-sdk/x/examples/fetch@latest -transport "$SERVER_BEELINE|$OUTLINE_SERVER?prefix=%16%03%01" http://ipinfo.io/org
AS14061 DigitalOcean, LLC
$ go run github.com/Jigsaw-Code/outline-sdk/x/examples/fetch@latest -transport "$SERVER_BEELINE|$OUTLINE_SERVER?prefix=%16%03%01" https://ipinfo.io/org
AS14061 DigitalOcean, LLC
Note that my Outline Server is running on port 443.
I was able to get 10 successes in a row:
for i in $(seq 1 10); do echo -n "Test $i: "; go run github.com/Jigsaw-Code/outline-sdk/x/examples/fetch@latest -transport "$SERVER_BEELINE|$OUTLINE_SERVER?prefix=%16%03%01" https://ipinfo.io/org; done
Test 1: AS14061 DigitalOcean, LLC
Test 2: AS14061 DigitalOcean, LLC
Test 3: AS14061 DigitalOcean, LLC
Test 4: AS14061 DigitalOcean, LLC
Test 5: AS14061 DigitalOcean, LLC
Test 6: AS14061 DigitalOcean, LLC
Test 7: AS14061 DigitalOcean, LLC
Test 8: AS14061 DigitalOcean, LLC
Test 9: AS14061 DigitalOcean, LLC
Test 10: AS14061 DigitalOcean, LLC
But it’s not always successful. I don’t know if that’s an issue with my Bee Line being slow or if it’s inconsistent blocking:
$ for i in $(seq 1 10); do echo -n "Test $i: "; go run github.com/Jigsaw-Code/outline-sdk/x/examples/fetch@latest -transport "$SERVER_BEELINE|$OUTLINE_SERVER?prefix=%16%03%01" https://ipinfo.io/org; done
Test 1: 2024/04/29 16:10:14 HTTP request failed: Get "https://ipinfo.io/org": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
exit status 1
Test 2: 2024/04/29 16:10:20 HTTP request failed: Get "https://ipinfo.io/org": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
exit status 1
Test 3: 2024/04/29 16:10:26 HTTP request failed: Get "https://ipinfo.io/org": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
exit status 1
Test 4: AS14061 DigitalOcean, LLC
Test 5: AS14061 DigitalOcean, LLC
Test 6: AS14061 DigitalOcean, LLC
Test 7: AS14061 DigitalOcean, LLC
Test 8: 2024/04/29 16:10:41 HTTP request failed: Get "https://ipinfo.io/org": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
exit status 1
Test 9: 2024/04/29 16:10:47 HTTP request failed: Get "https://ipinfo.io/org": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
exit status 1
Test 10: AS14061 DigitalOcean, LLC
I’ll see if I can test in more networks. but it would be great if others could test too.