New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Need Server with src ip forging capability
Hello guys, i live in iran and right now the most stable method for creating a vpn tunnel between an iran server and a foreign server is via asymmetric src header forging (spoofing), in short you forge your foreign server ip to a whitelisted ip (for example an iranian cdn ip) and you forge the iranian server ip to a whitelisted ip (for example an iranian gov site ip). i'm looking for providers that let you do this, and i'd appreciate it if they can offer dedicated servers with 10Gbps+ Network Links. Thank you in advance!
Comments
@Murv
Hello iranian folks, wish you all the best
Thanks dude! been trying to connect more than 10k+ people during these hard times
Does this method supposed to work even during a total internet shutdown there, or it's just a more stealthy way than just using VLESS+Reality like in China/Russia?
well during the war it worked because there are some whitelisted IPs that always stay connected, idk if it will keep working in future but if everything gets taken down, it will be the last resort
So you had local internet access there to some gov sites? like North Korea? and those sites
had access to outside world? Because the news says you were disconnected national-wide
for like 3 months. Were you able to access something like your local bank site?
I'm still not sure how this technically works but sounds very interesting. What if your ISP
sees that you pushed gigabytes of data when everything was supposed to be off? Doesn't
it put you in serious risk?
Probably not really comparable to North Korea's intranet. More like government and adjacent services. Pushing a lot of data won't be that suspicious there and i doubt ISPs would regularly care much anyways. I'm no Iran expert or anything but Iran seems to often times just do their own versions of things they either don't get due to sanctions or the government doesn't want to be under the control of foreign forces.
well obviously you shouldnt buy those servers with your real identity, and yes the local websites worked and some of these local websites' servers had access to the internet and if spoofing was enabled on the iranian provider side, you could spoof your src ip to that server that had access to the internet and bypass the restrictions!
also ISPs dont give that much of a damn, all they care about is their own profit anyways
How comes? This is a trivial thing to detect on the ISP side. And I'm asking because they
were putting people in jail for having a Starlink. So they take those censorship bypasses
very seriously, unlike China/Russia where everybody uses VPNs and nobody gives a fuck.
Especially during these times, they will treat people who manage to bypass the global
government imposed internet blackout as some sort of spies/suspects/criminals.
The stupid firewall rules is what they have during "normal" days like now. They bypass it with VLESS/Reality, V2Ray, shadowsocks, the usual bunch.
Well, sure but it's probably not really the ISPs doing that.
Edit: Overlooked that @itsHoSi kind of explained it already anyways.
@avsisp can hook you up
As plumberg's already mentioned there's @avsisp , I believe they do dedis in Macedonia and they support spoofage there (you need to contact them reguarding spoofage, not enabled by default).
Other than that ICMP tunneling also works fine.