๐ New Release: v4.4.0
TOML config file, SIGHUP secret reload, and one-liner installer.
-
- SIGHUP reloads secrets and IP ACLs from the config file without dropping connections
- CLI flags (
-
- Docker
- Vendored tomlc17 TOML v1.1 parser (MIT, cktan/tomlc17)
Release notes | GitHub
TOML config file, SIGHUP secret reload, and one-liner installer.
-
--config /path/to/config.toml for all settings: secrets, mode, ports, ACLs, DC overrides- SIGHUP reloads secrets and IP ACLs from the config file without dropping connections
- CLI flags (
-S, --direct, -H, etc.) override config file values; -S secrets are pinned and survive reload-
install.sh one-liner for bare-metal Linux: downloads binary, creates systemd service, generates config with secret, prints connection link- Docker
start.sh now generates a TOML config internally, enabling docker exec <ctr> kill -HUP 1 for secret rotation- Vendored tomlc17 TOML v1.1 parser (MIT, cktan/tomlc17)
Release notes | GitHub
๐ฅ2
Teleproxy โ the fastest, most secure MTProto proxy with the highest DPI resistance in existence.
A heavily reworked fork of the original MTProto proxy, rebuilt for raw throughput, zero-compromise encryption, and staying invisible to deep packet inspection. If your government or ISP is blocking Telegram, this is how you get through.
What makes it different:
โข Fake-TLS transport indistinguishable from regular HTTPS to DPI systems
โข Weibull-distributed inter-record delays that defeat statistical traffic analysis
โข Static binaries โ single file, no dependencies, runs anywhere
โข Direct mode for censored regions where Telegram DCs are unreachable
โข TOML config with live secret reload (SIGHUP) โ no downtime, ever
โข ARM64 native โ runs on everything from a $5 VPS to a Raspberry Pi
Source, docs, and releases: github.com/teleproxy/teleproxy
A heavily reworked fork of the original MTProto proxy, rebuilt for raw throughput, zero-compromise encryption, and staying invisible to deep packet inspection. If your government or ISP is blocking Telegram, this is how you get through.
What makes it different:
โข Fake-TLS transport indistinguishable from regular HTTPS to DPI systems
โข Weibull-distributed inter-record delays that defeat statistical traffic analysis
โข Static binaries โ single file, no dependencies, runs anywhere
โข Direct mode for censored regions where Telegram DCs are unreachable
โข TOML config with live secret reload (SIGHUP) โ no downtime, ever
โข ARM64 native โ runs on everything from a $5 VPS to a Raspberry Pi
Source, docs, and releases: github.com/teleproxy/teleproxy
๐4
๐ฌ Comment on #1: CI: set up E2E test account and TG_STRING_SESSION secret
E2E test infrastructure is fully operational โ test DC account, session, seed script, CI job, and secrets are all configured and running.
View comment
E2E test infrastructure is fully operational โ test DC account, session, seed script, CI job, and secrets are all configured and running.
View comment
๐ New Release: v4.5.0
QR codes for connection links.
-
- Docker
- Vendored nayuki/QR-Code-generator (MIT) for zero-dependency QR rendering on any platform
- E2E tests decode the rendered QR output with pyzbar and verify it matches the expected URL
- Documentation: new "Connection Links" page (en + ru)
Release notes | GitHub
QR codes for connection links.
-
teleproxy link subcommand prints a proxy URL and renders a scannable QR code in the terminal using UTF-8 half-block characters- Docker
start.sh and install.sh now display QR codes automatically at startup โ point a phone camera at the screen to connect- Vendored nayuki/QR-Code-generator (MIT) for zero-dependency QR rendering on any platform
- E2E tests decode the rendered QR output with pyzbar and verify it matches the expected URL
- Documentation: new "Connection Links" page (en + ru)
Release notes | GitHub
๐ฌ Comment on #37: QR-CODE (Mikrotik)
Fixed in e9292d4 โ open
View comment
Fixed in e9292d4 โ open
http://<your-server>:8888/link in a browser to get scannable QR codes.View comment
๐1
๐ New Issue #39: Russian DPI (TSPU) blocking fake-TLS connections (April 2026)
by rkline0x
View issue
by rkline0x
View issue
๐ฌ Comment on #38: Healthcheck always unhealthy with custom ports
Fixed in v4.6.0. The Dockerfile and docker-compose.yml healthchecks now use
View comment
Fixed in v4.6.0. The Dockerfile and docker-compose.yml healthchecks now use
${STATS_PORT:-8888} instead of a hardcoded port, exactly as @FFourtyTwo suggested. Also added a CI test that starts the container with a non-default STATS_PORT to prevent regression.View comment
๐ฌ Comment on #37: QR-CODE (Mikrotik)
Available since e9292d4 โ the
View comment
Available since e9292d4 โ the
/link endpoint serves HTML with QR codes, works from any browser including Mikrotik's webfig.View comment
๐ฌ Comment on #25: QR codes for connection links
Shipped across two releases:
- v4.5.0:
- v4.6.0:
View comment
Shipped across two releases:
- v4.5.0:
teleproxy link subcommand + terminal QR codes at startup- v4.6.0:
/link HTTP endpoint serves HTML pages with scannable QR codesView comment
๐ฌ Comment on #39: Russian DPI (TSPU) blocking fake-TLS connections (April 2026)
v4.6.0 is out with the server-side mitigations described above:
- ServerHello encrypted size variation widened to ยฑ32 bytes
- ServerHello/CCS split into separate TCP segments
- New DPI Resistance docs page
These reduce fingerprinting surface but won't fix detection on their own โ the core issue is the client's TLS fingerprint. Track tdesktop#30513 for the client-side fix.
View comment
v4.6.0 is out with the server-side mitigations described above:
- ServerHello encrypted size variation widened to ยฑ32 bytes
- ServerHello/CCS split into separate TCP segments
- New DPI Resistance docs page
These reduce fingerprinting surface but won't fix detection on their own โ the core issue is the client's TLS fingerprint. Track tdesktop#30513 for the client-side fix.
View comment
๐3