Community discussions

MikroTik App
 
soheilsh
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Fri Nov 26, 2010 3:39 pm

urgent help

Wed Oct 05, 2022 10:51 am

Since the internet connection has been cut off and all tunnels and ways in mikrotik has been disabled by the regime, in order to stop their crime we need an emergency access to the v2ray feature( shadowsocks , vmess , trojan ) in routeros to use as a main way to pass internet disconnection and connect our people to abroad.

thanks
Last edited by soheilsh on Wed Oct 12, 2022 11:59 am, edited 2 times in total.
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26287
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: urgent help for iran

Wed Oct 05, 2022 10:59 am

mikrotik has no such shadowsocks feature, but there are plenty of other interesting solutions, like wireguard, zerotier, DNS over HTTPS etc.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: urgent help

Wed Oct 05, 2022 11:00 am

«emergency access to the shadowsocks feature in routeros»???

RouterOS do not have any "shadowsocks feature"
Can they also block ICMP tunnels and SSTP tunnels?
 
soheilsh
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Fri Nov 26, 2010 3:39 pm

Re: urgent help for iran

Wed Oct 05, 2022 11:11 am

mikrotik has no such shadowsocks feature, but there are plenty of other interesting solutions, like wireguard, zerotier, DNS over HTTPS etc.
dear normis ,iknow mikrotik no such shadowsocks feature , please added , dns over http , zerotier , wireguard blocked in iran
 
soheilsh
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Fri Nov 26, 2010 3:39 pm

Re: urgent help

Wed Oct 05, 2022 11:13 am

«emergency access to the shadowsocks feature in routeros»???

RouterOS do not have any "shadowsocks feature"
Can they also block ICMP tunnels and SSTP tunnels?
how icmp tunnel with mikrotik?
sstp tunnel just work in local islamic regime network like noth korea network , to internet gateway not working
 
soheilsh
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Fri Nov 26, 2010 3:39 pm

Re: urgent help for iran

Wed Oct 05, 2022 11:18 am

mikrotik has no such shadowsocks feature, but there are plenty of other interesting solutions, like wireguard, zerotier, DNS over HTTPS etc.
mikrotik is simple can server runing in one minute in vps ,
The Iranian government blocks for 2 hours after runing vps
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: urgent help

Wed Oct 05, 2022 11:24 am

But if you keep writing here means that somehow you are on Internet from Iran by "BFA"...
 
soheilsh
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Fri Nov 26, 2010 3:39 pm

Re: urgent help

Wed Oct 05, 2022 11:29 am

stop tracking me !!!!!! please edit my isp soon as possible ، icreate vps and connect with rdp to send message
Last edited by soheilsh on Wed Oct 05, 2022 11:30 am, edited 1 time in total.
 
User avatar
nichky
Forum Guru
Forum Guru
Posts: 1275
Joined: Tue Jun 23, 2015 2:35 pm

Re: urgent help

Wed Oct 05, 2022 11:29 am

how about NordVPN?
 
soheilsh
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Fri Nov 26, 2010 3:39 pm

Re: urgent help

Wed Oct 05, 2022 11:30 am

not working
 
soheilsh
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Fri Nov 26, 2010 3:39 pm

Re: urgent help

Wed Oct 05, 2022 11:31 am

But if you keep writing here means that somehow you are on Internet from Iran by "BFA"...
edit my isp ......
 
soheilsh
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Fri Nov 26, 2010 3:39 pm

Re: urgent help

Wed Oct 05, 2022 11:34 am

But if you keep writing here means that somehow you are on Internet from Iran by "BFA"...
edit my isp name 📛
 
User avatar
nichky
Forum Guru
Forum Guru
Posts: 1275
Joined: Tue Jun 23, 2015 2:35 pm

Re: urgent help

Wed Oct 05, 2022 11:35 am

not sure what u mean by edit my isp
 
soheilsh
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Fri Nov 26, 2010 3:39 pm

Re: urgent help

Wed Oct 05, 2022 11:38 am

rextended show my vps provider
 
User avatar
woland
Member Candidate
Member Candidate
Posts: 258
Joined: Mon Aug 16, 2021 4:49 pm

Re: urgent help

Wed Oct 05, 2022 11:45 am

Hi,
just a few ideas:
- I don´t think you should wait for MT support for Shadowsocks, but there are alternatives
- you could try also OpenVPN over TCP443, but SSTP might be better
- if you have ROS7 on a recent ARM MT device with enough resources, then you can have containers and then you can have a container with OpenWRT& shadowsocks or whatever functionality you want
- if you have some of these MT devices listed here https://openwrt.org/toh/start?dataflt%5 ... D=Mikrotik, you can install OpenWRT directly on them
- OpenWRT has Shadowsocks support https://openwrt.org/docs/guide-user/ser ... hadowsocks and lots of other tools

BR
W
 
soheilsh
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Fri Nov 26, 2010 3:39 pm

Re: urgent help

Wed Oct 05, 2022 11:51 am

openvpn 443 , sstp already blocked ‌‌, install and configure openwrt for normall people is very hard , routeros simple , fast ‌‌ , please add shadowsocks in ros
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: urgent help for iran

Wed Oct 05, 2022 12:09 pm

Even if, by hypothesis, it was at least considered, it would take months to integrate it.

@soheilsh
do not revert @Normis change on topic title.

And thanks for the "idiot", nobody understood that you are in Iran...
 
User avatar
nichky
Forum Guru
Forum Guru
Posts: 1275
Joined: Tue Jun 23, 2015 2:35 pm

Re: urgent help

Wed Oct 05, 2022 12:16 pm

@soheilsh

u should know one thing, u do not need to watch on the name of the VPN, u should focus on which port /protocol they are operaithing
e.g. Shadowsocks uses the port 443 same as SSTP , also OVPN can wotk on 443 tcp/udp.

i will spend digging on the log, rather than asking add please add shadowsocks in ros
 
User avatar
woland
Member Candidate
Member Candidate
Posts: 258
Joined: Mon Aug 16, 2021 4:49 pm

Re: urgent help for iran

Wed Oct 05, 2022 12:18 pm

I hope you know, that like me, most people are just simple MT users here, you (and your friends) should be probably trying to contact MT directly.
Sorry if my suggestions didn´t help much, that´s all I got.
W
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: urgent help

Wed Oct 05, 2022 12:28 pm

@woland: Noticed.
 
Guscht
Member Candidate
Member Candidate
Posts: 236
Joined: Thu Jul 01, 2010 5:32 pm

Re: urgent help

Wed Oct 05, 2022 1:11 pm

Run your VPN over an unblocked port, like 443. If they block 443, the have blocked almost everything. In such cases, use starlink.
I assume they do not deep-packet-inspect the traffic from a whole country. Maybe China does such sutff, but not Iran.

To wait for your requested feature is inappropriate. We beg MT to add this and that feature for years and they do nothing.
And to be honest, most of what you write is totally nonsense.

BTW: Maybe its time to use:
RFC1149: https://datatracker.ietf.org/doc/html/rfc1149
RFC2549: https://datatracker.ietf.org/doc/html/rfc2549
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18958
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: urgent help

Wed Oct 05, 2022 9:12 pm

The problem is apparently they dont bother with ports, they look at traffic content and block based on that.............
and they read this forum is a safe assumption. They have people with nothing better to do.
No way I can see to deal with the blockage they have setup. MOVE is my best answer. If they have no one to lead/abuse, maybe they will blow away.
 
fragtion
Member Candidate
Member Candidate
Posts: 257
Joined: Fri Nov 13, 2009 10:08 pm
Location: Johannesburg, South Africa

Re: urgent help

Thu Oct 06, 2022 11:19 am

So I'm just curious.. How do they block wireguard? Isn't it a completely encrypted tunnel ?
 
User avatar
jvanhambelgium
Forum Veteran
Forum Veteran
Posts: 985
Joined: Thu Jul 14, 2016 9:29 pm
Location: Belgium

Re: urgent help

Thu Oct 06, 2022 11:28 am

So I'm just curious.. How do they block wireguard? Isn't it a completely encrypted tunnel ?
There is nothing difficult about that. (well, probably there is initially to dissect the protocol)
Modern UTM-firewalls can recognize certain applications based on several parameters (including some signatures)
Then simply make firewall-policy to block it.

UTM-firewalls like a Palo Alto have "wireguard" in their library of recognized applications.

https://applipedia.paloaltonetworks.com/

Any of these applications can be blocked very simple with some clicks, although I did not yet test it myself. I'll see if I can try for fun it when I'm onsite at some customer project and use my Android phone with WG-client.
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1347
Joined: Mon Sep 23, 2019 1:04 pm

Re: urgent help

Thu Oct 06, 2022 12:30 pm

Why is MikroTiks problem to bypass your government imposed blocks? You're looking wrongly at the problem.
 
soheilsh
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Fri Nov 26, 2010 3:39 pm

Re: urgent help

Tue Oct 11, 2022 10:56 pm

hello again , just v2ray ( vmess , trojan , shadow socks ) working in iran , ( all mikrotik tunnels blocks )
Is it possible to add this feature in routeros ?
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18958
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: urgent help

Tue Oct 11, 2022 11:22 pm

There is nothing wrong in asking for the functionality, and the desperation is easy to understand and having access to information and for citizens to provide some truth to the rest of the world is not a bad thing. Perhaps normis can convince the $$bosses to create a 7.5 fork adding this functionality with minimal testing..........

Later if found to be of use can be brought into the main fork later.
 
User avatar
own3r1138
Long time Member
Long time Member
Posts: 680
Joined: Sun Feb 14, 2021 12:33 am
Location: Pleiades
Contact:

Re: urgent help

Tue Oct 11, 2022 11:37 pm

It doesn't worth it, just run it on Linux.
https://seakfind.github.io/2021/10/10/X-UI/
 
soheilsh
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Fri Nov 26, 2010 3:39 pm

Re: urgent help

Wed Oct 12, 2022 11:57 am

There is nothing wrong in asking for the functionality, and the desperation is easy to understand and having access to information and for citizens to provide some truth to the rest of the world is not a bad thing. Perhaps normis can convince the $$bosses to create a 7.5 fork adding this functionality with minimal testing..........

Later if found to be of use can be brought into the main fork later.
thanks for supporting
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1347
Joined: Mon Sep 23, 2019 1:04 pm

Re: urgent help

Thu Oct 13, 2022 10:17 am

And that's why you're all under your governments wrath, you're waiting for someone else to fix your problems.
If you want to request features, submit a feature request.
Last edited by Znevna on Thu Oct 13, 2022 10:18 am, edited 1 time in total.
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26287
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: urgent help

Thu Oct 13, 2022 10:17 am

If you can access the forum, you can use DoH and zerotier. I think this is not a question about missing features, but skill to configure existing features.
DoH uses TCP 443 port, the same one you are using to write posts here. It means it's open. Create a free cloud server in any cloud VPS. Also Zerotier is hard to block, it finds ways around limitations automatically

There are many existing solutions you can use
https://github.com/nickovs/lambDoH

No need to wait for some shadowsocks that has the main benefit of having a cool sounding name
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26287
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: urgent help

Thu Oct 13, 2022 10:27 am

Let's stick to topic. "Using existing RouterOS tools to configure working access to internet"
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: urgent help

Thu Oct 13, 2022 10:29 am

Ok... 😅 sorry...
 
soheilsh
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Fri Nov 26, 2010 3:39 pm

Re: urgent help

Thu Oct 13, 2022 10:45 am

If you can access the forum, you can use DoH and zerotier. I think this is not a question about missing features, but skill to configure existing features.
DoH uses TCP 443 port, the same one you are using to write posts here. It means it's open. Create a free cloud server in any cloud VPS. Also Zerotier is hard to block, it finds ways around limitations automatically

There are many existing solutions you can use
https://github.com/nickovs/lambDoH

No need to wait for some shadowsocks that has the main benefit of having a cool sounding name
chr not have zerotier !
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26287
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: urgent help

Thu Oct 13, 2022 10:46 am

My link is not for CHR but hosting your own DoH server
 
soheilsh
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Fri Nov 26, 2010 3:39 pm

Re: urgent help

Thu Oct 13, 2022 11:06 am

My link is not for CHR but hosting your own DoH server
doh is block in iran , how to run zerotier in x86 , chr version?
 
soheilsh
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Fri Nov 26, 2010 3:39 pm

Re: urgent help

Thu Oct 13, 2022 11:08 am

My link is not for CHR but hosting your own DoH server
Is it possible to add zerotier to the x86 and chr versions?
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1347
Joined: Mon Sep 23, 2019 1:04 pm

Re: urgent help

Thu Oct 13, 2022 11:10 am

https://hub.docker.com/r/zerotier/zerotier
Ez.
Don't be lazy, Mr. socks5notworking.
 
soheilsh
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Fri Nov 26, 2010 3:39 pm

Re: urgent help

Thu Oct 13, 2022 11:16 am

Iran's internet has two separate networks, one internal and one external the same as the normal internet. They block the internet during protests
in 1am to 16 pm The internet normally has no problem during certain hours but telegram, whatsapp, and instagram are blocked
In the hours of 16:00 to 24:00 during protests cut the internet, we can access the internet with special methods through the iranian datacenters, but telegram, whatsapp, and instagram are blocked by China's deepinjection method
Last edited by soheilsh on Thu Oct 13, 2022 11:29 am, edited 2 times in total.
 
soheilsh
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Fri Nov 26, 2010 3:39 pm

Re: urgent help

Thu Oct 13, 2022 11:19 am

https://hub.docker.com/r/zerotier/zerotier
Ez.
Don't be lazy, Mr. socks5notworking.
Launching any kind of operating system and infrastructure is currently associated with difficulties, please understand the situation, our focus is on Mikrotik.
 
soheilsh
Member Candidate
Member Candidate
Topic Author
Posts: 100
Joined: Fri Nov 26, 2010 3:39 pm

Re: urgent help

Thu Oct 13, 2022 11:34 am

Dear normis, at least do us a favor and provide the zerotier plugin for chr, x86 version.
 
User avatar
Znevna
Forum Guru
Forum Guru
Posts: 1347
Joined: Mon Sep 23, 2019 1:04 pm

Re: urgent help

Thu Oct 13, 2022 11:47 am

Boy, you're something I tell you that.
If you can run zerotier as a package then you can run zerotier as a container.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18958
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: urgent help

Thu Oct 13, 2022 5:24 pm

I'm sure container usage is crystal clear and easy after this.......
Any other topic gets one short video - which leads me to think that even MT acknowledges that containers are complex!!
(let alone getting a grip on zerotier)

https://www.youtube.com/watch?v=8u1PVouAGnk
https://www.youtube.com/watch?v=UMcJs4oyHDk
https://www.youtube.com/watch?v=i9GcFEx_Ois
 
farzin
just joined
Posts: 16
Joined: Wed Feb 29, 2012 4:12 pm

Re: urgent help

Sun Nov 06, 2022 7:25 pm

I installed ZeroTier in an Ubuntu vps ... and tested on different ISP internets.
in one ISP ( hamrah aval mobile data ) ... it could connect and get the network name. but no traffic was going through.. ( no ping of the server or local ip range ) ( Nat/ port forward / IPtables config seems to be ok in the ubuntu as other methods are passing traffic.)

in one ISP ( ADSL ) it couldn't connect and couldn't get online at all. I think it uses UDP and UDP/TSL is blocked. V2ray works on TCP with vless and vmess types. but this one didn't work on 2 Internets that I tested.
 
m3ni
just joined
Posts: 1
Joined: Sun Jan 07, 2018 9:45 pm

Re: urgent help

Fri Nov 11, 2022 4:03 pm

Hey there!
Yes they've blocked all the "outgoing" VPN connections, but not the "incoming" VPN connections!
You probably know what to do next... Reverse VPN!
I tried SSTP and OpenVPN, they both work.
Good luck, Hamvatan.
 
masmahmoudi
just joined
Posts: 2
Joined: Thu Aug 14, 2014 7:20 pm

Re: urgent help

Sat Nov 12, 2022 4:17 am

To Farzin and Soheilsh,

Hello,
Would you please let me know, even if Mikrotik adds Shadowsocks, vmess VLESS Trojan etc. how you are going to use these features?
There should be some providers out of Iran and you purchase some subscription or you should have your own servers out of Iran to connect to those servers.
If you have resources out of Iran and you can obtain access to some VPS, I have writen a multiprotocol server in python that can be installed on Debian based Linux distributions and it will be up and usable in less that 5 minutes! I can also provide you an iso image of the whole running server.
The problem is if they (fucking bastards of Iranian filtering system) realy are using ACTIVE PROBING to block VPNs and using human resources (as I am heared of) to block suspicious ip addresses and proxies, so they will block those servers that you are going to have..... Bad news is that somehow China have integrated SOCKS5 blockers to its GFW's active probing and Iran will have the technology soon..... My opinion, do not invest on Shadowsocks but v2ray....

Let me know if I can help....
P.N.:) I have tested DOH and it is working. They have blocked all known DOH servers and you have to set your own server to bypass ICMP filterings.

Take care,
Masoud
You do not have the required permissions to view the files attached to this post.
 
x23are
just joined
Posts: 4
Joined: Thu Jan 09, 2020 9:37 am

Re: urgent help

Mon Nov 14, 2022 8:23 pm

if you want v2ray on mikrotik you must learn how to use container feature to add it. you can use this feature also on chr and arm base MT devices

you can find v2ray images in docker hub
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18958
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: urgent help

Mon Nov 14, 2022 9:52 pm

Is v2ray a service through google and thus costs per hour or is this something you can setup between two devices directly?
 
saeed6668
just joined
Posts: 7
Joined: Fri Feb 14, 2020 1:26 pm

Re: urgent help

Tue Dec 20, 2022 7:05 am

To Farzin and Soheilsh,

Hello,
Would you please let me know, even if Mikrotik adds Shadowsocks, vmess VLESS Trojan etc. how you are going to use these features?
There should be some providers out of Iran and you purchase some subscription or you should have your own servers out of Iran to connect to those servers.
If you have resources out of Iran and you can obtain access to some VPS, I have writen a multiprotocol server in python that can be installed on Debian based Linux distributions and it will be up and usable in less that 5 minutes! I can also provide you an iso image of the whole running server.
The problem is if they (fucking bastards of Iranian filtering system) realy are using ACTIVE PROBING to block VPNs and using human resources (as I am heared of) to block suspicious ip addresses and proxies, so they will block those servers that you are going to have..... Bad news is that somehow China have integrated SOCKS5 blockers to its GFW's active probing and Iran will have the technology soon..... My opinion, do not invest on Shadowsocks but v2ray....

Let me know if I can help....
P.N.:) I have tested DOH and it is working. They have blocked all known DOH servers and you have to set your own server to bypass ICMP filterings.

Take care,
Masoud
Hi masoud
Whould you please send me the configuration of DOH so i can configure my own server? Thanks
 
alirezamobile99
just joined
Posts: 5
Joined: Thu Feb 09, 2023 12:50 pm

Re: urgent help

Wed Feb 15, 2023 12:34 am

does anyone run v2ray client on mikrotik ?

Who is online

Users browsing this forum: outtahere, sas2k and 52 guests