[X] My Assistant

Recent days china gov seems blocked e-hentai.org via GFW, and they did it for domain e-hentai.org 3 years ago. Now there is no way to visit ehentai directly without a proxy service. But I found that there is lots of h@h clients still running in china mainland.
I also notice that the hitrate for my host in china is going to decrease, is that only happens in my home? H@H api and hath.network domain are not banned in china.


I think that is it possible to add a option to allow user to choose their prefer cache load reigon?

It's dns poisoning, so no proxy is needed to access ehentai. Common way is to add records to the hosts file, though it might be hard for mobile platforms. Using DoT/DoH is a viable option, but it will cause inconvenience. On android you may either install apps like Daedalus to setup local dns server, or use EhViewer, it supports custom hosts, but sadly this app is no longer officially maintained, there are several forks though.

DNS over HTTPS is either the default or can be easily enabled in the major desktop browsers (Chrome/Firefox). Dunno about mobile, though.

As for choosing load region, you definitely want to load images from the region of the proxy/VPN you are using rather than the one you are physically located in, otherwise it is going to slow it down by a lot.

Note that while using a hosts file is fine, you really don't want to hardcode IP addresses within apps and stuff, as it will inevitably break when they change, and also causes load inbalances. Google has an [developers.google.com] API you can use to resolve IPs.

Using DNS over HTTPS in china requires a dns server outside the mainland china to get the right answer, however it will slow down other websites since many of them don't support edns or the support is not that good(cloudflare's public resolver even don't support edns at all). Might have to install another browser just for browsing with DoH.

Speaking of hardcoding ip address in the hosts file, I think it's still a good solution. Only e-hentai.org gets dns poisoned, and it uses cloudflare, so just pointing it to any cloudflare's frontend ips will work, at least it's better than unable to access ehentai at all.

It's dns poisoning, so no proxy is needed to access ehentai. Common way is to add records to the hosts file, though it might be hard for mobile platforms. Using DoT/DoH is a viable option, but it will cause inconvenience. On android you may either install apps like Daedalus to setup local dns server, or use EhViewer, it supports custom hosts, but sadly this app is no longer officially maintained, there are several forks though.

1. The DoH or DoT server without pollution usually don't have a geoDNS optimization in china, and that is why i don't think it is a good solution to deal with GFW. Even iOS and Android now support them.
2. Ehviewer is still under maintain in public group, looking for it in its github readme.

And I used to believe that ehentai is banned via SNI block because i tried to solve domain through the proxy, alidns and 114dns responded a currect record.

This post has been edited by hhd2: Nov 29 2020, 17:59

DNS over HTTPS is either the default or can be easily enabled in the major desktop browsers (Chrome/Firefox). Dunno about mobile, though.

As for choosing load region, you definitely want to load images from the region of the proxy/VPN you are using rather than the one you are physically located in, otherwise it is going to slow it down by a lot.

Note that while using a hosts file is fine, you really don't want to hardcode IP addresses within apps and stuff, as it will inevitably break when they change, and also causes load inbalances. Google has an [developers.google.com] API you can use to resolve IPs.

Most popular proxy software which can be used in china supporting router feature which will give 2 or more router to proxy the traffic by rule. And that is why i thought about it. I think load cache via local network will always faster and more costsaving than load them via proxy.

Most popular proxy software which can be used in china supporting router feature which will give 2 or more router to proxy the traffic by rule. And that is why i thought about it. I think load cache via local network will always faster and more costsaving than load them via proxy.

You mean you route the requests to the site itself through a foreign proxy, but not the requests to the H@H network? I suppose with split tunneling VPN/proxy types it might perform better, I'll consider adding some kind of region selector.

Get routers that support custom firmwares and add something that can do DNS hijacking. Some can use different DNS for Chinese websites and foreign ones. I am using it currently and it sped up my browsing even without VPN greatly. (still require a VPN server to connect to foreign DNS server)

Or look into websites that offer DNS services that does this automatically when you use their DNS.

You mean you route the requests to the site itself through a foreign proxy, but not the requests to the H@H network? I suppose with split tunneling VPN/proxy types it might perform better, I'll consider adding some kind of region selector.

yes! that is what i mean

Get routers that support custom firmwares and add something that can do DNS hijacking. Some can use different DNS for Chinese websites and foreign ones. I am using it currently and it sped up my browsing even without VPN greatly. (still require a VPN server to connect to foreign DNS server)

Or look into websites that offer DNS services that does this automatically when you use their DNS.

I'd perfer to use a proxy software and i don't think selfbuild DNS server at home is a good idea exclude ADguard Home. A bad dns setup can slooooow down home internet expenience.
And most of time, proxy is used to speed up some foreign service which don't have CDN or optimized router to china.
Seems Cloudflare plan ehentai using now don't have a HK router without a CN2 access.

UPDATED: E-HENTAI.ORG is both DNS and SNI fxxked, in all ISPs, which make the DoH or hosts evasion method above mentioned fails.

For EHGT.ORG, all ISPs do not use DNS pollution. In particular, "China Mobile" resets this domain name based on detection SNI.

All ISPs have not used any method to block *.HATH.NETWORK

Consider adding below rules to your proxy tool, this is a example for Clash

- DOMAIN-SUFFIX,hath.network,DIRECT
- DOMAIN,ehgt.org,DIRECT # PROXY if China Mobile
- DOMAIN-KEYWORD,hentai.org,PROXY

This post has been edited by strongarm: Dec 11 2020, 06:32

Can confirm, sni reset seems to be applied since 2020-12-11 12:00 UTC.

I think this is gradually progressing, and the part of the ISP has not deployed SNI reset before.
In addition, because it is an SNI reset, the domain front seems to be able to bypass.

Test by yourself:
curl -vk 'https://104.20.27.25' -H "Host: e-hentai.org"
curl -vk 'https://94.100.18.243' -H "Host: forums.e-hentai.org"
curl -vk 'https://178.175.132.20' -H "Host: abcdefghijklmnopqrstuvwxyz.org"

To block this type of evasion method, censorship systems must do ROUTING BLACKHOLE on these IPs, as they did before to Google, Twitter and Facebook.
But I don't think they are going to deploy such expensive blocking.

This post has been edited by strongarm: Dec 11 2020, 04:18

deleted

This post has been edited by strongarm: Dec 12 2020, 15:21

An unofficial e-hentai.org reader

We don't endorse using any unofficial apps just to visit the site (with few exceptions where we did verify the codes and all). If anyone decided to use this piece of software, use it at your own risk.

The funny thing is that most people from China aren't going to bother to break through the firewall to get to "dissident information" like unfiltered news and criticism against the government, but if you try to take away the porn, then boy howdy the anti-block-blocker-blockers are going to be developed fast. (IMG:[invalid] style_emoticons/default/tongue.gif)

then boy howdy the anti-block-blocker-blockers are going to be developed fast. (IMG:[invalid] style_emoticons/default/tongue.gif)

The same anti-censorship method (Domain Fronting) exists long time ago , and is widely used before this site even got blocked, for example GoAgent, using Google's appspot servers as proxy servers.

For more information about Domain Fronting, see [digi.ninja] https://digi.ninja/blog/domain_fronting.php

This post has been edited by strongarm: Dec 11 2020, 15:05

能给个中文解决方案吗？英语苦手

我试过试用谷歌的lantern和猎豹vpn，不过并不能连接enhentai

deleted

This post has been edited by strongarm: Dec 12 2020, 15:22

Since Dec 10th the Hitrate of my H@H client drops from 500/min to 50/min
ISP: China Telecom @Wuhan
Maybe you are not alone....

The funny thing is that most people from China aren't going to bother to break through the firewall to get to "dissident information" like unfiltered news and criticism against the government, but if you try to take away the porn, then boy howdy the anti-block-blocker-blockers are going to be developed fast. (IMG:[invalid] style_emoticons/default/tongue.gif)

Sex is the primary productive force including but not limited to games, artificial intelligence, etc. (IMG:[invalid] style_emoticons/default/rolleyes.gif)