implement read timeout, if server sends nothing for 1 min, connection drops

don't prefer ipv6 if using middle proxies, they are unstable
use utc timezone when getting the server time
2026-03-13 23:03:09 +00:00 · 2026-02-18 02:37:36 +05:00 · 2026-02-18 02:10:55 +05:00 · 2026-02-18 01:30:46 +05:00 · 2026-02-18 00:04:07 +05:00 · 2026-02-17 21:14:42 +05:00
5 changed files with 483 additions and 244 deletions
--- a/13
+++ b/13
@@ -1,13 +1,14 @@
-FROM alpine:3.10
+FROM ubuntu:24.04

-RUN adduser tgproxy -u 10000 -D
+RUN apt-get update && apt-get install --no-install-recommends -y python3 python3-uvloop python3-cryptography python3-socks libcap2-bin ca-certificates && rm -rf /var/lib/apt/lists/*
+RUN setcap cap_net_bind_service=+ep /usr/bin/python3.12

-RUN apk add --no-cache python3 py3-cryptography ca-certificates libcap
-
-RUN chown -R tgproxy:tgproxy /home/tgproxy
-RUN setcap cap_net_bind_service=+ep /usr/bin/python3.7
+RUN useradd tgproxy -u 10000

 USER tgproxy

 WORKDIR /home/tgproxy/
+
+COPY --chown=tgproxy mtprotoproxy.py config.py /home/tgproxy/
+
 CMD ["python3", "mtprotoproxy.py"]
--- a/README.md
+++ b/README.md
@@ -20,6 +20,11 @@ To advertise a channel get a tag from **@MTProxybot** and put it to *config.py*.
 The proxy performance should be enough to comfortably serve about 4 000 simultaneous users on
 the VDS instance with 1 CPU core and 1024MB RAM.

+## More Instructions ##
+
+- [Running without Docker](https://github.com/alexbers/mtprotoproxy/wiki/Running-Without-Docker)
+- [Optimization and fine tuning](https://github.com/alexbers/mtprotoproxy/wiki/Optimization-and-Fine-Tuning)
+
 ## Advanced Usage ##

 The proxy can be launched:
--- a/config.py
+++ b/config.py
@@ -1,20 +1,25 @@
-PORT = 3256
+PORT = 443

 # name -> secret (32 hex chars)
 USERS = {
-    "tg":  "00000000000000000000000000000000",
-    "tg2": "0123456789abcdef0123456789abcdef"
+    "tg":  "00000000000000000000000000000001",
+    # "tg2": "0123456789abcdef0123456789abcdef",
 }

-# Makes the proxy harder to detect
-# Can be incompatible with very old clients
-SECURE_ONLY = True
+MODES = {
+    # Classic mode, easy to detect
+    "classic": False,

-# Makes the proxy even more hard to detect
-# Compatible only with the recent clients
-TLS_ONLY = True
+    # Makes the proxy harder to detect
+    # Can be incompatible with very old clients
+    "secure": False,

-# The domain for TLS, bad clients are proxied there
+    # Makes the proxy even more hard to detect
+    # Can be incompatible with old clients
+    "tls": True
+}
+
+# The domain for TLS mode, bad clients are proxied there
 # Use random existing domain, proxy checks it on start
 # TLS_DOMAIN = "www.google.com"

--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -7,4 +7,10 @@ services:
    volumes:
        - ./config.py:/home/tgproxy/config.py
        - ./mtprotoproxy.py:/home/tgproxy/mtprotoproxy.py
+        - /etc/localtime:/etc/localtime:ro
+    logging:
+        driver: "json-file"
+        options:
+            max-file: "10"
+            max-size: "10m"
 #    mem_limit: 1024m
--- a/mtprotoproxy.py
+++ b/mtprotoproxy.py
Author	SHA1	Message	Date
Alexander Bersenev	0614c35020	implement read timeout, if server sends nothing for 1 min, connection drops	2026-02-18 02:37:36 +05:00
Alexander Bersenev	368669a546	don't prefer ipv6 if using middle proxies, they are unstable	2026-02-18 02:10:55 +05:00
Alexander Bersenev	949ee12ed2	use utc timezone when getting the server time	2026-02-18 01:30:46 +05:00
Alexander Bersenev	1f7ce9e977	fix typos	2026-02-18 00:04:07 +05:00
Alexander Bersenev	8920faf650	better handling for server-side socket closing in connection pool	2026-02-17 21:14:42 +05:00
Alexander Bersenev	34f743858c	fix small bugs	2026-02-10 16:49:20 +05:00
Alexander Bersenev	375fee1535	update default proxy addresses	2025-11-18 04:27:47 +05:00
Alexander Bersenev	e0ea17978c	update client hello handling for newer tg clients	2025-11-18 03:46:19 +05:00
Rustam @SecondFry Gubaydullin	8bb885ada5	Upgrade base image to Ubuntu 24.04 and Python version	2025-11-13 14:09:38 +05:00
Alexander Bersenev	bc841cff48	change middle proxy default port from 80 to 8888	2024-11-12 01:08:57 +05:00
Alexander Bersenev	c89479000f	change ip of default second middle proxy server, it was updated on the telegram side	2024-09-21 02:51:18 +05:00
Viacheslav Komarov	74711c4212	Hotfix, Change ubuntu version to 22.04 LTS in Dockerfile (#296 )	2023-10-30 18:49:14 +05:00
Alexander Bersenev	51b2482dec	support domains which send several tls records, but print warning	2023-02-27 00:40:25 +05:00
Alexander Bersenev	87f4370927	update ubuntu version in docker	2023-02-20 14:45:21 +05:00
Alexander Bersenev	a978eae922	ignore all new rpc calls instead of closing connection	2023-02-20 14:37:16 +05:00
Alexander Bersenev	88c8c57a44	add handling of some unknown new rpc	2023-02-17 20:16:52 +05:00
Alexander Bersenev	446682521b	use newer Ubuntu and Python in Dockerfile	2022-05-09 00:05:24 +05:00
Alexander Bersenev	b26873176a	compat with python3.10	2022-05-09 00:00:14 +05:00
Alexander Bersenev	6e8e8b63b2	add check if returned ipv6 address is correct	2021-03-02 17:04:54 +05:00
AlisonTNT	3b4f239cc1	Add Pysocks in Dockerfile (#239 ) It's necessary if using upstream SOCKS5 proxy.	2020-09-29 18:29:49 +05:00
Erfan	0283d6264a	set the home domain instead of IP (#231 ) * set the home domain set the home domain for the proxy, has an influence only on the log message * fixed a bug	2020-08-09 13:51:43 +05:00
Erfan	15a8f607ca	added ability to load time from local time set on original server (#230 ) using this command the local time setting will be pushed to docker as a read-only file so you can use your local time	2020-06-20 15:59:25 +05:00
Alexander Bersenev	6076db9f8c	add certificates to Dockerfile	2020-06-17 15:45:47 +05:00
Alexander Bersenev	6560a6c1d2	use new ubuntu 20.04 as base image	2020-04-28 16:20:33 +05:00
Peter Dave Hello	24479e68ab	Add `--no-install-recommends` to `apt-get` in Dockerfile (#221 ) Prevent to install unnecessary recommended packages, make it lighter.	2020-04-28 15:25:38 +05:00
Peter Dave Hello	6ecf0ec9ac	Refactor Dockerfile with less layer and improved layer cache (#220 )	2020-04-27 17:22:57 +05:00
Allineer	18a80e52cd	metrics: broken pipe fix (#210 ) I think, this fixes my issue #208.	2020-03-29 22:18:33 +05:00
Alexander Bersenev	ea3b8a44c3	restrict the logs size with 100MB	2020-03-17 03:11:13 +05:00
Alexander Bersenev	37d570f8dc	handle unknown ips, e.g. from unix sockets	2020-03-05 13:55:10 +05:00
Alexander Bersenev	8f48e9ef65	fix the missing constant	2020-02-27 19:17:15 +05:00
Alexander Bersenev	76bc2253eb	small code style fixes	2020-02-25 20:41:08 +05:00
Alexander Bersenev	07bd9b795a	handle bad secrets in configs	2020-02-25 02:41:49 +05:00
Alexander Bersenev	1cad031947	make dataflow functions top level functions for better speed and memory consumption	2020-02-23 03:03:15 +05:00
Alexander Bersenev	923dac842b	handle broken pipe error	2020-02-17 12:18:13 +05:00
Alexander Bersenev	1a63fdae11	add an option to ignore time skew	2020-02-15 17:12:15 +05:00
Alexander Bersenev	c7b6dcf3c2	save the utilitary task as a variable to prevent early garbage collecting	2020-02-14 18:58:25 +05:00
Alexander Bersenev	a95b1ec3c1	fix typo	2020-02-13 18:21:09 +05:00
Alexander Bersenev	49bc5d1f3b	get rid of "socket.send() raised exception" messages	2020-02-13 18:14:37 +05:00
Alexander Bersenev	c2414c3487	simplify dockerfile	2020-02-13 15:08:01 +05:00
Alexander Bersenev	8b26cc843d	catch IncompleteReadError while handling a bad client	2020-02-13 14:22:32 +05:00
Alexander Bersenev	639dea5e8d	use debian image by default	2020-02-13 04:13:49 +05:00
Alexander Bersenev	c48cacce83	add statisctics about up/down traffic	2020-02-12 16:28:18 +05:00
Alexander Bersenev	2bb0ef0b1f	simplify initialization and stats	2020-02-12 15:41:05 +05:00
Alexander Bersenev	f5ee5db86f	use asyncio.all_tasks on new pythons	2020-02-11 19:10:43 +05:00
Peter Dave Hello	9c50cab94e	Fix file permission in Docker image (#189 ) `chown` needs to be done "after" the file copy, otherwise there is no meaning to do it as /home/tgproxy is default owned by tgproxy already.	2020-02-11 13:50:48 +02:00
Boris Klimenko	199eaeb7c4	Alpine 3.11, Python 3.8 (#185 )	2020-01-22 20:04:29 +02:00
Alexander Bersenev	66ac871a74	remove the hackish logic against replay attacks because it stopped to work with new android clients see https://github.com/alexbers/mtprotoproxy/issues/183	2020-01-16 19:05:18 +05:00
Alexander Bersenev	c5344df0eb	Add wiki links to readme	2019-12-14 14:55:10 +05:00
Alexander Bersenev	93ad268d48	add ip logging	2019-11-29 17:30:10 +05:00
Alexander Bersenev	1c29465b6e	change comment in config	2019-11-22 02:11:41 +05:00
Alexander Bersenev	d41b4abf35	MODES option instead of SECURE_ONLY and TLS_ONLY	2019-11-22 02:05:05 +05:00
Alexander Bersenev	7f19b3f78d	more secure defaul settings	2019-11-19 05:22:49 +05:00
Alexander Bersenev	0549fd7200	increase the connection pool size	2019-11-19 05:00:53 +05:00
Alexander Bersenev	fd75ca3cf9	remove loop argument from create server for compatibility with Python 3.8	2019-11-14 02:43:10 +05:00
Alexander Bersenev	522b0cfe75	move more logic to pooled connection	2019-11-13 02:56:05 +05:00
Alexander Bersenev	4a4d449a34	init pooled connections to save one more round trip time	2019-11-13 02:31:51 +05:00
Alexander Bersenev	8c15fc8fe0	use socket from pool in the creation order	2019-11-12 04:31:47 +05:00
Alexander Bersenev	e436792992	introduce connection pool to reduce pings	2019-11-12 03:53:10 +05:00
K900	07759f67cb	Fix running on Python 3.8 (#161 ) 3.8 removes the asyncio.streams re-export of `IncompleteReadError`, so just access it directly from `asyncio`, like everywhere else in the code already does.	2019-11-11 16:04:14 +05:00
Alexander Bersenev	f525cc9611	more strict validation of tls domain	2019-10-30 22:27:46 +05:00
dasmfm	c010543889	Prefix for Prometheus metrics (#151 ) Added default prefix for Prometheus metrics.	2019-10-09 14:35:02 +05:00
Alexander Bersenev	0a41479054	add copy instruction to docker-compose	2019-10-09 01:56:48 +05:00
Alexander Bersenev	5f206361f2	revert the last commit	2019-10-09 01:56:06 +05:00
Alexander Bersenev	6980bfd3be	add copy instruction to docker-compose	2019-10-09 01:52:09 +05:00