A Russian user ran a self-built snowflake-proxy from inside the censored country using the 'random-and-mimic' fingerprint option, successfully serving Iranian, Turkmen, Russian, and German Tor users, demonstrating that the blocking is unidirectional (targeting client DTLS hellos) and that snowflake-broker and rendezvous domains (snowflake-broker.torproject.net, snowflake-01/02.torproject.net) remained accessible behind the .net SNI — only the DTLS data channel was filtered.
From 2026-wkrp-snowflake-targeted-dtls-filtering — Snowflake-targeted DTLS filtering in Russia, starting 2026-03-30
· kad09 original report, Issue #422 comment
· 2026
· net4people/bbs
Implications
Ensure rendezvous / broker channels remain on domain-fronted or SNI-hidden transports even after DTLS fixes — the filter's current scope is narrow, but broker reachability is the remaining chokepoint.
Document which proxy fingerprint variants survive filtering so the user community can contribute compliant relays; operator diversity requires clear fingerprint compliance specs.