2025-gfw-port443-rst
Analysis of the GFW's Unconditional Port 443 Block on August 20, 2025
Abstract
Analysis of an unusual GFW behavior observed on August 20, 2025: the
GFW unconditionally injected TCP RSTs on port 443 traffic, regardless
of payload, for a measurable window. Likely a misconfiguration or
test deployment rather than a permanent change.
Team notes
Operational anomaly worth knowing about: when the GFW occasionally
exhibits unconditional behavior on a port, it tells us about
failure modes in their deployment process. If we see a sudden CN-
wide spike in tracks failing on port 443 in our bandit signals,
this paper is the precedent: it might be a brief misconfiguration
rather than a deliberate policy change.