Skip to content



This release contains important fixes and we strongly encourage everyone to upgrade.

  • [Important] Fixed a bug where a connection timeout would block other connections from being established
  • Updated quic-go to v0.41.0


  • Fixed a bug where using an IPv4/IPv6 specific listening address like or [::]:443 would still result in listening on both IPv4/IPv6
  • Delay server address DNS resolution until connection attempt when lazy mode is enabled
  • Local TLS certificates are now read every time a TLS handshake takes place, allowing users to update files without restarting the server


  • Fixed a bug introduced in the previous version that broke the automatic reconnection of the client
  • Added suffix: support to ACL for matching a domain and all its subdomains (e.g. reject(


  • Added GeoIP & GeoSite auto update (geoUpdateInterval field under ACL, default is 1 week)
  • Client now shows handshake information after connecting to the server, currently includes UDP forwarding availability & tx rate
  • Changed the basis for bandwidth conversion (Kbps/Mbps/Gbps/Tbps) from 1024 to 1000
  • Added RISC-V (riscv64) support
  • Updated quic-go to v0.40.0


  • Added GeoSite support to ACL (both GeoIP and GeoSite now use the v2ray "dat" format database)
  • Added support for non-English domains (IDN) to ACL (e.g. v6_only(战狼*.中国))
  • Added WebSocket support to masquerade proxy mode
  • Added secret-based authentication to Traffic Stats API
  • Fixed compatibility issues on certain Linux systems


This release contains important fixes and we strongly encourage everyone to upgrade.

  • Fixed a bug where a specially crafted UDP message packet could cause the server to crash
  • Fixed compatibility issues on FreeBSD
  • Windows users can now launch directly by double-clicking the exe file


  • Fixed a memory leak in BBR
  • Minor tweaks to Brutal congestion control
  • Added string mode to masquerade
  • Added HTTP/HTTPS proxy outbound


  • Optimized and fixed some issues in Brutal CC
  • Fixed problem where BBR could freeze the connection and cause CPU usage to spike under certain conditions
  • Fixed two race condition issues
  • Added HYSTERIA_BRUTAL_DEBUG environment variable. When enabled, it prints information like current RTT, packet loss, MTU, etc.


This release contains important fixes and we strongly encourage everyone to upgrade.

  • [Important] Fixed the problem where when using BBR (either the client doesn't set bandwidth or the server has ignoreClientBandwidth enabled), due to a bug in the BBR implementation, it could not accurately determine the bandwidth and send packets much faster than the limit.
  • Fixed the problem where ZeroSSL couldn't acquire certificates due to missing EAB.


  • Fixed connection issues on some devices due to lack of GSO support
  • Added HTTP/HTTPS (TCP) masquerade servers
  • Added Android builds


  • Added TCP redirect mode
  • Log HTTP requests handled by masquerade (debug level)
  • Added environment variable HYSTERIA_ACME_DIR to control ACME data directory location


This is the first stable release of Hysteria 2. It's almost a complete rewrite of the original Hysteria, with a new protocol, new features, and various improvements.