typos

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -0,0 +1,20 @@
+name: 🐛 Проблема
+title: '[Проблема] '
+description: Сообщить о проблеме
+labels: ['type: проблема', 'status: нуждается в сортировке']
+
+body:
+  - type: textarea
+    id: description
+    attributes:
+      label: Опишите вашу проблему
+      description: Чётко опишите проблему с которой вы столкнулись
+      placeholder: Описание проблемы
+    validations:
+      required: true
+
+  - type: textarea
+    id: additions
+    attributes:
+      label: Дополнительные детали
+      description: Если у вас проблемы с работой прокси, то приложите файл логов в момент возникновения проблемы.

.github/workflows/build.yml

@@ -37,7 +37,8 @@ jobs:
         uses: actions/upload-artifact@v4
         with:
           name: TgWsProxy
-          path: dist/TgWsProxy.exe
+          path: |
+            dist/TgWsProxy.exe
 
   build-win7:
     runs-on: windows-latest

README.md

@@ -1,3 +1,13 @@
+> [!CAUTION]
+>
+> ### Реакция антивирусов
+> Windows Defender часто ошибочно помечает приложение как **Wacatac**.  
+> Если вы не можете скачать из-за блокировки, то:
+> 1) Попробуйте скачать версию win7 (она ничем не отличается в плане функционала)
+> 2) Отключите антивирус на время скачивания, добавьте файл в исключения и включите обратно  
+>
+> **Всегда проверяйте, что скачиваете из интернета, тем более из непроверенных источников. Всегда лучше смотреть на детекты широко известных антивирусов на VirusTotal**
+
 # TG WS Proxy
 
 Локальный SOCKS5-прокси для Telegram Desktop, который перенаправляет трафик через WebSocket-соединения к указанным серверам, помогая частично ускорить работу Telegram.  

proxy/tg_ws_proxy.py

@@ -17,6 +17,12 @@ from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
 DEFAULT_PORT = 1080
 log = logging.getLogger('tg-ws-proxy')
 
+_TCP_NODELAY = True
+_RECV_BUF = 65536
+_SEND_BUF = 65536
+_WS_POOL_SIZE = 4
+_WS_POOL_MAX_AGE = 120.0
+
 _TG_RANGES = [
     # 185.76.151.0/24
     (struct.unpack('!I', _socket.inet_aton('185.76.151.0'))[0],
@@ -32,24 +38,32 @@ _TG_RANGES = [
      struct.unpack('!I', _socket.inet_aton('91.108.255.255'))[0]),
 ]
 
-_IP_TO_DC: Dict[str, int] = {
+# IP -> (dc_id, is_media)
+_IP_TO_DC: Dict[str, Tuple[int, bool]] = {
     # DC1
-    '149.154.175.50': 1, '149.154.175.51': 1, '149.154.175.54': 1,
+    '149.154.175.50': (1, False), '149.154.175.51': (1, False),
+    '149.154.175.53': (1, False), '149.154.175.54': (1, False),
+    '149.154.175.52': (1, True),
     # DC2
-    '149.154.167.41': 2,
+    '149.154.167.41': (2, False), '149.154.167.50': (2, False),
-    '149.154.167.50': 2, '149.154.167.51': 2, '149.154.167.220': 2,
+    '149.154.167.51': (2, False), '149.154.167.220': (2, False),
+    '95.161.76.100':  (2, False),
+    '149.154.167.151': (2, True), '149.154.167.222': (2, True),
+    '149.154.167.223': (2, True), '149.154.162.123': (2, True),
     # DC3
-    '149.154.175.100': 3, '149.154.175.101': 3,
+    '149.154.175.100': (3, False), '149.154.175.101': (3, False),
+    '149.154.175.102': (3, True),
     # DC4
-    '149.154.167.91': 4, '149.154.167.92': 4,
+    '149.154.167.91': (4, False), '149.154.167.92': (4, False),
+    '149.154.164.250': (4, True), '149.154.166.120': (4, True),
+    '149.154.166.121': (4, True), '149.154.167.118': (4, True),
+    '149.154.165.111': (4, True),
     # DC5
-    '91.108.56.100': 5, 
+    '91.108.56.100': (5, False), '91.108.56.101': (5, False),
-    '91.108.56.126': 5, '91.108.56.101': 5, '91.108.56.116': 5, 
+    '91.108.56.116': (5, False), '91.108.56.126': (5, False),
-    # DC203
+    '149.154.171.5':  (5, False),
-    '91.105.192.100': 203,
+    '91.108.56.102': (5, True), '91.108.56.128': (5, True),
-    # Media DCs
+    '91.108.56.151': (5, True),
-    # '149.154.167.151': 2, '149.154.167.223': 2, 
-    # '149.154.166.120': 4, '149.154.166.121': 4,
 }
 
 _dc_opt: Dict[int, Optional[str]] = {}
@@ -69,6 +83,22 @@ _ssl_ctx.check_hostname = False
 _ssl_ctx.verify_mode = ssl.CERT_NONE
 
 
+def _set_sock_opts(transport):
+    sock = transport.get_extra_info('socket')
+    if sock is None:
+        return
+    if _TCP_NODELAY:
+        try:
+            sock.setsockopt(_socket.IPPROTO_TCP, _socket.TCP_NODELAY, 1)
+        except (OSError, AttributeError):
+            pass
+    try:
+        sock.setsockopt(_socket.SOL_SOCKET, _socket.SO_RCVBUF, _RECV_BUF)
+        sock.setsockopt(_socket.SOL_SOCKET, _socket.SO_SNDBUF, _SEND_BUF)
+    except OSError:
+        pass
+
+
 class WsHandshakeError(Exception):
     def __init__(self, status_code: int, status_line: str,
                  headers: dict = None, location: str = None):
@@ -86,10 +116,9 @@ class WsHandshakeError(Exception):
 def _xor_mask(data: bytes, mask: bytes) -> bytes:
     if not data:
         return data
-    a = bytearray(data)
+    n = len(data)
-    for i in range(len(a)):
+    mask_rep = (mask * (n // 4 + 1))[:n]
-        a[i] ^= mask[i & 3]
+    return (int.from_bytes(data, 'big') ^ int.from_bytes(mask_rep, 'big')).to_bytes(n, 'big')
-    return bytes(a)
 
 
 class RawWebSocket:
@@ -127,6 +156,7 @@ class RawWebSocket:
             asyncio.open_connection(ip, 443, ssl=_ssl_ctx,
                                     server_hostname=domain),
             timeout=min(timeout, 10))
+        _set_sock_opts(writer.transport)
 
         ws_key = base64.b64encode(os.urandom(16)).decode()
         req = (
@@ -193,6 +223,15 @@ class RawWebSocket:
         self.writer.write(frame)
         await self.writer.drain()
 
+    async def send_batch(self, parts: List[bytes]):
+        """Send multiple binary frames with a single drain (less overhead)."""
+        if self._closed:
+            raise ConnectionError("WebSocket closed")
+        for part in parts:
+            frame = self._build_frame(self.OP_BINARY, part, mask=True)
+            self.writer.write(frame)
+        await self.writer.drain()
+
     async def recv(self) -> Optional[bytes]:
         """
         Receive the next data frame.  Handles ping/pong/close
@@ -336,24 +375,96 @@ def _dc_from_init(data: bytes) -> Tuple[Optional[int], bool]:
                   proto, dc_raw, plain.hex())
         if proto in (0xEFEFEFEF, 0xEEEEEEEE, 0xDDDDDDDD):
             dc = abs(dc_raw)
-            if 1 <= dc <= 1000:
+            if 1 <= dc <= 5:
                 return dc, (dc_raw < 0)
     except Exception as exc:
         log.debug("DC extraction failed: %s", exc)
     return None, False
 
 
-def _ws_domains(dc: int, is_media) -> List[str]:
+def _patch_init_dc(data: bytes, dc: int) -> bytes:
     """
-    Return domain names to try for WebSocket connection to a DC.
+    Patch dc_id in the 64-byte MTProto init packet.
 
-    DC 1-5:  kws{N}[-1].web.telegram.org
+    Mobile clients with useSecret=0 leave bytes 60-61 as random.
-    DC >5:   kws{N}[-1].telegram.org
+    The WS relay needs a valid dc_id to route correctly.
     """
-    base = 'telegram.org' if dc > 5 else 'web.telegram.org'
+    if len(data) < 64:
+        return data
+
+    new_dc = struct.pack('<h', dc)
+    try:
+        key_raw = bytes(data[8:40])
+        iv = bytes(data[40:56])
+        cipher = Cipher(algorithms.AES(key_raw), modes.CTR(iv))
+        enc = cipher.encryptor()
+        ks = enc.update(b'\x00' * 64) + enc.finalize()
+        patched = bytearray(data[:64])
+        patched[60] = ks[60] ^ new_dc[0]
+        patched[61] = ks[61] ^ new_dc[1]
+        log.debug("init patched: dc_id -> %d", dc)
+        if len(data) > 64:
+            return bytes(patched) + data[64:]
+        return bytes(patched)
+    except Exception:
+        return data
+
+
+class _MsgSplitter:
+    """
+    Splits client TCP data into individual MTProto abridged-protocol
+    messages so each can be sent as a separate WebSocket frame.
+
+    The Telegram WS relay processes one MTProto message per WS frame.
+    Mobile clients batches multiple messages in a single TCP write (e.g.
+    msgs_ack + req_DH_params).  If sent as one WS frame, the relay
+    only processes the first message — DH handshake never completes.
+    """
+
+    def __init__(self, init_data: bytes):
+        key_raw = bytes(init_data[8:40])
+        iv = bytes(init_data[40:56])
+        cipher = Cipher(algorithms.AES(key_raw), modes.CTR(iv))
+        self._dec = cipher.encryptor()
+        self._dec.update(b'\x00' * 64)  # skip init packet
+
+    def split(self, chunk: bytes) -> List[bytes]:
+        """Decrypt to find message boundaries, return split ciphertext."""
+        plain = self._dec.update(chunk)
+        boundaries = []
+        pos = 0
+        while pos < len(plain):
+            first = plain[pos]
+            if first == 0x7f:
+                if pos + 4 > len(plain):
+                    break
+                msg_len = (
+                    struct.unpack_from('<I', plain, pos + 1)[0] & 0xFFFFFF
+                ) * 4
+                pos += 4
+            else:
+                msg_len = first * 4
+                pos += 1
+            if msg_len == 0 or pos + msg_len > len(plain):
+                break
+            pos += msg_len
+            boundaries.append(pos)
+        if len(boundaries) <= 1:
+            return [chunk]
+        parts = []
+        prev = 0
+        for b in boundaries:
+            parts.append(chunk[prev:b])
+            prev = b
+        if prev < len(chunk):
+            parts.append(chunk[prev:])
+        return parts
+
+
+def _ws_domains(dc: int, is_media) -> List[str]:
     if is_media is None or is_media:
-        return [f'kws{dc}-1.{base}', f'kws{dc}.{base}']
+        return [f'kws{dc}-1.web.telegram.org', f'kws{dc}.web.telegram.org']
-    return [f'kws{dc}.{base}', f'kws{dc}-1.{base}']
+    return [f'kws{dc}.web.telegram.org', f'kws{dc}-1.web.telegram.org']
 
 
 class Stats:
@@ -366,6 +477,8 @@ class Stats:
         self.ws_errors = 0
         self.bytes_up = 0
         self.bytes_down = 0
+        self.pool_hits = 0
+        self.pool_misses = 0
 
     def summary(self) -> str:
         return (f"total={self.connections_total} ws={self.connections_ws} "
@@ -373,6 +486,7 @@ class Stats:
                 f"http_skip={self.connections_http_rejected} "
                 f"pass={self.connections_passthrough} "
                 f"err={self.ws_errors} "
+                f"pool={self.pool_hits}/{self.pool_hits+self.pool_misses} "
                 f"up={_human_bytes(self.bytes_up)} "
                 f"down={_human_bytes(self.bytes_down)}")
 
@@ -380,8 +494,103 @@ class Stats:
 _stats = Stats()
 
 
+class _WsPool:
+    def __init__(self):
+        self._idle: Dict[Tuple[int, bool], list] = {}
+        self._refilling: Set[Tuple[int, bool]] = set()
+
+    async def get(self, dc: int, is_media: bool,
+                  target_ip: str, domains: List[str]
+                  ) -> Optional[RawWebSocket]:
+        key = (dc, is_media)
+        now = time.monotonic()
+
+        bucket = self._idle.get(key, [])
+        while bucket:
+            ws, created = bucket.pop(0)
+            age = now - created
+            if age > _WS_POOL_MAX_AGE or ws._closed:
+                asyncio.create_task(self._quiet_close(ws))
+                continue
+            _stats.pool_hits += 1
+            log.debug("WS pool hit for DC%d%s (age=%.1fs, left=%d)",
+                      dc, 'm' if is_media else '', age, len(bucket))
+            self._schedule_refill(key, target_ip, domains)
+            return ws
+
+        _stats.pool_misses += 1
+        self._schedule_refill(key, target_ip, domains)
+        return None
+
+    def _schedule_refill(self, key, target_ip, domains):
+        if key in self._refilling:
+            return
+        self._refilling.add(key)
+        asyncio.create_task(self._refill(key, target_ip, domains))
+
+    async def _refill(self, key, target_ip, domains):
+        dc, is_media = key
+        try:
+            bucket = self._idle.setdefault(key, [])
+            needed = _WS_POOL_SIZE - len(bucket)
+            if needed <= 0:
+                return
+            tasks = []
+            for _ in range(needed):
+                tasks.append(asyncio.create_task(
+                    self._connect_one(target_ip, domains)))
+            for t in tasks:
+                try:
+                    ws = await t
+                    if ws:
+                        bucket.append((ws, time.monotonic()))
+                except Exception:
+                    pass
+            log.debug("WS pool refilled DC%d%s: %d ready",
+                      dc, 'm' if is_media else '', len(bucket))
+        finally:
+            self._refilling.discard(key)
+
+    @staticmethod
+    async def _connect_one(target_ip, domains) -> Optional[RawWebSocket]:
+        for domain in domains:
+            try:
+                ws = await RawWebSocket.connect(
+                    target_ip, domain, timeout=8)
+                return ws
+            except WsHandshakeError as exc:
+                if exc.is_redirect:
+                    continue
+                return None
+            except Exception:
+                return None
+        return None
+
+    @staticmethod
+    async def _quiet_close(ws):
+        try:
+            await ws.close()
+        except Exception:
+            pass
+
+    async def warmup(self, dc_opt: Dict[int, Optional[str]]):
+        """Pre-fill pool for all configured DCs on startup."""
+        for dc, target_ip in dc_opt.items():
+            if target_ip is None:
+                continue
+            for is_media in (False, True):
+                domains = _ws_domains(dc, is_media)
+                key = (dc, is_media)
+                self._schedule_refill(key, target_ip, domains)
+        log.info("WS pool warmup started for %d DC(s)", len(dc_opt))
+
+
+_ws_pool = _WsPool()
+
+
 async def _bridge_ws(reader, writer, ws: RawWebSocket, label,
-                     dc=None, dst=None, port=None, is_media=False):
+                     dc=None, dst=None, port=None, is_media=False,
+                     splitter: _MsgSplitter = None):
     """Bidirectional TCP <-> WebSocket forwarding."""
     dc_tag = f"DC{dc}{'m' if is_media else ''}" if dc else "DC?"
     dst_tag = f"{dst}:{port}" if dst else "?"
@@ -402,7 +611,14 @@ async def _bridge_ws(reader, writer, ws: RawWebSocket, label,
                 _stats.bytes_up += len(chunk)
                 up_bytes += len(chunk)
                 up_packets += 1
-                await ws.send(chunk)
+                if splitter:
+                    parts = splitter.split(chunk)
+                    if len(parts) > 1:
+                        await ws.send_batch(parts)
+                    else:
+                        await ws.send(parts[0])
+                else:
+                    await ws.send(chunk)
         except (asyncio.CancelledError, ConnectionError, OSError):
             return
         except Exception as e:
@@ -419,7 +635,10 @@ async def _bridge_ws(reader, writer, ws: RawWebSocket, label,
                 down_bytes += len(data)
                 down_packets += 1
                 writer.write(data)
-                await writer.drain()
+                # drain only when kernel buffer is filling up
+                buf = writer.transport.get_write_buffer_size()
+                if buf > _SEND_BUF:
+                    await writer.drain()
         except (asyncio.CancelledError, ConnectionError, OSError):
             return
         except Exception as e:
@@ -550,6 +769,8 @@ async def _handle_client(reader, writer):
     peer = writer.get_extra_info('peername')
     label = f"{peer[0]}:{peer[1]}" if peer else "?"
 
+    _set_sock_opts(writer.transport)
+
     try:
         # -- SOCKS5 greeting --
         hdr = await asyncio.wait_for(reader.readexactly(2), timeout=10)
@@ -588,6 +809,17 @@ async def _handle_client(reader, writer):
 
         port = struct.unpack('!H', await reader.readexactly(2))[0]
 
+        if ':' in dst:
+            log.error(
+                "[%s] IPv6 address detected: %s:%d — "
+                "IPv6 addresses are not supported; "
+                "disable IPv6 to continue using the proxy.",
+                label, dst, port)
+            writer.write(_socks5_reply(0x05))
+            await writer.drain()
+            writer.close()
+            return
+
         # -- Non-Telegram IP -> direct passthrough --
         if not _is_telegram_ip(dst):
             _stats.connections_passthrough += 1
@@ -639,8 +871,14 @@ async def _handle_client(reader, writer):
 
         # -- Extract DC ID --
         dc, is_media = _dc_from_init(init)
+        init_patched = False
+        
+        # Android (may be ios too) with useSecret=0 has random dc_id bytes — patch it
         if dc is None and dst in _IP_TO_DC:
-            dc = _IP_TO_DC.get(dst)
+            dc, is_media = _IP_TO_DC.get(dst)
+            if dc in _dc_opt:
+                init = _patch_init_dc(init, dc if is_media else -dc)
+                init_patched = True
 
         if dc is None or dc not in _dc_opt:
             log.warning("[%s] unknown DC%s for %s:%d -> TCP passthrough",
@@ -684,39 +922,44 @@ async def _handle_client(reader, writer):
         ws_failed_redirect = False
         all_redirects = True
 
-        for domain in domains:
+        ws = await _ws_pool.get(dc, is_media, target, domains)
-            url = f'wss://{domain}/apiws'
+        if ws:
-            log.info("[%s] DC%d%s (%s:%d) -> %s via %s",
+            log.info("[%s] DC%d%s (%s:%d) -> pool hit via %s",
-                     label, dc, media_tag, dst, port, url, target)
+                     label, dc, media_tag, dst, port, target)
-            try:
+        else:
-                ws = await RawWebSocket.connect(target, domain,
+            for domain in domains:
-                                                timeout=10)
+                url = f'wss://{domain}/apiws'
-                all_redirects = False
+                log.info("[%s] DC%d%s (%s:%d) -> %s via %s",
-                break
+                         label, dc, media_tag, dst, port, url, target)
-            except WsHandshakeError as exc:
+                try:
-                _stats.ws_errors += 1
+                    ws = await RawWebSocket.connect(target, domain,
-                if exc.is_redirect:
+                                                    timeout=10)
-                    ws_failed_redirect = True
-                    log.warning("[%s] DC%d%s got %d from %s -> %s",
-                                label, dc, media_tag,
-                                exc.status_code, domain,
-                                exc.location or '?')
-                    continue
-                else:
                     all_redirects = False
-                    log.warning("[%s] DC%d%s WS handshake: %s",
+                    break
-                                label, dc, media_tag, exc.status_line)
+                except WsHandshakeError as exc:
-            except Exception as exc:
+                    _stats.ws_errors += 1
-                _stats.ws_errors += 1
+                    if exc.is_redirect:
-                all_redirects = False
+                        ws_failed_redirect = True
-                err_str = str(exc)
+                        log.warning("[%s] DC%d%s got %d from %s -> %s",
-                if ('CERTIFICATE_VERIFY_FAILED' in err_str or
+                                    label, dc, media_tag,
-                        'Hostname mismatch' in err_str):
+                                    exc.status_code, domain,
-                    log.warning("[%s] DC%d%s SSL error: %s",
+                                    exc.location or '?')
-                                label, dc, media_tag, exc)
+                        continue
-                else:
+                    else:
-                    log.warning("[%s] DC%d%s WS connect failed: %s",
+                        all_redirects = False
-                                label, dc, media_tag, exc)
+                        log.warning("[%s] DC%d%s WS handshake: %s",
+                                    label, dc, media_tag, exc.status_line)
+                except Exception as exc:
+                    _stats.ws_errors += 1
+                    all_redirects = False
+                    err_str = str(exc)
+                    if ('CERTIFICATE_VERIFY_FAILED' in err_str or
+                            'Hostname mismatch' in err_str):
+                        log.warning("[%s] DC%d%s SSL error: %s",
+                                    label, dc, media_tag, exc)
+                    else:
+                        log.warning("[%s] DC%d%s WS connect failed: %s",
+                                    label, dc, media_tag, exc)
 
         # -- WS failed -> fallback --
         if ws is None:
@@ -745,12 +988,20 @@ async def _handle_client(reader, writer):
         _dc_fail_until.pop(dc_key, None)
         _stats.connections_ws += 1
 
+        splitter = None
+        if init_patched:
+            try:
+                splitter = _MsgSplitter(init)
+            except Exception:
+                pass
+
         # Send the buffered init packet
         await ws.send(init)
 
         # Bidirectional bridge
         await _bridge_ws(reader, writer, ws, label,
-                         dc=dc, dst=dst, port=port, is_media=is_media)
+                         dc=dc, dst=dst, port=port, is_media=is_media,
+                         splitter=splitter)
 
     except asyncio.TimeoutError:
         log.warning("[%s] timeout during SOCKS5 handshake", label)
@@ -784,6 +1035,12 @@ async def _run(port: int, dc_opt: Dict[int, Optional[str]],
         _handle_client, host, port)
     _server_instance = server
 
+    for sock in server.sockets:
+        try:
+            sock.setsockopt(_socket.IPPROTO_TCP, _socket.TCP_NODELAY, 1)
+        except (OSError, AttributeError):
+            pass
+
     log.info("=" * 60)
     log.info("  Telegram WS Bridge Proxy")
     log.info("  Listening on   %s:%d", host, port)
@@ -806,6 +1063,8 @@ async def _run(port: int, dc_opt: Dict[int, Optional[str]],
 
     asyncio.create_task(log_stats())
 
+    await _ws_pool.warmup(dc_opt)
+
     if stop_event:
         async def wait_stop():
             await stop_event.wait()

windows.py

@@ -25,6 +25,7 @@ APP_DIR = Path(os.environ.get("APPDATA", Path.home())) / APP_NAME
 CONFIG_FILE = APP_DIR / "config.json"
 LOG_FILE = APP_DIR / "proxy.log"
 FIRST_RUN_MARKER = APP_DIR / ".first_run_done"
+IPV6_WARN_MARKER = APP_DIR / ".ipv6_warned"
 
 
 DEFAULT_CONFIG = {
@@ -40,30 +41,81 @@ _async_stop: Optional[object] = None
 _tray_icon: Optional[object] = None
 _config: dict = {}
 _exiting: bool = False
+_lock_file_path: Optional[Path] = None
 
 log = logging.getLogger("tg-ws-tray")
 
 
+def _same_process(lock_meta: dict, proc: psutil.Process) -> bool:
+    try:
+        lock_ct = float(lock_meta.get("create_time", 0.0))
+        proc_ct = float(proc.create_time())
+        if lock_ct > 0 and abs(lock_ct - proc_ct) > 1.0:
+            return False
+    except Exception:
+        return False
+
+    frozen = bool(getattr(sys, "frozen", False))
+    if frozen:
+        return os.path.basename(sys.executable) == proc.name()
+
+    return False
+
+
+def _release_lock():
+    global _lock_file_path
+    if not _lock_file_path:
+        return
+    try:
+        _lock_file_path.unlink(missing_ok=True)
+    except Exception:
+        pass
+    _lock_file_path = None
+
+
 def _acquire_lock() -> bool:
+    global _lock_file_path
     _ensure_dirs()
     lock_files = list(APP_DIR.glob("*.lock"))
-        
+
     for f in lock_files:
+        pid = None
+        meta: dict = {}
+
         try:
             pid = int(f.stem)
-            if psutil.pid_exists(pid):
+        except Exception:
-                try:
+            f.unlink(missing_ok=True)
-                    psutil.Process(pid).status()
+            continue
-                    return False
+
-                except (psutil.NoSuchProcess, psutil.ZombieProcess):
+        try:
-                    pass
+            raw = f.read_text(encoding="utf-8").strip()
+            if raw:
+                meta = json.loads(raw)
+        except Exception:
+            meta = {}
+
+        try:
+            proc = psutil.Process(pid)
+            if _same_process(meta, proc):
+                return False
         except Exception:
             pass
 
         f.unlink(missing_ok=True)
 
     lock_file = APP_DIR / f"{os.getpid()}.lock"
-    lock_file.touch()
+    try:
+        proc = psutil.Process(os.getpid())
+        payload = {
+            "create_time": proc.create_time(),
+        }
+        lock_file.write_text(json.dumps(payload, ensure_ascii=False),
+                             encoding="utf-8")
+    except Exception:
+        lock_file.touch()
+
+    _lock_file_path = lock_file
     return True
 
 
@@ -220,9 +272,8 @@ def _show_info(text: str, title: str = "TG WS Proxy"):
 
 
 def _on_open_in_telegram(icon=None, item=None):
-    host = _config.get("host", DEFAULT_CONFIG["host"])
     port = _config.get("port", DEFAULT_CONFIG["port"])
-    url = f"tg://socks?server={host}&port={port}"
+    url = f"tg://socks?server=127.0.0.1&port={port}"
     log.info("Opening %s", url)
     try:
         result = webbrowser.open(url)
@@ -234,7 +285,7 @@ def _on_open_in_telegram(icon=None, item=None):
             pyperclip.copy(url)
             _show_info(
                 f"Не удалось открыть Telegram автоматически.\n\n"
-                f"Ссылка скопирована в буфер обмена, отправьте её в телеграмм и нажмите по ней ЛКМ:\n{url}",
+                f"Ссылка скопирована в буфер обмена, отправьте её в Telegram и нажмите по ней ЛКМ:\n{url}",
                 "TG WS Proxy")
         except Exception as exc:
             log.error("Clipboard copy failed: %s", exc)
@@ -524,6 +575,51 @@ def _show_first_run():
     root.mainloop()
 
 
+def _has_ipv6_enabled() -> bool:
+    import socket as _sock
+    try:
+        addrs = _sock.getaddrinfo(_sock.gethostname(), None, _sock.AF_INET6)
+        for addr in addrs:
+            ip = addr[4][0]
+            if ip and not ip.startswith('::1') and not ip.startswith('fe80::1'):
+                return True
+    except Exception:
+        pass
+    try:
+        s = _sock.socket(_sock.AF_INET6, _sock.SOCK_STREAM)
+        s.bind(('::1', 0))
+        s.close()
+        return True
+    except Exception:
+        return False
+
+
+def _check_ipv6_warning():
+    _ensure_dirs()
+    if IPV6_WARN_MARKER.exists():
+        return
+    if not _has_ipv6_enabled():
+        return
+
+    IPV6_WARN_MARKER.touch()
+
+    threading.Thread(target=_show_ipv6_dialog, daemon=True).start()
+
+
+def _show_ipv6_dialog():
+    _show_info(
+        "На вашем компьютере включена поддержка подключения по IPv6.\n\n"
+        "Telegram может пытаться подключаться через IPv6, "
+        "что не поддерживается и может привести к ошибкам.\n\n"
+        "Если прокси не работает или в логах присутствуют ошибки, "
+        "связанные с попытками подключения по IPv6 - "
+        "попробуйте отключить в настройках прокси Telegram попытку соединения "
+        "по IPv6. Если данная мера не помогает, попробуйте отключить IPv6 "
+        "в системе.\n\n"
+        "Это предупреждение будет показано только один раз.",
+        "TG WS Proxy")
+
+
 def _build_menu():
     if pystray is None:
         return None
@@ -574,6 +670,7 @@ def run_tray():
     start_proxy()
 
     _show_first_run()
+    _check_ipv6_warning()
 
     icon_image = _load_icon()
     _tray_icon = pystray.Icon(
@@ -594,7 +691,10 @@ def main():
         _show_info("Приложение уже запущено.", os.path.basename(sys.argv[0]))
         return
 
-    run_tray()
+    try:
+        run_tray()
+    finally:
+        _release_lock()
 
 
 if __name__ == "__main__":