diff --git a/README.md b/README.md
index 552e6c0..f195907 100644
--- a/README.md
+++ b/README.md
@@ -155,6 +155,7 @@ encryption. If you need a proxy, just use our proxy modes.
 ```json5
 {
   "listen": ":36712", // Listen address
+  "protocol": "faketcp", // Blank or "udp" for UDP mode, "faketcp" for TCP "masquerade", see below for details
   "acme": {
     "domains": [
       "your.domain.com",
@@ -255,6 +256,7 @@ hysteria_traffic_uplink_bytes_total{auth="aGFja2VyISE="} 37452
 ```json5
 {
   "server": "example.com:36712", // Server address
+  "protocol": "faketcp", // Blank or "udp" for UDP mode, "faketcp" for TCP "masquerade", see below for details
   "up_mbps": 10, // Max upload Mbps
   "down_mbps": 50, // Max download Mbps
   "socks5": {
@@ -327,6 +329,17 @@ hysteria_traffic_uplink_bytes_total{auth="aGFja2VyISE="} 37452
 }
 ```
 
+#### Fake TCP / TCP masquerade
+
+Certain networks may impose various restrictions on UDP traffic or block it altogether. Hysteria offers a "faketcp" mode
+that allows servers and clients to communicate using a protocol that looks like TCP but does not actually go through the
+system TCP stack. This tricks whatever middleboxes into thinking it's actually TCP traffic, rendering UDP-specific
+restrictions useless.
+
+This mode is currently only supported on Linux (both client and server) and requires root privileges.
+
+If your server is behind a firewall, open the corresponding TCP port instead of UDP.
+
 #### Transparent proxy
 
 TPROXY modes (`tproxy_tcp` & `tproxy_udp`) are only available on Linux.
diff --git a/README.zh.md b/README.zh.md
index 89706c7..93d64be 100644
--- a/README.zh.md
+++ b/README.zh.md
@@ -141,6 +141,7 @@ Hysteria 是一个功能丰富的，专为恶劣网络环境进行优化的网
 ```json5
 {
   "listen": ":36712", // 监听地址
+  "protocol": "faketcp", // 留空或 "udp" 为 UDP 模式，"faketcp" 为伪装 TCP 模式，详情见下
   "acme": {
     "domains": [
       "your.domain.com",
@@ -240,6 +241,7 @@ hysteria_traffic_uplink_bytes_total{auth="aGFja2VyISE="} 37452
 ```json5
 {
   "server": "example.com:36712", // 服务器地址
+  "protocol": "faketcp", // 留空或 "udp" 为 UDP 模式，"faketcp" 为伪装 TCP 模式，详情见下
   "up_mbps": 10, // 最大上传速度
   "down_mbps": 50, // 最大下载速度
   "socks5": {
@@ -312,6 +314,15 @@ hysteria_traffic_uplink_bytes_total{auth="aGFja2VyISE="} 37452
 }
 ```
 
+#### 伪装 TCP (faketcp 模式)
+
+某些网络可能对 UDP 流量施加各种限制，或者完全屏蔽。Hysteria 提供了一个 "faketcp" 模式，让服务端与客户端之间用看起来是 TCP 但实际不走
+系统 TCP 栈的方式通信。通过这种方式可以让防火墙、QoS 设备认为这是真的 TCP 连接，绕过对 UDP 的限制。
+
+目前只在 Linux 上支持（客户端和服务器都是），并且需要 root 权限。
+
+如果你的服务器有防火墙，请放行相应的 TCP 端口而不是 UDP。
+
 #### 透明代理
 
 TPROXY 模式 (`tproxy_tcp` 和 `tproxy_udp`) 只在 Linux 下可用。