what up,
im headed back out. moving to china for a couple years. i've been thinking of solutions and workarounds for the great firewall of china. i think the best solution for me personally would be to setup up an ssl proxy on my U.S. servers and just use those for browsing. everything else i can do over ssh tunnels.
i've got nearly zero proxy experience. what are you guys using? squid or is there something better now?
thanks
im headed back out. moving to china for a couple years. i've been thinking of solutions and workarounds for the great firewall of china. i think the best solution for me personally would be to setup up an ssl proxy on my U.S. servers and just use those for browsing. everything else i can do over ssh tunnels.
i've got nearly zero proxy experience. what are you guys using? squid or is there something better now?
thanks
oh and obviously forgot to mention TOR as an option.
The ``BSD solution'' nowadays seems to be Varnish:
http://varnish.projects.linpro.no/
I have no personal experience with it so I'm not sure if it can do what you want ... But I do hear good things about it.
http://varnish.projects.linpro.no/
I have no personal experience with it so I'm not sure if it can do what you want ... But I do hear good things about it.
You can use ssh for browsing too, you know.
if your browser supports socks proxies. which firefox does.
what're you doing in china?
what're you doing in china?
don't you have to turn in your encryption keys to China?
cp: nice gonna check it out now.
bluet: holy shit. i started writing a reply about how i didnt want X on my server and text based browsing wouldnt cut it, then i thought, maybe he really means "browsing over ssh" and did a quick search. and thats EXACTLY what i need. literally tunneling firefox traffic over ssh. you sir, just made my day. thats useful in quite a few situations.
asemi: my girl got a job, we both love asia. live on the ocean. she teaches, i hack. she gets at minimum a week vacation every month for plenty of travels. learn mandarin. while i love my friends and family in the US, i dont like living here that much. rather live on a beach, learning new languages, eating new food and meeting new people. everyday is an adventure.
ozntz: never heard that before.
also, im not far from hong kong which to this date has never been censored by the firewall. i think since its such a huge international city they dont fuck with it. always can go there if there is an issue and i need to get work done
thanks dudes. still want to check out this varnish
bluet: holy shit. i started writing a reply about how i didnt want X on my server and text based browsing wouldnt cut it, then i thought, maybe he really means "browsing over ssh" and did a quick search. and thats EXACTLY what i need. literally tunneling firefox traffic over ssh. you sir, just made my day. thats useful in quite a few situations.
asemi: my girl got a job, we both love asia. live on the ocean. she teaches, i hack. she gets at minimum a week vacation every month for plenty of travels. learn mandarin. while i love my friends and family in the US, i dont like living here that much. rather live on a beach, learning new languages, eating new food and meeting new people. everyday is an adventure.
ozntz: never heard that before.
also, im not far from hong kong which to this date has never been censored by the firewall. i think since its such a huge international city they dont fuck with it. always can go there if there is an issue and i need to get work done
thanks dudes. still want to check out this varnish
:D
What I do in the US is...
My friend has a machine collocated in canada. I ssh tunnel out to it. Have a squid proxy bound internally on the machine.
It could be used for your needs as well.
What you do is, you get a hosted machine outside china... ssh in. That's all china will see.
What you will see is a port on 127.0.0.1 of you machine in china that is an ssh tunnel direct to a port on 127.0.0.1 of your collocated machine... that is a squid proxy.
Then you just browse normally with yer proxy.
I do it to evade firewalls at work. And if you wanna be super crazy funky fuck you about it. Try an application called "corkscrew" that can ssh through some http proxies... further obscuring the connection.
openvpn is another option.
-matt
My friend has a machine collocated in canada. I ssh tunnel out to it. Have a squid proxy bound internally on the machine.
It could be used for your needs as well.
What you do is, you get a hosted machine outside china... ssh in. That's all china will see.
What you will see is a port on 127.0.0.1 of you machine in china that is an ssh tunnel direct to a port on 127.0.0.1 of your collocated machine... that is a squid proxy.
Then you just browse normally with yer proxy.
I do it to evade firewalls at work. And if you wanna be super crazy funky fuck you about it. Try an application called "corkscrew" that can ssh through some http proxies... further obscuring the connection.
openvpn is another option.
-matt
HTTP over SSH over HTTP over IP over DNS with iodine: http://code.kryo.se/iodine/
This is what im doing now. nny, are there any benifits im not seeing your way?
# ssh -fND localhost:7070 myserver.com
Then just setup firefox to use SOCKS proxy @ localhost:7070
Then in about:config change 'network.proxy.socks_remote_dns to true so DNS goes through the proxy as well.
Just curious. I've been testing it from my house and it seems to be working good and im not seeing any http/dns traffic (at least from firefox) via tcp. just going over ssh. Seems to be working good, but maybe you guys know something I dont.
Thanks
# ssh -fND localhost:7070 myserver.com
Then just setup firefox to use SOCKS proxy @ localhost:7070
Then in about:config change 'network.proxy.socks_remote_dns to true so DNS goes through the proxy as well.
Just curious. I've been testing it from my house and it seems to be working good and im not seeing any http/dns traffic (at least from firefox) via tcp. just going over ssh. Seems to be working good, but maybe you guys know something I dont.
Thanks
Yeah the squid proxy works well with streaming services like last.fm and pandora.