Transwiki:Bypassing the Great Firewall of China
 | Please share your thoughts about whether to keep this book on Wikibooks. Maintain this notice so this book can receive a fair review and people have time to boldly address reasonable concerns through concrete improvements. Remove or replace this notice after discussion concludes and a community decision is made. Please also consider notifying the primary contributors on their discussion page with
|
 |
This page was transwikied from another project and needs to be adopted. This page needs to be moved to the main namespace, either as the main page of a book, or as a chapter of another book. After moving, please remove {{Tw-adopt}} from this page. |
The Great Firewall of China, also known as the Golden Shield (Chinese: 金盾; pinyin: jīndùn), is installed on the international Internet gateway of mainland China and censors international communications over the Internet. People in mainland China cannot visit censored websites. This article describes some ways to work around the firewall so that people can bypass this firewall and visit censored websites inside mainland China.
Windows & Macintosh
[edit source]Tor is available for Windows and Mac OS X.
However, it is a bit trickier now since the Tor project website is now banned in China. Tor Service is not affected, but users need working proxy first to download the Tor software package.
Freegate, GTunnel and Ultrasurf are freeware tools to allow users to bypass censorship.
Linux
[edit source]Debian GNU/Linux step by step
[edit source]FIXME: Instructions below point Firefox directly at Tor; this leaks DNS. (Do we care in the China scenario if we leak DNS? Yes, you do care, because if you resolve DNS locally, the local government-controlled DNS servers can lie to you.) On http://tor.eff.org they instruct to run Privoxy between Firefox and Tor, in which case we must install Privoxy, then point Firefox at the HTTP proxy of Privoxy, not the SOCKS proxy of Tor. But in my practice, for sites listed in the tutorial, Privoxy is not required for performance reasons, also, I have a patch for Tor to make it with better performance (but lower privacy protection, performance is more important than privacy in this case)
- Run "apt-get install tor" as root to install Tor
- If you are using Firefox 1.5, open Preferences in Edit menu, click Connection Settings... button, select Manual proxy configuration, fill SOCKS Host as localhost at port 9050.
And it should work. But this is not perfect, since, for uncensored sites, the speed would be really slow via Tor proxy, so we can use a PAC script, so only apply Tor proxy for censored sites.
To use the PAC script, create a file called proxy.pac at your home directory, or somewhere else, then write the following in the file:
function FindProxyForURL(URL, host)
{
if (dnsDomainIs(host, ".google.com"))
{
return "SOCKS localhost:9050";
}
if (isInNet(host, "66.102.15.101", "255.255.255.255"))
{
return "SOCKS localhost:9050";
}
if (dnsDomainIs(host, "zh.wikipedia.org"))
{
return "PROXY 145.97.39.134:80";
}
if (isInNet(host, "211.115.107.162", "255.255.255.255"))
{
return "PROXY 145.97.39.134:80";
}
return "DIRECT";
}
The first if tells the browser to apply Tor proxy for *.google.com, the second for banned *.blogspot.com, and the third for zh.wikipedia.org, DNS servers in mainland China will return a fake IP address, so this is a workaround, the fourth if is for general Wikimedia sites, including en.wikipedia.org, note the IP 145.97.39.134 can be changed, if .134 doesn't work, try .132, .133, .135 or something like. For other censored sites, add similar entries to the file.
After the creation of the file, open Preferences -> Connection Settings dialog in Firefox, and select Automatic proxy configuration URL, fill the location to the file, for example, if you put proxy.pac at /home/user/proxy.pac, fill "file://localhost/home/user/proxy.pac" here.