Surfing the Internet in China requires some creativity to work around the government’s packet sniffing firewall which monitors all traffic into the country. “Packet sniffing” means that a simple proxy will not work – you must encrypt the traffic to prevent the contents of the data from being inspected. Here is a quick tutorial.
The most important part is the tunneling VPN. For this, I chose Hamachi – a free VPN solution from LogMeIn. Because VPN only provides an encrypted tunnel, you still need a Proxy server to run on the outside.
You have many options for your proxy. Privoxy is easiest to configure and by default it blocks ads and other junk, improving your experience and saving you bandwidth.
Next, you need something to help you manage the Proxy settings on your machine. You can enable it manually, but generally you do not want the proxy enabled for 100% of your traffic. For this I suggest Proxy Switchy – a Google Chrome browser plugin to auto-proxy blocked sites. For Firefox there is Foxy Proxy, but it is not as easy to use. Proxy Switchy makes its settings global, so other apps also use its settings.
Here my stack:
- My browser on a slow Chinese network
- Hamachi VPN tunneling to encrypt everything
- Squid on a fast connection inside the Great Firewall for high-speed local proxy
- Privoxy in the USA
Because my home connection is slow, I use Squid -a caching web proxy to cache data on a computer near me. You can also run Squid on your local PC.
Other proxy servers which you can use to speed up your connection:
- Polipo for DNS caching, HTTP optimization, pipelining, etc
- Apache with PageSpeed for opimizing web page content (combining inlining, minifying, img optimizing, etc)
You can use these proxies instead of Privoxy or you can layer them together in sequence.
Addendum: how to configure Proxy Switchy:
Proxy Switchy is a proxy helper extension for the Google Chrome browser. It works with your existing VPN/proxy solution. The cool thing it does is automatically switch over to the proxy just for the sites that need it so you get a seamless transition. To get you started, it comes with a default switch rule list which works for most sites blocked by the GFC. Even though this extension is for Google Chrome, it exports its settings to the system settings, so it works with any browser.
You can use the online rule list at http://autoproxy-gfwlist.googlecode.com/svn/trunk/gfwlist.txt
You can see how I configured some of the rules below: