100+ Free Tools For You To Access Blocked Sites

27,785 views

Published on

How many ways have you used to unblocked the internet censorship and get access to Facebook, Twitter, YouTube or some other sites blocked in your country or area?

I have used a ton, such as Proxy, SSH, VPN and many other anti-censorship tools, since which may be blocked, too, the more you have, the safer you will be.

This book will show you over 100 free anti-censorship tools (including VPN, SSH, Proxy and even more) as well as how to use them to get access to those blocked sites in your area.

Published in: Education, Technology

100+ Free Tools For You To Access Blocked Sites

  1. 1. 100+ Free Tools For You To Access Blocked Sites Young, Yang Creative Commons - BY -- 2012
  2. 2. DedicationThis book is dedicated to my dear mother, who doesn’t care about internetfreedom, but only her children and grandchildren, so that I have time towrite.This book is also dedicated to my dear motherland — China, where there isGFW which blocks internet freedom, so that I have to write something abouthow to unblock blocked sites.
  3. 3. AcknowledgementsAmong all those free anti-censorship tools mentioned in this book, none iscreated by myself, and I just test and share them and tell people how to usethem.So, thanks to the authors who develop and share those free VPN, SSH, Proxyand/or any other anti-censorship tools.
  4. 4. Table of ContentsPreface 2 My Internet Freedom Declaration 2Chapter One 4 Free Online Proxies 4Chapter Two 10 Free Proxy Softwares 10 Part One: Ultrasurf 11 Part Two: Freegate 15 Part Three: Tor 20 Part Four: GAppProxy 25 Part Five: Goagent 35 Part Six: Hyk-proxy 43 Part Seven: Snova 52 Part Seven Section One: The Easiest Ways To Use Snova 57 Part Seven Section Two: How To Use Snova On GAE 60 Part Seven Section Three: How To Use Snova On Cloud Foundry 67 Part Seven Section Four: How To Use Snova On Heroku 75 Part Seven Section Five: How To Use Snova On OpenShift 81 Part Seven Section Six: How To Use Snova On Jelastic 89 Part Eight: Best 2 Extensions For You To Manage Network Proxy Settings 96Chapter Three 99 Free VPN Services 99 Part One: Free PPTP VPN Services 100 Part Two: Free VPN Softwares 108 Part Three: How To Build A VPN 114 Part Three Section One: How To Build A PPTP VPN 116 Part Three Section Two: How To Build A L2TP VPN 120 Part Three Section Three: How To Build An OpenVPN 127 Part Four: How To Set Up VPN 133Chapter Four 135 Free SSH Services 135 Part One: Free SSH Tunnels 136 Part Two: How To Create A SSH Tunnel 141 Part Three: How To Connect To SSH Tunnel 144Chapter Five 147 The Differences Among Proxy, SSH And VPN 147Chapter Six 150 How To Access Blocked Sites With Google Reader 150Chapter Seven 153 How To Access Blocked Sites With The Hosts File 153Chapter Eight 157 How To Access Blocked Sites Via gogoCLIENT
  5. 5. 157Chapter Nine 164 How To Check If A Site Is Blocked 164 Part One: Check If A Site Is Blocked With Anti-censorship Tools 165 Part Two: Check If A Site Is Blocked By Pinging It 166 Part Three: Top 10 Websites For You To Check If A Site Is Blocked 167 Part Four: Check If A Site Is Blocked In China With WebSitePulse 173Chapter Ten 175 Appendix 175 Part One: Top 10 Websites Blocked in China 176 Part Two: Countries That Block Facebook 181Subsequent 182 This Book Is Free 182
  6. 6. Preface My Internet Freedom Declaration Preface My Internet Freedom DeclarationWhile there is no definition, someone declares five basic principles of Internet Freedom, which areExpression, Access, Openness, Innovation and Privacy.As a man living in China, I totally agree with those 5 principles and know how import internet freedom willbe, since you might go to jail by a message you posted online, fail to visit Facebook, Twitter, YouTube andmany other websites, get your website shut down because of one criticized post, and even find out that yourprivate chat history were released to the police without any court document, so on and so forth.Sounds horrible, right? But which were all happened in the Chinese internet world.Since 2007, I have fought against the GFW (great firewall) — the biggest part of Internet Censorship in China,by testing free anti-censorship tools as many as possible and sharing them on my blogs, both Free Nuts andJing Pin (in Chinese).Up till now, I have tested and introduced over 100 free anti-censorship tools, including VPN, Proxy, SSH andmore, among which, some may be not available any more when you are reading this book, but luckily, therewill be always some new tools, and I will keep an eye on them. 1
  7. 7. Preface My Internet Freedom DeclarationImage Credit: http://www.flickr.com/photos/talkradionews/4294790603/ 2
  8. 8. Chapter One Free Online Proxies Chapter One Free Online ProxiesThe main advantage of online proxy websites (or web proxies) is that you dont need to install anything norto make any configuration, just to look out those pop-up ads.If you can bear those ads, and want to get access to Facebook, Twitter, YouTube and/or any other websitesthat blocked in your area, or just want to be anonymous, then you can check out the following top 100 freeonline proxies:1. Aniscartujo.comThe Aniscartujo web proxy is workable for both computers and mobile phones.2. Anonproxy.euWith Anonproxy.eu, you can encode URL/page and allow cookies. 3
  9. 9. Chapter One Free Online Proxies3. Btunnel.comThe Btunnel.com web proxy is available for you to delete cookies, to remove scripts, and to hide referrers,but there will be a boring pop-up ad on the homepage.4. Daveproxy.co.ukA UK web proxy which supports JavaScript well.5. Dtunnel.comNearly same as Btunnel.com.6. Free-web-proxy.deThis web proxy allows you to watch YouTube videos as well as to download them in MP4 files.7. Fproxy.nlNearly same as Anonproxy.eu.8. Goodproxy.euGoodproxy.eu is powered by Glype, but not available for you to visit the YouTube website.9. Hidemyass.comThe Hide My Ass web proxy is available for you to enable SSL security, to disable flash & Javascript, or toselect encrypted URL obfuscation.10. Kproxy.comHttps protocol is supported and downloads are allowed by Kproxy.com.11. Megaproxy.com/freesurfThe Magaproxy free version is free of pop-up ads.12. Peacefire.org/circumventorOn the website, you will get one URL of a web proxy, if which is blocked, you can subscribe to its lists formore. 4
  10. 10. Chapter One Free Online Proxies13. Polysolve.comNearly same as Btunnel.com.14. Proxyweb.com.esThe input box is between 2 large ad banners.15. Safeforwork.netWith SafeForWork.net, you can remove cookies/scripts, hide referrers and show entry form.16. Shieldproxy.comThis web proxy is very simple with just an address box in its homepage.17. Smscut.com/onlinesonicOnline Sonic will translate the languages of the target websites into French.18. Surfagain.comSurfagain.com is available for you to watch YouTube videos.19. Surfinweb.tkSurfinweb.tk is available for you to watch YouTube videos, too.20. TryCatchMe.comThe effect of TryCatchMe is nearly same as Daveproxy.21. Vtunnel.comNearly same as Btunnel.com.22-41 Aproxy.org (20)The Aproxy.org website offers tens of links to different free online proxies, among which, the following 20are the workable and best during my test: Dxyh.com 5
  11. 11. Chapter One Free Online Proxies Fubian.com Isityet.net Lovetogetby.com Ninjacloak.com Proxy-free.org Proxy4surf.info Proxypolice.com Proxyhasty.com Renewmyip.com Resellerzone.us Surfnewip.com Super-affiliate.in Theninjacloak.com Topbits.us Unblock-internet.ws Vvwa.com Vectroproxy.com Web4surf.com Web4proxy.org42-60. Centurian.org (19)The Centurian.org website offers about 100 proxies, among which, the following 19 are the best andworkable during my test: 0010site.info 00011site.info 7us.info Free-pro.info Iweb20.info Justbrowse.info Longbuluo.info Luispro.com Microxy.com Myservus.info Mywebproxy.net newsurf.info Proxy2free.net School-proxy.us Stripcomprox.info Unblockwebsite.org Usaproxies.com 6
  12. 12. Chapter One Free Online Proxies Vectrotunnel.com Xeronet-proxy.com61-100. Proxymeup.com (40)There are over 50 workable web proxy tools on the proxymeup.com website, and the following 40 are thebest up till now: 007007007.eu 123proxy.eu 2fastproxy.tk Aaaproxy.eu Awesomeproxy.eu Bypassme.in Crochetheart.com Devilproxy.eu Hideproxy.eu Homeproxy.com Healthycheapeating.com Iwebproxy.net Iunblock.in Myproxy2day.info Manghun.com Mydoggieneeds.com My-proxy.olympe.in Newenergytomorrow.info Newtattooonline.com Olympicproxy.net Ondrej.me Proxy000.eu Proxy007.eu Proxy-fre.com Proxytools.info Proxme.net Proxy4you.eu Proxyforfree.eu Proxy-ss.olympe.in Proxymonkey.org Proxy-best.com Rockvideo.cz Securewebproxy.net Spem.at 7
  13. 13. Chapter One Free Online Proxies Unblocker4u.com Usawebproxy.net Ultimateformalwear.com Websurf.in Workproxy.net Yellowproxy.netTo use any of the above 100 free online proxies, you can enter the URL of a blocked site in the input box,and press the Enter key or click on the "Go" button, then you can unblock and visit the site.Among the above 100 free online proxies, some of them may be blocked in your area (such as China) whenyou read this e-book, but luckily, some of them will be still workable, too. 8
  14. 14. Chapter Two Free Proxy Softwares Chapter Two Free Proxy SoftwaresAlthough both are proxies, desktop softwares are different from online websites.While online proxies are full of ads, there are less or even no ads for proxy desktop softwares; while you canuse online proxies directly, you need to download and install their clients before you can use those proxysoftwares.If the websites of those proxy softwares are blocked in your area (such as China), it is a good idea for you touse free online proxies to visit them.Among those free proxy softwares, the following 7 are the best:1. Ultrasurf;2. Freegate;3. Tor;4. GappProxy;5. Goagent;6. Hyk-proxy;7. Snova. 9
  15. 15. Chapter Two Part One: Ultrasurf Part One: UltrasurfAs one of the best proxy softwares, Ultrasurf is very easy to use without any installation.The following will show you how to use it in 3 steps:1. Download UltrasurfOpen the Ultrasurf.us site, and click on the "FREE DOWNLOAD" button on the right top, then you candownload the Ultrasurf client as a ZIP file.In case the Ultrasurf.us site is blocked in your area (such as China), you can use some other proxies, SSHtunnels or VPN services to unblock it.2. Run Ultrasurf 10
  16. 16. Chapter Two Part One: UltrasurfAfter download, extract the ZIP file, then you can get an EXE file, open which, you can run Ultrasurfdirectly.In case you come across with a Windows Security Alert, such as what you can see from the following image: 11
  17. 17. Chapter Two Part One: UltrasurfJust click on the "Allow access" button, then you can see an IE new tab of Wujie, which is the Chineseversion of Ultrasurf, and you can unblock any blocked sites right away.3. Set browser network proxyOn IE, you can use the Ultrasurf proxy service directly after connection, but on Chrome, Firefox, Safari orany other browser, you also need to set the network proxy to "127.0.0.1 : 9666".Take Firefox for example, you can find the proxy settings page via the following path: Preference –> Advanced –> Network –> SettingsThen select "Manual proxy configuration" to enter "127.0.0.1" & "9666" on the HTTP Proxy column, checkthe "Use this proxy server for all protocols" box, and click the "OK" button to save the change, as what youcan see from the following image: 12
  18. 18. Chapter Two Part One: UltrasurfInstead to set the network proxy settings manually as mentioned above, you can also check out SwitchySharpand FoxyProxy to set them automatically.After that, you can bypass internet censorship, encrypt online communications, and hide your IP on non-IEbrowsers, too. 13
  19. 19. Chapter Two Part Two: Freegate Part Two: FreegateLike Ultrasurf, Freegate is also a very popular and easy-to-use proxy service.The following will show you how to use Freegate in 3 steps:I. Download FreegateOpen the Dynaweb site and download the Freegate client software, whether in exe or zip format.In case the Dynaweb site is blocked in your area (such as China), you can use some other proxies, SSHtunnels or VPN services to unblock it first.II. Run FreegateIf you downloaded the exe file, just open it, and if you downloaded the zip file, extract it and run the exe file.When the connection is successful, you can use the Freegate proxy service right away, as what you can seefrom the following image: 14
  20. 20. Chapter Two Part Two: FreegateBut before you can see the control panel in the above image, you may come across the following 2 pop-upwindows:1. Freegate Proxy Control 15
  21. 21. Chapter Two Part Two: FreegateAs default, the domains of ".cn", ".baidu", ".qq" and some other suffixes will be connected directly, eventhough you remove them or select "Choose All websites go through Freegate proxy", which means you cantvisit the sites of those domains with Freegate anyway.So, you can neglect this window and just click the "OK" button to close it.2. Windows Security AlertIn case you come across with a Windows Security Alert, such as what you can see from the following image: 16
  22. 22. Chapter Two Part Two: FreegateJust click on the "Allow access" button, then you can see the proxys Chinese site Dongtaiwang on your IEbrowser.III. Set browser network proxy 17
  23. 23. Chapter Two Part Two: FreegateSame as Ultrasurf, On IE, you can use the Freegate proxy service directly after connection, but on Chrome,Firefox, Safari or any other browser, you also need to set the network proxy to "127.0.0.1 : 8580".The above instructions are for Windows only, in fact, Freegate is also available on Mac and Linux computeroperating systems, and you can refer to the FAQ page for the usages.And besides computers, Freegate also supports Android, Java and WM mobile phones, but only in Chinese. 18
  24. 24. Chapter Two Part Three: Tor Part Three: TorAs one of the most popular proxy softwares, Tor can be used on Windows, Mac, Linux/BSD/Unix, Androidand Nokia Maemo/N900 systems, with multiple languages supported.The following will show you how to use its basic and most popular 2 versions — Tor Browser Bundle andVidalia Bundle on Windows and Mac.1. Download TorOn the Download page, you can choose to download the right version according to your computer systems.For Tor Browser Bundle, you can and only can use its own browser (based on Firefox) to use its proxyservice; and for Vidalia Bundle, you can use your Firefox, Chrome, Safari or some other browsers by settingtheir network proxies.By the way, you can choose the Tor browser output language before downloading Tor Browser Bundle.2. Run Tor 19
  25. 25. Chapter Two Part Three: TorNo matter which version you downloaded, you can extract or install the package and run the Tor servicedirectly.For Tor Browser Bundle, you can run the "Start Tor Browser" (for Windows) or "TorBrowser" (for Mac)file, and for Vidalia Bundle, you can run the "Vidalia" file.If the onion icon turns green, then the Tor proxy is working.3. Add bridges 20
  26. 26. Chapter Two Part Three: TorIf the onion icon doesnt turn green, then the current Tor network is blocked, and the easiest way to solve theproblem is to open the Vidalias "Network" settings page, to select "My ISP blocks connections to the Tornetwork", and to add some bridges.So, how to get bridges for Tor? The following are 2 ways for your choice:3.1 Via webVisit the Bridges page, and enter the verification code, then you can get 2 bridges.3.2 Via emailYou can send an email with "get bridges" subject to "bridges@torproject.org" via your Gmail, soon you willget three newest bridges. 21
  27. 27. Chapter Two Part Three: TorBy the way, there used to be a "Find Bridges Now" button for to you get bridges directly, as mentionedbefore, but which is gone now.4. Set browser network proxyFor Tor Browser Bundle, you can unblock the blocked site with its own browser directly, and for VidaliaBundle, you need to change the SOCKS proxy to "127.0.0.1 : 9050".Take Firefox for example, you can find the proxy settings page via the following path: Preference –> Advanced –> Network –> Settings 22
  28. 28. Chapter Two Part Three: TorAnd select "Manual proxy configuration" to enter "127.0.0.1" & "9050" on the SOCKS column. By the way,youd better select SOCKS v4, since SOCKS v5 may be not workable.Between Tor Browser Bundle and Vidalia Bundle, the first one is easier and more safe, but you can only useits own browser. 23
  29. 29. Chapter Two Part Four: GAppProxy Part Four: GAppProxyGAppProxy hasnt been updated since the 2.0.0 version in 2010, and doesnt support https well.But as a GAE proxy, it is still available for you to surf anonymously and get access to the blocked sites.For how to install and use GAppProxy, you can check out the following 7 steps:1. To create a GAE applicationLog in your Google App Engine account and create an available application ID, such as "freenutsdotorg"used for this post.2. Generate a new application-specific password 24
  30. 30. Chapter Two Part Four: GAppProxyOn the "Security" page of your "Google Accounts", click the "Edit" button of "Authorizing applications andsites", and generate a new application-specific password.But you can skip this step if you do not use 2-step verification for your Gmail account.3. Download GAppProxyOn the GAppProxy Downloads page, you can download the packages according to your operating systems.3.1 Download the Windows packagesTo run GAppProxy on Windows, you need to download the following 2 packages: uploader-2.0.0-win.zip localproxy-2.0.0-win.zip 25
  31. 31. Chapter Two Part Four: GAppProxyAfter download, you can extract them and get the following 2 folders: uploader-2.0.0-win localproxy-2.0.0-win3.2 Download the Mac/Linux packagesAnd to run GAppProxy on Mac/Linux, you need to download the following 2 packages instead: fetchserver-2.0.0.zip localproxy-2.0.0.tar.gzExtract the packages, then you can get the following 2 folders: fetchserver-2.0.0 localproxy-2.0.04. Edit the app.yaml fileOn Windows, you can find the app.yaml file in the "fetchserver" directory of the "uploader-2.0.0-win" folder;and on Mac/Linux, you can find the app.yaml file in the "fetchserver-2.0.0" folder.After that, open the app.yaml file, and change the "your_application_name" to your GAE app ID created in 26
  32. 32. Chapter Two Part Four: GAppProxystep 1.5. Upload the GAppProxy server5.1 How to upload the GAppProxy server on WindowsOpen the "uploader-2.0.0-win" folder, double-click the "uploader.exe" file, and enter your App ID, Gmailaddress and password, then you are done.5.2 How to upload the GAppProxy server on Mac/Linux 27
  33. 33. Chapter Two Part Four: GAppProxyTo upload the GAppProxy server on Mac/Linux, we need a third-party tool.5.2.1 Download Google App Engine SDK for PythonDownload Google App Engine SDK for Python of Mac or Linux version, and install it.5.2.2 Add new applicationRun GoogleAppEngineLauncher, click "New Application" in the "File" option on the top menu bar, enteryour GAE app ID as "Application Name", and assign a folder as "Application Directory", or just use thedefault one it offers.5.2.3 Move the server filesCopy "app.yaml" and "fetch.py" files in the "fetchserver" folder and paste them into the "ApplicationDiretory" folder.5.2.4 Upload the serverBack to GoogleAppEngineLauncher, click on the "Deploy" button, enter your Gmail address and password,then you can upload the GAppProxy server to GAE. 28
  34. 34. Chapter Two Part Four: GAppProxy5.3 Test the GAppProxy serverOpen your browser, and enter the following URL: http://APP_ID.appspot.com/fetch.pyRemember to replace "APP_ID" with your own GAE app ID, and if you can see the following result:Then the GAppProxy server is uploaded successfully, if not, you can try to change "http" to "https", or to runan anti-censorship tool (such as proxy, ssh or VPN), and try again, if still not, then you need to upload theserver again.6. Run the GAppProxy clientWhen the server is uploaded successfully, you can run the GAppProxy on your computer.6.1 How to run the GAppProxy client on WindowsFor Windows, there is an executive application, clicking on which, you can run the GAppProxy, but youneed to edit the "proxy.conf" file first.6.1.1 Edit the proxy.conf fileOpen the "proxy.conf" file in the "localproxy-2.0.0-win" folder, edit the last line by changing"your-fetch-server" to your GAE app ID, and deleting the "#" mark, as what you can see from the followingimage: 29
  35. 35. Chapter Two Part Four: GAppProxyAfter that, save the file.6.1.2 Run the GAppProxy clientYou can double-click the "proxy.exe" file in the same folder to run the GAppProxy client.6.2 How to run the GAppProxy client on Mac/LinuxOn Mac/Linux, you can use the Terminal application to run the GAppProxy client, but you also need to editthe "proxy.conf" file first.6.2.1 Edit the proxy.conf fileSame as what you do on Windows, but the "proxy.conf" file is located in the "localproxy-2.0.0" folder.6.2.2 Run the GAppProxy client 30
  36. 36. Chapter Two Part Four: GAppProxyOpen the Terminal application, and enter the following command line: python xxx/localproxy-2.0.0/proxy.pyRemember to replace "xxx" with the full path to the "localproxy-2.0.0" directory, or you can just drag the"proxy.py" file and drop it behind "python".7. Edit the browser proxies 31
  37. 37. Chapter Two Part Four: GAppProxyWhen the GAppProxy client is running, you can edit the browser network settings and change the proxyaddress to "127.0.0.1: 8000", as what you need to do with any proxy service.By the way, since GAppProxy only supports HTTP with 80 port and HTTPS with 443 port, you can leave theSOCKS and FTP proxies empty.Note:Take the "freenutsdotorg" app ID for example, if you cant open the site of the following URL on yourbrowser: http://freenutsdotorg.appspot.com/ 32
  38. 38. Chapter Two Part Four: GAppProxyBut you can do that after changing "http" to "https", then you need to make the same change for the"fetch_server" link in the last line of the "proxy.conf" file, such as the following: fetch-server = https://freenutsdotorg.appspot.com/fetch.pyAnd if you still fail to open the site after changing "http" to "https", then your app ID is blocked and youwont be able to use the GAppProxy service, in that case, you can create a new GAE app and try again. 33
  39. 39. Chapter Two Part Five: Goagent Part Five: GoagentLike GAppProxy, Goagent is also a GAE proxy.And for how to use Goagent, you can refer to its official site in Chinese, or you can check out the following 7steps for an easier reference in English:1. Create GAE applicationsGoagent supports multiple app IDs, so that you can creat one or more new GAE applications, or use the oldones, but the "Storage Scheme" of each must be "High Replication".2. Generate new application-specific password 34
  40. 40. Chapter Two Part Five: GoagentOn the "Security" page of your "Google Accounts", click the "Edit" button of "Authorizing applications andsites", and generate a new application-specific password, which will be used when uploading the Goagentserver to your GAE in step 4.But you can skip this step if you do not use 2-step verification for your Gmail account.3. Download the Goagent packapgeDownload the Goagent package (a zip file) via the link on the top of its homepage, as what you can see fromthe above image.After that, extract the zip file, and you will get a "local" folder as well as a "server" folder.4. Upload the Goagent serverOpen the "server" folder, and upload the Goagent server to your GAE in the following ways: 35
  41. 41. Chapter Two Part Five: Goagent4.1 How to upload the Goagent server on WindowsOn Windows, open the "uploader.bat" file, enter your GAE app ID created in step 1, your Gmail address andthe application-specific password, then you can start to upload.And to use more than one app ID, you can separate them with the "|" mark.4.2 How to upload the Goagent server on Mac 36
  42. 42. Chapter Two Part Five: GoagentOn mac, open the Terminal application, and enter the following command line: cd the-path-to-the-server-folderSuch as the following: cd /Users/air/Downloads/goagent-goagent-80e5f01 3/serverYou can also just drag the "server" folder and drop it behind the "cd" command.After that, enter the following command line: python uploader.zipThen, you can enter your App IDs, Gmail address and the application-specific password to upload the server.By the way, do not bypass the first command line and use the "python the-path-to-uploader.zip" commanddirectly, which may be not workable.5. Change the proxy.ini file 37
  43. 43. Chapter Two Part Five: GoagentWhen the upload is finished, open the "proxy.ini" file in the "local" folder, and change the "appid" valuefrom "goagent" to your real GAE application IDs.By the way, you can also change the "profile" value from "google_cn" to "google_hk" for a better securitywith https mode.6. Run the Goagent clientAfter saving the "proxy.ini" file, you can start to run Goagent.6.1 How to run the Goagent client on Windows 38
  44. 44. Chapter Two Part Five: GoagentOn Windows, you can just double-click on the "Goagent.exe" file in the "local" folder and run the proxyservice.6.2 How to run the Goagent client on MacOn Mac, you can open the Terminal application and enter the following command line: python the-parth-to-proxy.py 39
  45. 45. Chapter Two Part Five: GoagentThis time, you can drag the "proxy.py" file from the "local" folder and drop it behind the "python" command.7. Edit the browser proxiesWhen the Goagent client is running, you can edit the browser network settings and change the proxy addressto "127.0.0.1: 8087", as what you need to do with any proxy service.After that, you can start to use Goagent to browse the internet anonymously and unblock the blocked sites inyour area.But, same as GAppProxy and Hyk-proxy, the Goagent proxy doesnt support https well, even though that youcan double-click the "CA.crt" file in the "local" folder to install or import the certification, which will only 40
  46. 46. Chapter Two Part Five: Goagentwork on Safari, but not Chrome or Firefox during my test for Twitter and Facebook.By the way, besides Windows and Mac systems mentioned above, Goagent is also available for Linux, aswell as Android, iOS, webOS, OpenWRT and Maemo operating systems. 41
  47. 47. Chapter Two Part Six: Hyk-proxy Part Six: Hyk-proxySame as GAppProxy, the Hyk-proxy GAE service wont be updated any more, but it is still workable.For how to install and use Hyk-proxy on Windows and Mac/Linux systems, you can check out the following8 steps for complete instructions:1. Create a GAE applicationSign in your GAE account and create an application ID which is available.2. Generate a new application-specific password 42
  48. 48. Chapter Two Part Six: Hyk-proxyOn the "Security" page of your "Google Accounts", click the "Edit" button of "Authorizing applications andsites", and generate a new application-specific password.But you can skip this step if you do not use 2-step verification for your Gmail account.3. Download Java and Google App Engine SDK for JavaIf you havent gotten these two softwares on hand as mentioned before, you can download Java on its officialwebsite, and download Google App Engine SDK for Java from Google Code.By the way, on Mac, you only need to download and extract the Google App Engine SDK for Java package,since Java is pre-installed.4. Download the Hyk-proxy packages 43
  49. 49. Chapter Two Part Six: Hyk-proxyAmong the 4 packages on the Hyk-proxy Downloads webpage, you can just download"hyk-proxy-0.9.4.1.zip" and "hyk-proxy-gae-server-0.9.4.1.zip".By the way, on Windows, you can also download "hyk-proxy-install_0.9.4.1.exe" instead of"hyk-proxy-0.9.4.1.zip"; and you need to download the "hyk-proxy-android-0.9.4beta.apk" package if youwant to use Hyk-proxy on your Android.After that, extract the zip files you download.5. Deploy taskTo deploy task means to upload the Hyk-proxy server to your GAE application.On Windows, you can run the "install.bat" file in the "hyk-proxy-gae-server-0.9.4.1" folder; and onMac/Linux, you can open the Terminal application and enter the following command line: sh /the-path-to/install.shOr you can just drag the "install.sh" file from the "hyk-proxy-gae-server-0.9.4.1" folder and drop it behindthe "sh" command.After that, you can see an "AppEngine AppCfg GUI Wrapper" window, such as the following: 44
  50. 50. Chapter Two Part Six: Hyk-proxyIn the window, you can define the location of the "Google App Engine SDK for Java" folder, enter yourGAE app ID, select the "hyk-proxy-gae-server-0.9.4.1" folder as AppLocation, enter your Gmail address andpassword, then you can click the "Deploy" button to upload the Hyk-proxy server to your GAE.P.S.By the way, if you fail to deploy the task for the following error: Bad configuration: appengine-web.xml does not contain a <threadsafe> element. 45
  51. 51. Chapter Two Part Six: Hyk-proxyThen you need to enter the following line into the "appengine-web.xml" file: <threadsafe>true</threadsafe>Such as what you can see from the following image:6. Add GAE application ID to Hyk-proxy clientOn Windows, you can double-click the "startgui.bat" file in the "bin" folder, or run "Start hyk-proxy (GUI)"if you have installed "hyk-proxy-install_0.9.4.1.exe"; and on Mac/Linux, you can open the Terminalapplication and enter the following command line: sh /the-path-to/startgui.sh 46
  52. 52. Chapter Two Part Six: Hyk-proxyOr you can just drag the "startgui.sh" file from the "hyk-proxy-0.9.4.1" folder and drop it behind the "sh"command.After that, you can open the Hyk-proxy client window, click on the "Config" button of "GAE 0.9.4.1" in the"Plugins" tab, and click the "New" button to add your APP ID, such as what you can see from the followingimage:And you can add more than one App ID, after that, click the "Apply" button.7. Start Hyk-proxy 47
  53. 53. Chapter Two Part Six: Hyk-proxyWhen the App IDs are added, you can click the "Start" button to connect to the Hyk-proxy service.8. Edit the browser proxiesWhen the Hyk-proxy fetch service is working, configure your browsers http proxy to below address: 127.0.0.1: 48100Such as what you can see from the following image: 48
  54. 54. Chapter Two Part Six: Hyk-proxyThe above screenshot is for Firefox, and for other browsers, the http proxy settings may be a little different.Thats all, and you can surf the internet anonymously and get access to the blocked sites.Bonus:Hyk-proxy will not work when your GAE application ID is blocked, in that case, you can connect Hyk-proxywith XMPP. 49
  55. 55. Chapter Two Part Six: Hyk-proxyTo do so, you can open the "Connection" tab of the GAE plugin "Config" window, select "XMPP" as theconnection mode and add your XMPP account (such as GTalk).Besides, you can also connect Hyk-proxy with HTTPS mode or HTTP proxy, but XMPP is the fastest andbest. 50
  56. 56. Chapter Two Part Seven: Snova Part Seven: SnovaAmong GAppProxy, Goagent, Hyk-proxy and Snova these 4 popular GAE proxies, Snova is the best, since itsupports HTTPS well.Besides, it is also available for you to use in the following 6 different ways.1. To use Snova directlyAs default, Snova can automatically connect to some random GAE apps shared by others, so that you canjust download the Snova client and run it.2. To use Snova on your own GAE app 51
  57. 57. Chapter Two Part Seven: SnovaInstead to use others apps, you can also create your own ones, and upload the Snova server to them to runthe proxy service.Again, none of the above 2 ways are available for you to visit HTTPS links, and to do so, you need install theC4 plugins on any of the following 4 PaaS platforms:3. To use Snova on Cloud Foundry 52
  58. 58. Chapter Two Part Seven: SnovaCloud Foundry is available for you to run the Snova c4 plugin in an instance with 4-core CPU, 2 G disk, and512M memory, no bandwidth limit.4. To use Snova on Heroku 53
  59. 59. Chapter Two Part Seven: SnovaThe network bandwidth limit of Heroku is 2TB/month.5. To use Snova on OpenShiftOpenShift is available for you to create up to 3 apps, and each of which will run in an instance of 1GB diskand 512MB memory.6. To use Snova on Jelastic 54
  60. 60. Chapter Two Part Seven: SnovaWith Jelastic, you can choose to build your C4 plugin on Servint, Dogado, Rusonyx or some other hostedservice provider, and deploy the c4 plugin on its website directly without entering any command lines.For the C4 plugins, you need to use the "snova-c4-heroku-server-xxx.zip" file on Heroku, and use the"snova-c4-server-xxx.zip" file on the other 3 PaaS platforms.By the way, besides to use Snova on GAE, Cloud Foundry, Heroku, OpenShift or Jelastic separately, you canalso use on one, more or even all of them together, as well as to use multiple apps on each of them. 55
  61. 61. Chapter Two Part Seven Section One: The Easiest Ways To Use Snova Part Seven Section One: The Easiest Ways To Use SnovaWhether Hyk-proxy, Goagent, Snova or any other GAE proxy, you need to deploy their servers to your GAEapps before you can use them as mentioned before.But it may be even hard for someone to create an account on GAE, and which is not available in Iran at all.In that case, you can use Hyk-proxy and Snova according to the following ways directly with the defaultGAE apps shared by others:1. The easiest ways to use Hyk-proxyOn the Hyk-proxy Downloads page, you can download "hyk-proxy-0.9.4.1.zip" or"hyk-proxy-install_0.9.4.1.exe" (for Windows only), and extract or install to use the proxy service onWindows and/or Mac.1.1 On WindowsOn Windows, you can double-click the "startgui.bat" file in the "bin" directory of the extracted folder"hyk-proxy-0.9.4.1", or run "Start hyk-proxy (GUI)" if you have installed "hyk-proxy-install_0.9.4.1.exe".1.2 On MacOn Mac, you can open the Terminal application and enter the following command line: 56
  62. 62. Chapter Two Part Seven Section One: The Easiest Ways To Use Snova sh /the-path-to/startgui.shOr you can just drag the "startgui.sh" file from the "hyk-proxy-0.9.4.1" and drop it behind the "sh" command.Whichever way you are using, you can open the Hyk-proxy client, click on the "Start" button, and run theproxy service.2. The easiest ways to use SnovaWhich will be nearly same as what you do with Hyk-proxy.On the Snova Downloads webpage, you can just download and extract "snova-xxx.zip" to use the proxyservice on Windows and/or Mac.2.1 On WindowsOn Windows, you can double-click the "startgui.bat" file in the "bin" directory of the "snova-xxx" folder.2.2 On Mac 57
  63. 63. Chapter Two Part Seven Section One: The Easiest Ways To Use SnovaOn Mac, you can open the Terminal application and enter the following command line: sh /the-path-to/startgui.shOr you can just drag the "startgui.sh" file from the "snova-xxx" folder and drop it behind the "sh" command.Whichever way you are using, you can open the Snova client, click on the "Start" button, and run the proxyservice.By the way, the above direct ways are not available for GAppProxy or Goagent, since the GAppProxysdefault GAE app "fetchserver1" is over its serving quota, and Goagent does not offer a default GAE app atall. 58
  64. 64. Chapter Two Part Seven Section Two: How To Use Snova On GAE Part Seven Section Two: How To Use Snova On GAEAs mentioned before, the Hyk-proxy GAE service wont be updated any more, since the developer stops towork on a new project — Snova.Similar to Hyk-proxy, Snova is also a web proxy based on GAE, but it works for HTTPS very well, whenrunning on CloudFoundry, Heroku, OpenShift and some other PaaS (Platform as a service) platforms.The following will show you how to install and use Snova on GAE, which are nearly same as what you dowith Hyk-proxy.1. Create a GAE applicationSign in your GAE account and create an application ID which is available.2. Generate a new application-specific password 59
  65. 65. Chapter Two Part Seven Section Two: How To Use Snova On GAEOn the "Security" page of your "Google Accounts", click the "Edit" button of "Authorizing applications andsites", and generate a new application-specific password.But you can skip this step if you do not use 2-step verification for your Gmail account.3. Download Java and Google App Engine SDK for JavaIf you havent gotten these two softwares on hand as mentioned before, you can download Java on its officialwebsite, and download Google App Engine SDK for Java from Google Code.By the way, on Mac, you only need to download and extract the Google App Engine SDK for Java package,since Java is pre-installed.What is more, besides Java, Snova also supports the Go language, so that you can download Go and GoogleApp Engine SDK for Go instead. 60
  66. 66. Chapter Two Part Seven Section Two: How To Use Snova On GAE4. Download the Snova packagesAmong the 7 packages on the Snova Downloads webpage, you can just download "snova-xxx.zip" and"snova-gae-jserver-xx.zip" for Java.After that, extract the zip files you download.5. Deploy taskLike Hyk-proxy, on Windows, you can run the "install.bat" file in the "snova-gae-jserver-xx" folder; and onMac/Linux, you can open the Terminal application and enter the following command line: sh /the-path-to/install.shOr you can just drag the "install.sh" file from the "snova-gae-jserver-xx" folder and drop it behind the "sh"command.After that, you can see an "AppEngine AppCfg GUI Wrapper" window, such as the following: 61
  67. 67. Chapter Two Part Seven Section Two: How To Use Snova On GAEIn the window, you can define the location of the "Google App Engine SDK for Java" folder, enter yourGAE app ID, select the "snova-gae-jserver-xx" folder as AppLocation, enter your Gmail address andpassword, then you can click the "Deploy" button to upload the Snova server to your GAE.6. Add GAE application ID to the Snova clientOn Windows, you can double-click the "startgui.bat" file in the "bin" folder; and on Mac/Linux, you canopen the Terminal application and enter the following command line: sh /the-path-to/startgui.sh 62
  68. 68. Chapter Two Part Seven Section Two: How To Use Snova On GAEOr you can just drag the "startgui.sh" file from the "snova-xxx" folder and drop it behind the "sh" command.After that, you can open the snova client window, click on the "Config" button of "GAE xxx" in the"Plugins" tab, and click the "New" button to add your APP ID, such as what you can see from the followingimage:And you can add more than one App ID, after that, click the "Apply" button.7. Start Snova 63
  69. 69. Chapter Two Part Seven Section Two: How To Use Snova On GAEWhen the App IDs are added, you can click the "Start" button to connect to the Snova server.8. Edit the browser proxiesLike Hyk-proxy, when the Snova service is running, you also need to configure your browsers http proxy tobelow address: 127.0.0.1: 48100Such as what you can see from the following image: 64
  70. 70. Chapter Two Part Seven Section Two: How To Use Snova On GAEThe above screenshot is for Firefox, and for other browsers, the http proxy settings may be a little different.Thats all, and you can surf the internet anonymously and get access to the blocked sites.But same as Hyk-proxy, Snova running on GAE still does NOT work for HTTPS links, until you run it onCloudFoundry, Heroku, OpenShift and/or some other PaaS platforms, which will be introduced later, staytuned. 65
  71. 71. Chapter Two Part Seven Section Three: How To Use Snova On Cloud Foundry Part Seven Section Three: How To Use Snova On Cloud FoundryAs mentioned before, Snova still does NOT work for HTTPS, until you run it on Cloud Foundry, Heroku,OpenShift and/or some other PaaS platforms.So, the following will show you how to install and use Snova on Cloud Foundry with 7 easy steps:1. Create a Cloud Foundry accountOn the Cloud Foundry signup page, enter your email address to request a invite, which will be sent to yourInbox with login username and password soon.2. Install vmc 66
  72. 72. Chapter Two Part Seven Section Three: How To Use Snova On Cloud FoundryVmc is the command-line interface based on Ruby and RubyGems for you to configure your applications anddeploying them to Cloud Foundry.For Windows, Ubuntu, Debian or some other systems, you can check out the official instructions, thefollowing will show you how to install vmc on Mac.Open the Terminal application, enter the following command line: sudo gem install vmcAnd enter your Mac password if necessary, then you can install vmc.By the way, the installation will take a few minutes and you wont see anything until the gem is installed.3. Download snova-c4-server-xxx.war 67
  73. 73. Chapter Two Part Seven Section Three: How To Use Snova On Cloud FoundryOn the Snova Downloads webpage, download the "snova-c4-server-xxx.war" file and put it into a new emptyfolder, such as "snova-c4-server" used for the following step.4. Deploy Snova c4 server to Cloud Foundry 68
  74. 74. Chapter Two Part Seven Section Three: How To Use Snova On Cloud FoundryOpen the Terminal application, enter the following command line: cd /the-parth-to/snova-c4-serverYou can also just drag the "snova-c4-server" folder and drop it behind the "cd" command.After that, you can start to configure and deploy the Snova c4 server to Cloud Foundry by entering thefollowing command lines one by one: vmc target api.cloudfoundry.com vmc login (To enter your Cloud Foundry username and password) vmc push free-nuts (To replace free-nuts with any name you like for the Cloud Foundry app) Would you like to deploy from the current directory? [Yn]: (To enter y) 69
  75. 75. Chapter Two Part Seven Section Three: How To Use Snova On Cloud Foundry Detected a Java Web Application, is this correct? [Yn]: (To enter y) Application Deployed URL [free-nuts.cloudfoundry.com]: (To press the RETURN key) Memory reservation (128M, 256M, 512M, 1G, 2G) [512M]: (To press the RETURN key) How many instances? [1]: (To press the RETURN key) Create services to bind to free-nuts? [yN]: ( To enter n) Would you like to save this configuration? [yN]: (To enter y)If all the results are OK, you can visit the page of the following link: free-nuts.cloudfoundry.comAnd if you can see something like the following: Welcome to snova-c4 server xxx!Then you have successfully deployed the Snova server to Cloud Foundry.5. Configure the Snova c4 client 70
  76. 76. Chapter Two Part Seven Section Three: How To Use Snova On Cloud FoundryFind and open the "c4-client.conf" file via the following path: .../snova-xxx/plugins/c4/conf/c4-client.confAnd uncomment the "WorkerNode [1]" line by changing "xyz" to your Cloud Foundry app name.6. Configure snova.conf 71
  77. 77. Chapter Two Part Seven Section Three: How To Use Snova On Cloud FoundryFind and open the "snova.conf" file via the following path: .../snova-xxx/conf/snova.confAnd change the "ProxyService" value from "GAE" to "C4".7. Start Snova 72
  78. 78. Chapter Two Part Seven Section Three: How To Use Snova On Cloud FoundryAfter that, you can start Snova, and if you can see the following message: Start plugin:C4 … SuccessThen you can visit the HTTPS links normally. 73
  79. 79. Chapter Two Part Seven Section Four: How To Use Snova On Heroku Part Seven Section Four: How To Use Snova On HerokuIn the last post, we have learned how to install and use Snova on Cloud Foundry, this post will show youhow to do that on Heroku.Since Heroku is also a PaaS platform, the steps will like what you do on Cloud Foundry, as what you can seefrom the following:1. Create a Heroku accountOn this Heroku page, enter your email address and sign up an account.2. Install Heroku Toolbelt 74
  80. 80. Chapter Two Part Seven Section Four: How To Use Snova On HerokuAfter signup, you can receive an email, click the long confirmation link inside, download the HerokuToolbelt app and install it on your computer.3. Download snova-c4-heroku-server-xxx.zipOn the Snova Downloads webpage, download the "snova-c4-heroku-server-xxx.zip" file and extract it.4. Deploy Snova c4 server to Heroku 75
  81. 81. Chapter Two Part Seven Section Four: How To Use Snova On HerokuOpen the Terminal application, enter the following command line: cd /the-parth-to/snova-c4-heroku-server-xxxYou can also just drag the "snova-c4-heroku-server-xxx" folder and drop it behind the "cd" command.After that, you can start to configure and deploy the Snova c4 server to Heroku by entering the followingcommand lines one by one: heroku login (To enter your Heroku account email and password) git init git add . git commit -m "init" heroku create --stack cedar git push heroku masterAt the end of the results, you can find a random URL like the following: http://obscure-tundra-1542.herokuapp.com/ 76
  82. 82. Chapter Two Part Seven Section Four: How To Use Snova On HerokuVisit the page of the URL, and if you can see something like the following: Welcome to snova-c4 server xxx!Then you have successfully deployed the Snova server to Heroku.5. Configure the Snova c4 clientFind and open the "c4-client.conf" file via the following path: .../snova-xxx/plugins/c4/conf/c4-client.confAnd uncomment the first "WorkerNode [0]" line by changing "xyz" to what you get in Step 4 (such as"obscure-tundra-1542"). 77
  83. 83. Chapter Two Part Seven Section Four: How To Use Snova On Heroku6. Configure snova.confFind and open the "snova.conf" file via the following path: .../snova-xxx/conf/snova.confAnd change the "ProxyService" value from "GAE" to "C4".7. Start Snova 78
  84. 84. Chapter Two Part Seven Section Four: How To Use Snova On HerokuAfter that, you can start Snova, and if you can see the following message: Start plugin:C4 … SuccessThen you can visit the HTTPS links normally. 79
  85. 85. Chapter Two Part Seven Section Five: How To Use Snova On OpenShift Part Seven Section Five: How To Use Snova On OpenShiftTo install and use Snova, you can check out this post for GAE, this one for Cloud Foundry and this one forHeroku.The following will show you how to install and use Snova on OpenShift, another PaaS platform like theabove 3 mentioned.1. Create an OpenShift accountOn the signup page of OpenShift, you can enter your email address, password and the CAPTCHA code tocreate an account.2. Download snova-c4-server-xxx.war 80
  86. 86. Chapter Two Part Seven Section Five: How To Use Snova On OpenShiftOn the Snova Downloads webpage, download the "snova-c4-server-xxx.war" file and put it into a new emptyfolder, such as "openshift" used for the following steps.3. Install rhcOn Mac, you can install rhc with the following command line: sudo gem install rhcOn Windows and Linux, you can check out the official page for the instructions. 81
  87. 87. Chapter Two Part Seven Section Five: How To Use Snova On OpenShift4. Deploy Snova c4 server to OpenShiftOn the Terminal application, you can enter the openshift folder with the command line: cd /the-parth-to/openshiftOr you can just drag the "openshift" folder and drop it behind the "cd" command.After that, you can start to configure and deploy the Snova c4 server to OpenShift by entering the followingcommand lines one by one:Command line 1: rhc domain create -n freenutsdot -l xxx@gmail.com -p 123456(To create a sub domain "freenutsdot.rhcloud.com" for your OpenShift account. Remember to change"freenutsdot" to any name you like, to change "xxx@gmail.com" to your registered email address and tochange "123456" to your OpenShift password. )Command line 2: 82
  88. 88. Chapter Two Part Seven Section Five: How To Use Snova On OpenShift rhc app create -a fn -t jbossas-7 -p 123456(To create an app, which name will be used before the domain created above. Remember to change "fn" toany name you like, and to change "123456" to your OpenShift password, then you can get a folder with thesame name of the app (such as "fn") in your current directory (such as "openshift").Command line 3: cd fn(To conduct commands in the app folder created above.)Command line 4: mv ../snova-c4-server-xxx.war deployments/ROOT.war(To move the "snova-c4-server-xxx.war" file into the "deployments" directory of the "fn" folder and renameit to "ROOT.war".)Command line 5: git rm -r src pom.xml(To delete the src folder and the pom.xml file.)Command line 6: git init 83
  89. 89. Chapter Two Part Seven Section Five: How To Use Snova On OpenShift(To reinitialize the app.)Command line 7: git add .(To add the ROOT.war mode.)Command line 8: git commit -a -m "haha"(To confirm and see the changes, you can replace "haha" with any message you like.)Command line 9: git push(To upload the ROOT.war file to your OpenShift app.)If no error appears, you can visit the page of the following URL: http://fn-freenutsdot.rhcloud.com/Remember to replace "fn-freenutsdot" with your app name and sub domain.And if you can see something like the following: Welcom to snova-c4 server xxx! 84
  90. 90. Chapter Two Part Seven Section Five: How To Use Snova On OpenShift(Welcom is a typo, which should be Welcome.)Then you have successfully deployed the Snova server to OpenShift.5. Configure the Snova c4 clientSupposing that you have installed Snova on GAE as mentioned before, then you can find and open the"c4-client.conf" file via the following path: .../snova-xxx/plugins/c4/conf/c4-client.conf 85
  91. 91. Chapter Two Part Seven Section Five: How To Use Snova On OpenShiftAnd enter your OpenShift app domain (such as "fn-freenutsdot.rhcloud.com") at the end line of"WorkerNode [0]".By the way, Snova supports multiple c4 plugins together, so that you can also add the domains of your CloudFoundry and/or Heroku apps in the same "c4-client.conf" file, just make sure the numbers behind"WorkerNode" are different from each other.6. Configure snova.confFind and open the "snova.conf" file via the following path: .../snova-xxx/conf/snova.confAnd change the "ProxyService" value from "GAE" to "C4".By the way, you can skip this step if you have ever done this before.7. Start Snova 86
  92. 92. Chapter Two Part Seven Section Five: How To Use Snova On OpenShiftAfter that, you can start Snova, and if you can see the following message: Start plugin:C4 … SuccessThen you can visit the HTTPS links normally, as what you can do with the Cloud Foundry or Herokuplugins. 87
  93. 93. Chapter Two Part Seven Section Six: How To Use Snova On Jelastic Part Seven Section Six: How To Use Snova On JelasticAs mentioned before, you can run the Snova proxy on Cloud Foundry, Heroku, OpenShift and Jelastic PaaSplatforms, with the C4 plugins.Among these 4 PaaS platforms, Jelastic is the easiest way to install the C4 plugin, since you do NOT need touse any command lines, as what you can see from the following detailed steps:1. Download snova-c4-server-xxx.warOn the Snova Downloads webpage, download the "snova-c4-server-xxx.war" file, and you can skip this stepif which you have done before.2. Create a Jelastic account 88
  94. 94. Chapter Two Part Seven Section Six: How To Use Snova On JelasticOn the Jelastic homepage, enter your email address to sign up an account, which login username andpassword will be emailed to you soon.3. Create your Jelastic app domain 89
  95. 95. Chapter Two Part Seven Section Six: How To Use Snova On JelasticAfter login, you can see an "Environment topology" window, on which, you can enter an "Environmentname" (such as "freenuts"), which will generate you one Jelastic app domain (such as"freenuts.jelastic.servint.net"), and then click the "Create" button.4. Upload snova-c4-server-xxx.warClick the "Upload" button, and browse to upload the "snova-c4-server-xxx.war" file you downloaded.By the way, you can enter anything into the "Comment" box if you like.5. Deploy Snova c4 server to Jelastic 90
  96. 96. Chapter Two Part Seven Section Six: How To Use Snova On JelasticMoving the cursor over the name of the uploaded "snova-c4-server-xxx.war" file, you can see a yellow icon,clicking on which, you can see the Environment name, clicking on which, you can see a pop-up window, andclicking on its "Deploy" button directly without changing anything, then you can deploy the C4 plugin toJelastic.6. Configure the Snova c4 client 91
  97. 97. Chapter Two Part Seven Section Six: How To Use Snova On JelasticSupposing that you have installed Snova on GAE as mentioned before, then you can find and open the"c4-client.conf" file via the following path: .../snova-xxx/plugins/c4/conf/c4-client.confAnd enter your Jelastic app domain (such as "freenuts.jelastic.servint.net") at the end line of "WorkerNode[0]".By the way, Snova supports multiple c4 plugins together, so that you can also add the domains of your CloudFoundry, Heroku, and/or OpenShift apps in the same "c4-client.conf" file, just make sure the numbers behind"WorkerNode" are different from each other. 92
  98. 98. Chapter Two Part Seven Section Six: How To Use Snova On Jelastic7. Configure snova.confFind and open the "snova.conf" file via the following path: .../snova-xxx/conf/snova.confAnd change the "ProxyService" value from "GAE" to "C4".By the way, you can skip this step if you have ever done this before.8. Start Snova 93
  99. 99. Chapter Two Part Seven Section Six: How To Use Snova On JelasticAfter that, you can start Snova, and if you can see the following message: Start plugin:C4 … SuccessThen you can visit the HTTPS links normally, as what you can do with the Cloud Foundry, Heroku and/orOpenShift plugins. 94
  100. 100. Chapter Two Part Eight: Best 2 Extensions For You To Manage Network Proxy Settings Part Eight: Best 2 Extensions For You To Manage Network Proxy SettingsWhether Freegate, Tor, Snova or any other proxy clients or SSH tunnels, you need to change the networkproxy settings before you can use them to unblock those blocked sites.Although their proxy addresses are same (127.0.0.1), their ports are usually different, for example, Freegateis 8580, Tor is 9050, Snova is 48100, etc., instead to change the port value manually every time whentransferring one proxy to another, you can use the following 2 free extensions to do that automatically.1. SwitchySharpSwitchySharp (or Proxy SwitchySharp) is a Chrome extension.After installation, you can see a new tab of SwitchySharp Options, on which, you can enter a proxys name asthe Profile Name, and set the Manual Configuration.For FreeGate, GappProxy, Goagent, Hyk-proxy, Snova or UltraSurf, you can enter 127.0.0.1 together with itsport in the HTTP Proxy column and check the "Use the same proxy server for all protocols" box; for Tor orSSH, you can just enter 127.0.0.1 together with port 9050 or 7070 in the SOCKS Hosts (SOCKS v4) column. 95
  101. 101. Chapter Two Part Eight: Best 2 Extensions For You To Manage Network Proxy SettingsAfter that, click the "Save" button, then, you can click on the SwitchySharp icon in the Toolbar, and selectthe Profile Name to use the proxy service.Bonus:To find an alternative Chrome extension, you can check out Proxy Switchy, which is nearly same asSwitchySharp, but not so popular.2. FoxyProxy StandardFoxyProxy Standard is a Firefox extension.After installation, you can see the extension icon in both Navigation Toolbar and Add-on Bar, click onwhich, you can start to add proxy configuration by clicking on the "Add New Proxy" button in the settingswindow.For FreeGate, GappProxy, Goagent, Hyk-proxy, Snova or UltraSurf, you can enter 127.0.0.1 together with itsport in the Host or IP Address column of the Proxy Details tab.And for Tor or SSH tunnel, you also need to check the "SOCKS proxy?" box as well as the "SOCKS v4/4a"box.For better experience, you can enter the proxy services name as Proxy Name in the General tab if you like.After that, click the "OK" button, then you will see a new pop-up with the following message: 96
  102. 102. Chapter Two Part Eight: Best 2 Extensions For You To Manage Network Proxy Settings You didnt enter and enable any whitelisted (inclusive) URL patterns. This means the proxy wont be used unless FoxyProxy is set to "Use Proxy tor for all URLs". Continue anyway?Just click on the "OK" button, then you can select the proxy name from the "Select Mode" column in the topof the settings window and use its proxy service.Bonus:AutoProxy is also a free Firefox add-on like FoxyProxy Standard.By the way, whichever extension you are using, you can add some rules to or not to visit some sites via proxyif you like, and then FoxyProxy Standard wont ask you if to "Continue anyway?" any more. 97
  103. 103. Chapter Three Free VPN Services Chapter Three Free VPN ServicesWhile proxy can be taken as a carrier, who helps delivery your message to another person, VPN (VirtualPrivate Network) will be like the persons office staff, who also helps you delivery your message to thatperson.While proxy only works for the application you assign to, and basically the browsers only, VPN will worksfor your entire device, whether browsers, email clients, app stores or any other application that connects tothe internet.While you need to set the browser HTTP proxy addresses to use a proxy service, you dont need to do thatwith VPN services.So, generally speaking, VPN is safer than Proxy.Image Credit: http://en.wikipedia.org/wiki/Virtual_private_network 98
  104. 104. Chapter Three Part One: Free PPTP VPN Services Part One: Free PPTP VPN ServicesAs one of the methods to implement VPN, PPTP (Point-to-Point Tunneling Protocol) is very easy to buildand use.But hosting is expensive, so that there are not so many free PPTP VPN services, among which, the following10 are the best up till now:1. SecurityKISSOn any download page of the SecurityKISS website, you can enter your email address and get 2 PPTP/L2TPVPN accounts in your Inbox, one is from USA, the other is from UK.Besides, you can also sign in your SecurityKISS account with the username and password received to get 99
  105. 105. Chapter Three Part One: Free PPTP VPN Servicesmore VPN servers from USA, UK, France and/or some other countries.And besides PPTP/L2TP, SecurityKISS also offers free OpenVPN services for Windows, Mac/Linuxsystems.By the way, no matter which or how many VPN services you are using, the free traffic data is up to 300 MBper day.2. Super Free VPNOpen the Super Free VPN website, you can see the account, which server and username are fixed, whilepassword will be changed in up to 8 hours.By the way, in case the "superfreevpn.com" domain is blocked in your area (such as China), you can changeit to the following IP address: 69.60.121.293. JustFreeVPN 100
  106. 106. Chapter Three Part One: Free PPTP VPN ServicesOpen the JustFreeVPN website, you can see 3 free PPTP VPN accounts, one is from USA, one is from UK,and one is from CA.For different accounts, their servers are different, usernames are all "justfreevpn", and passwords will bechanged in uncertain times.4. UFreeVPN 101
  107. 107. Chapter Three Part One: Free PPTP VPN ServicesThe UFreeVPN website offers one USA, one UK and one CA free PPTP VPN services, which servers aredifferent, but usernames and passwords are fixed, so that you do not need to change passwords often.5. NewFreeVPN 102
  108. 108. Chapter Three Part One: Free PPTP VPN ServicesOn 3 different pages of the NewFreeVPN website, you can find out 3 different free PPTP VPN accounts, oneis from US, one is from UK, and one is from Canada, the servers of them are different, but the username(free) and password (1234) are same.6. TsunagarumonTsunagarumon is a Japanese free PPTP VPN.On the Entry page, enter your email address, check to agree the service terms, click on the red button,double-check your email address, and click on the next red button, then you can get an email fromTsunagarumon.Clicking on the link in the email, you can receive your free PPTP VPN account soon.7. FreeCanadaVPN 103
  109. 109. Chapter Three Part One: Free PPTP VPN ServicesFreeCanadaVPN is a Canada PPTP VPN, which server is "freecanadavpn.com", username is "free", andpassword will be changed and displayed on the right top of the page irregularly.8. BestUKVPNAs the name, BestUKVPN is a UK PPTP VPN, which server is "bestukvpn.com", username is "free" and 104
  110. 110. Chapter Three Part One: Free PPTP VPN Servicespassword will be updated irregularly.9. Zace BookAs a Romania free PPTP VPN, Zace Books server is "vpn.zacebook.com", username is "VPN", andpassword will be updated every one or two days.10. VPN Book 105
  111. 111. Chapter Three Part One: Free PPTP VPN ServicesVPN Book is also a Romania VPN, which PPTP server is "pptp.vpnbook.com", username is "pptp", andpassword will be changed every one or two days.Besides PPTP, VPN Book also offers free OpenVPN services.Among the above 10 free PPTP VPN services, SecurityKISS is the best, but only with 300 MB traffic perday.Bonus:Like Super Free VPN mentioned before, if the server host name of any other free PPTP VPN is blocked inyour area, you can ping and change it to the servers IP address. 106
  112. 112. Chapter Three Part Two: Free VPN Softwares Part Two: Free VPN SoftwaresDifferent from PPTP VPN Services, desktop VPN softwares require downloading and installation.Most VPN softwares are not free, but luckily, you can check out the following best 6 free ones:1. SecurityKissThe VPN software SecurityKiss works for Windows only, but brings you 300MB of data transfer per day forfree.No registration is required, you can just download and install the SecurityKiss software, then run and connectit. If the connection fails, you can try to select another VPN server.2. ProXPN 107
  113. 113. Chapter Three Part Two: Free VPN SoftwaresThe VPN software ProXPN is workable for Windows and Mac computers.Create a ProXPN account, download, install and run the software, then you can connect the VPN servicewith your username and password, but there will be a ProXPN landing page before you can visit the site youintend to.3. Private Tunnel 108
  114. 114. Chapter Three Part Two: Free VPN SoftwaresPrivate Tunnel is a OpenVPN service, workable on Windows and Mac.You can create an account, download the OpenVPN Connect package, choose to connect the San Jose, CA(US), London (UK) or Zurich (CH) server, then you can use the Private Tunnel service, but only 100 MBfree traffic.4. Hotspot Shield 109
  115. 115. Chapter Three Part Two: Free VPN SoftwaresWith English, French, Chinese and some other languages support, Hotspot Shield offers a free VPN solutionwith unlimited bandwidth for Windows and Mac.Just download and install the software, then you can run and connect the VPN service, but there will be adson the top of the webpages you visit.5. ExpatShield 110
  116. 116. Chapter Three Part Two: Free VPN SoftwaresLike Hotspot Shield, ExpatShield is also a free VPN software offers unlimited bandwidth with ads andsupports multiple languages.But ExpatShield is only workable for Windows computer system.6. Cloak VPN 111
  117. 117. Chapter Three Part Two: Free VPN SoftwaresCloak VPN supports Mac, iPhone and iPad.After registration, download the right Cloak VPN clients according to your device operating systems, thenyou can connect and use the VPN service directly.By the way, you can use the Cloak VPN services on both of your OS and iOS devices with up to 1G trafficand 2 hours EVERY month as a free user.Among the above 6 free VPN softwares, I prefer to use SecurityKiss and ProXPN, how about you? Whichones are your favorite? 112
  118. 118. Chapter Three Part Three: How To Build A VPN Part Three: How To Build A VPNWant to build your own VPN instead to use others, whether free or not?If youve already had a VPS, cloud computing or dedicated server, and the Terminal application of Mac, orthe Putty tool for Windows, you can start to build VPN services, whether PPTP, L2TP or OpenVPN types.The following will show you how to build a PPTP, L2TP and OpenVPN on a VPS based on the MacTerminal application in 3 separate posts.First of all, run your Terminal, and enter the following command:ssh root@xxx.xxx.xxx.xxxJust replace "xxx.xxx.xxx.xxx" with your VPS IP, such as "178.18.17.212".Then you will see the following message:Are you sure you want to continue connecting (yes/no)?Enter "yes" and press the "Return" key, then, enter your password and press the "Return" key.P.S.:If youve rebuilt your VPS, you may meet the following error:Host key verification failed.In that case, enter the following command at first: 113
  119. 119. Chapter Three Part Three: How To Build A VPNssh-keygen -R xxx.xxx.xxx.xxxRemember to replace "xxx.xxx.xxx.xxx" with your VPS IP address.After that, you can start to build your own VPN. 114
  120. 120. Chapter Three Part Three Section One: How To Build A PPTP VPN Part Three Section One: How To Build A PPTP VPNAfter connecting to your server via SSH, you can build your own PPTP VPN with the following 8 steps:1. Install PPTPDInstall the PPTPD package with the following command: apt-get install pptpd2. Edit the VPN interface IP addressesOpen the pptpd.conf file with the following code: nano /etc/pptpd.confPress the Enter key, find and uncomment the following 2 lines: 115
  121. 121. Chapter Three Part Three Section One: How To Build A PPTP VPN #localip 192.168.0.1 #remoteip 192.168.0.234-238,192.168.0.2453. Edit DNS addressesEnter the following command: nano /etc/ppp/pptpd-optionsFind the following codes: #ms-dns 10.0.0.1 #ms-dns 10.0.0.2And change them to the following ones: ms-dns 8.8.8.8 ms-dns 8.8.4.44. Add VPN accountsEnter the following command: nano /etc/ppp/chap-secretsPress the Return key and enter the following information: 116
  122. 122. Chapter Three Part Three Section One: How To Build A PPTP VPN username pptpd password *For example: freenuts pptpd 123456 *5. Forward IPv4Enter the following command: nano /etc/sysctl.confPress the Return key, find and uncomment the following line: #net.ipv4.ip_forward=16. Apply the forwardYour forward change wont be active immediately, and you need to apply it with the following commend: sysctl -pIf everything is correct, then you can see the following result: net.ipv4.ip_forward = 1 117
  123. 123. Chapter Three Part Three Section One: How To Build A PPTP VPN7. Allow the routingCopy and paste the following command: iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADEPress the Return key to run the command.8. Restart PPTPDCopy and paste the following command: /etc/init.d/pptpd restartPress the Return key, then you can use your PPTP VPN with the username and password youve set before. 118
  124. 124. Chapter Three Part Three Section Two: How To Build A L2TP VPN Part Three Section Two: How To Build A L2TP VPNTo build an L2TP/IPSec VPN, you can follow the following 6 steps:1. Install OpenSwanEnter the following command lines one by one: aptitude install build-essential aptitude install libgmp3-dev gawk flex bison wget http://www.openswan.org/download/openswan-2.6.35.tar.gz tar xzvf openswan-2.6.35.tar.gz 119
  125. 125. Chapter Three Part Three Section Two: How To Build A L2TP VPN cd openswan-2.6.35 make programs make installRemember to press the "Return" key when entering any one of the above lines.By the way, 2.6.35 is the latest version during my test, and you can check the OpenSwan website to see ifthere is a new version later, if yes, you can use it instead.2. Edit IPSecFirstly, open the ipsec.conf file with the following command: vi /etc/ipsec.confDelete all the existing contents, and paste the following ones: version 2.0 config setup nat_traversal=yes virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0 /12,%v4:25.0.0.0/8,%v6:fd00::/8,%v6:fe80::/10 oe=off protostack=netkey conn %default 120
  126. 126. Chapter Three Part Three Section Two: How To Build A L2TP VPN forceencaps=yes conn L2TP-PSK-NAT rightsubnet=vhost:%priv also=L2TP-PSK-noNAT conn L2TP-PSK-noNAT authby=secret pfs=no auto=add keyingtries=3 rekey=no ikelifetime=8h keylife=1h type=transport left=YOUR.VPS.IP.ADDRESS leftprotoport=17/1701 right=%any rightprotoport=17/%anyRemember to change YOUR.VPS.IP.ADDRESS to your VPS IP address, such as 178.18.17.30 for thistutorial.Secondly, open the ipsec.secrets file with the following code: vi /etc/ipsec.secretsAnd insert the following content: YOUR.VPS.IP.ADDRESS %any: PSK "YourSharedSecret"For example: 178.18.17.30 %any: PSK "123456abcdef" 121
  127. 127. Chapter Three Part Three Section Two: How To Build A L2TP VPNThirdly, enter the following command lines one by one: for each in /proc/sys/net/ipv4/conf/* do echo 0 > $each/accept_redirects echo 0 > $each/send_redirects doneRemember to press the "Return" key after every command line.Fourthly, restart IPSEC with the following command: service ipsec restart3. Install L2TPGo back to the root directory, and install the L2TP package with the following command line: aptitude install xl2tpdAfter installation, open the conf file with the following code: vi /etc/xl2tpd/xl2tpd.confDelete all the existing content and paste the following one: [global] 122
  128. 128. Chapter Three Part Three Section Two: How To Build A L2TP VPN ; listen-addr = 192.168.1.98 [lns default] ip range = 10.1.1.2-10.1.1.255 local ip = 10.1.1.1 require chap = yes refuse pap = yes require authentication = yes name = LinuxVPNserver ppp debug = yes pppoptfile = /etc/ppp/options.xl2tpd length bit = yes4. Set up xl2tpdEnter the following command: vi /etc/ppp/options.xl2tpdThen insert the following codes: require-mschap-v2 ms-dns 8.8.8.8 ms-dns 8.8.4.4 asyncmap 0 auth crtscts lock hide-password modem debug name l2tpd proxyarp lcp-echo-interval 30 lcp-echo-failure 4 123
  129. 129. Chapter Three Part Three Section Two: How To Build A L2TP VPNAfter that, open the chap-secrets file: vi /etc/ppp/chap-secretsAnd insert the following content: username l2tpd password *For example: freenuts l2tpd 123456 *Then, restart L2TP: service xl2tpd restart5. IP forwardEnter the following command: vi /etc/sysctl.confPress the "Return" key, find the line of "#net.ipv4.ip_forward=1" and uncomment it.After that, enter the following command: 124
  130. 130. Chapter Three Part Three Section Two: How To Build A L2TP VPN sysctl -pPress the "Return" key, then you will only see "net.ipv4.ip_forward=1" as the result if everything is right.After that, enter the following command: iptables -t nat -A POSTROUTING -s 10.1.1.0/24 -o eth0 -j MASQUERADE6. For rebootNow, you can connect your L2TP/IPSec VPN, but if you reboot your VPS, your forwarding settings will begone, to avoid this, you can enter the following command: vi /etc/rc.localPress the "Return" key and paste the following contents before the "exit 0" line: for each in /proc/sys/net/ipv4/conf/* do echo 0 > $each/accept_redirects echo 0 > $each/send_redirects done iptables -t nat -A POSTROUTING -s 10.1.1.0/24 -o eth0 -j MASQUERADE /etc/init.d/ipsec restartSave it, then you are done. 125

×