1

I am currently in China and I would like to still visit some blocked websites (facebook, youtube). I have VPS in the USA and I have installed tinyproxy on it. I log in on my VPS with SSH port-forwarding and I have configured my browser appropriately. Everything works more or less: I can surf to those websites but everything is inusually slow and sometimes data transfer stops abruptly. This probably has to do with the fact that I see some errors in my shell on the VPS like :

channel 6: open failed: connect failed:

Also in the log-file of tinyproxy I see some bad things:

ERROR     Sep 06 14:52:14 [28150]: getpeer_information: getpeername() error: Transport endpoint is not connected
ERROR     Sep 06 14:52:15 [28153]: writebuff: write() error "Connection reset by peer" on file descriptor 7
ERROR     Sep 06 14:52:15 [28168]: readbuff: recv() error "Connection reset by peer" on file descriptor 7
ERROR     Sep 06 14:52:15 [28151]: readbuff: recv() error "Connection reset by peer" on file descriptor 7
ERROR     Sep 06 14:52:15 [28143]: readbuff: recv() error "Connection reset by peer" on file descriptor 7
ERROR     Sep 06 14:52:17 [28147]: writebuff: write() error "Connection reset by peer" on file descriptor 7
ERROR     Sep 06 14:52:23 [28137]: writebuff: write() error "Connection reset by peer" on file descriptor 7
ERROR     Sep 06 14:52:26 [28168]: getpeer_information: getpeername() error: Transport endpoint is not connected
ERROR     Sep 06 14:52:27 [28186]: read_request_line: Client (file descriptor: 7) closed socket before read.
ERROR     Sep 06 14:52:31 [28160]: getpeer_information: getpeername() error: Transport endpoint is not connected
Kyle Brandt
  • 82,107
  • 71
  • 302
  • 444
Paul
  • 11
  • 1
  • 2
  • Uh, oh. Then the Great Chinese Firewall strikes back. Try from outside China. If that works then you know the reason. – mailq Sep 06 '11 at 16:44

1 Answers1

3

Did you try with SSH's built-in SOCKS proxy?

ssh -D 1080 yourvps-server

and then configure your browser to use localhost:1080 as SOCKS proxy (not HTTP proxy). SOCKS is more powerful as it will allow also non-HTTP connections to be forwarded, as long as your program has SOCKS support.

BTW, make sure that also DNS resolutions go through the proxy, in case the great firewall also censors DNS. For Firefox, you need to set network.proxy.socks_remote_dns = true in about:config.

Giovanni Bajo
  • 405
  • 3
  • 9
  • +1 - SOCKS is a generally a better idea than using an HTTP proxy. Of course, if Paul *really* wants to log his traffic, SOCKS may not be appropriate... – ghoti Jun 02 '12 at 20:56