As other commentators have pointed out, much like the actual Great Wall of China, the Great Firewall of China is not a singular entity but rather a patchwork of potentially overlapping walls whose policies vary by ISP, city, and province.
Inner Mongolia has been having uprisings recently, it does not surprise me that reddit would be blocked there (actually, I believe most internet was severed from Inner Mongolia a month or two ago).
I'd like to mention this service isn't 100% accurate.
For instance, my website http://syskall.com is shown as not blocked when in fact it is blocked (as are all Posterous blogs). Also, http://google.com.hk is shown as blocked when in fact it isn't.
Writing this from an apartment in Shenzhen and regular DSL connection.
Also varies based on what you've visited before. English Wikipedia works fine… until you visit the Tiananmen Square Protests article, and then suddenly all of Wikipedia stops working.
Blocking has been an issue for the international company I work for.
The company recently switched 4000+ users to Gmail and Google Apps only to find after the facts that nearly 20% of the workforce would have little or no access to most of the Google Apps sites as they are in China (I guess a bit more testing should have been in order...).
I hacked a solution, involving stunnel for encrypted communications, ss5 (a SOCKS5 proxy server), Proxy Auto-Config files (PAC) files and the Web Proxy Auto-Discovery protocol (WPAD)...
An installer is used to easily deploy the whole thing and configure the system.
PAC files are used by the browser to redirect traffic based on URL pattern matching.
Instead of going through the local Internet, requests that match the rules for known bocked sites are diverted to a local stunnel service running on the user's machine (or a local server depending on the configuration).
The encrypted requests are then sent to a server in Hong Kong running the SOCKS5 proxy (we actually now use multiple servers on different HK ISPs and do some load balancing for better results).
From the point of view of the user, the system is transparent: it just works, they have nothing to do once their machine is configured.
I tried many setups, but the various measures used in China to disrupt traffic required the data stream to be encrypted for reliable results.
The only issue we face is due to the really unpredictable quality of the network in China: most ISPs have limited international bandwidth and depending on the ISP, the time of day, etc there can be large variations in quality.
21 comments
[ 3.2 ms ] story [ 49.9 ms ] threaddelicious at the beginning, will be tedious if you keep it up ;)
Inner Mongolia has been having uprisings recently, it does not surprise me that reddit would be blocked there (actually, I believe most internet was severed from Inner Mongolia a month or two ago).
For instance, my website http://syskall.com is shown as not blocked when in fact it is blocked (as are all Posterous blogs). Also, http://google.com.hk is shown as blocked when in fact it isn't.
Writing this from an apartment in Shenzhen and regular DSL connection.
http://www.blockedinchina.net/?siteurl=127.0.0.1
I hacked a solution, involving stunnel for encrypted communications, ss5 (a SOCKS5 proxy server), Proxy Auto-Config files (PAC) files and the Web Proxy Auto-Discovery protocol (WPAD)... An installer is used to easily deploy the whole thing and configure the system.
PAC files are used by the browser to redirect traffic based on URL pattern matching. Instead of going through the local Internet, requests that match the rules for known bocked sites are diverted to a local stunnel service running on the user's machine (or a local server depending on the configuration). The encrypted requests are then sent to a server in Hong Kong running the SOCKS5 proxy (we actually now use multiple servers on different HK ISPs and do some load balancing for better results).
From the point of view of the user, the system is transparent: it just works, they have nothing to do once their machine is configured.
I tried many setups, but the various measures used in China to disrupt traffic required the data stream to be encrypted for reliable results.
The only issue we face is due to the really unpredictable quality of the network in China: most ISPs have limited international bandwidth and depending on the ISP, the time of day, etc there can be large variations in quality.
I need to write about this one day...