West chamber season 3 – a new way to bypass Great Firewall
(I don’t quite believe wordpress.com, I edit this post in google docs, and it is open for anyone to edit. I am not used to write in English, if you find mistakes please correct it for me in google docs. I may update here periodly based on the google docs one.)
The Great Firewall of China
Normally, we illustrate the Great Firewall(GFW) with the Great Wall of China:
But technically, GFW does not simply work like a wall. The commonly-used technical methods are IP blocking, DNS cache poisoning, connection reset, (ref wikipedia Great Firewall of China). And connection reset is now the most import part that works.
Technical details of connection reset
Why choose connection reset? For web sites, IP may change, and normally domain do not, it’s a big overhead to maintain an IP list of domains; and DNS cache poisoning can be bypassed by changing a hosts file for local name resolution. Connection reset is, somehow an elegant way to block the unwelcome sites (of course, unwelcomed by Chinese goverment).
When GFW detect sensitive words from site url or site content, it will send reset packet to both client and web server, thus, both client & web server give up the connection, and “Error 101 (net::ERR_CONNECTION_RESET): The connection was reset.” come to your chrome browser. This works like cheating, not blocking.
The scholarzhang project
There is nearly no way to bypass GFW without proxy servers (strictly speaking, bypass var p2p network, is also implemented by proxy, the different is that any node in p2p network may be the server, server is not fixed). Servers cost money, and there must be someone to pay for it.
Scholarzhang is a great attempt to build tool to bypass directly without intermedia server. It’s trying to save connection before reset package is sent by GFW. The theory is sophisticated, and it meet many restrictions(ref README, I wish some one could translate it to English). Now, the tools provide by scholarzhang hardly work anymore.
West chamber season 3
This project is mainly inspired by and inherited from scholarzhang. The theory is simple: drop the cheating packages send by GFW on both sides – server and client. Currently I have got a working prototype. If you are in China mainland, you should not be able to visit liruqi.me directly. But if install client by this install guide, then you should be.
But I need help:
- Spread and promote this project. It need client and web server cooperate, without either side, this will not work. Especially If you can directly contact the webmaster or system administrator of a blocked site, persuade him/her to do this! This will bring them lots of Chinese users.
- Find more specific rules of GFW. Currently, On the server, I simply drop reset packet from China; On the client, I simply drop reset packet from China. I wonder how risky of doing this. I wish to reduce the negative impact to minimum.
- More test & improvement on Windows client.
Beside, anyone interested in this project, mail me! Tell me what you can do, documentation, translation, web site building & development are welcomed. I cannot finish them all by myself anyway 🙂 . Also, contact me if there is any chance for me to go abroad, to work or study on anti-GFW, for this is my interest. I also love to “make the world a more open place”, but in a different way from Mark Zuckerberg, you know.