Iranians, you are not alone. Uploaded these direct from the protest to Youtube…
Posts Tagged: iran
19
Jun 09
How to setup an Iran proxy, quick guide (not detailed)
Intro
If you are unaware, Iranian protesters are having to use proxies to avoid Internet and journalist censorship in Iran. Proxies are allowing them to post on sites such as Twitter, Facebook, Flickr, Youtube and others. As many people don’t know how to do this, I threw together a guide. I apologize for its brevity, but I am at work and trying to get the post up quickly and follow events in Iran all at the same time.
Having said that:
Install Squid
If you’re on Windows, just follow these instructions:
http://blog.austinheap.com/2009/06/15/how-to-setup-a-proxy-for-iran-citizens-for-windows/
If you’re on a Mac, first install MacPorts (if you don’t already have it):
Then, in the Terminal, run
sudo port install squid
(if you’re on Linux I assume you know how to install, if not Google “install squid proxy”, I also highly recommend using Rackspace’s Cloud Servers or Amazon for this type of thing since you can bring servers up and down or increase capacity so quickly)
Configure
From there it is a matter of configuring and running Squid. Edit /opt/local/etc/squid/squid.conf in a text editor (like Textmate or vi or emacs) per Austin Heap’s instructions:
4) Configure the DNS name servers on the line that says “dns_nameservers” to point at your ISPs DNS servers.
5) Now the fun part, locking access down the just the Iranian IP blocks.Inside the text editor search (Control-W) for the line “http_access deny all” and change it to “http_access allow all”. This will make your proxy open and accessible to the world. If you would like to limit your proxy to Iranian IP blocks, you want to change “http_access deny all” to read “http_access allow TRUSTED” add a line (BEFORE the http_access line to setup an access control list [ACL]). This ACL line that defines TRUSTED should read:
acl TRUSTED src 62.60.128.0/17 62.193.0.0/19 62.220.96.0/19 77.36.128.0/17 77.77.64.0/18 77.104.64.0/18 77.237.64.0/19 77.237.160.0/19 77.245.224.0/20 78.38.0.0/15 78.109.192.0/20 78.110.112.0/20 78.111.0.0/20 78.154.32.0/19 78.157.32.0/19 78.158.160.0/19 79.127.0.0/17 79.132.192.0/19 79.170.144.0/21 79.175.128.0/18 80.66.176.0/20 80.69.240.0/20 80.71.112.0/20 80.75.0.0/20 80.191.0.0/16 80.242.0.0/20 80.253.128.0/20 80.253.144.0/20 81.12.0.0/17 81.28.32.0/20 81.28.48.0/20 81.31.160.0/20 81.31.176.0/20 81.90.144.0/20 81.91.128.0/20 81.91.144.0/20 82.99.192.0/18 82.115.0.0/19 83.147.192.0/18 84.47.192.0/18 84.241.0.0/18 85.9.64.0/18 85.15.0.0/18 85.133.128.0/17 85.185.0.0/16 85.198.0.0/18 86.109.32.0/19 87.107.0.0/16 87.247.160.0/19 87.248.128.0/19 89.144.128.0/18 89.165.0.0/17 89.221.80.0/20 89.235.64.0/18 91.98.0.0/15 91.184.64.0/19 91.186.192.0/19 91.206.122.0/23 91.208.165.0/24 91.209.242.0/24 91.212.16.0/24 91.212.19.0/24 91.212.252.0/24 92.42.48.0/21 92.50.0.0/18 92.61.176.0/20 92.62.176.0/20 92.242.192.0/19 93.110.0.0/16 93.190.24.0/21 94.74.128.0/18 94.101.128.0/20 94.101.176.0/20 94.101.240.0/20 94.139.160.0/19 94.182.0.0/15 94.184.0.0/17 94.232.168.0/21 94.241.128.0/18 95.38.0.0/16 95.80.128.0/18 95.81.64.0/18 95.82.0.0/18 95.82.64.0/18 95.130.56.0/21 95.130.240.0/21 188.34.0.0/16 188.93.64.0/21 188.121.96.0/19 188.121.128.0/19 188.136.128.0/17 188.158.0.0/15 193.189.122.0/23 194.225.0.0/16 195.146.32.0/19 212.16.64.0/19 212.33.192.0/19 212.50.224.0/19 212.80.0.0/19 212.95.128.0/19 212.120.192.0/19 213.176.0.0/19 213.176.32.0/19 213.176.64.0/18 213.195.0.0/18 213.207.192.0/18 213.217.32.0/19 213.233.160.0/19 217.11.16.0/20 217.24.144.0/20 217.25.48.0/20 217.64.144.0/20 217.66.192.0/20 217.66.208.0/20 217.146.208.0/20 217.172.96.0/19 217.174.16.0/20 217.218.0.0/15
6) Setup “visible_hostname” (normally just the public IP address).
7) Turn off logging by adding these two lines:access_log none
cache_store_log none
And finally, start is up, on the Terminal, run:
sudo launchctl load -w /Library/LaunchDaemons/org.macports.Squid.plist
Making your proxy available from home
Finally, if you are running Squid from your home network, you will probably have to configure your router. There are decent instructions here:
http://thoughtsections.blogspot.com/2009/06/proxies-for-iran-walkthrough.html
Although I still recommend using Mosso or Amazon (do you really want your home network blocked from Iran?)
19
Jun 09
RMAD: Recoverable Mutually Assured Destruction, as seen first in Iran
Assuming reasonably equal resources and knowledge: two parties attempting to knock each other off the internet can result in only two outcomes: either they both get knocked off or neither does. The possibility of either party “winning” is essentially impossible. The Internet’s combination of network redundancy and ability to communicate with, and garner assistance from, sympathetic parties from around makes it nearly impossible to for one party to squash another. The only thing they can do is cut themselves off completely. I think of this is RMAD “Recoverable Mutually Assured Destruction” since they can turn it back on afterwards (unlike the nuclear MAD).
We are seeing this now in Iran. The government controls the connections, but can’t cut off the opposition without cutting themselves off. So we are seeing outside parties providing proxies and passing along messages (see http://twitter.com/#search?q=%23Iranelection).
This is all intuitively clear and long predicted, but I think this is the first time we are really seeing it in action.