Green tunnel It is a free and open source anti-censorship tool that bypasses the deep packet inspection (DPI) that many Internet service providers use to block certain websites. The application can be used with a graphical user interface or from the command line, and is available for Microsoft Windows, macOS and Linux.
|GreenTunnel CLI on the left, GUI on the right|
So how to unblock the website? GreenTunnel operates as a localhost HTTP proxy server that performs the following operations.
For HTTP, GreenTunnel sends the request in two parts, for example
GET / HTTP/1.0 n Host: www.you As the first part
tube.com n ... As the second part. This way, the Internet Service Provider (ISP) does not match the blocked word “youtube” in the data packet, so the data will not be restricted or blocked.
In the case of HTTPS, the application splits the first CLIENT_HELLO packet into small pieces, so the ISP cannot parse the packet and find the SNI (server name indication, this is the extension of TLS, indicating the client is trying to access The actual target host name) via HTTPS) field.
As for DNS (Domain Name System), GreenTunnel uses DNS on HTTPS and DNS on TLS to obtain real IP addresses and prevent DNS hijacking. It is worth noting that this is not effective in all places. The developer is Reddit review This works for most ISPs in Iran, and they have also received positive feedback from Turkey and Russia. Some HN users also commented that it can be used with KT ISP in South Korea and You Broadband in India. GreenTunnel cannot unblock websites in China. In addition, it will not unblock websites that have restricted access in certain countries/regions, for example, if Netflix, Pandora, Hulu, etc. are not available in your country/region, it will not unblock them either. In addition, I should also mention that GreenTunnel does not encrypt traffic like a VPN, and does not hide your IP address, so Internet service providers can still see all your traffic! If this causes you trouble, please don’t use it!
Let me add that I live in a country where an ISP does not block websites, so I cannot try this software myself.
On the GitHub version page, you will find GreenTunnel GUI binaries for macOS, Microsoft Windows-based and Debian-based Linux distributions (Ubuntu, Linux Mint, Pop!_OS, Zorin OS, etc.). one left AUR package Applicable to Arch Linux Manjaro users.
To install the GreenTunnel command line interface, please refer to the installation instructions on its GitHub https://github.com/SadeghHayeri/GreenTunnel#command-line-interface-cli (you can install via NPM, Snap and Docker).
How to use GreenTunnel to unblock websites restricted by ISP
GreenTunnel can be used as a command line or GUI tool. The GUI is easy to use, but it lacks some settings, for example, it has no option to change the DNS server, and cannot change the IP and port.
To use the GUI, all you need to do is to run it and then restart the web browser. The app will automatically set your system proxy to
127.0.0.1:8000 (So please make sure nothing else is running on port 8000). When GreenTunnel is closed, the system proxy will be automatically disabled.
Chromium-based web browsers automatically use the system proxy (at least on Linux), so if you are using Chrome, Chromium, etc., you don’t need to change anything else. For Firefox, go to its
Network Settings And set it to
Use system proxy settings.
To use the GreenTunnel command line interface, run (this is an example, you can change the parameters):
gt --ip 127.0.0.1 --port 8000 --dns-server https://mozilla.cloudflare-dns.com/dns-query
These are the available command line options:
$ gt --help Usage: green-tunnel [options] Usage: gt [options] Options: --help, -h Show help [boolean] --version, -V Show version number [boolean] --ip ip address to bind proxy server[string] [default: "127.0.0.1"] --port port address to bind proxy server [number] [default: 8000] --dns-type [string] [choices: "https", "tls"] [default: "https"] --dns-server [string] [default: "https://cloudflare-dns.com/dns-query"] --silent, -s run in silent mode [boolean] [default: false] --verbose, -v debug mode [string] [default: ""] --system-proxy automatic set system-proxy [boolean] [default: true]
Just like the GUI, the command line utility sets the system HTTP proxy to
--port You specify as a parameter). Set Firefox to
Use system proxy settings, Available in Firefox
Network Settings (This operation is not required for Chromium-based web browsers), restart the web browser to complete the operation.