Check out corkscrew.<div><br></div><div><a href="http://www.agroman.net/corkscrew/">http://www.agroman.net/corkscrew/</a> <br><br><div class="gmail_quote">On Mon, Jan 2, 2012 at 12:42 PM, Siavash Sameni <span dir="ltr"><<a href="mailto:siavash.sameni@gmail.com">siavash.sameni@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hey everyone , <br>I'm using tinc from iran , and i've been using tinc with tcponly for a few years now , to bypass the filtering , and have access to the free internet , but recently , our government started to apply some sort of exotic filtering scheme , they've completely blocked outgoing and incoming ssh requests , and ssl encrypted packets , and the only thing allowed is https !! , which gives you full speed (like 200K/s ) for trusted websites lets say gmail , and around 3-7 KB/s , for non trusted websites , let's say CIA website .<br>
the only vpn that somehow works at the moment is IP-IP tunnel , which doesn't have no encryption , and thus , for instance ssh , inside of the ip ip tunnel doesn't work . <br>at the moment tinc , still works , but as soon as there is some traffic on the tunnel (more than 1KB/s ) it starts to behave weird, and for instance , ssh over it will have hiccups .<br>
my idea is right now this , maybe there is a way to mark packets as something known (read it http or ftp) for the layer 7 packet analyzer on the way , so it'd give full bandwidth , and doesn't drop the connection . <br>
because in the past we had sort of the same situation , they've limited the connection speed of SSH , but if we used an LSH client (which had a different signature) the problem was not existence no more , the performance was great .<br>
or maybe if i can change the cipher , or the encryption algorithm , it'd be perfect . <br>for my line of work , not being able to use ssh , mean that , i cannot possibly work , <br>at the moment , i have three ways to do ssh , <br>
1. shell in a box . <br>2. tinc with the performance of few hundred bytes a second<br>3. vpnc in an ipip tunnel !!! with variable performance .<br>anyhelp would be appreciated .<br>sorry for that it's not really related to tinc itself , but if tinc could be used , i'd appreciate it the most :)<br>
thank you.<br></div>
<br>_______________________________________________<br>
tinc mailing list<br>
<a href="mailto:tinc@tinc-vpn.org">tinc@tinc-vpn.org</a><br>
<a href="http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc" target="_blank">http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc</a><br>
<br></blockquote></div><br></div>