出于安全等考虑,可能需要设置强制https访问,那么php中可以采取如下设置。
代码如下:
if ($_SERVER["HTTPS"]<>"on") { $xredir="https://".$_SERVER["SERVER_NAME"]. $_SERVER["REQUEST_URI"]; header("Location: ".$xredir); } |
如果要强制非https访问那么把<>改成==就可以了。
https访问需要响应的ssl证书,默认的不可信任倒是也没关系,如果需要可信任的证书,可参考以下文章:
http://zou.lu/nginx-https-ssl-module/
http://blog.s135.com/startssl/
转载请注明:转载自DarkIces.com
本文链接地址:http://dki.me/2b
方法一:
默认走OpenVPN,把不走OpenVPN的IP按下列方法设置
把类似于下面的代码加到OpenVPN的配置文件后面:
max-routes 1000
route 58.17.0.0 255.255.0.0 net_gateway
route 58.18.0.0 255.254.0.0 net_gateway
route 58.20.0.0 255.255.0.0 net_gateway
route 58.24.0.0 255.254.0.0 net_gateway
route 58.30.12.136 255.255.255.255 net_gateway
方法二:
默认不走OpenVPN,设定部分IP通过OpenVPN访问
把类似于下面的代码加到OpenVPN的配置文件后面:
route-nopull
# vpnchina sever
route 174.36.181.0 255.255.255.0 net_gateway
#ustream
route 96.17.8.0 255.255.255.0 vpn_gateway
#no21984.org
route 97.74.203.0 255.255.255.0 vpn_gateway
#archive
route 207.241.0.0 255.255.0.0 vpn_gateway
#isohunt
route 208.71.112.0 255.255.255.0 vpn_gateway
# zkaip
route 174.37.148.0 255.255.255.0 vpn_gateway
#bit.ly
route 168.143.173.0 255.255.255.0 vpn_gateway
#adobe
route 192.150.0.0 255.255.0.0 vpn_gateway
# ke neng ba
route 74.207.248.0 255.255.255.0 vpn_gateway
# python
route 82.94.164.0 255.255.255.0 vpn_gateway
#ur.ly
route 216.239.34.0 255.255.255.0 vpn_gateway
#iphonedownloadblog
route 66.33.209.0 255.255.255.0 vpn_gateway
# uncyclopedia
route 96.45.180.0 255.255.255.0 vpn_gateway
#mediafire
route 93.46.8.0 255.255.255.0 vpn_gateway
route 8.7.198.0 255.255.255.0 vpn_gateway
route 37.61.54.0 255.255.255.0 vpn_gateway
# blackra1n
route 74.220.215.0 255.255.255.0 vpn_gateway
#r f a
route 63.85.36.0 255.255.255.0 vpn_gateway
#yam
route 60.199.252.0 255.255.255.0 vpn_gateway
#wei quan wang
route 75.125.252.0 255.255.255.0 vpn_gateway
#ff.im
route 64.13.142.0 255.255.255.0 vpn_gateway
# plurk
route 74.120.121.0 255.255.255.0 vpn_gateway
# b b c
route 212.58.240.0 255.255.248.0 vpn_gateway
# xiaochun
route 210.157.5.0 255.255.255.0 vpn_gateway
# dropbox
route 174.129.212.0 255.255.255.0 vpn_gateway
# wikimedia
route 208.80.152.0 255.255.255.0 vpn_gateway
# akamai
route 63.150.131.0 255.255.255.0 vpn_gateway
# flickr
route 67.195.19.0 255.255.255.0 vpn_gateway
route 69.147.90.0 255.255.255.0 vpn_gateway
# twitbrowser
route 97.74.144.0 255.255.255.0 vpn_gateway
# ipaddl
route 67.19.72.0 255.255.255.0 vpn_gateway
# delicious
route 76.13.6.0 255.255.255.0 vpn_gateway
# sendspace
route 216.151.186.0 255.255.255.0 vpn_gateway
#emule
route 74.53.185.0 255.255.255.0 vpn_gateway
# dev-team
route 72.32.231.0 255.255.255.0 vpn_gateway
# hellotxt
route 212.239.17.0 255.255.255.0 vpn_gateway
# Mediafire
route 205.196.120.0 255.255.255.0 vpn_gateway
# Geocity
route 202.93.87.0 255.255.255.0 vpn_gateway
#tinypic
route 209.17.74.0 255.255.255.0 vpn_gateway
# ultraxs.com
route 93.46.8.0 255.255.255.0 vpn_gateway
# AOL
route 64.12.0.0 255.255.0.0 vpn_gateway
route 207.200.64.0 255.255.192.0 vpn_gateway
route 205.188.0.0 255.255.0.0 vpn_gateway
# NTT Twitter
route 168.143.0.0 255.255.0.0 vpn_gateway
route 128.121.0.0 255.255.0.0 vpn_gateway
# Cloud Front (Twitter)
route 216.137.32.0 255.255.224.0 vpn_gateway
route 159.106.121.0 255.255.255.0 vpn_gateway
route 69.63.176.0 255.255.240.0 vpn_gateway
route 66.220.144.0 255.255.240.0 vpn_gateway
# Akamai (Facebook)
route 72.246.0.0 255.254.0.0 vpn_gateway
route 204.2.171.0 255.255.255.0 vpn_gateway
# Youtube / Google
route 8.8.0.0 255.255.0.0 vpn_gateway
route 66.249.0.0 255.255.0.0 vpn_gateway
route 74.125.0.0 255.255.0.0 vpn_gateway
route 209.85.128.0 255.255.128.0 vpn_gateway
route 202.78.112.0 255.255.240.0 vpn_gateway
route 66.102.0.0 255.255.240.0 vpn_gateway
route 208.65.152.0 255.255.252.0 vpn_gateway
# Revsci
route 216.223.0.0 255.255.0.0 vpn_gateway
# Amazon
route 174.129.0.0 255.255.0.0 vpn_gateway
# Omroep
route 145.58.0.0 255.255.0.0 vpn_gateway
# Transip
route 80.69.64.0 255.255.224.0 vpn_gateway
# Hurricane Electric (mail-archive.com)
route 72.52.64.0 255.255.192.0 vpn_gateway
# GoDaddy
route 64.202.160.0 255.255.224.0 vpn_gateway
# PsiNET
route 38.0.0.0 255.0.0.0 vpn_gateway
# Wordpress
route 72.233.0.0 255.255.128.0 vpn_gateway
route 74.200.192.0 255.255.192.0 vpn_gateway
route 76.74.254.0 255.255.255.128 vpn_gateway
route 65.52.0.0 255.252.0.0 vpn_gateway
# Spotify
route 78.31.8.0 255.255.255.0 vpn_gateway
# The Planet
route 74.52.0.0 255.252.0.0 vpn_gateway
# Slicehost / Posterous
route 67.207.128.0 255.255.224.0 vpn_gateway
# Softlayer / Twitpic
route 174.36.0.0 255.254.0.0 vpn_gateway
route 66.228.120.0 255.255.255.0 vpn_gateway
# Vimeo
route 66.235.112.0 255.255.240.0 vpn_gateway
route 208.67.232.0 255.255.248.0 vpn_gateway
route 72.21.192.0 255.255.224.0 vpn_gateway
# Wefollow
route 70.32.64.0 255.255.192.0 vpn_gateway
# blogspot
route 64.233.160.0 255.255.224.0 vpn_gateway
route 72.14.192.0 255.255.192.0 vpn_gateway
# badongo
route 216.45.48.0 255.255.240.0 vpn_gateway
# www.wenxuecity.com / psinet
route 38.0.0.0 255.0.0.0 vpn_gateway
# Twitpic
route 74.86.0.0 255.255.0.0 vpn_gateway
# www.dwnews.com / level3
route 209.244.0.0 255.252.0.0 vpn_gateway
# www.6park.com / the planet
route 74.52.0.0 255.252.0.0 vpn_gateway
# Backchina / the planet
route 209.62.0.0 255.255.128.0 vpn_gateway
# yFrog
route 208.94.0.0 255.255.252.0 vpn_gateway
# opera
route 213.236.128.0 255.255.128.0 vpn_gateway
方法三:
直接使用chnroutes
使用方法参见http://code.google.com/p/chnroutes/wiki/Usage
方法四:
直接使用DOS命令添加路由。这种方法对其它各类的VPN应该是通用的。
例如在命令行下运行如下命令(如果不熟悉的话,不推荐使用该方法):
route add 110.6.0.0 mask 255.254.0.0 %gw% metric 5
route add 110.16.0.0 mask 255.252.0.0 %gw% metric 5
route add 110.40.0.0 mask 255.252.0.0 %gw% metric 5
route add 110.48.0.0 mask 255.255.0.0 %gw% metric 5
route add 110.51.0.0 mask 255.255.0.0 %gw% metric 5
route add 110.52.0.0 mask 255.254.0.0 %gw% metric 5
route add 110.56.0.0 mask 255.248.0.0 %gw% metric 5
route add 110.64.0.0 mask 255.254.0.0 %gw% metric 5
route add 110.72.0.0 mask 255.254.0.0 %gw% metric 5
附:国内IP地址路由
参考文章:
http://kangzj.net/how-to-add-local-route-for-openvpn/
http://xiaolife.com/wordpress/use-openvpn-route-and-vpn_gateway/
转载请注明:转载自DarkIces.com
本文链接地址:http://dki.me/2a
中午看到某人说自己的网址PR上升到5了,刚才发现自己的博客网址也升到1了。
看来google是很重视愚人节的啊。。
开博差不多整3个月,在此留个记号。
转载请注明:转载自DarkIces.com
本文链接地址:http://dki.me/29
http://www.isweetriver.com/2010/videogame-remakes
Blizzard花了10年把星际争霸从1.x升到了2.x,哥是彻底的玻璃渣粉丝,但在版本号这点上,Blizzard和我们QQ无法匹敌,另一方面,只恨自己的T60年事已高,打开游戏效果全关,整个画面仿佛在放幻灯片,完全是凭借着精神力打败了电脑。
20世纪到21世纪,想想那些伴随着我们走过了无数美好时光的FC游戏如果现在用新的技术被重新制作出来,那会是什么样呢?
图片就不转过来了,有兴趣的自己点第一个链接看吧,可惜没认出几个游戏。。。
转载请注明:转载自DarkIces.com
本文链接地址:http://dki.me/28
https://www.google.com/uds/samples/apidocs/helloworld.html
https搜索,因此不会被审查,不会被reset。
转载请注明:转载自DarkIces.com
本文链接地址:http://dki.me/26
Google发言人:我们并没有退出中国,香港是中国不可分割的一部分。如果有必要,我们可以将服务器放到台湾,因为台湾也是中国的一部分。再不行,可以放到钓鱼岛上去,那也是中国。
大陆Google服务可用情况http://www.google.com/prc/report.html#hl=en
Google申明英文版
On January 12, we announced on this blog that Google and more than twenty other U.S. companies had been the victims of a sophisticated cyber attack originating from China, and that during our investigation into these attacks we had uncovered evidence to suggest that the Gmail accounts of dozens of human rights activists connected with China were being routinely accessed by third parties, most likely via phishing scams or malware placed on their computers. We also made clear that these attacks and the surveillance they uncovered—combined with attempts over the last year to further limit free speech on the web in China including the persistent blocking of websites such as Facebook, Twitter, YouTube, Google Docs and Blogger—had led us to conclude that we could no longer continue censoring our results on Google.cn.
So earlier today we stopped censoring our search services—Google Search, Google News, and Google Images—on Google.cn. Users visiting Google.cn are now being redirected to Google.com.hk, where we are offering uncensored search in simplified Chinese, specifically designed for users in mainland China and delivered via our servers in Hong Kong. Users in Hong Kong will continue to receive their existing uncensored, traditional Chinese service, also from Google.com.hk. Due to the increased load on our Hong Kong servers and the complicated nature of these changes, users may see some slowdown in service or find some products temporarily inaccessible as we switch everything over.
Figuring out how to make good on our promise to stop censoring search on Google.cn has been hard. We want as many people in the world as possible to have access to our services, including users in mainland China, yet the Chinese government has been crystal clear throughout our discussions that self-censorship is a non-negotiable legal requirement. We believe this new approach of providing uncensored search in simplified Chinese from Google.com.hk is a sensible solution to the challenges we’ve faced—it’s entirely legal and will meaningfully increase access to information for people in China. We very much hope that the Chinese government respects our decision, though we are well aware that it could at any time block access to our services. We will therefore be carefully monitoring access issues, and have created this new web page, which we will update regularly each day, so that everyone can see which Google services are available in China.
In terms of Google’s wider business operations, we intend to continue R&D work in China and also to maintain a sales presence there, though the size of the sales team will obviously be partially dependent on the ability of mainland Chinese users to access Google.com.hk. Finally, we would like to make clear that all these decisions have been driven and implemented by our executives in the United States, and that none of our employees in China can, or should, be held responsible for them. Despite all the uncertainty and difficulties they have faced since we made our announcement in January, they have continued to focus on serving our Chinese users and customers. We are immensely proud of them.
David Drummond, SVP, Corporate Development and Chief Legal Officer
今年1月12日,我们在本博客上宣布,Google及另外二十余家美国公司受到了来自中国的、复杂的网络攻击,在对这些攻击进 行深入调查的过程中,通过我们所收集到的证据表明,几十个与中国有关的人权人士的Gmail帐号定期受到第三方的侵入,而这大部分侵入是通过安装在他们电 脑上的钓鱼软件或恶意软件进行的。这些攻击以及它们所暴露的网络审查问题,加上去年以来中国进一步限制网络言论自由,包括 对FaceBook、Twitter、YouTube、Google Docs 和 Blogger 等网站的持续屏蔽,使我们做出结论:我们不能继续在Google.cn搜索结果上进行自我审查。
从今天早上开始,我们已停止了在Google.cn搜索服务上的自我审查,包括 Google Search (网页搜索)、Google News(资讯搜索)和Google Images (图片搜索)。 访问 Google.cn 的用 户从现在开始将被指向Google.com.hk,在这个域名上,我们将提供未经审查的简体中文搜索结果,这些为中国大陆用户设计的服务将通过我们在香港 的服务器实现。香港地区的用户还将继续通过Google.com.hk获得跟现在一样的、未经审查的繁体中文搜索服务。在我们进行迁移的过程中,由于香港 服务器负荷的增加以及这些变化的复杂程度,用户可能会发现搜索速度变慢,或发现某些产品暂时不能访问。
实施我们做出的在Google.cn上停止审查搜索结果的承诺是一个十分艰难的过程。我们希望全球尽可能多的用户都能访问到我们的服 务,包括在中国大陆的用户。中国政府在与我们讨论的过程中已经十分明确地表示,自我审查是一个不可谈判的法律要求。为此,我们相信,一个解决我们所面临挑 战的可行方案是在Google.com.hk上提供未经审查的简体中文搜索结果——它完全符合法律要求,同时也有助于提高中国大陆用户对信息的访问。我们 十分希望中国政府尊重我们的这一决定,尽管我们知道,用户对Google服务的访问有可能随时被阻止。为此,我们将密切监测网址访问问题,并制作了一个新 页面,用户可以实时地了解到在中国哪些Google服务是可用的。
至于Google的广泛的业务运营,我们计划继续在中国的研发工作,并将保留销售团队,然而销售团队的规模显然部分取决于中国大陆用户 能否访问Google.com.hk 。最后,我们要清楚表明:所有这些决定都是由美国的管理团队做出和实施的,没有任何一位中国员工能够、或者应该为这些决定负责。自我们在1月份发布博客以 来,尽管面临着众多的不确定性和困难,他们仍然坚守在工作岗位,专注于服务我们的中国用户和客户。我们为拥有这样的员工感到深深的骄傲。
转载请注明:转载自DarkIces.com
本文链接地址:http://dki.me/24
前面介绍过一种ssh代理工具:MyEnTunnel
Tunnelier是Bitvise团队开发的一个ssh客户端,功能包括ssh客户端、sftp客户端、端口转发功能(tunnel)。其中tunnel功能做的十分高效,比基于plink的MyEntunnel速度快很多。个人使用免费。
安装版:http://dl.bitvise.com/Tunnelier-Inst.exe
绿色版:http://tp.vbap.com.au/download
安装后界面上可以看出有很多功能,首先是基本配置:
Host填写ssh代理服务器的地址,Port一般是22端口,右边的Username和Password就是登陆的用户名密码。下面有一个Proxy选项,支持Http和Socks4/Socks5代理,这样局域网通过代理上网的话也可以使用ssh代理了,这样也解决了我自己和其他人在单位或实验室的问题。
其他配置:
这个工具支持打开终端界面和ftp客户端,但是因为我在这只是使用ssh代理,所以上面的几个多选框都取消掉,而且我估计ssh代理的用户名也不会给这些权限的。
代理配置:
把代理Enabled选中,然后监听端口可以自选,我这里是7070端口。设置好代理以后的浏览器配置可以参看:利用VPS架设ssh代理。
所有的配置都设置好以后,如果想下次自动登录,点击左侧的Save Profile As保存配置文件,下次使用Load Profile导入即可。
Tunnelier对我而言最大的好处在于它支持通过代理连接,而plink是不支持的,至于速度暂时还没有明显感觉。
参考文章:Tunnelier使用教程
转载请注明:转载自DarkIces.com
本文链接地址:http://dki.me/22
不了解的可以自行先Google一下,不推荐baidu,因为你不会知道的更多。
从原理可以看出,西厢计划不安装任何软件,只是是通过防火墙策略来达到突破GFVV的目的,所以这里不是翻墙,而是破墙。要想达到阻断改策略就需要过滤更多的流量,在资源和效率上可能暂时是达不到的。
直接屏蔽掉IP也是可以达到阻断的目的,不过通过最简单的代理就可以突破IP的访问限制,所以这也不是问题。
该项目依赖于Linux内核功能。移植Windows工作正在进行中,现在已经提供Alpha版本下载。
邮件列表需要申请才能有权查看。
下载页面中west-chamber-win-0.03.rar就是Windows版本。scholarzhang-0.3.2-mingw32-alpha.zip是基于WinPcap的版本可以在MinGW32环境下编译运行,实现了连接混淆的部分,未实现反DNS劫持的部分,用户仍然可以试用,但不再维护。
转载请注明:转载自DarkIces.com
本文链接地址:http://dki.me/20
