How To Set Up An Anonymous Proxy For Iranians Using Squid on Mac OS X
Hat tip to Austin for the Windows instructions.
1) Grab this Disk Image, and run the package inside it. It is not some kind of virus. It actually works, I promise.
2) Look in your Applications folder for a folder called squid. Inside THAT folder, there is a folder called etc. Inside the etc folder, there is a file called squid.conf. Open it in your text editor of choice.
3) To restrict access to people with Iranian IP addresses find line 1885 (which is blank), just above # And finally deny all other access to this proxy. Copy/paste this code:
acl TRUSTED src 62.60.128.0/17 62.193.0.0/19 62.220.96.0/19 77.36.128.0/17 77.77.64.0/18 77.104.64.0/18 77.237.64.0/19 77.237.160.0/19 77.245.224.0/20 78.38.0.0/15 78.109.192.0/20 78.110.112.0/20 78.111.0.0/20 78.154.32.0/19 78.157.32.0/19 78.158.160.0/19 79.127.0.0/17 79.132.192.0/19 79.170.144.0/21 79.175.128.0/18 80.66.176.0/20 80.69.240.0/20 80.71.112.0/20 80.75.0.0/20 80.191.0.0/16 80.242.0.0/20 80.253.128.0/20 80.253.144.0/20 81.12.0.0/17 81.28.32.0/20 81.28.48.0/20 81.31.160.0/20 81.31.176.0/20 81.90.144.0/20 81.91.128.0/20 81.91.144.0/20 82.99.192.0/18 82.115.0.0/19 83.147.192.0/18 84.47.192.0/18 84.241.0.0/18 85.9.64.0/18 85.15.0.0/18 85.133.128.0/17 85.185.0.0/16 85.198.0.0/18 86.109.32.0/19 87.107.0.0/16 87.247.160.0/19 87.248.128.0/19 89.144.128.0/18 89.165.0.0/17 89.221.80.0/20 89.235.64.0/18 91.98.0.0/15 91.184.64.0/19 91.186.192.0/19 91.206.122.0/23 91.208.165.0/24 91.209.242.0/24 91.212.16.0/24 91.212.19.0/24 91.212.252.0/24 92.42.48.0/21 92.50.0.0/18 92.61.176.0/20 92.62.176.0/20
acl TRUSTEDTOO src 93.110.0.0/16 93.190.24.0/21 94.74.128.0/18 94.101.128.0/20 94.101.176.0/20 94.101.240.0/20 94.139.160.0/19 94.182.0.0/15 94.184.0.0/17 94.232.168.0/21 94.241.128.0/18 95.38.0.0/16 95.80.128.0/18 95.81.64.0/18 95.82.0.0/18 95.82.64.0/18 95.130.56.0/21 95.130.240.0/21 188.34.0.0/16 188.93.64.0/21 188.121.96.0/19 188.121.128.0/19 188.136.128.0/17 188.158.0.0/15 193.189.122.0/23 194.225.0.0/16 195.146.32.0/19 212.16.64.0/19 212.33.192.0/19 212.50.224.0/19 212.80.0.0/19 212.95.128.0/19 212.120.192.0/19 213.176.0.0/19 213.176.32.0/19 213.176.64.0/18 213.195.0.0/18 213.207.192.0/18 213.217.32.0/19 213.233.160.0/19 217.11.16.0/20 217.24.144.0/20 217.25.48.0/20 217.64.144.0/20 217.66.192.0/20 217.66.208.0/20 217.146.208.0/20 217.172.96.0/19 217.174.16.0/20 217.218.0.0/15
4) Go to the next line, line 1887, which says http_access deny all and replace it with the following: http_access allow TRUSTED TRUSTEDTOO
5) On line 705, change the line # cache_access_log /Applications/Squid/var/logs/access.log to cache_access_log none. This is what makes users ‘anonymous’.
6) Go to whatismyip.com and get your IP Address. Note it down.
7) On line 2112, the line above # TAG: unique_hostname, add visible_hostname xxx.xxx.xxx replacing xxx.xx.xxx with the IP Address you got in step 6.
8) We’ll also need to change line 56, which says # http_port 3128. This is where it gets a bit complicated. I’m told that the standard Squid ports have been shut down in Iran (8080 and 3128), so we’re going to have to get a bit crafty. First, pick a number between 1024 and 49151. Now change line 56 to say http_port [your port], removing the hashmark in front of it and replacing [your port] with the port number you’ve chosen.
9) If you do not have a static IP address from your web host, and are on DSL or Cable, you’re going to need to forward the port we declared in step 7 to your machine. To find out how to do this with your specific router and web host, you’ll need to look on the box itself and find the model number, then google something like “[router name] port forwarding”. I’d provide detailed instructions, but there are just too many brands of router and they are too different. You can test if the port is open and being forwarded properly by using this port scanner. If the port doesn’t work, then pick another one and redo step 8.
10) Open up your Terminal (located in /Applications/Utilities) and type sudo chmod -R 777 /Applications/Squid/etc and hit return. It will ask your for your root password. This will most likely be the same as your user password. Then type sudo /Applications/Squid/sbin/squid -z. It should give you some output. As long as it doesn’t say “error”, you are fine. If it gives you a “squid is already running” error, try sudo /Applications/Squid/sbin/squid -k reconfigure instead.
11) Tell @austinheap on Twitter or via email the IP address you got in step 6, and the port number you chose in step 8. He’ll see that it gets to the right people. However else you want to publicize your IP is up to you. Don’t send it to me, as I can’t do anything with it.
