H/T to Omir the Storyteller for this idea, I think it's a great one. Now I need your help. The idea that Omir had was to roll a custom Linux Live CD that does one thing; creates a proxy that Iranians can use to connect and transmit photos and words outside the influence of their government. It got me thinking that in the world we live in, technology and access to the internet are going to play a HUGE part in future political events, no matter where they play out in the world. Having a Live CD out there that does this, and could be easily adapted for use in other countries (by altering the IP block below) could be a great tool for the freedom of information worldwide.
This diary is not really a political one, beyond the politics of wanting to let the Iranian people communicate freely. Basically, I'm just asking any Linux-minded Kossacks out there to lend me their expertise, if they like.
Almost everyone out there has a computer at home that is idle during the day. And I imagine many people on this site, like me, are wondering what they could do to help Iran right now, how they can contribute. If we could create what I'm describing, it would be as simple as popping a CD in ther computer, restarting it, and sending an email. The following is the text of my post to the Ubuntu forum, where I have thus far received no concrete instructions, just a vague direction to something called "remastersys." I know DKos ain't tech support, but I thought perhaps I'd find some people more willing to help.
Note that this also includes most of a post from: http://blog.austinheap.com/...
The reason for quoting it whole is that the server it resides on is getting hammered today, and I wanted to make sure it stays accessible. All credit goes to the author for the information in the sub-quote.
I'm interested in creating a custom Ubuntu distro that would include very little in the way of features; the only thing it would really be any good for is creating Proxies using Squid to assist bloggers in Iran in connecting to the internet around government IP restrictions.
The goal would be to create a live CD that a non-technical person could simply place into a computer with an internet connection, and it would produce a few lines of feedback including the Proxy IP address and some instructions on how (and how not) to distribute it. No graphical interface, no filesystems mounted (except the CD, obviously) really nothing but the bare minimum needed to get a proxy up and running, and give the user some limited (like, 2-3 paragraphs at most) instructions about what to do next.
The world is changing fast, and the last few political uprisings have been coordinated largely on the backs of social networking sites like Twitter and Facebook. I imagine that the future holds more of the same. In times of heavy-handed government control of Internet access, people trying to get the truth out, in words and photos, should be afforded every possible opportunity to do so. I'd like to establish this as a tool that could be deployed in time of need to those who need it.
Here's a brief description of how to install and start the service on an existing Linux installation:
If you’re using CentOS/Redhat, it’s pretty straight forward to setup a proxy and help give access to those in Iran who are being censored.
Login as root and run the following:
yum install squid
nano -w etcsquid/squid.conf
Inside the code editor search (Control-W) for the line "http_access deny all" and change it to "http_access allow all". This will make your proxy open and accessible to the world. If you would like to limit your proxy to Iranian IP blocks, you want to change "http_access deny all" to read "http_access allow TRUSTED" add a line (BEFORE the http_access line to setup an access control list [ACL]). This ACL line that defines TRUSTED should read:
acl TRUSTED src 126.96.36.199/17 188.8.131.52/19 184.108.40.206/19 220.127.116.11/17 18.104.22.168/18 22.214.171.124/18 126.96.36.199/19 188.8.131.52/19 184.108.40.206/20 220.127.116.11/15 18.104.22.168/20 22.214.171.124/20 126.96.36.199/20 188.8.131.52/19 184.108.40.206/19 220.127.116.11/19 18.104.22.168/17 22.214.171.124/19 126.96.36.199/21 188.8.131.52/18 184.108.40.206/20 220.127.116.11/20 18.104.22.168/20 22.214.171.124/20 126.96.36.199/16 188.8.131.52/20 184.108.40.206/20 220.127.116.11/20 18.104.22.168/17 22.214.171.124/20 126.96.36.199/20 188.8.131.52/20 184.108.40.206/20 220.127.116.11/20 18.104.22.168/20 22.214.171.124/20 126.96.36.199/18 188.8.131.52/19 184.108.40.206/18 220.127.116.11/18 18.104.22.168/18 22.214.171.124/18 126.96.36.199/18 188.8.131.52/17 184.108.40.206/16 220.127.116.11/18 18.104.22.168/19 22.214.171.124/16 126.96.36.199/19 188.8.131.52/19 184.108.40.206/18 220.127.116.11/17 18.104.22.168/20 22.214.171.124/18 126.96.36.199/15 188.8.131.52/19 184.108.40.206/19 220.127.116.11/23 18.104.22.168/24 22.214.171.124/24 126.96.36.199/24 188.8.131.52/24 184.108.40.206/24 220.127.116.11/21 18.104.22.168/18 22.214.171.124/20 126.96.36.199/20 188.8.131.52/19 184.108.40.206/16 220.127.116.11/21 18.104.22.168/18 22.214.171.124/20 126.96.36.199/20 188.8.131.52/20 184.108.40.206/19 220.127.116.11/15 18.104.22.168/17 22.214.171.124/21 126.96.36.199/18 188.8.131.52/16 184.108.40.206/18 220.127.116.11/18 18.104.22.168/18 22.214.171.124/18 126.96.36.199/21 188.8.131.52/21 184.108.40.206/16 220.127.116.11/21 18.104.22.168/19 22.214.171.124/19 126.96.36.199/17 188.8.131.52/15 184.108.40.206/23 220.127.116.11/16 18.104.22.168/19 22.214.171.124/19 126.96.36.199/19 188.8.131.52/19 184.108.40.206/19 220.127.116.11/19 18.104.22.168/19 22.214.171.124/19 126.96.36.199/19 188.8.131.52/18 184.108.40.206/18 220.127.116.11/18 18.104.22.168/19 22.214.171.124/19 126.96.36.199/20 188.8.131.52/20 184.108.40.206/20 220.127.116.11/20 18.104.22.168/20 22.214.171.124/20 126.96.36.199/20 188.8.131.52/19 184.108.40.206/20 220.127.116.11/15
Turn off logging by adding these two lines:
Save the config file and as root issue the following command to start the Squid proxy server:
service squid start
Please don’t run this on a machine that you’re worried about or is used for production sites; and take basic security precautions, ie: moving SSH off the default port, using iptables, etc.
Obviously, the commands would be different, but I don't even know where to start in terms of stripping stuff out of an Ubuntu distro, adding Squid, anything.
I'm appealing to this community, so if this sounds like a worthy project, I'd love it if someone could help me out.
Can anyone tell me how to begin?
So how about it, Kossacks? Anyone out there up to the challenge? I imagine if we could get the thing done, re-pack the ISO of the live CD as a Torrent, and advertise it on Twitter it could be all over the world in a day. I can't imagine the file size would be much more than 50-100 megs, just enough for the Kernel and some very limited other stuff, plus whatever dependencies Squid has... Again, this is not my area of expertise, I know just enough to be dangerous, and I'm looking for help.
Who's coming with me?