Force programs to use & go through proxy
Check out Proxifier. Combined with an SSH tunnel, you should be able to get most programs through any proxy.
My school (and all the others in my state) have a quite elaborate web filtering proxy set up which blocks most ports on the other side of the proxy. I managed to get around it using a combination of the programs mentioned above on Windows.
Just create an SSH tunnel using Putty as necessary, and then set Proxifier to use the tunnel as its proxy. This should route traffic of all ports through the proxies.
My tun2socks software (Linux, Windows) creates a virtual network interface that forwards all incoming TCP connections through a specified proxy server. It can only use a SOCKS proxy, and by default can only forward TCP, though UDP can be forwarded too if you are able to run my udpgw
forwarder somewhere behind the SOCKS. Assuming you meet those requirements, here's how you can set it up:
First create the virtual interface and configure it. On Linux:
openvpn --mktun --dev tun0 --user <your_user>
ifconfig tun0 10.0.0.1/24
Or, on Windows, just install OpenVPN to get the TAP-Win32 virtual interface, and assign it IP 10.0.0.1, netmask 255.255.255.0.
Then start tun2socks, which does the actual forwarding:
badvpn-tun2socks --tundev tun0
--netif-ipaddr 10.0.0.2 --netif-netmask 255.255.255.0
--socks-server-addr <socks_server_address>:<socks_port>
Here, 10.0.0.2
is the IP of the virtual router inside the virtual interface. It must be in the same subnet as, and different from, the one assigned to the virtual interface itself (10.0.0.1/24
). On Windows, instead of tun0
, use:
--tundev "tap0901:<display_name_of_TAP-Win32_device>:10.0.0.1:10.0.0.0:255.255.255.0"
At this point you should be able to ping the virtual router 10.0.0.2
(in which case the running tun2socks
program will be the one to respond). To forward connections through the proxy, all you have to do is route them through the virtual device. On Linux:
route add default gw 10.0.0.2 metric 0
Or on Windows:
route add 0.0.0.0 mask 0.0.0.0 10.0.0.2 metric 0
The critical part here is that the route overrides any existing default route. Also, if your SOCKS server is not on the local network, you have to add an exception route with higher metric to prevent connections from being routed back into the virtual interface. See the link at the top for more information.