Tuesday, January 22, 2013

Jailbreak iPhone,Linux, OS X, Shadowsocks-nodejs, PAC, GFW, 翻墙

My last blog talked about getting through the GFW with Shadowsocks python version on a jailbreak iPhone, this time, i'm going to talk about a better alternative, Shadowsocks-nodejs, here we go:

How does it work?

  • Create a Socks 5 proxy inside the iPhone with Shadowsocks-nodejs.
  • Create a PAC file inside the iPhone to tell which connection goes Proxy and which one goes Direct.
  • Create a bash script to add website to PAC file, so we don't need to edit the file maunally.
  • Assign the PAC file to WiFi and 3g/edge/gprs network.
  • PAC on iPhone is a system wide proxy, it will work for all apps.

How we gonna make it?

1 Create a Socks 5 proxy.

  • Go get the Shadowsocks-nodejs code and config it, see the project homepage.
  • on the server side, we need to get nodejs installed, find it at nodejs.org, and run:
nohup node server.js > /dev/null 2>&1 &
  • on the iPhone side, we  also need to install nodejs, find it in cydia store, the version should be 0.6.14, it works like a charm, after we got it, run inside iPhone:
nohup node local.js > /dev/null 2>&1 &
  • now we  have a running Socks 5 proxy inside iPhone, for example,

2 Create a PAC file.

  • A basic PAC file is something like this:

function FindProxyForURL(url, host) {  // this is the beginning of PAC file

var XXGFW = "SOCKS"; // this defines a variable to look clean and easy to modify

if (
isPlainHostName(host) ||
shExpMatch(host, "*.local") ||
isInNet(dnsResolve(host), "", "") ||
isInNet(dnsResolve(host), "",  "") ||
isInNet(dnsResolve(host), "",  "") ||
isInNet(dnsResolve(host), "", "")) {

return "DIRECT";

} // this tells all local site to go DIRECT

if (
//added by hand
dnsDomainIs(host, "gmail.com") ||
dnsDomainIs(host, "blogger.com") ||
dnsDomainIs(host, "blogspot.com") ||
dnsDomainIs(host, "appspot.com") ||
dnsDomainIs(host, "bit.ly") ||
dnsDomainIs(host, "wikipedia.org") ||
dnsDomainIs(host, "twitter.com") ||
dnsDomainIs(host, "facebook.com") ||
dnsDomainIs(host, "google.com.hk") ||
dnsDomainIs(host, "youtube.com")) {

return XXGFW;

} // this tells the listed websites to go our Socks 5 proxy, "||" means OR

else {

return "DIRECT";

} // this tells everything else to go DIRECT

} // this is the end of PAC file

  • Save the above code to autoproxy.pac (for example) and move it to /var/root/ inside the iPhone, and run:

sudo chown mobile:mobile /var/root/autoproxy.pac
sudo chmod 777 /var/root/autoproxy.pac

3 Create a bash script to add website to PAC file

  • Now we got a working PAC, next we need to create a bash script, so that we can add any GFWed website into this PAC file, the script is like this:
ed -s /var/root/autoproxy.pac << EOF
/\/\/added by hand/a
dnsDomainIs(host, "${domain}") ||
  • Save it and name it as agfw, move it to /usr/bin and give it the ability to excute:
sudo chmod +x /usr/bin/agfw
  • To run this script, we need to install ed in cydia store, once we find a website that is blocked by GFW, take the newly GFWed github.com for example, we can add it to PAC file just by running:
agfw github.com
  • Go and check the autoproxy.pac, we'll see that github.com is in there. Now we can view github.com with any  iPhone apps. We can add any website we want to the PAC file with this script, just a single command, it's pretty awesome :)

4 Assign the PAC file to WiFi and 3G/EDGE/GPRS network

  • For WiFi, go to Settings > WiFi > Your connected WiFi > HTTP Proxy > Auto, fill it with:
  • For  3G/Edge/GPRS, we need to edit the following file with iFile:
  • Add the following colored code to the correct position of the this file:
<string>com.apple.CommCenter (ip1)</string> 
<string>com.apple.CommCenter (ip1)</string>
  • Save and reboot to make it work.

What we got?

  • The proxy will work 24/7 as long as our VPS server works 24/7, always online, no login needed (compared to ssh tunnel & VPN), it just forwards GFWed connection to the server and get feed back.
  • This is the best solution for iPhone to make us feel that GFW seems not existed.
  • Gmail Push goes normal (in seconds) after i put main google domains into the PAC file, even when iPhone is sleeping.
  • The PAC file, the Socks 5 proxy and the Bash script that is used to add website to PAC file are all inside iPhone, once we found a website we can't open, just open Mobileterminal.app (which can be found on cydia store), run agfw balabala.com, done! pretty simple.
  • This solution also works for Linux and OS X client, because iOS is a lite version of OS X :)
Follow me @cattyhouse


  1. Very nice hack, thanks! :-)

  2. Hello, i believe that i noticed you visited
    mmy website thus i got here to return the favor?.I'm attempting to in finding issues tto
    improve my site!I guess its ok tto use some of your ideas!!

    Also visit my blog post - guide to purchasing a used
    car - -