Your Freedom User Guide A Step By Step Introduction And Reference Guide To Your Freedom http://www.your-freedom.net/ Version 1.
Your Freedom User Guide Page 2 of 52 All trademarks used in this guide are trademarks of their respective owners and only used for reference. The most current version of this guide is available from our web page, http://www.your-freedom.net/, in the Documentation section. Please check if there is a later copy available if you encounter problems or you cannot find needed information in this copy. This guide is © Copyright 2006, 2007 by resolution Reichert Network Solutions GmbH, Saarbrücken, Germany.
Your Freedom User Guide Page 3 of 52 Index 1 Introduction.......................................................................................................... 5 1.1 What is Your Freedom? ............................................................................... 5 1.2 What is it not? .............................................................................................. 5 1.3 What can I use it for? ................................................................................... 5 1.
Your Freedom User Guide Page 4 of 52 3 Advanced usage................................................................................................ 48 3.1 FreeFreedom (usage free of charge) ......................................................... 48 3.2 Packages ................................................................................................... 48 3.3 Test drives.................................................................................................. 50 4 Troubleshooting........
Your Freedom User Guide Page 5 of 52 1 Introduction 1.1 What is Your Freedom? Is your Internet access somehow restricted? Are some web pages not accessible to you, or are you unable to run applications because of such restrictions? Then Your Freedom is for you. Although the techniques used by Your Freedom to break through such restrictions are fairly complicated, it is not difficult to use.
Your Freedom User Guide Page 6 of 52 • • many others. You may not use P2P protocols because someone thinks it’s illegal 1 ? Most P2P clients work nicely with Your Freedom, and you can even get a server port, which gives you a “high id”. Blacklists You may not visit certain web pages? Try Your Freedom. It turns your local PC into an unrestricted web proxy that provides access to all web pages that are generally accessible.
Your Freedom User Guide Page 7 of 52 This is only a very simple scenario but it illustrates that the Your Freedom client application and the Your Freedom server act as intermediate hops for your application connections. 1.5 Is it secure? Is it anonymous? Does it compromise my security? Can I catch a virus? Connecting to the Internet through Your Freedom is generally less dangerous than connecting through a dial-up connection.
Your Freedom User Guide Page 8 of 52 With regards to viruses: we do not have any virus protection mechanisms built into the service and therefore do not provide any virus protection 2 . Please install antivirus software on your PC. 1.6 What does it cost? A fundamental service is provided for free. It is restricted in bandwidth and the number of simultaneous streams, and there is a time limit for the connection between the client and the servers (but you may reconnect immediately).
Your Freedom User Guide Page 9 of 52 Also look at the server load. The higher the number, the more loaded the server. A load below 40000 is considered low, loads above 125000 are considered high. We use a traffic light scheme to quickly indicate the server state. A “green” light indicates that the server is fine and can accept your connection.
Your Freedom User Guide Page 10 of 52 2 First steps 2.1 Registration process Your first step in using our service is to register on our web site. You need to visit http://www.your-freedom.net/ and create an account there. There is a link underneath the login and password form fields in the red part of the banner. On the registration page, choose a username (preferably one that is not likely already used) and provide a password. Please make it long enough, it’s for your protection, not ours.
Your Freedom User Guide Page 11 of 52 • Windows Installer Windows users who already have a suitable Java Runtime Environment 3 installed on their system and who have enough rights to install software should be able to use this version. The download is about 1 megabyte in size. If you are unable to download files ending in .exe, try to copy the link location and paste it in the URL field of a new browser window, then change the .exe to .txt.
Your Freedom User Guide Page 12 of 52 Do as you are told and click on the “Next” button. You’ll see this page: If your Internet connection is through a web proxy, enter the details here. If you are unsure, try to click “Next” first.
Your Freedom User Guide Page 13 of 52 (ignore the “auto-choose best” part) you need to figure out about your web proxy (or configure everything manually, e.g. if you want to use an FTP proxy!). If you get this: then you’ve filled in the proxy details properly but you need to authenticate on the proxy.
Your Freedom User Guide Page 14 of 52 … and fill in suitable login credentials. In many cases this will be your Windows Domain login (don’t forget to fill in the domain as well!). Just try until it works, you can click “Next” to try. If you see this page: it means that you have not provided a working proxy configuration. Click on “Back” and modify the hostname/IP address and/or the port setting.
Your Freedom User Guide Page 15 of 52 port 80, 8080 or 3128, to name the most popular ports. Check your web browser’s configuration, it should be able to tell you. Oh by the way, if you find that the wizard has the proxy details already filled in, then it’s not magic – it just found them in your PC’s registry and probably has made life easier for you. Let’s assume you’ve been able to make it work.
Your Freedom User Guide Page 16 of 52 On this page, enter your Your Freedom username and password; it’s the same you used to download the client from our web page. Click on “Next”. It seems you’re done now! Click on “Save and Exit”.
Your Freedom User Guide Page 17 of 52 Note that the client just doesn’t know anything about the server and your account’s profile before you’ve connected to the server, that’s why some of the values seem to be somewhat odd (including the bandwidth – it’s not unlimited unless you’ve bought a package).
Your Freedom User Guide Page 18 of 52 Note that all the details are now filled in, and the bandwidth reads “64.0k”. That’s kilobits, about the speed of an ISDN connection or a bit faster than with a high-speed modem. Click on “Account Profile” now.
Your Freedom User Guide Page 19 of 52 This panel contains your account details. Without a package, you may not use any special servers (just the default ones), your bandwidth is limited, your maximum number of simultaneous streams is rather low and you may not relay connections from other PCs that use your PC as proxy. Your server connection will be terminated after 60 minutes (but you may reconnect when it happens). No server ports are assigned to you so none of them are forwarded to you.
Your Freedom User Guide Page 20 of 52 This is a list of applications whose configurations can be modified automatically by Your Freedom. The ones that are installed on your system have working checkboxes, the other ones are greyed out. Tick the ones you wish to use with Your Freedom, then click “OK”. You’ll see something like this: Hope it’s all successful! Then click “OK”.
Your Freedom User Guide Page 21 of 52 This tells you that your local PC is now acting as a SOCKS4/5 proxy on port 1080 and as a Web Proxy on port 8080. To change these values, untick the service, then modify the port, then re-activate (this can be done on-the-fly!). “Relay for others” will only work with some packages. Everything below is pretty sophisticated stuff and certainly not aimed at first time users, and will be covered in chapter 2.5 on page 26.
Your Freedom User Guide Page 22 of 52 hostname is “localhost” and the IP address is “127.0.0.1”) on port 1080 as SOCKS proxy. This is preferable over the web proxy configuration (if you’ve got the choice) but both will normally do. Use SOCKS5 if you can. If it doesn’t work (some applications have buggy SOCKS implementations) try SOCKS4. 3) By using a “socksifying” application to run your application from.
Your Freedom User Guide Page 23 of 52 Now click on “Settings”.
Your Freedom User Guide Page 24 of 52 Fill in the values as shown (making a note of the original values so you can revert to you previous configuration when you are not using Your Freedom), then click OK in both windows. Firefox now uses the Your Freedom connection. 2.4.2.2 Setting up Internet Explorer Like all browsers, IE supports proxies directly. What’s more, IE’s proxy configuration is actually shared by many other applications as well. Select “Tools”, “Internet Options”.
Your Freedom User Guide Page 25 of 52 If you are using a LAN connection, click on “LAN Settings”, otherwise choose the connection you use to connect to the Internet and click on “Settings”.
Your Freedom User Guide Page 26 of 52 Tick the checkboxes for “Use a proxy server” and for “bypass proxy server for local addresses”. Then click on “Advanced”. Another window will open: Fill in the values as shown. Then click “OK” in all the windows. Internet Explorer now uses the Your Freedom connection (and consequently only works when the connection is up). We recommend you make a note of the original settings that allows you to revert them when you are not using Your Freedom. 2.
Your Freedom User Guide Page 27 of 52 On the “Server Connection” tab, configure the Your Freedom server name or IP address (several names or IPs can be separated by semicolon – but no additional spaces!). Select the connection protocol from the pull-down menu, and the default port should automatically appear (change if necessary). Or use the wizard to see your server connection options and let the client choose the best way (but configure the proxy settings first!).
Your Freedom User Guide Page 28 of 52 Fill in your Your Freedom username and password, and choose a different language if you like. Many texts and messages are available in other languages and it may be easier if you change the setting. Note that you have to restart the client to make the change effective when you are all done.
Your Freedom User Guide Page 29 of 52 There’s a lot you can configure here. You might want to use the wizard to configure a web proxy but you don’t have to, there’s not much difference but the client will check if your settings appear to be correct. If you know the details, just fill them in. You’ll probably need to configure the address (host name or IP address) and the port.
Your Freedom User Guide Page 30 of 52 “Messages” panel. If you can’t get the connection to work, check out chapter 4.1 on page 50 to see how you can help us to help you. Once you are connected, check out your connection profile by clicking on the “Account Profile” tab. It should look somewhat similar to this (but it won’t be as generous as mine I’m afraid ☺): Most things in here should be fairly self-explanatory, except maybe for “server groups” and “remote port forwards”.
Your Freedom User Guide Page 31 of 52 All options in here can be changed while the connection is active and will have immediate effect. If you wish to modify the local ports on which your PC becomes a web or SOCKS proxy, uncheck the service first, then change the port number, and tick the box again. If you would like your PC to accept requests from other PCs on the local network and forward them through your Your Freedom connection, tick the “Relay for others” box.
Your Freedom User Guide Page 32 of 52 Now instead of connecting via SSH to “some.host.somewhere” on port 22, you simply instruct your SSH client to connect to “localhost” on port 2222. Your Freedom will put the connection through for you. Note however that if the remote host is unreachable the SSH client will still see a working connection, but it will time out quickly. This is just one of many examples how you can use this feature.
Your Freedom User Guide Page 33 of 52 It is not absolutely necessary to use the same numbers for “remote port” and “local port”, but we have found that many applications are too silly to announce another port to “the network” than they actually listen on. For example, BitTorrent clients usually can announce different external IP addresses and ports, but 99 % of all trackers will simply ignore this.
Your Freedom User Guide Page 34 of 52 Option Description Type Arguments autoscroll_messages Scroll message single window optional automatically when new messages appear “true” or “false” (default) avoid_dns Use the server’s IP address, not the host name (if known) single optional “true” or “false” (default) bw_downlink Desired downlink (server to client) bandwidth in bits per second single optional Bits per second. 0 means “unlimited”.
Your Freedom User Guide Page 35 of 52 recommendations to use another server you don’t care which server type you are using. fool_pix Try a hack that can fool old PixOS versions into bypassing WebSense single hidden “true” or “false” (default). Only turn on if you know that your connection is passing through an old PIX firewall using WebSense and you cannot connect; it may work with this set to “true”.
Your Freedom User Guide Page 36 of 52 accepts it or the value falls below minimum_post_size. If you know your proxy’s limits put it in here, it saves connection time. level_messages Only show messages above this level in Messages panel single optional 0 is “debug”, 7 is “emergency”. Default is 1 “informational”. language Your preferred language (ISO 2 letters, lowercase) single optional Defaults to “en”. Only a few languages are supported, see the Configuration dialog.
Your Freedom User Guide Page 37 of 52 password portaccept Forwards a server port to a local port multi optional server port local host local port portforward Forwards a local port to a remote port multi optional local port remote host remote port protocol The connection protocol to use single required One of: “http”, “https”, “cgi”, “ftp”, “udp”. There are more but they are experimental and they don’t work.
Your Freedom User Guide Page 38 of 52 you don’t want it to) rekey Change encryption key frequently single optional “true” or “false” (default). The wizard will set this to “true”, and there’s normally no reason why you would want to set it to “false” unless you suspect that there’s a bug in our key negotiation code and you lose connection. relay Allow others to use your Your Freedom session as well boolean optional Set to “true” or “false” (or remove).
Your Freedom User Guide Page 39 of 52 username instead of HTTP/1.0 in requests hidden stupid, try if this fixes the problem. Can either be “true” or “false” (default) Your Your Freedom username single required One: your Your Freedom username 2.6 Starting and stopping the connection 2.6.1 Each user may only log in once That’s right. Each user can only log in from one PC at the same time.
Your Freedom User Guide Page 40 of 52 The YF client will tell you where the server is located when you are connected (and also in the connection wizard). Unfortunately we don’t have many servers outside Europe, simply because a) they are unaffordable – unmetered high-bandwidth dedicated servers are vastly expensive in most places outside Europe.
Your Freedom User Guide Page 41 of 52 access anymore to any of our servers. Our idea is that it’s fairly simple to block all our IP addresses as they pop up because we cannot have new ones every day, but it won’t be possible to do something about thousands of new URLs every day that haven’t got anything in common. It is quite obvious why people would like to use such a “CGI relay” – because they have to.
Your Freedom User Guide Page 42 of 52 these lists to simply get imported into URL blacklists. But the YF client will soon learn how to find the relays. No, we won’t say how, figure it out. :-) If you would like to set up such a CGI relay, you can download the script at http://www.your-freedom.net/FIXME. Have a look at the first lines – you need to choose which server you would like to relay to and put the server’s name in. Save it under an inconspicuous name (use the right ending if you have to).
Your Freedom User Guide Page 43 of 52 Adjust the sliders to your needs. For example, if you would prefer a server in North America but only if it’s not a bad choice otherwise, move the “North American server” slider somewhat to the left. If you require a server there, move it all the way to the left. If you absolutely don’t want to use a server based there, move the slider all to the right. For most of the options, only the end and middle positions are useful.
Your Freedom User Guide Page 44 of 52 is referred to by the application, the library automatically gets loaded – but only if it hasn’t been loaded within the application’s context already! The trick is to make sure that the library has already been loaded before the application starts – but a hacked version of it. One that knows what to do with a SOCKS server. 2.8.1 Windows There are many socksification tools on the market; here are some examples: 2.8.1.
Your Freedom User Guide Page 45 of 52 OpenVPN binary setuid root in your path). On typical company PCs with domain login you won’t have administrative rights. 2.9.2.2 OpenVPN needs to be installed OpenVPN is Freeware and Open Source (but please consider donating). If you have the ability to install software on your PC, go to http://openvpn.net/download.html and download OpenVPN.
Your Freedom User Guide Page 46 of 52 2.9.3.2 Know your networking environment If you are behind a firewall and need to be able to reach servers that have Internet IP addresses but are not reachable from the Internet, you need to add route exclusion lines to your config file (see chapters 2.5.2 and 2.5.3 on page 33). 99% of all users won’t have to configure excludes. All non-Internet IP addresses are automatically excluded anyway (this covers 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16).
Your Freedom User Guide Page 47 of 52 2.9.4 Configure your applications Now that’s the part you’ll like most: you don’t have to! No need to configure a proxy, no need for socksifiers. Just make sure your applications are not using any proxy and that should be it. Note however that since your PC is not connectable from the Internet through the OpenVPN tunnel, applications who rely on this won’t work.
Your Freedom User Guide Page 48 of 52 3 Advanced usage 3.1 FreeFreedom (usage free of charge) We offer a very basic service for free. It is good enough to make yourself familiar with Your Freedom and test whether or not your application will work with Your Freedom. It might be good enough for you, in which case you are welcome to use it as much as you like. There are several restrictions in the FreeFreedom profile.
Your Freedom User Guide Page 49 of 52 Bandwidth Concurrent Streams Free Basic Enhanced Total 64 kbit/s 256 kbit/s 4 Mbit/s unlimited 6 30 100 200 1 hour unlimited unlimited unlimited Web Proxy Socks Proxy Link encryption HTTP connection HTTPS connection CGI connection FTP connection UDP connection Relaying permitted Connection time Server Ports (5) 1 month package free € 4.00 € 10.00 € 19.99 3 month package free € 10.00 € 28.00 € 57.99 6 month package free € 17.00 € 50.
Your Freedom User Guide Page 50 of 52 3.3 Test drives If you are considering to buy a package but are not sure whether it will be what you expect, how about a test drive? Log in to our web page at www.your-freedom.net, click on “Prices”, and click on the “Try Before You Buy” link on the left. Everyone is welcome to try, but notice that we only allow test drives for accounts that have been created at least 3 days ago and that haven’t tested extensively already.
Your Freedom User Guide Page 51 of 52 4.2 Creating a “dump” file Depending on how you start Your Freedom, there are different ways how to start it in dump mode. All of them have in common that they use a command line option, but this may be hidden from you by your desktop environment. The Windows installer version can be run in dump mode from the Start menu; they create a file called “dump.log” in the installation directory.
Your Freedom User Guide Page 52 of 52 ZG9tIChIZWxwZGVzaykgPGluZm9AeW91ci1mcmVlZG9tLm5ldD6IZgQTEQIAJgUC RWWnXwIbIwUJCWYBgAYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEIhgg11q73cP jgcAn1gxUa9gz2CWhzp24tOzxK1RF1aMAJ9Ds5zAe8dnFe9ClglblX3WN+tln4hG BBMRAgAGBQJFZaj0AAoJEL3eBfqpID+5N8wAnjuUb4t7GvRkaP0y7vlHzzrvknqh AJ9eB2csiPbkuJBm3Le7ztxrjWrTCbkCDQRFZadwEAgA90ZDIAf8Xl0y718Pcd7h xfOHfTeBSrliZkBTKQYLJRKuGtmt5Q0aG3J29URT4dG1vT05AlDck3hQAMLytRTg T4+TRHZP2xl5r5HQ/CNkuEQGozJR+EyfHqrdLhT8VbeYhDOMGtM9AcMTQdxbPx1A fOUmeYalrByPh6c+FI/
