There is currently the situation that on some schools (and maybe also firms) in this region that only whitelisted ports to the outside world are opened. Connections are established through a socks proxy when you want to connect to a computer which is not part of the local network. They use simple pattern matching to find "dangerous" words before delivering the content to the client which of course creates many false positives. Most of time they disable encrypted versions of a protocol (like HTTPS or POP3S) so the users most use the unencrypted versions. The problem is that some content is only provided when you connect over https on some webpages (like login pages or svn commit support on sourceforge). "Unknown" ports will also be filtered - so git-fetch over git's own protocol will propably fail.
The first idea was to use a dedicated server to use a vpn connection but I found an easier way using the ssh and connect-proxy. OpenSSH has a so called dynamic ports forwarding mode. This is just a simple socks4/5 proxy which tunnels everything over a ssh tunnel. No root access is needed on your remote ssh server so it is quite easy to find a server and proxies I've tested also allowed ssh connections.
connect-proxy will allow us to tunnel our ssh session over the socks proxy. We only have to add an special Host entry to out ~/.ssh/config
Host local-proxy
# SSH Server
Hostname REMOTE_SSH_SERVER
User SSH_USER
# Proxy gateway to the outside
ProxyCommand connect-proxy -S PROXY_HOST:PROXY_PORT %h %p
# Local configuration
DynamicForward localhost:1080
Afterwards it should be possible to use ssh -N local-proxy
to start your local socks proxy and to use
localhost:1080 as your normal socks proxy. If your program has no support for
socks you can use tsocks as wrapper
which loads a special library with
LD_PRELOAD to override socket operations to support socks transparently in
each application. You only have to create a ~/.tsocks.conf
server = 127.0.0.1
server_type = 5
server_port = 1080
You can use tsocks sh -c "wget -q -O- http://whatismyipaddress.com/|grep 'LOOKUPADDRESS'"
to test if your tunnel works and you send your
data over the ip of the ssh server instead of your network proxy.