Here is my recipe to quickly and painlessly bypass those.
The only prerequisite : to have a public server or vps ready on the internet to help you.
1. make your ssh daemon wait on port 443 on your public server.The reason is that 443 is the https port which is normally open even on stalinian firewalls (note: it happened to me once that the firewall detected that the traffic was not a genuine https one but it should be really rare)
[...] Port 443 [...]
2. client side, setup a specific ssh configprepare a configuration for your server in ~/.ssh/config
[...] Host myserver HostName server.domain.tld User myuser Port 443 DynamicForward localhost:3141 [...]It says : create a shortcut called "myserver" towards the machine "server.domain.tld", login with user "myuser", on the https port and, most importantly, create a local socks server on port 3141 that will tunnel the traffic through it.
3. install tsocksInstall tsocks on your client. It is a tool that redirects all network traffic from your applications towards a specific socks server.
# on gentoo (be sure the flag tordns is not active) emerge -av net-proxy/tsocks
4. configure tsocksFile : /etc/socks/tsocks.conf
server = 127.0.0.1 server_port = 3141It just tells tsocks to use your local socks proxy you have setup previously
5. start your tunnelLogin to your server from one terminal and leave it there, it should create a socks proxy.
6. enable tsocks on a sessionlet tsocks hijack the session to redirect the sockets creation toward the tunnel
. tsocks onNote: the . (or source) is really important here
You can check if the hijacking has been done correctly with the command "tsocks show", it should answer LD_PRELOAD="/lib/libtsocks.so"