Skip to content

Installation

krlvm edited this page Aug 2, 2021 · 24 revisions

Applies to:

  • PowerTunnel v1.0 and higher
  • PowerTunnel for Android v1.0 and higher

Summary: PowerTunnel is a portable Java application with simple installation process. This article describes how to install PowerTunnel on a PC and configure it.

Table of contents:

  1. Requirements
  2. Getting the executable
  3. Launching PowerTunnel
  4. Configuring proxy server
  5. Configuring PowerTunnel
  6. Configuring DPI circumvention
  7. Troubleshooting

Requirements

  • Java: JRE 8 and higher [Download Java]
  • Operating System: any OS that Java supports (Windows, macOS, GNU/Linux distributions, etc.)
  • Disk Space: 20 MB

Getting the executable

You need to obtain a PowerTunnel executable .jar file. The official binary can be downloaded from the Releases page, it can also be built manually (you need IntelliJ IDEA to build version <= 1.14, version 1.15 and higher uses Gradle build).

After downloading the .jar file it is recommended to create a new directory (e.g. PowerTunnel) and put the file there.

There's also some unofficial PowerTunnel Docker containers:

Launching PowerTunnel

PowerTunnel can work in two modes: console (headless mode) or graphical (with user interface).

To launch PowerTunnel in graphical mode just double-click the file. If it not opening or opening as archive, check properties of the file and make sure it opens with Java JRE or OpenJDK and not with an archiver.

To launch PowerTunnel in console mode open terminal (CLI) in the directory that contains PowerTunnel.jar and execute the following command (assuming JAVA_HOME is in your Path:

  • to run _with _console window (java): java -Dfile.encoding=UTF-8 -jar PowerTunnel.jar -console
  • to run _without _console window (javaw): javaw -Dfile.encoding=UTF-8 -jar PowerTunnel.jar -console

To stop PowerTunnel launched in console mode press Ctrl+C in the terminal window. If you launched it without a console window, you need to kill javaw process - check its arguments to make sure you killing PowerTunnel but not another Java application you're running.

Configuring proxy server

After you've launched PowerTunnel, you need to start proxy server to make it work.

PowerTunnel Network Configuration

The default address of the proxy server is 127.0.0.1:8085. Customize it if the port is already used. To make PowerTunnel Proxy Server accessible outside your device, set IP Address to 0.0.0.0 (the server will be accessible from both external IP and localhost) or to a specified IP Address.

Then you need to set the system proxy server. If you're on Windows, PowerTunnel will do it automatically (auto proxy configuration can be disabled though). If you are using another OS, or want to configure the proxy automatically, check this manual for Windows or search Google for manual for your GNU/Linux distribution or your macOS version. If you're using Windows 10 it's highly recommended to add all Microsoft servers to the exception list to boost performance.

Configuring PowerTunnel

After starting the server for the first time configuration files will appear in the directory: settings.ini, government-blacklist.txt, user-blacklist.txt and some other files.

There's two ways to configure PowerTunnel: from CLI or by modifying settings.ini. The latter can be modified via built-in Settings page in GUI mode.

To configure from CLI add the needed arguments to the launch command. The list of supported arguments is here.

Configuring DPI circumvention

The default settings should work in most cases. If they doesn't work, try different combinations - there's no an "unique" receipe. The most powerful option is SNI Tricks, hovewer, it can broke some websites, so you need to fill the list of the resources that are blocked by your ISP or government (see below).

ISP Blocklist. Performance, stability and accuracy can be improved by filling government-blacklist.txt. By default it is in global mode (*). Remove the asterisk and write down the list of the blocked websites - one website per line without protocol (i.e. don't write http:// or https://). If you need to access sub1.example.com and sub2.example.com, but these websites are blocked, the most likely that example.com is blocked too - you can write one line instead wroting both urls: *.example.com. Hovewer, regexp is not supported.

If you have a website that provides the list in that format, you can fetch it automatically every time you start PowerTunnel - there's an option in version 1.8 and higher called "Government blacklist mirror", to configure it from CLI use -government-blacklist-from [URL].

If you're in Russia, you can use this auto-updated list (credits to GoodbyeDPI and AntiZapret)

ISP Stub List. If your ISP redirects you to their website with message like "This resource is blocked", you can put domain of this page to isp-stub.txt, but it doesn't have effect on DPI circumvention.

Applying HTTP tricks to HTTPS. There's also an option "Apply HTTP tricks to HTTPS packets". It is disabled by default and there's no reason to enable it, it is completely useless until your ISP or government forces you to install their Root CA like in Kazakhstan in 2019 - in this case, theoretically, all your HTTPS traffic looks like HTTP for the DPI and this may be useful.

User Blocklist. There's file user-blocklist.txt - it can be used to make PowerTunnel also work like a simple firewall. You can put Ad Providers domains there to get rid of ads in all applications that use the proxy.

DNS / DoH. PowerTunnel supports resolving hostnames via custom DNS or DoH (DNS over HTTPS) servers and DNSSec.

DNS or DoH server can be specified in Settings GUI or via CLI - add argument -use-dns-server [URL], where URL is recognized as DNS if it's plain IP Address (e.g. 8.8.8.8) or DoH if it starts with https:// (e.g. https://dns.google/dns-query). If DoH doesn't work, try resolving the domain manually: e.g. dns.google IP Address is 8.8.8.8, so you can type https://8.8.8.8/dns-query. List of servers tested with PowerTunnel both PC and Android can be found there.

DNSSec can also be enabled both through the GUI and through the CLI, to enable it through CLI launch PowerTunnel with argument -use-dns-sec.

Troubleshooting

If you are experiencing problems, it's recommended to check if your Java installation is corrupted. Browse the issues page - maybe you can find a solution there, or open a new one.

If PowerTunnel doesn't circumvent DPI or recently stopped to work, most likely your ISP upgraded its DPI systems - try experimentally changing your PowerTunnel settings, if it still doesn't work let us know anyway by submitting a new issue.

Clone this wiki locally