/ROOT/NODES/POSTS/2026/01/24

Internet Science Popularization Series - What is the Great Firewall of China?

STAMP: 2026-01-24 // UID: 8884fcd9 // AUTH: VERIFIED
Premium Promo Premium Promo Premium Promo Premium Promo

What is the Great Firewall of China?

Simply put, the Great Firewall of China is a system and a series of policies used by the Chinese government to control and filter internet information. It acts like a "digital Great Wall," designed to "protect" internet users within China, but at the same time, it significantly restricts their access to information from abroad and their ability to communicate freely with the outside world.

What is its purpose?

The main functions of the Great Firewall can be summarized as follows:

  1. Information Censorship and Filtering: This is the core function. It prevents users within China from accessing websites and content deemed inappropriate, unsafe, or a threat to national stability. This includes, but is not limited to:
  2. Politically sensitive information: Any content that criticizes the government, discusses sensitive historical events (such as the Tiananmen Square incident), or involves political dissent.
  3. Pornographic and violent content: Filtering out pornographic and violent content that does not comply with Chinese laws and regulations.
  4. Foreign social media and news websites: Many internationally renowned social media platforms (such as Facebook, Twitter, Instagram, YouTube) and news websites (such as the New York Times, BBC) are not directly accessible in China.
  5. VPNs and proxy services: Many tools used to bypass the firewall are also blocked.
  6. Maintaining National Security and Social Stability: The Chinese government believes that by controlling the flow of information, it can prevent hostile foreign forces from using the internet for subversive activities, thereby maintaining national sovereignty and security, as well as social stability.
  7. Promoting the Development of the Domestic Internet Industry: Some argue that by restricting the entry of foreign competitors, it provides development space and market advantages for Chinese domestic internet companies (such as Baidu, WeChat, Weibo, etc.).

The Significance of its Genesis

The Great Firewall did not appear overnight, but was gradually established and improved during the development of the internet in China. Its initial significance was mainly reflected in:

  • Responding to the early impact of internet information: With the popularization of the internet, a large amount of foreign information began to flow in. The Chinese government wanted a way to manage this information flow to prevent it from having a "negative" impact on domestic social and political order.
  • Establishing national information sovereignty: In the era of globalized information, China wanted to control its own national cyberspace and ensure that information dissemination conformed to national interests and values. * Early Technological Attempts and Policy Exploration: Initially, it was likely more of a technical experiment and policy exploration. With the development of technology and the accumulation of management experience, a complex system gradually formed.

Its Core Operating Principles (Simplified Version)

The operation of the Great Firewall is a complex technical and management system, but we can understand it from several core aspects:

  1. IP Address Blocking:
  2. How ​​it works: When you try to access a website, your request goes through China's internet exit points. The firewall checks the IP address of the website. If this IP address is on the "blacklist" (i.e., considered not allowed to be accessed), the firewall will directly prevent your computer from communicating with that server.
  3. Analogy: It's like a security guard at your front door, seeing someone (IP address) who is not allowed in your house, and directly preventing them from entering.
  4. DNS Poisoning/Hijacking:
  5. How ​​it works: When you type a website address (such as www.example.com) into your browser, your computer needs to find the corresponding IP address through a DNS server. The firewall interferes with this process. It may return an incorrect IP address, or not return any address at all, preventing you from finding the target website.
  6. Analogy: You ask a passerby for directions to a certain place, and the passerby deliberately tells you the wrong way, or says they don't know the way, so you can't get to that place.
  7. Keyword Filtering:
  8. How ​​it works: When you send or receive data packets (such as browsing web pages, sending messages), the firewall checks the content of the data packets. If it finds prohibited keywords (such as "Tiananmen," "Falun Gong," etc.), it will block the transmission of the data packet or directly disconnect your connection.
  9. Analogy: It's like a letter inspector who opens your letter, sees something that shouldn't be written inside, and confiscates the letter.
  10. Deep Packet Inspection (DPI):
  11. How ​​it works: This is a more advanced technology. The firewall doesn't just look at the "header" of the data packet (such as the IP address), but also "opens" the data packet and examines its specific content. This allows it to identify and block encrypted VPN traffic, or identify connection patterns to specific websites.
  12. Analogy: It's not just looking at the address on the envelope, but opening the letter and reading the contents word by word.
  13. Connection Reset:
  14. How ​​it works: If the firewall detects that you are accessing a prohibited website, it will send a "reset" signal to your computer and the target server, forcing the connection between them to be interrupted.
  15. Analogy: You're on the phone with a friend, and suddenly someone cuts the phone line.

How to bypass the Great Firewall?

Bypassing the Great Firewall refers to the act of circumventing the Great Firewall of China to access websites and services that are blocked within China.

Legal Methods:

In China, strictly speaking, there are no "legal" methods to bypass the Great Firewall. Because national laws and regulations clearly define the boundaries of internet information dissemination, establishing or using "illegal" network channels to bypass the firewall without permission may violate the law.

However, in practice, some businesses or research institutions may obtain government permission to use specific, approved international dedicated lines or VPN services for legitimate business or research purposes. But these are usually not easily accessible to ordinary individual users.

Illegal Methods (Warning: Do not attempt, may violate the law):

For ordinary individual users, there are some technical means available to try to bypass the firewall, but these actions carry legal risks and may be blocked. These methods usually include:

  1. Using a VPN (Virtual Private Network):
  2. Principle: A VPN establishes an encrypted tunnel between your computer and a VPN server outside of China. All your network traffic is first sent through this tunnel to the VPN server, and then accesses the internet from the VPN server. This way, the firewall sees the communication between you and the VPN server, and cannot directly see the content of the foreign websites you are accessing.
  3. Risks: The Great Firewall actively detects and blocks known VPN server IP addresses and VPN protocols. Therefore, many VPN services are unstable in China and often require changing servers or using special "obfuscation" techniques to evade detection. 2. Using a Proxy Server:
  4. Principle: A proxy server acts as an intermediary. You send your access request to the proxy server, which then accesses the target website and returns the result to you.
  5. Risks: There are many types of proxy servers, some of which are public and easily blocked. Some more advanced proxy technologies (such as Shadowsocks, V2Ray, etc.) attempt to bypass detection through encryption and obfuscation, but they still face the risk of being blocked.
  6. Using an SSH Tunnel:
  7. Principle: Utilizes SSH (Secure Shell Protocol) to establish an encrypted connection, forwarding your network traffic through this connection to a server outside of China.
  8. Risks: Similar to VPNs, SSH connections can also be detected and blocked.

Important Warnings:

  • Legal Risks: In mainland China, using or providing tools and services for bypassing internet censorship without permission may be considered illegal business operations or the dissemination of illegal information, leading to legal penalties.
  • Security Risks: Some free or low-cost services claiming to bypass internet censorship may have security vulnerabilities, potentially stealing your personal information or installing malware.
  • Instability: Even if you can bypass censorship, the stability of these tools cannot be guaranteed due to the continuous upgrading of the firewall, and they may become ineffective at any time.
# SOURCE_NODE:
# LICENSE: CC-BY-NC-SA-4.0
// EOF_SIGNAL_RECEIVED