Changes between Version 4 and Version 5 of TrafficObfuscation


Ignore:
Timestamp:
02/13/13 20:21:59 (5 years ago)
Author:
David Sommerseth
Comment:

Added example on how to use obfsproxy

Legend:

Unmodified
Added
Removed
Modified
  • TrafficObfuscation

    v4 v5  
    3131}}}
    3232
     33
     34== A quick obfsproxy setup ==
     35
     36This setup will start obfsproxy on your openvpn server, listening to the port 21194.  On the client it will start a obfsproxy serving as a SOCKS proxy, listening on the client on port 10194.  The part which says "<some-random-key>" needs to be the same value on both server and client.  The key can be a longer text string, with just random letters.  I'd recommend to keep it long (at least 32 characters, which is 256 bits).
     37
     38=== Client side ===
     39Add the following lines to your existing openvpn config file:
     40
     41{{{
     42socks-proxy-retry
     43socks-proxy 127.0.0.1 10194
     44}}}
     45
     46and change the --remote option to be
     47{{{
     48remote <YOUR-VPN-SERVER> 21194
     49}}}
     50
     51That is, changing the port number to match the port number the server side obfsproxy will listen to.
     52
     53Then start the obfsproxy like this:
     54
     55{{{
     56 [user@host: ~] $ obfsproxy --log-file=obfsproxy.log --log-min-severity=info obfs2 \
     57      --shared-secret=<some-random-key> socks 127.0.0.1:10194
     58}}}
     59
     60=== Server side ===
     61Here we tell obfsproxy to listen to TCP port 21194 and to send any obfsproxy clients to the OpenVPN server, listening on 127.0.0.1, port 1194.  And remember to allow TCP connections from the "outside" to port 21194 in your firewall config.  Start obfsproxy like this:
     62{{{
     63 [user@host: ~] $ obfsproxy --log-file=obfsproxy.log --log-min-severity=info obfs2 \
     64      --dest=127.0.0.1:1194 --shared-secret=<some-random-key> server 0.0.0.0:21194
     65}}}
     66
     67The OpenVPN server needs in this case just this line in the config:
     68{{{
     69port 1194
     70}}}
     71
     72That's all the magic, and should be a complete working setup.
     73
    3374A user provided an OpenVPN installer which bundles OpenVPN with obfsproxy. Look [http://sourceforge.net/mailarchive/message.php?msg_id=28851866 here] for downloads and instructions.
    34