/etc/tor/torrc [just the relevant lines, using iptables to redirect from advertised obfs3port to actual] ------------------- ServerTransportPlugin obfs3 proxy a.b.c.d:[advertisedobfs3port] ExtORPort auto ------------------- /etc/apparmor.d/usr.bin.obfsproxy ------------------- #include # vim:syntax=apparmor /usr/bin/obfsproxy { #include #include network inet stream, /dev/random r, /dev/urandom r, /etc/nsswitch.conf r, /etc/passwd r, /usr/** r, /usr/bin/obfsproxy rix, /var/log/tor/obfsproxy rw, signal (receive) set=("term") peer=system_tor, } ------------------- /etc/apparmor.d/local/system_tor ------------------- # Site-specific additions and overrides for system_tor. # For more details, please see /etc/apparmor.d/local/README. signal (send) set=("term") peer=/usr/bin/obfsproxy, ------------------- /etc/init.d/obfsproxy ------------------- #!/bin/bash PIDFILE="/var/run/obfsproxy.pid" DEST="127.0.0.1:[ORPort]" SERVER="a.b.c.d:[obfs3port]" DAEMON="/usr/bin/obfsproxy -- --profile=/usr/bin/obfsproxy -- /usr/bin/obfsproxy --log-file=/var/log/tor/obfsproxy --log-min-severity=info obfs3 --dest $DEST server $SERVER" ### BEGIN INIT INFO # Provides: Obfsproxy # Required-Start: # Required-Stop: # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Obfsproxy ### END INIT INFO case "$1" in start) echo "Starting Obfsproxy" /sbin/start-stop-daemon --make-pidfile --background --oknodo --start --pidfile $PIDFILE --chuid debian-tor:debian-tor --startas /usr/sbin/aa-exec --exec $DAEMON ;; stop) echo "Stopping Obfsproxy" /sbin/start-stop-daemon --stop --pidfile $PIDFILE --verbose ;; restart|reload) /sbin/start-stop-daemon --stop --pidfile $PIDFILE --verbose sleep 1 /sbin/start-stop-daemon --make-pidfile --background --oknodo --start --pidfile $PIDFILE --chuid debian-tor:debian-tor --startas /usr/sbin/aa-exec --exec $DAEMON ;; *) echo "Usage: /etc/init.d/obfsproxy {start|stop|restart|reload}" exit 1 ;; esac exit 0 -------------------