r26157: {website} Switch obfsproxy setup instructions to install the Python ve (website/trunk/projects/en) - tor-commits

12 Apr 2013

Author: asn
Date: 2013-04-12 16:42:35 +0000 (Fri, 12 Apr 2013)
New Revision: 26157
Modified:
   website/trunk/projects/en/obfsproxy-debian-instructions.wml
   website/trunk/projects/en/obfsproxy-instructions.wml
   website/trunk/projects/en/obfsproxy.wml
Log:
Switch obfsproxy setup instructions to install the Python version.
Modified: website/trunk/projects/en/obfsproxy-debian-instructions.wml
===================================================================

--- website/trunk/projects/en/obfsproxy-debian-instructions.wml	2013-04-11 07:21:44 UTC (rev 26156)
+++ website/trunk/projects/en/obfsproxy-debian-instructions.wml	2013-04-12 16:42:35 UTC (rev 26157)
@@ -19,35 +19,38 @@
     <img src="$(IMGROOT)/obfsproxy_diagram.png" alt="obfsproxy diagram"></a>
<p>
-    This guide will help you set up an obfuscated bridge on a Debian/Ubuntu system.
+    <img width="7%" height="7%" style="float: left;" src="$(IMGROOT)/icon-Obfsproxy.jpg">
+    <b> Hey! </b>
+    If you are <b>not</b> using Debian or Ubuntu, you better look
+    <a href="../projects/obfsproxy-instructions.html.en">at this other guide</a>
+    which sets up Obfsproxy from source.
     </p>
+    <br><br>
+
+    <p>
+      This is a <b>Debian/Ubuntu</b> guide for installing the Python
+      version of obfsproxy. If you still have the C version, we
+      recommend you to upgrade to the Python version!
+    </p>
+
     <h3>Step 0: Move to the development version of Tor</h3>
     <br>
<p>
     Add the <a href="<page docs/debian>#development">development Tor
-    APT repository</a> and run the specified commands to install tor
-    and deb.torproject.org-keyring. You need Tor 0.2.4.x because
+    APT repository</a> and run the specified commands to install <code>tor</code>
+    and <code>deb.torproject.org-keyring</code>. You need <em>Tor 0.2.4.x</em> because
     it knows how to automatically report your obfsproxy address to <a
     href="https://bridges.torproject.org/?transport=obfs2">BridgeDB</a>.
     </p>
<h3>Step 1: Install obfsproxy</h3>
-    <br>
<pre style="margin: 1.5em 0 1.5em 2em">
 # apt-get install obfsproxy
     </pre>
-    <p>
-    Obfsproxy requires libevent2. If your distribution
-    (e.g. Debian squeeze) doesn't include it,
-    you can get the libevent-2.0 package from the <a
-    href="http://backports-master.debian.org/Instructions/%22%3Ebackports</a>
-    repository.
-    </p>
-
     <h3>Step 2: Configure Tor</h3>
     <br>
@@ -66,7 +69,7 @@
 ## CHANGEME_2 -> provide some email address so we can contact you if there's a problem
 #ContactInfo CHANGEME_2
-ServerTransportPlugin obfs2 exec /usr/bin/obfsproxy --managed
+ServerTransportPlugin obfs2,obfs3 exec /usr/bin/obfsproxy managed
     </pre>
<p>
@@ -82,7 +85,7 @@
     </p>
<pre style="margin: 1.5em 0 1.5em 2em">
-service tor restart
+# service tor restart
     </pre>
<p>
@@ -110,22 +113,24 @@
     <p>
     If you're behind a NAT/firewall, you'll need to make your bridge
     reachable from the outside world &mdash; both on the ORPort and
-    the obfsproxy port. The ORPort is whatever you defined in step two
-    above. To find your obfsproxy port, check your Tor logs for a line
+    the obfsproxy ports. The ORPort is whatever you defined in step two
+    above. To find your obfsproxy ports, check your Tor logs for a line
     similar to this one:
     </p>
<pre style="margin: 1.5em 0 1.5em 2em">
 Oct 05 20:00:41.000 [notice] Registered server transport 'obfs2' at '0.0.0.0:26821
+Oct 05 20:00:41.000 [notice] Registered server transport 'obfs3' at '0.0.0.0:42000
     </pre>
<p>
-    The last number, in this case <i>26821</i>, is the TCP port number
-    that you need to forward through your firewall. (This port is randomly
-    chosen the first time Tor starts, but Tor will cache and reuse the
-    same number in future runs.) If you want to change the number, use
-    Tor 0.2.4.7-alpha or later, and set "ServerTransportListenAddr obfs2
-    0.0.0.0:26821" in your torrc.
+    The last number in each line, in this case <i>26821</i> and
+    <i>42000</i>, is the TCP port number that you need to forward
+    through your firewall. (The ports are randomly chosen the first
+    time Tor starts, but Tor will cache and reuse the same number in
+    future runs.) If you want to change the number, use Tor
+    0.2.4.7-alpha or later, and set something similar to
+    "ServerTransportListenAddr obfs2 0.0.0.0:26821" in your torrc.
     </p>
</div>
Modified: website/trunk/projects/en/obfsproxy-instructions.wml
===================================================================
--- website/trunk/projects/en/obfsproxy-instructions.wml	2013-04-11 07:21:44 UTC (rev 26156)
+++ website/trunk/projects/en/obfsproxy-instructions.wml	2013-04-12 16:42:35 UTC (rev 26157)
@@ -18,144 +18,148 @@
<img src="$(IMGROOT)/obfsproxy_diagram.png" alt="client torrc"></a>
-    <p>
-    <img width="7%" height="7%" style="float: left;" src="$(IMGROOT)/icon-Obfsproxy.jpg">
-    <b> Hey! </b>
-    Are you looking for the guide on how to set up an obfuscated
-    bridge on a Debian system?
-    <a href="../projects/obfsproxy-debian-instructions.html.en">Check
-    this out</a>.
-    </p>
-    <br><br>
+      <p>
+        This is a guide for installing the Python version of obfsproxy. If
+        you still have the C version, we recommend you to upgrade to the
+        Python version!
+      </p>
-    <h3>Step 1: Install dependencies, obfsproxy, and Tor</h3>
+    <h3>Step 0: Install dependencies</h3>
     <br>
<p>
-    You will need a C compiler (<em>gcc</em>), the <em>autoconf</em>
-    and <em>autotools</em> build system, the <em>git</em> revision
-    control system, <em>pkg-config</em> and <em>libtool</em>,
-    <em>libevent-2</em> and its headers, and the development headers of
-    <em>OpenSSL</em>.
-     </p>
-
+      To setup obfsproxy you will need <code>git</code>, <code>Python</code>
+      (>= 2.7), <code>Twisted</code> and some common Python modules
+      (<code>setuptools</code>, <code>argparse</code> and <code>PyCrypto</code>)
+      . If you use Debian testing (or unstable), or a version of
+      Ubuntu newer than Oneiric, this is easy:
     <p>
-    On Debian testing or Ubuntu oneiric, you could do: <br>
-    <tt># apt-get install autoconf autotools-dev gcc git pkg-config libtool libevent-2.0-5 libevent-dev libevent-openssl-2.0-5 libssl-dev</tt>
-    </p>
-    <p>
-    If you're on a more stable Linux, you can either <a
-    href="https://trac.torproject.org/projects/tor/ticket/5009#comment:9%22%3Etry
-    our experimental backport libevent2 debs</a> or <a
-    href="https://trac.torproject.org/projects/tor/ticket/5009#comment:17%22%3Ebuild
-    libevent2 from source</a>.
-    </p>
+    <tt># apt-get install git python2.7 python-setuptools python-crypto python-twisted python-argparse</tt>
<p>
-    Clone obfsproxy from its git repository:<br>
-    <tt>$ git clone https://git.torproject.org/obfsproxy.git</tt> <br>
-
-    The above command should create and populate a directory named
-    'obfsproxy' in your current directory.
+      You will also need a recent version of Tor (>= 0.2.4.1). We recommend you use
+      <a href="<page docs/debian>#development">Tor's experimental repositories for Debian/Ubuntu</a>
+      or
+      <a href="https://gitweb.torproject.org/tor.git">install Tor from git</a>.
     </p>
-    <p>
-    Compile obfsproxy: <br>
-    <tt>$ cd obfsproxy</tt> <br>
-    <tt>$ ./autogen.sh && ./configure && make</tt> <br>
-    </p>
+    <h3>Step 1: Install pyptlib</h3>
+    <br>
<p>
-    Optionally, <strong>as root</strong> install obfsproxy in your
-    system: <br>
-    <tt># make install</tt>
+      You will also need pyptlib, a small library developed by the Tor
+      Project for writing pluggable transports.
     </p>
-    <p>
-    If you prefer not to install obfsproxy as root, you can instead
-    just modify the Transport lines in your torrc file (explained below)
-    to point to your obfsproxy binary.
-    </p>
+    <tt>$ git clone https://git.torproject.org/pluggable-transports/pyptlib.git</tt><br>
+    <tt>$ cd pyptlib && python setup.py install</tt><br><br>
<p>
-    You will need Tor 0.2.3.11-alpha or later.
+      You might need to run the <em>python setup.py install</em>
+      command as root. If you don't want to run it as root, you can
+      use <em>python setup.py install --user</em> which will install pyptlib
+      just for the current user.
     </p>
-    <hr>
-
-    <h3 id="client_instructions">Step 2a: If you're the client...</h3>
+    <h3>Step 2: Install and test obfsproxy</h3>
     <br>
<p>
-    First, you need to learn the address of a bridge that supports
-    obfsproxy. If you don't know any, try asking a friend to set one
-    up for you. Then the appropriate lines to your <a href="<page
-    docs/faq>#torrc">tor configuration file</a>:
+      Now it's time to fetch obfsproxy and test that it works:
     </p>
+    <tt>$ git clone https://git.torproject.org/pluggable-transports/obfsproxy.git</tt><br>
+    <tt>$ cd obfsproxy</tt><br>
+    <tt>$ python obfsproxy/test/tester.py</tt><br><br>
+
     <p>
-    <tt>UseBridges 1</tt> <br>
-    <tt>Bridge obfs2 128.31.0.34:1051</tt> <br>
-    <tt>ClientTransportPlugin obfs2 exec /usr/local/bin/obfsproxy --managed</tt>
+      If you got a message reporting that all tests finished successfully,
+      then obfsproxy works for you. Time to run the setup.py script so that
+      obfsproxy gets installed in your system:
     </p>
+    <tt># python setup.py install</tt><br><br>
+
     <p>
-    Don't forget to replace <em>128.31.0.34:1051</em> with the IP address
-    and port that the bridge's obfsproxy is listening on.
+    You will probably want to run the setup.py script as root so that obfsproxy gets installed in /usr/local/bin.
     </p>
-    <p> <br>
-    <img src="$(IMGROOT)/sidenav-arrow.png">
-    <strong>Congratulations!</strong> Your traffic should now be
-    obfuscated by obfsproxy. You are done! You can now start using Tor.
-    </p>
+    <h3>Step 3: Setup tor</h3>
+    <br>
-    <br> <br> <br> <br>
+      <p>
+        Edit your /etc/tor/torrc to add:
+      </p>
-    <hr>
+      <p>
+        <tt>SocksPort 0</tt><br>
+        <tt>ORPort 443 # or some other port if you already run a webserver/skype</tt><br>
+        <tt>BridgeRelay 1</tt><br>
+        <tt>Exitpolicy reject *:*</tt><br><br>
-    <br> <br> <br> <br>
+        <tt>## CHANGEME_1 -> provide a nickname for your bridge, can be anything you like</tt><br>
+        <tt>#Nickname CHANGEME_1</tt><br>
+        <tt>## CHANGEME_2 -> provide some email address so we can contact you if there's a problem</tt><br>
+        <tt>#ContactInfo CHANGEME_2</tt><br><br>
-    <h3 id="bridge_instructions">Step 2b: If you're the bridge...</h3>
-    <br>
+        <tt>ServerTransportPlugin obfs2,obfs3 exec /usr/local/bin/obfsproxy managed</tt><br>
+      </p>
-    <p>
-    Configure your Tor to <a href="<page docs/bridges>#RunningABridge">be
-    a bridge</a> (e.g. by setting "ORPort 9001" and "BridgeRelay 1"). Then
-    add this new line to your <a href="<page docs/faq>#torrc">tor
-    configuration file</a>:
-    </p>
+      <p>
+        Don't forget to uncomment and edit the CHANGEME fields. Also,
+        if you didn't install obfsproxy as root, you might have to
+        change its path.
+      </p>
-    <p>
-    <tt>ServerTransportPlugin obfs2 exec /usr/local/bin/obfsproxy --managed</tt>
-    </p>
+      <h3>Step 4: Launch Tor and verify that it bootstraps</h3>
+      <br>
-    <p>
-    Launch Tor using this configuration file. You can do this by using
-    your favorite init script, or by pointing the Tor binary to the
-    torrc file:
-    <p>
+      <p>
+        Restart Tor to use the new configuration file. (Preface with sudo if
+        needed.)
+      </p>
-    <p>
-    <img src="$(IMGROOT)/obfs-spawn_tor_bridge.png" alt="spawn tor" height="117" width="879"></a>
-    </p>
+      <tt># service tor restart</tt><br><br>
-    <p>
-    Next, find the TCP port opened by obfsproxy. Look in your log file
-    for a line similar to this one: <br>
-    <img src="$(IMGROOT)/obfs-log_checking.png" alt="bridge torrc" width="437" height="14"></a>
-    <br>
-    The last number, in this case <em>34545</em>, is the TCP port
-    number that your clients should point their obfsproxy to.
-    </p>
+      <p>
+        Now check /var/log/tor/log and you should see something like this:
+      </p>
-    <p>
-    <img src="$(IMGROOT)/sidenav-arrow.png">
-    <strong>Congratulations!</strong> Tell your clients to point their
-    obfsproxy to your IP address and to port <em>34545</em>.
-    </p>
+      <tt>Nov 05 16:40:45.000 [notice] We now have enough directory information to build circuits.</tt><br>
+      <tt>Nov 05 16:40:45.000 [notice] Bootstrapped 80%: Connecting to the Tor network.</tt><br>
+      <tt>Nov 05 16:40:46.000 [notice] Bootstrapped 85%: Finishing handshake with first hop.</tt><br>
+      <tt>Nov 05 16:40:46.000 [notice] Bootstrapped 90%: Establishing a Tor circuit.</tt><br>
+      <tt>Nov 05 16:40:48.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working.</tt><br>
+      <tt>Nov 05 16:40:48.000 [notice] Bootstrapped 100%: Done.</tt><br><br>
+      <p>
+        If Tor is earlier in the bootstrapping phase, wait until it gets to 100%.
+      </p>
+
+      <h2>Step 5: Set up port forwarding if needed</h2>
+      <br>
+
+      <p>
+        If you're behind a NAT/firewall, you'll need to make your bridge
+        reachable from the outside world — both on the ORPort and the
+        obfsproxy port. The ORPort is whatever you defined in step two
+        above. To find your obfsproxy port, check your Tor logs for two
+        lines similar to these:
+      </p>
+
+      <tt>Oct 05 20:00:41.000 [notice] Registered server transport 'obfs2' at '0.0.0.0:26821</tt><br>
+      <tt>Oct 05 20:00:42.000 [notice] Registered server transport 'obfs3' at '0.0.0.0:40172</tt><br><br>
+
+      <p>
+        The last number in each line, in this case 26821 and 40172, are the
+        TCP port numbers that you need to forward through your
+        firewall. (This port is randomly chosen the first time Tor starts,
+        but Tor will cache and reuse the same number in future runs.) If you
+        want to change the number, use Tor 0.2.4.7-alpha or later, and set
+        "ServerTransportListenAddr obfs2 0.0.0.0:26821" in your torrc.
+      </p>
+
     <br>
</div>
Modified: website/trunk/projects/en/obfsproxy.wml
===================================================================
--- website/trunk/projects/en/obfsproxy.wml	2013-04-11 07:21:44 UTC (rev 26156)
+++ website/trunk/projects/en/obfsproxy.wml	2013-04-12 16:42:35 UTC (rev 26157)
@@ -91,12 +91,18 @@
<h2><a class="anchor" href="#instructions">Installation Instructions</a></h2>
-   <p>To set up an obfsproxy bridge, or to build
-   it from source, see the separate <a href="<page
-   projects/obfsproxy-instructions>#instructions">Obfsproxy Installation
-   Instructions</a> page.
+   <p>
+   To set up an obfsproxy bridge on a Debian/Ubuntu machine, see the separate
+   <a href="<page projects/obfsproxy-debian-instructions>#instructions">Obfsproxy Debian/Ubuntu Installation Instructions</a>
+   page.
    </p>
+   <p>
+   To set up obfsproxy from source, see the separate
+   <a href="<page projects/obfsproxy-instructions>#instructions">Obfsproxy Installation Instructions</a>
+   page.
+ </p>
+
   </div>
   <!-- END MAINCOL -->
   <div id = "sidecol">

    