On Sun, 4 Feb 2018 09:56:18 +0330 Hamid Safe <hsafe@devopt.net> wrote:

Hello tor-relays team,

...

I am facing issue trying to set up a private obfs4proxy+tor relay bridge(centos 7 server) on a vps outside Iran and using the same methodology obfs4+tor client (Arch linux) inside Iran.DPI blocks tor networks and vpn connections are no allowed. Please note that the set up basically needed to access pretty much anything serious in a production env for accessing the sites that will otherwise be blocked in Iran i.e hub.docker.com + my personal use, hence can't really use the tor-browser.

I have successfully followed yawning angel's github to compile and set up the obfs4proxy and also the tor in both ends. Tor service is running , and I attach along this email the config I used both in client and server end. I suspect that there is a key hash issue and the mechanism to obfuscate the traffic that fails and particularly a directory that does not exist in my server which is in a lot of howtos referred to as: /pt_state/obfs4_bridgeline.txt

Hello, Absence of pt_state directory in DataDirectory is odd. You can't use obfs4 without information from obfs4_bridgeline.txt. I suggest to change line ServerTransportPlugin obfs4 exec /usr/local/bin/obfs4proxy to ServerTransportPlugin obfs4 exec /usr/local/bin/obfs4proxy managed in server's torrc. Also you need to connect not to the ORPort itself but to the transport port, so server config should have line: ServerTransportListenAddr <ip_address>:<port> And then in your client torrc you specify bridge like: Bridge obfs4 <ip_address>:<port> <fingerprint> cert=<line from obfs4_bridgeline.txt> iat-mode=0 If it still doesn't work you can add line ServerTransportOptions obfs4 iat-mode=1 to bridge's torrc and also change iat-mode=1 in clients bridge line, so like this: Bridge obfs4 ip_address:port <fingerprint> cert=<line from obfs4_bridgeline.txt> iat-mode=1 iat-mode allows to enable additional obfuscation, it works only for sending traffic, so for 2-way obfuscation needs to be enabled on both ends.