[tor-commits] [obfsproxy/master] Make tor-obfs-howto.txt a bit more user-friendly.
nickm at torproject.org
nickm at torproject.org
Fri Jul 22 19:06:24 UTC 2011
commit e1a825f7b27fd315d897dab5c0010388fc7ba4c2
Author: George Kadianakis <desnacked at gmail.com>
Date: Fri Jul 22 20:53:06 2011 +0200
Make tor-obfs-howto.txt a bit more user-friendly.
---
doc/tor-obfs-howto.txt | 134 +++++++++++++++++++++++++-----------------------
1 files changed, 69 insertions(+), 65 deletions(-)
diff --git a/doc/tor-obfs-howto.txt b/doc/tor-obfs-howto.txt
index ed8ba72..324a98c 100644
--- a/doc/tor-obfs-howto.txt
+++ b/doc/tor-obfs-howto.txt
@@ -1,101 +1,105 @@
-How to set up Tor with Obfsproxy
+How to set up Tor with obfsproxy
================================
- Preliminaries:
+ Instructions:
-This isn't the final interface--we should make it much easier.
+ "I AM A CENSORED FELLOW"
-This is experimental code--if it breaks, you get to keep both smouldering
-pieces.
-
-
-
- Ingredients:
-
-Client side needs:
+[1] You will need:
* a copy of obfsproxy:
git clone git://git.torproject.org/obfsproxy.git
Building it should be easy, just do "./configure && make".
* a copy of Tor that supports the Socks5Proxy option.
- The git version should do the trick.
+ Tor 0.2.2.30 - for example - will work.
-Bridge side needs:
+[2] Set up obfsproxy:
-* a copy of obfsproxy:
- git clone git://git.torproject.org/obfsproxy.git
- Building it should be easy, just do "./configure && make".
+This command will setup an obfsproxy client speaking the obfs2
+protocol on localhost:1050:
-* a copy of Tor with BridgeRelay capabilities.
- Quite easy to find nowadays.
+./obfsproxy obfs2 socks 127.0.0.1:1050
- Port setup:
+[3] Set up tor:
-Our port setup will be like this:
+You should put in your torrc file:
+---
+SocksPort 5000
+UseBridges 1
+Bridge <bridge address>:1051 # This is provided by the bridge operator.
+Socks5Proxy 127.0.0.1:1050 # This points to the obfsproxy client.
+---
- 1050 1051
- +-----------+ +------------+
- ----| Proxy |-------------| Server |----
- | +-----------+ +------------+ |
- | |
-+------------+ +--------------+
-| Tor Client | | Tor Bridge |
-+------------+ +--------------+
- 5000 5001
+Of course you should substitute the value of the Bridge line above,
+with the information provided to you by a bridge operator.
+[4] Done!
+Alright, you are done!
+Make sure you have followed the above steps on the correct order:
+First launch obfsproxy and then launch tor.
- Setting up obfsproxies:
+Now to test it, launch Firefox and set it up to use a Socks server on
+127.0.0.1:5000. Now browse the web.
-This command will setup an obfsproxy socks client listening to the
-obfs2 protocol on localhost:1050:
-./obfsproxy obfs2 socks 127.0.0.1:1050
-This command will setup an obfsproxy server listening to the
-obfs2 protocol on localhost:1051:
-./obfsproxy obfs2 --dest 127.0.0.1:5001 server 127.0.0.1:1051
+ "I AM A BRIDGE OPERATOR THAT WANTS TO HELP CENSORED PEOPLE"
- Setting up Tor:
+[1] You will need:
-Let's create .torrc_client and .torrc_bridge.
-Warning: I'm only posting the relevant torrc options.
+* a copy of obfsproxy:
+ git clone git://git.torproject.org/obfsproxy.git
+ Building it should be easy, just do "./configure && make".
-torrc_client:
----
-SocksPort 5000
-UseBridges 1
-Bridge <bridge host>:1051 # This points to the bridge's obfsproxy server.
- # You can change <bridge host> to 127.0.0.1
- # for local testing setup.
-Socks5Proxy 127.0.0.1:1050 # This points to our obfsproxy client.
----
+* a copy of Tor which can function as a Tor bridge.
+
+[2] Set up obfsproxy:
+
+This command will setup an obfsproxy server speaking the obfs2
+protocol on localhost:1051:
-torrc_bridge:
+./obfsproxy obfs2 --dest 127.0.0.1:5001 server 127.0.0.1:1051
+
+Be sure to pass the value of ORPort of your bridge relay to the --dest
+argument (see next section).
+
+[3] Set up tor:
+
+You should put in your torrc file:
---
-ORPort 5001 # Port where bridge will be listening on.
+ORPort 5001 # Port on which bridge will be listening on.
BridgeRelay 1
ExitPolicy reject *:*
---
- Bootstrap sequence:
+[4] Done!
+
+Make sure you have followed the above steps on the correct order.
+First launch obfsproxy and then launch tor.
+You can use any port numbers you want, just be sure to adjust the
+torrc and obfsproxy commands accordingly.
+
+Don't forget that You might need to set up port forwarding.
-Since we are still in PoC state you have to bootstrap the Tors and the
-obfsproxies with the correct sequence:
+Now you should tell censored people to connect to your IP on port 1051.
+So, for example, if your bridge's address is 85.22.13.1, bridge users
+should connect to 85.22.13.1:1051.
+Pay attention that '1051' is the port where obfsproxy is listening on,
+and *not* your bridge's ORPort.
-1. Fire up server obfsproxy.
-2. Fire up tor with torrc_bridge.
-3. Fire up client obfsproxy.
-4. Fire up tor with torrc_client.
+ Network diagram of the above setup:
- The End
+(If you don't understand this drawing, just ignore this section.)
-Now open Firefox on the client side and set it up to use a Socks
-server on 127.0.0.1:5000.
-Stuff should work now.
+ 1050 1051
+ +-----------+ +------------+
+ ----| Proxy |------[internet]------| Server |----
+ | +-----------+ +------------+ |
+ | |
++------------+ +--------------+
+| Tor Client | | Tor Bridge |
++------------+ +--------------+
+ 5000 5001
-If you were smart enough to open wireshark and sniff the traffic
-before doing all the above, you would notice that the TLS handshake
-was not carried out plaintext, effectively obfuscating your Tor
-experience. Yes.
More information about the tor-commits
mailing list