[tor-talk] obfsproxy on CentOS 6 (help Iran)
Softail
black98fxstc at gmail.com
Sun Feb 12 02:50:27 UTC 2012
All I know is that the instructions say "You will need Tor
0.2.3.11-alpha or later. "
It doesn't need the LD_LIBRARY_PATH as far as I can tell. My script
doesn't use it.
At least for libevent 2.0.17 obfsproxy won't link unless you use
LIBS=-lrt ./configure
On 2/11/2012 6:31 PM, Ondrej Mikle wrote:
> On 02/12/2012 12:40 AM, Softail wrote:
>> The attached script will configure a fresh 256MB CentOS 6.0 virtual machine
>> on Rackspace as an obfsproxy bridge. You have to say yes several times and
>> it takes awhile but it will eventually reboot as an obfsproxy bridge. I
>> know it gives an error at the end but it does work.
>>
>> You will have to winkle out the IP address and obfsproxy port
>>
>> grep ORPort /var/log/tor/tor.log
>> grep obfs /var/log/tor/tor.log
>>
>> and send them to tor-assistants at torproject.org
> It's also possible to run obfsproxy with "stable" Tor, one just needs to execute
> it manually, like mentioned here:
> https://trac.torproject.org/projects/tor/ticket/5009#comment:17
>
> Also, you can avoid LD_LIBRARY_PATH hack by using ldconfig (I'll write whole
> howto for installing into /opt):
>
> tar xzf libevent-2.0.16-stable.tar.gz
> cd libevent-2.0.16-stable
> ./configure --prefix=/opt/libevent --with-pic --enable-openssl
> make
> make install #(as root)
>
> #Create a file /etc/ld.so.conf.d/libevent2.conf containing following line:
> /opt/libevent/lib/
> #Then, as root, run:
> ldconfig
>
> cd /some/directory/to/put/obfsproxy/source/in
> git clone https://git.torproject.org/obfsproxy.git
> cd obfsproxy
> export libevent_CFLAGS=-I/opt/libevent/include
> export libevent_LIBS="-L/opt/libevent/lib -levent"
> ./autogen.sh && ./configure --prefix=/opt/obfsproxy && make
> make install #(as root)
>
> #One way to run it without screen in background, assuming 9001 is your
> #ORPort and you want obfsproxy to listen on port 2345:
>
> (/opt/obfsproxy/bin/obfsproxy obfs2 --dest=127.0.0.1:9001 server 0.0.0.0:2345 \
> </dev/null >>obfsproxy.log 2>&1 & echo $! > obfsproxy.pid)
>
> Checking that your obfsproxy works (on other computer on another network, in
> obfsproxy directory; you'll need to install "socat", run each command in
> separate terminal; replace _ip_address_of_your_bridge_ with IP of your bridge):
>
> ./obfsproxy obfs2 socks 127.0.0.1:50000 #no idea how to use just the client mode
> socat -d -d TCP4-LISTEN:5353,bind=localhost,reuseaddr,fork \
> SOCKS4A:localhost:_ip_address_of_your_bridge_:2345,socksport=50000
>
> #In another terminal, check that the fingerprints match
> openssl s_client -connect localhost:5353 </dev/null 2>/dev/null | openssl \
> x509 -noout -fingerprint
> openssl s_client -connect _ip_address_of_your_bridge_:2345 </dev/null \
> 2>/dev/null | openssl x509 -noout -fingerprint
>
> The line printed by the "openssl" commands should be identical.
>
> Ondrej
> _______________________________________________
> tor-talk mailing list
> tor-talk at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
More information about the tor-talk
mailing list