[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [obfsproxy/master] Make tor-obfs-howto.txt a bit more user-friendly.



commit e1a825f7b27fd315d897dab5c0010388fc7ba4c2
Author: George Kadianakis <desnacked@xxxxxxxxx>
Date:   Fri Jul 22 20:53:06 2011 +0200

    Make tor-obfs-howto.txt a bit more user-friendly.
---
 doc/tor-obfs-howto.txt |  134 +++++++++++++++++++++++++-----------------------
 1 files changed, 69 insertions(+), 65 deletions(-)

diff --git a/doc/tor-obfs-howto.txt b/doc/tor-obfs-howto.txt
index ed8ba72..324a98c 100644
--- a/doc/tor-obfs-howto.txt
+++ b/doc/tor-obfs-howto.txt
@@ -1,101 +1,105 @@
-How to set up Tor with Obfsproxy
+How to set up Tor with obfsproxy
 ================================
 
-        Preliminaries:
+        Instructions:
 
-This isn't the final interface--we should make it much easier.
+       "I AM A CENSORED FELLOW"
 
-This is experimental code--if it breaks, you get to keep both smouldering
-pieces.
-
-
-
-        Ingredients: 
-
-Client side needs:
+[1] You will need:
 
 * a copy of obfsproxy:
   git clone git://git.torproject.org/obfsproxy.git
   Building it should be easy, just do "./configure && make".
 
 * a copy of Tor that supports the Socks5Proxy option.
-  The git version should do the trick.
+  Tor 0.2.2.30 - for example - will work.
 
-Bridge side needs:
+[2] Set up obfsproxy:
 
-* a copy of obfsproxy:
-  git clone git://git.torproject.org/obfsproxy.git
-  Building it should be easy, just do "./configure && make".
+This command will setup an obfsproxy client speaking the obfs2
+protocol on localhost:1050:
 
-* a copy of Tor with BridgeRelay capabilities.
-  Quite easy to find nowadays.
+./obfsproxy obfs2 socks 127.0.0.1:1050
 
-        Port setup:
+[3] Set up tor:
 
-Our port setup will be like this:
+You should put in your torrc file:
+---
+SocksPort 5000
+UseBridges 1
+Bridge <bridge address>:1051 # This is provided by the bridge operator.
+Socks5Proxy 127.0.0.1:1050 # This points to the obfsproxy client.
+---
 
-              1050                       1051
-          +-----------+             +------------+
-      ----|   Proxy   |-------------|   Server   |----
-      |   +-----------+             +------------+   |
-      |                                              |
-+------------+                                +--------------+
-| Tor Client |                                |  Tor Bridge  |
-+------------+                                +--------------+
-    5000                                            5001
+Of course you should substitute the value of the Bridge line above,
+with the information provided to you by a bridge operator.
 
+[4] Done!
 
+Alright, you are done!
+Make sure you have followed the above steps on the correct order:
+First launch obfsproxy and then launch tor.
 
-        Setting up obfsproxies:
+Now to test it, launch Firefox and set it up to use a Socks server on
+127.0.0.1:5000. Now browse the web.
 
-This command will setup an obfsproxy socks client listening to the
-obfs2 protocol on localhost:1050:
-./obfsproxy obfs2 socks 127.0.0.1:1050
 
-This command will setup an obfsproxy server listening to the
-obfs2 protocol on localhost:1051:
-./obfsproxy obfs2 --dest 127.0.0.1:5001 server 127.0.0.1:1051
+        "I AM A BRIDGE OPERATOR THAT WANTS TO HELP CENSORED PEOPLE"
 
-        Setting up Tor:
+[1] You will need:
 
-Let's create .torrc_client and .torrc_bridge.
-Warning: I'm only posting the relevant torrc options. 
+* a copy of obfsproxy:
+  git clone git://git.torproject.org/obfsproxy.git
+  Building it should be easy, just do "./configure && make".
 
-torrc_client:
----
-SocksPort 5000 
-UseBridges 1
-Bridge <bridge host>:1051 # This points to the bridge's obfsproxy server.
-                          # You can change <bridge host> to 127.0.0.1
-                          # for local testing setup.
-Socks5Proxy 127.0.0.1:1050 # This points to our obfsproxy client.
----
+* a copy of Tor which can function as a Tor bridge.
+
+[2] Set up obfsproxy:
+
+This command will setup an obfsproxy server speaking the obfs2
+protocol on localhost:1051:
 
-torrc_bridge:
+./obfsproxy obfs2 --dest 127.0.0.1:5001 server 127.0.0.1:1051
+
+Be sure to pass the value of ORPort of your bridge relay to the --dest
+argument (see next section).
+
+[3] Set up tor:
+
+You should put in your torrc file:
 ---
-ORPort 5001 # Port where bridge will be listening on.
+ORPort 5001 # Port on which bridge will be listening on.
 BridgeRelay 1
 ExitPolicy reject *:*
 ---
 
-        Bootstrap sequence:
+[4] Done!
+
+Make sure you have followed the above steps on the correct order.
+First launch obfsproxy and then launch tor.
+You can use any port numbers you want, just be sure to adjust the
+torrc and obfsproxy commands accordingly.
+
+Don't forget that You might need to set up port forwarding.
 
-Since we are still in PoC state you have to bootstrap the Tors and the
-obfsproxies with the correct sequence:
+Now you should tell censored people to connect to your IP on port 1051.
+So, for example, if your bridge's address is 85.22.13.1, bridge users
+should connect to 85.22.13.1:1051.
+Pay attention that '1051' is the port where obfsproxy is listening on,
+and *not* your bridge's ORPort.
 
-1. Fire up server obfsproxy.
-2. Fire up tor with torrc_bridge.
-3. Fire up client obfsproxy.
-4. Fire up tor with torrc_client.
+        Network diagram of the above setup:
 
-        The End
+(If you don't understand this drawing, just ignore this section.)
 
-Now open Firefox on the client side and set it up to use a Socks
-server on 127.0.0.1:5000.
-Stuff should work now.
+              1050                                1051
+          +-----------+                      +------------+
+      ----|   Proxy   |------[internet]------|   Server   |----
+      |   +-----------+                      +------------+   |
+      |                                                       |
++------------+                                         +--------------+
+| Tor Client |                                         |  Tor Bridge  |
++------------+                                         +--------------+
+    5000                                                     5001
 
-If you were smart enough to open wireshark and sniff the traffic
-before doing all the above, you would notice that the TLS handshake
-was not carried out plaintext, effectively obfuscating your Tor
-experience. Yes.
 

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits