Provided by: obfsproxy_0.2.13-3_all
obfsproxy - a pluggable transports proxy
obfsproxy [--log-file log_file] [--log-min-severity severity] [--no-log] [--no-safe-logging] managed obfsproxy [--log-file log_file] [--log-min-severity severity] [--no-log] [--no-safe-logging] transport [-h] [--dest dest] [--ext-cookie-file ext_cookie_file] ... mode listen_addr obfsproxy --help
obfsproxy is a tool that attempts to circumvent censorship, by transforming the Tor traffic between the client and the bridge. This way, censors, who usually monitor traffic between the client and the bridge, will see innocent-looking transformed traffic instead of the actual Tor traffic.
--log-file log_file Set logfile location. --log-min-severity severity Set minimum logging severity (default: no logging). severity must be one of error, warning, info, debug. --no-log Disable logging. --no-safe-logging Disable safe (scrubbed address) logging. -h, --help Show help message and exit.
Using managed as TRANSPORT allows Tor to start and control obfsproxy by itself. Add a line like the following to torrc to use it when acting as a bridge: ServerTransportPlugin obfs3,scramblesuit exec /usr/bin/obfsproxy managed When connecting to an obfuscated bridge, adapt the following: ClientTransportPlugin obfs3,scramblesuit exec /usr/bin/obfsproxy managed
Use a protocol that simply proxies data without obfuscating them. For tests only. No extra options.
Use a protocol that encodes data with base64 before pushing them to the network. No extra options.
Use the obfs2 protocol. obfs2 is known to be fingerprintable and is deprecated. See https://gitweb.torproject.org/obfsproxy.git/blob/HEAD:/doc/obfs2/protocol-spec.txt for the specification. No extra options.
Use the obfs3 protocol. See https://gitweb.torproject.org/pluggable-transports/obfsproxy.git/blob/HEAD:/doc/obfs3/obfs3-protocol-spec.txt for the specification. No extra options.
Use the scramblesuit protocol. See https://gitweb.torproject.org/pluggable-transports/obfsproxy.git/blob/HEAD:/doc/scramblesuit/scramblesuit-spec.txt for the specification. --password password Shared secret for UniformDH. In server mode, a secret will be automatically generated if unspecified. In order to configure a password with Tor on the server side, the following can be added to torrc: ServerTransportOptions scramblesuit password=WFVTIHBLAHNBXWSUD6WYTEST42LPIPRT Tor clients (using a version later than 0.2.5.1-alpha) can then use: Bridge scramblesuit 192.0.2.42:2032 password=WFVTIHBLAHNBXWSUD6WYTEST42LPIPRT
COMMON TRANSPORT OPTIONS
Here’s the common synopsis: Options common for all transports: transport One of managed, dummy, b64, obfs2, obfs3 or scramblesuit. See above for details. -h Show help message and exit. --dest dest Set destination address. Mandatory in all modes except socks. --ext-cookie-file ext_cookie_file Configure the filesystem path where the Extended ORPort authentication cookie is stored. mode Mode must be one of server (old-style ServerTransportPlugin), ext_server (support for Extended ORPort), client (bridge client) or socks (client using SOCKS to connect to bridges). listen_addr Address on which the proxy will listen.
Plenty, probably. obfsproxy is still in development. Please report them.
George Kadianakis <email@example.com> Philipp Winter <firstname.lastname@example.org> Brandon Wiley <email@example.com> 11/23/2017 OBFSPROXY(1)