diff options
author | atanarjuat <atanarjuat@example.com> | 2022-05-21 00:43:41 +0200 |
---|---|---|
committer | atanarjuat <atanarjuat@example.com> | 2022-05-21 05:04:06 +0200 |
commit | a809112a20b31b9a4adca31ae564d943a41e9023 (patch) | |
tree | 8cc8b641a25867a8c556a073f44c25e1ff36433d /README.md | |
parent | cefa2c334751efbf1d4b479fb827c21c5b801a71 (diff) |
functional transparent proxy
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 44 |
1 files changed, 41 insertions, 3 deletions
@@ -1,5 +1,43 @@ # ObfsVPN -The `obfsvpn` module contains a Go package that provides an easy mechanism to -establish and listen for network connections that use the ntor handshake and -OBFS4 obfuscation protocol. +The `obfsvpn` module contains a Go package that provides server and client components to +use variants of the obfs4 obfuscation protocol. It is intended to be used as a +drop-in Pluggable Transport for OpenVPN connections (although it can be used +for other, more generic purposes). + +A docker container will be provided to facilitate startng an OpenVPN service that +is accessible via the obfuscated proxy too. + +## Protocol stack + +``` +-------------------- + application data +-------------------- + OpenVPN +-------------------- + obfsvpn proxy +-------------------- + obfs4 +-------------------- + wire transport +-------------------- +``` + +* Application data is written to the specified interface (typically a `tun` + device started by `OpenVPN`). +* `OpenVPN` provides end-to-end encryption and a reliability layer. We'll be + testing with the `2.5.x` branch of the reference OpenVPN implementation. +* `obfs4` is used for an extra layer of encryption and obfuscation. It is a + look-like-nothing protocol that also hides the key exchange to the eyes of + the censor. +* Wire transport is, by default, TCP. Other transports will be explored to + facilitate evasion: `KCP`, `QUIC`? + +## Testing + +... + +## Android + +... |