diff options
| author | Yawning Angel <yawning@torproject.org> | 2014-09-03 09:44:18 +0000 |
|---|---|---|
| committer | Yawning Angel <yawning@torproject.org> | 2014-09-03 09:44:18 +0000 |
| commit | 79e94103d6bf7685c78e991f0d1b93b0eecefa3d (patch) | |
| tree | 7acaeaa77d1bb00fedfba71f0c23ad86a26b1b47 /README.md | |
| parent | d5f59458fe26bedb058ec292647af96f715420b2 (diff) | |
Update the README.md (No functional changes).
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 46 |
1 files changed, 44 insertions, 2 deletions
@@ -32,14 +32,56 @@ handshake variants without being obscenely slow is non-trivial. Build time library dependencies are handled by go get automatically but are listed for clarity. - * Go 1.2.0 or later. Debian stable packages Go 1.0.2 which is missing several - things obfs4 depends on like SHA256. + * Go 1.2.0 or later. Prior versions of Go 1.0.2 are missing certain important + parts of the runtime library like a SHA256 implementation. * go.crypto (https://code.google.com/p/go.crypto) * go.net (https://code.google.com/p/go.net) * ed25519/extra25519 (https://github.com/agl/ed25519/extra25519) * SipHash-2-4 (https://github.com/dchest/siphash) * goptlib (https://git.torproject.org/pluggable-transports/goptlib.git) +### Installation + +To build: +`go get git.torproject.org/pluggable-transports/obfs4.git/obfs4proxy` + +To install: +Copy `$GOPATH/bin/obfs4proxy` to a permanent location (Eg: `/usr/local/sbin`) + +Client side torrc configuration: +``` +ClientTransportPlugin obfs4 exec /usr/local/sbin/obfs4proxy +``` + +Bridge side torrc configuration: +``` +# Act as a bridge relay. +BridgeRelay 1 + +# Use obfs4proxy to provide the obfs4 protocol. +ServerTransportPlugin obfs4 exec /usr/local/sbin/obfs4proxy + +# (Optional) Listen on the specified address/port for obfs4 connections as +# opposed to picking a port automatically. +#ServerTransportListenAddr obfs4 0.0.0.0:443 +``` + +### Tips and tricks + + * On modern Linux systems it is possible to have obfs4proxy bind to reserved + ports (<=1024) even when not running as root by granting the + `CAP_NET_BIND_SERVICE` capability with setcap: + + `# setcap 'cap_net_bind_service=+ep' /usr/local/sbin/obfs4proxy` + + * obfs4proxy can also act as a obfs2 and obfs3 client or server. Adjust the + `ClientTransportPlugin` and `ServerTransportPlugin` lines in the torrc as + appropriate. + + * The autogenerated obfs4 bridge parameters are placed in + `DataDir/pt_state/obfs4_state.json`. An obfs4 bridge line requires the + `node-id`, `public-key` and `iat-mode` arguments. + ### Thanks * David Fifield for goptlib. |