obfs4proxy - Man Page

pluggable transport proxy for Tor, implementing obfs4

Synopsis

obfs4proxy [options]

Description

obfs4proxy is a tool that attempts to circumvent censorship by transforming the Tor traffic between the client and the bridge. This way censors, who usually monitor traffic between the client and the bridge, will see innocent-looking transformed traffic instead of the actual Tor traffic.

obfs4proxy implements the obfuscation protocols obfs2, obfs3,  ScrambleSuit (client only), meek (client only) and obfs4.

obfs4proxy is currently only supported as a managed pluggable transport spawned as a helper process via the tor daemon.

Options

-h,  --help

Display usage information and exit.

--version

Display version information and exit.

--enableLogging

Enable logging.

--logLevel=level

Specify the maximum log severity to log out of "ERROR", "WARN", "INFO", and "DEBUG".

--unsafeLogging

Disable the IP address scrubber when logging, storing personally identifiable information in the logs.

--obfs4-distBias

When generating probability distributions for the obfs4 length and timing obfuscation, generate biased distributions similar to ScrambleSuit.

Enviornment

obfs4proxy honors all of the enviornment variables as specified in the Tor Pluggable Transport Specification.

Files

DataDirectory/pt_state/obfs4proxy.log

The log file, assuming logging is enabled.

DataDirectory/pt_state/obfs4_state.json

The Bridge (server) auto-generated obfs4 bridge parameters file.  This file will not be created if the administrator specifies them in the torrc via a ServerTransportOptions directive.

DataDirectory/pt_state/obfs4_bridgeline.txt

The Bridge (server) obfs4 bridge's client parameters.  This file is created and contains the Bridge directive a client should add to their torrc to connect to the running server's obfs4 instance.

Conforming to

Tor Pluggable Transport Specification

Notes

Using the obfs4 protocol requires tor-0.2.5.x or later.

The obfs2 protocol is included for backwards compatibility purposes only, and should not be used in new deployments.

Example

To configure tor to be able to use obfs4 bridges (as a client), add obfs4proxy to the torrc like thus:

    # Use obfs4proxy to provide the obfs4 protocol.
    ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy

To configure tor to act as an obfs4 bridge (as the server), add obfs4proxy to the torrc like thus:

    #
    # In addition to the standard tor bridge configuration, add:
    #

# Use obfs4proxy to provide the obfs4 protocol.
ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy

See Also

tor (1), torrc (5), obfsproxy (1)

Info

2015-10-29