obfs4proxy - Man Page
pluggable transport proxy for Tor, implementing obfs4
Synopsis
obfs4proxy [options]
Description
obfs4proxy is a tool that attempts to circumvent censorship by transforming the Tor traffic between the client and the bridge. This way censors, who usually monitor traffic between the client and the bridge, will see innocent-looking transformed traffic instead of the actual Tor traffic.
obfs4proxy implements the obfuscation protocols obfs2, obfs3, ScrambleSuit (client only), meek (client only) and obfs4.
obfs4proxy is currently only supported as a managed pluggable transport spawned as a helper process via the tor daemon.
Options
- -h, --help
Display usage information and exit.
- --version
Display version information and exit.
- --enableLogging
Enable logging.
- --logLevel=level
Specify the maximum log severity to log out of "ERROR", "WARN", "INFO", and "DEBUG".
- --unsafeLogging
Disable the IP address scrubber when logging, storing personally identifiable information in the logs.
- --obfs4-distBias
When generating probability distributions for the obfs4 length and timing obfuscation, generate biased distributions similar to ScrambleSuit.
Enviornment
obfs4proxy honors all of the enviornment variables as specified in the Tor Pluggable Transport Specification.
Files
- DataDirectory/pt_state/obfs4proxy.log
The log file, assuming logging is enabled.
- DataDirectory/pt_state/obfs4_state.json
The Bridge (server) auto-generated obfs4 bridge parameters file. This file will not be created if the administrator specifies them in the torrc via a ServerTransportOptions directive.
- DataDirectory/pt_state/obfs4_bridgeline.txt
The Bridge (server) obfs4 bridge's client parameters. This file is created and contains the Bridge directive a client should add to their torrc to connect to the running server's obfs4 instance.
Conforming to
Tor Pluggable Transport Specification
Notes
Using the obfs4 protocol requires tor-0.2.5.x or later.
The obfs2 protocol is included for backwards compatibility purposes only, and should not be used in new deployments.
Example
To configure tor to be able to use obfs4 bridges (as a client), add obfs4proxy to the torrc like thus:
# Use obfs4proxy to provide the obfs4 protocol. ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy
To configure tor to act as an obfs4 bridge (as the server), add obfs4proxy to the torrc like thus:
# # In addition to the standard tor bridge configuration, add: # # Use obfs4proxy to provide the obfs4 protocol. ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy
See Also
tor (1), torrc (5), obfsproxy (1)