is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet.
obfsproxy is a tool that attempts to circumvent censorship, by transforming the Tor traffic between the client and the bridge. This way, censors, who usually monitor traffic between the client and the bridge, will see innocent-looking transformed traffic instead of the actual Tor traffic.
obfsproxy supports multiple protocols, called pluggable transports, which specify how the traffic is transformed. For example, there might be a HTTP transport which transforms Tor traffic to look like regular HTTP traffic.
Even though obfsproxy is a separate application, completely independent from tor, it speaks to tor using an internal protocol to minimize necessary end-user configuration.
Please open a ticket on our bug tracker for any bugs you find or features you would like to see added in future releases.
Here are your bridge relays:
bridge obfs2 18.104.22.168:12984 bridge obfs2 22.214.171.124:52176
Bridge relays (or “bridges” for short) are Tor relays that aren’t listed in the main directory. Since there is no complete public list of them, even if your ISP is filtering connections to all the known Tor relays, they probably won’t be able to block all the bridges.
To use the above lines, go to Vidalia’s Network settings page, and click “My ISP blocks connections to the Tor network”. Then add each bridge address one at a time.
Configuring more than one bridge address will make your Tor connection more stable, in case some of the bridges become unreachable.
Another way to find public bridge addresses is to send mail to firstname.lastname@example.org with the line “get bridges” by itself in the body of the mail. However, so we can make it harder for an attacker to learn lots of bridge addresses, you must send this request from an email address at one of the following domains:
Note for experts: if you can use IPv6, try upgrading to Tor 0.2.3.12 or newer and use these bridge lines:
bridge [2001:948:7:2::163]:6001 bridge [2600:3c01::f03c:91ff:fe93:d525]:9001 bridge [2600:3c01::f03c:91ff:fe93:b8ee]:443 Let us know how it goes!
We’ve made an experimental package that currently works in all censored countries with no config changes.
To set up an obfsproxy bridge, or to build it from source, see the separate Obfsproxy Installation Instructions page.
Hey! Are you looking for the guide on how to set up an obfuscated bridge on a Debian system? Check this out.
Step 1: Install dependencies, obfsproxy, and Tor
You will need a C compiler (gcc), the autoconf and autotools build system, the git revision control system, pkg-config and libtool, libevent-2 and its headers, and the development headers of OpenSSL.
On Debian testing or Ubuntu oneiric, you could do:
# apt-get install autoconf autotools-dev gcc git pkg-config libtool libevent-2.0-5 libevent-dev libevent-openssl-2.0-5 libssl-dev
Clone obfsproxy from its git repository:
$ git clone https://git.torproject.org/obfsproxy.git
The above command should create and populate a directory named ‘obfsproxy’ in your current directory.
$ cd obfsproxy
$ ./autogen.sh && ./configure && make
Optionally, as root install obfsproxy in your system:
# make install
If you prefer not to install obfsproxy as root, you can instead just modify the Transport lines in your torrc file (explained below) to point to your obfsproxy binary.
You will need Tor 0.2.3.11-alpha or later.
Step 2a: If you’re the client…
First, you need to learn the address of a bridge that supports obfsproxy. If you don’t know any, try asking a friend to set one up for you. Then the appropriate lines to your tor configuration file:
Bridge obfs2 126.96.36.199:1051
ClientTransportPlugin obfs2 exec /usr/local/bin/obfsproxy --managed
Don’t forget to replace 188.8.131.52:1051 with the IP address and port that the bridge’s obfsproxy is listening on.
Congratulations! Your traffic should now be obfuscated by obfsproxy. You are done! You can now start using Tor.
Step 2b: If you’re the bridge…
ServerTransportPlugin obfs2 exec /usr/local/bin/obfsproxy --managed
Launch Tor using this configuration file. You can do this by using your favorite init script, or by pointing the Tor binary to the torrc file:
Next, find the TCP port opened by obfsproxy. Look in your log file for a line similar to this one:
The last number, in this case 34545, is the TCP port number that your clients should point their obfsproxy to.
Congratulations! Tell your clients to point their obfsproxy to your IP address and to port 34545.