In this article I'm trying to setup and run Obfsproxy on Ubuntu 12.04 LTS to obfuscate HTTP Proxy traffic in order to bypass firewalls and have access to free internet again.
Almost everybody knows Tor, a very well known project to help people stay anonymous on the web and bypass internet censorship in countries like China, Iran, Syria, etc. A few years a ago, they have started an add-on project to Tor named Obfsproxy to help people living in Iran and China, bypass DPI firewalls being newly used by these countries. This project is now reached to an stable condition and is ready to be implemented in small environments.
We are using Obfsproxy in server and client modes to provide an extra layer of obfuscation tunneling to achieve the above mentioned goal. Let's start by installing the latest edition of Obfsproxy on our Ubuntu server:
s1@p:~$ sudo -i
root@p:~# apt-get update
root@p:~# apt-get upgrade -y
root@p:~# apt-get install gcc build-essential python-dev python-pip -y
root@p:~# pip install obfsproxy
I assume that a proxy server application like Squid is already installed and configured to listen on port 3128/TCP. So, let's run Obfsproxy for the first time:
root@p:~# obfsproxy obfs2 --dest 127.0.0.1:3128 server 0.0.0.0:8080
It will run Obfsproxy to listen on port 8080/TCP and redirects all the traffic to port 3128/TCP on localhost where Squid is waiting to serve proxy requests.
We can simply create an INIT script to run the following command on every system startup:
root@p:~# nano /etc/init.d/obfsproxy
Place the following line in the file and save it:
obfsproxy obfs2 --dest 127.0.0.1:3128 server 0.0.0.0:8080 > /var/log/obfsproxy.log 2>&1 &
Change the permission of the file and mark it as auto startup:
root@p:~# chmod 755 /etc/init.d/obfsproxy
root@p:~# update-rc.d obfsproxy defaults
That's all! From next reboot, it will automatically run Obfsproxy on system startup.
Let's go to client side. I'm just explaining the Windows configuration, because it's the most popular operating system at client side:
Download the following file and extract it on your computer:
https://www.dropbox.com/s/bfpo7l5hsgthmwq/obfsproxy.zip
Run CMD and change to Obfsproxy directory, then run obfsproxy in client mode:
obfsproxy.exe obfs2 --dest YOUR_Server_IP:8080 client 127.0.0.1:5050
It will listen on localhost port 5050/TCP and redirects all the traffic to your server on port 8080/TCP.
You can easily create a Windows service for Obfsproxy using third party tools like NSSM.