Skip to content

greensea/obfstunnel

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

obfstunnel

Customizable network traffic tunneling tool

With obfstunnel, you can forward your traffic through firewall. Currently we have xor and random obfs method.

obfstunnel works both on client and server. When a user likes to connect to another server outside a firewall, he could run obfstunnel in CLIENT mode on his own machine, and run obfstunnel in SERVER mode on another machine outside firewall. User should set up a target host he wants connect to on SERVER side. After doing this, you can connect to localhost, where obfstunnel listen on specified port. Once user connected to localhost, obfstunnel will encode traffic and send to obfstunnel on SERVER side. On SERVER side, obfstunnel will connect to target host which user wants to, and forward user traffic.

                             firewall
[user] <----> [obfstunnel] <---||---> [obfstunnel] <----> [target host]
       direct              obfuscating               direct

Example

Tunneling SSH through firewall

We are in machine A, and wants to SSH to server B, but we can not direct connect to server B via SSH because a firewall is block SSH connection. obfstunnel can help us.

We will use obfstunnel builtin obfs method, the xor method. It just XOR every byte with 0xFF. There is another builtin obfs method which name is random method. The random method could make traffic like random traffic, so firewall could not detect SSH connection and could not block it.

On server side, or server B, we run obfstunnel like this:

obfstunnel -s 2000 -t localhost:22 -m xor

-s 2000 argument cause obfstunnel runs in SERVER mode and listen on port 2000 waiting for client connection.

-t localhost:22 tell obfstunnel forward traffic to localhost, where SSH service run on port 22.

-m xor tell obfstunnel to use xor obfs method.

On client side, or machine A, run obfstunnel like this:

obfstunnel -c 22 -t 1.1.1.1:2000 -m xor

-c 22 cause obfstunnel runs in CLIENT mode, waiting user connection on port 22.

-t 1.1.1.1:2000 tells obfstunnel where server is located. 1.1.1.1 is IP address of server A, 2000 is the port obfstunnel in SERVER mode listen on.

Now run ssh localhost , you will find you are connecting to server B.

About

Customizable network traffic tunneling tool

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published