From 6c0d321083c48009b0d939afa15bfb69ad8a83a7 Mon Sep 17 00:00:00 2001 From: kev Date: Thu, 30 Apr 2015 19:39:20 +0800 Subject: [PATCH] fix doc --- obfsproxy/README.md | 45 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 44 insertions(+), 1 deletion(-) diff --git a/obfsproxy/README.md b/obfsproxy/README.md index 6c473fb..b2d45d7 100644 --- a/obfsproxy/README.md +++ b/obfsproxy/README.md @@ -4,16 +4,53 @@ OpenVPN over Obfsproxy Obfsproxy is a pluggable transport proxy written in python. We can transport OpenVPN over Obfsproxy, so that firewall cannot detect it. -To use the example bellow, you should run `kylemanna/openvpn` with tcp first. +Obfsproxy provides several obfuscation method. I consider `scramblesuit` the best. +I will update this image if there's better one. + +To use the example bellow, you should run `kylemanna/openvpn` container first. +Don't forget to edit `/etc/openvpn/openvpn.conf` to use `proto tcp`. ## docker-compose.yml ``` +data: + image: busybox:latest + volumes: + - /etc/openvpn + +server: + image: kylemanna/openvpn:latest + ports: + - "1194:1194/tcp" + volumes_from: + - data + cap_add: + - NET_ADMIN + restart: always + obfsproxy: image: vimagick/obfsproxy:latest ports: - "4911:4911" links: + - server:openvpn + environment: + - PASSWORD=J23TNHPJPAOQJLTCPLFD4CQYVFY6MEVP + - DEST_HOST=openvpn + - DEST_PORT=1194 + - LISTEN_ADDR=0.0.0.0 + - LISTEN_PORT=4911 + restart: always +``` + +To link a existing `openvpn` container, please use `external_links` instead of `links`. + +```yaml +obfsproxy: + image: vimagick/obfsproxy:latest + ports: + - "4911:4911" + external_links: - openvpn_server_1:openvpn environment: - PASSWORD=J23TNHPJPAOQJLTCPLFD4CQYVFY6MEVP @@ -24,3 +61,9 @@ obfsproxy: restart: always ``` +The password should be encoded by Base32 with fixed length. +You can generate one via this command: + +```bash +python -c 'import base64, os; print base64.b32encode(os.urandom(20))' +```