Obfsproxy and SS5 packages



  • I've been messing around with SS5, a socks4/5 proxy available on sourceforge with terribly bad documentation.  I did manage to get it up and working well on pfSense, and it seems fairly stable.

    I've also managed to get obfsproxy (a tor subproject) working on pfSense, which is valuable because it apparently allows OpenVPN to be used even in countries that employ DPI to block OpenVPN.  It works very well when I tested it with OpenVPN, requiring only a 2 line change on the OpenVPN client side and a very bare-bones config on the pfsense side.

    I would like to compile them both into packages, both for my own use and becase I think they would be valuable additions to pfsense.

    The one bit that it looks like I would have a big challenge with is tying the web-config into actually making changes to scripts / config files on the filesystem.  Is there anyone who is skilled at such things that could assist me with that?  I can detail the (very few) config choices that would be needed and what filesystem actions that would need to trigger, and would be happy to do a lot of the work– but from what I saw it looks like it would be very difficult without a bit of guidance on how it all fits together and how to trigger actions.

    Thanks!



  • I can help you starting.

    First take a look on a very basic package like filer to get understand how it works. PfSense package repo is in github github.com/pfsense/



  • I've got what Im hoping are a working manifest, xml, and inc (/ php) file for SS5 proxy.  I basically copied the nMap setup and modified it.

    Can anyone look over them?

    SS5 runs off of a config file (/usr/local/etc/ss5/ss5.conf) which is full of options that I dont really care about, so ive provided a dummy one too.
    (links to pastebin)
    ss5.xml
    ss5.manifest
    ss5.inc
    /etc/usr/local/ss5/ss5.conf

    The inc file is particularly a bit of a mess, because i wasnt sure of the best way to set environmental variables (which SS5 requires in order to start).

    In order to install ss5 currently, you just do pkg_add -r ss5, modify that conf file i pasted, set the 3 environmental variables in the inc file (SS5_SOCKS_PORT, SS5_SOCKS_ADDR, SS5_LOG_FILE), and launch the binary.

    Any help is appreciated!9



  • ss5.inc link is broken http://pastebin.com/WXA7J6hBb



  • Fixed (added a trailing b, proper link is http://pastebin.com/WXA7J6hB )



  • Documenting instructions for installing obfsproxy, to help with creating the manifest / xml…

    1. must be running 2.1 (obfsproxy packages arent in 2.0 repos)
    2. pkg_add -r obfsproxy
    3. create a /usr/local/etc/obfsproxy.conf as such:
      Client (Acting as a SOCKS proxy for openvpn):
    
    log_file=obfsproxy.log
    log_level=info
    transport=obfs2
    socksport=10101
    socksaddr=127.0.0.1
    sharedsecret=Password
    
    killall obfsproxy
    rm $log_file
    /usr/local/bin/obfsproxy --log-file=$log_file --log-min-severity=$log_level $transport --shared-secret=$sharedsecret socks $socksaddr:$socksport &
    
    

    Server (redirects incoming obfsproxy'd connections to the proper port):

    
    log_file=obfsproxy.log
    log_level=info
    transport=obfs2
    bridgeport=443
    localport=1194
    localaddr=1.2.3.4
    sharedsecret=Password
    
    killall obfsproxy
    rm $log_file
    /usr/local/bin/obfsproxy --log-file=$log_file --log-min-severity=$log_level $transport --dest=$localaddr:$localport --shared-secret=$sharedsecret server 0.0.0.0:$bridgeport &
    
    


  • Any help on this?  Can anyone give any instruction on whether im on the right track with those files?


Log in to reply