Skip to content
Snippets Groups Projects
Commit 7b0746c0 authored by cyberta's avatar cyberta
Browse files

update README.md, add env variable infos about quic and port hopping range

parent a23d032d
Branches
Tags
1 merge request!67Configure port hopping range
Hide whitespace changes
Inline Side-by-side
Showing
with 32 additions and 16 deletions
README.md
+ 32
16
View file @ 7b0746c0
......@@ -140,20 +140,28 @@ round-trip min/avg/max = 12.829/17.062/19.346 ms
Before you can run a obfsvpn server container you need to make sure to set the following environment variables which are required in the [start script](./images/obfsvpn/scripts/start_obfsvpn.sh).
| Variable | Purpose | Example |
|:--------:|:--------------:|:--------:|
| `CONTROL_PORT` | port of the [Control Plane](/control/README.md) | 9090 |
| `OBFSVPN_STATE` | directory of private and public key, certifcate, bridgeline file | ./test_data |
| `OBFSVPN_LOCATION` | location of the OpenVPN gateway the bridge is pointing to | amsterdam |
| `OBFS4_IP` | public IP of the bridge | 123.231.123.21 |
| `OBFS4_PORT` | port the bridge is listening on | 4430 |
| `OBFS4_HOST` | The IP obfsvpn server is gets assigned to | 0.0.0.0 |
| `OPENVPN_HOST` | public IP of the OpenVPN gateway the bridge is pointing to | 231.123.231.12 |
| `OPENVPN_PORT` | port | 80 |
| `OBFS4_DATA_DIR` | same as `OBFSVPN_STATE` | ./test_data |
| `HOP_PT` | run server in hopping pt mode | 1 if true |
| `KCP` | run server in KCP transport mode | 1 if true |
| `TCP` | run server in w/ tcp as the protocol the server accepts for proxying traffic | 1 if true |
| Variable | Purpose | Example | Comment |
|:--------:|:--------------:|:--------:|:---------------:|
| `CONTROL_PORT` | port of the [Control Plane](/control/README.md) | 9090 | required |
| `OBFSVPN_STATE` | directory of private and public key, certifcate, bridgeline file | ./test_data | required |
| `OBFSVPN_LOCATION` | location of the OpenVPN gateway the bridge is pointing to | amsterdam | required |
| `OBFS4_IP` | public IP of the bridge | 123.231.123.21 | required |
| `OBFS4_PORT` | port the bridge is listening on | 4430 | required |
| `OBFS4_HOST` | The IP obfsvpn server is gets assigned to | 0.0.0.0 | required |
| `OPENVPN_HOST` | public IP of the OpenVPN gateway the bridge is pointing to | 231.123.231.12 | required |
| `OPENVPN_PORT` | port | 80 | required |
| `OBFS4_DATA_DIR` | same as `OBFSVPN_STATE` | ./test_data | required |
| `OBFSVPN_SEED` | seed to deduce randomized ports from for port hopping | 1 | optional (default 1) |
| `OBFSVPN_PORT_COUNT` | number of ports to be used for port hopping | 100 | optional (default 100) |
| `OBFSVPN_MIN_HOP_PORT`| lower limit of port range to use for port hopping | 9095 | optional (default 49152) |
| `OBFSVPN_MAX_HOP_PORT` | upper limit of port range to use for port hopping | 12095 | optional (default 65535) |
| `HOP_PT` | run server in hopping pt mode | 1 if true | optional (default 0) |
| `KCP` | run server in KCP transport mode | 1 if true | optional (default 0) |
| `TCP` | run server in w/ tcp as the protocol the server accepts for proxying traffic | 1 if true | optional (default 1) |
| `QUIC` | run server in QUIC transport mode | 1 if true | optional (default 0)|
| `QUIC_TLS_CERT` | TLS cert used for QUIC transport encryption | ./test_data/pki/private/ca.crt | required for QUIC |
| `QUIC_TLS_KEY` | TLS private key used for QUIC transport encryption | ./test_data/pki/private/ca.key | required for QUIC |
### Integration testing
......@@ -178,6 +186,8 @@ And finally to test KCP:
$ ./scripts/integration-test.sh kcp
```
You can test other modes with the parameters: `hop-kcp`, `quic`, `hop-quic`.
### Running components separately/against live systems
There may be scenarios when you'd prefer to run individual components on their own or targeting live systems.
......@@ -198,7 +208,7 @@ Usage of /tmp/go-build901008461/b001/exe/client:
The remote obfs4 certificates separated by commas. If hopping is not enabled only the first cert will be used
-h Connect with openvpn over udp in hopping mode
-i string
The host for the local proxy (default: localhost) (default "127.0.0.1")
The host for the local proxy (default "127.0.0.1")
-j uint
A random range to wait (on top of the minimum) seconds before hopping. Only applicable to hopping (default 5)
-kcp
......@@ -223,12 +233,18 @@ Usage of /tmp/go-build901008461/b001/exe/client:
KCP WriteBuffer (default 16777216)
-m uint
The minimun number of seconds to wait before hopping. Only applicable to hopping (default 5)
-max-port uint
The upper limit of the port range used for port hopping (default 65507)
-min-port uint
The lower limit of the port range used for port hopping (default 49152)
-p string
The port for the local proxy (default: 8080) (default "8080")
The port for the local proxy (default "8080")
-pc uint
The number of ports to try for each remote. Only applicable to hopping (default 100)
-ps int
The random seed to generate ports from. Only applicable to hopping (default 1)
-quic
Enable QUIC mode
-r string
The remote obfs4 endpoint ips (no port) separated by commas. If hopping is not enabled only the first cert will be used
-rp string
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment