@@ -2,7 +2,7 @@

 # Revision: $Revision$

 # Translation-Priority: 4-optional

-#include "head.wmi" TITLE="obfsproxy: Installation instructions" CHARSET="UTF-8"

+#include "head.wmi" TITLE="obfsproxy: Setting up an Obfsproxy Bridge on Debian/Ubuntu" CHARSET="UTF-8"

 <div id="content" class="clearfix">

   <div id="breadcrumbs">

@@ -14,65 +14,55 @@

     <!-- PUT CONTENT AFTER THIS TAG -->

-    <h1 id="instructions">Obfsproxy Bridge Instructions on Debian/Ubuntu</h1>

+    <h1 id="instructions">Setting up an Obfsproxy Bridge on Debian/Ubuntu</h1>

     <img src="$(IMGROOT)/obfsproxy_diagram.png" alt="obfsproxy diagram"></a>

     <p>

-    This guide will help you setup an obfuscated bridge on a Debian/Ubuntu system.

+    This guide will help you set up an obfuscated bridge on a Debian/Ubuntu system.

     </p>

-    <h3>Step 0: Add Tor repositories to APT</h3>

+    <h3>Step 0: Move to the development version of Tor</h3>

     <br>

     <p>

-    You need

-    to <a href="https://www.torproject.org/docs/debian#development">install

-    the experimental official Tor Project APT repositories</a>,

-    because a fresh version of Tor (0.2.4.x) is required (Older

-    versions of Tor don't report their bridge addresses to BridgeDB).

+    Add the <a href="<page docs/debian>#development">development Tor

+    APT repository</a> and run the specified commands to install tor

+    and deb.torproject.org-keyring. You need Tor 0.2.4.x Tor because

+    it knows how to automatically report your obfsproxy address to <a

+    href="https://bridges.torproject.org/?transport=obfs2">BridgeDB</a>.

     </p>

-    <h3>Step 1: Install Tor and obfsproxy</h3>

+    <h3>Step 1: Install obfsproxy</h3>

     <br>

-    <p>

-    Now install tor and obfsproxy:

-    </p>

-

     <pre style="margin: 1.5em 0 1.5em 2em">

-\# apt-get update

-\# apt-get install obfsproxy tor

+\# apt-get install obfsproxy

     </pre>

     <p>

-      Note that obfsproxy requires

-    libevent2 and your distribution (e.g. Debian stable) might not

-    have it in its repos.  You can

-    <a href="https://trac.torproject.org/projects/tor/ticket/5009#comment:9">try

-    our experimental backport libevent2 debs</a>,

-    or <a href="https://trac.torproject.org/projects/tor/ticket/5009#comment:17">build

-    libevent2 from source</a>.

+    Obfsproxy requires libevent2. If your distribution (e.g. Debian

+    squeeze) doesn't include it, you can get it from the <a

+    href="http://packages.debian.org/search?keywords=libevent-2.0-5">backports</a>

+    repository.

     </p>

-    <h3>Step 2: Set up Tor</h3>

+    <h3>Step 2: Configure Tor</h3>

     <br>

     <p>

-    You will need an appropriate

-    Tor <a href="<page docs/faq>#torrc">configuration file</a>

-    (usually at <i>/etc/tor/torrc</i>):

+    Edit your <i>/etc/tor/torrc</i> to add:

     </p>

     <pre style="margin: 1.5em 0 1.5em 2em">

 SocksPort 0

-ORPort auto

+ORPort 443 # or some other port if you already run a webserver/skype

 BridgeRelay 1

 Exitpolicy reject *:*

-\## CHANGEME_1 -> provide a nickname for your bridge, can be anything you like.

+\## CHANGEME_1 -> provide a nickname for your bridge, can be anything you like

 Nickname CHANGEME_1

-\## CHANGEME_2 -> If you want others to be able to contact you uncomment this line and put your GPG fingerprint for example.

+\## CHANGEME_2 -> provide some email address so we can contact you if there's a problem

 \#ContactInfo CHANGEME_2

 ServerTransportPlugin obfs2 exec /usr/bin/obfsproxy --managed

@@ -82,11 +72,12 @@ ServerTransportPlugin obfs2 exec /usr/bin/obfsproxy --managed

     Don't forget to edit the <i>CHANGEME</i> fields!

     </p>

-    <h3>Step 3: Launch Tor and verify that it works</h3>

+    <h3>Step 3: Launch Tor and verify that it bootstraps</h3>

     <br>

     <p>

-    Restart Tor for the the new configuration file to be in effect:

+    Restart Tor to use the new configuration file.

+    (Preface with sudo if needed.)

     </p>

     <pre style="margin: 1.5em 0 1.5em 2em">

@@ -112,10 +103,16 @@ Nov 05 16:40:48.000 [notice] Bootstrapped 100%: Done.

     100%.

     </p>

+    <h3>Step 4: Set up port forwarding if needed</h3>

+    <br>

+

     <p>

-    Now you need to find the address on which obfsproxy is

-    listening. To do this, check your Tor logs for a line similar to

-    this one:

+    If you're behind a NAT/firewall, you'll need to make your bridge

+    reachable from the outside world — both on the ORPort and

+    the obfsproxy port. The ORPort is whatever you defined in step two

+    above. To find your obfsproxy port, check your Tor logs for a line

+    similar to this one:

+    </p>

     <pre style="margin: 1.5em 0 1.5em 2em">

 Oct 05 20:00:41.000 [notice] Registered server transport 'obfs2' at '0.0.0.0:26821

@@ -123,17 +120,9 @@ Oct 05 20:00:41.000 [notice] Registered server transport 'obfs2' at '0.0.0.0:268

     <p>

     The last number, in this case <i>26821</i>, is the TCP port number

-    that your clients should point their obfsproxy to. So for example,

-    if your public IP is 1.2.3.4, your clients should put <i>Bridge

-    obfs2 1.2.3.4:26821</i> in their configuration file.

-    </pre>

-    </p>

-

-    <p>

-    <img width="7%" height="7%" style="float: left;" src="$(IMGROOT)/icon-Obfsproxy.jpg">

-    <b>Don't forget!</b> If you are behind a NAT, you should <b>port

-    forward</b> the port that obfsproxy is listening on. In the

-    example above you would have to forward port <i>26821</i>.

+    that you need to forward through your firewall. (This port is randomly

+    chosen the first time Tor starts, but Tor will cache and reuse the

+    same number in future runs.)

     </p>

   </div>