In my previous article, I showed you how to manually compile and install obfs4proxy, which you can apply for this guide too (but read on).

Today, I was managing a friend’s Tor bridge, which uses obfs4proxy to hide the fact. While Tor itself was running from the official Tor Project repositories and up to date (and updates get installed automatically), I noticed obfs4proxy was from the Ubuntu repos, at version 0.0.8, which is quite old and does not incorporate the security updates from 0.0.14!

So, of course, I followed my own guide to manually compile and install obfs4proxy… but it didn’t work. After some digging, I realized it’s because of AppArmor!

So you simply edit the file:


Look for these two lines:

  /usr/bin/obfsproxy PUx,
  /usr/bin/obfs4proxy Pix,

And add the following two lines underneath those:

  /usr/local/bin/obfsproxy PUx,
  /usr/local/bin/obfs4proxy Pix,

Then I simply rebooted, and obfs4proxy could bind to port 443, and the bridge was running again, up to date!

If this helped you out, consider donating a cup of coffee. :D

Further reading: