Hello! I am an Obfs4 bridge operator and running 2 bridges. Obfs4proxy is very powerful, and I am curious about how to use it to obfuscate other connection protocols like Wireguard. And any tutorials about installing Obfs4proxy on Ubuntu from source?
obfs4proxy runs over TCP, and carries stream connections. Wireguard runs over UDP; it’s packet-oriented. The WG protocol also has some other characteristics that may introduce difficulties here. The term “layering violations” comes to mind.
I’ve thought about doing stuff like this, but it would require such drastic changes that modifying obfs4proxy would not be worthwhile. (And Golang doesn’t like me. 
) I’d probably approach this by writing an obfuscating proxy from scratch, with features inspired by obfs4 and, ironically, by WG. WG is designed to work at a lower layer, and it is a terrific feat of elegant network engineering.
It would be a decidedly nontrivial project. Thus, it currently remains in the realm of theory.
Thanks for your answer!
You’d have to encapsulate the WireGuard UDP packets in TCP packets, then ship them over OBFS4, I’d think. I seem to remember a program that did that, I think it was named UDPTunnel.
{ searching… }
Is that what you’re talking about?
How to ship other protocol over Obfs4proxy?
I think you might be able to run a local OBFS4 node, then connect to it locally via the UDPTunnel proxy, encapsulating the UDP packets into TCP packets and putting them onto the Tor network via that local node.
So your WireGuard protocol software would connect to UDPTunnel, UDPTunnel would connect to your local Tor node running an OBFS4 bridge, and that would get you connected to the wider Tor network and so to the internet.
Oooh, I just had a thought… might what I wrote above be the causative agent for the “Unexpected path length 4 for exit circuit X, purpose Y” notice we’ve been seeing in our logs?
Thanks for your idea. In fact, I want to obfuscate Wireguard by Obfs4proxy, from client to serve (VPS) straightly and use the obfuscated Wireguard connection to surf the net. I am curious about how to config the Obfs4proxy to obfuscate Wireguard or other protocol without Tor.