kytv/I2P_Website
1
0
Fork 0
forked from I2P_Developers/i2p.www
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a9218a356b4b4f25d9a6bc63b533dc016a241eaf
I2P_Website/www.i2p2/pages/faq.html
dev a9218a356b imported my website-repo
2008-01-31 20:38:37 +00:00

163 lines
6.8 KiB
HTML
Raw Blame History

{% extends "_layout.html" %}
{% block title %}FAQ{% endblock %}
{% block content %}<h3 id="remote_webconsole">How can I access the web console from my other machines or password protect it?
<span class="permalink">(<a href="#remote_webconsole">link</a>)</span></h3>
<p>
For security purposes, the router's admin console by default only listens
for connections on the local interface. However, with a little hacking,
you can make it reachable remotely:
</p>
<ol>
<li>Open up clients.config and replace<br />
<code>clientApp.0.args=7657 127.0.0.1 ./webapps/</code><br />
with <br />
<code>clientApp.0.args=7657 0.0.0.0 ./webapps/</code></li>
<li>Go to <a href="http://localhost:7657/configadvanced.jsp">http://localhost:7657/configadvanced.jsp</a>
and add a new option: <code>consolePassword=foo</code> (or whatever password you want)</li>
<li>Go to <a href="http://localhost:7657/index.jsp">http://localhost:7657/index.jsp</a>
and hit "Graceful restart", which restarts the JVM and reloads the client applications</li>
</ol>
<p>
After that fires up, you should now be able to reach your console remotely.
You will be prompted for a username and password though - the username is
"admin" and the password is whatever you specified in step 2 above. Note: the
<code>0.0.0.0</code> above specifies an <i>interface</i>, not a network or netmask. 0.0.0.0
means "bind to all interfaces", so it can be reachable on 127.0.0.1:7657 as well as
any LAN/WAN IP.
</p>
<h3 id="eepsite">Whats an "eepsite"?
<span class="permalink">(<a href="#eepsite">link</a>)</span></h3>
<p>
An eepsite is a website that is hosted anonymously - you can access it by
setting your web browser's HTTP proxy to use the web proxy (typically it
listens on localhost port 4444), and browsing to the site.
</p>
<h3 id="active">What do the Active x/y numbers mean in the router console?
<span class="permalink">(<a href="#active">link</a>)</span></h3>
<p>
x is the number of peers you've sent or received a message from
successfully in the last minute, y is the number of peers seen in the last
hour or so.
</p>
<h3 id="socks">Is it possible to use I2P as a socks proxy?
<span class="permalink">(<a href="#socks">link</a>)</span></h3>
<p>
While it would be technically feasible, many applications leak sensitive
information that could identify you on the internet. I2P only filters
connection data, but if the programme you intend to run sends this
information as content, I2P has no way to protect your anonymity. For
example, some mail applications will send the IP address of the machine
they are running on to a mail server. There is no way for I2P to filter
this, thus using I2P to 'socksify' existing applications is possible, but
extremely dangerous.
</p>
<h3 id="ports">What ports does I2P use?
<span class="permalink">(<a href="#ports">link</a>)</span></h3>
<p>
Ok, here's a rundown of the default ports (everything is configurable
through various settings, of course):
</p>
<p>
<ul><p>
<li><b>Internet-facing ports</b>
<ul>
<li><b>Outbound UDP from port 8887 to arbitrary remote UDP ports, allowing replies</b></li>
<li><b>Outbound TCP from random high ports to arbitrary remote TCP ports</b></li>
<li><b>(optional, but recommended) Inbound UDP to port 8887 from arbitrary locations</b></li>
<li><b>(optional, but recommended) Inbound TCP to port 8887 from arbitrary locations</b><br />
By default, I2P does not listen for inbound TCP connections.<br />
To start accepting them, you can either tell I2P to autodetect its address and port<br />
using the UDP transport, or you can manually enter an IP address (or DNS name)<br />
and a TCP port. You can activate this feature on the Configuration page.</li>
<li><b>Outbound UDP on port 123, allowing replies</b><br />
This is necessary for I2P's internal time sync (via SNTP -
querying a random SNTP host in pool.ntp.org or another
server you specify)</li>
</ul>
</li>
</p></ul>
<ul><p>
<li><b>Local I2P ports</b>, listening only to local connections by default:
<ul>
<li><b>7654:</b> I2P Client Protocol port, used by client apps</li>
<li><b>7656:</b> SAM bridge, a higher level socket API for clients</li>
<li><b>7657:</b> your router console</li>
<li><b>7658:</b> your eepsite</li>
<li><b>32000:</b> local control channel for the service wrapper</li>
</ul>
</li>
</p></ul>
<ul><p>
<li><b>Default I2PTunnel ports</b>, listening only to local connections by default:
<ul>
<li><b>2401:</b> cvs.i2p (disabled by default)</li>
<li><b>4444:</b> HTTP proxy</li>
<li><b>6668:</b> round robin across the irc2p IRC network</li>
<li><b>7659:</b> smtp.postman.i2p</li>
<li><b>7660:</b> pop.postman.i2p</li>
</ul>
</li>
</p></ul>
</p>
<p>
The local I2P ports and the I2PTunnel ports do not need to be reachable from
remote machines, but *should* be reachable locally. You can also create
additional ports for I2PTunnel instances via http://localhost:7657/i2ptunnel/
(and in turn, would need to get your firewall to allow you local access, but
not remote access, unless desired).
</p>
<p>
So, to summarize, nothing needs to be reachable by unsolicted remote peers, but
if you can configure your NAT/firewall to allow inbound UDP to port 8887, you'll
get better performance. You will also need to be able to send outbound UDP packets
to arbitrary remote peers (blocking IPs randomly with something like PeerGuardian
only hurts you - don't do it).
</p>
<h3 id="ports">How do I reseed manually?
<span class="permalink">(<a href="#manual_reseed">link</a>)</span></h3>
<p>
An I2P router only needs to reseed once, to join the network for the first time.
Reseeding is nothing more than sending plain HTTP GET requests
to fetch a directory listing and download multiple "routerInfo" files
from a predefined reseed URL.
</p>
<p>
A typical symptom of a failed reseed is the "Known" indicator
(on the left sidebar of the router console) displaying a very small value
(often less than 5) which does not increase. This can occur, among other things,
if your firewall limits outbound traffic, and blocked the reseed request.
</p>
<p>
To reseed an I2P router manually, do the following:
<ul>
<li>Stop your I2P router</li>
<li>Open <a href="http://dev.i2p.net/i2pdb2/">http://dev.i2p.net/i2pdb2/</a> using a web browser</li>
<li>Save a dozen "routerInfo" files to your I2P "netDb" directory (ignore the "leaseSet" files)</li>
<li>Start your I2P router</li>
</ul>
</p>
<hr />
<h3 id="question">I have a question!
<span class="permalink">(<a href="#question">link</a>)</span></h3>
<p>
Great! Please either drop an email to the <a
href="http://dev.i2p.net/mailman/listinfo/i2p">mailing list</a> or post to
the <a href="http://forum.i2p.net/">forum</a> and we'll post it here (with
the answer, hopefully).
</p>
{% endblock %}
Reference in New Issue View Git Blame Copy Permalink