hosting an outproxy for i2p (part 1)

This quick blog was requested by someone on IRC and it details how to set up an outproxy on i2p.

If this is too quick a guide or you feel like you don't know what you're doing then I'd suggest against running an outproxy.

Software used:

  • debian stable

  • i2pd

  • tinyproxy

The setup process goes as follows:

  • install i2pd and tinyproxy

  • edit tinyproxy.conf to have sane defaults

  • have tinyproxy deny access to loopback

  • create an i2p server tunnel pointing to 127.0.0.1:8888

  • publish destination of outproxy

/etc/tinyproxy/tinyproxy.conf

User tinyproxy
Group tinyproxy
Port 8888
Listen 127.0.0.1
Timeout 600
DefaultErrorFile "/usr/share/tinyproxy/default.html"
Logfile "/dev/null"
LogLevel Warning
PidFile "/run/tinyproxy/tinyproxy.pid"
MinSpareServers 5
MaxSpareServers 20
StartServers 10
MaxRequestsPerChild 0
Allow 127.0.0.1/8
ViaProxyName "tinyproxy"
Filter "/etc/tinyproxy/filter"
FilterExtended On
ConnectPort 443

/etc/tinyproxy/filters

^127 …

Read more ...


Syncthing over I2P

In which I show you how to use Syncthing over I2P for secure, self-hosted, file synchronization.

What is Syncthing?

Syncthing is an open source, self-hosted file synchronization tool. Instead of trusting a third party (e.g. Dropbox) to host your files, and synchronize files between your machines, you can use an open source alternative.

By default, syncthing is not truly decentralized, and relies on third party relay servers and discovery servers. While I am sure the syncthing protocol is safe enough, and the people hosting these services have good intentions, wouldn't it be nice if we don't have to trust either?

What is I2P?

I2P is a decentralized, peer to peer, anonymous network layer. By relaying your computer traffic by a volunteer ran network spread around the world, following the path of traffic becomes nearly impossible.

I2P has the added benefit that you can bypass limitations on hosting imposed by …

Read more ...


Kovri and the curious case of code rot (part 1)

I'd like to preface this going in as being clear that I like monero project and think they make a damn fine coin. Yes, they have a rather elitist community but such comes with the territory. I have interfaced with the kovri codebase in the past and I can say that the project left me rather disapointed. To really get a good grasp of the sitatuon I need to go back to 2014 (?).

i2pcpp and i2pd 0.x.x

In the begininning there was i2pcpp, a decent partially working i2p router written in C++ 11 for FreeBSD by a guy with the nym orion. Orion was originally funded by the monero community but discontinued i2pcpp after i2p's protocols left a sour taste in his mouth. My only role in i2pcpp was trying to compile it on Linux as at the time my C++ was pretty much non existent. Orion is …

Read more ...


nntpchan 0.5.0 released

After over a year I am proud to release nntpchan version 0.5.0.

The daemon has gone through a lot as well as the build system, we have many many new things added.

  • smart varnish caching
  • ed25519-blake2b signatures
  • no longer use cgo, libsodium not used at all, we are 100% pure go now.
  • no more noticable gc leaks
  • use 1 repo for everything, don't split backend and frontend repo for ease of building

Many features were also gutted:

  • filesystem markup cache
  • redis support (all of it)

I think this covers everything, so much changed I probably forgot something or a few other things ...

Download on github here and join us on IRC to peer into the main network.

We're on the following networks:

rizon: irc.rizon.net #nntpchan

freenode: irc.freenode.org #nntpchan

irc2p: irc.dg.i2p #overchan


Exploring snappy package manager. Why it is awesome and how to get started.

For those who don't already know, Snappy is a distribution agnostic package manager for Linux developed by Canonical.

Snap packages are self-contained archives with all required dependencies included. Applications run in a secure sandbox environment isolated from the main system, using such technology as Linux namespaces, seccomp and AppArmor.

I've recently created snap package for i2pd, and very excited to share my experience.

Awesome features

Security

Snaps are sandboxed and isolated from your main system. Applications can only have access to system resources allowed by package developer.

For example, those are system resources allowed to i2pd package:

plugs: [network,network-bind]

i2pd can only access network, bind ports and use it's own virtual filesystem, everything else will be denied by kernel.

In theory, one could even run untrusted proprietary code safely.

Snap store

Snaps are simple archives, which can be downloaded and installed by hand as regular deb/rpm ones. To …

Read more ...


i2pd 2.15 released

i2pd (I2P Daemon) is a full-featured C++ implementation of I2P client.

I2P (Invisible Internet Protocol) is a universal anonymous network layer. All communications over I2P are anonymous and end-to-end encrypted, participants don't reveal their real IP addresses.

I2P client is a software used for building and using anonymous I2P networks. Such networks are commonly used for anonymous peer-to-peer applications (filesharing, cryptocurrencies) and anonymous client-server applications (websites, instant messengers, chat-servers).

I2P allows people from all around the world to communicate and share information without restrictions.

i2pd is licensed under the 3-clause BSD license, binary packages are available for Debian, Ubuntu, OS X, FreeBSD, Android and Windows.

View release on GitHub

Changelog for i2pd version 2.15:

Added

  • QT GUI
  • Ability to add and remove I2P tunnels without restart
  • Ability to disable SOCKS outproxy option

Changed

  • Strip-out Accept-* headers in HTTP proxy
  • Don't run peer test if nat=false
  • Separate output of …

Read more ...


I2Pd and friends do not care if the left thinks you're a bigot.

Recently Tor Project published a blog condemning The Daily Stormer (a very prominent white nationalist forum that has been marginalized off the internet) setting up a hidden service. This is very concerning to all, the light of anonymous free speech seems to have dimmed as a result. It's only free speech until someone calls it hateful... is that what the good people over at Tor Project think? Let's hope not.

I2P (at least i2pd and friends) I2PD (and friends) do not bow to wrongthink pressure from the moral high horse cavalry. Feel free to discuss whatever just try to not break any laws.


i2p.rocks regular Livestreaming (and podcast ?)

I will be doing semi-regular livestreams via i2p.rocks (also via onion) and if I can find someone will be doing a regular on the topic of i2p and related technology.

Contact me via xmpp if you want to contribute.


i2p.rocks xmpp registration closed

My public xmpp server has closed public open registration due to spam.

If you desire an account contact me on irc2p as psi.


i2pd 2.14 released

i2pd (I2P Daemon) is a full-featured C++ implementation of I2P client.

I2P (Invisible Internet Protocol) is a universal anonymous network layer. All communications over I2P are anonymous and end-to-end encrypted, participants don't reveal their real IP addresses.

I2P client is a software used for building and using anonymous I2P networks. Such networks are commonly used for anonymous peer-to-peer applications (filesharing, cryptocurrencies) and anonymous client-server applications (websites, instant messengers, chat-servers).

I2P allows people from all around the world to communicate and share information without restrictions.

i2pd is licensed under the 3-clause BSD license, binary packages are available for Debian, Ubuntu, OS X, FreeBSD, Android and Windows.

View release on GitHub

Changelog for i2pd version 2.14:

  • Added option to limit transit traffic bandwidth
  • Added ability to use NTCP connections through HTTP and SOCKS proxies
  • Added option to disable address helper for HTTP proxy
  • Correctly handle comments in addressbook feed
  • Added new …

Read more ...