IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#i2p-dev
/2022/03/22
dr|z3d zzz: please assign +v to mesh when you have a moment. thanks.
mesh thanks very much
dr|z3d up early, zzz. :)
zzz anybody know "pytune"? he's volunteering to run a reseed, I'm looking for an endorsement
dr|z3d not on my radar.
mesh My question is about the streaming api and the use of I2pSocketOptions.getLocalPort. I am wondering if there's an example like geti2p.net/uk/get-involved/develop/applications that uses i2p Destination ports?
mesh argh
zzz in I2PTunnelHTTPServer.java in our source, you can see where we route incoming traffic on port 443 (SSL) to a different socket
zzz in KRPC.java in our source, you can see how we do both sockets and datagrams using different ports and protocols in i2psnark
mesh zzz: ok thanks. So ports aren't really meant for applications then? I see code like _session.addMuxedSessionListener(this, I2PSession.PROTO_DATAGRAM_RAW, _rPort);
zzz tell me more about your application. sockets only? datagrams also? native Java, not SAM?
mesh zzz: I am just poking at the echo server example in the docs. It is native java. I don't think it uses datagrams. I have the example working. I was curious about I2PSocketOptions and ports.
mesh I see that when I call serverSocket.accept() I get a I2PSocket. And on that I2PSocket I can call getOptions().getPort() to see what port the client used.
mesh But how does the EchoClient specify that it wants to connect to a specific port?
mesh at least I was thinking those I2PSocket ports are analogous to tcp ports and I can use it to essentially hand off the client to different services.
zzz yes it's like TCP ports. There's two ports, yours an the other guy's. on an incoming socket, it's probably your port that you want to look at to make routing decisions. just do socket.getLocalPort() for your port or socket.getPort() for his port
zzz getOptions().getLocalPort() and getOptions().getPort() probably do the same thing
zzz for an outbound connection, you'd create a SocketOptions and set the ports, then call connect()
mesh ah. Ok. So there is a I2PSocketManager.connect that takes a SocketOptions. So I can create a SocketOptions, call setPort() to set the remote port, and the clientSocket on the server will have that number in getLocalPort()?
mesh yes, that works I think :)
mesh Yeah, that works. Simple and sweet. And then based on the clientSocket's localPort I can hand that clientSocket to different protocol handlers.
zzz souhds right
mesh thanks zzz
zzz any time
dr|z3d got an SSH2 router in the netdb with an i tag of: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA zzz. bug?
dr|z3d looks like a malformed RI perhaps, the caps don't make much sense either.
zzz anything w/ SSU2 is i2pd, you can ignore any issues with them, they don't have it working yet
dr|z3d ok, suspected as much, Russian router.
zzz orignal only has 2/3 of the handshake done, I know which one is his, not sure why there's others
mesh zbtw, what are people's thoughts on router.dynamicKeys and setting it to true? Or "Laptop Mode"? I've been told it is more secure to periodically create new router keys... but it also kills performance as every time you create new router keys your router has to be reintegrated
dr|z3d best avoided unless you have a specific need, mesh
mesh dr|z3d: my concern is that I do believe the government is working closely with isps to monitor i2p activity
dr|z3d if that's the case, mesh, changing your router id won't help you much.
dr|z3d what it will do, however, is ensure you have an less than optimal experience on the network.
dr|z3d and iirc, router.dynamicKeys is disabled, at least in vanilla i2p.
mesh dr|z3d: I guess in the worst case scenario the government can detect that i2p is being used and then search NetDb to find the ip given to them by the isp and find the routerId
mesh what I was wondering is if I'm constantly changing router keys it might make it more difficult them
dr|z3d so the govt. knows you're running i2p. learning your router id doesn't give them much more, if they can just instruct an isp to capture all the traffic or whatever.
mesh dr|z3d: it is disabled. I think I'm going to definitely enable "Laptop Mode."
dr|z3d why not just opt for hidden mode and keep your ip address out of the netdb? you won't connect directly with routers in your own country either, iirc. zzz will be able to confirm or deny.
dr|z3d regardless, if the gov know you're running i2p, then having your routerid doesn't give them much more than they already know.
mesh dr|z3d: yeah you are probably right. I guess the concern was that they see i2p being used by a specific ip, they use netdb to find the router id for that specific ip, and they use that extra information (router version etc) for better attacks
mesh i2p automatically goes into hidden mode when I run it
dr|z3d and it should be noted that both hidden mode and laptop mode will severely impact network performance.
mesh but I'm told that "hidden mode" doesn't hide much. Apparently it is very easy to detect that i2p is being used ? The traffic patterns it generates are very distinct and easy to analyze and detect
dr|z3d you're hidden from other routers by virtue of not publishing your routerid to the netdb. it doesn't magically cloak all your traffic, no.
mesh dr|z3d: I think laptop mode is a good idea. If my public IP changes because I move, I don't want anybody to see the same routerId being used by two different Ips and be able to track my movements
dr|z3d sure, in that context, it makes more sense, though if your isp is allocating dynamic ips, be prepared for that.
zzz generally agree with dr|z3d's guidance
zzz disagree w/ mesh's statements it is very easy to detect that i2p is being used The traffic patterns it generates are very distinct and easy to analyze and detect
mesh dr|z3d: Oh really, is that how hidden mode works? I thought I was publising a routerInfo with my ip to netdb
mesh and anybody could just search netdb for my ip heh
mesh if that is the case hidden mode makes dynamicKeys unnecessary
dr|z3d hidden mode and you're invisible in the netdb. I think you may even be force-firewalled, so the only direct view on your ip is from your introducers.
dr|z3d the downside of hidden mode is that you won't host any participating tunnels, so zero cover traffic for your network activities.
dr|z3d not sure if this error is noteworthy, zzz, haven't seen it before:
dr|z3d Error sending I2CP message to client
dr|z3d net.i2p.data.i2cp.I2CPMessageException: Unable to write out the message, as the session ID has not been defined
dr|z3d at net.i2p.data.i2cp.MessagePayloadMessage.writeMessage(MessagePayloadMessage.java:100)
dr|z3d at net.i2p.router.client.ClientConnectionRunner.writeMessage(ClientConnectionRunner.java:1067)
dr|z3d at net.i2p.router.client.ClientWriterRunner.run(ClientWriterRunner.java:70)
dr|z3d at java.base/java.lang.Thread.run(Thread.java:833)
dr|z3d at net.i2p.util.I2PThread.run(I2PThread.java:103)
zzz if you're already in hidden mode, laptop mode or dynamic keys isn't likely to degrade performance any further, it should be almost free
zzz dr|z3d, thats a new one
zzz dr|z3d, I assume that's some normal box and not a raspberry?
dr|z3d normal box, yes.
zzz java version?
dr|z3d 18-ea+36
zzz is it like the fastest biggest processor ever? I'm wondering why you keep hitting things nobody's hit in 18 years
dr|z3d 8 cores, 16 threads, 64GB Ram. does that qualify?
zzz dunno how common that is. It's more ram than everything in my house put together
dr|z3d > zen Ryzen/Epyc model 113
dr|z3d 4GB allocated to the JVM, just under 50% in use currently.
dr|z3d capable of doing a full ping sweep of all active hostnames in approx 3 minutes.
dr|z3d (1 hostname, 1 JVM)
zzz it's a real multithreading sync issue, but if it's a problem there's a thousand more, so I'm really not thrilled
dr|z3d well, all I can do is let you know when errors occur in the logs. they don't appear to be that frequent, that one especially.
zzz how many times
dr|z3d first time I've seen it.
eche|off I assume more people do run on 8 core and even more these days
dr|z3d ok, so in the current log, twice.
dr|z3d roughly 24 hours between occurences.
zzz how long have you been running 18-ea?
dr|z3d on that particular box, about a month.
zzz can you grep as far back as you have logs for more?
dr|z3d sure, just the 2 instances reported in the logs.
zzz thx
eche|off hmm, on 2 of my systems the shell freezes with top, htop, longer listings. strange
eche|off looks like I need to reboot one server in the evening
zzz dr|z3d, the error appears to be in a write to a socket for an external I2CP client outside the router, is that correct that you have an external client on that router?
dr|z3d not entirely sure, zzz. there's i2pchat, possibly, though that would be using sam not i2cp, right?
dr|z3d (not the only person using said box)
zzz don't know about i2pchat, but sam is an internal client i2cp-wise
zzz external client examples would be non-plugin muwire or i2psnark standalone or i2ptunnel CLI
dr|z3d i2ptunnel cli, probably, via java ping?
dr|z3d definitely no to muwire or standalone snark.
zzz you have some external script to ping clients with the i2ptunnel CLI then?
dr|z3d yeah, we're running a fork of notbob's scanner.
zzz ok, that's it
zzz I guess the bug is more likely with an external client, but something similar could happen internally I think
dr|z3d ok, well, the scanner's running pretty frequently, so I'll let you know if it keeps occurring. given the frequency, once every 24 hours is pretty low.
zzz not necessary, I'll fix it
dr|z3d ok, great, thanks. glad it's actionable.
mesh dr|z3d: jdk18 just dropped, so you might try moving off early access and seeing if the bug goes away
dr|z3d as soon as the distro repos have it, I will.
zzz whataboutit?
dr|z3d zzz: ever thought about doing form submission via ajax?