👮 major
irc2p
#i2p-dev #i2pd-dev #ls2 #saltr
ilita
#4rum #acetonevideo #dev #retroshare #torrent #video2p
IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#saltr
/2025/08/28
~dr|z3d
@RN
@RN_
@StormyCloud
@T3s|4_
@eyedeekay
@orignal
@postman
@zzz
%Liorar
%ardu
%cumlord
%mareki2p
+FreefallHeavens
+HowardPlayzOfAdmin
+Onn4l7h
+Onn4|7h
+Over
+Rogueone
+Sh0ck
+Xeha
+hk
+onon_
+profetikla
+qend-irc2p
+r00tobo_BNC
+romer
+uop23ip
+waffles
+xHarr
Arch
BravoOreo
BubbRubb
Danny
FreeB
Irc2PGuest15237
Irc2PGuest59861
Irc2PGuest77400
Meow
T3s|4__
acetone_
aisle
anontor2
maylay
moe_
nilbog
not_bob_afk
pisslord
poriori_
pory
r00tobo[2]
shiver_
simprelay
solidx66
thetia
weko_
wew
woodwose
zer0bitz
cumlord I was able to get a tunnel with SAM to do webirc handshake with some other protocols so yay, but it will randomly not be able to connect from outside routers. Local doesn’t seem to have that issue
cumlord not sure if there’s something anyone knows that would cause that
cumlord Sh0ck haven’t tried yet let us know how it works
orignal he should be in hospital
orignal for mental disorders
dr|z3d that wasn't the question :)
orignal <dr|z3d> orignal: seen snowflakes lately?
orignal it was a question
orignal zzz, I have real question
dr|z3d right, I didn't ask for a mental assessment, I asked if you'd seen him.
orignal about SYN in streaming
orignal right now we use 8 NACKS and out Bob's ident there
orignal can we use more?
orignal for another data
orignal he told us he goes to hospital last saturday
orignal *he went
dr|z3d ok, thanks
Sh0ck Good morning everyone,
Sh0ck I have noticed that the http proxy and other tunnels work way better when contacted directly instead of over a ssh tunnel, when i use my own VPN(So im on my Lan wherever i go) it works amazing
Sh0ck The ssh tunnels seem to break often
Sh0ck But could maybe have something to do with my bastion server running freebsd, i don't know, never had this issue before
Sh0ck cumlord I see you are sharing Australian Surviver, i would love to have this in my library, i would also like to help seeding these torrents and more in the future, i noticed the site has RSS functionality so i was wondering if i could setup my i2p snark or have some docker container using i2CP or something to automatically pull and add torrents, S
Sh0ck o that i can add the future episodes as you upload them automatically :)
xHarr You scared him off :P
Sh0ck D:
xHarr On a related note, what rss readers are folks using with i2p? I use newsraft for clearnet rss atm.
Sh0ck I dont bite
Sh0ck I havent messed around with RSS through i2p yet but should work without an issue if you configure a proxy
Sh0ck rss uses http no?
xHarr True
xHarr Looks like it
Sh0ck If your client supports http proxies it should be easy just ensure it only does it for that url otherwise all ur other non i2p stuff will break
Sh0ck Havent used RSS in ages but for i2p it might be the best haha
xHarr I think I'll setup a seperate reader to keep things simple
Sh0ck I am trying to reliably test jami but my friends that are on it are not using it that super much, what is the best way to test it for a few days
Sh0ck Oh wait
Sh0ck Wrong chan
Sh0ck I am having a wierd issue right now i have created a hidden service on my router but when i try visiting it from the router it will not load
Sh0ck Worked fine on vanilla i2p with exct same settings so i figured i might have done something wrong here in i2pplus
dr|z3d web server?
dr|z3d should work the same in i2p and +
dr|z3d what issue are you seeing?
dr|z3d try middle clicking the preview button to open in new tab?
Sh0ck yeah so i try to conenct to it right then click the preview button
dr|z3d or right click -> open in new tab.
Sh0ck Sites will not load i get the router page saying that
Sh0ck I try reaching the backend that is in the UI tht works
Sh0ck Almost like it cannot route to it
Sh0ck It should not need to route over i2p either because i am using the http proxy of the server running the router
Sh0ck Usually it goes straight to the backend through the router then
Sh0ck At least from what i have seen it do dont qoute me on this
dr|z3d what happens if you right click on the preview button and -> open in new tab?
Sh0ck Been doing that with the middle mouse button but ill try the right button
Sh0ck Website unreachable
Sh0ck Could not establish a connection with the following destination: {destination from preview button}
dr|z3d also, what version of + are you running?
Sh0ck Latest but holdup
Sh0ck 2.9.0.22
dr|z3d ok
dr|z3d can you share the destination?
Sh0ck Sure moment
Sh0ck Please use curl to access it
Sh0ck We are currently trying to fix responses from websockets sending you to clearnet addresses
Sh0ck Thats why we put enc on it
Sh0ck Ill make a link for you but curl is the safest bet
dr|z3d I don't care if I can't see content, just need to check the dest.
Sh0ck Its more so you dont leak shit
Sh0ck By ccident
dr|z3d we don't leak shit by accident here :)
Sh0ck Running federated social media on i2p is tricky, requires alot of modifictions to the source code haha
Sh0ck Exactly why i inform, just to be extra safe ;)
dr|z3d ok
Sh0ck Had to build a new server tunnel because old one had encryption, i left everyting default except the backend
Sh0ck awzpjpuudnb3l2srfjpgtfraqaxqxfyc3ahwhgusydtgxoi7kvaa.b32.i2p
Sh0ck That should be the one
Sh0ck I have a sinking suspicion that it will work for you maybe
dr|z3d unlikely.
dr|z3d do you have the default webserver tunnel available?
Sh0ck And that this could be an issue for my router routing things from the i2p proxy to a locally hosted hidden service exposed via server tunnel
Sh0ck But i might be wrong
Sh0ck Im just spitballin at this point
Sh0ck Let me check
Sh0ck yes u2p webserver
Sh0ck i2p*
Sh0ck Its turned off
Sh0ck You want me to turn it on so we can test the default one?
Sh0ck That one throws a 5-3
dr|z3d that's the idea. start it, see if you can preview it.
Sh0ck So that one does route
Sh0ck 503 but it did route
Sh0ck So thats what we want
Sh0ck now comes the fun part, comparing these two configurations
Sh0ck Could be not having asigned a website hostname be the issue
Sh0ck Because that is left blank and it says (Blank for outproxies)
dr|z3d did you disable the i2p webserver under /configclients ?
dr|z3d that could very much be the issue.
Sh0ck No
Sh0ck Hmm
Sh0ck Recon that has to be done in config file right?
dr|z3d hostname is foo.i2p
Sh0ck Oh no you send the path
Sh0ck Only running services are tunnels and webconsole
Sh0ck consoleBrowser/eepsite/SAMBridge are off
dr|z3d so apparently you did disabled the webserver. hence 503.
dr|z3d *disable
Sh0ck But my backend is on 192.168.1.115
Sh0ck The router is on 192.168.1.132
Sh0ck Does that service do some routing or acts as a rev proxy of some kind?
Sh0ck Because i think that if that was the issue i would have had a 503 on the other services too right
Sh0ck Because then it would have routed
dr|z3d your backend? you mean for the server you're attempting to run?
dr|z3d we're trying to rule things out. so start the i2p webserver. then see if you can reach it via the b32.
Sh0ck brb P1 work sorry
Sh0ck Am on standby
dr|z3d also review the logs at the top of the tunnel manager, they may indicate issues.
Sh0ck Have to turn off a cronjob
Sh0ck I will check that thanks brb
dr|z3d turn of a cronjob. what's that, an hour's work? :)
dr|z3d *off
Sh0ck I a m back
Sh0ck Yeah but its a mission critical environment
Sh0ck So i have to run it past a second engineer
Sh0ck 4 eye principle
Sh0ck But yeah openshift/k8s <3
Sh0ck Real easy
Sh0ck Alright im back i am going to turn that wbeserer on moment
Sh0ck "Client eepsite started"
Sh0ck It wont start
Sh0ck But
Sh0ck nvm
dr|z3d it started or not?
Sh0ck Nope
Sh0ck Wont start either
Sh0ck But i don't think that is the issue
Sh0ck Its almost like its not allowed to route outside of its host
Sh0ck Im going to confirm this holdup
Sh0ck Although that would not do anything because the issue is with the routing
Sh0ck Not the connection to the backend
dr|z3d you never clarified what running the backend on a different lan ip meant.
Sh0ck We are not even reaching the server tunnel frontend
Sh0ck Oh i thought i did with 192.168.1.115 and 192.168.1.132
Sh0ck My bad
Sh0ck the backend server is a seperate machine,
Sh0ck This setup has functioned near identically on i2p
dr|z3d the server being your webserver?
Sh0ck 192.168.1.115 Nginx rev proxy which handles traffic to the application backends, 192.168.1.132 is the docker server running among many other things the i2pplus router
dr|z3d if it functioned "near" identically, you need to figure out what's "near" and make it identical. then it'll work just the same.
Sh0ck Only difference is that that was i2p and this is i2pplus :(
dr|z3d unlikely.
dr|z3d review your nginx logs.
dr|z3d error logs.
dr|z3d maybe you have two instances of i2p/i2p+ running?
Sh0ck Would not do much because its not being reached by the server tunnel but im going to try out a different service one that might work so i can confirm something
Sh0ck No i removed the home dir of the i2p vanilla
Sh0ck Also only 1 i2p java process
Sh0ck Ok i am tailing the logs
Sh0ck From the router now
dr|z3d it's my considered suspicion that you've janked something.
Sh0ck The logs say something about the internal webserver Java CRIT error
Sh0ck So thats why that would not start
Sh0ck Im just gonna restart the entire router
Sh0ck brb i will lose connection doing this
dr|z3d before you do, any more info in that CRIT log error?
Sh0ck Back
Sh0ck Restarted the router
Sh0ck All i did was ,Import hosts.txt and reseed through web panel, Setup http proxy to listen on 0.0.0.0 For the LAN and thats really it
dr|z3d out of curiosity, when you removed the i2p app dir, did you also remove the i2p config dir?
Sh0ck Other than a few torrents and things
Sh0ck i2p config dir is sandboxed to the docker volume which is hostpath bound to the pwd of the home dir which for i2pplus is i2pplus instead of i2p
Sh0ck So it should have no way of using any config othe than the one it has now
Sh0ck What i could do is
dr|z3d wait? you're using the app dir for your configs?
Sh0ck Copy the home dir, Bring my the router down, remove all files that so its 100% stock
Sh0ck Test then
Sh0ck I am using a docker container
Sh0ck With its own volume
Sh0ck The one from the repository
Sh0ck The one from I2PPlus/i2pplus.git on github
Sh0ck Ofrficial repo if im not mistaken
Sh0ck So nothing community made
Sh0ck Have not altered the docker files in any way either
dr|z3d I'm asking if you've got the app dir mapped as the config dir.
dr|z3d check on /info see what it says about your config dir location.
dr|z3d if that appears to be the same as your app dir, you've janked shit.
dr|z3d also, why docker?
dr|z3d ok
dr|z3d I'm asking because you said this: i2p config dir is sandboxed to the docker volume which is hostpath bound to the pwd of the home dir which for i2pplus
dr|z3d also, why docker?
Sh0ck Now i have not updated IP+ADDR
Sh0ck I have set some services to listen on 0.0.0.0
Sh0ck Could that cause an issue perhaps
Sh0ck Docker mainly because i have alot of things running on these servers and it makes everything nicely managed and clean
Sh0ck But i get the feeling that perhaps i should be using a dedicated VM for this is that right
Sh0ck For that reason
Sh0ck But a dedicated VM would work better?
Sh0ck because that certainly is an option
Sh0ck Let me get the appdir info you requested
dr|z3d usually it's sufficient to create an i2p user and run the router from there if you want separation.
Sh0ck Config dir is /i2p/.i2p/ Which is mapped ./docker/run/home/config:/i2p/.i2p
dr|z3d ok
dr|z3d have you deleted your docker cache?
Sh0ck have not
Sh0ck Might be a good idea
dr|z3d that may conceivably be causing issues.
Sh0ck Ill haveto look up the command
Sh0ck And then rebuild i assume?
dr|z3d depot.dev/blog/docker-clear-cache
dr|z3d don't assume, know. read that link. :)
Sh0ck yee i prefer to read docs haha
Sh0ck Ooh so this is what speeds up docker builds
Sh0ck Always wondered which part did tht
dr|z3d but really, I'd recommend creating an i2p user and running i2p from there.
Sh0ck What would be the best way to ensure it stays up to date
Sh0ck Because i am very much willing to do that
Sh0ck If i can be sure that i keep it up to date :)
dr|z3d i2p user -> enable dev updates.
Sh0ck Im setting up the user and stuff as we speak
dr|z3d set the update check interval to 4 hours if you want everything as up to date as possible. and download, verify, install.
dr|z3d on /configupdate (after you've installed to your new /home/i2p/i2p folder).
Sh0ck dr|z3d
Sh0ck I could not get it to run on its own user
Sh0ck The router starts but it binds to the sockets
Sh0ck It opens its listeners but nothing happens after that nothing loads
Sh0ck I had to return to the ocker version, Could this be an issue with ubuntu
Sh0ck What distro should i run i2pplus on
Sh0ck Because im at the point where im gonna make a VM
Sh0ck And i just want this to work
dr|z3d I run i2pplus on ubuntu just fine.
Sh0ck Ok does not work for me
Sh0ck I got openjdk21
Sh0ck it starts the router according to the i2prouter console output
Sh0ck And then it just hangs after that
Sh0ck Does not get past the wrapper
dr|z3d have you got it running correctly *without* making any changes to *anything* ?
Sh0ck Yes on gentoo
Sh0ck On my desktop
Sh0ck It worked out of the box using the installer.exe with java -ja
Sh0ck -jar
Sh0ck Honestly i think it might just be a config thing
dr|z3d it should work out of the box on pretty much any OS.
Sh0ck Yeah
Sh0ck The normal tunnel for the epsite works
Sh0ck What if i just point it to the backend
dr|z3d are you using a web server tunnel for the backend you're trying to reach? if it's using websockets, maybe try a standard tunnel instead.
Sh0ck I will try that i guess but ti did used to just work without that
dr|z3d review /logs .. always review /logs .. I can't recommend much if I don't have anything to go on.
Sh0ck Now it does not make a preview button
dr|z3d it won't for a standard tunnel. only http and irc.
dr|z3d but if you expand the view (+ button, global tunnel control header) you'll see the b32 when it's started.
Sh0ck Yeah i am trying to get that base32
Sh0ck But where there normally is a button there now is sometext.....
Sh0ck So i cannot get it through the tunnel manager
Sh0ck IT WORKS
Sh0ck So it still copies it if you click it
Sh0ck Let me get the base32 for you
Sh0ck mjjszapj7ayly33fishvz3nqn3wi6m26uxcjp3wtutxi34wweadq.b32.i2p It will be slow as shit
Sh0ck But you should be able to build a route to it
Sh0ck Let me up the tunnel count
Sh0ck For a more stable connection
Sh0ck Hmm so the issue is just that it cannot handle plain htto client
Sh0ck On my setup
Sh0ck socket works fine
Sh0ck I have added more outbound and inbound tunnels so its running now and ill leave this server tunnel running for a few hours to see how stable it gets
Sh0ck But this is really nice because that means i dont have to migrate all my i2psnark torrents, Thanks for brainstorming with me dr|z3d and others that have helped
Sh0ck I really apriciate how welcoming the i2p community has been so far
Sh0ck Something i have high respect for :)
dr|z3d $ eephead mjjszapj7ayly33fishvz3nqn3wi6m26uxcjp3wtutxi34wweadq.b32.i2p
dr|z3d ➤ Initiating eephead probe of mjjszapj7ayly33fishvz3nqn3wi6m26uxcjp3wtutxi34wweadq.b32.i2p…
dr|z3d • URL: mjjszapj7ayly33fishvz3nqn3wi6m26uxcjp3wtutxi34wweadq.b32.i2p
dr|z3d • Server: nginx/1.29.1
dr|z3d • Status: 200 OK
dr|z3d • Content-Type: text/html; charset=utf-8
dr|z3d • Content-Length: -1
dr|z3d • Cache-Control: public, max-age=30
dr|z3d • X-FrameOptions: DENY
dr|z3d • Content-Security-Policy:
Sh0ck Niiiiiiice
Sh0ck Thank you so much for helping us with this
dr|z3d glad we got you sorted.
Sh0ck Now my dev can finally continue anonymizing misskey so that we can run a frontend for it behind i2p
Sh0ck Bringing our federated social media instance to i2p
Sh0ck I will take the tunnel offline and setup an encrypted tunnel so that people do not accidently use the site while we are still solving its leaked response issue
dr|z3d look fwd to it.
Sh0ck Yeah initially i thought all we had to do was some sub_filters and proxy_rewrites but unfortunatly the app has websockets so we have to alter the code to make it work, the main devs of misskey have been super chill helping my mate out making this possible , and im glad we caught the leak issue day one
dr|z3d if it's working now under /home/i2p/i2p .. leave it that way, best option.
Sh0ck yeah im not touching it further, everything in this works perfectly
Sh0ck if i want to go the dedicated route ill setup a new vm
Sh0ck Dedicated for just that
Sh0ck Im definetly moving the double VPN project with i2p to tomorrow haha, spent waay too much time after my standby shift working on this
Sh0ck Was a cool proj, Would allow my friends friends who are stuck under censored nets to access my services/i2p through me and then all other traffic goes through another VPN as egress from my net
Sh0ck Bringing i2p access to my friends who are not very technical
dr|z3d sounds good
dr|z3d make sure you set appropriate csp headers in nginx.
dr|z3d you'll also want to set a different cache policy for static content on the server that doesn't change. "immutable" recommended, faster for clients, less load on the server.
Sh0ck Yeah we did the csp thing today
Sh0ck Im right now testing with inspect
Sh0ck And everything seems to be going through i2p now
Sh0ck But much longer testing is required
Sh0ck the csp thing looks like it has done alot and the new code also really helps
dr|z3d also, Sh0ck, open i2p/i2prouter and add the username it's running under and uncomment RUN_AS_USER
dr|z3d so RUN_AS_USER=i2p for example.
dr|z3d then you can `sudo i2p/i2prouter install` and create a systemd service which you can manage with service i2p {stop|start|restart|status}
Sh0ck dr|z3d Already have multiple systemd services haha, i use them religiously
dr|z3d great, just letting you know there's a simple way to enable that for i2p.
dr|z3d note: do NOT run i2p as root.
Sh0ck It works super well now under the docker container,
Sh0ck Defo not
Sh0ck The day i let a java application have root access is the day i resign as an engineer
dr|z3d I thought you had it working properly under an i2p user account.. like I said, that's the best option. docker, not so much.
Sh0ck Could not get it to work
Sh0ck And it probably is because of all the shit that runs on that machine
Sh0ck There are around 40 containers running on there
Sh0ck Besides that its ubuntu server wich always does wach shit for me
Sh0ck I would prolly run Debian or Suse for the router, something simple with good support if i'd run it on its own user
dr|z3d well, whatever works for you I guess. never had an issue with ubuntu.
Sh0ck I have various issues with ubuntu but that is more the choices they make like snapd and netplan, I also do not really trust some of their devs considering they might have certain connections but regardless of that i still use it for my work laptop because it plays nice with most proprietary bs hardware they use at the office
Sh0ck ¯\_(ツ)_/¯
dr|z3d well, snap I can agree with you there. it's one of the first things I purge from any install.
Sh0ck I maintained a "Terror list" at the department at my previous company, it had a counter of grievences we had with it, lets say netplan, snapd and canonacle were in the top 10
Sh0ck First place with infinite grievences of course goes to Oracle
Sh0ck Mainly their enterprise stuff
Sh0ck And the fact they never heard of package managers before when upgrading oracle DB's
Sh0ck How would i properly encrypt a domain?
Sh0ck Or do i understand leasesetencryption wrong?
cumlord stats.i2p/i2p/plugins/i2psnark-rpc.su3 is a useful plugin will give snark rpc support, so can work with arrs
Sh0ck Omg cumlord, Thank you!
Sh0ck This is amazing
cumlord should just be enabling it on the server tunnel, getting the key, then on client router they add the destination and key to the keyring, they they should be able to access it
cumlord welcome :)
cumlord search is probably borked for now
Sh0ck He could not resolve the b32.i2p
cumlord he added it to /configkeyring on routerconsole?
Sh0ck Yee
Sh0ck It worked on i2p
Sh0ck but not yet on +
Sh0ck Figured it prolly would be a user error of me
cumlord think i've had to give it the full b64 for it to add it before
Sh0ck Whats an easy way to get it out of the hidden service tunnel again
Sh0ck Im a bit blazed :')
cumlord if it needs lookup password it'd probably not show up for them without it, theres a bunch of options haven't tried them all i usually just do the simple encrypted (psk) option since normally i just make them for my own use
Sh0ck No just PSK
cumlord lol
cumlord in tunnel manager go to the tunnel page, b64 should show up there
Sh0ck Local destination
cumlord that sounds right
Sh0ck I input that in that ting?
RN also, when you make the change to encrypted leaseset, it might take ~10 min for that change to take effect so your test user can see it
cumlord yeah give your friend the b64 and the encryption key, then they paste that into /configkeyring
cumlord you shouldn't need to do anything since it's your tunnel, should just work locally on that router
Sh0ck If hes not falling asleep
Sh0ck mans tired lol
Sh0ck Yeah he said goodbye
Sh0ck Haha
Sh0ck Made it 30 minutes into the movie :')
cumlord lmao didn't make it far XD
Sh0ck Hes put in a valliant effort thats for sure
Sh0ck The midnight theme is sublime
cumlord tried to narrow down why connection to SAM http server fails seemingly randomly, sometimes the client http tunnel sends a tls handshake, and it looks like it just drops the stream
cumlord ¯\_(ツ)_/¯
T3s|4 Sh0ck: yep, dr|z3d's really done some excellent tweaking, and I don't mean only limited to themes. Both midnight and dark look great on my 4K laptop or TV monitors :D
cumlord jshpy2yougiw6e4eieyetiosgeonpyde2u5adrlnkuuqcvhrhgea.b32.i2p is the test tunnel
Sh0ck That is pretty dope
Sh0ck cumlord Is that a i2p irc network i have not joined yet <_<?
cumlord there's a lot of good stuff in plus ;)
Sh0ck Yee its really nice for what i want to do with the gateway project im doing
cumlord its nice when it works, it should work now for irc, http and outproxy
cumlord yeah but irc.simp.i2p is the more stable one
Sh0ck Is it connected to this network?
Sh0ck I know alot of networks share relats
Sh0ck relays*
cumlord fuzzing it now so probably a bit fucked, it's doing its own filtering for irc and http
Sh0ck I see
Sh0ck They are connected
cumlord Yup simprelay connects some channels for most of them
Sh0ck But i have no voice in the simp chan
Sh0ck Does simp have more channels?
cumlord I’ll give it, battling a spammer across networks
Sh0ck Oh i think i heard about that
Sh0ck Prolly some skid
cumlord That link if it actually loads should show them but #i2p-news and #guessthesong
cumlord that’s what I’ve heard lol i think I might know who it is anyway