333.i2p

If you are considering an overlay for Java i2p, Nix provides the best current router.
The command is i2prouter-plain. It is a variation of the Official java i2p that is good. If you are a Qubes user with Nix overlays, and I do know there are many... you are aware that it also goes through Tor.

http://bicoankyijabtj2nlwzjmr4mamybr6bgc6xclpvs...

https://webtorrent.io/faq

Obviously i2p had webtorrent years ago. Maybe the same french "mec"/dude/celovek.

A good list for torrent software. There are others.

The web is censored greatly so gooluck.

Big Proposal For i2p Browser

NYXT browser is a very hackable browser. Instead of playing catch-up with the spy browsers this can be set up probably with 1 month of work and verified by NotBob.i2p and Reg.i2p

You can see that there is interest:
https://discourse.atlas.engineer/t/tor-v3-onion...

I did some setup myself but I'm not really ready for that kind of commitment.

Большое предложение для i2p-браузера

NEXT browser - очень взломаемый браузер. Вместо того, чтобы играть в догонялки с браузерами-шпионами, это можно настроить, вероятно, за 1 месяц работы и проверить с помощью NotBob.i2p и Reg.i2p

Вы можете видеть, что интерес есть:
https://discourse.atlas.engineer/t/tor-v3-onion...

Я сам кое-что настроил, но на самом деле я не готов к такого рода обязательствам.

http://retrobbs.i2p/rocksolid/article-flat.php?...

I recently asked a few standby favors from some corporate IT people running RHEL9 (the whore sister being Rocky Linux). In case of network attack to start i2p+ & i2pd with a choice reseed file. A few hundred routers should help... maybe.
The problem is that Snap installs of i2pd do not have a Start Stop feature in /snap/bin. It does install as Supervillain describes it in the tutorial, replace 8 with 9, a few lines are not necessary but cause no problems.
It would be nice if i2pd would be off and you could start/stop.

About Rocky Linux: It's a mess. Unless you are a terminal masochist, stay away. Some problems...
The install of the security profiles fails, the dump fails, btrfs not supported, XFS shaky at best... so much stinky crap. Privacy 0 security 1 on a -10 to 10 StarBucks rating (you do your install and updates at StarBucks on a Walmart bought computer =bottom of the shit bucket consumer grade). I mean this: GARBAGE!

The Yandex translation did not work that well for me. It felt mechanical.

Ребят, а есть решение для этих микроконтроллеров. Что если собирать такие прокси.
засунул дома и цепляйся или вообще с собой таскать на батарейке.

Так как я придумываю идеи, которые давно в релизе может быть уже есть готовое решение?

English:
There are some C modules microcontrolores that support i2pd. Somebody was able to get one working. The overhead in manhours is high even though the hardware prices are low.
There was a Haskwell router too.

I've been testing i2pd 2.46.1 through Tor with i2p+Snark (OpenJDK 19.2 guix pack) and Qbit.

The good news is that they do feed of each other for torrents and the downloads are faster.

i2p+ Snark 2.3
8 / 10 Mulholland.Dr.2001.REMASTERED.1080p.BluRay.x265-RARBG 180 min 324 M / 2.29 G 192 K/s

qbittorrent-4.6.0beta1_lt20_x86_64.AppImage
5/5 Something 150 K/s

The bad news is that tunnel creation rate dropped to 44% from close to 60 and the surfing of sites becomes extremely slow.

Do NOT go into mixed mode (i2p/tor/clearnet) with qbit because it takes less than 15 minutes to be discovered. Tribler does a much better job for clear-net pirate torrents hands down. I'm not trying to bash Qbit which is the BEST clear-net torrent client. Just have the facts from my location.

zpkg & junest

I've been on a bad streak lately. Everything I tried did not work. I've spent 2 hours on zpkg and 2 hours on junest. None of them worked for me. I tried some other things like gentoo for Debian (sudo apt install gentoo). Nothing worked.

Has anybody got something i2p related with zpkg or junest?

https://ihucos.github.io/zpkg/
https://github.com/fsquillace/junest

I gave up on Ubuntu and i2pd 2.48. There are to many problems with both. This is from a very good router:
user@disp9934 ~ $ top -b | head
top - 08:46:24 up 1:02, 1 user, load average: 1.74, 1.32, 1.17
Tasks: 181 total, 2 running, 179 sleeping, 0 stopped, 0 zombie
%Cpu(s): 0.0 us, 0.0 sy, 50.0 ni, 43.8 id, 0.0 wa, 3.1 hi, 0.0 si, 3.1 st
MiB Mem : 2534.0 total, 643.1 free, 839.2 used, 1051.7 buff/cache
MiB Swap: 1024.0 total, 1023.2 free, 0.8 used. 1490.1 avail Mem

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
989 user 39 19 730232 114436 16640 R 100.0 4.4 54:10.58 tracker+
1 root 20 0 98476 11008 8448 S 0.0 0.4 0:00.13 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
user@disp9934 ~ $ sudo du -shx ~i2pd/[pn][e]*
du: cannot access '/var/lib/i2pd/[pn][e]*': No such file or directory
user@disp9934 ~ $

This should be probably in a new topic.
Is there a torrent client for yggdrasil? Maybe a modified aria2?
I also have some i2pd routers that collapse on Yggdrasil but the same setup works through Tor.

Both snapstore and github downloads are not available anymore. It appears that the flatpak too suffers from the problem.

amnesia@amnesia:~$ top -b | head
top - 15:56:38 up 9:23, 1 user, load average: 0.16, 0.34, 0.16
Tasks: 224 total, 1 running, 222 sleeping, 0 stopped, 1 zombie
%Cpu(s): 0.0 us, 3.0 sy, 3.0 ni, 93.9 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
MiB Mem : 3779.7 total, 273.7 free, 1980.9 used, 1525.0 buff/cache
MiB Swap: 7875.5 total, 7567.0 free, 308.5 used. 1407.2 avail Mem

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1827 amnesia 26 6 173280 7552 6784 S 6.2 0.2 0:00.15 ibus-en+
6483 amnesia 26 6 22912 4096 3328 R 6.2 0.1 0:00.01 top
1 root 20 0 166712 11348 7892 S 0.0 0.3 0:01.62 systemd
amnesia@amnesia:~$ sudo -shx ~i2pd/[pn][e]*
sudo: unable to resolve host x: Temporary failure in name resolution
[sudo] password for amnesia:
/bin/bash: line 1: ~i2pd/[pn][e]*: No such file or directory
amnesia@amnesia:~$

I will try to troubleshoot further to see if it has to do with NetworkManager or some other OS thing. Currently my suspicion is the router 60%. Check also the reviews from the snapstore. I have older routers that are running fine at 60% tunnel building so I do not suspect any general attack.

I had a Snap Store router installed with gnome-software Ubuntu Jammy stop building tunnels after 10 hours. I can't post logs because the whole test OS died. I saw a lot of negative reviews too. Can anybody confirm the story?

I tried another router with the github binary install and a similar thing happened.(Ubuntu Jammy)

It might be from the French riots. They attacked Tor and Tor downloads/updates. Even this site has login problems. They started to booby trap more than a few weeks ago. Usually things show on reboot if no-UEFI was used. I'm nowhere near the riots and I lost a lot of French based software. Try to see if Mik's tobrowser-downloader works. That is a sure test....

Self signed certificates are always a problem in Android. You can try this:
https://stackoverflow.com/questions/1217141/sel...

I faced this issue yesterday, while migrating our company's RESTful API to HTTPS, but using self-signed SSL certificates.

I've looking everywhere, but all the "correct" marked answers I've found consisted of disabling certificate validation, clearly overriding all the sense of SSL.

I finally came to a solution:

Create Local KeyStore

To enable your app to validate your self-signed certificates, you need to provide a custom keystore with the certificates in a manner that Android can trust your endpoint.

The format for such custom keystores is "BKS" from BouncyCastle, so you need the 1.46 version of BouncyCastleProvider that you can download here.

You also need your self-signed certificate, I will assume it's named self_cert.pem.

Now the command for creating your keystore is:

<!-- language: lang-sh -->

$ keytool -import -v -trustcacerts -alias 0 \
-file *PATH_TO_SELF_CERT.PEM* \
-keystore *PATH_TO_KEYSTORE* \
-storetype BKS \
-provider org.bouncycastle.jce.provider.BouncyCastleProvider \
-providerpath *PATH_TO_bcprov-jdk15on-146.jar* \
-storepass *STOREPASS*

PATH_TO_KEYSTORE points to a file where your keystore will be created. It MUST NOT EXIST.

PATH_TO_bcprov-jdk15on-146.jar.JAR is the path to the downloaded .jar libary.

STOREPASS is your newly created keystore password.

Include KeyStore in your Application

Copy your newly created keystore from PATH_TO_KEYSTORE to res/raw/certs.bks (certs.bks is just the file name; you can use whatever name you wish)

Create a key in res/values/strings.xml with

<!-- language: lang-xml -->

<resources>
...
<string name="store_pass">*STOREPASS*</string>
...
</resources>

Create a this class that inherits DefaultHttpClient

import android.content.Context;
import android.util.Log;
import org.apache.http.conn.scheme.PlainSocketFactory;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.params.HttpParams;

import java.io.IOException;
import java.io.InputStream;
import java.security.*;

public class MyHttpClient extends DefaultHttpClient {

private static Context appContext = null;
private static HttpParams params = null;
private static SchemeRegistry schmReg = null;
private static Scheme httpsScheme = null;
private static Scheme httpScheme = null;
private static String TAG = "MyHttpClient";

public MyHttpClient(Context myContext) {

appContext = myContext;

if (httpScheme == null || httpsScheme == null) {
httpScheme = new Scheme("http", PlainSocketFactory.getSocketFactory(), 80);
httpsScheme = new Scheme("https", mySSLSocketFactory(), 443);
}

getConnectionManager().getSchemeRegistry().register(httpScheme);
getConnectionManager().getSchemeRegistry().register(httpsScheme);

}

private SSLSocketFactory mySSLSocketFactory() {
SSLSocketFactory ret = null;
try {
final KeyStore ks = KeyStore.getInstance("BKS");

final InputStream inputStream = appContext.getResources().openRawResource(R.raw.certs);

ks.load(inputStream, appContext.getString(R.string.store_pass).toCharArray());
inputStream.close();

ret = new SSLSocketFactory(ks);
} catch (UnrecoverableKeyException ex) {
Log.d(TAG, ex.getMessage());
} catch (KeyStoreException ex) {
Log.d(TAG, ex.getMessage());
} catch (KeyManagementException ex) {
Log.d(TAG, ex.getMessage());
} catch (NoSuchAlgorithmException ex) {
Log.d(TAG, ex.getMessage());
} catch (IOException ex) {
Log.d(TAG, ex.getMessage());
} catch (Exception ex) {
Log.d(TAG, ex.getMessage());
} finally {
return ret;
}
}
}

Now simply use an instance of **MyHttpClient** as you would with **DefaultHttpClient** to make your HTTPS queries, and it will use and validate correctly your self-signed SSL certificates.

HttpResponse httpResponse;

HttpPost httpQuery = new HttpPost("https://yourserver.com";);
... set up your query ...

MyHttpClient myClient = new MyHttpClient(myContext);

try{

httpResponse = myClient.(peticionHttp);

// Check for 200 OK code
if (httpResponse.getStatusLine().getStatusCode() == HttpURLConnection.HTTP_OK) {
... do whatever you want with your response ...
}

}catch (Exception ex){
Log.d("httpError", ex.getMessage());
}

Yandex translation:
Good time of day.
Who understands, I would like to know.
How can I implement the I2P protocol into an Android application so that all traffic passes through it? Roughly speaking, so that the application works completely on this protocol
I didn't find much information on this topic on the web

It does depend on the app. Yes SAM is a good generic answer. You can read the notbob.i2p blog topic about i2p Snark on Android and get some other general ideas. Nothing is easy. If you are more specific you can get more answers.

Это действительно зависит от приложения. Да, СЭМ - хороший общий ответ. Вы можете прочитать тему блога notbob.i2p о i2pSnark на Android и получить некоторые другие общие идеи. Ничто не дается легко. Если вы будете более конкретны, то сможете получить больше ответов.

Yandex:
After upgrading to version 2.47.0, the "E" flag was added to the "Router Caps" field in addition to the flags already installed. For example, I have a set of "Router Caps: XfR" for a couple of days, and then suddenly "Router Caps: XfRE" appears for an indefinite time. What are the reasons?

All my router caps are L.
My guess is that it relates to memory or swap. This question is more for the developers. You can try shutting down some apps or have some activity monitor for processes. You can also test with Kaisen or similar your os. See if a live OS does the same thing.

Those who don't know, teach. I have never setup of xmpp server and on top i2p setup has challenges (3-4 simultaneous users per router by my estimate). If I would start today and daniel.i2p software did not work (he has instructions for Tor) I would try openfire:
https://www.igniterealtime.org/projects/openfire/
It is the most used xmpp by far. Gajim client does not work for me and I use Psi+.
When you do the testing:
1. Create a family and all the routers should be in the family.
2. The final testing should be with the routers subscribing to each other and xmpp before you actually you move to the final stage: just a subscription to xmpp server.