weko
orignal: we just need set limit of ping. Minimum is 130ms , but I think we should setup smth like 250ms or maybe 300ms
orignal
dr|z3d the current problem is
orignal
there are too many idiots connect to i2p though Tor
obscuratus
I had always assumed that TOR exit nodes tightly controlled the open ports. But doing some searching, I see it's up to each exit node to decide on their policy.
orignal
even for outgoing connections?
obscuratus
Yeah, that's what I was talking about, primarily.
orignal
doesn't seem so
orignal
I use it a lot for IRC connection for example
dr|z3d
they provide a basic template for blocking ports which excludes smtp etc.
dr|z3d
or block all the ports and you opt out of exit node duties.
orignal
emerlandonion doesn't seem to block anything
obscuratus
If all the exit node had a limited range of un-blocked ports, how would an exit node be used to contact an I2P router?
obscuratus
This blog post may be out-of-date (last updated 2018), but I'm looking at item 6.
dr|z3d
a) they don't. and b) if they did you'd select an open port for your i2pd router.
orignal
guys, I don't know what are you talking about
orignal
but my i2pd for proxy test works fine through Tor
orignal
including ipv6
obscuratus
orignal: I'm looking at your assertion earlier: <orignal> there are too many idiots connect to i2p though Tor
orignal
yes
orignal
and I'm one of these idiots for testing purposes
dr|z3d
most exit node operators have a fairly permissive set of open ports.
orignal
it just works
orignal
that's it
obscuratus
dr|z3d: OK, I'm saying it badly, because I'm trying to say what you just said. :)
orignal
I'm just saying that there are more people use Tor to connect to I2P than I assues before
orignal
it partctically means we must exclude them from tunnels
orignal
they can have thier own slow tunnels
orignal
but shouldn't affect others
obscuratus
A I2P incoming connection from a TOR exit node would need to have unreachable caps now, right. Or else updated routers will see the IP doesn't match the RI, and ploink the connection.
orignal
i2pd doesn't set any cap about it
orignal
neither R no U
orignal
because it's not clear that's even U
orignal
and NTCP2 address without IP
dr|z3d
what about an ip lookup and adding a "Tor" cap if it's using Tor, orignal?
orignal
I have better idea
orignal
use new caps about transit
dr|z3d
G cap for Tor nodes?
orignal
Tor node must set G or whatever means no-transit
dr|z3d
G is "go away" aka no transit.
orignal
G caps not for Tor only but for any routres connected through proxy
orignal
if you are connected trough Tor please publish this cap
dr|z3d
that's good, but only while no one's messing with the source to remove that cap.
orignal
if you are connected through Tor and don't publish this cap then ban
orignal
easy
orignal
if you use tor and remove this cap you are an advesary
dr|z3d
so you'll still need to do an ip lookup.
orignal
I can do it using separate script
orignal
just go thhough netdb and profiles folder and check
dr|z3d
pull down the exit list at router start and on a schedule perhaps, then you can check.
orignal
yes good idea
obscuratus
If several of these guys end up trying to use the same TOR exit point, I *think* the next release of java I2P will ban that IP address.
orignal
they use emerlandonion
orignal
I have another idea about router changing IP address every minute
orignal
what if it's "multihoming" of RouterInfo?