IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#ls2
/2023/02/21
weko orignal: we just need set limit of ping. Minimum is 130ms , but I think we should setup smth like 250ms or maybe 300ms
orignal dr|z3d the current problem is
orignal there are too many idiots connect to i2p though Tor
obscuratus I had always assumed that TOR exit nodes tightly controlled the open ports. But doing some searching, I see it's up to each exit node to decide on their policy.
orignal even for outgoing connections?
obscuratus Yeah, that's what I was talking about, primarily.
orignal doesn't seem so
orignal I use it a lot for IRC connection for example
dr|z3d they provide a basic template for blocking ports which excludes smtp etc.
dr|z3d or block all the ports and you opt out of exit node duties.
orignal emerlandonion doesn't seem to block anything
obscuratus If all the exit node had a limited range of un-blocked ports, how would an exit node be used to contact an I2P router?
obscuratus This blog post may be out-of-date (last updated 2018), but I'm looking at item 6.
dr|z3d a) they don't. and b) if they did you'd select an open port for your i2pd router.
orignal guys, I don't know what are you talking about
orignal but my i2pd for proxy test works fine through Tor
orignal including ipv6
obscuratus orignal: I'm looking at your assertion earlier: <orignal> there are too many idiots connect to i2p though Tor
orignal and I'm one of these idiots for testing purposes
dr|z3d most exit node operators have a fairly permissive set of open ports.
orignal it just works
orignal that's it
obscuratus dr|z3d: OK, I'm saying it badly, because I'm trying to say what you just said. :)
orignal I'm just saying that there are more people use Tor to connect to I2P than I assues before
orignal it partctically means we must exclude them from tunnels
orignal they can have thier own slow tunnels
orignal but shouldn't affect others
obscuratus A I2P incoming connection from a TOR exit node would need to have unreachable caps now, right. Or else updated routers will see the IP doesn't match the RI, and ploink the connection.
orignal i2pd doesn't set any cap about it
orignal neither R no U
orignal because it's not clear that's even U
orignal and NTCP2 address without IP
dr|z3d what about an ip lookup and adding a "Tor" cap if it's using Tor, orignal?
orignal I have better idea
orignal use new caps about transit
dr|z3d G cap for Tor nodes?
orignal Tor node must set G or whatever means no-transit
dr|z3d G is "go away" aka no transit.
orignal G caps not for Tor only but for any routres connected through proxy
orignal if you are connected trough Tor please publish this cap
dr|z3d that's good, but only while no one's messing with the source to remove that cap.
orignal if you are connected through Tor and don't publish this cap then ban
orignal if you use tor and remove this cap you are an advesary
dr|z3d so you'll still need to do an ip lookup.
orignal I can do it using separate script
orignal just go thhough netdb and profiles folder and check
dr|z3d pull down the exit list at router start and on a schedule perhaps, then you can check.
orignal yes good idea
obscuratus If several of these guys end up trying to use the same TOR exit point, I *think* the next release of java I2P will ban that IP address.
orignal they use emerlandonion
orignal I have another idea about router changing IP address every minute
orignal what if it's "multihoming" of RouterInfo?