As promised, archetectural notes: Gatekeeper:
Provides a mechanism for freenet to fetch content from other protocols in a distributed, anonymous manner and insert it into freenet. Architectural Notes: The gatekeeper is a framework for allowing freenet to get data from other protocols and insert it when it can't find that data in freenet. It does this in a distributed anonymous manner. When a query runs out of hops to live, or when a DataPending request gets a Data Not Found message, freenet then asks the GateKeeper for the data. The GateKeeper checks if the request is in the insertion keyspace of any of its gateways, and if it is, asks that gateway to get the data. Once the data is returned from the gateway, it is inserted into freenet with a 1 day DBR. In order for gateways to have enough information to fetch data from another protocol, an extension has been made to the freenet protocol. A "GatewayHint" has been added to requests which contains the original freenet URI of the request. Unfortunatly, this hint makes freenet a bit more vulnerable to traffic analysis by a hostile node. A hostile node can see what was requested just by looking at the hint. Without the hint, the hostile node would have to do the extra work of actually looking up the data requested to see what it is. Because of this, whether or not the gateway hint is added to a request is configurable. If you don't want the hint added, set the addGatewayHint parameter to false. This also means that your requests will never proxy out to another protocol. Freenet documents are assumed to be static. This is not true of other protocols. For this reason, the GateKeeper inserts with a one day DBR. Functionally, this is equivilant to a 1 day cache of the other protocol. Because of the re-direct, this depends upon freenet's routing to be working well. The insert takes place several hops away from where the request originated and returns the re-direct. If routing is not working, the insert could put the actual data where it won't be found by the original requester when it follows the redirect. Thus, paradoxically, decreasing hops to live actually increases the reliability of the proxy gateway mechanism. Implimentation notes: To proxy out to urls that have question marks in them, as many Wiki systems to, question marks and colons in urls are escaped. There is no support of the post. Gateway Developer Notes: So, you're feeling ambitious and would like to create a gateway for freenet to slurp data from your favourite protocol in a distributed anonymous way. In order to create a gateway out to another protocol such as news or gnutella, what you have to do is to create a class that implements freenet.node.gatekeeper.Gateway. Your class must understands your protocal well enough to provide a freenet.node.gatekeeper.TypedBucket that gets data from your protocol. If you are looking for an example, freenet.node.gatekeeper.url.UrlGateway is a gateway to the protocols that java natively supports with a URL. Once you have implimented your gateway, add your gateway class to the list of gateway classes in the gatekeeper.gateways option. The GateKeeper will use reflection to instantiate your class and add it to its internal array of gateways. User Documentation: Freenet can function as a distributed, anonymous, caching proxy/gateway out to other protocols. How your node participates as a gateway to other protocols is up to you. The following options control the behavior of all gateways. Note that there are additional options for individual gateways. addGatewayHint: Controls whether your node generates queries that may gateway out to other protocols. gatekeeper.gateways : A list of gateways that your node supports. Currently there is only a "url" gateway that proxies out to http and ftp. If you don't want your freenet node to ever proxy out to other protocols in response to requests, set this to an empty string. gatekeeper.insertHTL : The hops to that the GateKeeper uses when it inserts data fetched from some gateway. Url gateway: An example gateway that allows freenet to function as a caching, distributed, anonymous gateway to protocols that java can natively address as a URL. This lets freenet proxy out to http, https, and ftp. User Documentation: The URL gateway allows freenet to function as a distributed, anonymous, caching proxy to the web, not entirely unlike peekabooty. By default, http is inserted at freenet:KSK at http/, https is inserted at KSK at https/, and ftp is inserted at freenet:KSK at ftp. Thus to get at http://www.foo.org/index.html, you would request KSK at http/www.foo.org/index.html. Because the UrlGateway inserts KSKs, it is easy to insert bogus material. You can't trust that what you fetch from freenet was pulled from the net rather than inserted manually by someone with a mischeivous streak. Authoritative mirrors of particular portions of the web may be set up by groups of people by using SSK keys. Let's walk through an example of how to do this. Suppose a group of people, are irritated because some prankster has inserted the complete works of William Shakespeare where the UrlGateway would normal put their favourite website, http://www.phreenet.org. The first thing these people have to do is to somehow distribute amongst themselves the private key for the SSK where they will be inserting the website. Once they have the private key, each person modifies their gatekeeper.urlGateway.insertionPoints and gatekeeper.urlGateway.proxyPoints options so their gateways will insert http://www.phreenet.org under the SSK, like this: gatekeeper.urlGateway.insertionPoints=SSK at SOMEPRIVATEKEY/phreenet/,KSK at http/,freenet:KSK at https/,freenet:KSK at ftp gatekeeper.urlGateway.proxyPoints=http://www.phreenet.org/,http://,https://,ftp:// And that's all there is too it, with the following caveats: Since the private key sits in the freenet.conf file, this private key is vulnerable. If you are also inserting controverisal material, use a different private key. This method of mirroring is not as anonymous as just inserting data into freenet. It takes a number of freenet nodes to mirror a site this way reliably. The number of nodes is related to the chance of a query getting to one of the nodes during a random walk. This is related to the size of freenet itself. For papers on finding replicated items with a random walk in a network, see: http://parapet.ee.princeton.edu/~sigm2002/papers/p258-lv.pdf Storing Data Permanently: Periodically, people complain about how freenet can't store data permanently. They would like their node to not forget particular things. Of course, there are two problems with a node that doesn't forget particular keys. First of all, it isn't very anonymous if your node is the "authoratiative node" for a particular key. Secondly, the freenet network will forget the route to the key even if your node does not forget the key itself. If you don't believe this, here is your chance to experiment and learn the hard way. Use the UriGateway and file: urls to proxy out to files on your hard-drive. You'll soon discover that while you can always get to them from your freenet node, the same will not be true of other nodes. Get your free encrypted email at https://www.hushmail.com _______________________________________________ devl mailing list devl at freenetproject.org http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/devl
