Re: [freenet-support] unable to get Freenet going on OS X 10.2.8

[Matthew Toseland]

On Tuesday 05 June 2007 10:24, Luke771 wrote:
 As for the NAT thing, I'm behind a NAT where I can't do port forwarding
 (evil ISP) and my 0.7 node works perfectly... well, almost perfectly: I
 can't peer to nodes that are also behind a NAT and with no forwarded
 ports, but that's not much of a limitation, I can connect to almost all
 nodes, as not many of them are NAT'ed and with no forwarded ports,

Really? My assumption has always been that nobody forwards ports. You should 
be able to connect anyway though, unless your ISP's NAT is really nasty.


pgpQ3y0WF34Pj.pgp
Description: PGP signature
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

Re: [freenet-support] unable to get Freenet going on OS X 10.2.8

[Luke771]

Matthew Toseland wrote:
  On Tuesday 05 June 2007 10:24, Luke771 wrote:
  As for the NAT thing, I'm behind a NAT where I can't do port forwarding
  (evil ISP) and my 0.7 node works perfectly... well, almost perfectly: I
  can't peer to nodes that are also behind a NAT and with no forwarded
  ports, but that's not much of a limitation, I can connect to almost all
  nodes, as not many of them are NAT'ed and with no forwarded ports,
 
  Really? My assumption has always been that nobody forwards ports. You 
should
  be able to connect anyway though, unless your ISP's NAT is really nasty.
 

I often helper noobs on #freenet-refs with port forwarding, so I guess 
someone does port forwarding after all. (how well they do that is a 
different story)

The ISP's NAT is like this:
There's an integrated router/switch/hub that includes VoIP software and 
does DHCP, the ISP calls this kind of router HAG (home access 
gateway), they run cisco OS (that's what nMap says) and don't answer to 
http or telnet, the only open port appears to be the VoIP one (sorry, I 
forgot the number and what the protocol is called, the protocola 
commonly associated to that port is something like 
h.300(something)/h.(other number) and someone told me that it's VoIP.

When they come to hook you up they bring theis integrated router that 
has three rj45 and two rj11 sockets, only one of the rj11 works, you 
connect your telephone there, but if you use the wrong one, you'll 
always hear the 'busy' tone.

The ISP controls the router remotely (I hate that), and as if that 
wasn't bad enough, there's a whole lot of actions that will trigger a 
safety thingy that will disconnect you, for instance, the home users' 
standard contract limits the number of machines to three (yes, I could 
use a 2-NIC machine, a hub, and connect 12 pc's, but that's not the 
point), the router reads the mac of each box that connects to it, and 
I've heard of people who got disconnected for changing a network 
adapter: the software doesn't count how many boxes are actually 
connected, it simply disconnects you when it sees the fourth mac. A 
phonecall to the customer service (works 24/7) usually fixes that right 
away, but it's annoying anyway.

I could go on with more reasons why I call them a evil ISP but this 
mail is getting too long, besides being 99% off-topics, so I won't; I'll 
tell some of the things that happens with this kind of connection, and 
why I don't switch ISP:

I can't run stuff like eMule (legal files only, of course), I'd get low 
ID only, Bittorrent does work, but only on outbound connections, the 
check your port forwarding icon is always up.
And when I tried to set up a 0.5 node, I could only painfully crawl to a 
couple of index sites, nothing more.

I did have problems with nodes that wouldn't connect as peers even on 
0.7, that heppended only two times so far, and I don't get any NAT 
detected error message; looks like Freenet works pretty well even from 
behind a NAT (with exclusion of some expecially nasty NAT's, but that 
doesn't seem to be my case)

One fun thing about the evil ISP is that their network topology is 
insane: it's made out of many MAN that connect to each other in a mega 
WAN, so if you know as little as I do about networking that would be 
enough to explore what from your box's point of view appears to be a 
huge LAN. Now, as long as people like myself explore the network out of 
curiosity, there's no problem; the problems begin when someone less 
honest than myself realizes that he's on the same LAN as a lot of 
unaware and computer-illiterate windows users, who don't have any 
administrator password, always log in as administrator, have lots of 
open ports including 139 without even knowing what an 'open port' is, 
and save sensitive data in 'my documents' labelled as important.doc 
bank.doc visa.doc and so forth, and the ISP only think about making more 
money off their customes (you want to be accessible from the internet? 4 
euros a day!!!) and disconnects people for changing nework adapter, 
instead of setting up a network where committing crimes would be at 
least a bit less easy.

Oh, and the reason I don't switch ISP is that in this country there's no 
other ISP that can provide that kind of speed, expecially on upload 
(10/10Mbit), if I dump the evil one, the best I can get is a 6Mbit doen/ 
1Mbit up adsl connection.
Some would say what the heck you need a ten mbit connection for, if you 
can't really use it... and that's not even completely wrong, the point 
is that I'm used with this speed now, and getting used to lowes speeds 
would be a real pain in the ...head. Expecially the first times.

I was gonna add another couple of paragraphs about how bad the contract 
conditions are, but now it's really growing *too* big, so I'll cut it here.
Sorry for the long, offtopics mail (no that's not gonna become a habit)
Luke
___
Support mailing list
Support@freenetproject.org

Re: [freenet-support] unable to get Freenet going on OS X 10.2.8

[Luke771]

In Firefox the proxy settings are under 
Edit/Preferences/Advanced/Network/Settings =that's on Linux, the 
Windows version goes Tools/preferences, etc (never used FF on MacOS)

There are several quick proxy switching extensions for FF, my favorite 
is Switch Proxy Tool (in button mode, not the whole toolbar: hide the 
toolbar and use the rightclick/customize shortcut, or 
View/Toolbars/Customize toolbars; once you install Switch Proxy Tool and 
restart, you'll be able to draw and drop a button to one of your 
toolbars, that button will add an item for each proxy you set up to a 
drop-down menu)

I have my browser set to use Tor and I browse freesites using the line 
http://127.0.0.1:/ before the key, which is equivalent of setting 
the proxy to 127.0.0.1 port  and only pasting the key in the address 
field, but using the whole proxy:port line (which overrides your proxy 
settings) and having the browser set to use a fairly reliable 
anonymizing proxy, you have the double protection provided by that 
proxy setting that will route your communications thru the Tor network 
if you click on a non-Freenet link (i2p can also be used that way).
Freenet will warn you and ask if you are sure before going to a 
non-Freenet location.

As for the NAT thing, I'm behind a NAT where I can't do port forwarding 
(evil ISP) and my 0.7 node works perfectly... well, almost perfectly: I 
can't peer to nodes that are also behind a NAT and with no forwarded 
ports, but that's not much of a limitation, I can connect to almost all 
nodes, as not many of them are NAT'ed and with no forwarded ports,

Ben Dougall wrote:
 Thanks very much for the reply.
 
 On Monday, June 4, 2007, at 10:28  pm, Matthew Toseland wrote:
 
 Check your browser proxy settings. You want to set no proxy for 
 127.0.0.1.
 
 I can't see any proxy setting in either Firefox nor Safari's 
 preferences. I've certainly never turned any on before. There is a 
 Proxy settings tab in the Network panel in the System preferences, but 
 no setting are on here apart from one box is checked: Use Passive FTP 
 Mode (PASV) which I guess is nothing to do with this.
 
 BTW your airport is almost certainly a NAT, but that shouldn't prevent 
 you
 from accessing your node's local interface.
 
 I think it does allow NAT but NAT is not turned on.
 
 ___
 Support mailing list
 Support@freenetproject.org
 http://news.gmane.org/gmane.network.freenet.support
 Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
 Or mailto:[EMAIL PROTECTED]
 
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

Re: [freenet-support] unable to get Freenet going on OS X 10.2.8

[Ben Dougall]

On Monday, June 4, 2007, at 10:44  pm, Ben Dougall wrote:

 On Monday, June 4, 2007, at 10:28  pm, Matthew Toseland wrote:

 BTW your airport is almost certainly a NAT, but that shouldn't prevent
 you
 from accessing your node's local interface.

 I think it does allow NAT but NAT is not turned on.

Sorry, that's wrong. You're right Matthew, the base station is making 
me be behind a NAT. The Airport base station is set up to share one IP 
address using DHCP and NAT. (Not sure about the firewall aspect of it 
though. Don't think it is a firewall so I don't think I am behind a 
firewall but I'm not sure.)

So that makes this question more important I think:

Why doesn't my freenet.ini file contain anything that seems to resemble 
a node.listenPort number? According to a FAQ on the Freenet site
 Configure your NAT or firewall to forward connections to the
 node.listenPort number (You can find it in a file called freenet.ini
 in the freenet folder), to the same port on your computer (you will
 probably need to know your computer's  internal IP address which will
 often begin with 192.168.x.x). Remember that freenet 0.7 uses UDP.
but I can't do that as I don't know what the listen port number is. How 
can I find out what that is?

Thanks.

___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

Re: [freenet-support] unable to get Freenet going on OS X 10.2.8

[David Sowder]

Ben Dougall wrote:
 On Monday, June 4, 2007, at 10:44  pm, Ben Dougall wrote:
   
 On Monday, June 4, 2007, at 10:28  pm, Matthew Toseland wrote:
 
 BTW your airport is almost certainly a NAT, but that shouldn't prevent
 you
 from accessing your node's local interface.
   
 I think it does allow NAT but NAT is not turned on.
 

 Sorry, that's wrong. You're right Matthew, the base station is making 
 me be behind a NAT. The Airport base station is set up to share one IP 
 address using DHCP and NAT. (Not sure about the firewall aspect of it 
 though. Don't think it is a firewall so I don't think I am behind a 
 firewall but I'm not sure.)

 So that makes this question more important I think:

 Why doesn't my freenet.ini file contain anything that seems to resemble 
 a node.listenPort number? According to a FAQ on the Freenet site
   
 Configure your NAT or firewall to forward connections to the
 node.listenPort number (You can find it in a file called freenet.ini
 in the freenet folder), to the same port on your computer (you will
 probably need to know your computer's  internal IP address which will
 often begin with 192.168.x.x). Remember that freenet 0.7 uses UDP.
 
 but I can't do that as I don't know what the listen port number is. How 
 can I find out what that is?
   
I suspect the current real problem is that the node is not starting.  
Check for a wrapper.log file in directory where Freenet was installed.  
That should be able to tell us what went wrong.

You can verify that Freenet is not running by two methods:

./run.sh status

will tell you and

netstat -an |egrep -i tcp.*

will show one or more lines of output with LISTEN or LISTENING in them.
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

Re: [freenet-support] unable to get Freenet going on OS X 10.2.8

[Ben Dougall]

On Tuesday, June 5, 2007, at 03:51  pm, David Sowder wrote:

 I suspect the current real problem is that the node is not starting.
 Check for a wrapper.log file in directory where Freenet was installed.
 That should be able to tell us what went wrong.

 You can verify that Freenet is not running by two methods:

 ./run.sh status

 will tell you and

 netstat -an |egrep -i tcp.*

 will show one or more lines of output with LISTEN or LISTENING in them.

Yes, thanks very much for that info -- most helpful (that info should  
be put on/linked to from the welcome.html page that gets included in  
the install, and on the install page, as there's a real lack of info as  
to what to do if connecting to http://127.0.0.1:/wizard -- a what  
to do if you can't connect to that bit)

1/tmpcd /Applications/Freenet/
2/Applications/Freenet./run.sh start
Starting Freenet 0.7...
3/Applications/Freenet./run.sh status
Freenet 0.7 is not running.
4/Applications/Freenetnetstat -an |egrep -i tcp.*
5/Applications/Freenet

and I waited a while between it saying Starting Freenet, and me typing  
in the two tests to see if it's running. So it isn't running.

A section of the wrapper.log file follows below. It looks like the  
section I've included below was repeated pretty much exactly the same  
several times in the wrapper.log file. This was from the start of the  
file.

Is this the problematic bit?:  java.security.NoSuchAlgorithmException:  
SHA-256 MessageDigest not available

If so does this mean that the implementation or version of Java I'm  
using isn't up to the required level? A newer version would solve this?  
Or might it be possible to add the missing bit (SHA-256  
MessageDigest) without a whole upgrade?

Thanks.


STATUS | wrapper  | 2007/06/04 19:43:04 | -- Wrapper Started as Daemon
STATUS | wrapper  | 2007/06/04 19:43:04 | Launching a JVM...
INFO   | jvm 1| 2007/06/04 19:43:06 | Wrapper (Version 3.2.3)  
http://wrapper.tanukisoftware.org
INFO   | jvm 1| 2007/06/04 19:43:06 |   Copyright 1999-2006 Tanuki  
Software, Inc.  All Rights Reserved.
INFO   | jvm 1| 2007/06/04 19:43:06 |
INFO   | jvm 1| 2007/06/04 19:43:07 |   
INFO   | jvm 1| 2007/06/04 19:43:07 | Created log files
INFO   | jvm 1| 2007/06/04 19:43:07 | freenet.jar built with  
freenet-ext.jar Build #13 r12938
INFO   | jvm 1| 2007/06/04 19:43:08 | Detected PowerPC!
INFO   | jvm 1| 2007/06/04 19:43:08 | INFO: Optimized native  
BigInteger library 'net/i2p/util/libjbigi-osx-ppc.jnilib' loaded from  
resource
INFO   | jvm 1| 2007/06/04 19:43:09 | Initializing Node using  
Freenet Build #1036 r13439 and freenet-ext Build #13 r12938 with Apple  
Computer, Inc. JVM version 1.4.1_01-24 running on ppc Mac OS X 10.2.8
INFO   | jvm 1| 2007/06/04 19:43:11 | FNP port created on  
0.0.0.0:18227
INFO   | jvm 1| 2007/06/04 19:43:11 | Testnet mode DISABLED. You  
may have some level of anonymity. :)
INFO   | jvm 1| 2007/06/04 19:43:11 | Note that this version of  
Freenet is still a very early alpha, and may well have numerous bugs  
and design flaws.
INFO   | jvm 1| 2007/06/04 19:43:11 | In particular: YOU ARE WIDE  
OPEN TO YOUR IMMEDIATE DARKNET PEERS! They can eavesdrop on your  
requests with relatively little difficulty at present (correlation  
attacks etc).
INFO   | jvm 1| 2007/06/04 19:43:13 | Check your JVM settings  
especially the JCE!java.security.NoSuchAlgorithmException: SHA-256  
MessageDigest not available
INFO   | jvm 1| 2007/06/04 19:43:13 |  
java.security.NoSuchAlgorithmException: SHA-256 MessageDigest not  
available
INFO   | jvm 1| 2007/06/04 19:43:13 |   at  
java.security.Security.getEngineClassName(Security.java:583)
INFO   | jvm 1| 2007/06/04 19:43:13 |   at  
java.security.Security.getEngineClassName(Security.java:594)
INFO   | jvm 1| 2007/06/04 19:43:13 |   at  
java.security.Security.getImpl(Security.java:1043)
INFO   | jvm 1| 2007/06/04 19:43:13 |   at  
java.security.MessageDigest.getInstance(MessageDigest.java:120)
INFO   | jvm 1| 2007/06/04 19:43:13 |   at  
freenet.crypt.SHA256.getMessageDigest(SHA256.java:368)
INFO   | jvm 1| 2007/06/04 19:43:13 |   at  
freenet.node.Node.initNodeFileSettings(Node.java:659)
INFO   | jvm 1| 2007/06/04 19:43:13 |   at  
freenet.node.Node.init(Node.java:1010)
INFO   | jvm 1| 2007/06/04 19:43:13 |   at  
freenet.node.NodeStarter.start(NodeStarter.java:148)
INFO   | jvm 1| 2007/06/04 19:43:13 |   at  
org.tanukisoftware.wrapper.WrapperManager$12.run(WrapperManager.java:278 
8)
STATUS | wrapper  | 2007/06/04 19:43:15 | -- Wrapper Stopped
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

Re: [freenet-support] unable to get Freenet going on OS X 10.2.8

[Ben Dougall]

On Wednesday, June 6, 2007, at 12:03  am, Juiceman wrote:


 I'm not sure about this, but from the log it appears to be a problem
 with SHA-256.

 Looking at http://java.sun.com/j2se/1.4.2/docs/guide/security/  It
 seems that SHA-256 might not have been added until version 1.4.2

 You may just need to update your Java.  BTW 1.4.1 has a security issue
 and minimum 1.4.2 is recommended.


Oh. The only info I found on the Java minimum version was

  Java version 1.4.1 and later will work. However, be aware that there 
 are applet security vulnerabilities in all versions prior to Java 1.5 
 update 4. Generally, we recommend using Java 1.5.

which is here http://freenetproject.org/download.html but that was 
under the Unix, and Linux heading so probably specifically for those 
OSs.

Right, so it seems to be my version of Java isn't up to it. OK thanks. 
I think Java 1.4.1 is the latest version for OS X 10.2.8 so I suppose 
I'll have to try a later version of OS X to get a later version of 
Java. Pretty sure somewhere said OS X 10.2.8 was OK for Freenet 0.7. Oh 
well.

Thanks.

___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

Re: [freenet-support] unable to get Freenet going on OS X 10.2.8

[Juiceman]

On 6/5/07, Ben Dougall [EMAIL PROTECTED] wrote:

 On Wednesday, June 6, 2007, at 12:03  am, Juiceman wrote:

 
  I'm not sure about this, but from the log it appears to be a problem
  with SHA-256.
 
  Looking at http://java.sun.com/j2se/1.4.2/docs/guide/security/  It
  seems that SHA-256 might not have been added until version 1.4.2
 
  You may just need to update your Java.  BTW 1.4.1 has a security issue
  and minimum 1.4.2 is recommended.


 Oh. The only info I found on the Java minimum version was

   Java version 1.4.1 and later will work. However, be aware that there
  are applet security vulnerabilities in all versions prior to Java 1.5
  update 4. Generally, we recommend using Java 1.5.

 which is here http://freenetproject.org/download.html but that was
 under the Unix, and Linux heading so probably specifically for those
 OSs.

 Right, so it seems to be my version of Java isn't up to it. OK thanks.
 I think Java 1.4.1 is the latest version for OS X 10.2.8 so I suppose
 I'll have to try a later version of OS X to get a later version of
 Java. Pretty sure somewhere said OS X 10.2.8 was OK for Freenet 0.7. Oh
 well.

 Thanks.

Well, OS X 10.2.8 itself isn't the problem.  I guess no one was aware
of the Java version limitation.

I'm sorry to hear that.  :(

If you feel adventurous maybe you can download 1.4.2 and copy the
libraries over the 1.4.1 files...  I have know idea what will
happen...
___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

Re: [freenet-support] unable to get Freenet going on OS X 10.2.8

[Ben Dougall]

On Wednesday, June 6, 2007, at 12:56  am, Juiceman wrote:

 Well, OS X 10.2.8 itself isn't the problem.  I guess no one was aware
 of the Java version limitation.

 I'm sorry to hear that.  :(

Not to worry, at least I know now.

 If you feel adventurous maybe you can download 1.4.2 and copy the
 libraries over the 1.4.1 files...  I have know idea what will
 happen...

Sounds like potential trouble. I'll try installing OS X 10.3 in the 
near future and see how that goes.

Thanks.

___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

Re: [freenet-support] unable to get Freenet going on OS X 10.2.8

[Ben Dougall]

Maybe it's a firewall/NAT issue?

I actually have no idea if I'm behind a firewall/NAT or not I'm afraid.  
I'm connected to the net via a home broadband connection which goes  
into an ADSL ethernet modem, to an Airport (wireless) base station, to  
my laptop. Some people have told me your base station is not a  
firewall and others have told me your base station acts as a  
firewall. That's why I have no idea if I'm behind a firewall or not.  
In the Sharing system preferences panel I have the firewall (which is a  
software one on my machine I think) turned off, and there are no  
firewall settings turned on or off on the base station that I'm aware  
of.

So whether the base station is causing me to not be able to connect to  
http://127.0.0.1:/wizard/ I'm not sure. Freenet's help docs are not  
helping. Assuming the base station is acting as a firewall/NAT, here  
http://freenetproject.org/faq.html#firewall it says:

 How do I get freenet working with a Firewall/NAT?
...
 Configure your NAT or firewall to forward connections to the   
 node.listenPort number (You can find it in a file called freenet.ini  
 in the freenet folder), to the same port on your computer (you will  
 probably need to know your computer's  internal IP address which will  
 often begin with 192.168.x.x). Remember that freenet 0.7 uses UDP.

There is no such information in the freenet.ini file from what I can  
tell. This is what that file looks like:

node.updater.enabled=true
[EMAIL PROTECTED]:/// 
Applications/Freenet/plugins/Librarian.jar;[EMAIL PROTECTED]:/// 
Applications/Freenet/plugins/UPnP.jar;[EMAIL PROTECTED]:/// 
Applications/Freenet/plugins/ 
JSTUN.jar;[EMAIL PROTECTED]:///Applications/ 
Freenet/plugins/MDNSDiscovery.jar;
fproxy.enabled=true
fproxy.port=
fcp.enabled=true
fcp.port=9481
console.enabled=true
console.port=2323
fproxy.enabled=true
fproxy.port=
fcp.enabled=true
fcp.port=9481
console.enabled=true
console.port=2323


Any help / suggestions as to why it's not possible for me to access  
http://127.0.0.1:/wizard/ would be much appreciated.

Ben.

___
Support mailing list
Support@freenetproject.org
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]