Re: [freenet-support] unable to get Freenet going on OS X 10.2.8
On Tuesday 05 June 2007 10:24, Luke771 wrote: As for the NAT thing, I'm behind a NAT where I can't do port forwarding (evil ISP) and my 0.7 node works perfectly... well, almost perfectly: I can't peer to nodes that are also behind a NAT and with no forwarded ports, but that's not much of a limitation, I can connect to almost all nodes, as not many of them are NAT'ed and with no forwarded ports, Really? My assumption has always been that nobody forwards ports. You should be able to connect anyway though, unless your ISP's NAT is really nasty. pgpQ3y0WF34Pj.pgp Description: PGP signature ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] unable to get Freenet going on OS X 10.2.8
Matthew Toseland wrote: On Tuesday 05 June 2007 10:24, Luke771 wrote: As for the NAT thing, I'm behind a NAT where I can't do port forwarding (evil ISP) and my 0.7 node works perfectly... well, almost perfectly: I can't peer to nodes that are also behind a NAT and with no forwarded ports, but that's not much of a limitation, I can connect to almost all nodes, as not many of them are NAT'ed and with no forwarded ports, Really? My assumption has always been that nobody forwards ports. You should be able to connect anyway though, unless your ISP's NAT is really nasty. I often helper noobs on #freenet-refs with port forwarding, so I guess someone does port forwarding after all. (how well they do that is a different story) The ISP's NAT is like this: There's an integrated router/switch/hub that includes VoIP software and does DHCP, the ISP calls this kind of router HAG (home access gateway), they run cisco OS (that's what nMap says) and don't answer to http or telnet, the only open port appears to be the VoIP one (sorry, I forgot the number and what the protocol is called, the protocola commonly associated to that port is something like h.300(something)/h.(other number) and someone told me that it's VoIP. When they come to hook you up they bring theis integrated router that has three rj45 and two rj11 sockets, only one of the rj11 works, you connect your telephone there, but if you use the wrong one, you'll always hear the 'busy' tone. The ISP controls the router remotely (I hate that), and as if that wasn't bad enough, there's a whole lot of actions that will trigger a safety thingy that will disconnect you, for instance, the home users' standard contract limits the number of machines to three (yes, I could use a 2-NIC machine, a hub, and connect 12 pc's, but that's not the point), the router reads the mac of each box that connects to it, and I've heard of people who got disconnected for changing a network adapter: the software doesn't count how many boxes are actually connected, it simply disconnects you when it sees the fourth mac. A phonecall to the customer service (works 24/7) usually fixes that right away, but it's annoying anyway. I could go on with more reasons why I call them a evil ISP but this mail is getting too long, besides being 99% off-topics, so I won't; I'll tell some of the things that happens with this kind of connection, and why I don't switch ISP: I can't run stuff like eMule (legal files only, of course), I'd get low ID only, Bittorrent does work, but only on outbound connections, the check your port forwarding icon is always up. And when I tried to set up a 0.5 node, I could only painfully crawl to a couple of index sites, nothing more. I did have problems with nodes that wouldn't connect as peers even on 0.7, that heppended only two times so far, and I don't get any NAT detected error message; looks like Freenet works pretty well even from behind a NAT (with exclusion of some expecially nasty NAT's, but that doesn't seem to be my case) One fun thing about the evil ISP is that their network topology is insane: it's made out of many MAN that connect to each other in a mega WAN, so if you know as little as I do about networking that would be enough to explore what from your box's point of view appears to be a huge LAN. Now, as long as people like myself explore the network out of curiosity, there's no problem; the problems begin when someone less honest than myself realizes that he's on the same LAN as a lot of unaware and computer-illiterate windows users, who don't have any administrator password, always log in as administrator, have lots of open ports including 139 without even knowing what an 'open port' is, and save sensitive data in 'my documents' labelled as important.doc bank.doc visa.doc and so forth, and the ISP only think about making more money off their customes (you want to be accessible from the internet? 4 euros a day!!!) and disconnects people for changing nework adapter, instead of setting up a network where committing crimes would be at least a bit less easy. Oh, and the reason I don't switch ISP is that in this country there's no other ISP that can provide that kind of speed, expecially on upload (10/10Mbit), if I dump the evil one, the best I can get is a 6Mbit doen/ 1Mbit up adsl connection. Some would say what the heck you need a ten mbit connection for, if you can't really use it... and that's not even completely wrong, the point is that I'm used with this speed now, and getting used to lowes speeds would be a real pain in the ...head. Expecially the first times. I was gonna add another couple of paragraphs about how bad the contract conditions are, but now it's really growing *too* big, so I'll cut it here. Sorry for the long, offtopics mail (no that's not gonna become a habit) Luke ___ Support mailing list Support@freenetproject.org
Re: [freenet-support] unable to get Freenet going on OS X 10.2.8
In Firefox the proxy settings are under Edit/Preferences/Advanced/Network/Settings =that's on Linux, the Windows version goes Tools/preferences, etc (never used FF on MacOS) There are several quick proxy switching extensions for FF, my favorite is Switch Proxy Tool (in button mode, not the whole toolbar: hide the toolbar and use the rightclick/customize shortcut, or View/Toolbars/Customize toolbars; once you install Switch Proxy Tool and restart, you'll be able to draw and drop a button to one of your toolbars, that button will add an item for each proxy you set up to a drop-down menu) I have my browser set to use Tor and I browse freesites using the line http://127.0.0.1:/ before the key, which is equivalent of setting the proxy to 127.0.0.1 port and only pasting the key in the address field, but using the whole proxy:port line (which overrides your proxy settings) and having the browser set to use a fairly reliable anonymizing proxy, you have the double protection provided by that proxy setting that will route your communications thru the Tor network if you click on a non-Freenet link (i2p can also be used that way). Freenet will warn you and ask if you are sure before going to a non-Freenet location. As for the NAT thing, I'm behind a NAT where I can't do port forwarding (evil ISP) and my 0.7 node works perfectly... well, almost perfectly: I can't peer to nodes that are also behind a NAT and with no forwarded ports, but that's not much of a limitation, I can connect to almost all nodes, as not many of them are NAT'ed and with no forwarded ports, Ben Dougall wrote: Thanks very much for the reply. On Monday, June 4, 2007, at 10:28 pm, Matthew Toseland wrote: Check your browser proxy settings. You want to set no proxy for 127.0.0.1. I can't see any proxy setting in either Firefox nor Safari's preferences. I've certainly never turned any on before. There is a Proxy settings tab in the Network panel in the System preferences, but no setting are on here apart from one box is checked: Use Passive FTP Mode (PASV) which I guess is nothing to do with this. BTW your airport is almost certainly a NAT, but that shouldn't prevent you from accessing your node's local interface. I think it does allow NAT but NAT is not turned on. ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED] ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] unable to get Freenet going on OS X 10.2.8
On Monday, June 4, 2007, at 10:44 pm, Ben Dougall wrote: On Monday, June 4, 2007, at 10:28 pm, Matthew Toseland wrote: BTW your airport is almost certainly a NAT, but that shouldn't prevent you from accessing your node's local interface. I think it does allow NAT but NAT is not turned on. Sorry, that's wrong. You're right Matthew, the base station is making me be behind a NAT. The Airport base station is set up to share one IP address using DHCP and NAT. (Not sure about the firewall aspect of it though. Don't think it is a firewall so I don't think I am behind a firewall but I'm not sure.) So that makes this question more important I think: Why doesn't my freenet.ini file contain anything that seems to resemble a node.listenPort number? According to a FAQ on the Freenet site Configure your NAT or firewall to forward connections to the node.listenPort number (You can find it in a file called freenet.ini in the freenet folder), to the same port on your computer (you will probably need to know your computer's internal IP address which will often begin with 192.168.x.x). Remember that freenet 0.7 uses UDP. but I can't do that as I don't know what the listen port number is. How can I find out what that is? Thanks. ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] unable to get Freenet going on OS X 10.2.8
Ben Dougall wrote: On Monday, June 4, 2007, at 10:44 pm, Ben Dougall wrote: On Monday, June 4, 2007, at 10:28 pm, Matthew Toseland wrote: BTW your airport is almost certainly a NAT, but that shouldn't prevent you from accessing your node's local interface. I think it does allow NAT but NAT is not turned on. Sorry, that's wrong. You're right Matthew, the base station is making me be behind a NAT. The Airport base station is set up to share one IP address using DHCP and NAT. (Not sure about the firewall aspect of it though. Don't think it is a firewall so I don't think I am behind a firewall but I'm not sure.) So that makes this question more important I think: Why doesn't my freenet.ini file contain anything that seems to resemble a node.listenPort number? According to a FAQ on the Freenet site Configure your NAT or firewall to forward connections to the node.listenPort number (You can find it in a file called freenet.ini in the freenet folder), to the same port on your computer (you will probably need to know your computer's internal IP address which will often begin with 192.168.x.x). Remember that freenet 0.7 uses UDP. but I can't do that as I don't know what the listen port number is. How can I find out what that is? I suspect the current real problem is that the node is not starting. Check for a wrapper.log file in directory where Freenet was installed. That should be able to tell us what went wrong. You can verify that Freenet is not running by two methods: ./run.sh status will tell you and netstat -an |egrep -i tcp.* will show one or more lines of output with LISTEN or LISTENING in them. ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] unable to get Freenet going on OS X 10.2.8
On Tuesday, June 5, 2007, at 03:51 pm, David Sowder wrote: I suspect the current real problem is that the node is not starting. Check for a wrapper.log file in directory where Freenet was installed. That should be able to tell us what went wrong. You can verify that Freenet is not running by two methods: ./run.sh status will tell you and netstat -an |egrep -i tcp.* will show one or more lines of output with LISTEN or LISTENING in them. Yes, thanks very much for that info -- most helpful (that info should be put on/linked to from the welcome.html page that gets included in the install, and on the install page, as there's a real lack of info as to what to do if connecting to http://127.0.0.1:/wizard -- a what to do if you can't connect to that bit) 1/tmpcd /Applications/Freenet/ 2/Applications/Freenet./run.sh start Starting Freenet 0.7... 3/Applications/Freenet./run.sh status Freenet 0.7 is not running. 4/Applications/Freenetnetstat -an |egrep -i tcp.* 5/Applications/Freenet and I waited a while between it saying Starting Freenet, and me typing in the two tests to see if it's running. So it isn't running. A section of the wrapper.log file follows below. It looks like the section I've included below was repeated pretty much exactly the same several times in the wrapper.log file. This was from the start of the file. Is this the problematic bit?: java.security.NoSuchAlgorithmException: SHA-256 MessageDigest not available If so does this mean that the implementation or version of Java I'm using isn't up to the required level? A newer version would solve this? Or might it be possible to add the missing bit (SHA-256 MessageDigest) without a whole upgrade? Thanks. STATUS | wrapper | 2007/06/04 19:43:04 | -- Wrapper Started as Daemon STATUS | wrapper | 2007/06/04 19:43:04 | Launching a JVM... INFO | jvm 1| 2007/06/04 19:43:06 | Wrapper (Version 3.2.3) http://wrapper.tanukisoftware.org INFO | jvm 1| 2007/06/04 19:43:06 | Copyright 1999-2006 Tanuki Software, Inc. All Rights Reserved. INFO | jvm 1| 2007/06/04 19:43:06 | INFO | jvm 1| 2007/06/04 19:43:07 | INFO | jvm 1| 2007/06/04 19:43:07 | Created log files INFO | jvm 1| 2007/06/04 19:43:07 | freenet.jar built with freenet-ext.jar Build #13 r12938 INFO | jvm 1| 2007/06/04 19:43:08 | Detected PowerPC! INFO | jvm 1| 2007/06/04 19:43:08 | INFO: Optimized native BigInteger library 'net/i2p/util/libjbigi-osx-ppc.jnilib' loaded from resource INFO | jvm 1| 2007/06/04 19:43:09 | Initializing Node using Freenet Build #1036 r13439 and freenet-ext Build #13 r12938 with Apple Computer, Inc. JVM version 1.4.1_01-24 running on ppc Mac OS X 10.2.8 INFO | jvm 1| 2007/06/04 19:43:11 | FNP port created on 0.0.0.0:18227 INFO | jvm 1| 2007/06/04 19:43:11 | Testnet mode DISABLED. You may have some level of anonymity. :) INFO | jvm 1| 2007/06/04 19:43:11 | Note that this version of Freenet is still a very early alpha, and may well have numerous bugs and design flaws. INFO | jvm 1| 2007/06/04 19:43:11 | In particular: YOU ARE WIDE OPEN TO YOUR IMMEDIATE DARKNET PEERS! They can eavesdrop on your requests with relatively little difficulty at present (correlation attacks etc). INFO | jvm 1| 2007/06/04 19:43:13 | Check your JVM settings especially the JCE!java.security.NoSuchAlgorithmException: SHA-256 MessageDigest not available INFO | jvm 1| 2007/06/04 19:43:13 | java.security.NoSuchAlgorithmException: SHA-256 MessageDigest not available INFO | jvm 1| 2007/06/04 19:43:13 | at java.security.Security.getEngineClassName(Security.java:583) INFO | jvm 1| 2007/06/04 19:43:13 | at java.security.Security.getEngineClassName(Security.java:594) INFO | jvm 1| 2007/06/04 19:43:13 | at java.security.Security.getImpl(Security.java:1043) INFO | jvm 1| 2007/06/04 19:43:13 | at java.security.MessageDigest.getInstance(MessageDigest.java:120) INFO | jvm 1| 2007/06/04 19:43:13 | at freenet.crypt.SHA256.getMessageDigest(SHA256.java:368) INFO | jvm 1| 2007/06/04 19:43:13 | at freenet.node.Node.initNodeFileSettings(Node.java:659) INFO | jvm 1| 2007/06/04 19:43:13 | at freenet.node.Node.init(Node.java:1010) INFO | jvm 1| 2007/06/04 19:43:13 | at freenet.node.NodeStarter.start(NodeStarter.java:148) INFO | jvm 1| 2007/06/04 19:43:13 | at org.tanukisoftware.wrapper.WrapperManager$12.run(WrapperManager.java:278 8) STATUS | wrapper | 2007/06/04 19:43:15 | -- Wrapper Stopped ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] unable to get Freenet going on OS X 10.2.8
On Wednesday, June 6, 2007, at 12:03 am, Juiceman wrote: I'm not sure about this, but from the log it appears to be a problem with SHA-256. Looking at http://java.sun.com/j2se/1.4.2/docs/guide/security/ It seems that SHA-256 might not have been added until version 1.4.2 You may just need to update your Java. BTW 1.4.1 has a security issue and minimum 1.4.2 is recommended. Oh. The only info I found on the Java minimum version was Java version 1.4.1 and later will work. However, be aware that there are applet security vulnerabilities in all versions prior to Java 1.5 update 4. Generally, we recommend using Java 1.5. which is here http://freenetproject.org/download.html but that was under the Unix, and Linux heading so probably specifically for those OSs. Right, so it seems to be my version of Java isn't up to it. OK thanks. I think Java 1.4.1 is the latest version for OS X 10.2.8 so I suppose I'll have to try a later version of OS X to get a later version of Java. Pretty sure somewhere said OS X 10.2.8 was OK for Freenet 0.7. Oh well. Thanks. ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] unable to get Freenet going on OS X 10.2.8
On 6/5/07, Ben Dougall [EMAIL PROTECTED] wrote: On Wednesday, June 6, 2007, at 12:03 am, Juiceman wrote: I'm not sure about this, but from the log it appears to be a problem with SHA-256. Looking at http://java.sun.com/j2se/1.4.2/docs/guide/security/ It seems that SHA-256 might not have been added until version 1.4.2 You may just need to update your Java. BTW 1.4.1 has a security issue and minimum 1.4.2 is recommended. Oh. The only info I found on the Java minimum version was Java version 1.4.1 and later will work. However, be aware that there are applet security vulnerabilities in all versions prior to Java 1.5 update 4. Generally, we recommend using Java 1.5. which is here http://freenetproject.org/download.html but that was under the Unix, and Linux heading so probably specifically for those OSs. Right, so it seems to be my version of Java isn't up to it. OK thanks. I think Java 1.4.1 is the latest version for OS X 10.2.8 so I suppose I'll have to try a later version of OS X to get a later version of Java. Pretty sure somewhere said OS X 10.2.8 was OK for Freenet 0.7. Oh well. Thanks. Well, OS X 10.2.8 itself isn't the problem. I guess no one was aware of the Java version limitation. I'm sorry to hear that. :( If you feel adventurous maybe you can download 1.4.2 and copy the libraries over the 1.4.1 files... I have know idea what will happen... ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] unable to get Freenet going on OS X 10.2.8
On Wednesday, June 6, 2007, at 12:56 am, Juiceman wrote: Well, OS X 10.2.8 itself isn't the problem. I guess no one was aware of the Java version limitation. I'm sorry to hear that. :( Not to worry, at least I know now. If you feel adventurous maybe you can download 1.4.2 and copy the libraries over the 1.4.1 files... I have know idea what will happen... Sounds like potential trouble. I'll try installing OS X 10.3 in the near future and see how that goes. Thanks. ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] unable to get Freenet going on OS X 10.2.8
Maybe it's a firewall/NAT issue? I actually have no idea if I'm behind a firewall/NAT or not I'm afraid. I'm connected to the net via a home broadband connection which goes into an ADSL ethernet modem, to an Airport (wireless) base station, to my laptop. Some people have told me your base station is not a firewall and others have told me your base station acts as a firewall. That's why I have no idea if I'm behind a firewall or not. In the Sharing system preferences panel I have the firewall (which is a software one on my machine I think) turned off, and there are no firewall settings turned on or off on the base station that I'm aware of. So whether the base station is causing me to not be able to connect to http://127.0.0.1:/wizard/ I'm not sure. Freenet's help docs are not helping. Assuming the base station is acting as a firewall/NAT, here http://freenetproject.org/faq.html#firewall it says: How do I get freenet working with a Firewall/NAT? ... Configure your NAT or firewall to forward connections to the node.listenPort number (You can find it in a file called freenet.ini in the freenet folder), to the same port on your computer (you will probably need to know your computer's internal IP address which will often begin with 192.168.x.x). Remember that freenet 0.7 uses UDP. There is no such information in the freenet.ini file from what I can tell. This is what that file looks like: node.updater.enabled=true [EMAIL PROTECTED]:/// Applications/Freenet/plugins/Librarian.jar;[EMAIL PROTECTED]:/// Applications/Freenet/plugins/UPnP.jar;[EMAIL PROTECTED]:/// Applications/Freenet/plugins/ JSTUN.jar;[EMAIL PROTECTED]:///Applications/ Freenet/plugins/MDNSDiscovery.jar; fproxy.enabled=true fproxy.port= fcp.enabled=true fcp.port=9481 console.enabled=true console.port=2323 fproxy.enabled=true fproxy.port= fcp.enabled=true fcp.port=9481 console.enabled=true console.port=2323 Any help / suggestions as to why it's not possible for me to access http://127.0.0.1:/wizard/ would be much appreciated. Ben. ___ Support mailing list Support@freenetproject.org http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://emu.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]