Re: [freenet-support] In need of opinions and ideas
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 "S" ([EMAIL PROTECTED]) makes some valid points. I didn't feel like quoting the whole thing, but... They are all moot if there's a big banner inserted onto every page which points to an explanation of freenet (as well as a disclaimer somewhere), and some per-ip bandwidth limitations, after which they get redirected to instructions on how to install their very own Freenet client. You know, hook them slow, hook them deep. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQIVAwUBQP8z6XgHNmZLgCUhAQJYIg//dsQ0r7cMpvA7YbLw4hn6Le3+/YOfkBGL 1nvMnTwVbPyegzZghetV4Pthv9SGTDEgCWPHQY4PCBoMFLmmGDupLzszg4jkfoR9 OKH1utN94qgCd0wP/w8SaSFkVIofpMuDrOEQQstHFeokXIkUT074/ycwZ18mh6Vq vwiZYeKZ/gWHM8LxQxzEW47mF+c6PYx4YJ3OHsxq3K0PNmjsQR+r1B5szDuSasNO e6yMGl5KWfevFd5W8SyPCmb5MOS76/Laat60gMCtyAvnef1Ep+m+CDPETuaGSnJr 4brkIYfdchddIeq6EzXJd//umBq7vQK0LwC7EjCTphRSCB2wA0TVGyIQTIgrCFnf bGrTHe6Krp5ihtd/8LNtBhdFl2BgnIxsFWeDem/WAZyKvpjd7gTOTekZBvBt9hPB QZmmJczo+a7G9MB2ZELpX4sqFMedyQxWoaPyfKoS53hmEKmn9cmd1yIiHgVFriFS yj0Go+3cZKDcDZRI9FFEZN5vOUK0/7oO9jBZV6YGasb2AacFXpvlWTgdZ9qXFerO WOyIIzgWX28HnBcq/Yu1brURGzif/au3KOKEBjxtXxehLsN43BkXAWHBmjNFMOEp eYJ6oezpBuKoIBkBNgojVNga1A5OMmTayIyPJw4u/5+2b7+K9U3ldeIyvpBWTnCZ AqdcPcSVmM8= =rA5v -END PGP SIGNATURE- ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Load
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 TLD wrote: | what's your mainport.allowedHosts= setting, and what's the IP of the | computer you're trying to access from? It's sane. Or you tell me: http://slaphack.com/freenet.conf http://slaphack.com/freenet.log -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQIVAwUBQP8yuHgHNmZLgCUhAQI0zQ/+POC5/kUI1lSIJuFRBN+D3zIRVBZBy0VE NTpouOBnnh5NSdoikl0Dr2I1wReyM6PVkCg7ToTcyZ66xhQ03wkDdLOTJ4IM73yY 7N7oI+gGl4B4emlm1oBZ1AExQVYGHrcZ98QU3+GdZo3MdROty5Vj3mRUhxz1KLDm 4673mNGEi4rtmL0ZAwONr7FTcf2QHF9HH/vwrYbG9VOE758Z6eNBuxBbtrFUrLnP fOq7tTFHqxaKZkRcmaSN0YMBjQC416xLicB90Grg9O6auqGQae57EJQmmveqCN8u eYFil0/JG6/46o0wA6eoXPkdIxX0eHztgPqiHgYSEfGOnBxkouwqRO5KKVdb6kMF HMDSa4BGp2MsBN420TkHy0z3/47KqY/6LyPkhr8SgBy3RJvYR5vI3GXG1eW3RoLc QU5HEYD3hH0fH8B2tiAMUAVPV3atpP3GJ22sqsgzNFyM710S80WiLW0RXEQpDl9/ EhmJDiZwyJCpCTBCeshweRKtKI0R7S5QFz0oBoxZPv0PyGydx+NiymVeO0IGqwAl ZrE1505ec+RfMVpzNoRK4/eBiZqCN08VMoA+GW//cXjhjIagYORMmILllf0xxQLs db7fp64Ph0ky/a0op6I+niIk12mu8SRgrYPdswMNcQP20o9AWOWu5RsLXlQo74VM Qrw1EkiMeWU= =Exvm -END PGP SIGNATURE- ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Load
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Toad wrote: | java -cp freenet.jar freenet.Version on a command line? Freenet: Fred 0.5 (protocol STABLE-1.50) build 5084 (last good build: 5083) | Show me it. Same as what you've been seeing in the logs, pretty much. Since it dies now same as ever. Again, those urls are http://slaphack.com/freenet.conf http://slaphack.com/freenet.log | Thanks. That log appears to start from well into execution. Ah, no, it's | because of logLevel=error. Oops. logLevel=Normal, for now. | java -version java version "1.4.1" Java(TM) 2 Runtime Environment, Standard Edition (build Blackdown-1.4.1-01) Java HotSpot(TM) Client VM (build Blackdown-1.4.1-01, mixed mode) |>| Not possible. Java applets are not able to connect to servers other than |> |>Are not allowed to. They seem to be able to, if the user clicks "yes" |>on a "do you trust these people?" dialog box. | | | Are they? Hmm. If you can prove that that would be really interesting. Googling for "Java IRC Client"... http://www.jpilot.com/products/jirc/demo1.html You're allowed to connect out to anywhere, if the user grants you permission. Or is it just me? Does this work with the bastardized Microsoft VM? | However I don't see Freenet running well as a Java applet, because it | won't run for long enough... Freenet clients should be able to find nearby nodes fairly quickly. I mean, check which hosts on the local network have a Freenet port open, traceroute to figure out if we're on NAT and try to find nodes near the gateway, etc etc. Obviously clients should be able to override that, but I think that fast node connection is feasable, if "The Network (TM)" was fast enough. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQIVAwUBQP8yW3gHNmZLgCUhAQJhZA/+JgN/uytQo5n1WKmPel2Y9LDM5V3096Je Sc/glsFEg512XBS/Gu/M2fdkPrn0pWPtiIbyAV4B6rBWwjhrOXiBe7bgRh8TV40X WP6OhF3wHqsTZImlgOsrCix/LUST/6l1qnsdHDjxkfNMaKWza9nUsIyzuvDLl5Ju mXGajo0/EzU8VYZ6rreY97s9BZtLTkcXJ++7m+XuNhrjiAQ64g9dimk43KF176T0 QOvSc4U8kFmKh4Oeb03wkWF1O+UoYl4E9OTLS16qVmOyDomF/wS2+SglUWR12XFl wm74jocGAZDBPE3FaDr5rb6AQ2gEWDJgHKZtZNJNd3ofhsq7l7AFtY7tJHRfrfy/ YhG+CNLbqpMHhHaPCms0IFk9lswaT2TLtbbJ2iCSL4qsn5jQXdXHkrcOQbcOhBI3 CGh17cKDRIDoIZHx54iDKDF+QWD4KAmv5URGzrF44ZgF/2aPQs9JQW51pYtI5Pf5 5TNQIwK3mFCgGOYaT5QGZAaZmy8bJzVRis3g9sK7hMq+bKFkF4kldawoWGv9ohsn Z+WPCxjsCgwkBKMWJ0SFd7pL+TTeSwTuk8pzAhnRA51gfN5LVHvOYzfu1hi68Mzd yikF5aJveXJuTN+HnC+NRDEAl0oOHGCH7hOYq+0Z0zEiXPPQtk0Ut+sxWn9Dwq12 X8i4S1vf9zg= =1w22 -END PGP SIGNATURE- ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] In need of opinions and ideas
On Thu, 22 Jul 2004 02:06:51 +0200 Zenon Panoussis <[EMAIL PROTECTED]> wrote: > I would really appreciate your thoughts on these issues, especially > pointers to aspects I've missed. I don't really agree with the idea that such a pr0xy would bring exposure or users to Freenet. Joe Surfer, upon finding your gatewayed content in Google, is going to click through, access the content, and move on, not realizing that he's ventured beyond the confines of the normal web. Useful to Joe Surfer, not to Freenet. Or worse, he clicks through and gets some confusing message about "Route Not Found" that makes absolutely no sense to him. No help to Freenet or to Joe Surfer. Network resources are another issue. If suddenly there are thousands of web users trying to reach Freenet content through a gateway, that's thousands more requests flooding into the network, thousands of "leeching" users, who aren't giving any resources back to Freenet. This symptom would likely be limited to some extent by your node's own ability to handle requests. A caching pr0xy would resolve the potential for network burden, but then you've got to deal with expiring cached DBR sites, the legal issues of caching the plaintext content, ... People have run public nodes before, but Google never indexed them beyond the main Web Interface page, so their audience consisted of people who a) were already Freenet users and b) knew exactly what to search for in Google to find a public node. They also don't have a tendency to be very reliable. Bringing Freenet to the entire web would, I imagine, have its own unique set of issues. Don't let me sway you one way or another on the idea, it sounds like an interesting project and would certainly be a challenge. If you get it up and running, it would be neat to see the pr0xy's stats, e.g. which countries are sending traffic, which Freesites are viewed most often, etc. -s ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Load
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Zenon Panoussis wrote: | | | David Masover wrote: | |> Of course, if you don't own |> your own computer, how can you trust it? One-way trust. Suppose my bro |> trusts me, but I don't trust him, I have root, and he wants Freenet. | | | You don't need root to run it and it's probably a good idea | to not run it as root even when you are root. | # useradd -r -d /path/to/freenet freenet | # su - freenet -c "/path/to/start-freenet.sh" | Just going by the Gentoo package, but thanks, I'll keep that in mind. I'd rather make it work first and deal with that later. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iQIVAwUBQP8pCHgHNmZLgCUhAQJmiBAAnY0vFcpdQzobqug8B9/F9jw4jxa0cBWT wEml2qCctZZkroolbFW4n2TBg5odm4po8MH2E0+thlIcJfdIjxttRFmTmcRZ82ld UZwdKPT6uwJqBbdsJ1m+8FN305KvKhXswWWwY/IlDsQRO0jkG24JTCwmKggGpm7X txPFK5VxY1HqiJ1xvgU6py9Y3qNmV+c0s+9XcHi+BDVpQBsxYpzM4abr0OoJMp9d NGcUZf13/ORuhaMAxTrr+rzXnESxbJCMj3W9kAy4xb2p5ExJpN8fzDgWyF2GC1Dc zDl6ZBiIDK7aOV8SSBi0ZU75yS6OIz784Ci2yz6tfp/2lni7J2xLO16/5tZj2yaY p1gq5Znjf08jtK43DZqICcSNae81whUuFfIEPpqTIYA3uivA0itAVGg+0mLCKZTC Ik3YH9/XX+FwR6eAdPUNbcPGMWotnl/6CBcA3E7Y+y4YwSWNPC4BxwiVmiti8Eqz wOFjaFp0Lv9b+goMLyJwRgaXV4Qd0ij+wptPiRz6vcbShuBecLz2qEPzFE/O3Q07 nRj7JD3e5PqPOS1KGHiC+GfCzOFg7jTmUF/k8qwBiFlp+Tip3WMboc5j/xOGxt5a C47Ri0rYbvOts3XdANMebq72YDqCUc+Qwx3ay8izuegl8tnZEkgCwAZcVmFUZXgD VRo1nWPJs9Y= =exCq -END PGP SIGNATURE- ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
[freenet-support] proxy search
Zenon, doing proxy stuff to let "outsiders" into freenet is inviting in the wolves. Why do that? And you'll be the first to get maimed and eaten before the rest of ALL the other Freenetters. ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
[freenet-support] In need of opinions and ideas
The whole load/logging/key harvesting discussion I started here a couple of days ago originated from my wish to make freenet searchable, especially to the non-freenet world. So I installed an open p r o x y in order to harvest keys, so that I could set up a search engine. What I only realised when I saw the p r o x y working, is that there is no need for me to run a search engine in the first place if there is an open p r o x y running. Nor do I need to have Google's army of engineers to develop algorithms to fight search engine spamming. All I need to do is feed proxied URIs to Google, and Google will take care of indexing as well as of spam fighting. I can see advantages in such an approach. Having freenet results integrated among Google results in general would be quite a push for freenet, a very good way to get more people to it. Also, the fact that freenet search results would get blended among internet web results would provide a certain footing of deniability to the users: "yes, X freesite with questionable content was perhaps among my search results, but that's not what I was searching for in the first place". And of course the fact that Google's ranking, spam combatting and response latency resources will always be a tad better than mine ;) I can also see disadvantages in this scheme. The foremost one is that if I run an open p r o x y, somweone sooner or later will claim that I am responsible for the content it serves. Nobody ever got it into their head to prosecute an ISP for content served by the ISP's proxy, but all it would take to get me prosecuted is a juicy article in a local newspaper. I don't have the protective ISP status, nor the resources to fight back. Another aspect is more philosophical. Some would say that, as long as freenet is relatively obscure and not readily available to the masses, it is left alone but, if it became bigger and more known, it would become a target for attack. Others would counter "publish and be damned". I really don't know what to make of this; how to judge benefits and risks and what is best to do when all is taken into account. Finally, there is a financial issue. If I provide a bridge between freenet and the web, then I pay for all web-to-freenet traffic. There is quite a risk that I will end up as the victim of my own good idea. This could be mitigated by others running open p r o x i e s too, perhaps with all of them being round- robined on the same web URL in order to keep Google consistent. This raises the question: would anyone else around here consider running a p r o x y? Is it realistic at all to think that, with time, there could be a network of freenet->web bridges? I would really appreciate your thoughts on these issues, especially pointers to aspects I've missed. Z -- Framtiden Ãr som en babianrÃv, fÃrggrann och full av skit. Arne Anka ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Connection/Routing problems?
[EMAIL PROTECTED] wrote: ***A couple problems so far.. All 4 sessions, It doesn't even appear to be able to access the default ... "never-fail" site.. however there is a ton of traffic, so i KNOW its finding nodes out there. I suspect something with your firewall. What does it block? Can you make it log? Z -- Framtiden är som en babianröv, färggrann och full av skit. Arne Anka ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
[freenet-support] Connection/Routing problems?
Another 12 hours or so, and still no dice. I get messages like this in my log file periodically, i'm set to log the normal mishaps, I tried minor, and was greeted with way too much to look through real quick like. Jul 21, 2004 5:59:32 AM (freenet.support.io.NIOInputStream, YThread-19, NORMAL): waited more than 5 minutes in NIOIS.read() tcp/connection: 51589>68.63.193.238:10533,[EMAIL PROTECTED]:[EMAIL PROTECTED] closing java.lang.Exception: debug at freenet.support.io.NIOInputStream.read(NIOInputStream.java:281) at java.io.FilterInputStream.read(FilterInputStream.java:66) at freenet.session.FnpLink.negotiateOutbound(FnpLink.java:632) at freenet.session.FnpLink.solicit(FnpLink.java:200) at freenet.session.FnpLinkManager.createOutgoing(FnpLinkManager.java:109) at freenet.ConnectionJob.run(ConnectionJob.java:378) at freenet.ConnectionJob.createConnection(ConnectionJob.java:78) at freenet.node.ConnectionOpener.checkpoint(ConnectionOpener.java:95) at freenet.node.states.maintenance.Checkpoint.checkpoint(Checkpoint.java:54) at freenet.node.states.maintenance.Checkpoint.received(Checkpoint.java:47) at freenet.node.StateChain.received(StateChain.java:177) at freenet.node.StateChain.received(StateChain.java:61) at freenet.node.StateChainManagingMessageHandler$ChainContainer.run(StateChainManagingMessageHandler.java:332) at freenet.node.StateChainManagingMessageHandler$ChainContainer.received(StateChainManagingMessageHandler.java:285) at freenet.node.StateChainManagingMessageHandler$ChainContainer.access$100(StateChainManagingMessageHandler.java:204) at freenet.node.StateChainManagingMessageHandler.handle(StateChainManagingMessageHandler.java:96) at freenet.Ticker$Event.run(Ticker.java:323) at freenet.thread.YThreadFactory$YThread.run(YThreadFactory.java:285) ^[[5~ Jul 21, 2004 6:01:33 AM (freenet.MuxTrailerReadManager, Network reading thread, NORMAL): Unrecognized trailer ID: 2984 on [EMAIL PROTECTED] (DSA(2e20 4edf 613e 051a 1b64 For the joyous purposes of spam here is my original dilemma > ***Ive been connected to the freenet project now for a little under 24 > hours, though i've had to restart the demon three times in that time to > fine-tune the configuration (allowing hosts, changing to a 1.5gb local > store, and tweak the max connection limit) > > ***A couple problems so far.. All 4 sessions, It doesn't even appear to be > able to access the default ... "never-fail" site.. however there is a ton > of traffic, so i KNOW its finding nodes out there. > > ---xx-x > [EMAIL PROTECTED]/TFE//ActiveLink.jpg > RouteNotFound, reason: No route found > > [EMAIL PROTECTED],NzRr-Pj88cVT0bN~1urLVg/FIND//activelink.png > RouteNotFound, reason: No route found > > [EMAIL PROTECTED]/FreenetHelp//ActiveLink.png > RouteNotFound, reason: No route found > > [EMAIL PROTECTED]/CofE//CofETitle.jpg > RouteNotFound, reason: No route found > > [EMAIL PROTECTED]/YoYo//activelink.png > RouteNotFound, reason: No route found > > [EMAIL PROTECTED]/CofE//CofETitle.jpg > Data Not found > > [EMAIL PROTECTED]/FreenetHelp//ActiveLink.png > Data Not found > > [EMAIL PROTECTED],NzRr-Pj88cVT0bN~1urLVg/FIND//activelink.png > Data Not found > > [EMAIL PROTECTED]/YoYo//activelink.png > Data Not found > > [EMAIL PROTECTED]/CofE//CofETitle.jpg > Transfer of 109 bytes started. Done. > ...Followed redirect... > > [EMAIL PROTECTED]/TFE//ActiveLink.jpg > Transfer of 108 bytes started. Done. > ...Followed redirect... > > --xx > Okay, i allowed incoming port 12326 udp/tcp, and suddenly i get another > error. > > Couldn't retrieve key: [EMAIL PROTECTED]/TFE// > Hops To Live: 15 > > Error: Data Not Foun > > > > ***Do i just need to continue waiting? ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Key harvester
On Wed, Jul 21, 2004 at 08:26:04PM +0200, Zenon Panoussis wrote: > > Toad wrote: > > >>Is there a list somewhere of the query strings used? > > >For fproxy: > > >?key= > >?htl= > >?linkhtl= > >?mime= > >?date= > >?rdate= > >?force= > > >Probably there are more for the splitfile servlet. > > I was trying to block access to ?setSimpleAdvancedMode=, > but also anticipating the existence of query strings that might > do things I wouldn't want the public to be doing. By what you > list here, I don't see the harm in removing the query string > filter altogether, but better ask: would that open any abuse > avenues, as fas as you can see? ?setSimpleAdvancedMode is the obvious one. It depends what bugs there are in publicNode=true. In theory, publicNode=true alone should provide reasonable protection. -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. signature.asc Description: Digital signature ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Key harvester
Toad wrote: Is there a list somewhere of the query strings used? For fproxy: ?key= ?htl= ?linkhtl= ?mime= ?date= ?rdate= ?force= Probably there are more for the splitfile servlet. I was trying to block access to ?setSimpleAdvancedMode=, but also anticipating the existence of query strings that might do things I wouldn't want the public to be doing. By what you list here, I don't see the harm in removing the query string filter altogether, but better ask: would that open any abuse avenues, as fas as you can see? Z -- Framtiden Ãr som en babianrÃv, fÃrggrann och full av skit. Arne Anka ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Key harvester
For fproxy: ?key= ?htl= ?linkhtl= ?mime= ?date= ?rdate= ?force= Probably there are more for the splitfile servlet. On Wed, Jul 21, 2004 at 08:05:43PM +0200, Zenon Panoussis wrote: > > I wrote: > > >I do have some mod_rewrite > >rules in the proxy configuration in order to protect status > >info etc, but this shouldn't have been caught by them, unless > >the original URI contained a query string, i.e. > >server:port/something?someother . > > That was it; there was a query string date=some_date. > Fixed that one, but there may be more. > > Is there a list somewhere of the query strings used? > > Z > > > -- > Framtiden ??r som en babianr??v, f??rggrann och full av skit. > Arne Anka > ___ > Support mailing list > [EMAIL PROTECTED] > http://news.gmane.org/gmane.network.freenet.support > Unsubscribe at > http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support > Or mailto:[EMAIL PROTECTED] -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. signature.asc Description: Digital signature ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Key harvester
I wrote: I do have some mod_rewrite rules in the proxy configuration in order to protect status info etc, but this shouldn't have been caught by them, unless the original URI contained a query string, i.e. server:port/something?someother . That was it; there was a query string date=some_date. Fixed that one, but there may be more. Is there a list somewhere of the query strings used? Z -- Framtiden Ãr som en babianrÃv, fÃrggrann och full av skit. Arne Anka ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Key harvester
Toad wrote: Seems a bit flaky. Every so often I get an Apache error. Forbidden You don't have permission to access /[EMAIL PROTECTED],aAEwN5~NVmuIvZdfqlORxg/BSIT/20// on this server. Ugh. Sometimes logging serves better purposes than policing. I can't see what went wrong there. I do have some mod_rewrite rules in the proxy configuration in order to protect status info etc, but this shouldn't have been caught by them, unless the original URI contained a query string, i.e. server:port/something?someother . I'll turn mod_rewrite logging on for a while and see. The blocks appear to prevent access to anything sensitive. I think you probably want to set publicNode=true though, Did now. Z -- Framtiden Ãr som en babianrÃv, fÃrggrann och full av skit. Arne Anka ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Key harvester
Seems a bit flaky. Every so often I get an Apache error. For example: Forbidden You don't have permission to access /[EMAIL PROTECTED],aAEwN5~NVmuIvZdfqlORxg/BSIT/20// on this server. The blocks appear to prevent access to anything sensitive. I think you probably want to set publicNode=true though, in case you missed anything. I have been trying to get it to do a splitfile download, for example, but couldn't get to an index site to find one from. In theory, publicNode=true should eliminate the need to do other blocking. On Wed, Jul 21, 2004 at 06:25:12PM +0200, Zenon Panoussis wrote: > > Alright, here's an o p e n f r e e n e t p r o x y (anti- > Google syntax): https://8 1 . 1 6 9 . 1 5 9 . 1 4 8 :8080/ > I'd appreciate feedback from anyone who cares to play with it > and/or attempt to break it. I am particularly interested in > unlinked/undocumented FProxy functions which I should have > blocked, but haven't. > > The proxy logs in this format: > > "GET /[EMAIL PROTECTED]/marlowe// HTTP/1.1" > "GET /[EMAIL PROTECTED]/fiw/11//activelink.png HTTP/1.1" > "GET /[EMAIL PROTECTED]/fmb/5// HTTP/1.1" > "GET /[EMAIL PROTECTED]/fiw/10//activelink.png HTTP/1.1" > "GET > /[EMAIL PROTECTED],GwcklYxhS7f8G9dEeJqRjA/phamnuwen//activelink.png HTTP/1.1" > > Of course you have nothing but my word on that, so do > nothing sensitive. > > Please don't spread this ouside the list for now, as long > as I don't know how well it works and whether I'll keep it > or not. > > Z > > > -- > Framtiden ??r som en babianr??v, f??rggrann och full av skit. > Arne Anka > ___ > Support mailing list > [EMAIL PROTECTED] > http://news.gmane.org/gmane.network.freenet.support > Unsubscribe at > http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support > Or mailto:[EMAIL PROTECTED] -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. signature.asc Description: Digital signature ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Key harvester
[EMAIL PROTECTED] wrote: It could be that I have yet to even browse my own "proxy" successfully. but I tried your site, and received a good 'ol --> Bad Gateway The proxy server received an invalid response from an upstream server. I restarted it two minutes ago, you must have hit it right then. Try again. Z -- Framtiden är som en babianröv, färggrann och full av skit. Arne Anka ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
[freenet-support] Re: A severe freenet exploit?? - or just FUD?
>IMHO we need to make freenet work before we >make it work>fast. And the timescale on making it work may be a >timescale of years. Ah, toad...you eternal optimist, you! ;-) Lets say decennia, to be on the safe side!! ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Key harvester
> > Alright, here's an o p e n f r e e n e t p r o x y (anti- > Google syntax): https://8 1 . 1 6 9 . 1 5 9 . 1 4 8 :8080/ > I'd appreciate feedback from anyone who cares to play with it > and/or attempt to break it. I am particularly interested in > unlinked/undocumented FProxy functions which I should have > blocked, but haven't. It could be that I have yet to even browse my own "proxy" successfully. but I tried your site, and received a good 'ol --> Bad Gateway The proxy server received an invalid response from an upstream server. Apache/2.0.46 (Red Hat) Server at 81.169.159.148 Port 8080 message, perhaps this is intentional? ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
[freenet-support] Key harvester
Alright, here's an o p e n f r e e n e t p r o x y (anti- Google syntax): https://8 1 . 1 6 9 . 1 5 9 . 1 4 8 :8080/ I'd appreciate feedback from anyone who cares to play with it and/or attempt to break it. I am particularly interested in unlinked/undocumented FProxy functions which I should have blocked, but haven't. The proxy logs in this format: "GET /[EMAIL PROTECTED]/marlowe// HTTP/1.1" "GET /[EMAIL PROTECTED]/fiw/11//activelink.png HTTP/1.1" "GET /[EMAIL PROTECTED]/fmb/5// HTTP/1.1" "GET /[EMAIL PROTECTED]/fiw/10//activelink.png HTTP/1.1" "GET /[EMAIL PROTECTED],GwcklYxhS7f8G9dEeJqRjA/phamnuwen//activelink.png HTTP/1.1" Of course you have nothing but my word on that, so do nothing sensitive. Please don't spread this ouside the list for now, as long as I don't know how well it works and whether I'll keep it or not. Z -- Framtiden Ãr som en babianrÃv, fÃrggrann och full av skit. Arne Anka ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Routing problem?/Connectivity not working
> Probably you just need to continue waiting. A few things to check > though: > 1. What did you change max connections to? > 2. Are you firewalled or behind any sort of NAT? The "Transports" box on > http://127.0.0.1:/servlet/nodeinfo/internal/env would be interesting > to see (it will give me your IP address; if the detected address is > invalid or isn't there, then you're NATted). Also if you are forwarded > correctly I could check that the port is open remotely, if I know the IP > and port. > 3. http://127.0.0.1:7888/servlet/nodestatus/nodestatus.html - show me > the top 20 lines or so. There's a lot of juicy stuff here. > maxNodeConnections=200, however other than MaxConnectionsPerMinute, Ive not changed the other settings, so its still (theoretically) working around a 75 limit What the hell, i'll just change the port once it works :P i've opened up the port to the world for a little while, it should be fun to see who tries to play with it. *mass snippage* -->Nodestatus.html Number of known routing nodes 382 Number of node references 382 Number of newbie nodes 82 Number of uncontactable nodes 0 Contacted and attempted to contact node references 382 Contacted node references 81 Contacted newbie node references81 Connections with Successful Transfers 0 Backed off nodes15 Connection Attempts 3458 Successful Connections 74 Lowest max estimated search time0ms Lowest max estimated DNF time 0ms Lowest global search time estimate 49458ms Highest global search time estimate 207487ms Lowest global transfer rate estimate0 bytes/second Highest global transfer rate estimate 0 bytes/second Lowest one hop probability of DNF 0.95 Highest one hop probability of DNF 0.95 Lowest one hop probability of transfer failure 0.95 Highest one hop probability of transfer failure 0.95 Single hop probability of QueryRejected 0.0 Single hop average time for QueryRejected 17720.0 Single hop probability of early timeout 1.0 Single hop average time for early timeout 17629.653245269066 Single hop probability of search timeout0.9 Single hop average time for search timeout 282714.0 Single hop overall probability of DNF given no timeout 0.9 Single hop overall probability of transfer failure given transfer 0.9 --> nodeinfo/internal/env Architecturei386 Available processors2 Java Virtual Machine JVM Vendor Sun Microsystems Inc. JVM NameJava HotSpot(TM) Client VM JVM Version 1.4.2_05-b04 Memory Allocation Maximum memory the JVM will allocate130,112 KiB Memory currently allocated by the JVM 103,536 KiB Memory in use 95,476,936 Bytes Estimated memory used by logger None Unused allocated memory 10,542,032 Bytes Data Store Maximum size1,512 MiB Used space 1,092 KiB Free space 1,547,196 KiB Percent used0 Total keys 8 Space used by temp filesNone Maximum space for temp files528,482,319 Bytes Most recent file access timeWed Jul 21 00:06:19 PDT 2004 Least recent file access time Tue Jul 20 13:16:00 PDT 2004 Transports Current IPv4 address68.224.168.156 Current IPv4 port 12326 ARK sequence number 2 Last ARK sequence number inserted 2 Thread Pool Total pooled threads14 Available pooled threads7 Pooled threads in use 7 Pooled Thread Consumers Class Threads used Checkpoint: Opening connection 5 freenet.interfaces.LocalNIOInterface$ConnectionShell2 ThreadGroup/Thread Hierarchy: system Reference Handler Finalizer Signal Dispatcher CompilerThread0 main main Log File Writer Thread PRNG/Yarrow entropy processing thread PRNG/Yarrow entropy processing thread PRNG/Yarrow entropy processing thread PRNG/Yarrow entropy processing thread PRNG/Yarrow entropy processing thread Diffie-Helman-Precalc AbstractSelectorLoop background close() thread Network reading thread Network writing thread Polling thread for single Reaper instance. Ticker immediate execution thread Ticker interface thread PeerMessage expiration thread Background inserter Freenet Node: c2ba01a7d61bd02116db2f6342364e012b8b1b65 YThread-50: Checkpoint: Opening connection @ tcp/220.253.27.39:8624 @ 1090393555228 YThread-256: [EMAIL PROTECTED] YThread-374 YThread-845 YThread-870: Checkpoint: Opening connection @ tcp/81.49.137.78:15570 @ 1090393459638 YThread-915: Checkpoint: Opening connection @ tcp/68.174.22.46:12684 @ 1090393540178 YThread-916 YThread-945: Checkpoint: Opening connection @ tcp/81.48.46.246:24176 @ 1090393520108 YThread-1087 YThread-1093: [EMAIL PROTECTED] YThread-1094 YThread-1095: Checkpoint: Opening connection @ tcp/66.18.81.99:38519 @ 1090393499818 YThread-1096 YThread-1097 ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/
Re: [freenet-support] Routing problem?/Connectivity not working
Probably you just need to continue waiting. A few things to check though: 1. What did you change max connections to? 2. Are you firewalled or behind any sort of NAT? The "Transports" box on http://127.0.0.1:/servlet/nodeinfo/internal/env would be interesting to see (it will give me your IP address; if the detected address is invalid or isn't there, then you're NATted). Also if you are forwarded correctly I could check that the port is open remotely, if I know the IP and port. 3. http://127.0.0.1:7888/servlet/nodestatus/nodestatus.html - show me the top 20 lines or so. There's a lot of juicy stuff here. On Tue, Jul 20, 2004 at 10:43:48PM -0700, [EMAIL PROTECTED] wrote: > ***Ive been connected to the freenet project now for a little under 24 > hours, though i've had to restart the demon three times in that time to > fine-tune the configuration (allowing hosts, changing to a 1.5gb local > store, and tweak the max connection limit) > > ***A couple problems so far.. All 4 sessions, It doesn't even appear to be > able to access the default ... "never-fail" site.. however there is a ton > of traffic, so i KNOW its finding nodes out there. > > ---xx-x > [EMAIL PROTECTED]/TFE//ActiveLink.jpg > RouteNotFound, reason: No route found > > [EMAIL PROTECTED],NzRr-Pj88cVT0bN~1urLVg/FIND//activelink.png > RouteNotFound, reason: No route found > > [EMAIL PROTECTED]/FreenetHelp//ActiveLink.png > RouteNotFound, reason: No route found > > [EMAIL PROTECTED]/CofE//CofETitle.jpg > RouteNotFound, reason: No route found > > [EMAIL PROTECTED]/YoYo//activelink.png > RouteNotFound, reason: No route found > > [EMAIL PROTECTED]/CofE//CofETitle.jpg > Data Not found > > [EMAIL PROTECTED]/FreenetHelp//ActiveLink.png > Data Not found > > [EMAIL PROTECTED],NzRr-Pj88cVT0bN~1urLVg/FIND//activelink.png > Data Not found > > [EMAIL PROTECTED]/YoYo//activelink.png > Data Not found > > [EMAIL PROTECTED]/CofE//CofETitle.jpg > Transfer of 109 bytes started. Done. > ...Followed redirect... > > [EMAIL PROTECTED]/TFE//ActiveLink.jpg > Transfer of 108 bytes started. Done. > ...Followed redirect... > > --xx > Okay, i allowed incoming port 12326 udp/tcp, and suddenly i get another > error. > > Couldn't retrieve key: [EMAIL PROTECTED]/TFE// > Hops To Live: 15 > > Error: Data Not Foun > > > > ***Do i just need to continue waiting? -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. signature.asc Description: Digital signature ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Load
On Tue, Jul 20, 2004 at 11:48:29PM -0500, David Masover wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > > > Toad wrote: > | On Tue, Jul 20, 2004 at 01:33:30AM -0500, David Masover wrote: > | > |>Unfortunately, I can't work on this at all right now. My freenet node > |>looks fine, only I get a connection close from FProxy the instant I try > |>connecting -- that is, 0 bytes sent/recieved from netcat, "The document > |>contains no data" from Firefox. > | > | > | Ouch. Anything in the logs? Tried restarting? What build? > > Only about 20 times, how do I check the build without a working FProxy? java -cp freenet.jar freenet.Version on a command line? > > Trying to update to latest stable: > Usually in the logs, it at least tells me something like "starting > Freenet, Build X" > > Now, I get a java.io.IOException as the first log message. Show me it. > > Takes more than 3 mins for port to start listening. > When it does, wget reports "connection reset by peer". > > Deleting everything in /var/freenet except seednodes.ref, restarting... > > It's been 5 minutes. Log (/var/freenet/freenet.log) is still empty. > Still not responding. > > Some time later, I check back, and -- yet again -- Connection reset by peer. > > For debugging purposes (I'm smart enough to remove this once I get > freenet working), I'm going to leave this atrocity running overnight, > with logs and conf files online: > > http://slaphack.com/freenet.log Thanks. That log appears to start from well into execution. Ah, no, it's because of logLevel=error. Hmm. This is a result of Yet Another 1.4.2 Big* Bug. I suggest you upgrade to 1.4.2-r05 or 1.5.0-beta2, or downgrade to 1.4.1. What build of the JVM are you running? You can find out by running the following on a command line: java -version > http://slaphack.com/freenet.conf > > | > |>| of the user. If a non-anonymous search solves one part without > |>| affecting the other, what's the harm of it? > |> > |>None, as long as it's _absolutely_clear_ which parts are solved. If you > |>make the publisher anonymous but the readers known, you don't want > |>someone saying "ooh, freenet" and then using it to visit Porn of Love > |>from an office computer. Or worse. Make huge, bold, red warnings. > | > | > | Hehe. That's their own silly fault ;). But yes, warnings probably a good > | idea. > > Yes, and yes. > n00bishness should be no barrier to revolution. > > | Google keeps the entire index in RAM. > > *jaw drops* > > You learn something new every day. > > |>[...] > |>| to reach the users of freenet and hushmail; I want it to > |>| reach the huge and clueless masses who watch CNN and use > |>| hotmail. And I also want to protect my anonymity damn well. > |> > |>What about implementing a freenet client as a Java applet, thus allowing > |>"freenet gateways"? You'd need that (no _percieved_ download/install of > |>software) in order to reach these huge and clueless masses. > | > | > | Not possible. Java applets are not able to connect to servers other than > > Are not allowed to. They seem to be able to, if the user clicks "yes" > on a "do you trust these people?" dialog box. Are they? Hmm. If you can prove that that would be really interesting. However I don't see Freenet running well as a Java applet, because it won't run for long enough... > > | running a public proxy. However tens of millions of lusers actually know > | how to install software. > > Sometimes the problem is "knowing how". Sometimes it's "being allowed > to". Not everyone owns their own computer. Of course, if you don't own > your own computer, how can you trust it? One-way trust. Suppose my bro > trusts me, but I don't trust him, I have root, and he wants Freenet. Or > suppose someone doesn't care about their own anonymity, but wants > Freenet on a public internet terminal. The possibilities are endless... > > Most end-user types I know don't ever upgrade their software as long as > it seems to work, and few upgrade even when it stops working -- they > reinstall. Web interface solves all of that, as long as browser cache / > web proxies behave themselves. -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. signature.asc Description: Digital signature ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Load
David Masover wrote: Of course, if you don't own your own computer, how can you trust it? One-way trust. Suppose my bro trusts me, but I don't trust him, I have root, and he wants Freenet. You don't need root to run it and it's probably a good idea to not run it as root even when you are root. # useradd -r -d /path/to/freenet freenet # su - freenet -c "/path/to/start-freenet.sh" Z -- Framtiden är som en babianröv, färggrann och full av skit. Arne Anka ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Anyone got Blackdown on
On Wed, 2004-07-21 at 07:05, Toad wrote: > I need the output of: > java -version 2>&1 | head -n 1 | sed "s/java version \"\(.*\)\"/\1/" > on Blackdown, in order to fix the start-freenet.sh script to use NPTL where the > JVM is 1.4.2 (I have Sun 1.5.0beta). I'm running gentoo with blackdown 1.4.2 as my default jvm. Yours script returns 1.4.2-rc1 Regards ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]