shifttstas 17 Oct 2013 in 02:10

Setting up I2P Out Proxy

2 min

28K

Tutorial

Good afternoon dear Habrausers.

Today I propose to you to discuss the creation of a single proxy server capable of remaining steadfast in snowstorms, heat and blocking and sacredly observing the principles of freedom of information, unity and peace in the world. Yes, yes, we will talk about i2p again, but from the standpoint of server settings.

Let's imagine that there is a good Samaritan abroad whose i2p router is always turned on and he is ready to bring joy to people by creating proxy.antizapret.i2p for us

This article was written by a user torna he asked to publish, so please send all the positives to him.

Surprisingly, creating a tunnel of this kind turned out to be elementary. For this we need:

squid - proxy server
i2p router

Add to squid.conf
acl block_ip dst 93.158.134.198 # If the user wants to get to this ip, we use a proxy (you can create a separate file containing the entire list of banned addresses)
http_access allow block_ip # allow only necessary IP addresses
http_access deny all # deny everyone else
http_port 3128 # Sets the port for the i2p router

Load i2p and start setting up the tunnel:

On the page http://127.0.0.1:7657/i2ptunnel/wizard select a server tunnel
standard tunnel type
Description and name at your discretion
Address: 127.0.0.1
port: 3128
Check the box for autorun

Now the proxy server broadcasting in i2p will create in a couple of minutes a b32 address of this type zrucncbt6qlocnzqobb7nddtp2kexwlkfabgvqlhizxcnp4qdv6q.b32.i2p. To give the link a readable format, you need to add it to your address book and wait a week until most routers on the network make changes. After this you can start advertising your proxy.

Custom Settings.

In order for the user to be able to use the proxy server, it must be registered on the same page http://127.0.0.1:7657/i2ptunnel/wizard only this time select the client tunnel:

HTTP tunnel type
The name and description depends on your imagination
Tunnel destination address: zrucncbt6qlocnzqobb7nddtp2kexwlkfabgvqlhizxcnp4qdv6q.b32.i2p or name from the address book
port: 3123
If you have one computer, choose a network interface address starting with 127.0.0.1, if not 192.xx.xx.xx
Check the box for autorun

Since proxies and VPNs will be banned in the near future, constantly encrypted traffic from a certain IP will look ridiculous; the traffic needs automation. Let's create a client pac file.
I looked at the sources of this .pac file at http://antizapret.prostovpn.org/ for which I express gratitude to the owner, I also have hopes that the owner of this resource will become a good Samaritan.

function FindProxyForURL(url, host) {
  blockedarray = [ 
	"93.158.134.198",
      ];
  if (blockedarray.indexOf(dnsResolve(host)) != -1) {
    return "PROXY 127.0.0.1:3123";
  }
  
    return "DIRECT";
}

PS. I apologize in advance for the humorous style of the article; the topic is quite sensitive from a legal point of view and sad at the same time. Thank you for your attention.

Tags:

Hubs:

Comments 10

jekakmail 17 Oct 2013 in 02:56

I read the article, went to see if my i2p router was still working on the server)))

Redf 17 Oct 2013 in 03:36

This is a very controversial topic.
I don’t know who it is, but I’m not a supporter of gates from I2P to the Internet. In any of their manifestations.
Your Samoritan server may be shut down.
+ a Samoritan will know something about the users of this service, but this is not good.
* I'm paranoid in these matters, if anything.

shifttstas 17 Oct 2013 in 04:08

The message of the article is that the fact that you are connecting through this OUT Proxy cannot be calculated, so identification becomes more difficult, and now there are all sorts of frigates that provide proxy access, which is worse than this one?

Redf 17 Oct 2013 in 04:24

I didn't say it was any worse or better.
I said that the fewer gates, the better for I2P.
This is more on a philosophical plane than on a technical one.

YuriiVoitenko 18 Oct 2013 in 15:40

The power is in MANET, or at least in mesh…

Chamie 7 Nov 2013 in 00:26

Since i2p is a replacement for the “naked” Internet, then it must be used in all available ways. For example, as a replacement for a VPN/SSH tunnel to your proxy.
PS HimselfAa Ritan is a resident Samaria, and not “my own Ritan”».

ValdikSS 17 Oct 2013 in 13:29

…I also have hopes that the owner of this resource will become a good Samaritan.

Uh-oh, I didn't plan to do this and I'm sticking to my position Redf higher. So far the plans are to do proxification via DNS on the anti-ban, to slightly alter .pac so that it proxies not only by IP, but also by blocked domains, but I just don’t know yet how to implement this correctly.

J_o_k_e_R 20 Oct 2013 in 15:14

Why didn't you indicate the author? He also contacted me, I refused to publish his article, since i2p is not for outproxy. We need to create internal resources.

ibex 21 Feb 2014 in 00:20

how to make inproxy?

MAXH0 21 Feb 2014 in 00:34

Sorry, for those in the tank, explain your hints about

the topic is quite sensitive from a legal point of view and sad at the same time.

I don't think it's prohibited.

Only full-fledged users can leave comments. Sign in, Please.