idk/sam-forwarder
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cleanup, add signature type option

Browse Source
This commit is contained in:
idk
2019-04-25 22:58:49 -04:00
parent 7889f63232
commit 7135facd9c
46 changed files with 660 additions and 1540 deletions
Download Patch File Download Diff File Expand all files Collapse all files

80
Makefile
View File

@ -1,9 +1,7 @@
#GOPATH=$(HOME)/go
appname = ephsite
packagename = sam-forwarder
eephttpd = eephttpd
samcatd = samcatd
network = si
samhost = sam-host
@ -75,20 +73,7 @@ gdb-web:
refresh:
deps:
go get -u github.com/eyedeekay/ramp/emit
go get -u github.com/songgao/water
go get -u github.com/gtank/cryptopasta
go get -u github.com/zieckey/goini
go get -u github.com/eyedeekay/udptunnel
go get -u github.com/eyedeekay/sam-forwarder/i2pkeys
go get -u github.com/eyedeekay/sam-forwarder/i2pkeys/keys
go get -u github.com/eyedeekay/sam-forwarder/tcp
go get -u github.com/eyedeekay/sam-forwarder/udp
go get -u github.com/eyedeekay/sam-forwarder/config
go get -u github.com/eyedeekay/sam-forwarder/manager
go get -u github.com/eyedeekay/sam3
go get -u crawshaw.io/littleboss
go get -u github.com/eyedeekay/samcatd-web
mine:
go get -u github.com/kpetku/sam3
@ -96,28 +81,13 @@ mine:
webdep:
go get -u github.com/eyedeekay/samcatd-web
build: clean bin/$(appname)
install:
install -m755 ./bin/$(appname) $(PREFIX)$(USR)$(LOCAL)/bin/
install -m755 ./bin/$(samcatd) $(PREFIX)$(USR)$(LOCAL)/bin/
install -m755 ./bin/$(samcatd)-web $(PREFIX)$(USR)$(LOCAL)/bin/
install -m644 ./etc/init.d/samcatd $(PREFIX)$(ETC)/init.d
mkdir -p $(PREFIX)$(ETC)/samcatd/ $(PREFIX)$(ETC)/sam-forwarder/ $(PREFIX)$(ETC)/i2pvpn/
install -m644 ./etc/samcatd/tunnels.ini $(PREFIX)$(ETC)/samcatd/
install -m644 ./etc/sam-forwarder/tunnels.ini $(PREFIX)$(ETC)/sam-forwarder/
install -m644 ./etc/i2pvpn/i2pvpn.ini $(PREFIX)$(ETC)/i2pvpn/
install -m644 ./etc/i2pvpn/i2pvpnclient.ini $(PREFIX)$(ETC)/i2pvpn/
bin/$(appname):
mkdir -p bin
cd main && go build -a -tags netgo -ldflags '-w -extldflags "-static"' -o ../bin/$(appname)
server: clean-server bin/$(eephttpd)
bin/$(eephttpd):
mkdir -p bin
go build -a -tags netgo -ldflags '-w -extldflags "-static"' -o ./bin/$(eephttpd) ./example/serve.go
daemon: clean-daemon bin/$(samcatd)
@ -137,15 +107,9 @@ bin/$(samcatd)-web:
-o ./bin/$(samcatd)-web \
./daemon/*.go
all: daemon daemon-web build server
all: daemon daemon-web
clean-all: clean clean-server clean-daemon clean-daemon-web
clean:
rm -f bin/$(appname)
clean-server:
rm -f bin/$(eephttpd)
clean-all: clean-daemon clean-daemon-web
clean-daemon:
rm -f bin/$(samcatd)
@ -153,37 +117,13 @@ clean-daemon:
clean-daemon-web:
rm -f bin/$(samcatd)-web
noopts: clean
mkdir -p bin
cd main && go build -o ../bin/$(appname)
install-forwarder:
install -m755 bin/ephsite /usr/local/bin/ephsite
install -m755 bin/$(samcatd) /usr/local/bin/$(samcatd)
install-server:
install -m755 bin/eephttpd /usr/local/bin/eephttpd
install-all: install install-server
remove:
rm -rf /usr/local/bin/ephsite /usr/local/bin/eephttpd
install-all: install
gendoc:
@echo "$(appname) - Easy forwarding of local services to i2p" > USAGE.md
@echo "==================================================" >> USAGE.md
@echo "" >> USAGE.md
@echo "$(appname) is a forwarding proxy designed to configure a tunnel for use" >> USAGE.md
@echo "with i2p. It can be used to easily forward a local service to the" >> USAGE.md
@echo "i2p network using i2p's SAM API instead of the tunnel interface." >> USAGE.md
@echo "" >> USAGE.md
@echo "usage:" >> USAGE.md
@echo "------" >> USAGE.md
@echo "" >> USAGE.md
@echo '```' >> USAGE.md
./bin/$(appname) -help 2>> USAGE.md; true
@echo '```' >> USAGE.md
@echo "" >> USAGE.md
@echo "$(samcatd) - Router-independent tunnel management for i2p" >> USAGE.md
@echo "$(samcatd) - Router-independent tunnel management for i2p" > USAGE.md
@echo "=========================================================" >> USAGE.md
@echo "" >> USAGE.md
@echo "$(samcatd) is a daemon which runs a group of forwarding proxies to" >> USAGE.md
@ -273,15 +213,17 @@ follow:
docker: docker-build docker-volume docker-run
index:
pandoc USAGE.md -o example/www/index.html && cp example/www/index.html docs/index.html
pandoc README.md -o docs/index.html
pandoc docs/USAGE.md -o example/www/index.html && cp example/www/index.html docs/usage.html
pandoc docs/EMBEDDING.md -o docs/embedding.html
pandoc docs/PACKAGECONF.md -o docs/packageconf.html
pandoc interface/README.md -o docs/interface.html
cp config/CHECKLIST.md docs/config
pandoc docs/config/CHECKLIST.md -o docs/checklist.html
visit:
http_proxy=http://127.0.0.1:4444 surf http://566niximlxdzpanmn4qouucvua3k7neniwss47li5r6ugoertzuq.b32.i2p
forward:
./bin/ephsite -client -dest i2p-projekt.i2p
gojs:
go get -u github.com/gopherjs/gopherjs

11
README.md
View File

@ -30,6 +30,8 @@ There are a number of ways to use sam-forwarder:
### [encapsulate](docs/PACKAGECONF.md) configuration for i2p-enabled packages
### [implement](interface/README.md) the interface for fine-grained control over SAM connections
## binaries
Two binaries are produced by this repo. The first, ephsite, is only capable
@ -126,3 +128,12 @@ Donate
### Bitcoin Wallet Address
BTC:159M8MEUwhTzE9RXmcZxtigKaEjgfwRbHt
Index
-----
* [readme](index.html)
* [usage](usage.html)
* [configuration](packageconf.html)
* [embedding](embedding.html)
* [interface](interface.htnl)

45
config/sigtype.go Normal file
View File

@ -0,0 +1,45 @@
package i2ptunconf
// GetSigType takes an argument and a default. If the argument differs from the
// default, the argument is always returned. If the argument and default are
// the same and the key exists, the key is returned. If the key is absent, the
// default is returned.
func (c *Conf) GetSigType(argt, def string, label ...string) string {
var typ string
if argt == "" {
typ += ""
} else if argt == "DSA_SHA1" {
typ = "DSA_SHA1"
} else if argt == "ECDSA_SHA256_P256" {
typ = "ECDSA_SHA256_P256"
} else if argt == "ECDSA_SHA384_P384" {
typ = "ECDSA_SHA384_P384"
} else if argt == "ECDSA_SHA512_P521" {
typ = "ECDSA_SHA512_P521"
} else if argt == "EdDSA_SHA512_Ed25519" {
typ = "EdDSA_SHA512_Ed25519"
} else {
typ = "EdDSA_SHA512_Ed25519"
}
if typ != def {
return typ
}
if c.Config == nil {
return typ
}
if x, o := c.Get("signaturetype", label...); o {
return x
}
return def
}
// SetSigType sets the type of proxy to create from the config file
func (c *Conf) SetSigType(label ...string) {
if v, ok := c.Get("signaturetype", label...); ok {
if c.SigType == "" || c.SigType == "DSA_SHA1" || c.SigType == "ECDSA_SHA256_P256" || c.SigType == "ECDSA_SHA384_P384" || c.SigType == "ECDSA_SHA512_P521" || c.SigType == "EdDSA_SHA512_Ed25519" {
c.SigType = v
}
} else {
c.SigType = "EdDSA_SHA512_Ed25519"
}
}

1
config/tunconf.go
View File

@ -22,6 +22,7 @@ type Conf struct {
Labels []string
Client bool
ClientDest string
SigType string
Type string
SaveDirectory string
SaveFile bool

3
daemon/main.go
View File

@ -66,6 +66,8 @@ var (
"Inject X-I2P-DEST headers")
webAdmin = flag.Bool("w", false,
"Start web administration interface")
sigType = flag.String("st", "",
"Signature type")
webPort = flag.String("wp", "7957",
"Web port")
webCSS = flag.String("css", "css/styles.css",
@ -161,6 +163,7 @@ func lbMain(ctx context.Context) {
config.SamHost = config.GetSAMHost(*samHost, "127.0.0.1")
config.SamPort = config.GetSAMPort(*samPort, "7656")
config.TunName = config.GetKeys(*tunName, "forwarder")
config.SigType = config.GetSigType(*sigType, "EdDSA_SHA512_Ed25519")
config.InLength = config.GetInLength(*inLength, 3)
config.OutLength = config.GetOutLength(*outLength, 3)
config.InVariance = config.GetInVariance(*inVariance, 0)

6
debian/README.Debian vendored
View File

@ -1,6 +0,0 @@
sam-forwarder for Debian
-----------------------
<possible notes regarding this package - if none, delete this file>
-- eyedeekay <hankhill19580@gmail.com> Wed, 14 Nov 2018 06:07:55 -0500

10
debian/README.source vendored
View File

@ -1,10 +0,0 @@
sam-forwarder for Debian
-----------------------
<this file describes information about the source package, see Debian policy
manual section 4.14. You WILL either need to modify or delete this file>
-- eyedeekay <hankhill19580@gmail.com> Wed, 14 Nov 2018 06:07:55 -0500

5
debian/changelog vendored
View File

@ -1,5 +0,0 @@
sam-forwarder (0.1-1) unstable; urgency=medium
* Initial release (Closes: #nnnn) <nnnn is the bug number of your ITP>
-- eyedeekay <hankhill19580@gmail.com> Wed, 14 Nov 2018 06:07:55 -0500

1
debian/compat vendored
View File

@ -1 +0,0 @@
11

17
debian/control vendored
View File

@ -1,17 +0,0 @@
Source: sam-forwarder
Section: unknown
Priority: optional
Maintainer: eyedeekay <hankhill19580@gmail.com>
Build-Depends: debhelper (>= 11)
Standards-Version: 4.1.3
Homepage: https://github.com/eyedeekay/sam-forwarder
Vcs-Browser: https://github.com/eyedeekay/sam-forwarder
Vcs-Git: https://github.com/eyedeekay/sam-forwarder.git
Package: sam-forwarder
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends}
Description: Out-of-router i2ptunnel-like application.
sam-forwarder is a socat-inspired suite of tunneling tools for the i2p network.
It provides the same features as i2ptunnel, but does so using a router-agnostic
SAM application which accepts i2pd-like ini files and command-line parameters.

36
debian/copyright vendored
View File

@ -1,36 +0,0 @@
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Name: sam-forwarder
Source: <url://example.com>
Files: *
Copyright: <years> <put author's name and email here>
<years> <likewise for another author>
License: MIT
Files: debian/*
Copyright: 2018 eyedeekay <hankhill19580@gmail.com>
License: MIT
License: MIT
Permission is hereby granted, free of charge, to any person obtaining a
copy of this software and associated documentation files (the "Software"),
to deal in the Software without restriction, including without limitation
the rights to use, copy, modify, merge, publish, distribute, sublicense,
and/or sell copies of the Software, and to permit persons to whom the
Software is furnished to do so, subject to the following conditions:
.
The above copyright notice and this permission notice shall be included
in all copies or substantial portions of the Software.
.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
# Please also look if there are files or directories which have a
# different copyright/license attached and list them here.
# Please avoid picking licenses with terms that are more restrictive than the
# packaged work, as it may make Debian's contributions unacceptable upstream.

56
debian/manpage.1.ex vendored
View File

@ -1,56 +0,0 @@
.\" Hey, EMACS: -*- nroff -*-
.\" (C) Copyright 2018 eyedeekay <hankhill19580@gmail.com>,
.\"
.\" First parameter, NAME, should be all caps
.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
.\" other parameters are allowed: see man(7), man(1)
.TH Sam-forwarder SECTION "November 14 2018"
.\" Please adjust this date whenever revising the manpage.
.\"
.\" Some roff macros, for reference:
.\" .nh disable hyphenation
.\" .hy enable hyphenation
.\" .ad l left justify
.\" .ad b justify to both left and right margins
.\" .nf disable filling
.\" .fi enable filling
.\" .br insert line break
.\" .sp <n> insert n+1 empty lines
.\" for manpage-specific macros, see man(7)
.SH NAME
sam-forwarder \- program to do something
.SH SYNOPSIS
.B sam-forwarder
.RI [ options ] " files" ...
.br
.B bar
.RI [ options ] " files" ...
.SH DESCRIPTION
This manual page documents briefly the
.B sam-forwarder
and
.B bar
commands.
.PP
.\" TeX users may be more comfortable with the \fB<whatever>\fP and
.\" \fI<whatever>\fP escape sequences to invode bold face and italics,
.\" respectively.
\fBsam-forwarder\fP is a program that...
.SH OPTIONS
These programs follow the usual GNU command line syntax, with long
options starting with two dashes (`-').
A summary of options is included below.
For a complete description, see the Info files.
.TP
.B \-h, \-\-help
Show summary of options.
.TP
.B \-v, \-\-version
Show version of program.
.SH SEE ALSO
.BR bar (1),
.BR baz (1).
.br
The programs are documented fully by
.IR "The Rise and Fall of a Fooish Bar" ,
available via the Info system.

154
debian/manpage.sgml.ex vendored
View File

@ -1,154 +0,0 @@
<!doctype refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN" [
<!-- Process this file with docbook-to-man to generate an nroff manual
page: `docbook-to-man manpage.sgml > manpage.1'. You may view
the manual page with: `docbook-to-man manpage.sgml | nroff -man |
less'. A typical entry in a Makefile or Makefile.am is:
manpage.1: manpage.sgml
docbook-to-man $< > $@
The docbook-to-man binary is found in the docbook-to-man package.
Please remember that if you create the nroff version in one of the
debian/rules file targets (such as build), you will need to include
docbook-to-man in your Build-Depends control field.
-->
<!-- Fill in your name for FIRSTNAME and SURNAME. -->
<!ENTITY dhfirstname "<firstname>FIRSTNAME</firstname>">
<!ENTITY dhsurname "<surname>SURNAME</surname>">
<!-- Please adjust the date whenever revising the manpage. -->
<!ENTITY dhdate "<date>November 14 2018</date>">
<!-- SECTION should be 1-8, maybe w/ subsection other parameters are
allowed: see man(7), man(1). -->
<!ENTITY dhsection "<manvolnum>SECTION</manvolnum>">
<!ENTITY dhemail "<email>hankhill19580@gmail.com</email>">
<!ENTITY dhusername "eyedeekay">
<!ENTITY dhucpackage "<refentrytitle>Sam-forwarder</refentrytitle>">
<!ENTITY dhpackage "sam-forwarder">
<!ENTITY debian "<productname>Debian</productname>">
<!ENTITY gnu "<acronym>GNU</acronym>">
<!ENTITY gpl "&gnu; <acronym>GPL</acronym>">
]>
<refentry>
<refentryinfo>
<address>
&dhemail;
</address>
<author>
&dhfirstname;
&dhsurname;
</author>
<copyright>
<year>2003</year>
<holder>&dhusername;</holder>
</copyright>
&dhdate;
</refentryinfo>
<refmeta>
&dhucpackage;
&dhsection;
</refmeta>
<refnamediv>
<refname>&dhpackage;</refname>
<refpurpose>program to do something</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>&dhpackage;</command>
<arg><option>-e <replaceable>this</replaceable></option></arg>
<arg><option>--example <replaceable>that</replaceable></option></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
<title>DESCRIPTION</title>
<para>This manual page documents briefly the
<command>&dhpackage;</command> and <command>bar</command>
commands.</para>
<para>This manual page was written for the &debian; distribution
because the original program does not have a manual page.
Instead, it has documentation in the &gnu;
<application>Info</application> format; see below.</para>
<para><command>&dhpackage;</command> is a program that...</para>
</refsect1>
<refsect1>
<title>OPTIONS</title>
<para>These programs follow the usual &gnu; command line syntax,
with long options starting with two dashes (`-'). A summary of
options is included below. For a complete description, see the
<application>Info</application> files.</para>
<variablelist>
<varlistentry>
<term><option>-h</option>
<option>--help</option>
</term>
<listitem>
<para>Show summary of options.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-v</option>
<option>--version</option>
</term>
<listitem>
<para>Show version of program.</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>SEE ALSO</title>
<para>bar (1), baz (1).</para>
<para>The programs are documented fully by <citetitle>The Rise and
Fall of a Fooish Bar</citetitle> available via the
<application>Info</application> system.</para>
</refsect1>
<refsect1>
<title>AUTHOR</title>
<para>This manual page was written by &dhusername; &dhemail; for
the &debian; system (and may be used by others). Permission is
granted to copy, distribute and/or modify this document under
the terms of the &gnu; General Public License, Version 2 any
later version published by the Free Software Foundation.
</para>
<para>
On Debian systems, the complete text of the GNU General Public
License can be found in /usr/share/common-licenses/GPL.
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:2
sgml-indent-data:t
sgml-parent-document:nil
sgml-default-dtd-file:nil
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
-->

291
debian/manpage.xml.ex vendored
View File

@ -1,291 +0,0 @@
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!--
`xsltproc -''-nonet \
-''-param man.charmap.use.subset "0" \
-''-param make.year.ranges "1" \
-''-param make.single.year.ranges "1" \
/usr/share/xml/docbook/stylesheet/docbook-xsl/manpages/docbook.xsl \
manpage.xml'
A manual page <package>.<section> will be generated. You may view the
manual page with: nroff -man <package>.<section> | less'. A typical entry
in a Makefile or Makefile.am is:
DB2MAN = /usr/share/sgml/docbook/stylesheet/xsl/docbook-xsl/manpages/docbook.xsl
XP = xsltproc -''-nonet -''-param man.charmap.use.subset "0"
manpage.1: manpage.xml
$(XP) $(DB2MAN) $<
The xsltproc binary is found in the xsltproc package. The XSL files are in
docbook-xsl. A description of the parameters you can use can be found in the
docbook-xsl-doc-* packages. Please remember that if you create the nroff
version in one of the debian/rules file targets (such as build), you will need
to include xsltproc and docbook-xsl in your Build-Depends control field.
Alternatively use the xmlto command/package. That will also automatically
pull in xsltproc and docbook-xsl.
Notes for using docbook2x: docbook2x-man does not automatically create the
AUTHOR(S) and COPYRIGHT sections. In this case, please add them manually as
<refsect1> ... </refsect1>.
To disable the automatic creation of the AUTHOR(S) and COPYRIGHT sections
read /usr/share/doc/docbook-xsl/doc/manpages/authors.html. This file can be
found in the docbook-xsl-doc-html package.
Validation can be done using: `xmllint -''-noout -''-valid manpage.xml`
General documentation about man-pages and man-page-formatting:
man(1), man(7), http://www.tldp.org/HOWTO/Man-Page/
-->
<!-- Fill in your name for FIRSTNAME and SURNAME. -->
<!ENTITY dhfirstname "FIRSTNAME">
<!ENTITY dhsurname "SURNAME">
<!-- dhusername could also be set to "&dhfirstname; &dhsurname;". -->
<!ENTITY dhusername "eyedeekay">
<!ENTITY dhemail "hankhill19580@gmail.com">
<!-- SECTION should be 1-8, maybe w/ subsection other parameters are
allowed: see man(7), man(1) and
http://www.tldp.org/HOWTO/Man-Page/q2.html. -->
<!ENTITY dhsection "SECTION">
<!-- TITLE should be something like "User commands" or similar (see
http://www.tldp.org/HOWTO/Man-Page/q2.html). -->
<!ENTITY dhtitle "sam-forwarder User Manual">
<!ENTITY dhucpackage "Sam-forwarder">
<!ENTITY dhpackage "sam-forwarder">
]>
<refentry>
<refentryinfo>
<title>&dhtitle;</title>
<productname>&dhpackage;</productname>
<authorgroup>
<author>
<firstname>&dhfirstname;</firstname>
<surname>&dhsurname;</surname>
<contrib>Wrote this manpage for the Debian system.</contrib>
<address>
<email>&dhemail;</email>
</address>
</author>
</authorgroup>
<copyright>
<year>2007</year>
<holder>&dhusername;</holder>
</copyright>
<legalnotice>
<para>This manual page was written for the Debian system
(and may be used by others).</para>
<para>Permission is granted to copy, distribute and/or modify this
document under the terms of the GNU General Public License,
Version 2 or (at your option) any later version published by
the Free Software Foundation.</para>
<para>On Debian systems, the complete text of the GNU General Public
License can be found in
<filename>/usr/share/common-licenses/GPL</filename>.</para>
</legalnotice>
</refentryinfo>
<refmeta>
<refentrytitle>&dhucpackage;</refentrytitle>
<manvolnum>&dhsection;</manvolnum>
</refmeta>
<refnamediv>
<refname>&dhpackage;</refname>
<refpurpose>program to do something</refpurpose>
</refnamediv>
<refsynopsisdiv>
<cmdsynopsis>
<command>&dhpackage;</command>
<!-- These are several examples, how syntaxes could look -->
<arg choice="plain"><option>-e <replaceable>this</replaceable></option></arg>
<arg choice="opt"><option>--example=<parameter>that</parameter></option></arg>
<arg choice="opt">
<group choice="req">
<arg choice="plain"><option>-e</option></arg>
<arg choice="plain"><option>--example</option></arg>
</group>
<replaceable class="option">this</replaceable>
</arg>
<arg choice="opt">
<group choice="req">
<arg choice="plain"><option>-e</option></arg>
<arg choice="plain"><option>--example</option></arg>
</group>
<group choice="req">
<arg choice="plain"><replaceable>this</replaceable></arg>
<arg choice="plain"><replaceable>that</replaceable></arg>
</group>
</arg>
</cmdsynopsis>
<cmdsynopsis>
<command>&dhpackage;</command>
<!-- Normally the help and version options make the programs stop
right after outputting the requested information. -->
<group choice="opt">
<arg choice="plain">
<group choice="req">
<arg choice="plain"><option>-h</option></arg>
<arg choice="plain"><option>--help</option></arg>
</group>
</arg>
<arg choice="plain">
<group choice="req">
<arg choice="plain"><option>-v</option></arg>
<arg choice="plain"><option>--version</option></arg>
</group>
</arg>
</group>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1 id="description">
<title>DESCRIPTION</title>
<para>This manual page documents briefly the
<command>&dhpackage;</command> and <command>bar</command>
commands.</para>
<para>This manual page was written for the Debian distribution
because the original program does not have a manual page.
Instead, it has documentation in the GNU <citerefentry>
<refentrytitle>info</refentrytitle>
<manvolnum>1</manvolnum>
</citerefentry> format; see below.</para>
<para><command>&dhpackage;</command> is a program that...</para>
</refsect1>
<refsect1 id="options">
<title>OPTIONS</title>
<para>The program follows the usual GNU command line syntax,
with long options starting with two dashes (`-'). A summary of
options is included below. For a complete description, see the
<citerefentry>
<refentrytitle>info</refentrytitle>
<manvolnum>1</manvolnum>
</citerefentry> files.</para>
<variablelist>
<!-- Use the variablelist.term.separator and the
variablelist.term.break.after parameters to
control the term elements. -->
<varlistentry>
<term><option>-e <replaceable>this</replaceable></option></term>
<term><option>--example=<replaceable>that</replaceable></option></term>
<listitem>
<para>Does this and that.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-h</option></term>
<term><option>--help</option></term>
<listitem>
<para>Show summary of options.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>-v</option></term>
<term><option>--version</option></term>
<listitem>
<para>Show version of program.</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id="files">
<title>FILES</title>
<variablelist>
<varlistentry>
<term><filename>/etc/foo.conf</filename></term>
<listitem>
<para>The system-wide configuration file to control the
behaviour of <application>&dhpackage;</application>. See
<citerefentry>
<refentrytitle>foo.conf</refentrytitle>
<manvolnum>5</manvolnum>
</citerefentry> for further details.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><filename>${HOME}/.foo.conf</filename></term>
<listitem>
<para>The per-user configuration file to control the
behaviour of <application>&dhpackage;</application>. See
<citerefentry>
<refentrytitle>foo.conf</refentrytitle>
<manvolnum>5</manvolnum>
</citerefentry> for further details.</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id="environment">
<title>ENVIRONMENT</title>
<variablelist>
<varlistentry>
<term><envar>FOO_CONF</envar></term>
<listitem>
<para>If used, the defined file is used as configuration
file (see also <xref linkend="files"/>).</para>
</listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1 id="diagnostics">
<title>DIAGNOSTICS</title>
<para>The following diagnostics may be issued
on <filename class="devicefile">stderr</filename>:</para>
<variablelist>
<varlistentry>
<term><errortext>Bad configuration file. Exiting.</errortext></term>
<listitem>
<para>The configuration file seems to contain a broken configuration
line. Use the <option>--verbose</option> option, to get more info.
</para>
</listitem>
</varlistentry>
</variablelist>
<para><command>&dhpackage;</command> provides some return codes, that can
be used in scripts:</para>
<segmentedlist>
<segtitle>Code</segtitle>
<segtitle>Diagnostic</segtitle>
<seglistitem>
<seg><errorcode>0</errorcode></seg>
<seg>Program exited successfully.</seg>
</seglistitem>
<seglistitem>
<seg><errorcode>1</errorcode></seg>
<seg>The configuration file seems to be broken.</seg>
</seglistitem>
</segmentedlist>
</refsect1>
<refsect1 id="bugs">
<!-- Or use this section to tell about upstream BTS. -->
<title>BUGS</title>
<para>The program is currently limited to only work
with the <package>foobar</package> library.</para>
<para>The upstreams <acronym>BTS</acronym> can be found
at <ulink url="http://bugzilla.foo.tld"/>.</para>
</refsect1>
<refsect1 id="see_also">
<title>SEE ALSO</title>
<!-- In alpabetical order. -->
<para><citerefentry>
<refentrytitle>bar</refentrytitle>
<manvolnum>1</manvolnum>
</citerefentry>, <citerefentry>
<refentrytitle>baz</refentrytitle>
<manvolnum>1</manvolnum>
</citerefentry>, <citerefentry>
<refentrytitle>foo.conf</refentrytitle>
<manvolnum>5</manvolnum>
</citerefentry></para>
<para>The programs are documented fully by <citetitle>The Rise and
Fall of a Fooish Bar</citetitle> available via the <citerefentry>
<refentrytitle>info</refentrytitle>
<manvolnum>1</manvolnum>
</citerefentry> system.</para>
</refsect1>
</refentry>

2
debian/menu.ex vendored
View File

@ -1,2 +0,0 @@
?package(sam-forwarder):needs="X11|text|vc|wm" section="Applications/see-menu-manual"\
title="sam-forwarder" command="/usr/bin/sam-forwarder"

39
debian/postinst.ex vendored
View File

@ -1,39 +0,0 @@
#!/bin/sh
# postinst script for sam-forwarder
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <postinst> `configure' <most-recently-configured-version>
# * <old-postinst> `abort-upgrade' <new version>
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
# <new-version>
# * <postinst> `abort-remove'
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
# <failed-install-package> <version> `removing'
# <conflicting-package> <version>
# for details, see https://www.debian.org/doc/debian-policy/ or
# the debian-policy package
case "$1" in
configure)
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0

37
debian/postrm.ex vendored
View File

@ -1,37 +0,0 @@
#!/bin/sh
# postrm script for sam-forwarder
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <postrm> `remove'
# * <postrm> `purge'
# * <old-postrm> `upgrade' <new-version>
# * <new-postrm> `failed-upgrade' <old-version>
# * <new-postrm> `abort-install'
# * <new-postrm> `abort-install' <old-version>
# * <new-postrm> `abort-upgrade' <old-version>
# * <disappearer's-postrm> `disappear' <overwriter>
# <overwriter-version>
# for details, see https://www.debian.org/doc/debian-policy/ or
# the debian-policy package
case "$1" in
purge|remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
;;
*)
echo "postrm called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0

35
debian/preinst.ex vendored
View File

@ -1,35 +0,0 @@
#!/bin/sh
# preinst script for sam-forwarder
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <new-preinst> `install'
# * <new-preinst> `install' <old-version>
# * <new-preinst> `upgrade' <old-version>
# * <old-preinst> `abort-upgrade' <new-version>
# for details, see https://www.debian.org/doc/debian-policy/ or
# the debian-policy package
case "$1" in
install|upgrade)
;;
abort-upgrade)
;;
*)
echo "preinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0

38
debian/prerm.ex vendored
View File

@ -1,38 +0,0 @@
#!/bin/sh
# prerm script for sam-forwarder
#
# see: dh_installdeb(1)
set -e
# summary of how this script can be called:
# * <prerm> `remove'
# * <old-prerm> `upgrade' <new-version>
# * <new-prerm> `failed-upgrade' <old-version>
# * <conflictor's-prerm> `remove' `in-favour' <package> <new-version>
# * <deconfigured's-prerm> `deconfigure' `in-favour'
# <package-being-installed> <version> `removing'
# <conflicting-package> <version>
# for details, see https://www.debian.org/doc/debian-policy/ or
# the debian-policy package
case "$1" in
remove|upgrade|deconfigure)
;;
failed-upgrade)
;;
*)
echo "prerm called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0

25
debian/rules vendored
View File

@ -1,25 +0,0 @@
#!/usr/bin/make -f
# See debhelper(7) (uncomment to enable)
# output every command that modifies files on the build system.
#export DH_VERBOSE = 1
# see FEATURE AREAS in dpkg-buildflags(1)
#export DEB_BUILD_MAINT_OPTIONS = hardening=+all
# see ENVIRONMENT in dpkg-buildflags(1)
# package maintainers to append CFLAGS
#export DEB_CFLAGS_MAINT_APPEND = -Wall -pedantic
# package maintainers to append LDFLAGS
#export DEB_LDFLAGS_MAINT_APPEND = -Wl,--as-needed
%:
dh $@
# dh_make generated override targets
# This is example for Cmake (See https://bugs.debian.org/641051 )
#override_dh_auto_configure:
# dh_auto_configure -- # -DCMAKE_LIBRARY_PATH=$(DEB_HOST_MULTIARCH)

2
debian/sam-forwarder-docs.docs vendored
View File

@ -1,2 +0,0 @@
README.source
README.Debian

4
debian/sam-forwarder.cron.d.ex vendored
View File

@ -1,4 +0,0 @@
#
# Regular cron jobs for the sam-forwarder package
#
0 4 * * * root [ -x /usr/bin/sam-forwarder_maintenance ] && /usr/bin/sam-forwarder_maintenance

20
debian/sam-forwarder.doc-base.EX vendored
View File

@ -1,20 +0,0 @@
Document: sam-forwarder
Title: Debian sam-forwarder Manual
Author: <insert document author here>
Abstract: This manual describes what sam-forwarder is
and how it can be used to
manage online manuals on Debian systems.
Section: unknown
Format: debiandoc-sgml
Files: /usr/share/doc/sam-forwarder/sam-forwarder.sgml.gz
Format: postscript
Files: /usr/share/doc/sam-forwarder/sam-forwarder.ps.gz
Format: text
Files: /usr/share/doc/sam-forwarder/sam-forwarder.text.gz
Format: HTML
Index: /usr/share/doc/sam-forwarder/html/index.html
Files: /usr/share/doc/sam-forwarder/html/*.html

1
debian/source/format vendored
View File

@ -1 +0,0 @@
3.0 (quilt)

38
debian/watch.ex vendored
View File

@ -1,38 +0,0 @@
# Example watch control file for uscan
# Rename this file to "watch" and then you can run the "uscan" command
# to check for upstream updates and more.
# See uscan(1) for format
# Compulsory line, this is a version 4 file
version=4
# PGP signature mangle, so foo.tar.gz has foo.tar.gz.sig
#opts="pgpsigurlmangle=s%$%.sig%"
# HTTP site (basic)
#http://example.com/downloads.html \
# files/sam-forwarder-([\d\.]+)\.tar\.gz debian uupdate
# Uncomment to examine an FTP server
#ftp://ftp.example.com/pub/sam-forwarder-(.*)\.tar\.gz debian uupdate
# SourceForge hosted projects
# http://sf.net/sam-forwarder/ sam-forwarder-(.*)\.tar\.gz debian uupdate
# GitHub hosted projects
#opts="filenamemangle=s%(?:.*?)?v?(\d[\d.]*)\.tar\.gz%<project>-$1.tar.gz%" \
# https://github.com/<user>/sam-forwarder/tags \
# (?:.*?/)?v?(\d[\d.]*)\.tar\.gz debian uupdate
# PyPI
# https://pypi.debian.net/sam-forwarder/sam-forwarder-(.+)\.(?:zip|tgz|tbz|txz|(?:tar\.(?:gz|bz2|xz)))
# Direct Git
# opts="mode=git" http://git.example.com/sam-forwarder.git \
# refs/tags/v([\d\.]+) debian uupdate
# Uncomment to find new files on GooglePages
# http://example.googlepages.com/foo.html sam-forwarder-(.*)\.tar\.gz

92
docs/USAGE.md
View File

@ -1,83 +1,3 @@
ephsite - Easy forwarding of local services to i2p
==================================================
ephsite is a forwarding proxy designed to configure a tunnel for use
with i2p. It can be used to easily forward a local service to the
i2p network using i2p's SAM API instead of the tunnel interface.
usage:
------
```
Usage of ./bin/ephsite:
-access string
Type of access list to use, can be "whitelist" "blacklist" or "none". (default "none")
-accesslist value
Specify an access list member(can be used multiple times)
-client
Client proxy mode(true or false)
-close
Close tunnel idle(true or false)
-closetime int
Reduce tunnel quantity after X (milliseconds) (default 600000)
-dest string
Destination for client tunnels. Ignored for service tunnels. (default "none")
-dir string
Directory to save tunnel configuration file in.
-encryptlease
Use an encrypted leaseset(true or false) (default true)
-gzip
Uze gzip(true or false)
-headers
Inject X-I2P-DEST headers
-host string
Target host(Host of service to forward to i2p) (default "127.0.0.1")
-inback int
Set inbound tunnel backup quantity(0 to 5) (default 4)
-incount int
Set inbound tunnel quantity(0 to 15) (default 6)
-ini string
Use an ini file for configuration(config file options override passed arguments for now.) (default "none")
-inlen int
Set inbound tunnel length(0 to 7) (default 3)
-invar int
Set inbound tunnel length variance(-7 to 7)
-lsk string
path to saved encrypted leaseset keys (default "none")
-name string
Tunnel name, this must be unique but can be anything. (default "forwarder")
-outback int
Set outbound tunnel backup quantity(0 to 5) (default 4)
-outcount int
Set outbound tunnel quantity(0 to 15) (default 6)
-outlen int
Set outbound tunnel length(0 to 7) (default 3)
-outvar int
Set outbound tunnel length variance(-7 to 7)
-port string
Target port(Port of service to forward to i2p) (default "8081")
-reduce
Reduce tunnel quantity when idle(true or false)
-reducecount int
Reduce idle tunnel quantity to X (0 to 5) (default 3)
-reducetime int
Reduce tunnel quantity after X (milliseconds) (default 600000)
-samhost string
SAM host (default "127.0.0.1")
-samport string
SAM port (default "7656")
-save
Use saved file and persist tunnel(If false, tunnel will not persist after program is stopped.
-tlsport string
(Currently inoperative. Target TLS port(HTTPS Port of service to forward to i2p)
-udp
UDP mode(true or false)
-zeroin
Allow zero-hop, non-anonymous tunnels in(true or false)
-zeroout
Allow zero-hop, non-anonymous tunnels out(true or false)
```
samcatd - Router-independent tunnel management for i2p
=========================================================
@ -94,8 +14,6 @@ flag needs an argument: -h
Usage of ./bin/samcatd:
-a string
Type of access list to use, can be "whitelist" "blacklist" or "none". (default "none")
-accesslist value
Specify an access list member(can be used multiple times)
-c Client proxy mode(true or false)
-conv string
Display the base32 and base64 values of a specified .i2pkeys file
@ -130,6 +48,14 @@ Usage of ./bin/samcatd:
-k string
key for encrypted leaseset (default "none")
-l Use an encrypted leaseset(true or false) (default true)
-littleboss string
instruct the littleboss:
start: start and manage this process using service name "service-name"
stop: signal the littleboss to shutdown the process
status: print statistics about the running littleboss
reload: restart the managed process using the executed binary
bypass: disable littleboss, run the program directly (default "bypass")
-n string
Tunnel name, this must be unique but can be anything. (default "forwarder")
-ob int
@ -156,6 +82,8 @@ Usage of ./bin/samcatd:
SAM host (default "127.0.0.1")
-sp string
SAM port (default "7656")
-st string
Signature type
-t Use saved file and persist tunnel(If false, tunnel will not persist after program is stopped.
-tls string
(Currently inoperative. Target TLS port(HTTPS Port of service to forward to i2p)

96
docs/checklist.html Normal file
View File

@ -0,0 +1,96 @@
<h1 id="i2cptunnel-options-implementation-checklist">I2CP/Tunnel Options Implementation Checklist</h1>
<p>This version of this document is valid for sam-forwarder. If youd like to use it, the original is at <a href="CHECKLIST.orig.md" class="uri">CHECKLIST.orig.md</a>.</p>
<p>key:</p>
<pre><code>- \[U\] - Undone/Unknown
- \[C\] - Confirmed Working
- \[W\] - Work in progress
- \[N\] - Not applicable/Won&#39;t be implemented without good reason.
- \[*\] - See also
Version Recommended Allowable Default
[U] - clientMessageTimeout 8*1000 - 120*1000 60*1000 The timeout (ms) for all sent messages. Unused. See the protocol specification for per-message settings.
[N] - crypto.lowTagThreshold 0.9.2 1-128 30 Minimum number of ElGamal/AES Session Tags before we send more. Recommended: approximately tagsToSend * 2/3
[N] - crypto.tagsToSend 0.9.2 1-128 40 Number of ElGamal/AES Session Tags to send at a time. For clients with relatively low bandwidth per-client-pair (IRC, some UDP apps), this may be set lower.
[U] - explicitPeers null Comma-separated list of Base 64 Hashes of peers to build tunnels through; for debugging only
[C] - i2cp.dontPublishLeaseSet true,false false Should generally be set to true for clients and false for servers
[C] - i2cp.fastReceive 0.9.4 true,false false If true, the router just sends the MessagePayload instead of sending a MessageStatus and awaiting a ReceiveMessageBegin.
[C] - i2cp.messageReliability BestEffort, None BestEffort Guaranteed is disabled; None implemented in 0.8.1; the streaming lib default is None as of 0.8.1, the client side default is None as of 0.9.4
[U] - i2cp.password 0.8.2 string For authorization, if required by the router. If the client is running in the same JVM as a router, this option is not required. Warning - username and password are sent in the clear to the router, unless using SSL (i2cp.SSL=true). Authorization is only recommended when using SSL.
[U] - i2cp.username 0.8.2 string
[C] - inbound.allowZeroHop true,false true If incoming zero hop tunnel is allowed
[C] - outbound.allowZeroHop true,false true If outgoing zero hop tunnel is allowed
[C] - inbound.backupQuantity 0 to 3 No limit 0 Number of redundant fail-over for tunnels in
[C] - outbound.backupQuantity 0 to 3 No limit 0 Number of redundant fail-over for tunnels out
[U] - inbound.IPRestriction 0 to 4 0 to 4 2 Number of IP bytes to match to determine if two routers should not be in the same tunnel. 0 to disable.
[U] - outbound.IPRestriction 0 to 4 0 to 4 2 Number of IP bytes to match to determine if two routers should not be in the same tunnel. 0 to disable.
[C] - inbound.length 0 to 3 0 to 7 3 Length of tunnels in
[C] - outbound.length 0 to 3 0 to 7 3 Length of tunnels out
[C] - inbound.lengthVariance -1 to 2 -7 to 7 0 Random amount to add or subtract to the length of tunnels in. A positive number x means add a random amount from 0 to x inclusive. A negative number -x means add a random amount from -x to x inclusive. The router will limit the total length of the tunnel to 0 to 7 inclusive. The default variance was 1 prior to release 0.7.6.
[C] - outbound.lengthVariance -1 to 2 -7 to 7 0 Random amount to add or subtract to the length of tunnels out. A positive number x means add a random amount from 0 to x inclusive. A negative number -x means add a random amount from -x to x inclusive. The router will limit the total length of the tunnel to 0 to 7 inclusive. The default variance was 1 prior to release 0.7.6.
[U] - inbound.nickname string Name of tunnel - generally used in routerconsole, which will use the first few characters of the Base64 hash of the destination by default.
[U] - outbound.nickname string Name of tunnel - generally ignored unless inbound.nickname is unset.
[U] - outbound.priority 0.9.4 -25 to 25 -25 to 25 0 Priority adjustment for outbound messages. Higher is higher priority.
[C] - inbound.quantity 1 to 3 1 to 16 2 Number of tunnels in. Limit was increased from 6 to 16 in release 0.9; however, numbers higher than 6 are incompatible with older releases.
[C] - outbound.quantity 1 to 3 No limit 2 Number of tunnels out
[U] - inbound.randomKey 0.9.17 Base 64 encoding of 32 random bytes Used for consistent peer ordering across restarts.
[U] - outbound.randomKey 0.9.17 Base 64 encoding of 32 random bytes Used for consistent peer ordering across restarts.
[*] - inbound.* Any other options prefixed with &quot;inbound.&quot; are stored in the &quot;unknown options&quot; properties of the inbound tunnel pool&#39;s settings.
[*] - outbound.* Any other options prefixed with &quot;outbound.&quot; are stored in the &quot;unknown options&quot; properties of the outbound tunnel pool&#39;s settings.
[U] - shouldBundleReplyInfo 0.9.2 true,false true Set to false to disable ever bundling a reply LeaseSet. For clients that do not publish their LeaseSet, this option must be true for any reply to be possible. &quot;true&quot; is also recommended for multihomed servers with long connection times. Setting to &quot;false&quot; may save significant outbound bandwidth, especially if the client is configured with a large number of inbound tunnels (Leases). If replies are still required, this may shift the bandwidth burden to the far-end client and the floodfill. There are several cases where &quot;false&quot; may be appropriate: Unidirectional communication, no reply required LeaseSet is published and higher reply latency is acceptable LeaseSet is published, client is a &quot;server&quot;, all connections are inbound so the connecting far-end destination obviously has the leaseset already. Connections are either short, or it is acceptable for latency on a long-lived connection to temporarily increase while the other end re-fetches the LeaseSet after expiration. HTTP servers may fit these requirements.
[C] - i2cp.closeIdleTime 0.7.1 1800000 300000 minimum (ms) Idle time required (default 30 minutes)
[C] - i2cp.closeOnIdle 0.7.1 true,false false Close I2P session when idle
[C] - i2cp.encryptLeaseSet 0.7.1 true,false false Encrypt the lease
[C] - i2cp.fastReceive 0.9.4 true,false true If true, the router just sends the MessagePayload instead of sending a MessageStatus and awaiting a ReceiveMessageBegin.
[C] - i2cp.gzip 0.6.5 true,false true Gzip outbound data
[C] - i2cp.leaseSetKey 0.7.1 For encrypted leasesets. Base 64 SessionKey (44 characters)
[C] - i2cp.leaseSetPrivateKey 0.9.18 Base 64 private key for encryption. Optionally preceded by the key type and &#39;:&#39;. Only &quot;ELGAMAL_2048:&quot; is supported, which is the default. I2CP will generate the public key from the private key. Use for persistent leaseset keys across restarts.
[C] - i2cp.leaseSetSigningPrivateKey 0.9.18 Base 64 private key for signatures. Optionally preceded by the key type and &#39;:&#39;. DSA_SHA1 is the default. Key type must match the signature type in the destination. I2CP will generate the public key from the private key. Use for persistent leaseset keys across restarts.
[C] - i2cp.reduceIdleTime 0.7.1 1200000 300000 minimum (ms) Idle time required (default 20 minutes, minimum 5 minutes)
[C] - i2cp.reduceOnIdle 0.7.1 true,false false Reduce tunnel quantity when idle
[C] - i2cp.reduceQuantity 0.7.1 1 1 to 5 1 Tunnel quantity when reduced (applies to both inbound and outbound)
[*] - i2cp.SSL 0.8.3 true,false false Connect to the router using SSL. If the client is running in the same JVM as a router, this option is ignored, and the client connects to that router internally.
[*] - i2cp.tcp.host 127.0.0.1 Router hostname. If the client is running in the same JVM as a router, this option is ignored, and the client connects to that router internally.
[*] - i2cp.tcp.port 1-65535 7654 Router I2CP port. If the client is running in the same JVM as a router, this option is ignored, and the client connects to that router internally.
Default Description
[C] - i2cp.accessList null Comma- or space-separated list of Base64 peer Hashes used for either access list or blacklist. As of release 0.7.13.
[U] - i2cp.destination.sigType DSA_SHA1 Use the access list as a whitelist for incoming connections. The name or number of the signature type for a transient destination. As of release 0.9.12.
[C] - i2cp.enableAccessList false Use the access list as a whitelist for incoming connections. As of release 0.7.13.
[C] - i2cp.enableBlackList false Use the access list as a blacklist for incoming connections. As of release 0.7.13.
[U] - i2p.streaming.answerPings true Whether to respond to incoming pings
[U] - i2p.streaming.blacklist null Comma- or space-separated list of Base64 peer Hashes to be blacklisted for incoming connections to ALL destinations in the context. This option must be set in the context properties, NOT in the createManager() options argument. Note that setting this in the router context will not affect clients outside the router in a separate JVM and context. As of release 0.9.3.
[U] - i2p.streaming.bufferSize 64K How much transmit data (in bytes) will be accepted that hasn&#39;t been written out yet.
[U] - i2p.streaming.congestionAvoidanceGrowthRateFactor 1 When we&#39;re in congestion avoidance, we grow the window size at the rate of 1/(windowSize*factor). In standard TCP, window sizes are in bytes, while in I2P, window sizes are in messages. A higher number means slower growth.
[U] - i2p.streaming.connectDelay -1 How long to wait after instantiating a new con before actually attempting to connect. If this is &lt;= 0, connect immediately with no initial data. If greater than 0, wait until the output stream is flushed, the buffer fills, or that many milliseconds pass, and include any initial data with the SYN.
[U] - i2p.streaming.connectTimeout 5*60*1000 How long to block on connect, in milliseconds. Negative means indefinitely. Default is 5 minutes.
[U] - i2p.streaming.disableRejectLogging false Whether to disable warnings in the logs when an incoming connection is rejected due to connection limits. As of release 0.9.4.
[U] - i2p.streaming.dsalist null Comma- or space-separated list of Base64 peer Hashes or host names to be contacted using an alternate DSA destination. Only applies if multisession is enabled and the primary session is non-DSA (generally for shared clients only). This option must be set in the context properties, NOT in the createManager() options argument. Note that setting this in the router context will not affect clients outside the router in a separate JVM and context. As of release 0.9.21.
[U] - i2p.streaming.enforceProtocol true Whether to listen only for the streaming protocol. Setting to true will prohibit communication with Destinations earlier than release 0.7.1 (released March 2009). Set to true if running multiple protocols on this Destination. As of release 0.9.1. Default true as of release 0.9.36.
[U] - i2p.streaming.inactivityAction 2 (send) (0=noop, 1=disconnect) What to do on an inactivity timeout - do nothing, disconnect, or send a duplicate ack.
[U] - i2p.streaming.inactivityTimeout 90*1000 Idle time before sending a keepalive
[U] - i2p.streaming.initialAckDelay 750 Delay before sending an ack
[U] - i2p.streaming.initialResendDelay 1000 The initial value of the resend delay field in the packet header, times 1000. Not fully implemented; see below.
[U] - i2p.streaming.initialRTO 9000 Initial timeout (if no sharing data available). As of release 0.9.8.
[U] - i2p.streaming.initialRTT 8000 Initial round trip time estimate (if no sharing data available). Disabled as of release 0.9.8; uses actual RTT.
[U] - i2p.streaming.initialWindowSize 6 (if no sharing data available) In standard TCP, window sizes are in bytes, while in I2P, window sizes are in messages.
[U] - i2p.streaming.limitAction reset What action to take when an incoming connection exceeds limits. Valid values are: reset (reset the connection); drop (drop the connection); or http (send a hardcoded HTTP 429 response). Any other value is a custom response to be sent. backslash-r and backslash-n will be replaced with CR and LF. As of release 0.9.34.
[U] - i2p.streaming.maxConcurrentStreams -1 (0 or negative value means unlimited) This is a total limit for incoming and outgoing combined.
[U] - i2p.streaming.maxConnsPerMinute 0 Incoming connection limit (per peer; 0 means disabled) As of release 0.7.14.
[U] - i2p.streaming.maxConnsPerHour 0 (per peer; 0 means disabled) As of release 0.7.14.
[U] - i2p.streaming.maxConnsPerDay 0 (per peer; 0 means disabled) As of release 0.7.14.
[U] - i2p.streaming.maxMessageSize 1730 The MTU in bytes.
[U] - i2p.streaming.maxResends 8 Maximum number of retransmissions before failure.
[U] - i2p.streaming.maxTotalConnsPerMinute 0 Incoming connection limit (all peers; 0 means disabled) As of release 0.7.14.
[U] - i2p.streaming.maxTotalConnsPerHour 0 (all peers; 0 means disabled) Use with caution as exceeding this will disable a server for a long time. As of release 0.7.14.
[U] - i2p.streaming.maxTotalConnsPerDay 0 (all peers; 0 means disabled) Use with caution as exceeding this will disable a server for a long time. As of release 0.7.14.
[U] - i2p.streaming.maxWindowSize 128
[U] - i2p.streaming.profile 1 (bulk) (2=interactive not supported) This doesn&#39;t currently do anything, but setting it to a value other than 1 will cause an error.
[U] - i2p.streaming.readTimeout -1 How long to block on read, in milliseconds. Negative means indefinitely.
[U] - i2p.streaming.slowStartGrowthRateFactor 1 When we&#39;re in slow start, we grow the window size at the rate of 1/(factor). In standard TCP, window sizes are in bytes, while in I2P, window sizes are in messages. A higher number means slower growth.
[U] - i2p.streaming.tcbcache.rttDampening 0.75 Ref: RFC 2140. Floating point value. May be set only via context properties, not connection options. As of release 0.9.8.
[U] - i2p.streaming.tcbcache.rttdevDampening 0.75 Ref: RFC 2140. Floating point value. May be set only via context properties, not connection options. As of release 0.9.8.
[U] - i2p.streaming.tcbcache.wdwDampening 0.75 Ref: RFC 2140. Floating point value. May be set only via context properties, not connection options. As of release 0.9.8.
[U] - i2p.streaming.writeTimeout -1 How long to block on write/flush, in milliseconds. Negative means indefinitely.
[C] - destination useful to consider adding to custom applications for client ocnfiguration</code></pre>
<p>* : Id like to have something like this setting internal to samcatd, but it might not always be relevant to pass it through to the real i2p router. Right now, Im leaning toward a samcatd specific setting, but maybe just alter the behavior of this setting for use with samcatd instead? Probably just give samcatd its own thing.</p>

42
docs/embedding.html Normal file
View File

@ -0,0 +1,42 @@
<h1 id="embedding-i2p-support-in-your-go-application-with-samforwarder">Embedding i2p support in your Go application with samforwarder</h1>
<p>One neat thing you can do with samforwarder is make eepWeb(?) services configure themselves automatically by adding it to an existing Go application. To help with this process, the samforwarder/config/ file has a bunch of helper functions and a class for parsing configuration files directly. You can import it, add a few flags(or however you configure your service) and fire off the forwarder as a goroutne, all you have to do is configure it to forward the port used by your service. This makes it extremely easy to do, but it should only be used in this way for applications that would already be safe to host as services in i2p or other overlay networks. In particular, it should only be used for applications that dont require extensive login information and do not leak information at the application layer.</p>
<p>So without further ado, a blatant copy-paste of information that shouldnt have been in the README.md.</p>
<h2 id="static-eepsite-in-like-no-seconds">Static eepsite in like no seconds</h2>
<p>Using this port forwarder, its possible to create an instant eepsite from a folder full of html files(and the resources they call upon). Probably obviously to everybody reading this right now, but maybe not obviously to everyone reading this forever. An example of an application that works this way is available <a href="https://github.com/eyedeekay/eephttpd">here at my eephttpd repo</a>.</p>
<h2 id="quick-and-dirty-i2p-enabled-golang-web-applications">Quick-And-Dirty i2p-enabled golang web applications</h2>
<p>Normal web applications can easily add the ability to serve itself over i2p by importing and configuring this forwarding doodad. Wherever it takes the argument for the web servers listening host and/or port, pass that same host and/or port to a new instance of the “SAMForwarder” and then run the “Serve” function of the SAMForwarder as a goroutine. This simply forwards the running service to the i2p network, it doesnt do any filtering, and if your application establishes out-of-band connections, those may escape. Also, if your application is listening on all addresses, it will be visible from the local network.</p>
<p>Heres a simple example with a simple static file server:</p>
<div class="sourceCode" id="cb1"><pre class="sourceCode diff"><code class="sourceCode diff"><a class="sourceLine" id="cb1-1" title="1">package main package main</a>
<a class="sourceLine" id="cb1-2" title="2"></a>
<a class="sourceLine" id="cb1-3" title="3">import ( import (</a>
<a class="sourceLine" id="cb1-4" title="4"> &quot;flag&quot; &quot;flag&quot;</a>
<a class="sourceLine" id="cb1-5" title="5"> &quot;log&quot; &quot;log&quot;</a>
<a class="sourceLine" id="cb1-6" title="6"> &quot;net/http&quot; &quot;net/http&quot;</a>
<a class="sourceLine" id="cb1-7" title="7">) )</a>
<a class="sourceLine" id="cb1-8" title="8"></a>
<a class="sourceLine" id="cb1-9" title="9"> &gt; import &quot;github.com/eyedeekay/sam-forwarder&quot;</a>
<a class="sourceLine" id="cb1-10" title="10"> &gt;</a>
<a class="sourceLine" id="cb1-11" title="11">func main() { func main() {</a>
<a class="sourceLine" id="cb1-12" title="12"> port := flag.String(&quot;p&quot;, &quot;8100&quot;, &quot;port to serve on&quot;) port := flag.String(&quot;p&quot;, &quot;8100&quot;, &quot;port to serve on&quot;)</a>
<a class="sourceLine" id="cb1-13" title="13"> directory := flag.String(&quot;d&quot;, &quot;.&quot;, &quot;the directory of static file to host&quot;) directory := flag.String(&quot;d&quot;, &quot;.&quot;, &quot;the directory of static file to host&quot;)</a>
<a class="sourceLine" id="cb1-14" title="14"> flag.Parse() flag.Parse()</a>
<a class="sourceLine" id="cb1-15" title="15"> &gt;</a>
<a class="sourceLine" id="cb1-16" title="16"> &gt; forwarder, err := samforwarder.NewSAMForwarderFromOptions(</a>
<a class="sourceLine" id="cb1-17" title="17"> &gt; samforwarder.SetHost(&quot;127.0.0.1&quot;),</a>
<a class="sourceLine" id="cb1-18" title="18"> &gt; samforwarder.SetPort(*port),</a>
<a class="sourceLine" id="cb1-19" title="19"> &gt; samforwarder.SetSAMHost(&quot;127.0.0.1&quot;),</a>
<a class="sourceLine" id="cb1-20" title="20"> &gt; samforwarder.SetSAMPort(&quot;7656&quot;),</a>
<a class="sourceLine" id="cb1-21" title="21"> &gt; samforwarder.SetName(&quot;staticfiles&quot;),</a>
<a class="sourceLine" id="cb1-22" title="22"> &gt; )</a>
<a class="sourceLine" id="cb1-23" title="23"> &gt; if err != nil {</a>
<a class="sourceLine" id="cb1-24" title="24"> &gt; log.Fatal(err.Error())</a>
<a class="sourceLine" id="cb1-25" title="25"> &gt; }</a>
<a class="sourceLine" id="cb1-26" title="26"> &gt; go forwarder.Serve()</a>
<a class="sourceLine" id="cb1-27" title="27"></a>
<a class="sourceLine" id="cb1-28" title="28"> http.Handle(&quot;/&quot;, http.FileServer(http.Dir(*directory))) http.Handle(&quot;/&quot;, http.FileServer(http.Dir(*directory)))</a>
<a class="sourceLine" id="cb1-29" title="29"></a>
<a class="sourceLine" id="cb1-30" title="30"> log.Printf(&quot;Serving %s on HTTP port: %s\n&quot;, *directory, *port) log.Printf(&quot;Serving %s on HTTP port: %s\n&quot;, *directory, *port)</a>
<a class="sourceLine" id="cb1-31" title="31"> log.Fatal(http.ListenAndServe(&quot;127.0.0.1:&quot;+*port, nil)) log.Fatal(http.ListenAndServe(&quot;127.0.0.1:&quot;+*port, nil))</a>
<a class="sourceLine" id="cb1-32" title="32">} }</a></code></pre></div>
<p><a href="https://gist.github.com/paulmach/7271283">This tiny file server taken from here and used for this example</a></p>
<h2 id="integrating-your-go-web-application-with-i2p-using-sam-forwarder">Integrating your Go web application with i2p using sam-forwarder</h2>

275
docs/index.html
View File

@ -1,222 +1,53 @@
<h1 id="ephsite---easy-forwarding-of-local-services-to-i2p">ephsite - Easy forwarding of local services to i2p</h1>
<p>ephsite is a forwarding proxy designed to configure a tunnel for use with i2p. It can be used to easily forward a local service to the i2p network using i2p's SAM API instead of the tunnel interface.</p>
<h2 id="usage">usage:</h2>
<pre><code>Usage of ./bin/ephsite:
-access string
Type of access list to use, can be &quot;whitelist&quot; &quot;blacklist&quot; or &quot;none&quot;. (default &quot;none&quot;)
-accesslist value
Specify an access list member(can be used multiple times)
-client
Client proxy mode(true or false)
-close
Close tunnel idle(true or false)
-closetime int
Reduce tunnel quantity after X (milliseconds) (default 600000)
-dest string
Destination for client tunnels. Ignored for service tunnels. (default &quot;none&quot;)
-dir string
Directory to save tunnel configuration file in.
-encryptlease
Use an encrypted leaseset(true or false) (default true)
-gzip
Uze gzip(true or false)
-headers
Inject X-I2P-DEST headers
-host string
Target host(Host of service to forward to i2p) (default &quot;127.0.0.1&quot;)
-inback int
Set inbound tunnel backup quantity(0 to 5) (default 4)
-incount int
Set inbound tunnel quantity(0 to 15) (default 6)
-ini string
Use an ini file for configuration(config file options override passed arguments for now.) (default &quot;none&quot;)
-inlen int
Set inbound tunnel length(0 to 7) (default 3)
-invar int
Set inbound tunnel length variance(-7 to 7)
-lsk string
path to saved encrypted leaseset keys (default &quot;none&quot;)
-name string
Tunnel name, this must be unique but can be anything. (default &quot;forwarder&quot;)
-outback int
Set outbound tunnel backup quantity(0 to 5) (default 4)
-outcount int
Set outbound tunnel quantity(0 to 15) (default 6)
-outlen int
Set outbound tunnel length(0 to 7) (default 3)
-outvar int
Set outbound tunnel length variance(-7 to 7)
-port string
Target port(Port of service to forward to i2p) (default &quot;8081&quot;)
-reduce
Reduce tunnel quantity when idle(true or false)
-reducecount int
Reduce idle tunnel quantity to X (0 to 5) (default 3)
-reducetime int
Reduce tunnel quantity after X (milliseconds) (default 600000)
-samhost string
SAM host (default &quot;127.0.0.1&quot;)
-samport string
SAM port (default &quot;7656&quot;)
-save
Use saved file and persist tunnel(If false, tunnel will not persist after program is stopped.
-tlsport string
(Currently inoperative. Target TLS port(HTTPS Port of service to forward to i2p)
-udp
UDP mode(true or false)
-zeroin
Allow zero-hop, non-anonymous tunnels in(true or false)
-zeroout
Allow zero-hop, non-anonymous tunnels out(true or false)</code></pre>
<h1 id="samcatd---router-independent-tunnel-management-for-i2p">samcatd - Router-independent tunnel management for i2p</h1>
<p>samcatd is a daemon which runs a group of forwarding proxies to provide services over i2p independent of the router. It also serves as a generalized i2p networking utility for power-users. It's intended to be a Swiss-army knife for the SAM API.</p>
<h2 id="usage-1">usage:</h2>
<pre><code>flag needs an argument: -h
Usage of ./bin/samcatd:
-a string
Type of access list to use, can be &quot;whitelist&quot; &quot;blacklist&quot; or &quot;none&quot;. (default &quot;none&quot;)
-accesslist value
Specify an access list member(can be used multiple times)
-c Client proxy mode(true or false)
-cr string
Encrypt/decrypt the key files with a passfile
-css string
custom CSS for web interface (default &quot;css/styles.css&quot;)
-ct int
Reduce tunnel quantity after X (milliseconds) (default 600000)
-d string
Directory to save tunnel configuration file in.
-de string
Destination to connect client&#39;s to by default.
-f string
Use an ini file for configuration(config file options override passed arguments for now.) (default &quot;none&quot;)
-h string
Target host(Host of service to forward to i2p) (default &quot;127.0.0.1&quot;)
-i string
Destination for client tunnels. Ignored for service tunnels. (default &quot;none&quot;)
-ib int
Set inbound tunnel backup quantity(0 to 5) (default 2)
-ih
Inject X-I2P-DEST headers
-il int
Set inbound tunnel length(0 to 7) (default 3)
-iq int
Set inbound tunnel quantity(0 to 15) (default 6)
-iv int
Set inbound tunnel length variance(-7 to 7)
-js string
custom JS for web interface (default &quot;js/scripts.js&quot;)
-k string
key for encrypted leaseset (default &quot;none&quot;)
-l Use an encrypted leaseset(true or false) (default true)
-n string
Tunnel name, this must be unique but can be anything. (default &quot;forwarder&quot;)
-ob int
Set outbound tunnel backup quantity(0 to 5) (default 2)
-ol int
Set outbound tunnel length(0 to 7) (default 3)
-oq int
Set outbound tunnel quantity(0 to 15) (default 6)
-ov int
Set outbound tunnel length variance(-7 to 7)
-p string
Target port(Port of service to forward to i2p) (default &quot;8081&quot;)
-pk string
private key for encrypted leaseset (default &quot;none&quot;)
-psk string
private signing key for encrypted leaseset (default &quot;none&quot;)
-r Reduce tunnel quantity when idle(true or false)
-rq int
Reduce idle tunnel quantity to X (0 to 5) (default 3)
-rt int
Reduce tunnel quantity after X (milliseconds) (default 600000)
-s Start a tunnel with the passed parameters(Otherwise, they will be treated as default values.)
-sh string
SAM host (default &quot;127.0.0.1&quot;)
-sp string
SAM port (default &quot;7656&quot;)
-t Use saved file and persist tunnel(If false, tunnel will not persist after program is stopped.
-tls string
(Currently inoperative. Target TLS port(HTTPS Port of service to forward to i2p)
-u UDP mode(true or false)
-w Start web administration interface
-wp string
Web port (default &quot;7957&quot;)
-x Close tunnel idle(true or false)
-z Uze gzip(true or false)
-zi
Allow zero-hop, non-anonymous tunnels in(true or false)
-zo
Allow zero-hop, non-anonymous tunnels out(true or false)</code></pre>
<h1 id="managing-samcatd-save-encryption-keys">managing samcatd save-encryption keys</h1>
<p>In order to keep from saving the .i2pkeys files in plaintext format, samcatd can optionally generate a key and encrypt the .i2pkeys files securely. Of course, to fully benefit from this arrangement, you need to move those keys away from the machine where the tunnel keys(the .i2pkeys file) are located, or protect them in some other way(sandboxing, etc). If you want to use encrypted .i2pkeys files, you can specify a key file to use with the -cr option on the terminal or with keyfile option in the .ini file.</p>
<h1 id="example-config---valid-for-both-ephsite-and-samcat">example config - valid for both ephsite and samcat</h1>
<p>Options are still being added, pretty much as fast as I can put them in. For up-to-the-minute options, see <a href="config/CHECKLIST.md">the checklist</a></p>
<p>(<strong>ephsite</strong> will only use top-level options, but they can be labeled or unlabeled)</p>
<p>(<strong>samcatd</strong> treats the first set of options it sees as the default, and does not start tunnels based on unlabeled options unless passed the -s flag.)</p>
<div class="sourceCode"><pre class="sourceCode ini"><code class="sourceCode ini">
<span class="co">## Defaults, these are only invoked with the -start option or if labeled tunnels</span>
<span class="co">## are not present(samcatd instructions). **THESE** are the correct config files</span>
<span class="co">## to use as defaults, and not the ones in ../sam-forwarder/tunnels.ini, which</span>
<span class="co">## are used for testing settings availability only.</span>
<span class="dt">inbound.length </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span>
<span class="dt">outbound.length </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span>
<span class="dt">inbound.lengthVariance </span><span class="ot">=</span><span class="st"> </span><span class="dv">0</span>
<span class="dt">outbound.lengthVariance </span><span class="ot">=</span><span class="st"> </span><span class="dv">0</span>
<span class="dt">inbound.backupQuantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span>
<span class="dt">outbound.backupQuantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span>
<span class="dt">inbound.quantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">5</span>
<span class="dt">outbound.quantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">5</span>
<span class="dt">inbound.allowZeroHop </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span>
<span class="dt">outbound.allowZeroHop </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span>
<span class="dt">i2cp.encryptLeaseSet </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span>
<span class="dt">gzip </span><span class="ot">=</span><span class="st"> </span><span class="kw">true</span>
<span class="dt">i2cp.reduceOnIdle </span><span class="ot">=</span><span class="st"> </span><span class="kw">true</span>
<span class="dt">i2cp.reduceIdleTime </span><span class="ot">=</span><span class="st"> </span><span class="dv">3000000</span>
<span class="dt">i2cp.reduceQuantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">2</span>
<span class="dt">i2cp.enableWhiteList </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span>
<span class="dt">i2cp.enableBlackList </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span>
<span class="dt">keyfile </span><span class="ot">=</span><span class="st"> &quot;/usr/share/samcatd/samcatd&quot;</span>
<span class="co">#[sam-forwarder]</span>
<span class="co">#type = server</span>
<span class="co">#host = 127.0.0.1</span>
<span class="co">#port = 8081</span>
<span class="co">#inbound.length = 3</span>
<span class="co">#outbound.length = 3</span>
<span class="co">#keys = forwarder</span>
<span class="kw">[sam-forwarder-two]</span>
<span class="dt">type </span><span class="ot">=</span><span class="st"> client</span>
<span class="dt">host </span><span class="ot">=</span><span class="st"> </span><span class="fl">127.0.0.1</span>
<span class="dt">port </span><span class="ot">=</span><span class="st"> </span><span class="dv">8082</span>
<span class="dt">inbound.length </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span>
<span class="dt">outbound.length </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span>
<span class="dt">destination </span><span class="ot">=</span><span class="st"> i2p-projekt.i2p</span>
<span class="dt">keys </span><span class="ot">=</span><span class="st"> forwarder-two</span>
<span class="co">#[sam-forwarder-three]</span>
<span class="co">#type = udpclient</span>
<span class="co">#host = 127.0.0.1</span>
<span class="co">#port = 8083</span>
<span class="co">#inbound.length = 3</span>
<span class="co">#outbound.length = 3</span>
<span class="co">#destination = i2p-projekt.i2p</span>
<span class="co">#keys = forwarder-three</span>
<span class="co">#[sam-forwarder-four]</span>
<span class="co">#type = udpserver</span>
<span class="co">#host = 127.0.0.1</span>
<span class="co">#port = 8084</span>
<span class="co">#inbound.length = 6</span>
<span class="co">#outbound.length = 3</span>
<span class="co">#keys = forwarder-four</span>
<span class="co">#[sam-forwarder-five]</span>
<span class="co">#type = http</span>
<span class="co">#host = 127.0.0.1</span>
<span class="co">#port = 8085</span>
<span class="co">#inbound.length = 3</span>
<span class="co">#outbound.length = 3</span>
<span class="co">#keys = forwarder-five</span></code></pre></div>
<h1 id="sam-forwarder">sam-forwarder</h1>
<p>Forward a local port to i2p over the SAM API, or proxy a destination to a port on the local host. This is a work-in-progress, but the basic functionality is, there and its already pretty useful. Everything TCP works, but UDP forwarding has much less real use than TCP. Turns out UDP was less broken than I thought though. Yay. Theres also a simple client-server VPN built on top of it, eventually, it will be replaced with a peer-to-peer version.</p>
<p>Since it seems to be doing UDP now, if youd like to donate to further development there are some wallet addresses at the bottom of this readme for now.</p>
<h2 id="building">building</h2>
<p>Just:</p>
<pre><code> make deps build</code></pre>
<p>and it will be in the folder ./bin/</p>
<p><a href="https://travis-ci.org/eyedeekay/sam-forwarder"><img src="https://travis-ci.org/eyedeekay/sam-forwarder.svg?branch=master" alt="Build Status" /></a></p>
<h2 id="usage">Usage:</h2>
<p>There are a number of ways to use sam-forwarder:</p>
<h3 id="usageconfiguration-as-an-applicationstart-here-for-samcatd"><a href="docs/USAGE.md">usage/configuration</a> as an application(Start here for samcatd)</h3>
<h3 id="embedding-in-other-applications"><a href="docs/EMBEDDING.md">embedding</a> in other applications</h3>
<h3 id="encapsulate-configuration-for-i2p-enabled-packages"><a href="docs/PACKAGECONF.md">encapsulate</a> configuration for i2p-enabled packages</h3>
<h3 id="implement-the-interface-for-fine-grained-control-over-sam-connections"><a href="interface/README.md">implement</a> the interface for fine-grained control over SAM connections</h3>
<h2 id="binaries">binaries</h2>
<p>Two binaries are produced by this repo. The first, ephsite, is only capable of running one tunnel at a time and doesnt have VPN support. Im only updating it to make sure that the embeddable interface in existing applications doesnt change. It will go away and be replaced with a wrapper to translate it to samcatd -s commands whenever I complete <a href="docs/CHECKLIST.md" class="uri">docs/CHECKLIST.md</a>.</p>
<p>The second, samcatd, is more advanced. It can start multiple tunnels with their own settings, or be used to start tunnels on the fly like ephsite by passing the -s option. Eventually Im probably just going to use this to configure all of my tunnels.</p>
<h1 id="current-limitations">Current limitations:</h1>
<p>I need to document it better. <a href="docs/USAGE.md">Besides fixing up the comments, this should help for now.</a>. I also need to control output verbosity better.</p>
<p>I need samcatd to accept a configuration folder identical to /etc/i2pd/tunnels.conf.d, since part of the point of this is to be compatible with i2pds tunnels configuration. Once this is done, Ill resume turning it into a .deb package.</p>
<p>It doesnt encrypt the .i2pkeys file by default, so if someone can steal them, then they can use them to construct tunnels to impersonate you. Experimental support for encrypted saves has been added. The idea is that only the person with the key will be able to decrypt and start the tunnels. It is up to the user to determine how to go about managing these keys. Right now this system is pretty bad. Ill be addressing that soon too.</p>
<p>TCP and UDP are both working now. Additional functionality might be added by adding other kinds of protocols overtop the TCP and UDP tunnels as a primitive. Theres a very basic UDP-based VPN available in samcatd by configuration-file only for now. Also it requires root. Probably need to split the VPN part into its own application. The package will need to give the application CAP_NET_BIND_SERVICE or something. This might work:</p>
<pre><code> sudo setcap cap_net_bind_service=epi ./bin/samcatd
sudo setcap cap_net_bind_service=epi ./bin/samcatd-web</code></pre>
<p>But I need to learn more about capabilities before I make that part of the thing.</p>
<p>Some kind of reverse-proxy or filter is also an obvious choice.</p>
<p>Ive only enabled the use of a subset of the i2cp and tunnel configuration options, the ones I use the most and for no other real reason assume other people use the most. Theyre pretty easy to add, its just boring. <em>If you</em> <em>want an i2cp or tunnel option that isnt available, bring it to my attention</em> <em>please.</em> Im pretty responsive when people actually contact me, itll probably be added within 24 hours. I intend to have configuration options for all relevant i2cp and tunnel options, which Im keeping track of <a href="config/CHECKLIST.md">here</a>.</p>
<p>I should probably have some options that are available in other general network utilities. Ive started to do this with samcatd.</p>
<p>I want it to be able to save ini files based on the settings used for a running forwarder. Should be easy, I just need to decide how I want to do it. Also to focus a bit more. Ive got more of a plan here now. tunconf has the loaded ini file inside it, and variables to track the state of the config options while running, and they can be switched to save options that might be changed via some interface or another.</p>
<p>Example tools built using this are being broken off into their own repos. Use the other repos where appropriate, so I can leave the examples un-messed with.</p>
<p>It would be really awesome if I could make this run on Android. So Ill make that happen eventually. I started a daemon for managing multiple tunnels and I figure I give it a web interface to configure stuff with. Ill probably put that in a different repo though. This is looking a little cluttered.</p>
<p>TLS configuration is experimental.</p>
<p>Ive made it self-supervising, but I need to make better use of contexts.</p>
<h2 id="stuff-thats-using-it">Stuff thats using it:</h2>
<p>Mostly mine, but this is all Free-as-in-Freedom for anyone to use:</p>
<ul>
<li><a href="https://github.com/eyedeekay/eephttpd">eephttpd</a></li>
<li><a href="https://github.com/eyedeekay/wikigopher">my fork of wikigopher</a></li>
<li><a href="https://github.com/s-gv/orangeforum">orangeforum</a></li>
</ul>
<h2 id="donate">Donate</h2>
<h3 id="monero-wallet-address">Monero Wallet Address</h3>
<p>XMR:43V6cTZrUfAb9JD6Dmn3vjdT9XxLbiE27D1kaoehb359ACaHs8191mR4RsJH7hGjRTiAoSwFQAVdsCBToXXPAqTMDdP2bZB</p>
<h3 id="bitcoin-wallet-address">Bitcoin Wallet Address</h3>
<p>BTC:159M8MEUwhTzE9RXmcZxtigKaEjgfwRbHt</p>
<h2 id="index">Index</h2>
<ul>
<li><a href="index.html">readme</a></li>
<li><a href="usage.html">usage</a></li>
<li><a href="packageconf.html">configuration</a></li>
<li><a href="embedding.html">embedding</a></li>
<li><a href="interface.htnl">interface</a></li>
</ul>

2
docs/interface.html Normal file
View File

@ -0,0 +1,2 @@
<h1 id="implementing-the-sam-forwarder-interface">Implementing the sam-forwarder interface</h1>
<p>The sam-forwrder interface(used int the Go sense of the word interface) is used to create custom types of tunnels.</p>

1
docs/packageconf.html Normal file
View File

@ -0,0 +1 @@
<h1 id="encapsulating-and-packaging-application-configuration-with-samcatd">Encapsulating and Packaging Application Configuration with samcatd</h1>

194
docs/usage.html Normal file
View File

@ -0,0 +1,194 @@
<h1 id="samcatd---router-independent-tunnel-management-for-i2p">samcatd - Router-independent tunnel management for i2p</h1>
<p>samcatd is a daemon which runs a group of forwarding proxies to provide services over i2p independent of the router. It also serves as a generalized i2p networking utility for power-users. Its intended to be a Swiss-army knife for the SAM API.</p>
<h2 id="usage">usage:</h2>
<pre><code>flag needs an argument: -h
Usage of ./bin/samcatd:
-a string
Type of access list to use, can be &quot;whitelist&quot; &quot;blacklist&quot; or &quot;none&quot;. (default &quot;none&quot;)
-c Client proxy mode(true or false)
-conv string
Display the base32 and base64 values of a specified .i2pkeys file
-cr string
Encrypt/decrypt the key files with a passfile
-css string
custom CSS for web interface (default &quot;css/styles.css&quot;)
-ct int
Reduce tunnel quantity after X (milliseconds) (default 600000)
-d string
Directory to save tunnel configuration file in.
-de string
Destination to connect client&#39;s to by default.
-f string
Use an ini file for configuration(config file options override passed arguments for now.) (default &quot;none&quot;)
-h string
Target host(Host of service to forward to i2p) (default &quot;127.0.0.1&quot;)
-i string
Destination for client tunnels. Ignored for service tunnels. (default &quot;none&quot;)
-ib int
Set inbound tunnel backup quantity(0 to 5) (default 2)
-ih
Inject X-I2P-DEST headers
-il int
Set inbound tunnel length(0 to 7) (default 3)
-iq int
Set inbound tunnel quantity(0 to 15) (default 6)
-iv int
Set inbound tunnel length variance(-7 to 7)
-js string
custom JS for web interface (default &quot;js/scripts.js&quot;)
-k string
key for encrypted leaseset (default &quot;none&quot;)
-l Use an encrypted leaseset(true or false) (default true)
-littleboss string
instruct the littleboss:
start: start and manage this process using service name &quot;service-name&quot;
stop: signal the littleboss to shutdown the process
status: print statistics about the running littleboss
reload: restart the managed process using the executed binary
bypass: disable littleboss, run the program directly (default &quot;bypass&quot;)
-n string
Tunnel name, this must be unique but can be anything. (default &quot;forwarder&quot;)
-ob int
Set outbound tunnel backup quantity(0 to 5) (default 2)
-ol int
Set outbound tunnel length(0 to 7) (default 3)
-oq int
Set outbound tunnel quantity(0 to 15) (default 6)
-ov int
Set outbound tunnel length variance(-7 to 7)
-p string
Target port(Port of service to forward to i2p) (default &quot;8081&quot;)
-pk string
private key for encrypted leaseset (default &quot;none&quot;)
-psk string
private signing key for encrypted leaseset (default &quot;none&quot;)
-r Reduce tunnel quantity when idle(true or false)
-rq int
Reduce idle tunnel quantity to X (0 to 5) (default 3)
-rt int
Reduce tunnel quantity after X (milliseconds) (default 600000)
-s Start a tunnel with the passed parameters(Otherwise, they will be treated as default values.)
-sh string
SAM host (default &quot;127.0.0.1&quot;)
-sp string
SAM port (default &quot;7656&quot;)
-st string
Signature type
-t Use saved file and persist tunnel(If false, tunnel will not persist after program is stopped.
-tls string
(Currently inoperative. Target TLS port(HTTPS Port of service to forward to i2p)
-u UDP mode(true or false)
-w Start web administration interface
-wp string
Web port (default &quot;7957&quot;)
-x Close tunnel idle(true or false)
-z Uze gzip(true or false)
-zi
Allow zero-hop, non-anonymous tunnels in(true or false)
-zo
Allow zero-hop, non-anonymous tunnels out(true or false)</code></pre>
<h1 id="managing-samcatd-save-encryption-keys">managing samcatd save-encryption keys</h1>
<p>In order to keep from saving the .i2pkeys files in plaintext format, samcatd can optionally generate a key and encrypt the .i2pkeys files securely. Of course, to fully benefit from this arrangement, you need to move those keys away from the machine where the tunnel keys(the .i2pkeys file) are located, or protect them in some other way(sandboxing, etc). If you want to use encrypted .i2pkeys files, you can specify a key file to use with the -cr option on the terminal or with keyfile option in the .ini file.</p>
<h1 id="example-config---valid-for-both-ephsite-and-samcat">example config - valid for both ephsite and samcat</h1>
<p>Options are still being added, pretty much as fast as I can put them in. For up-to-the-minute options, see <a href="config/CHECKLIST.md">the checklist</a></p>
<p>(<strong>ephsite</strong> will only use top-level options, but they can be labeled or unlabeled)</p>
<p>(<strong>samcatd</strong> treats the first set of options it sees as the default, and does not start tunnels based on unlabeled options unless passed the -s flag.)</p>
<div class="sourceCode" id="cb2"><pre class="sourceCode ini"><code class="sourceCode ini"><a class="sourceLine" id="cb2-1" title="1"></a>
<a class="sourceLine" id="cb2-2" title="2"><span class="co">## Defaults, these are only invoked with the -start option or if labeled tunnels</span></a>
<a class="sourceLine" id="cb2-3" title="3"><span class="co">## are not present(samcatd instructions). **THESE** are the correct config files</span></a>
<a class="sourceLine" id="cb2-4" title="4"><span class="co">## to use as defaults, and not the ones in ../sam-forwarder/tunnels.ini, which</span></a>
<a class="sourceLine" id="cb2-5" title="5"><span class="co">## are used for testing settings availability only.</span></a>
<a class="sourceLine" id="cb2-6" title="6"></a>
<a class="sourceLine" id="cb2-7" title="7"><span class="dt">inbound.length </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span></a>
<a class="sourceLine" id="cb2-8" title="8"><span class="dt">outbound.length </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span></a>
<a class="sourceLine" id="cb2-9" title="9"><span class="dt">inbound.lengthVariance </span><span class="ot">=</span><span class="st"> </span><span class="dv">0</span></a>
<a class="sourceLine" id="cb2-10" title="10"><span class="dt">outbound.lengthVariance </span><span class="ot">=</span><span class="st"> </span><span class="dv">0</span></a>
<a class="sourceLine" id="cb2-11" title="11"><span class="dt">inbound.backupQuantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span></a>
<a class="sourceLine" id="cb2-12" title="12"><span class="dt">outbound.backupQuantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span></a>
<a class="sourceLine" id="cb2-13" title="13"><span class="dt">inbound.quantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">5</span></a>
<a class="sourceLine" id="cb2-14" title="14"><span class="dt">outbound.quantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">5</span></a>
<a class="sourceLine" id="cb2-15" title="15"><span class="dt">inbound.allowZeroHop </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span></a>
<a class="sourceLine" id="cb2-16" title="16"><span class="dt">outbound.allowZeroHop </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span></a>
<a class="sourceLine" id="cb2-17" title="17"><span class="dt">i2cp.encryptLeaseSet </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span></a>
<a class="sourceLine" id="cb2-18" title="18"><span class="dt">gzip </span><span class="ot">=</span><span class="st"> </span><span class="kw">true</span></a>
<a class="sourceLine" id="cb2-19" title="19"><span class="dt">i2cp.reduceOnIdle </span><span class="ot">=</span><span class="st"> </span><span class="kw">true</span></a>
<a class="sourceLine" id="cb2-20" title="20"><span class="dt">i2cp.reduceIdleTime </span><span class="ot">=</span><span class="st"> </span><span class="dv">3000000</span></a>
<a class="sourceLine" id="cb2-21" title="21"><span class="dt">i2cp.reduceQuantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">2</span></a>
<a class="sourceLine" id="cb2-22" title="22"><span class="dt">i2cp.enableWhiteList </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span></a>
<a class="sourceLine" id="cb2-23" title="23"><span class="dt">i2cp.enableBlackList </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span></a>
<a class="sourceLine" id="cb2-24" title="24"><span class="dt">keyfile </span><span class="ot">=</span><span class="st"> &quot;/usr/share/samcatd/samcatd&quot;</span></a>
<a class="sourceLine" id="cb2-25" title="25"></a>
<a class="sourceLine" id="cb2-26" title="26"><span class="co">#[sam-forwarder-tcp-server]</span></a>
<a class="sourceLine" id="cb2-27" title="27"><span class="co">#type = server</span></a>
<a class="sourceLine" id="cb2-28" title="28"><span class="co">#host = 127.0.0.1</span></a>
<a class="sourceLine" id="cb2-29" title="29"><span class="co">#port = 8081</span></a>
<a class="sourceLine" id="cb2-30" title="30"><span class="co">#inbound.length = 3</span></a>
<a class="sourceLine" id="cb2-31" title="31"><span class="co">#outbound.length = 3</span></a>
<a class="sourceLine" id="cb2-32" title="32"><span class="co">#keys = forwarder</span></a>
<a class="sourceLine" id="cb2-33" title="33"></a>
<a class="sourceLine" id="cb2-34" title="34"><span class="kw">[sam-forwarder-tcp-client]</span></a>
<a class="sourceLine" id="cb2-35" title="35"><span class="dt">type </span><span class="ot">=</span><span class="st"> client</span></a>
<a class="sourceLine" id="cb2-36" title="36"><span class="dt">host </span><span class="ot">=</span><span class="st"> </span><span class="dv">127</span><span class="st">.</span><span class="dv">0</span><span class="st">.</span><span class="fl">0.1</span></a>
<a class="sourceLine" id="cb2-37" title="37"><span class="dt">port </span><span class="ot">=</span><span class="st"> </span><span class="dv">8082</span></a>
<a class="sourceLine" id="cb2-38" title="38"><span class="dt">inbound.length </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span></a>
<a class="sourceLine" id="cb2-39" title="39"><span class="dt">outbound.length </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span></a>
<a class="sourceLine" id="cb2-40" title="40"><span class="dt">destination </span><span class="ot">=</span><span class="st"> i2p-projekt.i2p</span></a>
<a class="sourceLine" id="cb2-41" title="41"><span class="dt">keys </span><span class="ot">=</span><span class="st"> forwarder-two</span></a>
<a class="sourceLine" id="cb2-42" title="42"></a>
<a class="sourceLine" id="cb2-43" title="43"><span class="co">#[sam-forwarder-udp-server]</span></a>
<a class="sourceLine" id="cb2-44" title="44"><span class="co">#type = udpserver</span></a>
<a class="sourceLine" id="cb2-45" title="45"><span class="co">#host = 127.0.0.1</span></a>
<a class="sourceLine" id="cb2-46" title="46"><span class="co">#port = 8084</span></a>
<a class="sourceLine" id="cb2-47" title="47"><span class="co">#inbound.length = 6</span></a>
<a class="sourceLine" id="cb2-48" title="48"><span class="co">#outbound.length = 3</span></a>
<a class="sourceLine" id="cb2-49" title="49"><span class="co">#keys = forwarder-four</span></a>
<a class="sourceLine" id="cb2-50" title="50"></a>
<a class="sourceLine" id="cb2-51" title="51"><span class="co">#[sam-forwarder-udp-client]</span></a>
<a class="sourceLine" id="cb2-52" title="52"><span class="co">#type = udpclient</span></a>
<a class="sourceLine" id="cb2-53" title="53"><span class="co">#host = 127.0.0.1</span></a>
<a class="sourceLine" id="cb2-54" title="54"><span class="co">#port = 8083</span></a>
<a class="sourceLine" id="cb2-55" title="55"><span class="co">#inbound.length = 3</span></a>
<a class="sourceLine" id="cb2-56" title="56"><span class="co">#outbound.length = 3</span></a>
<a class="sourceLine" id="cb2-57" title="57"><span class="co">#destination = i2p-projekt.i2p</span></a>
<a class="sourceLine" id="cb2-58" title="58"><span class="co">#keys = forwarder-three</span></a>
<a class="sourceLine" id="cb2-59" title="59"></a>
<a class="sourceLine" id="cb2-60" title="60"><span class="co">#[sam-forwarder-tcp-http-server]</span></a>
<a class="sourceLine" id="cb2-61" title="61"><span class="co">#type = http</span></a>
<a class="sourceLine" id="cb2-62" title="62"><span class="co">#host = 127.0.0.1</span></a>
<a class="sourceLine" id="cb2-63" title="63"><span class="co">#port = 8085</span></a>
<a class="sourceLine" id="cb2-64" title="64"><span class="co">#inbound.length = 3</span></a>
<a class="sourceLine" id="cb2-65" title="65"><span class="co">#outbound.length = 3</span></a>
<a class="sourceLine" id="cb2-66" title="66"><span class="co">#keys = forwarder-five</span></a>
<a class="sourceLine" id="cb2-67" title="67"></a>
<a class="sourceLine" id="cb2-68" title="68"><span class="co">#[sam-forwarder-vpn-server]</span></a>
<a class="sourceLine" id="cb2-69" title="69"><span class="co">#type = udpserver</span></a>
<a class="sourceLine" id="cb2-70" title="70"><span class="co">#host = 127.0.0.1</span></a>
<a class="sourceLine" id="cb2-71" title="71"><span class="co">#port = 8084</span></a>
<a class="sourceLine" id="cb2-72" title="72"><span class="co">#inbound.length = 2</span></a>
<a class="sourceLine" id="cb2-73" title="73"><span class="co">#outbound.length = 2</span></a>
<a class="sourceLine" id="cb2-74" title="74"><span class="co">#inbound.backupQuantity = 3</span></a>
<a class="sourceLine" id="cb2-75" title="75"><span class="co">#outbound.backupQuantity = 3</span></a>
<a class="sourceLine" id="cb2-76" title="76"><span class="co">#inbound.quantity = 5</span></a>
<a class="sourceLine" id="cb2-77" title="77"><span class="co">#outbound.quantity = 5</span></a>
<a class="sourceLine" id="cb2-78" title="78"><span class="co">#i2cp.reduceOnIdle = true</span></a>
<a class="sourceLine" id="cb2-79" title="79"><span class="co">#i2cp.reduceIdleTime = 3000000</span></a>
<a class="sourceLine" id="cb2-80" title="80"><span class="co">#i2cp.reduceQuantity = 2</span></a>
<a class="sourceLine" id="cb2-81" title="81"><span class="co">#i2cp.closeOnIdle = false</span></a>
<a class="sourceLine" id="cb2-82" title="82"><span class="co">#keys = i2pvpnserver</span></a>
<a class="sourceLine" id="cb2-83" title="83"></a>
<a class="sourceLine" id="cb2-84" title="84"><span class="co">#[sam-forwarder-vpn-client]</span></a>
<a class="sourceLine" id="cb2-85" title="85"><span class="co">#type = udpclient</span></a>
<a class="sourceLine" id="cb2-86" title="86"><span class="co">#host = 127.0.0.1</span></a>
<a class="sourceLine" id="cb2-87" title="87"><span class="co">#port = 8085</span></a>
<a class="sourceLine" id="cb2-88" title="88"><span class="co">#inbound.length = 2</span></a>
<a class="sourceLine" id="cb2-89" title="89"><span class="co">#outbound.length = 2</span></a>
<a class="sourceLine" id="cb2-90" title="90"><span class="co">#inbound.backupQuantity = 3</span></a>
<a class="sourceLine" id="cb2-91" title="91"><span class="co">#outbound.backupQuantity = 3</span></a>
<a class="sourceLine" id="cb2-92" title="92"><span class="co">#inbound.quantity = 5</span></a>
<a class="sourceLine" id="cb2-93" title="93"><span class="co">#outbound.quantity = 5</span></a>
<a class="sourceLine" id="cb2-94" title="94"><span class="co">#i2cp.reduceOnIdle = true</span></a>
<a class="sourceLine" id="cb2-95" title="95"><span class="co">#i2cp.reduceIdleTime = 3000000</span></a>
<a class="sourceLine" id="cb2-96" title="96"><span class="co">#i2cp.reduceQuantity = 2</span></a>
<a class="sourceLine" id="cb2-97" title="97"><span class="co">#destination = adestinationisrequiredorbespecifiedatruntime.i2p</span></a>
<a class="sourceLine" id="cb2-98" title="98"><span class="co">#keys = i2pvpnclient</span></a></code></pre></div>

5
example/README.md Normal file
View File

@ -0,0 +1,5 @@
eepHttpd, a standalone static web server for i2p
================================================
* [Official version:](https://github.com/eyedeekay/eephttpd)
* [See also:](https://eyedeekay.github.io/eephttpd/docs/EMBEDDING.md)

252
example/www/index.html
View File

@ -1,83 +1,13 @@
<h1 id="ephsite---easy-forwarding-of-local-services-to-i2p">ephsite - Easy forwarding of local services to i2p</h1>
<p>ephsite is a forwarding proxy designed to configure a tunnel for use with i2p. It can be used to easily forward a local service to the i2p network using i2p's SAM API instead of the tunnel interface.</p>
<h2 id="usage">usage:</h2>
<pre><code>Usage of ./bin/ephsite:
-access string
Type of access list to use, can be &quot;whitelist&quot; &quot;blacklist&quot; or &quot;none&quot;. (default &quot;none&quot;)
-accesslist value
Specify an access list member(can be used multiple times)
-client
Client proxy mode(true or false)
-close
Close tunnel idle(true or false)
-closetime int
Reduce tunnel quantity after X (milliseconds) (default 600000)
-dest string
Destination for client tunnels. Ignored for service tunnels. (default &quot;none&quot;)
-dir string
Directory to save tunnel configuration file in.
-encryptlease
Use an encrypted leaseset(true or false) (default true)
-gzip
Uze gzip(true or false)
-headers
Inject X-I2P-DEST headers
-host string
Target host(Host of service to forward to i2p) (default &quot;127.0.0.1&quot;)
-inback int
Set inbound tunnel backup quantity(0 to 5) (default 4)
-incount int
Set inbound tunnel quantity(0 to 15) (default 6)
-ini string
Use an ini file for configuration(config file options override passed arguments for now.) (default &quot;none&quot;)
-inlen int
Set inbound tunnel length(0 to 7) (default 3)
-invar int
Set inbound tunnel length variance(-7 to 7)
-lsk string
path to saved encrypted leaseset keys (default &quot;none&quot;)
-name string
Tunnel name, this must be unique but can be anything. (default &quot;forwarder&quot;)
-outback int
Set outbound tunnel backup quantity(0 to 5) (default 4)
-outcount int
Set outbound tunnel quantity(0 to 15) (default 6)
-outlen int
Set outbound tunnel length(0 to 7) (default 3)
-outvar int
Set outbound tunnel length variance(-7 to 7)
-port string
Target port(Port of service to forward to i2p) (default &quot;8081&quot;)
-reduce
Reduce tunnel quantity when idle(true or false)
-reducecount int
Reduce idle tunnel quantity to X (0 to 5) (default 3)
-reducetime int
Reduce tunnel quantity after X (milliseconds) (default 600000)
-samhost string
SAM host (default &quot;127.0.0.1&quot;)
-samport string
SAM port (default &quot;7656&quot;)
-save
Use saved file and persist tunnel(If false, tunnel will not persist after program is stopped.
-tlsport string
(Currently inoperative. Target TLS port(HTTPS Port of service to forward to i2p)
-udp
UDP mode(true or false)
-zeroin
Allow zero-hop, non-anonymous tunnels in(true or false)
-zeroout
Allow zero-hop, non-anonymous tunnels out(true or false)</code></pre>
<h1 id="samcatd---router-independent-tunnel-management-for-i2p">samcatd - Router-independent tunnel management for i2p</h1>
<p>samcatd is a daemon which runs a group of forwarding proxies to provide services over i2p independent of the router. It also serves as a generalized i2p networking utility for power-users. It's intended to be a Swiss-army knife for the SAM API.</p>
<h2 id="usage-1">usage:</h2>
<p>samcatd is a daemon which runs a group of forwarding proxies to provide services over i2p independent of the router. It also serves as a generalized i2p networking utility for power-users. Its intended to be a Swiss-army knife for the SAM API.</p>
<h2 id="usage">usage:</h2>
<pre><code>flag needs an argument: -h
Usage of ./bin/samcatd:
-a string
Type of access list to use, can be &quot;whitelist&quot; &quot;blacklist&quot; or &quot;none&quot;. (default &quot;none&quot;)
-accesslist value
Specify an access list member(can be used multiple times)
-c Client proxy mode(true or false)
-conv string
Display the base32 and base64 values of a specified .i2pkeys file
-cr string
Encrypt/decrypt the key files with a passfile
-css string
@ -109,6 +39,14 @@ Usage of ./bin/samcatd:
-k string
key for encrypted leaseset (default &quot;none&quot;)
-l Use an encrypted leaseset(true or false) (default true)
-littleboss string
instruct the littleboss:
start: start and manage this process using service name &quot;service-name&quot;
stop: signal the littleboss to shutdown the process
status: print statistics about the running littleboss
reload: restart the managed process using the executed binary
bypass: disable littleboss, run the program directly (default &quot;bypass&quot;)
-n string
Tunnel name, this must be unique but can be anything. (default &quot;forwarder&quot;)
-ob int
@ -135,6 +73,8 @@ Usage of ./bin/samcatd:
SAM host (default &quot;127.0.0.1&quot;)
-sp string
SAM port (default &quot;7656&quot;)
-st string
Signature type
-t Use saved file and persist tunnel(If false, tunnel will not persist after program is stopped.
-tls string
(Currently inoperative. Target TLS port(HTTPS Port of service to forward to i2p)
@ -154,69 +94,101 @@ Usage of ./bin/samcatd:
<p>Options are still being added, pretty much as fast as I can put them in. For up-to-the-minute options, see <a href="config/CHECKLIST.md">the checklist</a></p>
<p>(<strong>ephsite</strong> will only use top-level options, but they can be labeled or unlabeled)</p>
<p>(<strong>samcatd</strong> treats the first set of options it sees as the default, and does not start tunnels based on unlabeled options unless passed the -s flag.)</p>
<div class="sourceCode"><pre class="sourceCode ini"><code class="sourceCode ini">
<span class="co">## Defaults, these are only invoked with the -start option or if labeled tunnels</span>
<span class="co">## are not present(samcatd instructions). **THESE** are the correct config files</span>
<span class="co">## to use as defaults, and not the ones in ../sam-forwarder/tunnels.ini, which</span>
<span class="co">## are used for testing settings availability only.</span>
<span class="dt">inbound.length </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span>
<span class="dt">outbound.length </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span>
<span class="dt">inbound.lengthVariance </span><span class="ot">=</span><span class="st"> </span><span class="dv">0</span>
<span class="dt">outbound.lengthVariance </span><span class="ot">=</span><span class="st"> </span><span class="dv">0</span>
<span class="dt">inbound.backupQuantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span>
<span class="dt">outbound.backupQuantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span>
<span class="dt">inbound.quantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">5</span>
<span class="dt">outbound.quantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">5</span>
<span class="dt">inbound.allowZeroHop </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span>
<span class="dt">outbound.allowZeroHop </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span>
<span class="dt">i2cp.encryptLeaseSet </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span>
<span class="dt">gzip </span><span class="ot">=</span><span class="st"> </span><span class="kw">true</span>
<span class="dt">i2cp.reduceOnIdle </span><span class="ot">=</span><span class="st"> </span><span class="kw">true</span>
<span class="dt">i2cp.reduceIdleTime </span><span class="ot">=</span><span class="st"> </span><span class="dv">3000000</span>
<span class="dt">i2cp.reduceQuantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">2</span>
<span class="dt">i2cp.enableWhiteList </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span>
<span class="dt">i2cp.enableBlackList </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span>
<span class="dt">keyfile </span><span class="ot">=</span><span class="st"> &quot;/usr/share/samcatd/samcatd&quot;</span>
<span class="co">#[sam-forwarder]</span>
<span class="co">#type = server</span>
<span class="co">#host = 127.0.0.1</span>
<span class="co">#port = 8081</span>
<span class="co">#inbound.length = 3</span>
<span class="co">#outbound.length = 3</span>
<span class="co">#keys = forwarder</span>
<span class="kw">[sam-forwarder-two]</span>
<span class="dt">type </span><span class="ot">=</span><span class="st"> client</span>
<span class="dt">host </span><span class="ot">=</span><span class="st"> </span><span class="fl">127.0.0.1</span>
<span class="dt">port </span><span class="ot">=</span><span class="st"> </span><span class="dv">8082</span>
<span class="dt">inbound.length </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span>
<span class="dt">outbound.length </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span>
<span class="dt">destination </span><span class="ot">=</span><span class="st"> i2p-projekt.i2p</span>
<span class="dt">keys </span><span class="ot">=</span><span class="st"> forwarder-two</span>
<span class="co">#[sam-forwarder-three]</span>
<span class="co">#type = udpclient</span>
<span class="co">#host = 127.0.0.1</span>
<span class="co">#port = 8083</span>
<span class="co">#inbound.length = 3</span>
<span class="co">#outbound.length = 3</span>
<span class="co">#destination = i2p-projekt.i2p</span>
<span class="co">#keys = forwarder-three</span>
<span class="co">#[sam-forwarder-four]</span>
<span class="co">#type = udpserver</span>
<span class="co">#host = 127.0.0.1</span>
<span class="co">#port = 8084</span>
<span class="co">#inbound.length = 6</span>
<span class="co">#outbound.length = 3</span>
<span class="co">#keys = forwarder-four</span>
<span class="co">#[sam-forwarder-five]</span>
<span class="co">#type = http</span>
<span class="co">#host = 127.0.0.1</span>
<span class="co">#port = 8085</span>
<span class="co">#inbound.length = 3</span>
<span class="co">#outbound.length = 3</span>
<span class="co">#keys = forwarder-five</span></code></pre></div>
<div class="sourceCode" id="cb2"><pre class="sourceCode ini"><code class="sourceCode ini"><a class="sourceLine" id="cb2-1" title="1"></a>
<a class="sourceLine" id="cb2-2" title="2"><span class="co">## Defaults, these are only invoked with the -start option or if labeled tunnels</span></a>
<a class="sourceLine" id="cb2-3" title="3"><span class="co">## are not present(samcatd instructions). **THESE** are the correct config files</span></a>
<a class="sourceLine" id="cb2-4" title="4"><span class="co">## to use as defaults, and not the ones in ../sam-forwarder/tunnels.ini, which</span></a>
<a class="sourceLine" id="cb2-5" title="5"><span class="co">## are used for testing settings availability only.</span></a>
<a class="sourceLine" id="cb2-6" title="6"></a>
<a class="sourceLine" id="cb2-7" title="7"><span class="dt">inbound.length </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span></a>
<a class="sourceLine" id="cb2-8" title="8"><span class="dt">outbound.length </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span></a>
<a class="sourceLine" id="cb2-9" title="9"><span class="dt">inbound.lengthVariance </span><span class="ot">=</span><span class="st"> </span><span class="dv">0</span></a>
<a class="sourceLine" id="cb2-10" title="10"><span class="dt">outbound.lengthVariance </span><span class="ot">=</span><span class="st"> </span><span class="dv">0</span></a>
<a class="sourceLine" id="cb2-11" title="11"><span class="dt">inbound.backupQuantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span></a>
<a class="sourceLine" id="cb2-12" title="12"><span class="dt">outbound.backupQuantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span></a>
<a class="sourceLine" id="cb2-13" title="13"><span class="dt">inbound.quantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">5</span></a>
<a class="sourceLine" id="cb2-14" title="14"><span class="dt">outbound.quantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">5</span></a>
<a class="sourceLine" id="cb2-15" title="15"><span class="dt">inbound.allowZeroHop </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span></a>
<a class="sourceLine" id="cb2-16" title="16"><span class="dt">outbound.allowZeroHop </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span></a>
<a class="sourceLine" id="cb2-17" title="17"><span class="dt">i2cp.encryptLeaseSet </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span></a>
<a class="sourceLine" id="cb2-18" title="18"><span class="dt">gzip </span><span class="ot">=</span><span class="st"> </span><span class="kw">true</span></a>
<a class="sourceLine" id="cb2-19" title="19"><span class="dt">i2cp.reduceOnIdle </span><span class="ot">=</span><span class="st"> </span><span class="kw">true</span></a>
<a class="sourceLine" id="cb2-20" title="20"><span class="dt">i2cp.reduceIdleTime </span><span class="ot">=</span><span class="st"> </span><span class="dv">3000000</span></a>
<a class="sourceLine" id="cb2-21" title="21"><span class="dt">i2cp.reduceQuantity </span><span class="ot">=</span><span class="st"> </span><span class="dv">2</span></a>
<a class="sourceLine" id="cb2-22" title="22"><span class="dt">i2cp.enableWhiteList </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span></a>
<a class="sourceLine" id="cb2-23" title="23"><span class="dt">i2cp.enableBlackList </span><span class="ot">=</span><span class="st"> </span><span class="kw">false</span></a>
<a class="sourceLine" id="cb2-24" title="24"><span class="dt">keyfile </span><span class="ot">=</span><span class="st"> &quot;/usr/share/samcatd/samcatd&quot;</span></a>
<a class="sourceLine" id="cb2-25" title="25"></a>
<a class="sourceLine" id="cb2-26" title="26"><span class="co">#[sam-forwarder-tcp-server]</span></a>
<a class="sourceLine" id="cb2-27" title="27"><span class="co">#type = server</span></a>
<a class="sourceLine" id="cb2-28" title="28"><span class="co">#host = 127.0.0.1</span></a>
<a class="sourceLine" id="cb2-29" title="29"><span class="co">#port = 8081</span></a>
<a class="sourceLine" id="cb2-30" title="30"><span class="co">#inbound.length = 3</span></a>
<a class="sourceLine" id="cb2-31" title="31"><span class="co">#outbound.length = 3</span></a>
<a class="sourceLine" id="cb2-32" title="32"><span class="co">#keys = forwarder</span></a>
<a class="sourceLine" id="cb2-33" title="33"></a>
<a class="sourceLine" id="cb2-34" title="34"><span class="kw">[sam-forwarder-tcp-client]</span></a>
<a class="sourceLine" id="cb2-35" title="35"><span class="dt">type </span><span class="ot">=</span><span class="st"> client</span></a>
<a class="sourceLine" id="cb2-36" title="36"><span class="dt">host </span><span class="ot">=</span><span class="st"> </span><span class="dv">127</span><span class="st">.</span><span class="dv">0</span><span class="st">.</span><span class="fl">0.1</span></a>
<a class="sourceLine" id="cb2-37" title="37"><span class="dt">port </span><span class="ot">=</span><span class="st"> </span><span class="dv">8082</span></a>
<a class="sourceLine" id="cb2-38" title="38"><span class="dt">inbound.length </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span></a>
<a class="sourceLine" id="cb2-39" title="39"><span class="dt">outbound.length </span><span class="ot">=</span><span class="st"> </span><span class="dv">3</span></a>
<a class="sourceLine" id="cb2-40" title="40"><span class="dt">destination </span><span class="ot">=</span><span class="st"> i2p-projekt.i2p</span></a>
<a class="sourceLine" id="cb2-41" title="41"><span class="dt">keys </span><span class="ot">=</span><span class="st"> forwarder-two</span></a>
<a class="sourceLine" id="cb2-42" title="42"></a>
<a class="sourceLine" id="cb2-43" title="43"><span class="co">#[sam-forwarder-udp-server]</span></a>
<a class="sourceLine" id="cb2-44" title="44"><span class="co">#type = udpserver</span></a>
<a class="sourceLine" id="cb2-45" title="45"><span class="co">#host = 127.0.0.1</span></a>
<a class="sourceLine" id="cb2-46" title="46"><span class="co">#port = 8084</span></a>
<a class="sourceLine" id="cb2-47" title="47"><span class="co">#inbound.length = 6</span></a>
<a class="sourceLine" id="cb2-48" title="48"><span class="co">#outbound.length = 3</span></a>
<a class="sourceLine" id="cb2-49" title="49"><span class="co">#keys = forwarder-four</span></a>
<a class="sourceLine" id="cb2-50" title="50"></a>
<a class="sourceLine" id="cb2-51" title="51"><span class="co">#[sam-forwarder-udp-client]</span></a>
<a class="sourceLine" id="cb2-52" title="52"><span class="co">#type = udpclient</span></a>
<a class="sourceLine" id="cb2-53" title="53"><span class="co">#host = 127.0.0.1</span></a>
<a class="sourceLine" id="cb2-54" title="54"><span class="co">#port = 8083</span></a>
<a class="sourceLine" id="cb2-55" title="55"><span class="co">#inbound.length = 3</span></a>
<a class="sourceLine" id="cb2-56" title="56"><span class="co">#outbound.length = 3</span></a>
<a class="sourceLine" id="cb2-57" title="57"><span class="co">#destination = i2p-projekt.i2p</span></a>
<a class="sourceLine" id="cb2-58" title="58"><span class="co">#keys = forwarder-three</span></a>
<a class="sourceLine" id="cb2-59" title="59"></a>
<a class="sourceLine" id="cb2-60" title="60"><span class="co">#[sam-forwarder-tcp-http-server]</span></a>
<a class="sourceLine" id="cb2-61" title="61"><span class="co">#type = http</span></a>
<a class="sourceLine" id="cb2-62" title="62"><span class="co">#host = 127.0.0.1</span></a>
<a class="sourceLine" id="cb2-63" title="63"><span class="co">#port = 8085</span></a>
<a class="sourceLine" id="cb2-64" title="64"><span class="co">#inbound.length = 3</span></a>
<a class="sourceLine" id="cb2-65" title="65"><span class="co">#outbound.length = 3</span></a>
<a class="sourceLine" id="cb2-66" title="66"><span class="co">#keys = forwarder-five</span></a>
<a class="sourceLine" id="cb2-67" title="67"></a>
<a class="sourceLine" id="cb2-68" title="68"><span class="co">#[sam-forwarder-vpn-server]</span></a>
<a class="sourceLine" id="cb2-69" title="69"><span class="co">#type = udpserver</span></a>
<a class="sourceLine" id="cb2-70" title="70"><span class="co">#host = 127.0.0.1</span></a>
<a class="sourceLine" id="cb2-71" title="71"><span class="co">#port = 8084</span></a>
<a class="sourceLine" id="cb2-72" title="72"><span class="co">#inbound.length = 2</span></a>
<a class="sourceLine" id="cb2-73" title="73"><span class="co">#outbound.length = 2</span></a>
<a class="sourceLine" id="cb2-74" title="74"><span class="co">#inbound.backupQuantity = 3</span></a>
<a class="sourceLine" id="cb2-75" title="75"><span class="co">#outbound.backupQuantity = 3</span></a>
<a class="sourceLine" id="cb2-76" title="76"><span class="co">#inbound.quantity = 5</span></a>
<a class="sourceLine" id="cb2-77" title="77"><span class="co">#outbound.quantity = 5</span></a>
<a class="sourceLine" id="cb2-78" title="78"><span class="co">#i2cp.reduceOnIdle = true</span></a>
<a class="sourceLine" id="cb2-79" title="79"><span class="co">#i2cp.reduceIdleTime = 3000000</span></a>
<a class="sourceLine" id="cb2-80" title="80"><span class="co">#i2cp.reduceQuantity = 2</span></a>
<a class="sourceLine" id="cb2-81" title="81"><span class="co">#i2cp.closeOnIdle = false</span></a>
<a class="sourceLine" id="cb2-82" title="82"><span class="co">#keys = i2pvpnserver</span></a>
<a class="sourceLine" id="cb2-83" title="83"></a>
<a class="sourceLine" id="cb2-84" title="84"><span class="co">#[sam-forwarder-vpn-client]</span></a>
<a class="sourceLine" id="cb2-85" title="85"><span class="co">#type = udpclient</span></a>
<a class="sourceLine" id="cb2-86" title="86"><span class="co">#host = 127.0.0.1</span></a>
<a class="sourceLine" id="cb2-87" title="87"><span class="co">#port = 8085</span></a>
<a class="sourceLine" id="cb2-88" title="88"><span class="co">#inbound.length = 2</span></a>
<a class="sourceLine" id="cb2-89" title="89"><span class="co">#outbound.length = 2</span></a>
<a class="sourceLine" id="cb2-90" title="90"><span class="co">#inbound.backupQuantity = 3</span></a>
<a class="sourceLine" id="cb2-91" title="91"><span class="co">#outbound.backupQuantity = 3</span></a>
<a class="sourceLine" id="cb2-92" title="92"><span class="co">#inbound.quantity = 5</span></a>
<a class="sourceLine" id="cb2-93" title="93"><span class="co">#outbound.quantity = 5</span></a>
<a class="sourceLine" id="cb2-94" title="94"><span class="co">#i2cp.reduceOnIdle = true</span></a>
<a class="sourceLine" id="cb2-95" title="95"><span class="co">#i2cp.reduceIdleTime = 3000000</span></a>
<a class="sourceLine" id="cb2-96" title="96"><span class="co">#i2cp.reduceQuantity = 2</span></a>
<a class="sourceLine" id="cb2-97" title="97"><span class="co">#destination = adestinationisrequiredorbespecifiedatruntime.i2p</span></a>
<a class="sourceLine" id="cb2-98" title="98"><span class="co">#keys = i2pvpnclient</span></a></code></pre></div>

9
forwarder-client.go
View File

@ -103,6 +103,15 @@ func (f *SAMClientForwarder) print() []string {
}
}
func (f *SAMClientForwarder) Props() map[string]string {
var r map[string]string
for _, prop := range f.print() {
k, v := sfi2pkeys.Prop(prop)
r[k] = v
}
return r
}
func (f *SAMClientForwarder) Cleanup() {
f.connectStream.Close()
f.publishConnection.Close()

9
forwarder.go
View File

@ -128,6 +128,15 @@ func (f *SAMForwarder) print() []string {
}
}
func (f *SAMForwarder) Props() map[string]string {
var r map[string]string
for _, prop := range f.print() {
k, v := sfi2pkeys.Prop(prop)
r[k] = v
}
return r
}
func (f *SAMForwarder) Print() string {
var r string
r += "name=" + f.TunName + "\n"

14
i2pkeys/common.go
View File

@ -4,6 +4,7 @@ import (
"log"
"os"
"path/filepath"
"strings"
"github.com/eyedeekay/sam-forwarder/i2pkeys/keys"
//"github.com/eyedeekay/sam-forwarder/i2pkeys/password"
@ -78,3 +79,16 @@ func Load(FilePath, TunName, passfile string, samConn *sam3.SAM, save bool) (i2p
//}
return i2pkeys.LoadKeysIncompat(file)
}
func Prop(in string) (string, string) {
k := "unset"
v := "unset"
vals := strings.SplitN(in, "=", 2)
if len(vals) >= 1 {
k = vals[0]
}
if len(vals) >= 2 {
v = vals[1]
}
return k, v
}

5
interface/README.md Normal file
View File

@ -0,0 +1,5 @@
Implementing the sam-forwarder interface
========================================
The sam-forwrder interface(used int the Go sense of the word interface) is used
to create custom types of tunnels.

1
interface/interface.go
View File

@ -4,6 +4,7 @@ type SAMTunnel interface {
//GetType() string
Cleanup()
Print() string
Props() map[string]string
Search(search string) string
Target() string
ID() string

45
main/client.go
View File

@ -1,45 +0,0 @@
package main
import (
"log"
"os"
"os/signal"
)
import "github.com/eyedeekay/sam-forwarder/config"
func clientMode() {
c := make(chan os.Signal, 1)
signal.Notify(c, os.Interrupt)
if *udpMode {
log.Println("Proxying udp", *targetHost+":"+*targetPort, "to", *targetDestination)
forwarder, err := i2ptunconf.NewSAMSSUClientForwarderFromConf(config)
if err == nil {
forwarder.Serve()
} else {
log.Println(err.Error())
}
go func() {
for sig := range c {
if sig == os.Interrupt {
forwarder.Cleanup()
}
}
}()
} else {
log.Println("Proxying tcp", *targetHost+":"+*targetPort, "to", *targetDestination)
forwarder, err := i2ptunconf.NewSAMClientForwarderFromConf(config)
if err == nil {
forwarder.Serve()
} else {
log.Println(err.Error())
}
go func() {
for sig := range c {
if sig == os.Interrupt {
forwarder.Cleanup()
}
}
}()
}
}

120
main/main.go
View File

@ -1,120 +0,0 @@
package main
import (
"flag"
"log"
"strings"
)
import "github.com/eyedeekay/sam-forwarder/config"
type flagOpts []string
func (f *flagOpts) String() string {
r := ""
for _, s := range *f {
r += s + ","
}
return strings.TrimSuffix(r, ",")
}
func (f *flagOpts) Set(s string) error {
*f = append(*f, s)
return nil
}
func (f *flagOpts) StringSlice() []string {
var r []string
for _, s := range *f {
r = append(r, s)
}
return r
}
var (
saveFile = flag.Bool("save", false, "Use saved file and persist tunnel(If false, tunnel will not persist after program is stopped.")
encryptLeaseSet = flag.Bool("encryptlease", true, "Use an encrypted leaseset(true or false)")
inAllowZeroHop = flag.Bool("zeroin", false, "Allow zero-hop, non-anonymous tunnels in(true or false)")
outAllowZeroHop = flag.Bool("zeroout", false, "Allow zero-hop, non-anonymous tunnels out(true or false)")
useCompression = flag.Bool("gzip", false, "Uze gzip(true or false)")
reduceIdle = flag.Bool("reduce", false, "Reduce tunnel quantity when idle(true or false)")
closeIdle = flag.Bool("close", false, "Close tunnel idle(true or false)")
udpMode = flag.Bool("udp", false, "UDP mode(true or false)")
client = flag.Bool("client", false, "Client proxy mode(true or false)")
injectHeaders = flag.Bool("headers", false, "Inject X-I2P-DEST headers")
encryptedLeasesetKeys = flag.String("lsk", "none", "path to saved encrypted leaseset keys")
targetDir = flag.String("dir", "", "Directory to save tunnel configuration file in.")
iniFile = flag.String("ini", "none", "Use an ini file for configuration(config file options override passed arguments for now.)")
targetDestination = flag.String("dest", "none", "Destination for client tunnels. Ignored for service tunnels.")
targetHost = flag.String("host", "127.0.0.1", "Target host(Host of service to forward to i2p)")
targetPort = flag.String("port", "8081", "Target port(Port of service to forward to i2p)")
targetPort443 = flag.String("tlsport", "", "(Currently inoperative. Target TLS port(HTTPS Port of service to forward to i2p)")
samHost = flag.String("samhost", "127.0.0.1", "SAM host")
samPort = flag.String("samport", "7656", "SAM port")
tunName = flag.String("name", "forwarder", "Tunnel name, this must be unique but can be anything.")
accessListType = flag.String("access", "none", "Type of access list to use, can be \"whitelist\" \"blacklist\" or \"none\".")
inLength = flag.Int("inlen", 3, "Set inbound tunnel length(0 to 7)")
outLength = flag.Int("outlen", 3, "Set outbound tunnel length(0 to 7)")
inQuantity = flag.Int("incount", 6, "Set inbound tunnel quantity(0 to 15)")
outQuantity = flag.Int("outcount", 6, "Set outbound tunnel quantity(0 to 15)")
inVariance = flag.Int("invar", 0, "Set inbound tunnel length variance(-7 to 7)")
outVariance = flag.Int("outvar", 0, "Set outbound tunnel length variance(-7 to 7)")
inBackupQuantity = flag.Int("inback", 4, "Set inbound tunnel backup quantity(0 to 5)")
outBackupQuantity = flag.Int("outback", 4, "Set outbound tunnel backup quantity(0 to 5)")
reduceIdleTime = flag.Int("reducetime", 600000, "Reduce tunnel quantity after X (milliseconds)")
closeIdleTime = flag.Int("closetime", 600000, "Reduce tunnel quantity after X (milliseconds)")
reduceIdleQuantity = flag.Int("reducecount", 3, "Reduce idle tunnel quantity to X (0 to 5)")
)
var err error
var accessList flagOpts
var config *i2ptunconf.Conf
func main() {
flag.Var(&accessList, "accesslist", "Specify an access list member(can be used multiple times)")
flag.Parse()
config = i2ptunconf.NewI2PBlankTunConf()
if *iniFile != "none" {
config, err = i2ptunconf.NewI2PTunConf(*iniFile)
}
config.TargetHost = config.GetHost(*targetHost, "127.0.0.1")
config.TargetPort = config.GetPort(*targetPort, "8081")
config.SaveFile = config.GetSaveFile(*saveFile, true)
config.SaveDirectory = config.GetDir(*targetDir, "../")
config.SamHost = config.GetSAMHost(*samHost, "127.0.0.1")
config.SamPort = config.GetSAMPort(*samPort, "7656")
config.TunName = config.GetKeys(*tunName, "forwarder")
config.InLength = config.GetInLength(*inLength, 3)
config.OutLength = config.GetOutLength(*outLength, 3)
config.InVariance = config.GetInVariance(*inVariance, 0)
config.OutVariance = config.GetOutVariance(*outVariance, 0)
config.InQuantity = config.GetInQuantity(*inQuantity, 6)
config.OutQuantity = config.GetOutQuantity(*outQuantity, 6)
config.InBackupQuantity = config.GetInBackups(*inBackupQuantity, 5)
config.OutBackupQuantity = config.GetOutBackups(*outBackupQuantity, 5)
config.EncryptLeaseSet = config.GetEncryptLeaseset(*encryptLeaseSet, false)
config.InAllowZeroHop = config.GetInAllowZeroHop(*inAllowZeroHop, false)
config.OutAllowZeroHop = config.GetOutAllowZeroHop(*outAllowZeroHop, false)
config.UseCompression = config.GetUseCompression(*useCompression, true)
config.ReduceIdle = config.GetReduceOnIdle(*reduceIdle, true)
config.ReduceIdleTime = config.GetReduceIdleTime(*reduceIdleTime, 600000)
config.ReduceIdleQuantity = config.GetReduceIdleQuantity(*reduceIdleQuantity, 2)
config.AccessListType = config.GetAccessListType(*accessListType, "none")
config.CloseIdle = config.GetCloseOnIdle(*closeIdle, false)
config.CloseIdleTime = config.GetCloseIdleTime(*closeIdleTime, 600000)
config.Type = config.GetType(*client, *udpMode, *injectHeaders, "server")
config.TargetForPort443 = config.GetPort443(*targetPort443, "")
config.ClientDest = config.GetClientDest(*targetDestination, "", "")
if config.Client {
if *targetDestination == "none" {
log.Fatal("Client mode requires you to specify a base32 or jump destination")
} else {
log.Println("Client mode is still experimental.")
clientMode()
}
} else {
serveMode()
}
}

45
main/server.go
View File

@ -1,45 +0,0 @@
package main
import (
"log"
"os"
"os/signal"
)
import "github.com/eyedeekay/sam-forwarder/config"
func serveMode() {
c := make(chan os.Signal, 1)
signal.Notify(c, os.Interrupt)
if *udpMode {
log.Println("Redirecting udp", *targetHost+":"+*targetPort, "to i2p")
forwarder, err := i2ptunconf.NewSAMSSUForwarderFromConf(config)
if err == nil {
forwarder.Serve()
} else {
log.Println(err.Error())
}
go func() {
for sig := range c {
if sig == os.Interrupt {
forwarder.Cleanup()
}
}
}()
} else {
log.Println("Redirecting tcp", *targetHost+":"+*targetPort, "to i2p")
forwarder, err := i2ptunconf.NewSAMForwarderFromConf(config)
if err == nil {
forwarder.Serve()
} else {
log.Println(err.Error())
}
go func() {
for sig := range c {
if sig == os.Interrupt {
forwarder.Cleanup()
}
}
}()
}
}

9
tcp/forwarder-client.go
View File

@ -102,6 +102,15 @@ func (f *SAMClientForwarder) print() []string {
}
}
func (f *SAMClientForwarder) Props() map[string]string {
var r map[string]string
for _, prop := range f.print() {
k, v := sfi2pkeys.Prop(prop)
r[k] = v
}
return r
}
func (f *SAMClientForwarder) Cleanup() {
f.connectStream.Close()
f.publishConnection.Close()

9
tcp/forwarder.go
View File

@ -127,6 +127,15 @@ func (f *SAMForwarder) print() []string {
}
}
func (f *SAMForwarder) Props() map[string]string {
var r map[string]string
for _, prop := range f.print() {
k, v := sfi2pkeys.Prop(prop)
r[k] = v
}
return r
}
func (f *SAMForwarder) Print() string {
var r string
r += "name=" + f.TunName + "\n"

9
udp/forwarder-client-udp.go
View File

@ -113,6 +113,15 @@ func (f *SAMSSUClientForwarder) print() []string {
}
}
func (f *SAMSSUClientForwarder) Props() map[string]string {
var r map[string]string
for _, prop := range f.print() {
k, v := sfi2pkeys.Prop(prop)
r[k] = v
}
return r
}
func (f *SAMSSUClientForwarder) Print() string {
var r string
r += "name=" + f.TunName + "\n"

9
udp/forwarder-udp.go
View File

@ -113,6 +113,15 @@ func (f *SAMSSUForwarder) print() []string {
}
}
func (f *SAMSSUForwarder) Props() map[string]string {
var r map[string]string
for _, prop := range f.print() {
k, v := sfi2pkeys.Prop(prop)
r[k] = v
}
return r
}
func (f *SAMSSUForwarder) Print() string {
var r string
r += "name=" + f.TunName + "\n"