Home Explore Help
Sign In
adnan360
/
code-backups
Watch 2
Star 2
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
code-backups
/
linux
/
i2p-browser-bundle
adnan360 1993a6aa14 Change order of proxy rule to fix .onion sites 3 years ago
..
XD 464edeb1e1 Add I2P browser bundle 3 years ago
XD-data 464edeb1e1 Add I2P browser bundle 3 years ago
i2pd 464edeb1e1 Add I2P browser bundle 3 years ago
i2pd-data 464edeb1e1 Add I2P browser bundle 3 years ago
icecat 464edeb1e1 Add I2P browser bundle 3 years ago
icecat-data 464edeb1e1 Add I2P browser bundle 3 years ago
tor-data 8fe438975a Add missing port on torrc 3 years ago
.gitignore 464edeb1e1 Add I2P browser bundle 3 years ago
FoxyProxy Standard presets.json 464edeb1e1 Add I2P browser bundle 3 years ago
README.md 1993a6aa14 Change order of proxy rule to fix .onion sites 3 years ago
run-browser.sh 92aa598341 Remove unnecessary pidof call 3 years ago

README.md

How to Prepare a Browser Bundle with I2P Torrenting and TOR for clearnet browsing

TOR is not encouraged to be used for torrenting. But I2P is designed to be torrented over and somewhat encouraged. It can also be used to browse special websites on I2P called "eepsites". The best way to enjoy I2P is to have a browser configured to use it. So I wanted to create a bundle that stays in a folder and can be used on any GNU/Linux distro.

I like the idea behind I2P but the default build requires having JDK installed on your machine. So I was interested in a solution that works without Java, so was looking into i2pd, the C++ implementation of I2P.

WARNING: The instructions are not designed for privacy and security in mind and should not be considered as reliable. You are responsible for how you use it and what you access with it. I'm not responsible for any kind of damage.

When finished, you will be able to:

  • Create a semi portable bundle folder that you can move around
  • Browse websites in I2P network with i2pd (no Java needed)
  • Torrent over I2P network (no Java needed and no leaks)
  • Browse clearnet websites through TOR
  • Automatically shuts down everything when you close browser (like TOR browser does)

Step 1: Preparation

Make a directory somewhere. e.g. ~/i2p-bundle

mkdir i2p-bundle
cd i2p-bundle

Step 3: Prepare i2pd

i2pd, is the C++ implementation of I2P.

You can also use a system install of i2pd, but if your distro doesn't have the package for it, then build from repo:

git clone --depth=1 https://github.com/PurpleI2P/i2pd.git
cd i2pd
make
# this will create a `i2pd` binary
cd ..

If you want to run i2pd now you can (optional):

ulimit -n 4096
i2pd/i2pd --datadir i2pd-data

The ulimit is needed on linux to increase open file limit. i2pd-data directory will be created and all the i2pd related data will be stored in there. Ctrl+C when done.

Step 4: Prepare XD

XD is a BitTorrent client specifically created to be used with I2P (and I2Pd). It has a minimal webui to add and manage your torrents kind of like I2P snark.

Right now AUR has a xd-torrent. You may not have XD in your distro's repo, so we'll build from source. You may need to install go and make for this.

git clone --depth=1 https://github.com/majestrate/XD.git
cd XD
make
cd ..

To run you can do (optional):

mkdir XD-data
cd XD-data
../XD/XD torrents.ini; cd ..

XD related data should now be stored in XD-data. We cd into the directory because the default ini created will use current dir so we save ourselves from some edits. You should now be able to access the webui on http://127.0.0.1:1776/. You may have to whitelist blacklisted JS scripts from toolbar's LibreJS icon to use it. Ctrl+C when done.

Step 5: TOR

You can build tor from source and put the files on a tor directory. Here, we're using the repo version installed from the distro package repo.

To run (optional):

tor --User "" --DataDirectory "$PWD/tor-data" --SOCKSPort 9450

--User is set to blank because setting a user requires tor to be run as root. --DataDirectory is set to the path where tor can save its files. It has $PWD included because tor complains if absolute path is not used in param. --SOCKSPort is set to the port which is included in FoxyProxy Standard config file.

If you want to use a torrc file to introduce new settings or for any other reason, copy the tor-data/torrc file in this directory to a new directory called tor-data. The file is just a standard torrc file with:

  • User tor commented, so that it can be run as normal user
  • DataDirectory set to our tor-data
  • SOCKSPort to 9450 to not conflict with system service

The run command should then contain a -f option:

tor -f tor-data/torrc

Step 6: Prepare the browser

I'm using IceCat here, but you can use any Firefox based browser here, even system installed ones. But whetever you use, be careful of the privacy implications.

Go to IceCat homepage and click "Latest release". Then download either icecat-60.7.0.en-US.gnulinux-x86_64.tar.bz2 or icecat-60.7.0.en-US.gnulinux-i686.tar.bz2 depending on your OS architecture (run uname -m to find out).

tar -xf /path/to/icecat-*.en-US.gnulinux-*.tar.bz2 -C ~/i2p-bundle

To run it:

mkdir -p icecat-data
icecat/icecat --no-remote --profile "$PWD/icecat-data"

--no-remote is to start a new separate instance and not to use any Firefox or other browser already running on the system.

Run it and disable Onion Browser Button addon (we'll use FoxyProxy instead). Now install FoxyProxy Standard addon. Click the FoxyProxy icon, then click "Options", then click "Import settings". Under "Import Settings from FoxyProxy 6.0+" click "Import settings" and open the FoxyProxy Standard presets.json file. Click OK. If you see the FoxyProxy icon in the toolbar with a red cross, click it and select "Use Enabled Proxies by Patterns and Order".

In newer IceCat browser versions, if you enter an I2P url, for example, stats.i2p and it searches for it instead of going there, try adding http:// before it, or you can disable searching from location bar by going to about:config and making keyword.enabled to false. As a side effect it will now not search anything you type. So, to make it easier to launch searches, you can go to Settings - Search and select "Add search bar in toolbar" to enable a separate search bar besides the location bar.

Get the run-browser.sh file from this directory and put it inside the ~/i2p-bundle directory. Now, ideally, you should be able to move around this directory and use it on any Linux system. To run the browser with all the necessary I2Pd, XD and TOR, just run the ./run-browser.sh

To use Firefox under OpenBSD

If you want to use system Firefox installation you'll the profile resets every time Firefox starts, can't save settings, can't access HTTPS sites. It is due to unveil being strict. /usr/local/share/doc/pkg-readmes/firefox says that default unveil settings only allow firefox to access /tmp and ~/Downloads. To fix this:

NOTE: We assume i2p browser bundle is in ~/bin/i2p-browser-bundle. Change the paths if you put files elsewhere. Due to unveil being strict, it can't be that portable in OpenBSD (requiring changes everytime the bundle is moved).

doas nano /etc/firefox/unveil.main

...
~/bin/i2p-browser-bundle/firefox-data rwc

doas nano /etc/firefox/unveil.content

...
~/bin/i2p-browser-bundle/firefox-data r

Since Firefox has problematic default settings, please take care to configure correctly and then use.

How to use yggdrasil with this bundle

WARNING: Yggdrasil was not designed with anonimity in mind. Directly peering with a node with Yggdrasil may reveal your real IP address to them. Since it does not protect your identity, it is logical not to be included by default. Use only if you understand the risk and ok with it.

doas pkg_add yggdrasil-go  # replace with anything for your distro or system to install yggdrasil
cd /path/to/i2p-browser-bundle
mkdir yggdrasil-data
yggdrasil -genconf > yggdrasil-data/yggdrasil.conf

Go to https://publicpeers.neilalexander.dev/ then pick the peers that are online and closer to you geographically. Yggdrasil can peer over I2P or TOR. So it is recommended to use those if possible. Details here. Unfortunately I2P and TOR peers don't work for me, at least in OpenBSD. In most cases listing 2-3 peers are fine. Add them to yggdrasil.conf, like:

Peers:
[
  tcp://a.b.c.d:e
  tcp://d.c.b.a:e
  tcp://[a:b:c::d]:e
  tcp://[d:c:b::a]:e
]

Run Yggdrasil with:

doas yggdrasil -useconffile yggdrasil-data/yggdrasil.conf

Now try visiting http://[319:3cf0:dd1d:47b9:20c:29ff:fe2c:39be]/ with a normal unproxied browser (like BadWolf). It should show the Yggdrasil website.

However, to configure FoxyProxy, click its toolbar button and open its Options. Click Add, change the title to be "yggdrasil", Proxy Type to "Direct (no proxy)", click "Save and Edit Patterns". One single default rule will be added. Change Type to Reg Exp, change the pattern to be [.*:.*:.*:.*:.*:.*], then hit Save. The yggdrasil rule should be the topmost item. Click the down arrow beside it until it is just below "Default" rule.

Extra details:

Running above yggdrasil should show a IPv6 address starting with 200:, like:

Your IPv6 address is 200:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX

If you don't see it, you can run doas yggdrasilctl getself and it should show:

IPv6 address: 200:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX:XXXX
...

ref: