OK - you gotta step it out as I still can’t connect to eepsites.
Tell me what’s wrong. (BTW I guessed we ignore all mutedstorm changes inside Whonix-Gateway stuff - 1000 steps - since you didn’t mention it)
1. Create new whonix-ws-15 TemplateVM clone just for installing I2P
(In TemplateVM)
2. sudo apt-get update
3. sudo apt-get install i2p
4. sudo dpkg-reconfigure i2p
- keep user as i2psvc
- have I2P run as daemon when starting
- have AppArmor applied
- adjust RAM upwards e.g. 512MB
5. sudo apt-get install privoxy
6. Edit the /etc/privoxy/config add i2p forwarding
(didn’t bother with accept-intercepted-requests 1 and max-clientconnections 512 since you didn’t mention it?)
- forward .i2p 127.0.0.1:4444
7. Forward Whonix-Workstation Ports to Whonix-Gateway local Ports
Open /etc/anon-ws-disable-stacked-tor.d/50_user.conf with a editor in the Worksation-Template and insert the following:
I2P_PORTS=“2827 3456 4444 4445 6668 7622 7650 7651 7654 7656 7658 7659 7660 7661 7662 8998 8118”
for i2p_port in $I2P_PORTS ; do
$pre_command socat TCP-LISTEN:$i2p_port,fork,bind=127.0.0.1 TCP:$GATEWAY_IP:$i2p_port &
done
8. Create new AppVM (anon-whonix-I2P)
(In AppVM)
9. Launch Tor Browser
10. Change about:config settings
- network.proxy.allow_hijacking_localhost false
- network.proxy.share_proxy_settings true
- extensions.torbutton.use_nontor_proxy true
- network.proxy.http 127.0.0.1
- network.proxy.http_port 8118
- network.proxy.no_proxies_on 0
- network.proxy.socks_remote_dns false
- network.proxy.socks (blank)
11. Go to http://127.0.0.1:7657 for console setup
(Allow javascript for this I suppose)
12. Browse to main I2P Router Console page after connection speed test (which never seems to complete properly)
Network Error is:
Network: ERR-Client Manager I2CP Error - check logs
Explantory notes say:
This is usually due to a port 7654 conflict. Check the logs to verify. Do you have another I2P instance running? Stop the conflicting program and restart I2P.
Can see a bunch of Active Peers, a small number of exploratory tunnels etc.
13. Try to connect to eepsite e.g. http://i2p-projekt.i2p/en/faq
Error appears instantly:
502
This is Privoxy 3.0.28 on localhost (127.0.0.1), port 8118, enabled
No server or forwarder data received
Your request for http://i2p-projekt.i2p/en/faq could not be fulfilled, because the connection to i2p-projekt.i2p (127.0.0.1) has been closed before Privoxy received any data for this request.
This is often a temporary failure, so you might just try again.
If you get this message very often, consider disabling connection-sharing (which should be off by default). If that doesn’t help, you may have to additionally disable support for connection keep-alive by setting keep-alive-timeout to 0.
Critical logs show:
PM CRIT [istener:7654] er.client.ClientListenerRunner: I2CP error listening to port 7654 - is another I2P instance running? Resolve conflicts and restart
PM CRIT [JettyStarter] outer.startup.RouterAppManager: Client Jetty [/var/lib/i2p/i2p-config/eepsite/jetty.xml] START_FAILED
java.io.IOException: Failed to bind to /127.0.0.1:7658
at org.eclipse.jetty.server.ServerConnector.openAcceptChannel(ServerConnector.java:346)
at org.eclipse.jetty.server.ServerConnector.open(ServerConnector.java:308)
at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:80)
at org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:236)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at org.eclipse.jetty.server.Server.doStart(Server.java:394)
at org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:68)
at net.i2p.jetty.JettyStart$Starter.run(JettyStart.java:138)
Caused by: java.net.BindException: Address already in use
at java.base/sun.nio.ch.Net.bind0(Native Method)
at java.base/sun.nio.ch.Net.bind(Net.java:455)
at java.base/sun.nio.ch.Net.bind(Net.java:447)
at java.base/sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:227)
at java.base/sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:80)
at org.eclipse.jetty.server.ServerConnector.openAcceptChannel(ServerConnector.java:342)
etc. (similar)
Summary
Does all this mean you have to play with all the Whonix-Gateway Steps on MutedStorm + 100 other things he mentions in Workstation etc?
If so, way too hard and no normal user will ever achieve it in Whonix i.e. I2P browser needed. Otherwise you and Patrick (population = 2) will be the only ones to ever browse I2P sites from within the Workstation. Oh yeh, and that MutedStorm guy