It’s a modified TBB, but if it works it’s going to be easy to see what he has changed and put the needed changes into a script.
I will take a close look when i’m back at my work PC.
Great, so we can eliminate another error source, the less software we have to keep an eye on the better and easier to maintaine
Well, the modified TBB works and AFAICT the only important changed setting is the Proxy setting and there is no Torbutton.
Torbutton is the problem, when i disable it the stock TBB uses the set Proxy.
@HulaHoop did you disable it when you tested Privoxy? How did you get TBB to use the Proxy without disabling it, i tried every mentioned setting and only disabling Torbutton has worked now.
I did also test disabling Tor Launcher like Mark Smith suggested with no effect, it still ignores the set Proxy when Torbutton is Enabled.
Tested this to be working. Please update top post. I can connect to zzz.i2p with Tor Browser. Visiting 127.0.01:8118 will still give a 500 internal error but who cares as long as it does what we need it to do?
These settings for privoxy MUST be defined in this file /etc/privoxy/config. user.action, config.d and others have no effect. Also you must forward to 127.0.0.1 and not localhost.
@Goldstein please configure the auxiliary packages setup (like the I2P monitoring GUI and others) for the I2P on the WS as well for users who want to use the instance in the WS independently.
Valid reasons are stacking with Tor for censorship circumvention or as defense in depth.
gpg verification command is broken but this updated one should do the trick: Posted the new working instructions for adding the key but it must be templatized for ease of changes in the future:
To blackhole any clearnet connections set the variable below to nothing (blank) in about:config. That will stop users from mistakenly surfing the clearnet with a browser that has a modified fingerprint.
I think it won’t hurt to use the blacklist feature (if it works ) Actions Files
Requests for URLs to which this action applies are blocked, i.e. the requests are trapped by Privoxy and the requested URL is never retrieved, but is answered locally with a substitute page or image, as determined by the handle-as-image, set-image-blocker, and handle-as-empty-document actions.
If i understand this correct it would enable us to give the user a hint that he should use the standart TBB for clearnet sites
For this I suggest shipping another custom homepage for this TBB instance, that explains it won’t connect to the clearnet for privacy reasons. The page would have the Whonix ASCII but none of the other clearnet links. Something along the line of “Attention: This browser is configured to connect to local proxies only. Please check bookmarks for possible destinations. Make sure you have installed/enabled the corresponding software”
great job , going to test these steps now. but i have some comments:
why r u using the non-https repos of i2p ?
also splitting steps for Template and Appvm leading to horrible results of modifications. u need to make these only inside the Templates as that will ease the creation of “Standalone VMs” from the templates. but working on these steps is eliminating this possibility to get a complete standalone VM based on whonix-i2p.
Commands that needs to be fixed in order to make things work:
Sure, but i think it would also be helpful to redirect the user to said warning if he mistakes the localonlyTBB with the stock one and tries to access clearnet sites, it would certainly be better than an error message from a failed connection attempt.
Just be careful with it. I pulled a bunch of disparate pieces from other projects together and disabled a couple of things. I just re-enabled TorButton, for instance, I don’t know if it might cause any kind of trouble by connecting(accidentally?) to an available Tor Control Port on a configuration where it’s enabled. I don’t yet know how to keep it from doing so or even if it would be an issue. I think it would be best, for now, if I found a way to disable to communication with the control port while leaving the rest of the functionality intact, and I am looking into what TorButton does with the control port to see if it would be worth trying to implement something compatible with TorButton in si-i2p-plugin. No matter what though, Javascript is not my strong suit and I’m very busy this week, it may take me a few days to get the control port disabled and I really don’t know what TorButton does with the control port yet.
Edit: I must have missed your other post the first time I read through the thread. I’m going to revert the change I just made for now but it seemed to be working when I tried it with TorButton added back in before. Could it have been tor-launcher instead? I kind of hope so, I’m reading through the TorButton spec and I’d really like to be able to make them work together without issues. I’m working on it right now.