I installed i2pd on whonix gateway, set it to work as debian-tor user with reseeding over tor and it works pretty good. How can I expose its ports to internal network?

I see EXTERNAL_OPEN_PORTS exists but i dont want to expose the ports to external interface since I am using vpn as well, and vpn provider can possibly backconnect to my whonix-gateway, i just need the i2pd ports to be accessible in inner subnet

all the PORTS wiki is about EXTERNAL_OPEN_PORTS as well there is nothing about opening port to inner subnet

I havent found anything relevant in /etc/whonixfirewall.d/ folder as well, I dont see where you allow tor process to bind some ports

I dont need any oversmart transparent socksifying for i2p here or intermediate http proxy servers all I need is to allow i2pd process have 4444 and 4447 ports bound to eth1. Its already configured to bind on but whonixfirewall blocks those ports


Documentation for that was refined just now. See:

How to open an Incoming Port on Whonix-Gateway ™ for Connections Originating from Whonix-Workstation ™

Related development discussion:

Setting INTERNAL_OPEN_PORTS doesn’t exist as of Whonix
(But that doesn’t mean you need to wait for it. Just see above.)

The current notation in the firewall scripts SOCKS_PORT_... is non-ideal, could be simplified, refactored. Having INTERNAL_OPEN_PORTS would be nicer.


(The diff looks nicer in meld.)

Bug Reports, Software Development and Feature Requests

thanks, working