[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

Preserving changes to main config files across updates


#1

@Patrick we’ve succeeded in getting privoxy to work with I2P but we must modify the original config files directly since it doesn’t seem to support .d style configuration. Is this considered a showstopper or can we use a workaround with inotify so that when detecting any changes to the main privoxy config (say after a pkg update), it would trigger a command that copies over our custom config and restarts the daemon?


#2

HulaHoop:

Is this considered a showstopper

No.

can we use a workaround with inotify so that when detecting any
changes to the main privoxy config (say after a pkg update), it would
trigger a command that copies over our custom config and restarts the
daemon?

Very unclean and absolutely not required.

@Patrick we’ve succeeded in getting privoxy to work with I2P but we must modify the original config files directly since it doesn’t seem to support .d style configuration.

Use config-package-dev displace. Many examples in Whonix source code.

  ~/Whonix $ myfind . | grep displace
+ exec find . -type f -not -iwholename '*.git*'
...
./packages/anon-gw-anonymizer-config/debian/anon-gw-anonymizer-config.displace
./packages/anon-gw-anonymizer-config/debian/anon-gw-anonymizer-config.displace-extension
...

The full instructions in very short:


#3

What’s the small summary for using privoxy?

Translate socks to http?

Translate http to socks?

Redirect localhost to Whonix-Gatway?


#4

Redirect .i2p to 127.0.0.1:4444


#5

@Patrick should I add .bit domains to privoxy for transparent redirection to zeronet?


#6

With socat or systemd-socket-proxyd we could only redirect all Tor Browser socks (or http?) connections to i2p?

You want to redirect .i2p only? You want to block clearnet in that browser?


#7

I’m not sure what you mean by that
We redirect (atm) .i2p (http) to 127.0.0.1:4444 and forward it with socat to the I2P Router on the Gateway.

Yes, .i2p and (depending on the user .bit/zeronet) and block all clearnet/tor traffic in that TBB


#8

Goldstein:

I’m not sure what you mean by that

Could you use socat [1] to redirect the unix domain socket file
/var/run/anon-ws-disable-stacked-tor/127.0.0.1_9150.sock [2] [3],
which Tor Browser is talking to by default in Whonix, to i2p?

[1] (or systemd-socket-proxyd which is about the same - used in Whonix
14 instead of socat)
[2] export TOR_SOCKS_IPC_PATH="/var/run/anon-ws-disable-stacked-tor/127.0.0.1_9150.sock"
[3]


[4] environment variable already set in Whonix-Workstation by default


#9

HulaHoop:

@Patrick should I add .bit domains to privoxy for transparent redirection to zeronet?

Ok. No strong opinion either way.