Commit fabd03da authored by Tails developers's avatar Tails developers
Browse files

Revert "Disable I2P, as the APT repository is currently broken."

This reverts commit cac0d797.
parent cac0d797
#!/bin/sh
set -e
echo "Configuring I2P"
I2P="/usr/share/i2p"
WRAPPER="/etc/i2p/wrapper.config"
# This must be set in order for the i2p init script to work
sed -i 's/^RUN_DAEMON=.*$/RUN_DAEMON="true"/' /etc/default/i2p
# Remove the false.i2p outproxy from i2ptunnel
sed -i '/^tunnel.0.proxyList/d' "$I2P/i2ptunnel.config"
# Disable the https outproxy
# We go out through Tor so this is redundant.
sed -i 's|^.*\(tunnel.6.startOnLoad\).*|\1=false|' "$I2P/i2ptunnel.config"
# Don't serve the router console on IPv6
sed -i 's|^clientApp\.0\.args=7657\s\+::1,127\.0\.0\.1|clientApp.0.args=7657 127.0.0.1|' "$I2P/clients.config"
# Disable IPv6 in the wrapper
sed -i 's|^.*\(wrapper\.java\.additional\.5=-Djava\.net\.preferIPv4Stack=\).*|\1true|' "$WRAPPER"
sed -i 's|^.*\(wrapper\.java\.additional\.6=-Djava\.net\.preferIPv6Addresses=\).*|\1false|' "$WRAPPER"
# Tails specific router configs:
# * i2cp: allows java clients to communicate with I2P outside of the JVM. Disabled.
# * IPv6: Disabled
# * HiddenMode: Enabled
# * In-I2P Network Updates: Disabled
cat > "$I2P/router.config" << EOF
# NOTE: This I2P config file must use UTF-8 encoding
i2cp.disableInterface=true
i2np.ntcp.ipv6=false
i2np.udp.ipv6=false
router.isHidden=true
router.updateDisabled=true
EOF
......@@ -17,6 +17,7 @@ alsa-utils
gdomap
haveged
hdparm
i2p
kexec
kexec-load
laptop-mode
......
......@@ -115,6 +115,9 @@ domain ip {
# Tor is allowed to do anything it wants to.
mod owner uid-owner debian-tor ACCEPT;
# i2p is allowed to do anything it wants to.
mod owner uid-owner i2psvc ACCEPT;
# Everything else is logged and dropped.
LOG log-prefix "Dropped outbound packet: " log-level debug log-uid;
REJECT reject-with icmp-port-unreachable;
......
......@@ -394,3 +394,5 @@ wireless-regdb
### Automated test suite
python-serial
i2p
Tails specific: i2p sould not start per default. At some point we want
some script to start i2p during init if so selected in tails-greeter,
but at the moment users have to start the i2p script manually.
--- chroot.orig/etc/init.d/i2p 2012-09-24 10:05:13.021047615 +0200
+++ chroot/etc/init.d/i2p 2012-09-24 10:03:30.638108333 +0200
@@ -7,2 +7,2 @@
-# Default-Start: 2 3 4 5
+# Default-Start:
-# Default-Stop: 0 1 6
+# Default-Stop: 0 1 6 2 3 4 5
i2p.chroot
\ No newline at end of file
i2p.chroot.gpg
\ No newline at end of file
deb http://deb.i2p2.no tails-wheezy main
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.15 (GNU/Linux)
mQINBFJXM+IBEAC4d7PbH0ZZjOld1DBu0rFAjZYITMa0yFCqOEbRGd3gdMeMx21h
TJ8B2gICRL6UJL/GFN9HieSzQGAd9ABf924/UQyZJ+zMwt3x0bYAfC8SMWg5XgHM
rR4M9v+aUZ5fsqwXEoKVI0AC3z3e6IutRota6/mpsuFaHwjzsv/0elFa6aapK6D+
ZYHCQLXEk72RokmYcIxYaNZilgNjKf0IYS5wwEg9NZqiUyaJr9dvQb8uYQMNt0MK
7Lklm5aepFOS+KmThnFTZb5l3UYr/rNvpMmHmS8XpNBvtoga0YNXMYjrPf9QdvjP
1V0dMdOF6rSPkq7sTKDyF713ovSLxgtnibqhp9LgQcjyA43591Fg7cmwNu42ccd2
Frdt+BxpYjzYu49d+pxQJXoSwPSQFuAE5V0AkuQeng/IxpW3zi6ybJJWOwvxeq2Z
RdNjzpwu0vUYsLELdsCW88etc141n7O9P5L3s4o7PYHE/y3N47PwDgb43cErvTcF
bIP2aEmJnyIbOWwiCftnxaKlfAbv0g7TNho5HX66OreR4Fb5vUkoIfzte/fxZKOL
R/hhNTH1fZNEaIaxHwvitfQe8xPsLgR/O3PoXd74UOJuwOwcf0LROgNaN5O+0rmD
5eAbVn7CYd7ZQPIRRKlHrFsQDg4u5jEt7GVd+jYsEF9A6fK7npNhCkNAnwARAQAB
tDZJMlAgRGViaWFuIFBhY2thZ2UgUmVwb3NpdG9yeSA8a2lsbHlvdXJ0dkBpMnBt
YWlsLm9yZz6JAj0EEwEKACcFAlJXM+ICGwMFCQHhM4AFCwkIBwMFFQoJCAsFFgID
AQACHgECF4AACgkQZ+zlYFvPE0ajKBAAr64De1vMJb+SzqW20fCFyOmG/QbFgGK9
FeJzDaZ8lcGDFiMtMvm7IkL0jAKQl5bInsAA26SQq4j1gEU3DIx2mJT4i+ZztDLO
Tv3XxO6DuVdPMtNEH3AKiRufwGH/HtudtAyUy7gwIYg2qhRVR3hz7iHs9WbgkkXy
6Qp/WCYJGuH74hXIQtW+Cyyded50vjm8uPqYuRUfze6jetZkWUSkAmqbzZhfHPv1
ju5GptHWH+9Z4q9fvr1LZ09eHy+XfnxE/NpP4nfXJ42F9/QpNDEPgT8DTp3NknpS
N95EDhKduHGX1rBAjc4ZQE6L+gTS2DJq5ozgAM/sFfH9uL+kULx7lzbXTpwL1Zd8
fVwrmGM81duOZ7erFlpRqYKn6aVdLbQFxcLz6Q4WUBuHd4XBE5WilYvTyOPB/mYf
TmWBaTS4glYz3cFKi9J8LSaW6b8/ik9gVS6Z7wPckWHuWWIRdcKk3zJZoXeOzrTZ
KX+z2uATkX7Tfpd07o4wwSRmWevFGniGL1ml+abanpIGHt8h79/gscEQ8aQdD+i0
dNjqgpLTS1TL0aQ0sJ/UD5EexbMuWKIGatABVguuofrK77GmGTcz1LL3mGJV0HIR
vXjFOx3tEV5HYdDJK9gq1W0JKxYmE+paw8PFaM5+vnXP0xoTz75KKlL3N1Ra6/mG
whIPAIaMfhiJARwEEAEKAAYFAlJYlBAACgkQq+DDGd8KChoHcgf8DegR4gl6F4uy
YnHXKSubJYHSfWGHaKe7msoCjAna13BtKkZXj2DWDLUmMCwI/qHvQT1V9mNwsBgW
nAagKATeB+bhumg9/xbBAKndaowHTuGI0wZ9uXbXaxxlpXbODFScBoR86CCeJa4F
3N5RwWZryv3MwlLc109aEaCriL9nNb/K2OZ98I9i+K2SdT5mITk3FeAgzD+UrVqL
oYNQ677BpsJQfvTvOP6PiFpXbVVzRouhQX6a7Dzkd2rzjLRNeAc2gp0+n4U1j8N0
HTRvBAX6RRv6BZNLWtS21bqwPtcrTJ9qr8aLbWyjWbBTFqRR4lAUn0vDQBfA5B2Z
z+b2yx4iqA==
=ZkNG
-----END PGP PUBLIC KEY BLOCK-----
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment