@ -95,11 +95,13 @@ Client tunnels might share the same local destination, if the keys file contains
Optional parameters:
Optional parameters:
* address -- local interface tunnel binds to, '127.0.0.1' for connections from local host only, '0.0.0.0' for connections from everywhere. '127.0.0.1' by default.
Option | Description
* signaturetype -- signature type for new keys. 0 (DSA), 1 (ECDSA-P256), 7 (EDDSA), 11 (RedDSA). RSA signatures (4,5,6) are not allowed and will be changed to 7. 7 by default
--------------------|--------------------
* cryptotype -- crypto type for new keys. Experimental. Should be always 0
address | local interface tunnel binds to, '127.0.0.1' for connections from local host only, '0.0.0.0' for connections from everywhere. '127.0.0.1' by default.
* destinationport -- connect to particular port at destination. 0 by default (targeting first tunnel on server side for destination)
signaturetype | signature type for new keys. 0 (DSA), 1 (ECDSA-P256), 7 (EDDSA), 11 (RedDSA). RSA signatures (4,5,6) are not allowed and will be changed to 7. 7 by default
* keepaliveinterval -- send ping to the destination after this interval in seconds. 0 by default meaning no pings
cryptotype | crypto type for new keys. Experimental. Should be always 0
destinationport | connect to particular port at destination. 0 by default (targeting first tunnel on server side for destination)
keepaliveinterval | send ping to the destination after this interval in seconds. 0 by default meaning no pings
So, given the example above, if you connected to 127.0.0.1:6668 on localhost, i2pd would tunnel that connection to irc.ilita.i2p
So, given the example above, if you connected to 127.0.0.1:6668 on localhost, i2pd would tunnel that connection to irc.ilita.i2p
@ -121,13 +123,15 @@ The server tunnel must use its own local destination such as host 127.0.0.1 and
Optional parameters:
Optional parameters:
* inport -- what port at local destination server tunnel listens to. Same as *port* by default.
Option | Description
* accesslist -- list of comma-separated of b32 address (without .b32.i2p) allowed to connect. Everybody is allowed by default.
--------------------|--------------------
* gzip -- turns internal compression off if set to false. true by default.
inport | what port at local destination server tunnel listens to. Same as *port* by default.
* signaturetype -- means signature type for new keys. 0 - DSA, 1- ECDSA-P256, 7 -EDDSA, 11 -RedDSA. 7 by default.
accesslist | list of comma-separated of b32 address (without .b32.i2p) allowed to connect. Everybody is allowed by default.
* cryptotype -- crypto type for new keys. Experimental. Should be always 0.
gzip | turns internal compression off if set to false. true by default.
* enableuniquelocal -- if true, connection to local address will look like 127.x.x.x where x.x.x is first 3 bytes of incoming connection peer's ident hash. true by default.
signaturetype | means signature type for new keys. 0 - DSA, 1- ECDSA-P256, 7 -EDDSA, 11 -RedDSA. 7 by default.
* address -- IP address of an interface tunnel is connected to host from. Usually not used.
cryptotype | crypto type for new keys. Experimental. Should be always 0.
enableuniquelocal | if true, connection to local address will look like 127.x.x.x where x.x.x is first 3 bytes of incoming connection peer's ident hash. true by default.
address | IP address of an interface tunnel is connected to host from. Usually not used.
Server/http tunnels
Server/http tunnels
-------------------
-------------------
@ -145,9 +149,11 @@ Here's an example of an http tunnel:
Optional parameters:
Optional parameters:
* hostoverride -- value to send in 'Host:' header, default: the same as *host* parameter
Option | Description
* gzip -- should we compress contents at I2P level. default: true
--------------------|--------------------
* ssl -- Use SSL connection to upstream server. `hostoverride` parameter can be used to set SNI domain. default: false
hostoverride | value to send in 'Host:' header, default: the same as *host* parameter
gzip | should we compress contents at I2P level. default: true
ssl | use SSL connection to upstream server. `hostoverride` parameter can be used to set SNI domain. default: false (since 2.44.0)
Server/IRC tunnels
Server/IRC tunnels
-------------------
-------------------
@ -157,7 +163,9 @@ It replaces IP address (usually 127.0.0.1) to user's .b32 I2P address.
Optional parameters:
Optional parameters:
* webircpassword -- password to send with WEBIRC command
Option | Description
--------------------|--------------------
webircpassword | password to send with WEBIRC command
UDP Tunnels
UDP Tunnels
-----------
-----------
@ -173,11 +181,12 @@ There are 2 types of UDP tunnels: `udpclient` and `udpserver`
destination = something.b32.i2p
destination = something.b32.i2p
port = 1194
port = 1194
Option | Description
* destination -- the I2P destination of a udpserver tunnel, required parameter
--------------------|--------------------
* address -- IP address to bind local UDP endpoint to, defaults to `127.0.0.1`
destination | the I2P destination of a udpserver tunnel, required parameter
* port -- port to bind local UDP endpoint to, required parameter
address | IP address to bind local UDP endpoint to, defaults to `127.0.0.1`
* gzip -- turns internal compression off if set to false. true by default.
port | port to bind local UDP endpoint to, required parameter
gzip | turns internal compression off if set to false. true by default.
`udpserver` forwards traffic from N I2P destinations to 1 local UDP endpoint
`udpserver` forwards traffic from N I2P destinations to 1 local UDP endpoint
@ -187,10 +196,12 @@ There are 2 types of UDP tunnels: `udpclient` and `udpserver`
host = 127.0.0.1
host = 127.0.0.1
port = 1194
port = 1194
* address -- IP address to use for local UDP endpoints, defaults to `127.0.0.1`
Option | Description
* host -- IP address to forward traffic to, required parameter.
--------------------|--------------------
* port -- UDP port to forward traffic on, required parameter
address | IP address to use for local UDP endpoints, defaults to `127.0.0.1`
* gzip -- turns internal compression off if set to false. true by default.
host | IP address to forward traffic to, required parameter.
port | UDP port to forward traffic on, required parameter
gzip | turns internal compression off if set to false. true by default.
Socks proxy
Socks proxy
@ -206,8 +217,10 @@ Here's an example of a Socks proxy:
port = 14447
port = 14447
keys = socks-keys.dat
keys = socks-keys.dat
* address -- local address Socks proxy binds to, defaults to `127.0.0.1`
Option | Description
* port -- TCP port Socks proxy binds to
--------------------|--------------------
address | local address Socks proxy binds to, defaults to `127.0.0.1`
port | TCP port Socks proxy binds to
I2CP parameters
I2CP parameters
@ -215,22 +228,24 @@ I2CP parameters
These I2CP parameter are common for all tunnel types and specify settings for a local destination.
These I2CP parameter are common for all tunnel types and specify settings for a local destination.
* inbound.length -- number of hops of an inbound tunnel. 3 by default, 8 by max; lower value is faster but dangerous
Parameter | Description
* outbound.length -- number of hops of an outbound tunnel. 3 by default, 8 by max; lower value is faster but dangerous