ServerPage 0 0 1220 896 6 6 6 6 0 Network Configuration 6 6 6 Network Mode NAT Local Address External Address Dynamic DNS 50 false Download limit (KB/s) 50 false Upload limit (KB/s) 6 0 0 <html><head/><body><p>This download limit covers the whole application. However, in some situations, such as when transfering many small files at once, the estimated bandwidth becomes unreliable and the total value reported by Retroshare might exceed that limit. </p></body></html> kB/s 1 100000 1 Port: Acceptable ports range from 10 to 65535. Normally Ports below 1024 are reserved by your system. 1024 65535 7812 Port: Acceptable ports range from 10 to 65535. Normally ports below 1024 are reserved by your system. 1024 65535 7812 Automatic (UPnP) Firewalled Manually Forwarded Port 200 0 <html><head/><body><p>The DHT allows you to answer connection requests from your friends using BitTorrent's DHT. It greatly improves the connectivity. No information is actually stored in the DHT. It is only used as a proxy system to get in touch with other Retroshare nodes.</p><p>The Discovery service sends node name and ids of your trusted contacts to connected peers, to help them choose new friends. The friendship is never automatic however, and both peers still need to trust each other to allow connection. </p></body></html> Public: DHT & Discovery Private: Discovery Only Inverted: DHT Only Dark Net: None 6 6 16 16 :/images/ledoff1.png <html><head/><body><p>The bullet turns green as soon as Retroshare manages to get your own IP from the websites listed below, if you enabled that action. Retroshare will also use other means to find out your own IP.</p></body></html> External ip address finder 6 6 16 16 :/images/ledoff1.png Local network 0 0 <html><head/><body><p>The upload limit covers the entire software. Too small an upload limit might eventually block low priority services (forums, channels). A minimum recommended value is 50KB/s. </p></body></html> kB/s 1 100000 1 6 6 16 16 :/images/ledoff1.png UPnP 6 6 16 16 :/images/ledoff1.png 75 true [Hidden mode] border: 1px solid #DCDC41; border-radius: 6px; background: #FFFFD7; background-color: qlineargradient(x1:0, y1:0, x2:0, y2:1, stop:0 #FFFFD7, stop:1 #FFFFB2); WARNING: These values don't take into account the Relays. Known / Previous IPs: Qt::Horizontal 40 20 <html><head/><body><p>This clears the list of known addresses. This action is useful if for some reason your address list contains an invalid/irrelevant/expired address that you want to avoid passing to your friends as a contact address.</p></body></html> Clear 16777215 150 If you uncheck this, RetroShare can only determine your IP when you connect to somebody. Leaving this checked helps connecting when you have few friends. It also helps if you're behind a firewall or a VPN. Allow RetroShare to ask my ip to these websites: true 0 0 QAbstractItemView::NoEditTriggers Qt::Vertical 20 40 allowIpDeterminationCB IPServersLV ipAddressList IP Filters Activate IP filtering 0 IP blacklist Qt::CustomContextMenu <html><head/><body><p>This list gets automatically filled with information gathered at multiple sources: masquerading peers reported by the DHT, IP ranges entered by you, and IP ranges reported by your friends. Default settings should protect you against large scale traffic relaying.</p><p>Automatically guessing masquerading IPs can put your friends IPs in the blacklist. In this case, use the context menu to whitelist them.</p></body></html> true QAbstractItemView::SingleSelection false true IP range Status Origin Reason Comment <html><head/><body><p>This is very drastic, be careful. Since masquerading IPs might be actual real IPs, this option might cause disconnection, and will probably force you to add your friends' IPs into the whitelist.</p></body></html> Ban every IP reported by your friends <html><head/><body><p>Another drastic option. If you use it, be prepared to add your friends' IPs into the whitelist when needed.</p></body></html> Ban every masquerading IP reported by your DHT <html><head/><body><p>If used alone, this option protects you quite well from large scale IP masquerading.</p></body></html> Automatically ban ranges of DHT masquerading IPs starting at IPs 2 255 Qt::Horizontal 40 20 IP whitelist Qt::CustomContextMenu <html><head/><body><p>White listed IPs are gathered from the following sources: IPs coming inside a manually exchanged certificate, IP ranges entered by you in this window, or in the security feed items.</p><p>The default behavior for Retroshare is to (1) always allow connection to peers with IP in the whitelist, even if that IP is also blacklisted; (2) optionally require IPs to be in the whitelist. You can change this behavior for each peer in the &quot;Details&quot; window of each Retroshare node. </p></body></html> true QAbstractItemView::SingleSelection false true IP range Status Origin Reason Comment Manual input 0 0 <html><head/><body><p>Enter an IP range. Accepted formats:</p><p>193.190.209.15</p><p>193.190.209.15/24</p><p>193.190.209.15/16</p></body></html> 16 32 8 24 0 0 <html><head/><body><p>Enter any comment you'd like</p></body></html> Add to blacklist Add to whitelist Qt::Vertical 20 40 Hidden Service Configuration 0 0 0 Outgoing Manual Tor/I2P <html><head/><body><p>Configure your Tor and I2P SOCKS proxy here. <br/>If you prefer to use BOB to automatically manage I2P check the other tab.</p></body></html> <html><head/><body><p>This is the port of the Tor Socks proxy. Your Retroshare node can use this port to connect to</p><p>Hidden nodes. The led at right turns green when this port is active on your computer. </p><p>This does not mean however that your Retroshare traffic transits though Tor. It does only if </p><p>you connect to Hidden nodes, or if you are running a Hidden node yourself.</p></body></html> 10 65535 Tor Socks Proxy 16 16 :/images/ledoff1.png <html><head/><body><p>This led is green when the port listen on the left is active on your computer. It does not</p><p>mean that your Retroshare traffic transits though Tor. It will do so only if </p><p>you connect to Hidden nodes, or if you are running a Hidden node yourself.</p></body></html> Tor outgoing Okay I2P Socks Proxy 0 0 <html><head/><body><p>This is the port of the I2P Socks proxy. Your Retroshare node can use this port to connect to</p><p>Hidden nodes. The led at right turns green when this port is active on your computer. </p><p>This does not mean however that your Retroshare traffic transits though I2P. It does only if </p><p>you connect to Hidden nodes, or if you are running a Hidden node yourself.</p></body></html> 10 65535 :/images/ledoff1.png <html><head/><body><p>This led is green when the port listen on the left is active on your computer. It does not</p><p>mean that your Retroshare traffic transits though I2P. It will do so only if </p><p>you connect to Hidden nodes, or if you are running a Hidden node yourself.</p></body></html> I2P outgoing Okay 0 0 16777215 190 Qt::ScrollBarAsNeeded true Tor Socks Proxy default: 127.0.0.1:9050. Set in torrc config and update here. I2P Socks Proxy: see http://127.0.0.1:7657/i2ptunnelmgr for setting up a client tunnel: Tunnel Wizard -> Client Tunnel -> SOCKS 4/4a/5 -> enter a name -> leave 'Outproxies' empty -> enter port (memorize!) [you may also want to set the reachability to 127.0.0.1] -> Next -> check 'Auto Start' -> finish! Now enter the address (e.g. 127.0.0.1) and the port you've picked before for the I2P Proxy. You can connect to Hidden Nodes, even if you are running a standard Node, so why not setup Tor and/or I2P? Qt::Vertical 20 40 Automatic I2P/BOB Enable I2P BOB - changing this requires a restart to fully take effect Qt::Horizontal 40 20 enableds advanced settings advanced mode I2P Basic Open Bridge 0 0 I2P Instance address 0 0 127.0.0.1 I2P proxy port 10 65535 :/images/ledoff1.png <html><head/><body><p>This led is green when the port listen on the left is active on your computer. It does not</p><p>mean that your Retroshare traffic transits though I2P. It will do so only if </p><p>you connect to Hidden nodes, or if you are running a Hidden node yourself.</p></body></html> BOB accessible 0 0 Address 0 0 .b32.i2p 0 0 generate new true 1 0 0 true Qt::Vertical 20 40 Tunnel length (in/out) 0 0 7 3 0 0 7 3 Tunnel quantity (in/out) 0 0 1 16 3 0 0 1 16 3 Tunnel variance (in/out) 0 0 -1 2 0 0 0 -1 2 0 0 <html><head/><body><p>Server Key - When a key it set it will be used to setup a hidden<br/>service for I2P. Otherwise only a client tunnel is created.</p></body></html> Qt::Horizontal 40 20 load key 0 0 16777215 16777215 Qt::Horizontal 40 20 Start Restart Stop :/images/ledoff1.png BOB status Qt::Vertical 20 40 Incoming <html><head/><body><p>Setup your hidden address (and port if needed)</p></body></html> 10 65535 <html><head/><body><p>This button simulates a SSL connection to your hidden address using the corresponding proxy. If your hidden node is reachable, it should cause a SSL handshake error, which RS will interpret as a valid connection state. This operation might also cause several &quot;security warning&quot; about connections from your local host IP (127.0.0.1) in the News Feed if you enabled it, which you should interpret as a sign of good communication.</p></body></html> Test 10 65535 Service Address Local Address <html><head/><body><p>This is your hidden address. It should look like <span style=" font-weight:600;">[something].onion</span> or <span style=" font-weight:600;">[something].b32.i2p. </span>If you configured a hidden service with Tor, the onion address is generated automatically by Tor. You can get it in e.g. <span style=" font-weight:600;">/var/lib/tor/[service name]/hostname</span>. For I2P: Setup a server tunnel ( http://127.0.0.1:7657/i2ptunnelmgr ) and copy it's base32 address when it is started (should end with .b32.i2p)</p></body></html> <html><head/><body><p>This is the local address to which the hidden service points at your localhost. Most of the time, <span style=" font-weight:600;">127.0.0.1</span> is the right answer.</p></body></html> 16 16 :/images/ledoff1.png <html><head/><body><p>This led turns green only if you launch an active test using the above button. </p><p>When it does, it means that your hidden node can be reached from anywhere, using the Tor (resp. I2P) </p><p>network. Congratulations!</p></body></html> incoming ok Expected Configuration: 0 0 0 10 16777215 50 Qt::ScrollBarAlwaysOff true Please fill in a service address 0 0 16777215 16777215 true To Receive Connections, you must first setup a Tor/I2P Hidden Service. For Tor: See torrc and documentation for HOWTO details. For I2P: See http://127.0.0.1:7657/i2ptunnelmgr for setting up a server tunnel: Tunnel Wizard -> Server Tunnel -> Standard -> enter a name -> enter the address and port your RS is using (see Local Address above) -> check 'Auto Start' -> finish! Once this is done, paste the Onion/I2P (Base32) Address in the box above. This is your external address on the Tor/I2P network. Finally make sure that the Ports match the configuration. If you have issues connecting over Tor check the Tor logs too. Qt::Vertical 20 40 Relay Enable Relay Connections Qt::Horizontal 40 20 Use Relay Servers Qt::Horizontal 40 20 true Relay options 0 Qt::Horizontal 110 20 Number Qt::Horizontal 6 20 Bandwidth per link Qt::Vertical Total Bandwidth Friends 0 99 0 x kB/s 1 100 Qt::NoFocus true Friends of Friends 1 x kB/s 1 100 Qt::NoFocus true General 1 x kB/s 1 100 Qt::NoFocus true Qt::Horizontal Total: Qt::WheelFocus true Qt::Horizontal 123 20 Qt::NoFocus true 0 0 border: 1px solid #DCDC41; border-radius: 6px; background: #FFFFD7; background-color: qlineargradient(x1:0, y1:0, x2:0, y2:1, stop:0 #FFFFD7, stop:1 #FFFFB2); Warning: This bandwidth adds up to the max bandwidth. Relay Server Setup HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH false true Add Server Server DHT Key Remove Server 0 0 border: 1px solid #DCDC41; border-radius: 6px; background: #FFFFD7; background-color: qlineargradient(x1:0, y1:0, x2:0, y2:1, stop:0 #FFFFD7, stop:1 #FFFFB2); <p>By activating relays, you allow your Retroshare node to act as a bridge between Retroshare users who cannot connect directly, e.g. because they're firewalled.</p> <p>You may choose to act as a relay by checking <i>enable relay connections</i>, or simply benefit from other peers acting as relay, by checking <i>use relay servers</i>. For the former, you may specify the bandwidth allocated when acting as a relay for friends of you, for friends of your friends, or anyone in the Retroshare network.</p> <p>In any case, a Retroshare node acting as a relay cannot see the relayed traffic, since it is encrypted and authenticated by the two relayed nodes.</p> true Qt::Vertical 20 40 localAddress localPort extAddress extPort dynDNS