ServerPage 0 0 1220 896 6 6 6 6 2 Network Configuration 6 6 6 Network Mode NAT Local Address External Address Dynamic DNS 50 false Download limit (KB/s) 50 false Upload limit (KB/s) 6 0 0 <html><head/><body><p>This download limit covers the whole application. However, in some situations, such as when transfering many small files at once, the estimated bandwidth becomes unreliable and the total value reported by Retroshare might exceed that limit. </p></body></html> kB/s 1 100000 1 Port: Acceptable ports range from 10 to 65535. Normally Ports below 1024 are reserved by your system. 1024 65535 7812 Port: Acceptable ports range from 10 to 65535. Normally ports below 1024 are reserved by your system. 1024 65535 7812 Automatic (UPnP) Firewalled Manually Forwarded Port 200 0 <html><head/><body><p>The DHT allows you to answer connection requests from your friends using BitTorrent's DHT. It greatly improves the connectivity. No information is actually stored in the DHT. It is only used as a proxy system to get in touch with other Retroshare nodes.</p><p>The Discovery service sends node name and ids of your trusted contacts to connected peers, to help them choose new friends. The friendship is never automatic however, and both peers still need to trust each other to allow connection. </p></body></html> Public: DHT & Discovery Private: Discovery Only Inverted: DHT Only Dark Net: None 6 6 16 16 :/images/ledoff1.png <html><head/><body><p>The bullet turns green as soon as Retroshare manages to get your own IP from the websites listed below, if you enabled that action. Retroshare will also use other means to find out your own IP.</p></body></html> External ip address finder 6 6 16 16 :/images/ledoff1.png Local network 0 0 <html><head/><body><p>The upload limit covers the entire software. Too small an upload limit might eventually block low priority services (forums, channels). A minimum recommended value is 50KB/s. </p></body></html> kB/s 1 100000 1 6 6 16 16 :/images/ledoff1.png UPnP 6 6 16 16 :/images/ledoff1.png 75 true <html><head/><body><p>The bullet turns green as soon as Retroshare manages to get your own IP from the websites listed below, if you enabled that action. Retroshare will also use other means to find out your own IP.</p></body></html> [Hidden mode] Known / Previous IPs: Qt::Horizontal 40 20 <html><head/><body><p>This clears the list of known addresses. This action is useful if for some reason your address list contains an invalid/irrelevant/expired address that you want to avoid passing to your friends as a contact address.</p></body></html> Clear 16777215 150 Show Discovery information in statusbar If you uncheck this, RetroShare can only determine your IP when you connect to somebody. Leaving this checked helps connecting when you have few friends. It also helps if you're behind a firewall or a VPN. Allow RetroShare to ask my ip to these websites: true 0 0 QAbstractItemView::NoEditTriggers Qt::Vertical 20 40 showDiscStatusBar allowIpDeterminationCB IPServersLV ipAddressList IP Filters Activate IP filtering 0 IP blacklist Qt::CustomContextMenu <html><head/><body><p>This list gets automatically filled with information gathered at multiple sources: masquerading peers reported by the DHT, IP ranges entered by you, and IP ranges reported by your friends. Default settings should protect you against large scale traffic relaying.</p><p>Automatically guessing masquerading IPs can put your friends IPs in the blacklist. In this case, use the context menu to whitelist them.</p></body></html> true QAbstractItemView::SingleSelection false true IP range Status Origin Reason Comment <html><head/><body><p>This is very drastic, be careful. Since masquerading IPs might be actual real IPs, this option might cause disconnection, and will probably force you to add your friends' IPs into the whitelist.</p></body></html> Ban every IP reported by your friends <html><head/><body><p>Another drastic option. If you use it, be prepared to add your friends' IPs into the whitelist when needed.</p></body></html> Ban every masquerading IP reported by your DHT <html><head/><body><p>If used alone, this option protects you quite well from large scale IP masquerading.</p></body></html> Automatically ban ranges of DHT masquerading IPs starting at IPs 2 255 Qt::Horizontal 40 20 IP whitelist Qt::CustomContextMenu <html><head/><body><p>White listed IPs are gathered from the following sources: IPs coming inside a manually exchanged certificate, IP ranges entered by you in this window, or in the security feed items.</p><p>The default behavior for Retroshare is to (1) always allow connection to peers with IP in the whitelist, even if that IP is also blacklisted; (2) optionally require IPs to be in the whitelist. You can change this behavior for each peer in the &quot;Details&quot; window of each Retroshare node. </p></body></html> true QAbstractItemView::SingleSelection false true IP range Status Origin Reason Comment Manual input 0 0 <html><head/><body><p>Enter an IP range. Accepted formats:</p><p>193.190.209.15</p><p>193.190.209.15/24</p><p>193.190.209.15/16</p></body></html> 16 32 8 24 0 0 <html><head/><body><p>Enter any comment you'd like</p></body></html> Add to blacklist Add to whitelist Qt::Vertical 20 40 Hidden Service Configuration Outgoing Connections Tor Socks Proxy <html><head/><body><p>This is the port of the Tor Socks proxy. Your Retroshare node can use this port to connect to</p><p>Hidden nodes. The led at right turns green when this port is active on your computer. </p><p>This does not mean however that your Retroshare traffic transits though Tor. It does only if </p><p>you connect to Hidden nodes, or if you are running a Hidden node yourself.</p></body></html> 1024 65535 16 16 :/images/ledoff1.png <html><head/><body><p>The led on the left is green when the listening port is active on your computer. It does not</p><p>mean that your Retroshare traffic transits though Tor. It will do so only if </p><p>you connect to Hidden nodes, or if you are running a Hidden node yourself.</p></body></html> Tor outgoing Okay 0 0 I2P Socks Proxy <html><head/><body><p>This is the port of the I2P Socks proxy. Your Retroshare node can use this port to connect to</p><p>Hidden nodes. The led at right turns green when this port is active on your computer. </p><p>This does not mean however that your Retroshare traffic transits though I2P. It does only if </p><p>you connect to Hidden nodes, or if you are running a Hidden node yourself.</p></body></html> 1024 65535 :/images/ledoff1.png <html><head/><body><p>The led on the left is green when the listening port is active on your computer. It does not</p><p>mean that your Retroshare traffic transits though I2P. It will do so only if </p><p>you connect to Hidden nodes, or if you are running a Hidden node yourself.</p></body></html> I2P outgoing Okay 16777215 145 Qt::ScrollBarAsNeeded true Tor Socks Proxy default: 127.0.0.1:9050. Set in torrc config and update here. I2P Socks Proxy: see http://127.0.0.1:7657/i2ptunnelmgr for setting up a client tunnel: Tunnel Wizard -> Client Tunnel -> SOCKS 4/4a/5 -> enter a name -> leave 'Outproxies' empty -> enter port (memorize!) [you may also want to set the reachability to 127.0.0.1] -> Next -> check 'Auto Start' -> finish! Now enter the address (e.g. 127.0.0.1) and the port you've picked before for the I2P Proxy. You can connect to Hidden Nodes, even if you are running a standard Node, so why not setup Tor and/or I2P? 0 0 Incoming Service Connections 1024 65535 <html><head/><body><p>This button simulates a SSL connection to your hidden address using the corresponding proxy. If your hidden node is reachable, it should cause a SSL handshake error, which RS will interpret as a valid connection state. This operation might also cause several &quot;security warning&quot; about connections from your local host IP (127.0.0.1) in the News Feed if you enabled it, which you should interpret as a sign of good communication.</p></body></html> Apply 1024 65535 Service Address Local Address <html><head/><body><p>This is your hidden address. It should look like <span style=" font-weight:600;">[something].onion</span> or <span style=" font-weight:600;">[something].b32.i2p. </span>If you configured a hidden service with Tor, the onion address is generated automatically by Tor. You can get it in e.g. <span style=" font-weight:600;">/var/lib/tor/[service name]/hostname</span>. For I2P: Setup a server tunnel ( http://127.0.0.1:7657/i2ptunnelmgr ) and copy it's base32 address when it is started (should end with .b32.i2p)</p></body></html> <html><head/><body><p>This is the local address to which the hidden service points at your localhost. Most of the time, <span style=" font-weight:600;">127.0.0.1</span> is the right answer.</p></body></html> 16 16 :/images/ledoff1.png <html><head/><body><p>This led turns green only if you launch an active test using the above button. </p><p>When it does, it means that your hidden node can be reached from anywhere, using the Tor (resp. I2P) </p><p>network. Congratulations!</p></body></html> incoming ok Expected Configuration: 0 0 0 10 16777215 50 Qt::ScrollBarAlwaysOff true Please fill in a service address 0 0 16777215 100 true To Receive Connections, you must first setup a Tor/I2P Hidden Service. For Tor: See torrc and documentation for HOWTO details. For I2P: See http://127.0.0.1:7657/i2ptunnelmgr for setting up a server tunnel: Tunnel Wizard -> Server Tunnel -> Standard -> enter a name -> enter the address and port your RS is using (see Local Address above) -> check 'Auto Start' -> finish! Once this is done, paste the Onion/I2P (Base32) Address in the box above. This is your external address on the Tor/I2P network. Finally make sure that the Ports match the configuration. If you have issues connecting over Tor check the Tor logs too. Qt::Vertical 20 18 localAddress localPort extAddress extPort dynDNS showDiscStatusBar