[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r2649 - GNUnet-docs/WWW/test
|
From: |
durner |
|
Subject: |
[GNUnet-SVN] r2649 - GNUnet-docs/WWW/test |
|
Date: |
Sun, 23 Apr 2006 13:18:36 -0700 (PDT) |
Author: durner
Date: 2006-04-23 13:18:32 -0700 (Sun, 23 Apr 2006)
New Revision: 2649
Modified:
GNUnet-docs/WWW/test/user_gnunet.php3
Log:
update testsite
Modified: GNUnet-docs/WWW/test/user_gnunet.php3
===================================================================
--- GNUnet-docs/WWW/test/user_gnunet.php3 2006-04-23 13:58:23 UTC (rev
2648)
+++ GNUnet-docs/WWW/test/user_gnunet.php3 2006-04-23 20:18:32 UTC (rev
2649)
@@ -1,554 +1,554 @@
-<?php
-include("scripts.php3");
-$title = "GNUnet Documentation: GNUnet core setup";
-$description="How to configure the GNUnet peer-to-peer framework (excluding
GNUnet applications)";
-include("html_header.php3");
-H2("GNUnet Documentation: GNUnet core");
-?>
-<ul>
- <li><a href="#installation"><?php W("Installation"); ?></a></li>
- <li><a href="#gnunet.conf"><?php W("The configuration file gnunet.conf");
?></a></li>
- <li><a href="#coretools"><?php W("GNUnet core tools"); ?></a>
- <ul>
- <li><a href="#transportcheck">gnunet-transport-check</a></li>
- <li><a href="#stats">gnunet-stats</a></li>
- <li><a href="#peerinfo">gnunet-peer-info</a></li>
- </ul>
- </li>
-</ul>
-<?php
-ANCHOR("installation");
-H3("Installation");
-BP();
-W("First, in addition to the %s you must download the latest version of %s and
install that library.",
- ARRAY(intlink_("download.php3", "GNUnet sources"),
- extlink_("/libextractor/", "libextractor")));
-W("libextractor has itself various mandatory and optional dependencies.");
-W("Please check the dependency list, both GNUnet and libextractor contain a
file README.debian that lists the current package dependencies for Debian.");
-W("There maybe files for other distributions, or you might be able to find
equivalent packages for your distribution.");
-W("Installing libextractor should be as simple as:");
-EP();
-PRE("$ ./configure --prefix=\$HOME\n" .
- "$ make\n" .
- "# make install\n");
-BP();
-W("For GNUnet, you should again check the dependency list.");
-W("Now compile and install GNUnet using:");
-EP();
-PRE("$ ./configure --prefix=\$HOME --with-extractor=\$HOME\n" .
- "$ make\n" .
- "# make install\n");
-BP();
-
-W("Finally, you probably want to compile <tt>gnunet-gtk</tt>:");
-EP();
-PRE("$ ./configure --prefix=\$HOME --with-extractor=\$HOME
--with-gnunet=\$HOME\n" .
- "$ make\n" .
- "# make install\n");
-BP();
-W("If you are updating from a version from the 0.7.x series, you should (after
stopping gnunetd) run:");
-EP();
-PRE("# gnunet-update\n");
-BP();
-W("This should trigger all necessary changes.");
-W("If you are updating from a version before 0.7.0pre2, you must delete your
old GNUnet directories.");
-W("Note that you will also have to run <tt>gnunet-update</tt> after certain
changes to the <tt>gnunetd.conf</tt> configuration file.");
-W("<tt>gnunetd</tt> will immediately exit with an error message if
<tt>gnunet-update</tt> must be run.");
-
-P();
-
-W("If you are using GNUnet for the first time (or if you deleted all of your
old files) you will probably want to run <tt>gnunet-setup</tt> at this point.");
-W("The setup tool supports various styles of user interfaces.");
-W("Invoke <tt>gnunet-setup</tt> without arguments to see the various styles
supported on your platform.");
-W("Using one of the wizards should allow a quick initial configuration.");
-
-P();
-
-W("After finishing the configuration with <tt>gnunet-setup</tt>, you can test
the installation using");
-EP();
-PRE("# gnunet-transport-check\n");
-PRE("# gnunet-transport-check -p\n");
-BP();
-W("The first command tests your local transports (basics), the second one
connectivity to the rest of the peer-to-peer network (ping).");
-W("If the test fails (i.e. <tt>gnunet-transport-check -p</tt> reports being
able to connect to 0 peers), you should revisit your configuration, in
particular your network setup.");
-W("Again, after changing the configuration, you should always run
<tt>gnunet-update</tt> to allow GNUnet to perform necessary internal updates.");
-W("Note that it is <tt>normal</tt> for the NAT transport to be reported as
not-working in some configurations.");
-W("Once configuration is complete and <tt>gnunet-update</tt> is done, start
the server using:");
-EP();
-PRE("# gnunetd -d\n");
-BP();
-W("The "-d" option causes <tt>gnunetd</tt> to print all errors to
the console and prevents <tt>gnunetd</tt> from detaching from the console.");
-
-W("If you get any errors, you may have to edit the configuration file.");
-W("Some errors maybe related to the specific applications that are being used,
so consult the documentation there.");
-W("Use the log-files and the tools described below to diagnose problems.");
-W("You may also want to increase the verbosity of the logging using the
parameter "-L DEBUG".");
-W("Read the man pages for additional information about command line options.");
-P();
-W("Once everything works and you get no error messages, press
"CTRL-C" to abort <tt>gnunetd</tt> and restart it without the
"-d" option.");
-W("Without the option, <tt>gnunetd</tt> will detach from the terminal and
write errors into the logfile.");
-P();
-W("If you want to automatically start GNUnet each time your machine boots
<tt>contrib/initgnunet</tt> contains an example script to start the server as
user <em>gnunet</em> with a configuation in <tt>/etc/gnunet.conf</tt>.");
-W("If you installed a binary package, the installer probably already put the
start-script into "/etc/init.d/gnunetd" or the appropriate location
for your system.");
-W("Still, even in that case, you may have to activate the script.");
-
-EP();
-
-H3("General notes about the configuration");
-BP();
-
-W("GNUnet typically requires the configuration of four basic layers.");
-w("On the lowest layer, you need to configure the transport services that
allow GNUnet to communicate with other peers.");
-W("A simple example is the specification of the port number used by a TCP or
UDP transport.");
-
-W("The GNUnet core needs to know certain resource limitations, such as CPU
load and bandwidth usage.");
-W("Both the configuration of the transport services and the GNUnet core are
described below.");
-W("Additionally, the applications run on top of GNUnet may also require some
configuration.");
-W("Finally, the user interface(s) that are used to interact with
<tt>gnunetd</tt> are configured in a per-user configuration file.");
-EP();
-
-HR();
-
-ANCHOR("files");
-H3("The GNUnet configuration files");
-ANCHOR("gnunet.conf");
-
-BP();
-W("When a required configuration file is not present on startup, any GNUnet
tool will attempt to create one by dumping a copy of the respective default
configuration file to that location.");
-W("The option <tt>-c</tt> can be used for any GNUnet tool to specify an
alternative location for the configuration file.");
-W("GNUnet uses two different configuration files (with the same syntax but
different options), one for the server (<tt>gnunetd</tt>) and another one for
all of the clients.");
-W("The rationale is that typcially the system administrator will setup
<tt>gnunetd</tt> while ordinary users are executing the clients.");
-P();
-W("The default location for the configuration of <tt>gnunetd</tt> is
<tt>/etc/gnunetd.conf</tt>.");
-W("If <tt>gnunetd</tt> is run as an ordinary user and cannot access a
configuration in <tt>/etc/gnunetd.conf</tt> it will automatically fall back to
<tt>\$HOME/.gnunet/gnunetd.conf</tt>.");
-W("A few tools that help setup and diagnose the daemon (like
<tt>gnunet-transport-check</tt>) also use this configuration file.");
-W("A template for this configuration is in <tt>contrib/gnunet.root</tt>.");
-P();
-W("The GNUnet clients (like <tt>gnunet-insert</tt> or <tt>gnunet-gtk</tt>) use
a different configuration file.");
-W("All GNUnet clients expect this file to reside by default in
<tt>\$HOME/.gnunet/gnunet.conf</tt>.");
-W("A template for this file is in <tt>contrib/gnunet.user</tt>.");
-W("If the configuration file is not found, all GNUnet tools will use the
default configuration file and write that configuration to the location where
the configuration file was expected.");
-W("So you can always revert to the default configuration file by deleting or
renaming the existing file.");
-
-EP();
-
-ANCHOR("serveroptions"); H3("Server options");
-
-BP();
-W("All of the options described here refer to the server configuration.");
-W("This section describes the most important options to setup
<tt>gnunetd</tt>.");
-W("If you are on dialup, look at %s and probably %s.",
- ARRAY(extlink_("#gnunet.conf.helloexpires", "HELLOEXPIRES"),
- extlink_("#gnunet.conf.interfaces", "INTERFACES")));
-W("If you are behind a NAT box, look at %s.",
- extlink_("#gnunet.conf.ip", "IP"));
-W("If you are a frontier host that is accessible from a trusted LAN and
connected to the Internet, have a look at %s, %s and %s.",
- ARRAY(extlink_("#gnunet.conf.trusted", "TRUSTED"),
- extlink_("#gnunet.conf.blacklist", "BLACKLIST"),
- extlink_("#gnunet.conf.heloexchange", "HELLOEXCHANGE")));
-P();
-W("The configuration of the SMTP transport layer is described %s",
- intlink_("smtp.php3","here"));
-EP();
-
-ANCHOR("gnunet.conf.port");H4("NETWORK: PORT");
-
-BP();
-W("With this option, you can specify to which TCP port the gnunet-clients
should connect.");
-W("It is also the choice of the port for <tt>gnunetd</tt>.");
-W("While you can restrict access to this port using the %s option, you may
also want to firewall this port.",
- extlink_("#gnunet.conf.trusted", "NETWORK: TRUSTED"));
-W("A different port must be used for the TCP and UDP peer-to-peer transport
mechanism.");
-W("The default value is <tt>2087</tt>.");
-
-EP();
-ANCHOR("gnunet.conf.interface");H4("NETWORK: INTERFACE");
-
-BP();
-W("Use this option to specify which interface GNUnet should use to try to
determine your IP.");
-W("The interface is also used to determine the network load.");
-W("Alternatively, you can use the %s option.",
- extlink_("#gnunet.conf.ip", "IP"));
-W("If both an interface and an IP is specified, the IP option takes
preference.");
-
-EP();
-ANCHOR("gnunet.conf.ip");H4("NETWORK: IP");
-
-BP();
-W("This option allows you to specify the advertised IP.");
-W("If you do not specify anything, GNUnet will attempt to detect the IP.");
-W("You really need this option if you are behind a NAT box.");
-W("In that case, you have to specify the IP of the NAT box here (you can use a
hostname, DNS is supported).");
-W("For NAT boxes with changing IP, you may want to use %s.",
- extlink_("http://www.technopagan.org/dynamic/";, "Dynamic DNS"));
-
-EP();
-ANCHOR("gnunet.conf.helloexchange");H4("NETWORK: HELLOEXCHANGE");
-
-BP();
-W("If you set this option to <tt>NO</tt> your node will not forward HELLO
messages that advertise other nodes.");
-W("This option only makes sense if your node bridges two networks that both
contain GNUnet nodes but that can not contact each other directly.");
-W("The default value is <tt>YES</tt>.");
-W("Stick to the default if you are unsure.");
-
-EP();
-ANCHOR("gnunet.conf.trusted");H4("NETWORK: TRUSTED");
-
-BP();
-W("With this option you can specfiy which addresses are trusted enough to
connect to gnunetd via TCP as clients.");
-W("The default is only the local host.");
-W("If you are on a trusted LAN, you may want to specify the LAN network and
netmask.");
-W("You must use IPs, DNS lookup is not supported.");
-
-EP();
-ANCHOR("gnunet.conf.interfaces");H4("LOAD: INTERFACES");
-
-BP();
-W("Under this option you specify which interfaces GNUnet is going to monitor
to determine the load.");
-W("If you have ethernet, the default is <tt>eth0</tt>.");
-W("If you have a modem, try <tt>ppp0</tt>.");
-W("In general, the command <tt>ifconfig</tt> (may not be in your path if you
are logged in as a normal user, try <tt>/sbin/ifconfig</tt>) will show you the
active devices.");
-
-EP();
-ANCHOR("gnunet.conf.basiclimiting");H4("LOAD: BASICLIMITING");
-
-BP();
-W("Use basic bandwidth limitation?");
-W("YES or NO.");
-W("The basic method notes only gnunet traffic and can be used to specify
simple maximum bandwidth usage of GNUnet.");
-W("Choose the basic method if you don’t want other network traffic to
interfere with GNUnets operation, but still wish to constrain gnunet’s
bandwidth usage, or if you can’t reliably measure the maximum
capabilities of your
-connection.");
-W("The basic method might also be good when the used interface can transmit
data to/from local network very fast compared to internet traffic (a condition
that makes the advanced method unreliable).");
-
-P();
-
-W("The advanced bandwidth limitation measures total traffic over the chosen
interface (including GNUnet traffic), and allows gnunetd to participate if the
total traffic is low enough.");
-
-EP();
-ANCHOR("gnunet.conf.maxnetbpsuptotal");H4("LOAD: MAXNETBPSUPTOTAL");
-
-BP();
-W("If you use basic bandwidth limitation, this option specifies the maximum
GNUnet can use for its internal traffic.");
-W("When using advanced limiting, use this option to specify your maximum
upload speed (how many bytes per second your node can send).");
-W("In that case, do not specify how much you want GNUnet to use, but use the
maximum theoretically available.");
-W("If you do not know your bandwidth, stick with the default of 50,000 bytes
per second.");
-
-EP();
-ANCHOR("gnunet.conf.maxnetbpsdowntotal");H4("LOAD: MAXNETBPSDOWNTOTAL");
-
-BP();
-W("Same as %s but for download speeds.",
- extlink_("#gnunet.conf.maxnetbpsuptotal", "MAXNETBPSUPTOTAL"));
-W("Note that GNUnet can not control exactly how much data other nodes are
sending to your machine (an approximate control is attempted, but malicious
peers can always ignore the protocol and send more data).");
-W("The upload limit is strictly enforced.");
-W("If we are above our boundaries for the download limits, GNUnet will notify
peers to reduce the amount of traffic until we are back inside the limits.");
-W("Note that if you disable BASICLIMITING, GNUnet will sense if non-GNUnet
traffic is going on and only use the specified amount of bandwidth if you are
not using it otherwise.");
-
-EP();
-ANCHOR("gnunet.conf.maxcpuload");H4("LOAD: MAXCPULOAD");
-
-BP();
-W("Up to which CPU load will GNUnet process packets from other nodes.");
-W("If the average CPU load goes over this value (like for the network, this
includes other applications), GNUnet will start dropping packets and reduce the
load.");
-W("GNUnet may also do fewer of the expensive message-packing computations,
trading bandwidth for CPU time.");
-W("For example, if you are running an application that takes up all of your
CPU power, GNUnet will pretty much not serve any other nodes (the node is
considered <em>busy</em>).");
-W("Only if the load is under the value specified here, GNUnet will serve other
nodes.");
-W("The default is 50, which should keep your hosts responsive enough while
being more than sufficient for GNUnet on any modern machine.");
-
-EP();
-ANCHOR("gnunet.conf.udp.port");H4("UDP: PORT");
-
-BP();
-W("Which port should the UDP transport layer use?");
-W("If no value is specified, GNUnet will try to find a port in
<tt>/etc/services</tt>.");
-W("If you specify 0, this means that you do not want to open UDP for receiving
messages (but, if you load the transport module, you can still send UDP
traffic).");
-W("The default port is 2086 as assigned to GNUnet by %s.",
- extlink_("http://www.iana.org";, "IANA"));
-W("Since other peers will try to connect to this port, you should configure
your firewall to let all traffic through.");
-W("UDP is a stateless protocol, thus just allowing <tt>related</tt> traffic in
a stateful firewall will not be sufficient.");
-
-EP();
-ANCHOR("gnunet.conf.blacklist");H4("UDP: BLACKLIST");
-
-BP();
-W("If your node receives advertisements for nodes on virtual private networks,
it should not even attempt to connect to those networks.");
-W("You can use this option to specify a list of networks that are forbidden.");
-W("gnunetd will then never attempt to communicate with these addresses.");
-W("You will get an error if your own IP address is listed here.");
-
-EP();
-ANCHOR("gnunet.conf.udp.mtu");H4("UDP: MTU");
-
-BP();
-W("This option specifies the maximum transfer unit, the maximum number of
bytes that GNUnet will put in a UDP packet.");
-W("This does not include the IP or UDP headers.");
-W("Do not use more than your OS (and firewall) can support.");
-W("Typcially, your want to avoid fragmentation and should choose network-MTU
minus 28.");
-W("You can determine your MTU using the <tt>ifconfig</tt> command.");
-W("For ethernet, the network MTU should be 1500 octets, resulting in 1472
octets for the GNUnet MTU, which is also the default.");
-W("Do not use values smaller than 1200.");
-EP();
-
-ANCHOR("gnunet.conf.tcp.port");H4("TCP: PORT");
-
-BP();
-W("Which port should the TCP transport layer use?");
-W("If no value is specified, GNUnet will try to find a port in
<tt>/etc/services</tt>.");
-W("If you specify 0, this means that you do not want to open TCP for receiving
messages (but, if you load the transport module, you can still initiate
bi-directional TCP connections).");
-W("Setting the TCP port to 0 is a common configuration for machines behind NAT
boxes (these peers can then still initiate connections but other nodes will not
attempt to connect).");
-W("The default port is 2086 as assigned to GNUnet by %s.",
- extlink_("http://www.iana.org";, "IANA"));
-W("Since other peers will try to connect to this port, you should configure
your firewall to let all traffic through.");
-W("Make sure that the port number you select here does not conflict with the
client TCP port.");
-
-EP();
-ANCHOR("gnunet.conf.blacklist");H4("TCP: BLACKLIST");
-BP();
-W("If your node receives advertisements for nodes on virtual private networks,
it should not even attempt to connect to those networks.");
-W("You can use this option to specify a list of networks that are forbidden.");
-W("gnunetd will then never attempt to communicate with these addresses.");
-W("You will get an error if your own IP address is listed here.");
-
-EP();
-ANCHOR("gnunet.conf.tcp.mtu");H4("TCP: MTU");
-
-BP();
-W("This option specifies the maximum transfer unit, the maximum number of
bytes that GNUnet will put in a TCP packet.");
-W("This does not include the IP or TCP headers.");
-W("Typcially, your want to avoid fragmentation and should choose network-MTU
minus 40.");
-W("For ethernet, this would result in 1460 octets, which is also the
default.");
-W("Do not use less than 1200.");
-
-EP();
-ANCHOR("gnunet.conf.nat.limited"); H4("NAT: LIMITED");
-
-BP();
-W("The NAT transport allows connections between machines using network-address
translation (NAT) and "normal" peers with a globally unique IP
address.");
-W("Thus in practice, all GNUnet peers that support TCP should also load the
NAT transport service, either since they need it to connect themselves or
because it allows them to connect to other peers that require NAT support.");
-W("NAT support requires loading ethe TCP transport service (IPv4 and/or
IPv6).");
-W("The only option for the NAT transport is "LIMITED".");
-W("The default value "NO" is used for peers that
<strong>either</strong> have a globally routed IP address (are not using NAT at
all) <strong>or</strong> for peers that advertise the IP of the NAT box and
where the NAT box forwards the TCP port to the NAT-ed IP in the LAN.");
-W("Only if you can not configure your NAT box to forward the TCP port to your
local machine you should set LIMITED to "YES".");
-P();
-W("In summary, there are three possibilities.");
-W("If you use TCP and don′t use NAT on your local network, load the NAT
transport anyway, set LIMITED to "NO".");
-W("If you use NAT on your local network and have control over your NAT box,
configure the NAT box to forward the TCP (and if possibly UDP) ports to the
machine running <tt>gnunetd</tt>, also load the NAT transport and also set
LIMITED to "NO".");
-W("If you use NAT on your local network and do NOT have control over the NAT
box, you <strong>must</strong> load the TCP and the NAT transport, set the
TCP-PORT to "0" and LIMITED to "YES".");
-P();
-W("The last option is the worst since it limits whom you can connect to and
thus limits your anonymity.");
-W("If you are adventurous, you can supplement the last option with the SMTP
transport, which is difficult to configure but will allow NAT-to-NAT
communication.");
-
-EP();
-ANCHOR("gnunet.conf.helloexpires");H4("GNUNETD: HELLOEXPIRES");
-BP();
-W("This option specifies how long (in minutes) your node will claim to be
reachable under the current IP.");
-W("If you have a permanent IP, a couple of days can be a reasonable value.");
-W("If you are on dialup, you may want to choose only an hour.");
-W("The default is 1440 (1 day).");
-W("The largest acceptable value is 14400 (10 days).");
-
-EP();
-ANCHOR("gnunet.conf.loglevel");H4("GNUNETD: LOGLEVEL");
-
-BP();
-W("Loglevel, how much should be logged?");
-W("You can use NOTHING, FATAL, ERROR, FAILURE, WARNING, MESSAGE INFO, DEBUG,
CRON or EVERYTHING (which log more and more messages in this order).");
-W("Default is WARNING.");
-W("You can override this option at the commandline with the <tt>-L</tt>
switch.");
-
-EP();
-ANCHOR("gnunet.conf.logfile");H4("GNUNETD: LOGFILE");
-
-BP();
-W("If <tt>gnunetd</tt> is not started with the <tt>-d</tt> option, it writes
logging messages into this file (with <tt>-d</tt> all messages are written to
the console).");
-W(" Read this %s if you are using logrotate.",
-
extlink_("http://mail.gnu.org/archive/html/help-gnunet/2002-08/msg00012.html";,
"mail"));
-
-EP();
-ANCHOR("gnunet.conf.pidfile");H4("GNUNETD: PIDFILE");
-
-BP();
-W("In which file should gnunetd write the process-id of the server?");
-W("If you run gnunetd as root, you may want to choose /var/run/gnunetd.pid.");
-W("It’s not the default since gnunetd may not have write rights at that
location.");
-
-EP();
-ANCHOR("gnunet.conf.hosts");H4("GNUNETD: HOSTS");
-
-BP();
-W("In this directory GNUnet stores the key and last known Internet address of
each known GNUnet node.");
-W("Each file is about 600 bytes long (different transport protocols may have
different address sizes).");
-W("On startup, GNUnet downloads a list of initial hosts from the specified
<tt>HOSTLISTURL</tt>.");
-W("The files listed in the <tt>HOSTLISTURL</tt> are generated using:");
-EP();
-PRE("$ cat /var/lib/GNUnet/data/hosts/* > hostlist");
-BP();
-W("Running the command above and offering the generated <tt>hostlist</tt> file
on a webserver is all it takes to run your own hostlist server.");
-W("<tt>gnunetd</tt> will try to download peer advertisements from a (random)
server specified in the <tt>HOSTLISTURL</tt> only if too few peers are
connected for a longer period of time.");
-P();
-W("Once connected, GNUnet hosts exchange information about other hosts
automatically.");
-W("Thus except for the initial connection, there should be no pressing need to
obtain a new list (except if a node was offline for a long time and the old
list aged so much that it became useless).");
-W("If hosts cannot be reached and the time that the key has been signed to be
valid by the sender has expired, GNUnet deletes their identities from
<tt>data/hosts/</tt>.");
-W("Note that the trust information is kept "forever".");
-
-EP();
-ANCHOR("gnunet.conf.hostlisturl");H4("GNUNETD: HOSTLISTURL");
-
-BP();
-W("Whenever <tt>gnunetd</tt> needs to learn about an initial set of peers that
it can connect to, it downloads a list of initial nodes to connect to via
http.");
-W("The URL to use is specified here.");
-W("Multiple URLs can be specified separated by spaces.");
-
-EP();
-ANCHOR("gnunet.conf.applications");H4("GNUNETD: APPLICATIONS");
-
-BP();
-W("Which applications should <tt>gnunetd</tt> support?");
-W("Specify the name of the dynamic shared object (DSO) that implements the
service in the gnunetd core here.");
-W("Multiple DSOs can be specified, separated by spaces.");
-W("You should always specify "advertising getoption" since these are
rather fundamental applications.");
-W("Add "stats" in order to be able to obtain statistics using
<tt>gnunet-stats</tt>.");
-W("Add "traffic" to see statistics about traffic (also used by
anonymous file sharing for cover traffic estimates).");
-W("Further additions depend on which specific applications you want to use.");
-W("Possible choices include "%s chat tbench tracekit".",
- intlink_("user_afs.php3","fs"));
-
-EP();
-ANCHOR("gnunet.conf.transports");H4("GNUNETD: TRANSPORTS");
-
-BP();
-W("Which transport services should be used?");
-W("Use space-separated list of the modules, for example "udp smtp tcp
nat".");
-W("If you want to use SMTP, please read the %s for details.",
- intlink_("smtp.php3","SMTP documentation"));
-
-P();
-W("The <tt>gnunet-setup</tt> tool also contains help texts for the various
options.");
-
-EP();
-HR();
-
-ANCHOR("clientoptions"); H3("Client options");
-BP();
-W("These are options that should be specified in the per-user
<tt>gnunet.conf</tt> configuration files.");
-W("They apply to the various user interfaces for GNUnet.");
-EP();
-ANCHOR("gnunet.conf.host");
-H4("NETWORK: HOST");
-
-BP();
-W("With this option, you can specify to which host the GNUnet clients should
connect by default.");
-W("You can override the choice you make here with the <tt>-H</tt> option.");
-W("The default, <tt>localhost</tt> should be fine.");
-
-EP();
-
-ANCHOR("gnunet.conf.port");H4("NETWORK: PORT");
-
-BP();
-W("With this option, you can specify to which TCP port the gnunet-clients
should connect.");
-W("It is also the choice of the port for <tt>gnunetd</tt>.");
-W("While you can restrict access to this port using the %s option, you may
also want to firewall this port.",
- extlink_("#gnunet.conf.trusted", "NETWORK: TRUSTED"));
-W("A different port must be used for the TCP and UDP peer-to-peer transport
mechanism.");
-W("The default value is <tt>2087</tt>.");
-EP();
-
-HR();
-
-ANCHOR("coretools");
-H3("GNUnet core tools");
-
-ANCHOR("transportcheck");
-H4("gnunet-transport-check");
-
-BP();
-W("The <tt>gnunet-transport-check</tt> tool checks if a transport is
configured correctly.");
-W("By default the tool checks if the transport is at least able to send a
message to its own address.");
-W("This test is called the <em>loopback mode</em>.");
-W("This mode is useful to check basic transport functionality when new
transports are implemented or when GNUnet is ported to a new platform.");
-W("By default, <tt>gnunet-transport-check</tt> tests all the transports that
are currently specified in the configuration file.");
-P();
-W("With the option <tt>-p</tt> it is possible to run
<tt>gnunet-transport-check</tt> in <em>ping mode</em>.");
-W("In ping mode <tt>gnunet-transport-check</tt> performs an http download of
the peer list specified in the configuration (HOSTLISTURL option) and attempts
to connect to each of these peers (if a matching transport is configured).");
-W("This way the tool is able to catch a variety of problems, including
problems relating to NAT boxes, the firewall configuration and virtual private
networks (VPNs).");
-W("Note that it is perfectly normal that not all peers from the hostlist can
be reached, but for both common transports (tcp and udp) at least a few should
succeed.");
-W("The default time that <tt>gnunet-transport-check</tt> waits for a reply is
15s.");
-W("For a quick test the timeout can be reduced, for example to 500 ms with the
option <tt>-T 500</tt>.");
-P();
-W("Note that you can not run <tt>gnunet-transport-check</tt> while
<tt>gnunetd</tt> is running!");
-W("You must stop <tt>gnunetd</tt> before testing transports.");
-W("The output of <tt>gnunet-transport-check</tt> looks something like this:");
-EP();
-
-PRE("$ gnunet-transport-check\n" .
- "Testing transport(s) udp tcp\n" .
- "Transport OK, 0ms for 1 messages of size 11 bytes.\n" .
- "Transport OK, 0ms for 1 messages of size 11 bytes.\n");
-
-BP();
-W("And for ping mode:");
-EP();
-
-PRE("$ gnunet-transport-check -p\n" .
- "Available transport(s): udp tcp\n" .
- ".....................\n" .
- "8 out of 21 peers contacted successfully (0 times transport
unavailable).\n");
-
-ANCHOR("peerinfo");
-H4("gnunet-peer-info");
-
-BP();
-W("The <tt>gnunet-peer-info</tt> tool displays the identities, trust earned
and Internet addresses of all GNUnet peers that the local peer is aware of.");
-W("The output looks like this:");
-EP();
-
-PRE("$ gnunet-peer-info\n" .
- "Peer \'CJ4J...\' with trust 31 and address \'31.79.24.1:2086 (TCP)\'\n" .
- "Peer \'FA65...\' with trust 0 and address \'80.16.46.2:2086 (UDP)\'");
-
-ANCHOR("stats");H4("gnunet-stats");
-
-BP();
-W("<tt>gnunet-stats</tt> is a little tool that displays statistics.");
-W("Unlike the other core tools, it uses the client configuration and only
works if <tt>gnunetd</tt> is already running.");
-W("<tt>gnunet-stats</tt> also only works if the <tt>stats</tt> module is
loaded as an application.");
-W("The numbers are for the current <tt>gnunetd</tt> process only.");
-W("The output looks similar to the following example, but depends on which
modules you have loaded and what your node has been doing so far.");
-EP();
-
-PRE("$ gnunet-stats\n" .
- "Uptime (seconds) :
47\n" .
- "% of allowed network load :
0\n" .
- "% of allowed cpu load :
0\n" .
- "# bytes of noise received :
0\n" .
- "# bytes received from clients :
8\n" .
- "# times outgoing msg sent (bandwidth ok) :
0\n" .
- "# times outgoing msg dropped (bandwidth stressed) :
0\n" .
- "# times incoming msg accepted (cpu ok) :
0\n" .
- "# times incoming msg dropped (cpu overloaded) :
0\n" .
- "# sessionkeys received :
0\n" .
- "# valid sessionkeys received :
0\n" .
- "# sessionkeys sent :
0\n" .
- "# connections shutdown :
0\n" .
- "# currently connected nodes :
0\n" .
- "# bytes noise sent :
0\n" .
- "# encrypted bytes sent :
0\n" .
- "# bytes decrypted :
0\n" .
- "# ping messages sent :
0\n" .
- "# ping messages received :
0\n" .
- "# pong messages sent :
0\n" .
- "# pong messages received :
0\n" .
- "# HELLO messages received from http server :
34\n" .
- "# HELLO messages received overall :
1\n" .
- "# valid HELLO messages received :
0\n" .
- "# HELLO messages forwarded from other peers :
0\n" .
- "# HELLO messages originated :
0\n");
-
-BP();
-W("The number of connected hosts is the nummber of hosts that the local node
is directly connected to (1 hop).");
-W("The total number of hosts in the network must be larger or equal to this
number.");
-EP();
-
-include("html_footer.php3");
-?>
+<?php
+include("scripts.php3");
+$title = "GNUnet Documentation: GNUnet core setup";
+$description="How to configure the GNUnet peer-to-peer framework (excluding
GNUnet applications)";
+include("html_header.php3");
+H2("GNUnet Documentation: GNUnet core");
+?>
+<ul>
+ <li><a href="#installation"><?php W("Installation"); ?></a></li>
+ <li><a href="#gnunet.conf"><?php W("The configuration file gnunet.conf");
?></a></li>
+ <li><a href="#coretools"><?php W("GNUnet core tools"); ?></a>
+ <ul>
+ <li><a href="#transportcheck">gnunet-transport-check</a></li>
+ <li><a href="#stats">gnunet-stats</a></li>
+ <li><a href="#peerinfo">gnunet-peer-info</a></li>
+ </ul>
+ </li>
+</ul>
+<?php
+ANCHOR("installation");
+H3("Installation");
+BP();
+W("First, in addition to the %s you must download the latest version of %s and
install that library.",
+ ARRAY(intlink_("download.php3", "GNUnet sources"),
+ extlink_("/libextractor/", "libextractor")));
+W("libextractor has itself various mandatory and optional dependencies.");
+W("Please check the dependency list, both GNUnet and libextractor contain a
file README.debian that lists the current package dependencies for Debian.");
+W("There maybe files for other distributions, or you might be able to find
equivalent packages for your distribution.");
+W("Installing libextractor should be as simple as:");
+EP();
+PRE("$ ./configure --prefix=\$HOME\n" .
+ "$ make\n" .
+ "# make install\n");
+BP();
+W("For GNUnet, you should again check the dependency list.");
+W("Now compile and install GNUnet using:");
+EP();
+PRE("$ ./configure --prefix=\$HOME --with-extractor=\$HOME\n" .
+ "$ make\n" .
+ "# make install\n");
+BP();
+
+W("Finally, you probably want to compile <tt>gnunet-gtk</tt>:");
+EP();
+PRE("$ ./configure --prefix=\$HOME --with-extractor=\$HOME
--with-gnunet=\$HOME\n" .
+ "$ make\n" .
+ "# make install\n");
+BP();
+W("If you are updating from a version from the 0.7.x series, you should (after
stopping gnunetd) run:");
+EP();
+PRE("# gnunet-update\n");
+BP();
+W("This should trigger all necessary changes.");
+W("If you are updating from a version before 0.7.0pre2, you must delete your
old GNUnet directories.");
+W("Note that you will also have to run <tt>gnunet-update</tt> after certain
changes to the <tt>gnunetd.conf</tt> configuration file.");
+W("<tt>gnunetd</tt> will immediately exit with an error message if
<tt>gnunet-update</tt> must be run.");
+
+P();
+
+W("If you are using GNUnet for the first time (or if you deleted all of your
old files) you will probably want to run <tt>gnunet-setup</tt> at this point.");
+W("The setup tool supports various styles of user interfaces.");
+W("Invoke <tt>gnunet-setup</tt> without arguments to see the various styles
supported on your platform.");
+W("Using one of the wizards should allow a quick initial configuration.");
+
+P();
+
+W("After finishing the configuration with <tt>gnunet-setup</tt>, you can test
the installation using");
+EP();
+PRE("# gnunet-transport-check\n");
+PRE("# gnunet-transport-check -p\n");
+BP();
+W("The first command tests your local transports (basics), the second one
connectivity to the rest of the peer-to-peer network (ping).");
+W("If the test fails (i.e. <tt>gnunet-transport-check -p</tt> reports being
able to connect to 0 peers), you should revisit your configuration, in
particular your network setup.");
+W("Again, after changing the configuration, you should always run
<tt>gnunet-update</tt> to allow GNUnet to perform necessary internal updates.");
+W("Note that it is <tt>normal</tt> for the NAT transport to be reported as
not-working in some configurations.");
+W("Once configuration is complete and <tt>gnunet-update</tt> is done, start
the server using:");
+EP();
+PRE("# gnunetd -d\n");
+BP();
+W("The "-d" option causes <tt>gnunetd</tt> to print all errors to
the console and prevents <tt>gnunetd</tt> from detaching from the console.");
+
+W("If you get any errors, you may have to edit the configuration file.");
+W("Some errors maybe related to the specific applications that are being used,
so consult the documentation there.");
+W("Use the log-files and the tools described below to diagnose problems.");
+W("You may also want to increase the verbosity of the logging using the
parameter "-L DEBUG".");
+W("Read the man pages for additional information about command line options.");
+P();
+W("Once everything works and you get no error messages, press
"CTRL-C" to abort <tt>gnunetd</tt> and restart it without the
"-d" option.");
+W("Without the option, <tt>gnunetd</tt> will detach from the terminal and
write errors into the logfile.");
+P();
+W("If you want to automatically start GNUnet each time your machine boots
<tt>contrib/initgnunet</tt> contains an example script to start the server as
user <em>gnunet</em> with a configuation in <tt>/etc/gnunet.conf</tt>.");
+W("If you installed a binary package, the installer probably already put the
start-script into "/etc/init.d/gnunetd" or the appropriate location
for your system.");
+W("Still, even in that case, you may have to activate the script.");
+
+EP();
+
+H3("General notes about the configuration");
+BP();
+
+W("GNUnet typically requires the configuration of four basic layers.");
+w("On the lowest layer, you need to configure the transport services that
allow GNUnet to communicate with other peers.");
+W("A simple example is the specification of the port number used by a TCP or
UDP transport.");
+
+W("The GNUnet core needs to know certain resource limitations, such as CPU
load and bandwidth usage.");
+W("Both the configuration of the transport services and the GNUnet core are
described below.");
+W("Additionally, the applications run on top of GNUnet may also require some
configuration.");
+W("Finally, the user interface(s) that are used to interact with
<tt>gnunetd</tt> are configured in a per-user configuration file.");
+EP();
+
+HR();
+
+ANCHOR("files");
+H3("The GNUnet configuration files");
+ANCHOR("gnunet.conf");
+
+BP();
+W("When a required configuration file is not present on startup, any GNUnet
tool will attempt to create one by dumping a copy of the respective default
configuration file to that location.");
+W("The option <tt>-c</tt> can be used for any GNUnet tool to specify an
alternative location for the configuration file.");
+W("GNUnet uses two different configuration files (with the same syntax but
different options), one for the server (<tt>gnunetd</tt>) and another one for
all of the clients.");
+W("The rationale is that typcially the system administrator will setup
<tt>gnunetd</tt> while ordinary users are executing the clients.");
+P();
+W("The default location for the configuration of <tt>gnunetd</tt> is
<tt>/etc/gnunetd.conf</tt>.");
+W("If <tt>gnunetd</tt> is run as an ordinary user and cannot access a
configuration in <tt>/etc/gnunetd.conf</tt> it will automatically fall back to
<tt>\$HOME/.gnunet/gnunetd.conf</tt>.");
+W("A few tools that help setup and diagnose the daemon (like
<tt>gnunet-transport-check</tt>) also use this configuration file.");
+W("A template for this configuration is in <tt>contrib/gnunet.root</tt>.");
+P();
+W("The GNUnet clients (like <tt>gnunet-insert</tt> or <tt>gnunet-gtk</tt>) use
a different configuration file.");
+W("All GNUnet clients expect this file to reside by default in
<tt>\$HOME/.gnunet/gnunet.conf</tt>.");
+W("A template for this file is in <tt>contrib/gnunet.user</tt>.");
+W("If the configuration file is not found, all GNUnet tools will use the
default configuration file and write that configuration to the location where
the configuration file was expected.");
+W("So you can always revert to the default configuration file by deleting or
renaming the existing file.");
+
+EP();
+
+ANCHOR("serveroptions"); H3("Server options");
+
+BP();
+W("All of the options described here refer to the server configuration.");
+W("This section describes the most important options to setup
<tt>gnunetd</tt>.");
+W("If you are on dialup, look at %s and probably %s.",
+ ARRAY(extlink_("#gnunet.conf.helloexpires", "HELLOEXPIRES"),
+ extlink_("#gnunet.conf.interfaces", "INTERFACES")));
+W("If you are behind a NAT box, look at %s.",
+ extlink_("#gnunet.conf.ip", "IP"));
+W("If you are a frontier host that is accessible from a trusted LAN and
connected to the Internet, have a look at %s, %s and %s.",
+ ARRAY(extlink_("#gnunet.conf.trusted", "TRUSTED"),
+ extlink_("#gnunet.conf.blacklist", "BLACKLIST"),
+ extlink_("#gnunet.conf.heloexchange", "HELLOEXCHANGE")));
+P();
+W("The configuration of the SMTP transport layer is described %s",
+ intlink_("smtp.php3","here"));
+EP();
+
+ANCHOR("gnunet.conf.port");H4("NETWORK: PORT");
+
+BP();
+W("With this option, you can specify to which TCP port the gnunet-clients
should connect.");
+W("It is also the choice of the port for <tt>gnunetd</tt>.");
+W("While you can restrict access to this port using the %s option, you may
also want to firewall this port.",
+ extlink_("#gnunet.conf.trusted", "NETWORK: TRUSTED"));
+W("A different port must be used for the TCP and UDP peer-to-peer transport
mechanism.");
+W("The default value is <tt>2087</tt>.");
+
+EP();
+ANCHOR("gnunet.conf.interface");H4("NETWORK: INTERFACE");
+
+BP();
+W("Use this option to specify which interface GNUnet should use to try to
determine your IP.");
+W("The interface is also used to determine the network load.");
+W("Alternatively, you can use the %s option.",
+ extlink_("#gnunet.conf.ip", "IP"));
+W("If both an interface and an IP is specified, the IP option takes
preference.");
+
+EP();
+ANCHOR("gnunet.conf.ip");H4("NETWORK: IP");
+
+BP();
+W("This option allows you to specify the advertised IP.");
+W("If you do not specify anything, GNUnet will attempt to detect the IP.");
+W("You really need this option if you are behind a NAT box.");
+W("In that case, you have to specify the IP of the NAT box here (you can use a
hostname, DNS is supported).");
+W("For NAT boxes with changing IP, you may want to use %s.",
+ extlink_("http://www.technopagan.org/dynamic/";, "Dynamic DNS"));
+
+EP();
+ANCHOR("gnunet.conf.helloexchange");H4("NETWORK: HELLOEXCHANGE");
+
+BP();
+W("If you set this option to <tt>NO</tt> your node will not forward HELLO
messages that advertise other nodes.");
+W("This option only makes sense if your node bridges two networks that both
contain GNUnet nodes but that can not contact each other directly.");
+W("The default value is <tt>YES</tt>.");
+W("Stick to the default if you are unsure.");
+
+EP();
+ANCHOR("gnunet.conf.trusted");H4("NETWORK: TRUSTED");
+
+BP();
+W("With this option you can specfiy which addresses are trusted enough to
connect to gnunetd via TCP as clients.");
+W("The default is only the local host.");
+W("If you are on a trusted LAN, you may want to specify the LAN network and
netmask.");
+W("You must use IPs, DNS lookup is not supported.");
+
+EP();
+ANCHOR("gnunet.conf.interfaces");H4("LOAD: INTERFACES");
+
+BP();
+W("Under this option you specify which interfaces GNUnet is going to monitor
to determine the load.");
+W("If you have ethernet, the default is <tt>eth0</tt>.");
+W("If you have a modem, try <tt>ppp0</tt>.");
+W("In general, the command <tt>ifconfig</tt> (may not be in your path if you
are logged in as a normal user, try <tt>/sbin/ifconfig</tt>) will show you the
active devices.");
+
+EP();
+ANCHOR("gnunet.conf.basiclimiting");H4("LOAD: BASICLIMITING");
+
+BP();
+W("Use basic bandwidth limitation?");
+W("YES or NO.");
+W("The basic method notes only gnunet traffic and can be used to specify
simple maximum bandwidth usage of GNUnet.");
+W("Choose the basic method if you don’t want other network traffic to
interfere with GNUnets operation, but still wish to constrain gnunet’s
bandwidth usage, or if you can’t reliably measure the maximum
capabilities of your
+connection.");
+W("The basic method might also be good when the used interface can transmit
data to/from local network very fast compared to internet traffic (a condition
that makes the advanced method unreliable).");
+
+P();
+
+W("The advanced bandwidth limitation measures total traffic over the chosen
interface (including GNUnet traffic), and allows gnunetd to participate if the
total traffic is low enough.");
+
+EP();
+ANCHOR("gnunet.conf.maxnetbpsuptotal");H4("LOAD: MAXNETBPSUPTOTAL");
+
+BP();
+W("If you use basic bandwidth limitation, this option specifies the maximum
GNUnet can use for its internal traffic.");
+W("When using advanced limiting, use this option to specify your maximum
upload speed (how many bytes per second your node can send).");
+W("In that case, do not specify how much you want GNUnet to use, but use the
maximum theoretically available.");
+W("If you do not know your bandwidth, stick with the default of 50,000 bytes
per second.");
+
+EP();
+ANCHOR("gnunet.conf.maxnetbpsdowntotal");H4("LOAD: MAXNETBPSDOWNTOTAL");
+
+BP();
+W("Same as %s but for download speeds.",
+ extlink_("#gnunet.conf.maxnetbpsuptotal", "MAXNETBPSUPTOTAL"));
+W("Note that GNUnet can not control exactly how much data other nodes are
sending to your machine (an approximate control is attempted, but malicious
peers can always ignore the protocol and send more data).");
+W("The upload limit is strictly enforced.");
+W("If we are above our boundaries for the download limits, GNUnet will notify
peers to reduce the amount of traffic until we are back inside the limits.");
+W("Note that if you disable BASICLIMITING, GNUnet will sense if non-GNUnet
traffic is going on and only use the specified amount of bandwidth if you are
not using it otherwise.");
+
+EP();
+ANCHOR("gnunet.conf.maxcpuload");H4("LOAD: MAXCPULOAD");
+
+BP();
+W("Up to which CPU load will GNUnet process packets from other nodes.");
+W("If the average CPU load goes over this value (like for the network, this
includes other applications), GNUnet will start dropping packets and reduce the
load.");
+W("GNUnet may also do fewer of the expensive message-packing computations,
trading bandwidth for CPU time.");
+W("For example, if you are running an application that takes up all of your
CPU power, GNUnet will pretty much not serve any other nodes (the node is
considered <em>busy</em>).");
+W("Only if the load is under the value specified here, GNUnet will serve other
nodes.");
+W("The default is 50, which should keep your hosts responsive enough while
being more than sufficient for GNUnet on any modern machine.");
+
+EP();
+ANCHOR("gnunet.conf.udp.port");H4("UDP: PORT");
+
+BP();
+W("Which port should the UDP transport layer use?");
+W("If no value is specified, GNUnet will try to find a port in
<tt>/etc/services</tt>.");
+W("If you specify 0, this means that you do not want to open UDP for receiving
messages (but, if you load the transport module, you can still send UDP
traffic).");
+W("The default port is 2086 as assigned to GNUnet by %s.",
+ extlink_("http://www.iana.org";, "IANA"));
+W("Since other peers will try to connect to this port, you should configure
your firewall to let all traffic through.");
+W("UDP is a stateless protocol, thus just allowing <tt>related</tt> traffic in
a stateful firewall will not be sufficient.");
+
+EP();
+ANCHOR("gnunet.conf.blacklist");H4("UDP: BLACKLIST");
+
+BP();
+W("If your node receives advertisements for nodes on virtual private networks,
it should not even attempt to connect to those networks.");
+W("You can use this option to specify a list of networks that are forbidden.");
+W("gnunetd will then never attempt to communicate with these addresses.");
+W("You will get an error if your own IP address is listed here.");
+
+EP();
+ANCHOR("gnunet.conf.udp.mtu");H4("UDP: MTU");
+
+BP();
+W("This option specifies the maximum transfer unit, the maximum number of
bytes that GNUnet will put in a UDP packet.");
+W("This does not include the IP or UDP headers.");
+W("Do not use more than your OS (and firewall) can support.");
+W("Typcially, your want to avoid fragmentation and should choose network-MTU
minus 28.");
+W("You can determine your MTU using the <tt>ifconfig</tt> command.");
+W("For ethernet, the network MTU should be 1500 octets, resulting in 1472
octets for the GNUnet MTU, which is also the default.");
+W("Do not use values smaller than 1200.");
+EP();
+
+ANCHOR("gnunet.conf.tcp.port");H4("TCP: PORT");
+
+BP();
+W("Which port should the TCP transport layer use?");
+W("If no value is specified, GNUnet will try to find a port in
<tt>/etc/services</tt>.");
+W("If you specify 0, this means that you do not want to open TCP for receiving
messages (but, if you load the transport module, you can still initiate
bi-directional TCP connections).");
+W("Setting the TCP port to 0 is a common configuration for machines behind NAT
boxes (these peers can then still initiate connections but other nodes will not
attempt to connect).");
+W("The default port is 2086 as assigned to GNUnet by %s.",
+ extlink_("http://www.iana.org";, "IANA"));
+W("Since other peers will try to connect to this port, you should configure
your firewall to let all traffic through.");
+W("Make sure that the port number you select here does not conflict with the
client TCP port.");
+
+EP();
+ANCHOR("gnunet.conf.blacklist");H4("TCP: BLACKLIST");
+BP();
+W("If your node receives advertisements for nodes on virtual private networks,
it should not even attempt to connect to those networks.");
+W("You can use this option to specify a list of networks that are forbidden.");
+W("gnunetd will then never attempt to communicate with these addresses.");
+W("You will get an error if your own IP address is listed here.");
+
+EP();
+ANCHOR("gnunet.conf.tcp.mtu");H4("TCP: MTU");
+
+BP();
+W("This option specifies the maximum transfer unit, the maximum number of
bytes that GNUnet will put in a TCP packet.");
+W("This does not include the IP or TCP headers.");
+W("Typcially, your want to avoid fragmentation and should choose network-MTU
minus 40.");
+W("For ethernet, this would result in 1460 octets, which is also the
default.");
+W("Do not use less than 1200.");
+
+EP();
+ANCHOR("gnunet.conf.nat.limited"); H4("NAT: LIMITED");
+
+BP();
+W("The NAT transport allows connections between machines using network-address
translation (NAT) and "normal" peers with a globally unique IP
address.");
+W("Thus in practice, all GNUnet peers that support TCP should also load the
NAT transport service, either since they need it to connect themselves or
because it allows them to connect to other peers that require NAT support.");
+W("NAT support requires loading ethe TCP transport service (IPv4 and/or
IPv6).");
+W("The only option for the NAT transport is "LIMITED".");
+W("The default value "NO" is used for peers that
<strong>either</strong> have a globally routed IP address (are not using NAT at
all) <strong>or</strong> for peers that advertise the IP of the NAT box and
where the NAT box forwards the TCP port to the NAT-ed IP in the LAN.");
+W("Only if you can not configure your NAT box to forward the TCP port to your
local machine you should set LIMITED to "YES".");
+P();
+W("In summary, there are three possibilities.");
+W("If you use TCP and don′t use NAT on your local network, load the NAT
transport anyway, set LIMITED to "NO".");
+W("If you use NAT on your local network and have control over your NAT box,
configure the NAT box to forward the TCP (and if possibly UDP) ports to the
machine running <tt>gnunetd</tt>, also load the NAT transport and also set
LIMITED to "NO".");
+W("If you use NAT on your local network and do NOT have control over the NAT
box, you <strong>must</strong> load the TCP and the NAT transport, set the
TCP-PORT to "0" and LIMITED to "YES".");
+P();
+W("The last option is the worst since it limits whom you can connect to and
thus limits your anonymity.");
+W("If you are adventurous, you can supplement the last option with the SMTP
transport, which is difficult to configure but will allow NAT-to-NAT
communication.");
+
+EP();
+ANCHOR("gnunet.conf.helloexpires");H4("GNUNETD: HELLOEXPIRES");
+BP();
+W("This option specifies how long (in minutes) your node will claim to be
reachable under the current IP.");
+W("If you have a permanent IP, a couple of days can be a reasonable value.");
+W("If you are on dialup, you may want to choose only an hour.");
+W("The default is 1440 (1 day).");
+W("The largest acceptable value is 14400 (10 days).");
+
+EP();
+ANCHOR("gnunet.conf.loglevel");H4("GNUNETD: LOGLEVEL");
+
+BP();
+W("Loglevel, how much should be logged?");
+W("You can use NOTHING, FATAL, ERROR, FAILURE, WARNING, MESSAGE INFO, DEBUG,
CRON or EVERYTHING (which log more and more messages in this order).");
+W("Default is WARNING.");
+W("You can override this option at the commandline with the <tt>-L</tt>
switch.");
+
+EP();
+ANCHOR("gnunet.conf.logfile");H4("GNUNETD: LOGFILE");
+
+BP();
+W("If <tt>gnunetd</tt> is not started with the <tt>-d</tt> option, it writes
logging messages into this file (with <tt>-d</tt> all messages are written to
the console).");
+W(" Read this %s if you are using logrotate.",
+
extlink_("http://mail.gnu.org/archive/html/help-gnunet/2002-08/msg00012.html";,
"mail"));
+
+EP();
+ANCHOR("gnunet.conf.pidfile");H4("GNUNETD: PIDFILE");
+
+BP();
+W("In which file should gnunetd write the process-id of the server?");
+W("If you run gnunetd as root, you may want to choose /var/run/gnunetd.pid.");
+W("It’s not the default since gnunetd may not have write rights at that
location.");
+
+EP();
+ANCHOR("gnunet.conf.hosts");H4("GNUNETD: HOSTS");
+
+BP();
+W("In this directory GNUnet stores the key and last known Internet address of
each known GNUnet node.");
+W("Each file is about 600 bytes long (different transport protocols may have
different address sizes).");
+W("On startup, GNUnet downloads a list of initial hosts from the specified
<tt>HOSTLISTURL</tt>.");
+W("The files listed in the <tt>HOSTLISTURL</tt> are generated using:");
+EP();
+PRE("$ cat /var/lib/GNUnet/data/hosts/* > hostlist");
+BP();
+W("Running the command above and offering the generated <tt>hostlist</tt> file
on a webserver is all it takes to run your own hostlist server.");
+W("<tt>gnunetd</tt> will try to download peer advertisements from a (random)
server specified in the <tt>HOSTLISTURL</tt> only if too few peers are
connected for a longer period of time.");
+P();
+W("Once connected, GNUnet hosts exchange information about other hosts
automatically.");
+W("Thus except for the initial connection, there should be no pressing need to
obtain a new list (except if a node was offline for a long time and the old
list aged so much that it became useless).");
+W("If hosts cannot be reached and the time that the key has been signed to be
valid by the sender has expired, GNUnet deletes their identities from
<tt>data/hosts/</tt>.");
+W("Note that the trust information is kept "forever".");
+
+EP();
+ANCHOR("gnunet.conf.hostlisturl");H4("GNUNETD: HOSTLISTURL");
+
+BP();
+W("Whenever <tt>gnunetd</tt> needs to learn about an initial set of peers that
it can connect to, it downloads a list of initial nodes to connect to via
http.");
+W("The URL to use is specified here.");
+W("Multiple URLs can be specified separated by spaces.");
+
+EP();
+ANCHOR("gnunet.conf.applications");H4("GNUNETD: APPLICATIONS");
+
+BP();
+W("Which applications should <tt>gnunetd</tt> support?");
+W("Specify the name of the dynamic shared object (DSO) that implements the
service in the gnunetd core here.");
+W("Multiple DSOs can be specified, separated by spaces.");
+W("You should always specify "advertising getoption" since these are
rather fundamental applications.");
+W("Add "stats" in order to be able to obtain statistics using
<tt>gnunet-stats</tt>.");
+W("Add "traffic" to see statistics about traffic (also used by
anonymous file sharing for cover traffic estimates).");
+W("Further additions depend on which specific applications you want to use.");
+W("Possible choices include "%s chat tbench tracekit".",
+ intlink_("user_afs.php3","fs"));
+
+EP();
+ANCHOR("gnunet.conf.transports");H4("GNUNETD: TRANSPORTS");
+
+BP();
+W("Which transport services should be used?");
+W("Use space-separated list of the modules, for example "udp smtp tcp
nat".");
+W("If you want to use SMTP, please read the %s for details.",
+ intlink_("smtp.php3","SMTP documentation"));
+
+P();
+W("The <tt>gnunet-setup</tt> tool also contains help texts for the various
options.");
+
+EP();
+HR();
+
+ANCHOR("clientoptions"); H3("Client options");
+BP();
+W("These are options that should be specified in the per-user
<tt>gnunet.conf</tt> configuration files.");
+W("They apply to the various user interfaces for GNUnet.");
+EP();
+ANCHOR("gnunet.conf.host");
+H4("NETWORK: HOST");
+
+BP();
+W("With this option, you can specify to which host the GNUnet clients should
connect by default.");
+W("You can override the choice you make here with the <tt>-H</tt> option.");
+W("The default, <tt>localhost</tt> should be fine.");
+
+EP();
+
+ANCHOR("gnunet.conf.port");H4("NETWORK: PORT");
+
+BP();
+W("With this option, you can specify to which TCP port the gnunet-clients
should connect.");
+W("It is also the choice of the port for <tt>gnunetd</tt>.");
+W("While you can restrict access to this port using the %s option, you may
also want to firewall this port.",
+ extlink_("#gnunet.conf.trusted", "NETWORK: TRUSTED"));
+W("A different port must be used for the TCP and UDP peer-to-peer transport
mechanism.");
+W("The default value is <tt>2087</tt>.");
+EP();
+
+HR();
+
+ANCHOR("coretools");
+H3("GNUnet core tools");
+
+ANCHOR("transportcheck");
+H4("gnunet-transport-check");
+
+BP();
+W("The <tt>gnunet-transport-check</tt> tool checks if a transport is
configured correctly.");
+W("By default the tool checks if the transport is at least able to send a
message to its own address.");
+W("This test is called the <em>loopback mode</em>.");
+W("This mode is useful to check basic transport functionality when new
transports are implemented or when GNUnet is ported to a new platform.");
+W("By default, <tt>gnunet-transport-check</tt> tests all the transports that
are currently specified in the configuration file.");
+P();
+W("With the option <tt>-p</tt> it is possible to run
<tt>gnunet-transport-check</tt> in <em>ping mode</em>.");
+W("In ping mode <tt>gnunet-transport-check</tt> performs an http download of
the peer list specified in the configuration (HOSTLISTURL option) and attempts
to connect to each of these peers (if a matching transport is configured).");
+W("This way the tool is able to catch a variety of problems, including
problems relating to NAT boxes, the firewall configuration and virtual private
networks (VPNs).");
+W("Note that it is perfectly normal that not all peers from the hostlist can
be reached, but for both common transports (tcp and udp) at least a few should
succeed.");
+W("The default time that <tt>gnunet-transport-check</tt> waits for a reply is
15s.");
+W("For a quick test the timeout can be reduced, for example to 500 ms with the
option <tt>-T 500</tt>.");
+P();
+W("Note that you can not run <tt>gnunet-transport-check</tt> while
<tt>gnunetd</tt> is running!");
+W("You must stop <tt>gnunetd</tt> before testing transports.");
+W("The output of <tt>gnunet-transport-check</tt> looks something like this:");
+EP();
+
+PRE("$ gnunet-transport-check\n" .
+ "Testing transport(s) udp tcp\n" .
+ "Transport OK, 0ms for 1 messages of size 11 bytes.\n" .
+ "Transport OK, 0ms for 1 messages of size 11 bytes.\n");
+
+BP();
+W("And for ping mode:");
+EP();
+
+PRE("$ gnunet-transport-check -p\n" .
+ "Available transport(s): udp tcp\n" .
+ ".....................\n" .
+ "8 out of 21 peers contacted successfully (0 times transport
unavailable).\n");
+
+ANCHOR("peerinfo");
+H4("gnunet-peer-info");
+
+BP();
+W("The <tt>gnunet-peer-info</tt> tool displays the identities, trust earned
and Internet addresses of all GNUnet peers that the local peer is aware of.");
+W("The output looks like this:");
+EP();
+
+PRE("$ gnunet-peer-info\n" .
+ "Peer \'CJ4J...\' with trust 31 and address \'31.79.24.1:2086 (TCP)\'\n" .
+ "Peer \'FA65...\' with trust 0 and address \'80.16.46.2:2086 (UDP)\'");
+
+ANCHOR("stats");H4("gnunet-stats");
+
+BP();
+W("<tt>gnunet-stats</tt> is a little tool that displays statistics.");
+W("Unlike the other core tools, it uses the client configuration and only
works if <tt>gnunetd</tt> is already running.");
+W("<tt>gnunet-stats</tt> also only works if the <tt>stats</tt> module is
loaded as an application.");
+W("The numbers are for the current <tt>gnunetd</tt> process only.");
+W("The output looks similar to the following example, but depends on which
modules you have loaded and what your node has been doing so far.");
+EP();
+
+PRE("$ gnunet-stats\n" .
+ "Uptime (seconds) :
47\n" .
+ "% of allowed network load :
0\n" .
+ "% of allowed cpu load :
0\n" .
+ "# bytes of noise received :
0\n" .
+ "# bytes received from clients :
8\n" .
+ "# times outgoing msg sent (bandwidth ok) :
0\n" .
+ "# times outgoing msg dropped (bandwidth stressed) :
0\n" .
+ "# times incoming msg accepted (cpu ok) :
0\n" .
+ "# times incoming msg dropped (cpu overloaded) :
0\n" .
+ "# sessionkeys received :
0\n" .
+ "# valid sessionkeys received :
0\n" .
+ "# sessionkeys sent :
0\n" .
+ "# connections shutdown :
0\n" .
+ "# currently connected nodes :
0\n" .
+ "# bytes noise sent :
0\n" .
+ "# encrypted bytes sent :
0\n" .
+ "# bytes decrypted :
0\n" .
+ "# ping messages sent :
0\n" .
+ "# ping messages received :
0\n" .
+ "# pong messages sent :
0\n" .
+ "# pong messages received :
0\n" .
+ "# HELLO messages received from http server :
34\n" .
+ "# HELLO messages received overall :
1\n" .
+ "# valid HELLO messages received :
0\n" .
+ "# HELLO messages forwarded from other peers :
0\n" .
+ "# HELLO messages originated :
0\n");
+
+BP();
+W("The number of connected hosts is the nummber of hosts that the local node
is directly connected to (1 hop).");
+W("The total number of hosts in the network must be larger or equal to this
number.");
+EP();
+
+include("html_footer.php3");
+?>
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r2649 - GNUnet-docs/WWW/test,
durner <=