source: installer/java/src/router.config.template @ 7ef528b

Last change on this file since 7ef528b was 7ef528b, checked in by zzz <zzz@…>, 17 years ago

add some minimal security to the admin console, requiring a passphrase to be entered when updating the clock offset
this works by a simple substring match of the URL - if the router.config contains the adminTimePassphrase=blah, the time update will only succeed if the URL contains "blah" in it
if the router.config does NOT contain an adminTimePassphrase, the time update WILL BE REFUSED.
aka to use the timestamper, you MUST set adminTimePassphrase AND update the clientApp.0.args= line to include the passphrase in the URL!
e.g.

clientApp.0.args=http://localhost:7655/setTime?blah pool.ntp.org pool.ntp.org pool.ntp.org

  • Property mode set to 100644
File size: 9.3 KB
Line 
1# I2P router configuration
2# Created on ##NOW##
3
4# TCP configuration, for inbound TCP/IP connections
5##_router_hn##
6##_router_port##
7##_router_lavalid##
8
9# maximum number of TCP connections we will want to
10# attempt to establish at once (each of which
11# requires a 2048bit DH exchange)
12i2np.tcp.concurrentEstablishers=5
13
14# I2CP client port, for client connections
15i2cp.port=##_router_i2cp_port##
16
17# I2P router administrative web port (currently only responds to /routerConsole.html)
18router.adminPort=7655
19
20# Bandwidth limits
21# These limits are for all i2np connections - tcp or whatever to all peers.
22# They are hard enforced with no smoothing.  If they are <= 0, no limits are enforced.
23i2np.bandwidth.inboundKBytesPerSecond=-1
24i2np.bandwidth.outboundKBytesPerSecond=-1
25# How many bytes will we let accumulate due to inactivity (allowing bursts)?
26i2np.bandwidth.inboundBurstKBytes=-1
27i2np.bandwidth.outboundBurstKBytes=-1
28
29# Publish peer rankings
30# If true, include the current liveliness and reliability rankings in one's published RouterInfo data
31# Setting this to true will help debug the network and is especially useful while we'return still testing
32# However, traffic analysis may be easier with this data published (though there's no reason to think people
33# can't just fake the info in this).
34# Since we're still very much < 1.0, this will be true for the current release by default.  As we get some
35# network helth information and tune the ranking algorithms, this will become false by default. 
36# You, of course, can change this to either true or false whenever you'd like.  This is only read
37# on router startup though, so you need to restart the router if you change it.
38router.publishPeerRankings=true
39
40# Keep message history
41# This series of options can help out in debugging the network by keeping a
42# seperate log of all messages sent over the network (but without any personally identifiable information)
43# This is entirely optional, but would be greatly appreciated during the
44# development phase of the network since it would allow the developers to detect
45# errors much more easily
46router.keepHistory=false
47
48# Submit message history
49# This option works only if router.keepHistory is true and periodically sends
50# in the router history logs to the developers (specifically, it submits the file
51# via HTTP POST to http://i2p.net/cgi-bin/submitMessageHistory - you can see a sample of what
52# one of those files looks like at http://i2p.net/~jrandom/sampleHist.txt)
53# After submitting this file, it deletes the local copy (otherwise the file will grow
54# without bound - tens of MB per day)
55# Again, this is entirely optional, but would be greatly appreciated as it should help
56# out the development process
57router.submitHistory=false
58       
59# If your router is really slow, you'll need to update the following job parameters
60
61# limit the maximum number of concurrent operations
62router.maxJobRunners=1
63
64# if a job waits more than this amount of time (in
65# milliseconds) before running, spit out a warning
66router.jobLagWarning=8000
67
68# if a job waits more than this amount of time (in
69# milliseconds) before running, kill the router
70router.jobLagFatal=30000
71
72# if a job takes more than this amount of time (in
73# milliseconds) to run, spit out a warning
74router.jobRunWarning=8000
75
76# if a job takes more than this amount of time (in
77# milliseconds) to run, kill the router
78router.jobRunFatal=30000
79
80# wait until the router has been up for this long
81# (in milliseconds) before honoring any fatalities
82# since during startup, jobs are run sequentially
83# and CPU intensive tasks are needed
84router.jobWarmupTime=600000
85
86# Target clients
87# How many concurrent clients the router should prepare for
88# This, factored in with the tunnel settings, determines the size of the pools -
89# too many, and your machine consumes excessive CPU and bandwidth, too few and your
90# clients take too long to startup. 
91# e.g. If you are running an eepsite, an eepProxy, an irc proxy, and a squid proxy, set this to 4
92router.targetClients=2
93
94# Number of inbound tunnels per client
95# This determines how many inbound tunnels will be allocated per client at a time.
96# This is a key factor in the reliability of a client receiving messages
97# As above, too many and your machine gets hosed, too few and the pool is slow. 
98# 2 should be sufficient - prior to 0.2.5, we have all had only 1
99tunnels.numInbound=2
100
101# Number of outbound tunnels per client
102# This determines how many outbound tunnels must exist when a client is in operation.
103# XXX Not currently enforced - ignore this setting
104tunnels.numOutbound=2
105
106
107# Depth of inbound tunnels
108# This determines the length of inbound tunnels created - how many remote routers to
109# include (0 means no remote routers, 3 means a total of four routers, including
110# the local one, etc).  This is a key factor in the reliability and anonymity
111# provided by I2P
112# Users should simply leave this as 2 for now, at least until the tunnels are more reliable (post 0.3)
113tunnels.depthInbound=2
114
115# Depth of outbound tunnels
116# This determines the length of outbound tunnels created - how many remote routers to
117# include (0 means no remote routers, 3 means a total of four routers, including
118# the local one, etc).  This is a key factor in the reliability and anonymity
119# provided by I2P
120# Users should simply leave this as 2 for now, at least until the tunnels are more reliable (post 0.3)
121tunnels.depthOutbound=2
122
123# Tunnel duration
124# This determines how long tunnels we create should last for (in milliseconds).  Too
125# long and they are more prone to failure, too short and people need to do more network
126# database lookups.  The default of 10 minutes (600000 ms) should be used
127# You should not change this setting unless you really know what you're doing
128tunnels.tunnelDuration=600000
129
130# Max waiting jobs
131# If your router is getting heavily overloaded (due to slow CPU or excess network
132# activity), your router's performance will seriously degrade, increasing its
133# load further and delaying any messages sent through your router.  The max waiting
134# jobs configuration parameter is a throttle, saying that if there are more than
135# that many 'jobs' that want to run ASAP at any given time, additional jobs may
136# be summarily dropped.  That will reduce your load and cause others to reduce
137# their dependence on you (further reducing your load).  The default value of 40
138# should be sufficient, but may be increased if desired.  Less than 20 is not
139# recommended, as certain normal events can queue up 10 or so jobs at a time
140# (all of which only take a few milliseconds).  Leave this alone unless you know
141# what you're doing
142router.maxWaitingJobs=40
143
144# shutdown password
145# uncomment the following (after changing the value) to allow shutting down the
146# router through the web interface (using the form provided, or directly via
147# http://localhost:7655/shutdown?password=thisIsASecret)
148#router.shutdownPassword=thisIsASecret
149
150
151#
152# the remaining lines describe how you can get your router to fire up client
153# applications it is up and running, all within the router's JVM.  Uncomment the
154# ones you want (revising the numbers and ports accordingly)
155
156# Keep the router's clock in sync by querying one of the specified NTP servers once
157# a minute (uses UDP port 123)
158# This defaults to the DNS round-robin ntp pool - see http://www.pool.ntp.org/
159# Please change the NTP server specified to include ones closer to you - see
160# http://www.eecis.udel.edu/~mills/ntp/clock2a.html for a list (you can specify as
161# many as you want on the args= line - they'll be tried in order until one answers).
162# Some example servers you may want to try:
163#  US: dewey.lib.ci.phoenix.az.us
164#  US: clock.fmt.he.net
165#  BR: ntp1.pucpr.br
166#  BE: ntp2.belbone.be
167#  AU: ntp.saard.net
168clientApp.0.main=net.i2p.time.Timestamper
169clientApp.0.name=Timestamper
170clientApp.0.onBoot=true
171clientApp.0.args=http://localhost:7655/setTime?putTheValueFromBelowHere pool.ntp.org pool.ntp.org pool.ntp.org
172
173# The admin time passphrase, used to prevent unauthorized people from updating your
174# routers time.  The value should be included in the timestamper's args above,
175# otherwise it wont honor timestamp updates.  You shouldnt include any spaces or funky
176# characters - just pick some random numbers.
177adminTimePassphrase=pleaseSetSomeValueHere
178
179# SAM bridge (a simplified socket based protocol for using I2P - listens on port 7656.  see
180# the specs at http://www.i2p.net/node/view/144 for more info)
181clientApp.1.main=net.i2p.sam.SAMBridge
182clientApp.1.name=SAMBridge
183clientApp.1.args=sam.keys 0.0.0.0 7656 i2cp.tcp.host=localhost i2cp.tcp.port=##_router_i2cp_port##
184
185# EepProxy (HTTP proxy that lets you browse both eepsites and the normal web via squid.i2p)
186clientApp.2.main=net.i2p.i2ptunnel.I2PTunnel
187clientApp.2.name=EepProxy
188clientApp.2.args=-nocli -e "config localhost ##_router_i2cp_port##" -e "httpclient 4444"
189
190# Network monitor (harvests data from the network database and stores it under
191# monitorData/, and with the netviewer GUI you can browse through its results)
192#clientApp.3.main=net.i2p.netmonitor.NetMonitor
193#clientApp.3.name=NetMonitor
194#clientApp.3.args=
195
196# Heartbeat engine (ueber-simple ping/pong system, configured in heartbeat.config.  By itself
197# it just writes out stat data where its told to, but there's a seperate HeartbeatMonitor
198# GUI to let you visualize things)
199#clientApp.4.main=net.i2p.heartbeat.Heartbeat
200#clientApp.4.name=Heartbeat
201#clientApp.4.args=heartbeat.config
Note: See TracBrowser for help on using the repository browser.