[outproxy] Trouble setting up false.i2p http outproxy

[AndreiSva]

I'm running i2pd on FreeBSD and the http outproxy just doesn't want to work, I've enabled it in my i2pd.conf but I still can't connect to clearnet websites from inside the i2p http proxy.

I have this in my i2pd.conf

[httpproxy]
## Uncomment and set to 'false' to disable HTTP Proxy
# enabled = true
## Address and port service will listen on
address = 127.0.0.1
port = 4444
## Optional keys file for proxy local destination
# keys = http-proxy-keys.dat
## Enable address helper for adding .i2p domains with "jump URLs" (default: true)
# addresshelper = true
## Address of a proxy server inside I2P, which is used to visit regular Internet
outproxy = http://false.i2p
## httpproxy section also accepts I2CP parameters, like "inbound.length" etc.

the i2pd log files aren't complaining about anything wrong with the outproxy, so I am completely lost.

[orignal]

false.i2p is dead for a long time, try purokishi.i2p instead

[AndreiSva]

@orignal That works!

It would be pretty helpful if this was put into the example config by default instead of the dead outproxy.

[orignal]

I2P is not supposed to use outproxy, it's considered a a rare case. Furthermore you shouldn't use a public one, but someone's private proxy. Hence dead outproxy in config as example is not too bad idea.

[artenax]

There are also acetone.i2p:8888 and outproxy.bandura.i2p but they additionally let traffic through Tor. purokishi.i2p doesn't do that, but it has filtering - they block porn, ads, a million blocked addresses. However, you can get around this by resolving DNS directly (e.g. dnscrypt) instead of through a proxy. This is a bit non-trivial to do for http proxies. On Windows there is Proxifier for this, and on Linux a redsocks proxificator (redsocks is very difficult to set up, it uses iptables + a separate proxyuser).

At the cost of loss of anonymity you can also reduce the length of incoming and outgoing tunnels to 1, instead of 3. Parameters inbound.length=1, outbound.length=1. Or even to 0 (but direct connection doesn't always work). This will increase the speed a bit. The intermediate nodes changes every 10 minutes and probably don't log, so it's fairly anonymous. Quite simply you can set up your outproxy on a server with a clean internet, see the instructions (on a Windows server you can replace tinyproxy with Proxomitron or any other local proxy, like HandyCache). The server can be raised by your friend in another country and can be behind NAT, that's ok, except for mode 0. Don't share outproxy's private address with other people.

purokishi.i2p is used by default in i2p+ (Java client, a more advanced version of the official Java client). false.i2p worked until recently. But it was very very slow and had only one Norwegian IP (which however was pretty clean, although on the Tor network). Also keep in mind that the short address of the outproxy must be in the address book of your i2pd router. The easiest way to do this is to open it in your browser and agree to add it. The prompts only work in http proxy 127.0.0.1:4444 (not socks). On Linux you can also use the Qt5 version of i2pd, it has a tray icon. Compiling is quite easy (don't use flatpak).

I2P is not supposed to use outproxy

Why else would i2p be needed?