Ipfs: IPFS daemon behind (corporate) firewall
I'm not sure that this is not implemented already, in this case this should be seen as request for documentation. :-)
I want to run ipfs node (at least to cache accessed entries) on computer in LAN that has no direct access to internet (no inbound connections at all, outbound connection only via restrictive proxy - ports 80 and 443 only). I have several options to connect outside available:
- Mentioned restrictive http proxy.
- Tor (socks and privoxy).
- Socks via ssh tunnel to home computer (via tor).
How should I configure ipfs to work in such environment?
pyhedgehog
All 11 comments
Hi @pyhedgehog, thanks! This is a good question. It may belong in ipfs/faq or in ipfs/support. Could you reopen it there?
RichardLitt
on 14 Nov 2016
There are already exists ipfs/support#32 and ipfs/faq#185
But first of them stay unanswered for almost half a year!
So once again - my question if it's supported at all?
pyhedgehog
on 14 Nov 2016
I pinged some people on IRC. Let's get an answer for you sooner. Thanks.
RichardLitt
on 14 Nov 2016
@pyhedgehog There's been some response over on ipfs/support#32. For now, I would direct you there. We're also trying out ipfs.trydiscourse.com - this would be a great place to put your question, actually, as a lot of the devs are looking at it at the moment.
For now, closing this issue. Thanks.
RichardLitt
on 16 Nov 2016
@RichardLitt, there are not meaningful response in ipfs/support#32.
- "ipfs does not use http"? http proxy has CONNECT method.
- What about socks configuration? How it should be done? What will be correct format in place of
/ipv4/127.0.0.1/tcp/9050/socks/longandunmemorizablename.onion/QmNODEID? - What about tor bootstrap?
pyhedgehog
on 16 Nov 2016
@pyhedgehog I hear you. Thanks for posting those questions there; I hope we're able to answer those for you (I would, of course, if I knew the answers. I don't.)
Either way, though, this repository is not the right place to ask these questions.
RichardLitt
on 17 Nov 2016
I've copied questions to support repository.
pyhedgehog
on 17 Nov 2016
Why is this issue closed? Do we have a way to go around proxys?
If I follow the links it's "Issue moved to [there]" > "Issue moved to [there]" > This page which gives no additionnal information.
Is the answer basically "it doesn't interfere with proxy"? Because it's what I managed to understand from the issues, but it's not true.
GitDoggo
on 26 Feb 2018
@GitDoggo we've moved support questions/discussions to the forums. However, it looks like this was also a feature request (socks proxy support).
I've filed an issue (https://github.com/libp2p/go-libp2p/issues/286). For now, the only solution is to handle this outside of ipfs. There are VPN-like tools that will tunnel all OS traffic through a socks proxy (e.g., https://code.google.com/archive/p/badvpn/wikis/tun2socks.wiki). However, I can't find any good, mature ones (although they must exist somewhere).
Stebalien
on 27 Feb 2018
@Stebalien Thanks for your answer.
But sadly, VPN-like tools are blocked by my company proxy (Anonymizing Utilities), I could be in big trouble for using them, and I assume it's the same for most companies.
GitDoggo
on 12 Mar 2018
This would be a "vpn-like" tool that would route all traffic through the corporate (socks) proxy so I doubt they'd have an issue with it. Basically, instead of configuring each application to use the proxy independently, you'd configure the the OS itself to use the proxy.
Stebalien
on 12 Mar 2018
Related issues
jbenet
·
76Comments
PayasR
·
10Comments
daviddias
·
29Comments
crazysoldier
·
7Comments
timthelion
·
28Comments
Most helpful comment
@RichardLitt, there are not meaningful response in ipfs/support#32.
/ipv4/127.0.0.1/tcp/9050/socks/longandunmemorizablename.onion/QmNODEID?