How can I access the web console from my other machines or password protect it? (link)

For security purposes, the router's admin console by default only listens for connections on the local interface. However, with a little hacking, you can make it reachable remotely:

1. Open up clients.config and replace
   clientApp.0.args=7657 127.0.0.1 ./webapps/
   with
   clientApp.0.args=7657 0.0.0.0 ./webapps/
2. Go to http://localhost:7657/configadvanced.jsp and add a new option: consolePassword=foo (or whatever password you want)
3. Go to http://localhost:7657/index.jsp and hit "Graceful restart", which restarts the JVM and reloads the client applications

After that fires up, you should now be able to reach your console remotely. You will be prompted for a username and password though - the username is "admin" and the password is whatever you specified in step 2 above. Note: the 0.0.0.0 above specifies an interface, not a network or netmask. 0.0.0.0 means "bind to all interfaces", so it can be reachable on 127.0.0.1:7657 as well as any LAN/WAN IP.

Whats an "eepsite"? (link)

An eepsite is a website that is hosted anonymously - you can access it by setting your web browser's HTTP proxy to use the web proxy (typically it listens on localhost port 4444), and browsing to the site.

What do the Active x/y numbers mean in the router console? (link)

x is the number of peers you've sent or received a message from successfully in the last minute, y is the number of peers seen in the last hour or so.

Is it possible to use I2P as a socks proxy? (link)

While it would be technically feasible, many applications leak sensitive information that could identify you on the internet. I2P only filters connexion data, but if the programme you intend to run sends this information as content, I2P has no way to protect your anonymity. For example, some mail applications will send the IP address of the machine they are running on to a mail server. There is no way for I2P to filter this, thus using I2P to 'socksify' existing applications is possible, but extremely dangerous.

What ports does I2P use? (link)

Ok, here's a rundown of the default ports (everything is configurable through various settings, of course):

• Outbound UDP from port 8887 to arbitrary remote UDP ports, allowing replies
• (optional, but recommended) Inbound UDP to port 8887 from arbitrary locations
• Outbound UDP on port 123, allowing replies
  This is necessary for I2P's internal time sync (via SNTP - querying a random SNTP host in pool.ntp.org or another server you specify)
• Local I2P ports:
  • 7654: I2P Client Protocol port, used by client apps
  • 7656: SAM bridge, a higher level socket API for clients
  • 7657: your router console
  • 7658: your eepsite
  • 32000: local control channel for the service wrapper
• Default I2PTunnel ports:
  • 2401: cvs.i2p (disabled by default)
  • 4444: HTTP proxy
  • 6668: round robin across the irc2p IRC network
  • 7659: smtp.postman.i2p
  • 7660: pop.postman.i2p

The local I2P ports and the I2PTunnel ports do not need to be reachable from remote machines, but *should* be reachable locally. You can also create additional ports for I2PTunnel instances via http://localhost:7657/i2ptunnel/ (and in turn, would need to get your firewall to allow you local access, but not remote access, unless desired).

So, to summarize, nothing needs to be reachable by unsolicted remote peers, but if you can configure your NAT/firewall to allow inbound UDP to port 8887, you'll get better performance. You will also need to be able to send outbound UDP packets to arbitrary remote peers (blocking IPs randomly with something like PeerGuardian only hurts you - don't do it).

I have a question! (link)

Great! Please either drop an email to the mailing list or post to the forum and we'll post it here (with the answer, hopefully).