#97 LAN Only and IP Filter setting
We would like a setting to disable the Internet access part of RetroShare.
An IP Filter option might be able handle this.
There needs to be a setting to specify the IP that you want to "share as" for NAT'ed clients and people that don't have Internet access.
Background:
We have a distributed network with lots of Subnets (about 700 to 800 clients each with their onw little subnet in the 172.x.x.x IP range).
Each client has their own little subnet (8 to 30 IPs) and if they don't want to expose all their PCs to the LAn, they NAT their network (usually using 192.168.x.x of 10.x.x.x range).
All 172.x.x.x traffic is routed on the entire network but there is no access to the internet. Some of the clients have Internet access internally but it is not shared on the network. So now Retro share tries to use the internet IPs to route and doesn't get to the other clients that do not have internet access.
We have tested Retroshare between 5 clients. 3 has internet and 2 don't.
Retroshare only picks up the Internet IP and the Internal IP (192.x.x.x or 10.x.x.x for NATed Clients) of the PC that it is running on.
You can't specify your 172.x.x.x IP that is your external NATted IP, so the software can't connect to the other clients on the 172 range.
Now the traffic tries to go through he internet, since that is a route that works. But you can only share via the internet which make the LAN option useless.
The other software that we use DC and Torrent, you can specify the IP that the software must send as the "source" IP and then we can specify only our 172 ip. Also we limit the traffic to just the 172 range using IPFilter rules.
This way there is no internet traffic required.
This is what our aim is here too.
I am currently trying to get the software to compile, to see if I can make a patch to at least limit all traffic to a specific range only, but no luck compiling yet. (Have posted int he development section)
You are asking for existing features or in other words, you did not configure your RS-clients the right way!
Here a little how-to:
Assuming you have a central name-server in your local network or at least a hostfile in every client with an entry for each client you want to connect to.
The settings you must make at the RS-Clients:
--------------------------------------------------------------
Options -> Server:
[x] Manual Forwarded Port
[x] Dark Net: None
under the tab 'Network Configuration' enter the hostname you use in your network, the one your nameserver/hostfiles knows in 'Dynamiic DNS'
under the tab 'IP Service' disable (remove tick) 'Allow RetroShare to ask my ip to these websites:'
Before the first contact, you should assure that the Public Keys you exchange ends with the line:
--DYNDNS--"$yourhostname";
where "$yourhostname" must be resolvable by the other clients (as i assumed, by name-server or identical hostfile entries)
In addition, you can create your own bdboot.txt (I assume you know where to find that file) with the $ip $port pairs used in your network farm.
If you do everything like i described, you should be able to communicate internal only without connecting to the internet at all.
Chears,
Raphael Gradenwitz