Merge commit 'f9a5124ea0273c5a3ff448aa3157d10b44ebab2b'

Conflicts:
	doc/README.md

doc/README.md

@@ -1,40 +1,40 @@
-# Docs
+# Hyperboria/docs
 
-*Documenting things related to the meshnet*
+## What is Hyperboria?
 
-[cjdns](https://github.com/hyperboria/cjdns) addresses a large number of complex issues in an elegant way. While efforts have been made to provide a default configuration that matches the greatest number of use cases, it is impractical to expect software to replace understanding.
+Hyperboria is test network built of cjdns nodes.
 
-> Enter the documentation project...
+## What is cjdns?
 
-The good citizens of Hyperboria decided to put together this collection of documentation to help make the inner workings of cjdns more transparent.
+Cjdns is an experimental, cryptographic mesh networking suite.
 
-We want you to [get involved](http://www.roaming-initiative.com/blog/posts/wtfm)! Feel free to submit pull requests.
+## What is notable about cjdns? Why should I use it?
 
-See [index.md](index.md) for current progress. We'd love more languages!
+Cjdns builds an [end-to-end encrypted](https://en.wikipedia.org/wiki/End-to-end_encryption) [IPv6](https://en.wikipedia.org/wiki/IPv6) [mesh network](https://en.wikipedia.org/wiki/Mesh_networking) that utilizes the [fc00::/8 address space](https://en.wikipedia.org/wiki/Unique_local_address).
 
-Also have a look at [Prose for Programmers](https://github.com/joshuacc/prose-for-programmers), a work-in-progress book aimed at helping software developers write better prose.
+### Encryption
 
+Cjdns provides an encrypted tunnel which utilizes a [private/public keypair](https://en.wikipedia.org/wiki/Public-key_cryptography) to encrypt everything that passes through it with the [SALSA20 stream cypher](https://en.wikipedia.org/wiki/Salsa20), which affords the user [perfect forward secrecy](https://en.wikipedia.org/wiki/Forward_secrecy).
 
-## The scope of this project
+### Address Allocation
 
-We are interested in documenting a range of topics:
+The ipv6 assigned to the TUN interface is composed of the first 16 bytes of the SHA512 hash of the [SHA512 hash](https://en.wikipedia.org/wiki/SHA-2) of your public key. Keypairs are generated via a [brute force method](https://en.wikipedia.org/wiki/Brute-force_search) until a corresponding address is found with a starting byte FC. The FC00::/8 address space has been allocated as a Unique Local Address space, and so these addresses should not conflict with ICANN assigned IPv6 addresses or any other conventional internet operation.
 
-1. cjdns internals: bugs and features
-2. operator culture and best practices
-3. meshlocal resources
-4. introductory literature
+### Hybrid topology
 
+Cjdns was designed to be used with a [friend of a friend](https://en.wikipedia.org/wiki/Friend_of_a_friend) topology. It builds an [overlay network](https://en.wikipedia.org/wiki/Overlay_network) which traverses NAT ([Network Address Translation](https://en.wikipedia.org/wiki/Network_address_translation)), exposing all ports of every node to every other node within the network. Those who are used to relying on NAT to protect their devices may find this troublesome.
 
-## Reporting bugs
+At one point it was expected that each person who peered would do so with only trusted friends. You need not trust relaying nodes with the confidentiality or integrity of your packets, however, if you wish to restrict access to certain services, it is your responsibility to implement effective access control rules.
 
-[cjd](https://github.com/cjdelisle) would rather write code than troubleshoot trivial issues which often turn out to have resulted from user error. To make this easier, a few members of the community have offered to investigate issues on his behalf.
+Links between nodes may be established over deliberate [UDP](https://en.wikipedia.org/wiki/User_Datagram_Protocol) links across the internet, or over deliberate or automatic connections across Ethernet, Wireless access points, Ad-hoc connections, or various system-specific transmission and addressing protocols.
 
-If you think you've found a bug, report it on [our fork's issue tracker](https://github.com/hyperboria/cjdns/issues). We'll try to gather up documentation related to the issue, to better understand where it might be coming from. Once we can narrow it down, and research some of the background details to that particular piece of functionality, we may be able to submit patches ourselves.
+### Cryptographic verification and routing
 
-Anything you can submit that gets us closer to understanding some bug or function within cjdns is welcome. By starting an inquiry, you make it just a little bit easier for someone else to continue it. With that in mind, please read [this note on reporting bugs](bugs/reporting.md) and [our more general contribution policy](bugs/policy.md). Get involved!
+Establishing a link between two nodes includes a cryptographic authorization process, after which other nodes within the network can establish a connection with the new node.
 
-## License
+Due to the relationship between each node's public key and its ipv6, and the fact that this relationship is verified upon connecting to a node, a user can be sure that if it connects to an IPv6 address and receives a response then the node that responded possesses the requisite private key to decrypt the response.
 
+<<<<<<< HEAD
 Unless otherwise noted, the documents contained within this `/doc/` directory are licensed under a Creative Commons Attribution 4.0 Unported License. By contributing documentation you warrant that you provide it under this license and that you have the right to do so.
 
 See <[creativecommons.org/licenses/by/4.0/](https://creativecommons.org/licenses/by/4.0/)>
@@ -44,43 +44,12 @@ See <[creativecommons.org/licenses/by/4.0/](https://creativecommons.org/licenses
 If you wish to receive attribution for your work as you are entitled under the CC-BY-SA, please add the name you under which you wish have your work recognized to the following list, if you do not wish to receive specific attribution you may signify this when you contribute by leaving this list as it is.
 
 * Cjdns Developer Community
+=======
+If you are able to connect at all over cjdns, then you can be quite sure that the node you connected to possesses the private key that corresponds to the IPv6.
 
-## For committers
+## How can I get involved?
 
-Please remember that the canonical repo is at [gitboria.com/projectmeshnet/documentation](http://gitboria.com/projectmeshnet/documentation) in Hyperboria.
-Pull from there, and push there first.
-If the canonical repo and mirror at [github.com/hyperboria/docs](https://github.com/hyperboria/docs) diverge,
-the canonical repo's respective branch shall be force-pushed to the mirror.
+If you are totally new to cjdns, you'll want to start by installing it somewhere and familiarizing yourself with how it works. Take notes of anything that you find difficult, unintuitive, or poorly documented, and share your knowledge so the next person who installs cjdns after reading the documentation has an easier time.
+>>>>>>> f9a5124ea0273c5a3ff448aa3157d10b44ebab2b
 
-
-## Documentation in cjdns.git/doc
-
-This repository is semi-regularly merged into cjdns' `doc/` directory.
-It's useful to ship documentation with the code.
-We use the following commands.
-
-```sh
-$ cd cjdns/
-$ git remote add hyperboria git@github.com:hyperboria/cjdns.git
-$ git remote add docs git@gitboria.com:projectmeshnet/docs.git
-```
-
-To merge documentation changes into cjdns,
-we squash all new commits since the last merge into one commit,
-and merge that commit into master.
-
-```sh
-$ git checkout master
-$ git pull hyperboria master
-$ git subtree pull --squash -P doc/ docs/master
-$ git push hyperboria master
-```
-
-To merge documentation changes in cjdns back upstream into this repository,
-we create a merge commit, and push it.
-
-```
-$ git subtree split -P doc/
-38e3bc6f899de49213aed754c74046b9ae4a85d2
-$ git push docs 38e3bc6f:master
-```
+Also, read our [contributing](contributing.md) document for notes on our policies for accepting contributions.

doc/bugs/horizon.md

@@ -1,5 +1,5 @@
 One of the central ideas behind the development of cjdns is that networking protocols should scale up smoothly.
-Early development dealt with problems like **not** constructing circular routes, and while that was not yet solved it made sense to limit the length of a path to what would fit within 64 bits of memory.
+Early development dealt with problems like **not** constructing circular routes, and while that was not yet solved it made sense to limit the length of a path to what would fit within 64 bits of the header of each packet.
 
 At this point, many of the early issues that were once challenging have been dealt with, and tucked away into a list of things that we shouldn't forget, but which are no longer relevant.
 As the protocol has improved and allowed nodes to see and route further into the network, though, we have begun to encounter bugs which we previously had no opportunity to debug, and consequentially, no opportunity to fix.
@@ -8,7 +8,8 @@ The **Horizon** bug is one that we knew was coming, but now we've officially sta
 
 ## The nature of the bug
 
-* nodes have 64 bits of memory in which they can store a path to another node
+* the header of each packet has 64 bits of space to store the path to the destination
+* using more space (all of the time) would waste precious packet overhead, decreasing usable packet size limit
 * each node along the path consumes a variable number of bits dependiung on the number of peers between which they must distinguish (see [switchfun.txt](../switchfun.txt) for some idea of how this works)
 * your node cannot route to any node beyond this _horizon_ for the lack of bits required
 
@@ -23,6 +24,7 @@ The **Horizon** bug is one that we knew was coming, but now we've officially sta
 Naturally, we can approach the problem from a few angles, so whatever your skill set is, there's likely something that you can do to help.
 
 1. help rewrite the parts of cjdns which encode the paths such that a variable number of bits can be used
+1.1. Probably less code is needed than it first seems... If the final representation is a stack of 64 bit labels, many places in the code will still work with 64 bits quite happily.
 2. use the admin interface to figure out which parts of the network your node can see, and compare those results against a wider view of the network, so we can identify our blind spots
 3. evaluate your peering choices, and try to drop bad peers and pick good ones, so that we can continue to have a functional network in the meantime (we're still quite likely to have lots of paths that are out of reach, so we'll still be able to debug this issue, don't worry)
 4. talk to your friends about cjdns, and get them to join the network, so we have more opportunity to find long _shortest-paths_ to any particular node (see, you don't even need to know how to code!)

doc/cjdns.pac

@@ -0,0 +1,9 @@
+function FindProxyForURL(url, host) {
+    // If we can't resolve this means that this host is IPv4 only. Trying cjdns won't hurt.
+    // It also make IPv4 only hosts connect ot clearnet IPv6 hosts if proxy is IPv6 capable.
+    // If we can resolve check if the host is insice cjdns network space.
+    if (shExpMatch(host, "fc*:*") || !dnsResolve(host) || shExpMatch(dnsResolve(host), "fc*:*")) {
+        return "SOCKS5 localhost:8080";
+    }
+    return "DIRECT";
+}

doc/configure.md

@@ -24,11 +24,13 @@ The top part of the file specifies where the cjdns executable is, your encryptio
     "ipv6": "fcff:a215:1e7b:a4e9:c00d:0813:93b3:7c87",
 ````
 
-- `corePath`: This specifies where the core cjdns executable file is. If you downloaded the source to /opt/cjdns, then the default is fine. If you downloaded it somewhere else, like your home directory for example, then this needs to be udpdated accordingly.
+- `corePath`: This specifies where the core cjdns executable file is. If you downloaded the source to /opt/cjdns, then the default is fine. If you downloaded it somewhere else, like your home directory for example, then this needs to be updated accordingly.
 - `privateKey`: Your private key is part of the system that ensures all the data coming and going out of your computer is encrypted. You must protect your private key. Do not give it out to anyone.
 - `publicKey`: The public key is what your computer gives to other computers to encrypt data with. This data can then only be decrypted with your private key, that way no one can access your information as it moves across the network.
 - `ipv6`: This is your IP address on the cjdns network. It is unique to you and is created by securely hashing your public key.
 
+Cjdns provides the publicKey and ipv6 fields for convenience, but does not actually require them. If for some reason you want to remove them from the configuration file, you can. At launch, the privateKey will be used to generate the corresponding publicKey, and the publicKey will be used to find the corresponding ipv6 address. Their relationships are deterministic, and passing only the most fundamental attribute avoids configuration errors.
+
 Incoming Connections
 --------------------
 
@@ -63,6 +65,7 @@ The `authorizedPasswords` section is the area where you can specify passwords to
     ],
 ````
 - `password`: This is the password that another system can give to your node and be allowed to connect. You would place it in the `password` section in the next part.
+  + `password` blocks can be assigned a second `user` attribute. At runtime, when using the `peerStats` script, peers who have connected using a particular password will be associated with the appropriate `user` string.
 - `your.external.ip.goes.here:33808` This section is what you would give to a friend so that they could connect with you. We suggest you add a `"name":"so-and-so"` section to it as well (don't forget the comma between sections!) so that it is easy to see who you have allowed access to. If it later turns out that you no longer wish to have this user connect to you then it is a simple matter to find them and delete or comment out the correct line.
 
 Admin Interface
@@ -84,7 +87,7 @@ The `admin ` section defines the settings for the administrative interface of cj
 ````
 
 - `bind`: This tells cjdns what IP and port the admin interface should bind to. Since you don't want random people connecting to your admin interface, it is probably fine to leave it like this.
-- `password`: This is the password that is needed in order to perform certain functions through the admin interface.
+- `password`: This is the password that is needed in order to perform certain functions through the admin interface. If you wish to expose the admin interface to the network, then you should use a password like the one above. If you are binding only to a local address, then you can use `"NONE"` as a password. This is the new default behaviour on the `crashey` branch, so as to provide an easier default configuration to work with.
 
 Connection Interface(s)
 -----------------------
@@ -156,11 +159,17 @@ This specifies the settings for the connection interfaces to your node. Right no
             "publicKey": "z4s2EXAMPLEPUBLICKEYEXAMPLEPUBLICKEYEXAMPLEKEY4yjp0.k"
         },
     It is important to note that while some people may put additional fields in such as `node`, only `password` and `publicKey` are actually read by cjdns.
+    - more recently generated configuration files will also feature a second block within the `UDPInterface` section, which is to be used to configure UDP peering over IPv6. Such blocks will look like this,
+        "[2001:db8::2:1]:12345":
+        {
+            "password": "thisIsAnExampleOfAPassword",
+            "publicKey": "z4s2EXAMPLEPUBLICKEYEXAMPLEPUBLICKEYEXAMPLEKEY4yjp0.k"
+        },
 - `ETHInterface`:
     - `bind`: This tells cjdns which device the ETHInterface should bind to. This may be different depending on your setup.
     - `connectTo`: The connectTo for the ETHInterface functions almost exactly like it does for the the UDPInterface, except instead of an IP address and a port at the beginning, it is a MAC address.
-    - `beacon`: This controlls peer auto-discovery. Set to 0 to disable auto-peering, 1 to use broadcast auto-peering passwords contained in "beacon" messages from other nodes, and 2 to both broadcast and accept beacons.
-    - It is important to note that you must uncomment the ETHInterface if you want to use it
+    - `beacon`: This controls peer auto-discovery. Set to 0 to disable auto-peering, 1 to use broadcast auto-peering passwords contained in "beacon" messages from other nodes, and 2 to both broadcast and accept beacons.
+    - In earlier versions of cjdns, it was necessary to uncomment the ETHInterface if you want to use it, however, now it is uncommented by default in the `crashey` branch which will eventually be merged to master.
 
 Router
 ------
@@ -192,7 +201,7 @@ IP Tunneling
 
 IP Tunneling will allow you to connect from the cjdns network to another outside network. This is still a work in-progress; although it does function, it requires a bit of manual configuration on both ends to make it useful.
 ````javascript
-        // System for tunneling IPv4 and ICANN IPv6 through cjdns.
+        // System for tunneling IPv4 and ICANN IPv6 through cjdn which will eventually be merged to master..
         // This is using the cjdns switch layer as a VPN carrier.
         "ipTunnel":
         {

doc/contributing.md

@@ -0,0 +1,82 @@
+# Docs
+
+*Documenting things related to the meshnet*
+
+[cjdns](https://github.com/hyperboria/cjdns) addresses a large number of complex issues in an elegant way. While efforts have been made to provide a default configuration that matches the greatest number of use cases, it is impractical to expect software to replace understanding.
+
+> Enter the documentation project...
+
+The good citizens of Hyperboria decided to put together this collection of documentation to help make the inner workings of cjdns more transparent.
+
+We want you to [get involved](http://www.roaming-initiative.com/blog/posts/wtfm)! Feel free to submit pull requests.
+
+See [index.md](index.md) for current progress. We'd love more languages!
+
+Also have a look at [Prose for Programmers](https://github.com/joshuacc/prose-for-programmers), a work-in-progress book aimed at helping software developers write better prose.
+
+
+## The scope of this project
+
+We are interested in documenting a range of topics:
+
+1. cjdns internals: bugs and features
+2. operator culture and best practices
+3. meshlocal resources
+4. introductory literature
+
+
+## Reporting bugs
+
+[cjd](https://github.com/cjdelisle) would rather write code than troubleshoot trivial issues which often turn out to have resulted from user error. To make this easier, a few members of the community have offered to investigate issues on his behalf.
+
+If you think you've found a bug, report it on [our fork's issue tracker](https://github.com/hyperboria/cjdns/issues). We'll try to gather up documentation related to the issue, to better understand where it might be coming from. Once we can narrow it down, and research some of the background details to that particular piece of functionality, we may be able to submit patches ourselves.
+
+Anything you can submit that gets us closer to understanding some bug or function within cjdns is welcome. By starting an inquiry, you make it just a little bit easier for someone else to continue it. With that in mind, please read [this note on reporting bugs](bugs/reporting.md) and [our more general contribution policy](bugs/policy.md). Get involved!
+
+## License
+
+Unless otherwise noted, the contained documents are licensed under a
+Creative Commons Attribution 4.0 Unported License.
+
+See [LICENSE.txt](LICENSE.txt), or <[creativecommons.org/licenses/by/4.0/](https://creativecommons.org/licenses/by/4.0/)>
+
+
+## For committers
+
+Please remember that the canonical repo is at [gitboria.com/projectmeshnet/documentation](http://gitboria.com/projectmeshnet/documentation) in Hyperboria.
+Pull from there, and push there first.
+If the canonical repo and mirror at [github.com/hyperboria/docs](https://github.com/hyperboria/docs) diverge,
+the canonical repo's respective branch shall be force-pushed to the mirror.
+
+
+## Documentation in cjdns.git/doc
+
+This repository is semi-regularly merged into cjdns' `doc/` directory.
+It's useful to ship documentation with the code.
+We use the following commands.
+
+```sh
+$ cd cjdns/
+$ git remote add hyperboria git@github.com:hyperboria/cjdns.git
+$ git remote add docs git@gitboria.com:projectmeshnet/docs.git
+```
+
+To merge documentation changes into cjdns,
+we squash all new commits since the last merge into one commit,
+and merge that commit into master.
+
+```sh
+$ git checkout master
+$ git pull hyperboria master
+$ git subtree pull --squash -P doc/ docs/master
+$ git push hyperboria master
+```
+
+To merge documentation changes in cjdns back upstream into this repository,
+we create a merge commit, and push it.
+
+```
+$ git subtree split -P doc/
+38e3bc6f899de49213aed754c74046b9ae4a85d2
+$ git push docs 38e3bc6f:master
+```

doc/faq/peering.md

@@ -146,6 +146,12 @@ To find your peers, run `cjdns/contrib/nodejs/tools/peerStats.js`
 
 Alternatively, you can use [this tool which does a few other things as well](https://github.com/ehmry/cjdcmd-ng).
 
+## How to sniff for ethernet cjdns traffic?
+
+```
+tcpdump -nn -s0 -t -vv -e -i mon0 ether proto 0xfc00
+```
+
 ## What are the EAGAIN errors about?
 
 This is a red herring. It simply means that UDPInterface received a packet, and that there's not immediately another packet received.

doc/index.md

@@ -43,6 +43,8 @@ You can contribute to its documentaion: https://github.com/hyperboria/docs
   - [OS X](install/osx.md)
   - [Debian Wheezy](install/debian-wheezy.md)
   - [Debian Jessie](install/debian-jessie.md)
+  - [Arch](install/arch.md)
+  - [Fedora](install/fedora.md)
   - [FreeBSD](install/freebsd.md) *TODO*
   - [OpenBSD](install/openbsd.md) *TODO*
   - [Windows](install/windows.md)

doc/install/arch.md

@@ -0,0 +1,6 @@
+# Installing cjdns on arch
+
+	pacman -S cjdns
+	systemctl enable cjdns
+	systemctl start cjdns
+

doc/install/fedora.md

@@ -0,0 +1,40 @@
+Installing CJDNS on Fedora
+==========================
+(last tested on Fedora 22, those with fedora versions older than 22 should substitute yum for dnf.)
+
+#Prerequisites
+```bash
+sudo dnf install git automake nodejs libseccomp-devel gcc 
+```
+
+#Getting cjdns
+```bash
+git clone https://github.com/hyperboria/cjdns
+```
+
+#Building cjdns
+```bash
+cd cjdns/
+./do
+```
+
+#Generating a config
+```bash
+./cjdroute --genconf > cjdroute.conf
+```
+
+#Setting cjdns to autostart on boot.
+
+First you'll want to edit contrib/systemd/cjdns.service to properly reflect where your cjdns binary and configuration are.
+Then, run these commands:
+
+```bash
+sudo cp cjdns.service /etc/systemd/system/cjdns.service # This gives systemd some information about cjdns.
+sudo systemctl enable cjdns.service #This sets cjdns to be started on boot. if you don't want that, feel free to leave this line out.
+sudo systemctl start cjdns.service #This actually starts cjdns.
+```
+
+Checking the logs:
+```bash
+sudo systemctl status -l cjdns
+```

doc/notes/dns.md

@@ -43,6 +43,14 @@ Now might be a good time to actually figure out how we're going to move forward.
   - http://rfdns.cjdns.ca/
   - https://ezcrypt.it/ck5n#gYdfOeREHwzD92H0WDry4Z5e
   - https://ezcrypt.it/9Q6n#ejSF9d762REt7hmJ8pl46yp7
+- EmerCoin DNS (by emercoin.com) # similar to namecoin with notable differences
+    - Longer names allowed than namecoin (512 instead of 255 bytes)
+    - Longer values allowed than namecoin (20*1024 instead of 1023 bytes)
+    - Variable lease time, price depends on requested lease time
+    - EmerCoin also used for a broad set of additional web services such as blockchain-derived SSL and SSH.
+    - Supports any number of TLD's (no need to build new DNS service on top of it)
+    - Every EMC wallet is native RFC1034 DNS server.
+    - More info: http://emercoin.com/DNS_and_Name-Value_Storage
 - DJDNS   (ironically, by rainfly) # maybe a good idea? idk. not widely adopted, written in Go, so I'm not fond of it.# just trolling.. kinda..
   - https://github.com/campadrenalin/djdns
   - There's also https://github.com/campadrenalin/python-djdns
@@ -511,4 +519,4 @@ Codename *lgdns*
 <larsg> good night!
 <larsg> thanks for the thoughts
 <larsg> ... and so lgdns was born
-```
+```

doc/notes/media.md

@@ -0,0 +1,58 @@
+# Cjdns in the media
+
+## English
+
+http://www.wired.com/2013/10/thompson/
+
+http://marsocial.com/2015/07/the-declaration-of-internet-independence/
+
+http://curiousmatic.com/meet-the-young-techies-who-want-to-change-the-way-nyc-connects-to-the-internet/
+
+http://en.wikipedia.org/wiki/Cjdns
+
+https://www.youtube.com/watch?v=sCFmzGknUew
+
+http://www.newscientist.com/article/mg21929294.500-meshnet-activists-rebuilding-the-internet-from-scratch.html
+
+https://www.fsf.org/blogs/licensing/interview-with-caleb-james-delisle-of-cjdns
+
+http://yourlisten.com/opencu/caleb-james-delisle-of-on-cjdns-a-new-internet-in-8-minutes
+
+http://resources.infosecinstitute.com/project-meshnet/
+
+http://www.techhive.com/article/259959/project_meshnet_aims_to_build_a_censorship_free_alternative_to_the_internet.html
+
+http://www.kurzweilai.net/project-meshnet-aims-to-build-a-censorship-free-alternative-to-the-internet
+
+http://www.sync-blog.com/sync/2012/08/would-a-censorship-free-internet-be-a-good-idea.html
+
+http://realitysandwich.com/160579/meshnet_possible_uncensored_internet_alternative/
+
+http://www.dutecs.com/how-to-stop-the-nsa-spying-on-your-data/
+
+http://nxter.org/hyperboria-adopts-nxt-aliases-for-dns-solution/ 
+
+http://sett.com/alansjourney/52637
+
+[Does the hacker news count as media?](https://news.ycombinator.com/item?id=9843373)
+
+http://www.fastcompany.com/3044686/mesh-networks-and-the-local-internet-movement
+
+## ???
+
+http://www.zive.cz/clanky/sest-alternativnich-a-zapomenutych-internetu/sc-3-a-169392/default.aspx
+
+## German???
+
+http://scratchbook.ch/2013/06/24/cjdns/
+
+http://www.nzz.ch/digital/neustart-1.18140845
+
+## In Russian
+
+http://habrahabr.ru/post/181862/
+
+http://habrahabr.ru/post/182652/
+
+http://habrahabr.ru/post/183606/
+

doc/proxying.md

@@ -0,0 +1,52 @@
+Proxying
+===========================
+
+#Keep in mind that we'd rather you put cjdns on all your machines!
+
+Sometimes it's just not possible to get cjdns working on a machine.
+
+The easiest way to access Hyperboria if you can't get access on your machine is through a box that already has access.
+This can be simply done using a SSH connection.
+
+Creating SOCKSv5 connection
+----------------------------
+
+To create SOCKS SSH connection in Linux/OSX:
+
+```bash
+ssh -f -N -D 8080 [your_cjdns_capable_host]
+```
+This will connect to host under `[your_cjdns_capable_host]`.
+
+This can be also achieved in PuTTY by creating a dynamic tunnel on port `8080`.
+
+(The port `8080` can be any different port but you will have to edit PAC later to make it work)
+
+Configuring your Web Browser
+----------------------------
+
+If proxying all of your traffic through the server is acceptable to you, then just select SOCKS5 proxy
+and put `localhost` as hostname and `8080` as port.
+
+If you want your normal traffic to travel directly and only cjdns traffic to connect though the proxy,
+you have to use Proxy auto-config (PAC).
+
+The following PAC file checks if the host you are connecting to is a cjdns IPV6 address, if not tries to resolve it. (If that fails, it usually means current DNS server is not IPv6 capable, so it redirects the traffic through the proxy)Finally, if resolving via DNS is successful (and the current host is IPv6 capable) it checks whether the address is in cjdns space.
+
+```js
+function FindProxyForURL(url, host) {
+    // If we can't resolve this means that this host is IPv4 only. Trying cjdns won't hurt.
+    // It also make IPv4 only hosts connect ot clearnet IPv6 hosts if proxy is IPv6 capable.
+    // If we can resolve check if the host is insice cjdns network space.
+    if (shExpMatch(host, "fc*:*") || !dnsResolve(host) || shExpMatch(dnsResolve(host), "fc*:*")) {
+        return "SOCKS5 localhost:8080";
+    }
+    return "DIRECT";
+}
+```
+Also available as a file in this repo: [cjdns.pac](/cjdns.pac)
+
+This PAC file uses SOCKS5 connection with proxy server on `localhost` at port `8080`.
+If you'd like to use a different port, you have to change it accordingly.
+
+Use this PAC file for `Automatic Proxy Configuration` option which is available in most browsers and other proxy management solutions.

doc/quickstart.md

@@ -0,0 +1,31 @@
+The following is just a draft of what our landing page _could_ look like.
+The steps are just off the top of my head, based off of my experience walking people through setup on EFNet.
+
+Lots of this info is already in the repo, but it's scattered all over, and ideally we need just **one** document that can get people going if they read through it.
+
+## Getting going with cjdns
+
+1. what is it?
+2. how can you install it? -> OS/Distro && hardware combos (click to go to appropriate page)
+  + get tools
+  + get source
+  + build -> go back to main page, all OS/distro stuff _should_ be taken care of
+3. generate a conf
+  + edit your conf
+  + find && add peers
+4. Now you should be on the net...
+  + testing whether you're connected
+  + troubleshooting if you're not
+    * do you have a tun device?
+    * is your command line working? (ping6, curl)
+    * is your chrome/firefox working?
+5. cool, now you're on
+  + secure your device
+  + get on hypeirc
+  + find something to do
+6. ???
+7. Profit
+
+:D
+
+