aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2018-06-26 16:53:24 +0200
committerChocobozzz <me@florianbigard.com>2018-06-26 16:53:43 +0200
commit9b67da3d9bc951c624f17dce7821036f8518d893 (patch)
tree91de299c2eb45a12b0c775b085c5f7a13dc16f71
parent11fa7d392a21fe73dd235375b89c554e9b5ba18c (diff)
downloadPeerTube-9b67da3d9bc951c624f17dce7821036f8518d893.tar.gz
PeerTube-9b67da3d9bc951c624f17dce7821036f8518d893.tar.zst
PeerTube-9b67da3d9bc951c624f17dce7821036f8518d893.zip
Add tracker rate limiter
-rw-r--r--server.ts39
-rw-r--r--server/controllers/index.ts1
-rw-r--r--server/controllers/tracker.ts91
-rw-r--r--server/initializers/constants.ts9
4 files changed, 107 insertions, 33 deletions
diff --git a/server.ts b/server.ts
index f756bf9d4..fb01ed572 100644
--- a/server.ts
+++ b/server.ts
@@ -10,13 +10,8 @@ if (isTestInstance()) {
10// ----------- Node modules ----------- 10// ----------- Node modules -----------
11import * as bodyParser from 'body-parser' 11import * as bodyParser from 'body-parser'
12import * as express from 'express' 12import * as express from 'express'
13import * as http from 'http'
14import * as morgan from 'morgan' 13import * as morgan from 'morgan'
15import * as bitTorrentTracker from 'bittorrent-tracker'
16import * as cors from 'cors' 14import * as cors from 'cors'
17import { Server as WebSocketServer } from 'ws'
18
19const TrackerServer = bitTorrentTracker.Server
20 15
21process.title = 'peertube' 16process.title = 'peertube'
22 17
@@ -75,7 +70,9 @@ import {
75 feedsRouter, 70 feedsRouter,
76 staticRouter, 71 staticRouter,
77 servicesRouter, 72 servicesRouter,
78 webfingerRouter 73 webfingerRouter,
74 trackerRouter,
75 createWebsocketServer
79} from './server/controllers' 76} from './server/controllers'
80import { Redis } from './server/lib/redis' 77import { Redis } from './server/lib/redis'
81import { BadActorFollowScheduler } from './server/lib/schedulers/bad-actor-follow-scheduler' 78import { BadActorFollowScheduler } from './server/lib/schedulers/bad-actor-follow-scheduler'
@@ -116,33 +113,6 @@ app.use(bodyParser.json({
116 limit: '500kb' 113 limit: '500kb'
117})) 114}))
118 115
119// ----------- Tracker -----------
120
121const trackerServer = new TrackerServer({
122 http: false,
123 udp: false,
124 ws: false,
125 dht: false
126})
127
128trackerServer.on('error', function (err) {
129 logger.error('Error in websocket tracker.', err)
130})
131
132trackerServer.on('warning', function (err) {
133 logger.error('Warning in websocket tracker.', err)
134})
135
136const server = http.createServer(app)
137const wss = new WebSocketServer({ server: server, path: '/tracker/socket' })
138wss.on('connection', function (ws) {
139 trackerServer.onWebSocketConnection(ws)
140})
141
142const onHttpRequest = trackerServer.onHttpRequest.bind(trackerServer)
143app.get('/tracker/announce', (req, res) => onHttpRequest(req, res, { action: 'announce' }))
144app.get('/tracker/scrape', (req, res) => onHttpRequest(req, res, { action: 'scrape' }))
145
146// ----------- Views, routes and static files ----------- 116// ----------- Views, routes and static files -----------
147 117
148// API 118// API
@@ -155,6 +125,7 @@ app.use('/services', servicesRouter)
155app.use('/', activityPubRouter) 125app.use('/', activityPubRouter)
156app.use('/', feedsRouter) 126app.use('/', feedsRouter)
157app.use('/', webfingerRouter) 127app.use('/', webfingerRouter)
128app.use('/', trackerRouter)
158 129
159// Static files 130// Static files
160app.use('/', staticRouter) 131app.use('/', staticRouter)
@@ -181,6 +152,8 @@ app.use(function (err, req, res, next) {
181 return res.status(err.status || 500).end() 152 return res.status(err.status || 500).end()
182}) 153})
183 154
155const server = createWebsocketServer(app)
156
184// ----------- Run ----------- 157// ----------- Run -----------
185 158
186async function startApplication () { 159async function startApplication () {
diff --git a/server/controllers/index.ts b/server/controllers/index.ts
index ff7928312..197fa897a 100644
--- a/server/controllers/index.ts
+++ b/server/controllers/index.ts
@@ -5,3 +5,4 @@ export * from './feeds'
5export * from './services' 5export * from './services'
6export * from './static' 6export * from './static'
7export * from './webfinger' 7export * from './webfinger'
8export * from './tracker'
diff --git a/server/controllers/tracker.ts b/server/controllers/tracker.ts
new file mode 100644
index 000000000..42f5aea81
--- /dev/null
+++ b/server/controllers/tracker.ts
@@ -0,0 +1,91 @@
1import { logger } from '../helpers/logger'
2import * as express from 'express'
3import * as http from 'http'
4import * as bitTorrentTracker from 'bittorrent-tracker'
5import * as proxyAddr from 'proxy-addr'
6import { Server as WebSocketServer } from 'ws'
7import { CONFIG, TRACKER_RATE_LIMITS } from '../initializers/constants'
8
9const TrackerServer = bitTorrentTracker.Server
10
11const trackerRouter = express.Router()
12
13let peersIps = {}
14let peersIpInfoHash = {}
15runPeersChecker()
16
17const trackerServer = new TrackerServer({
18 http: false,
19 udp: false,
20 ws: false,
21 dht: false,
22 filter: function (infoHash, params, cb) {
23 let ip: string
24
25 if (params.type === 'ws') {
26 ip = params.socket.ip
27 } else {
28 ip = params.httpReq.ip
29 }
30
31 const key = ip + '-' + infoHash
32
33 peersIps[ip] = peersIps[ip] ? peersIps[ip] + 1 : 1
34 peersIpInfoHash[key] = peersIpInfoHash[key] ? peersIpInfoHash[key] + 1 : 1
35
36 if (peersIpInfoHash[key] > TRACKER_RATE_LIMITS.ANNOUNCES_PER_IP_PER_INFOHASH) {
37 return cb(new Error(`Too many requests (${peersIpInfoHash[ key ]} of ip ${ip} for torrent ${infoHash}`))
38 }
39
40 return cb()
41 }
42})
43
44trackerServer.on('error', function (err) {
45 logger.error('Error in tracker.', { err })
46})
47
48trackerServer.on('warning', function (err) {
49 logger.warn('Warning in tracker.', { err })
50})
51
52const onHttpRequest = trackerServer.onHttpRequest.bind(trackerServer)
53trackerRouter.get('/tracker/announce', (req, res) => onHttpRequest(req, res, { action: 'announce' }))
54trackerRouter.get('/tracker/scrape', (req, res) => onHttpRequest(req, res, { action: 'scrape' }))
55
56function createWebsocketServer (app: express.Application) {
57 const server = http.createServer(app)
58 const wss = new WebSocketServer({ server: server, path: '/tracker/socket' })
59 wss.on('connection', function (ws, req) {
60 const ip = proxyAddr(req, CONFIG.TRUST_PROXY)
61 ws['ip'] = ip
62
63 trackerServer.onWebSocketConnection(ws)
64 })
65
66 return server
67}
68
69// ---------------------------------------------------------------------------
70
71export {
72 trackerRouter,
73 createWebsocketServer
74}
75
76// ---------------------------------------------------------------------------
77
78function runPeersChecker () {
79 setInterval(() => {
80 logger.debug('Checking peers.')
81
82 for (const ip of Object.keys(peersIpInfoHash)) {
83 if (peersIps[ip] > TRACKER_RATE_LIMITS.ANNOUNCES_PER_IP) {
84 logger.warn('Peer %s made abnormal requests (%d).', ip, peersIps[ip])
85 }
86 }
87
88 peersIpInfoHash = {}
89 peersIps = {}
90 }, TRACKER_RATE_LIMITS.INTERVAL)
91}
diff --git a/server/initializers/constants.ts b/server/initializers/constants.ts
index 53902071c..4e1c8dda7 100644
--- a/server/initializers/constants.ts
+++ b/server/initializers/constants.ts
@@ -450,6 +450,14 @@ const FEEDS = {
450 450
451// --------------------------------------------------------------------------- 451// ---------------------------------------------------------------------------
452 452
453const TRACKER_RATE_LIMITS = {
454 INTERVAL: 60000 * 5, // 5 minutes
455 ANNOUNCES_PER_IP_PER_INFOHASH: 10, // maximum announces per torrent in the interval
456 ANNOUNCES_PER_IP: 30 // maximum announces for all our torrents in the interval
457}
458
459// ---------------------------------------------------------------------------
460
453// Special constants for a test instance 461// Special constants for a test instance
454if (isTestInstance() === true) { 462if (isTestInstance() === true) {
455 ACTOR_FOLLOW_SCORE.BASE = 20 463 ACTOR_FOLLOW_SCORE.BASE = 20
@@ -482,6 +490,7 @@ export {
482 AVATARS_SIZE, 490 AVATARS_SIZE,
483 ACCEPT_HEADERS, 491 ACCEPT_HEADERS,
484 BCRYPT_SALT_SIZE, 492 BCRYPT_SALT_SIZE,
493 TRACKER_RATE_LIMITS,
485 CACHE, 494 CACHE,
486 CONFIG, 495 CONFIG,
487 CONSTRAINTS_FIELDS, 496 CONSTRAINTS_FIELDS,