From 9b67da3d9bc951c624f17dce7821036f8518d893 Mon Sep 17 00:00:00 2001
From: Chocobozzz <me@florianbigard.com>
Date: Tue, 26 Jun 2018 16:53:24 +0200
Subject: Add tracker rate limiter
---
server/controllers/index.ts | 1 +
server/controllers/tracker.ts | 91 +++++++++++++++++++++++++++++++++++++++++++
2 files changed, 92 insertions(+)
create mode 100644 server/controllers/tracker.ts
(limited to 'server/controllers')
diff --git a/server/controllers/index.ts b/server/controllers/index.ts
index ff7928312..197fa897a 100644
--- a/server/controllers/index.ts
+++ b/server/controllers/index.ts
@@ -5,3 +5,4 @@ export * from './feeds'
export * from './services'
export * from './static'
export * from './webfinger'
+export * from './tracker'
diff --git a/server/controllers/tracker.ts b/server/controllers/tracker.ts
new file mode 100644
index 000000000..42f5aea81
--- /dev/null
+++ b/server/controllers/tracker.ts
@@ -0,0 +1,91 @@
+import { logger } from '../helpers/logger'
+import * as express from 'express'
+import * as http from 'http'
+import * as bitTorrentTracker from 'bittorrent-tracker'
+import * as proxyAddr from 'proxy-addr'
+import { Server as WebSocketServer } from 'ws'
+import { CONFIG, TRACKER_RATE_LIMITS } from '../initializers/constants'
+
+const TrackerServer = bitTorrentTracker.Server
+
+const trackerRouter = express.Router()
+
+let peersIps = {}
+let peersIpInfoHash = {}
+runPeersChecker()
+
+const trackerServer = new TrackerServer({
+ http: false,
+ udp: false,
+ ws: false,
+ dht: false,
+ filter: function (infoHash, params, cb) {
+ let ip: string
+
+ if (params.type === 'ws') {
+ ip = params.socket.ip
+ } else {
+ ip = params.httpReq.ip
+ }
+
+ const key = ip + '-' + infoHash
+
+ peersIps[ip] = peersIps[ip] ? peersIps[ip] + 1 : 1
+ peersIpInfoHash[key] = peersIpInfoHash[key] ? peersIpInfoHash[key] + 1 : 1
+
+ if (peersIpInfoHash[key] > TRACKER_RATE_LIMITS.ANNOUNCES_PER_IP_PER_INFOHASH) {
+ return cb(new Error(`Too many requests (${peersIpInfoHash[ key ]} of ip ${ip} for torrent ${infoHash}`))
+ }
+
+ return cb()
+ }
+})
+
+trackerServer.on('error', function (err) {
+ logger.error('Error in tracker.', { err })
+})
+
+trackerServer.on('warning', function (err) {
+ logger.warn('Warning in tracker.', { err })
+})
+
+const onHttpRequest = trackerServer.onHttpRequest.bind(trackerServer)
+trackerRouter.get('/tracker/announce', (req, res) => onHttpRequest(req, res, { action: 'announce' }))
+trackerRouter.get('/tracker/scrape', (req, res) => onHttpRequest(req, res, { action: 'scrape' }))
+
+function createWebsocketServer (app: express.Application) {
+ const server = http.createServer(app)
+ const wss = new WebSocketServer({ server: server, path: '/tracker/socket' })
+ wss.on('connection', function (ws, req) {
+ const ip = proxyAddr(req, CONFIG.TRUST_PROXY)
+ ws['ip'] = ip
+
+ trackerServer.onWebSocketConnection(ws)
+ })
+
+ return server
+}
+
+// ---------------------------------------------------------------------------
+
+export {
+ trackerRouter,
+ createWebsocketServer
+}
+
+// ---------------------------------------------------------------------------
+
+function runPeersChecker () {
+ setInterval(() => {
+ logger.debug('Checking peers.')
+
+ for (const ip of Object.keys(peersIpInfoHash)) {
+ if (peersIps[ip] > TRACKER_RATE_LIMITS.ANNOUNCES_PER_IP) {
+ logger.warn('Peer %s made abnormal requests (%d).', ip, peersIps[ip])
+ }
+ }
+
+ peersIpInfoHash = {}
+ peersIps = {}
+ }, TRACKER_RATE_LIMITS.INTERVAL)
+}
--
cgit v1.2.3