From db48de8597897e5024f8e9ed5acb1a8f40748169 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Thu, 25 Jun 2020 16:27:35 +0200 Subject: Block infohash spammers from tracker --- server/controllers/tracker.ts | 34 +++++++++++++++++++++++++++++----- 1 file changed, 29 insertions(+), 5 deletions(-) (limited to 'server/controllers') diff --git a/server/controllers/tracker.ts b/server/controllers/tracker.ts index cacff36ec..c962fada5 100644 --- a/server/controllers/tracker.ts +++ b/server/controllers/tracker.ts @@ -1,13 +1,14 @@ -import { logger } from '../helpers/logger' +import * as bitTorrentTracker from 'bittorrent-tracker' import * as express from 'express' import * as http from 'http' -import * as bitTorrentTracker from 'bittorrent-tracker' import * as proxyAddr from 'proxy-addr' import { Server as WebSocketServer } from 'ws' +import { Redis } from '@server/lib/redis' +import { logger } from '../helpers/logger' +import { CONFIG } from '../initializers/config' import { TRACKER_RATE_LIMITS } from '../initializers/constants' import { VideoFileModel } from '../models/video/video-file' import { VideoStreamingPlaylistModel } from '../models/video/video-streaming-playlist' -import { CONFIG } from '../initializers/config' const TrackerServer = bitTorrentTracker.Server @@ -53,7 +54,16 @@ const trackerServer = new TrackerServer({ const playlistExists = await VideoStreamingPlaylistModel.doesInfohashExist(infoHash) if (playlistExists === true) return cb() - return cb(new Error(`Unknown infoHash ${infoHash} requested by ip ${ip}`)) + cb(new Error(`Unknown infoHash ${infoHash} requested by ip ${ip}`)) + + // Close socket connection and block IP for a few time + if (params.type === 'ws') { + Redis.Instance.setTrackerBlockIP(ip) + .catch(err => logger.error('Cannot set tracker block ip.', { err })) + + // setTimeout to wait filter response + setTimeout(() => params.socket.close(), 0) + } } catch (err) { logger.error('Error in tracker filter.', { err }) return cb(err) @@ -88,7 +98,21 @@ function createWebsocketTrackerServer (app: express.Application) { server.on('upgrade', (request: express.Request, socket, head) => { if (request.url === '/tracker/socket') { - wss.handleUpgrade(request, socket, head, ws => wss.emit('connection', ws, request)) + const ip = proxyAddr(request, CONFIG.TRUST_PROXY) + + Redis.Instance.doesTrackerBlockIPExist(ip) + .then(result => { + if (result === true) { + logger.debug('Blocking IP %s from tracker.', ip) + + socket.write('HTTP/1.1 403 Forbidden\r\n\r\n') + socket.destroy() + return + } + + return wss.handleUpgrade(request, socket, head, ws => wss.emit('connection', ws, request)) + }) + .catch(err => logger.error('Cannot check if tracker block ip exists.', { err })) } // Don't destroy socket, we have Socket.IO too -- cgit v1.2.3