Block infohash spammers from tracker

2025-10-05 02:39:33 +02:00 · 2020-06-25 16:27:35 +02:00 · 2020-06-25 16:27:35 +02:00 · db48de8597
commit db48de8597
parent d4bf24df8e
4 changed files with 81 additions and 22 deletions
--- a/server/controllers/tracker.ts
+++ b/server/controllers/tracker.ts
@ -1,13 +1,14 @@
-import { logger } from '../helpers/logger'
+import * as bitTorrentTracker from 'bittorrent-tracker'
 import * as express from 'express'
 import * as http from 'http'
-import * as bitTorrentTracker from 'bittorrent-tracker'
 import * as proxyAddr from 'proxy-addr'
 import { Server as WebSocketServer } from 'ws'
+import { Redis } from '@server/lib/redis'
+import { logger } from '../helpers/logger'
+import { CONFIG } from '../initializers/config'
 import { TRACKER_RATE_LIMITS } from '../initializers/constants'
 import { VideoFileModel } from '../models/video/video-file'
 import { VideoStreamingPlaylistModel } from '../models/video/video-streaming-playlist'
-import { CONFIG } from '../initializers/config'

 const TrackerServer = bitTorrentTracker.Server

@ -53,7 +54,16 @@ const trackerServer = new TrackerServer({
      const playlistExists = await VideoStreamingPlaylistModel.doesInfohashExist(infoHash)
      if (playlistExists === true) return cb()

-      return cb(new Error(`Unknown infoHash ${infoHash} requested by ip ${ip}`))
+      cb(new Error(`Unknown infoHash ${infoHash} requested by ip ${ip}`))
+
+      // Close socket connection and block IP for a few time
+      if (params.type === 'ws') {
+        Redis.Instance.setTrackerBlockIP(ip)
+          .catch(err => logger.error('Cannot set tracker block ip.', { err }))
+
+        // setTimeout to wait filter response
+        setTimeout(() => params.socket.close(), 0)
+      }
    } catch (err) {
      logger.error('Error in tracker filter.', { err })
      return cb(err)
@ -88,7 +98,21 @@ function createWebsocketTrackerServer (app: express.Application) {

  server.on('upgrade', (request: express.Request, socket, head) => {
    if (request.url === '/tracker/socket') {
-      wss.handleUpgrade(request, socket, head, ws => wss.emit('connection', ws, request))
+      const ip = proxyAddr(request, CONFIG.TRUST_PROXY)
+
+      Redis.Instance.doesTrackerBlockIPExist(ip)
+        .then(result => {
+          if (result === true) {
+            logger.debug('Blocking IP %s from tracker.', ip)
+
+            socket.write('HTTP/1.1 403 Forbidden\r\n\r\n')
+            socket.destroy()
+            return
+          }
+
+          return wss.handleUpgrade(request, socket, head, ws => wss.emit('connection', ws, request))
+        })
+        .catch(err => logger.error('Cannot check if tracker block ip exists.', { err }))
    }

    // Don't destroy socket, we have Socket.IO too