Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement shadowban functionality to combat fake clients/实现shadowban功能对抗虚假客户端 #538

Closed
KagurazakaNyaa opened this issue Apr 10, 2024 · 8 comments · Fixed by #545

Comments

@KagurazakaNyaa
Copy link

Suggestion

There are now a series of malicious clients represented by dt/torrent and hp/torrent that falsely report progress and consume upload bandwidth.
Maybe we could stop disconnecting these clients directly and instead keep tcp connected and upload random traffic of 1 byte per second to consume their server connections.
At the same time, other behaviors are blocked as normal to avoid interfering with normal bt data statistics and interface display.
It is best to add an additional ban list to avoid affecting the original ban behavior.

现在广泛存在以dt/torrent hp/torrent为代表的一系列恶意客户端虚假汇报进度并消耗上传带宽。
也许我们可以不再直接断开这些客户端的连接,取而代之的是保持tcp连接并每秒上传1字节的随机流量来消耗它们的服务器连接数。
同时其他行为如同被正常阻止以避免干扰正常的bt数据统计和界面展示。
最好添加一个额外的封禁列表来避免影响原有的封禁行为。

Use case

ref #530 #537

Extra info/examples/attachments

No response

@poplar-at-twilight
Copy link

This is a good idea and can squeeze resources from malicious clients.

@supply9243
Copy link

这不是个好主意,如果出现误判断或BUG影响其他正常客户端,那是不是会被其他客户端拉入黑名单?让qBittorrent-Enhanced-Edition也变成作恶的一员?

@SeaHOH
Copy link

SeaHOH commented Apr 12, 2024

如果出现误判断或BUG影响其他正常客户端

这个功能只针对刷流量的虚假客户端的话,如此简单的字符串比较会出现误判或BUG,这不太可能吧。

@supply9243
Copy link

如果出现误判断或BUG影响其他正常客户端

这个功能只针对刷流量的虚假客户端的话,如此简单的字符串比较会出现误判或BUG,这不太可能吧。

看上去确实不可能,但你可记得微软某次更新把用户文件都删了?🤣

@KagurazakaNyaa
Copy link
Author

这不是个好主意,如果出现误判断或BUG影响其他正常客户端,那是不是会被其他客户端拉入黑名单?让qBittorrent-Enhanced-Edition也变成作恶的一员?

所以我认为这个不应该是一个自动化的功能,而是应当和原版的手动封禁IP一样是一个客户端配置文件定义的列表

@KagurazakaNyaa
Copy link
Author

这不是个好主意,如果出现误判断或BUG影响其他正常客户端,那是不是会被其他客户端拉入黑名单?让qBittorrent-Enhanced-Edition也变成作恶的一员?

如果要避免影响其他正常客户端,那么我们可以不使用随机数据,而是正常上传对应种子的数据,只是把速率限制到1byte/sec
这样即使错误判断了正常客户端,也只会影响速度而不会造成数据污染

@SeaHOH
Copy link

SeaHOH commented Apr 12, 2024

看上去确实不可能,但你可记得微软某次更新把用户文件都删了?🤣

你是在怀疑作者的水平比不过阿三?虽然他大概率不会实施这个功能。

@KagurazakaNyaa
Copy link
Author

提交了一个PR来实现这个功能,但是只在docker容器内的webui版本测试过
原理是实现了一个peer_plugin在on_request的hook进行拦截,防止对列表中匹配的IP发送数据但是避免直接disconnect()
ref: https://github.com/arvidn/libtorrent/blob/8a7aa8311387b8d530a2ec2a3eb5974fec5edb64/src/peer_connection.cpp#L2436

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants