近期anacrolix_torrent等无限下载工具的说明与对策
|
594
|
0
|
PT

1816 字
|
16 分钟

起因

由于各大运营商在全国范围实行区域流量结算等政策,迫于营收和上级压力,纷纷加大了对于PCDN用户的打击力度,最普遍的考核方式就是计算上传/下载比值,部分PT/PCDN用户为了逃避考核问题,开始通过伪造自己为BT正常下载用户下载部分种子文件,但该下载是无限制,没有任何上传的,往往会拉满同一种子中绝大部分做种者的上传,这对于整个网络环境产生了非常恶劣的影响。

参考文章: 基于Bittorrent网络的流量消耗器

部分云盘[123网盘]供应商也使用相同手段来逃避监管或实现离线下载,云盘厂商还通过伪造客户端版本或ID标识[GT0001/2/3….]来逃避用户屏蔽和拉黑,如123网盘通过伪装自己是 anacrolix/torrent 等来拉取流量,IP归属地大多为辽宁大连服务器,大量Bt用户的滥用反馈还对anacrolix/torrent开发者产生了困扰,认为是自己程序出现新的BUG,后经过社区用户的帮助,溯源出IP所有者为西安明赋云计算股份有限公司,123网盘即为该公司产品,同时明赋云也提供辽宁的边缘云服务。

相关链接

恩山无线论坛的软件分享贴:基于 Bittorrent 网络的流量消耗器/楼主 thank243

github 最初误以为是 bug 的 issue: Client requests indefinitely on storage write errors #889

github 的讨论帖: qBitTorrent 用户在 1.180.24.0/23 、36.102.218.0/24 和 221.203.6.0/24 中看到来自对等点的无限请求 #891

“流量消耗器”的 123 云盘链接: https://www.123pan.com/s/PipIjv-oREKv.html

流量消耗器 github 仓库(已删除):thank243/trafficConsume

可以参考这个文档进行操作:  https://docs.qq.com/doc/DQnJBTGJjSFZBR2JW

对策

对策A1:升级QBEE到4.6.4.10或更高版本

现在QBEE4.6.4.10版本已经支持自动屏蔽dt/torrent和Taipei-torrent,使用它现在已经可以解决大多数场景。不过要注意,未来恶意程序可能会更换或伪装客户端名称(Client-Name),进而导致该策略失效,(2024年4月10日其已经更换到hp/torrent,导致本策略失效)。QBEE的releases:https://github.com/c0re100/qBittorrent-Enhanced-Edition/releases

如果访问Github困难,也可以使用迅雷等辅助工具,直接下载4.6.4.10的X64版本:https://github.com/c0re100/qBittorrent-Enhanced-Edition/releases/download/release-4.6.4.10/qbittorrent_enhanced_4.6.4.10_x64_setup.exe

注意部分恶意地址还在使用早期的anacrolix(如218.104.106.*、221.203.3.*)和TrafficConsume,由于屏蔽-GT003-这个ID会误伤其它正常客户端,所以QBEE没有加屏蔽规则,依然是漏网之鱼。

对策A2:屏蔽涉事客户端

需要使用QBEE,在C:\Users\%Username%\AppData\Local\qBittorrent里新建一个叫做peer_blacklist.txt的文本文件,写入以下内容:

-GT0003- github.com/anacrolix/torrent\s\(devel\)\s\(anacrolix/torrent\sunknown\)
-DT0001- .*
-HP0001- .*

软件作者说最好不要直接屏蔽-GT0003-,这样很容易误伤正常的客户端。

此外还有部分恶意IP使用其它软件进行类似行为,也需要注意,请结合其它对策查漏补缺。

对策B:屏蔽涉及的IP段

把以下内容写入一个文本格式的dat文件,然后在你的下载工具(QB)里引用。(规则更新于2024年4月12日21时)

1.180.24.0-1.180.25.255
36.102.218.0-36.102.218.255
36.143.31.0-36.143.31.255
36.143.102.0-36.143.102.255
36.143.112.0-36.143.112.255
36.143.114.0-36.143.114.255
36.143.133.0-36.143.133.255
36.143.147.0-36.143.147.255
36.143.176.0-36.143.176.255
36.143.209.0-36.143.210.255
36.143.220.0-36.143.220.255
39.150.2.0-39.150.2.255
39.164.32.0-39.164.33.255
39.164.41.0-39.164.41.255
39.164.45.0-39.164.45.255
39.164.253.0-39.164.254.255
42.52.131.0-42.52.131.255
58.241.210.0-58.241.210.255
59.47.225.0-59.47.225.255
59.47.235.0-59.47.235.255
59.47.237.0-59.47.237.255
59.83.212.0-59.83.212.255
112.0.188.0-112.0.188.255
112.45.16.0-112.45.16.255
112.45.20.0-112.45.20.255
112.83.125.0-112.83.125.255
112.192.189.0-112.192.189.255
114.236.141.0-114.236.141.255
117.55.203.0-117.55.203.255
119.53.106.0-119.53.107.255
119.53.109.0-119.53.112.255
119.53.163.0-119.53.163.255
122.224.33.0-122.224.33.255
123.184.152.0-123.184.152.255
123.186.146.0-123.186.146.255
139.210.127.0-139.210.127.255
139.210.254.0-139.210.254.255
175.19.0.0-175.19.0.255
175.19.2.0-175.19.3.255
175.19.8.0-175.19.8.255
175.19.10.0-175.19.10.255
175.19.42.0-175.19.42.255
182.32.204.0-182.32.205.255
183.131.219.0-193.131.219.255
183.197.12.0-183.197.12.255
183.197.21.0-183.197.21.255
183.197.24.0-183.197.25.255
183.197.30.0-183.197.31.255
183.197.250.0-183.197.251.255
183.198.40.0-183.198.42.255
183.198.83.0-183.198.83.255
183.198.160.0-183.198.160.255
183.198.162.0-183.198.162.255
183.198.165.0-183.198.167.255
183.198.224.0-183.198.224.255
183.198.226.0-183.198.228.255
183.199.90.0-183.199.90.255
183.199.148.0-183.199.150.255
183.199.208.0-183.199.209.255
183.199.217.0-183.199.217.255
183.199.238.0-183.199.239.255
183.227.110.0-183.227.111.255
183.228.140.0-183.228.143.255
218.7.138.0-218.7.138.255
218.24.113.0-218.24.113.255
218.60.174.0-218.60.174.255
218.92.139.0-218.92.139.255
218.104.106.0-218.104.106.255
221.9.12.0-221.9.12.255
221.9.17.0-221.9.19.255
221.11.96.0-221.11.96.255
221.103.102.0-221.103.102.255
221.203.3.0-221.203.3.255
221.203.6.0-221.203.6.255
223.78.79.0-223.78.80.255
223.88.223.0-223.88.223.255
::ffff:1.180.24.0-::ffff:1.180.25.255
::ffff:36.102.218.0-::ffff:36.102.218.255
::ffff:36.143.31.0-::ffff:36.143.31.255
::ffff:36.143.102.0-::ffff:36.143.102.255
::ffff:36.143.112.0-::ffff:36.143.112.255
::ffff:36.143.114.0-::ffff:36.143.114.255
::ffff:36.143.133.0-::ffff:36.143.133.255
::ffff:36.143.147.0-::ffff:36.143.147.255
::ffff:36.143.176.0-::ffff:36.143.176.255
::ffff:36.143.209.0-::ffff:36.143.210.255
::ffff:36.143.220.0-::ffff:36.143.220.255
::ffff:39.150.2.0-::ffff:39.150.2.255
::ffff:39.164.32.0-::ffff:39.164.33.255
::ffff:39.164.41.0-::ffff:39.164.41.255
::ffff:39.164.45.0-::ffff:39.164.45.255
::ffff:39.164.253.0-::ffff:39.164.254.255
::ffff:42.52.131.0-::ffff:42.52.131.255
::ffff:58.241.210.0-::ffff:58.241.210.255
::ffff:59.47.225.0-::ffff:59.47.225.255
::ffff:59.47.235.0-::ffff:59.47.235.255
::ffff:59.47.237.0-::ffff:59.47.237.255
::ffff:59.83.212.0-::ffff:59.83.212.255
::ffff:112.0.188.0-::ffff:112.0.188.255
::ffff:112.45.16.0-::ffff:112.45.16.255
::ffff:112.45.20.0-::ffff:112.45.20.255
::ffff:112.83.125.0-::ffff:112.83.125.255
::ffff:112.192.189.0-::ffff:112.192.189.255
::ffff:114.236.141.0-::ffff:114.236.141.255
::ffff:117.55.203.0-::ffff:117.55.203.255
::ffff:119.53.106.0-::ffff:119.53.107.255
::ffff:119.53.109.0-::ffff:119.53.112.255
::ffff:119.53.163.0-::ffff:119.53.163.255
::ffff:122.224.33.0-::ffff:122.224.33.255
::ffff:123.184.152.0-::ffff:123.184.152.255
::ffff:123.186.146.0-::ffff:123.186.146.255
::ffff:139.210.127.0-::ffff:139.210.127.255
::ffff:139.210.254.0-::ffff:139.210.254.255
::ffff:175.19.0.0-::ffff:175.19.0.255
::ffff:175.19.2.0-::ffff:175.19.3.255
::ffff:175.19.8.0-::ffff:175.19.8.255
::ffff:175.19.10.0-::ffff:175.19.10.255
::ffff:175.19.42.0-::ffff:175.19.42.255
::ffff:182.32.204.0-::ffff:182.32.205.255
::ffff:183.131.219.0-::ffff:193.131.219.255
::ffff:183.197.12.0-::ffff:183.197.12.255
::ffff:183.197.21.0-::ffff:183.197.21.255
::ffff:183.197.24.0-::ffff:183.197.25.255
::ffff:183.197.30.0-::ffff:183.197.31.255
::ffff:183.197.250.0-::ffff:183.197.251.255
::ffff:183.198.40.0-::ffff:183.198.42.255
::ffff:183.198.83.0-::ffff:183.198.83.255
::ffff:183.198.160.0-::ffff:183.198.160.255
::ffff:183.198.162.0-::ffff:183.198.162.255
::ffff:183.198.165.0-::ffff:183.198.167.255
::ffff:183.198.224.0-::ffff:183.198.224.255
::ffff:183.198.226.0-::ffff:183.198.228.255
::ffff:183.199.90.0-::ffff:183.199.90.255
::ffff:183.199.148.0-::ffff:183.199.150.255
::ffff:183.199.208.0-::ffff:183.199.209.255
::ffff:183.199.217.0-::ffff:183.199.217.255
::ffff:183.199.238.0-::ffff:183.199.239.255
::ffff:183.227.110.0-::ffff:183.227.111.255
::ffff:183.228.140.0-::ffff:183.228.143.255
::ffff:218.7.138.0-::ffff:218.7.138.255
::ffff:218.24.113.0-::ffff:218.24.113.255
::ffff:218.60.174.0-::ffff:218.60.174.255
::ffff:218.92.139.0-::ffff:218.92.139.255
::ffff:218.104.106.0-::ffff:218.104.106.255
::ffff:221.9.12.0-::ffff:221.9.12.255
::ffff:221.9.17.0-::ffff:221.9.19.255
::ffff:221.11.96.0-::ffff:221.11.96.255
::ffff:221.103.102.0-::ffff:221.103.102.255
::ffff:221.203.3.0-::ffff:221.203.3.255
::ffff:221.203.6.0-::ffff:221.203.6.255
::ffff:223.78.79.0-::ffff:223.78.80.255
::ffff:223.88.223.0-::ffff:223.88.223.255
2408:862e:ff:ff0d::0-2408:862e:ff:ff0d::ffff
2408:8631:2e09:d05::0-2408:8631:2e09:d05::ffff
2408:8738:6000:d::0-2408:8738:6000:d::ffff
2409:873c:f03:6001::0-2409:873c:f03:6001::ffff
2409:873c:f03:6002::0-2409:873c:f03:6002::ffff
2409:873c:f03:6003::0-2409:873c:f03:6003::ffff
2409:873c:f03:6004::0-2409:873c:f03:6004::ffff
2409:873c:f03:6005::0-2409:873c:f03:6005::ffff
2409:873c:f03:6006::0-2409:873c:f03:6006::ffff
2409:873c:f03:6007::0-2409:873c:f03:6007::ffff
2409:873c:f03:6008::0-2409:873c:f03:6008::ffff
2409:873c:f03:6009::0-2409:873c:f03:6009::ffff
2409:873c:f03:600a::0-2409:873c:f03:600a::ffff
240e:90c:2000:301::0-240e:90c:2000:301::ffff
240e:90e:2000:2006::0-240e:90e:2000:2006::ffff
240e:918:8008:1::0-240e:918:8008:1::ffff
240e:918:8008:2::0-240e:918:8008:2::ffff
240e:918:8008:3::0-240e:918:8008:3::ffff
240e:918:8008:4::0-240e:918:8008:4::ffff

其中59.83.212.*、218.92.139.*使用的工具为Taipei-Torrent dev。

为了大家复制方便,以上的IP屏蔽列表里已经加上了这部分规则。

由于作者已经更新QBEE到了4.6.4.10版本,其会无通知地自动屏蔽dt/torrent和Taipei-torrent的请求,因此之后除非该客户端改名,否则将不再主动提供涉及它们的新IP更新,欢迎大家继续向我反馈恶意地址(如通过B站私信或者动态评论区)。

此外以下IP可以加入黑名单,可自行仿照上文新建对应的规则(这部分IP正在待观察)

2409:8a1e:e23:85b0::8a8    # 2024-02-06 工具为Transmission,不汇报进度,下载超过文件大小,目前没有发现同IP段下有其它的恶意地址
2409:8a1e:e20:2f00::8a8    # 2024-02-27 工具为Transmission,不汇报进度,下载超过文件大小,目前没有发现同IP段下有其它的恶意地址
221.204.25.0-221.204.25.255    #2024-03-22 工具为BitComet 2.04,到90%多就从0%重新下载。
2002:ddcc:19cf::ddcc:0-2002:ddcc:19cf::ddcc:ffff    #同上

此外部分用户遇到了IPv4-mapped IPv6,即长的像::ffff:221.203.6.57这样的地址。这部分作者还需要测试,或者大家提供建议。

目前有人发现【::ffff:0:0-::ffff:ffff:ffff、::ffff:0.0.0.0-::ffff:255.255.255.255】这样,看似只屏蔽IPv4-mapped IPv6的规则,会导致所有IPv4地址被屏蔽,最好不要这么做,或者先测试一下再决定。

比如上文的221.203.6.57,可以用::ffff:221.203.6.0-::ffff:221.203.6.255再写一条规则。

为了大家复制方便,以上的IP屏蔽列表里已经加上了这部分规则。

对策C:对上传限速

注意这是一种治标不治本的策略,而且这种客户端吸血能力很强,有它在上传,基本上别的种子就很难有上传速度,失去了做种的意义。

对策D:使用工具辅助封禁

这里我使用了qBittorrent-ClientBlocker,把它放在本地,和QBEE一起执行。

工具地址:https://github.com/Simple-Tracker/qBittorrent-ClientBlocker

工具地址:PeerBanHelper

使用注意事项请详见项目说明,额外补充几点:

1、该策略可以和其它对策一起使用。
2、每次启动会清空已有的屏蔽地址黑名单,如有需要记得备份它,或者作为规则写入。
3、火绒、360的QVM引擎等部分杀毒软件会误报病毒,需要给它加个白名单,如有疑虑可以查看VirusTotal。其中3.1版的分析结果:https://www.virustotal.com/gui/file/857e67cc52c06723bd05332d045733f7ea9e308d887e1c086bae841511cc6ec6

暂无评论

发送评论 编辑评论 


				

			

						

				

					

						

							

								
							

							
						

					

				

				

					

						

							

								
							

							
						

					

				

				

					

						

							

								
							

							
							
															
													

					

				

			

			
			

				

					
				

			

				

											

							
							
						

																				
					
											
						

	

		
|´・ω・)ノ
ヾ(≧∇≦*)ゝ
(☆ω☆)
(╯‵□′)╯︵┴─┴
 ̄﹃ ̄
(/ω\)
∠( ᐛ 」∠)_
(๑•̀ㅁ•́ฅ)
→_→
୧(๑•̀⌄•́๑)૭
٩(ˊᗜˋ*)و
(ノ°ο°)ノ
(´இ皿இ`)
⌇●﹏●⌇
(ฅ´ω`ฅ)
(╯°A°)╯︵○○○
φ( ̄∇ ̄o)
ヾ(´・ ・`。)ノ"
( ง ᵒ̌皿ᵒ̌)ง⁼³₌₃
(ó﹏ò。)
Σ(っ °Д °;)っ
( ,,´・ω・)ノ"(´っω・`。)
╮(╯▽╰)╭
o(*////▽////*)q
>﹏<
( ๑´•ω•) "(ㆆᴗㆆ)
😂
😀
😅
😊
🙂
🙃
😌
😍
😘
😜
😝
😏
😒
🙄
😳
😡
😔
😫
😱
😭
💩
👻
🙌
🖕
👍
👫
👬
👭
🌚
🌝
🙈
💊
😶
🙏
🍦
🍉
😣
Source: github.com/k4yt3x/flowerhd
	

	

		
颜文字
Emoji
小恐龙
花!
	


									

			

			
			
		

	






上一篇
下一篇 

                    

                    
			        推荐文章
		            

		            

							
江苏通管局要求运营商不得以 PCDN 整治为由擅自关停用户宽带或降低速率

							
							

							
PT盒子教程&如何种子竞速刷流