Bravo List
Register
Go Back   > Bravo List > Source Code > Archived Trackers > xBTiT
Reply
  #11  
Old 26th September 2016, 12:46
firefly007's Avatar
firefly007 firefly007 is offline
SUPPORT GURU
 
Join Date: Jun 2010
P2P
Posts: 721
Default
This is what you do m8

create a subdomain and use it for your announce URL and have you site url on CloudFlare... Problem solved :)
__________________




Please Support Majority Report


You can contact me on Skype live:phesadent.elect but please let me know first.


If you are ever need me desperately then please email me at dan.oak44@gmail.com and I will contact u within a week.


Due to free time I'm able to help interested member's with their tracker.

Please Note!
Depending on your requests I will charge you for my assistance for Tracker installs and mods.
All my mods are custom and prices will very depending on the request.
I'm able to install any tracker and mods including themes.

Please PM me

Reply With Quote
  #12  
Old 29th September 2016, 13:34
TraceR's Avatar
TraceR TraceR is offline
BittyTorrent
 
Join Date: Mar 2015
Posts: 135
Default
Quote:
Originally Posted by firefly007 View Post
This is what you do m8

create a subdomain and use it for your announce URL and have you site url on CloudFlare... Problem solved :)
you think it will solve the solution you think ddosers are n00bs
Reply With Quote
  #13  
Old 13th October 2016, 13:59
Raful Raful is offline
Senior Member
 
Join Date: Aug 2015
Bangladesh
Posts: 69
Default
Quote:
Originally Posted by TraceR View Post
do you have cloudflare account go and login and show where do you have option to change port..
My Tracker announce url :


http://website.com/announce.php

I don't know what is thi port ?
and i can't find its port forward option in CF
Reply With Quote
  #14  
Old 13th October 2016, 19:04
DND DND is offline
VIP
 
Join Date: Dec 2008
Posts: 1,241
Default
if you use PHP announce what do you think the port is?
__________________
Need HELP!? I can install:

  1. Server/VPS (Debian,CentOS,Ubuntu,Fedora, FreeBSD) Optimization and ... + Modules
  2. Webserver Windows/Linux (Apache/Lighttpd/Nginx/Mysql/PhpMyAdmin/SSL) Optimization and ... + Modules
  3. Seedbox Windows/Linux (uTorrent,rTorrent,libTorrent,ruTorrent) + Modules
  4. Multiple source code engines
  5. Linux Server Administration (security, cryptography/encryption, proxy, load balancer, custom ddos firewall)
Reply With Quote
  #15  
Old 23rd March 2020, 20:44
fullcrumcake fullcrumcake is offline
Member
 
Join Date: Jul 2014
Posts: 6
Default XBT tracker on cloudflare using Nginx to help
I actually have my tracker behind Cloudflare because it helps with routing traffic for users with IPv6. If I wanted to I could add the DDOS protection as well but I use Page rules to bypass caching and a lot of other options.

Your page rules should look like this:

Code:
http://tracker.example.com:8080/*
    Cache Level: Bypass
and

Code:
http://tracker.example.com:2052/*
    Cache Level: Bypass

First you have to look up Cloudflares supported ports, use one that works for you. There's a list here:

By default, Cloudflare proxies traffic destined for the HTTP/HTTPS ports listed below.

HTTP ports supported by Cloudflare:

Code:
 80
    8080
    8880
    2052
    2082
    2086
    2095
HTTPS ports supported by Cloudflare:

Code:
443
    2053
    2083
    2087
    2096
    8443
Then you need to put Nginx in front of your torrent tracker. For example if you use Xbt Tracker you need to use Nginx rewrite like this, in "default.conf" or whatever you'd like to name it .conf in the conf.d folder:

Code:
server {

    listen       8080;

    server_name  localhost;
      location / {
      rewrite ^(.*)$ $1?ip=$remote_addr break; 
        proxy_pass http://127.0.0.1:2052/;
        proxy_redirect     off;
        proxy_set_header   Host                  $http_host;
    proxy_set_header   X-Real-IP        $remote_addr;
    proxy_set_header   X-Forwarded-For  $remote_addr;
    access_log off;
    log_not_found off;
      }
    }
Basically you would be running your tracker from port 2052 for example and then run Nginx proxied from port 8080. And then you would insert port 8080 in your torrents.

I think that's about it, you can look up how to add more options to Nginx like the amount of workers and keep alive time.

If you don't put Nginx in front of your tracker then the tracker will get all Cloudflare ip addresses and won't be able to communicate and track properly.

Also make another file in the Nginx conf.d folder called cloudflare.conf and put the following inside, this will allow you to get the real ips:

Code:
  set_real_ip_from 103.21.244.0/22;
    set_real_ip_from 103.22.200.0/22;
    set_real_ip_from 103.31.4.0/22;
    set_real_ip_from 104.16.0.0/12;
    set_real_ip_from 108.162.192.0/18;
    set_real_ip_from 131.0.72.0/22;
    set_real_ip_from 141.101.64.0/18;
    set_real_ip_from 162.158.0.0/15;
    set_real_ip_from 172.64.0.0/13;
    set_real_ip_from 173.245.48.0/20;
    set_real_ip_from 188.114.96.0/20;
    set_real_ip_from 190.93.240.0/20;
    set_real_ip_from 197.234.240.0/22;
    set_real_ip_from 198.41.128.0/17;

    set_real_ip_from 2400:cb00::/32;
    set_real_ip_from 2405:8100::/32;
    set_real_ip_from 2405:b500::/32;
    set_real_ip_from 2606:4700::/32;
    set_real_ip_from 2803:f800::/32;
    set_real_ip_from 2c0f:f248::/32;
    set_real_ip_from 2a06:98c0::/29;

    real_ip_header CF-Connecting-IP;

Enjoy. And monitor your database for the correct Ips to make sure it's working well.

Last edited by fullcrumcake; 23rd March 2020 at 20:57.
Reply With Quote
  #16  
Old 1st April 2020, 12:45
madness85 madness85 is offline
Senior Member
 
Join Date: Jun 2017
Posts: 17
Default
SSL
Code:
#Tracker
server {

    listen 2083 ssl;
    ssl_certificate /etc/letsencrypt/live/mysite.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/mysite.com/privkey.pem;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
    server_name  localhost;
      location / {
      rewrite ^(.*)$ $1?ip=$remote_addr break; 
        proxy_pass http://127.0.0.1:8080/;
        proxy_redirect     off;
        proxy_set_header   Host                  $http_host;
    proxy_set_header   X-Real-IP        $remote_addr;
    proxy_set_header   X-Forwarded-For  $remote_addr;
    access_log off;
    log_not_found off;
      }
    }
Ive been trying to do the same with apache by adding:

Code:
<VirtualHost *:444>
<Location />
   ProxyPreserveHost On
   ProxyPass http://mysite.xyz:2710/ retry=0
   ProxyPassReverse http://mysite.xyz:2710/
</Location>
SSLEngine On
        SSLCertificateFile /etc/letsencrypt/live/mysite.xyz/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/mysite.xyz/privkey.pem
        Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
Its running on both ports, but the peers show server IP. Tried adding mod_remoteip, but it not working.

Has anyone been able to do this?

Last edited by Thor; 1st April 2020 at 14:16. Reason: Don’t unnecessarily quote posts directly above your own
Reply With Quote
  #17  
Old 1st April 2020, 15:47
darkalchemy darkalchemy is offline
Administrator
 
Join Date: Dec 2017
United States
Posts: 101
Default
YMMV
Try this, it works with proxying xbt, but not tested with cloudflare:

Code:
    location ~ ^/(.*?)/announce$ {
        proxy_pass http://127.0.0.1:2710/$1/announce$is_args$args&ip=$remote_addr;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $remote_addr;
        proxy_pass_header Content-Type;
        proxy_pass_header Content-Disposition;
        proxy_pass_header Content-Length;
        proxy_buffering off;
        proxy_buffer_size 128k;
        proxy_busy_buffers_size 256k;
        proxy_buffers 4 256k;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $http_connection;

        real_ip_recursive on;
    }
nginx variables to explain those used above. You may or may not need all of those headers.

Last edited by darkalchemy; 1st April 2020 at 16:39. Reason: this is for xbt
Reply With Quote
  #18  
Old 16th May 2020, 23:05
fullcrumcake fullcrumcake is offline
Member
 
Join Date: Jul 2014
Posts: 6
Default
Quote:
Originally Posted by darkalchemy View Post
YMMV
Try this, it works with proxying xbt, but not tested with cloudflare:

Code:
    location ~ ^/(.*?)/announce$ {
        proxy_pass http://127.0.0.1:2710/$1/announce$is_args$args&ip=$remote_addr;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $remote_addr;
        proxy_pass_header Content-Type;
        proxy_pass_header Content-Disposition;
        proxy_pass_header Content-Length;
        proxy_buffering off;
        proxy_buffer_size 128k;
        proxy_busy_buffers_size 256k;
        proxy_buffers 4 256k;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $http_connection;

        real_ip_recursive on;
    }
nginx variables to explain those used above. You may or may not need all of those headers.
You don't want to use that code that you added. The code that I added is from the creator of the Xbt Tracker. And what it does is just rewrites all announces and scrapes to add the users ip in the string. This rewrite is needed because information is passing through Cloudflare and the users ip doesn't get passed on without this method.

I know this looks simple but that's all that's needed, trust me I've looked at what it does in the Xbt Tracker Access logs:


Code:
server {

    listen       8080;

    server_name  localhost;
      location / {
      rewrite ^(.*)$ $1?ip=$remote_addr break; 
        proxy_pass http://127.0.0.1:2052/;
        proxy_redirect     off;
        proxy_set_header   Host                  $http_host;
    proxy_set_header   X-Real-IP        $remote_addr;
    proxy_set_header   X-Forwarded-For  $remote_addr;
    access_log off;
    log_not_found off;
      }
    }
This is what it does:

Code:
servertime	(actual ip that's shown) = 127.0.0.1	(otherinfohere)	GET /users-passkey/announce?ip=users-ip-address-here&info_hash=users-hash-info&peer_id=-UT2210-&port=users-port-95865786767695&uploaded=0&downloaded=0&left=0&corrupt=0&key=59845y9ty8945y88&event=started&numwant=200&compact=1&no_peer_id=1&ipv6=users-ip-address-here HTTP/1.1
Reply With Quote
  #19  
Old 17th May 2020, 02:01
darkalchemy darkalchemy is offline
Administrator
 
Join Date: Dec 2017
United States
Posts: 101
Default
Why wouldn't I use the code I posted? I'm using it and it works as expected. My code proxies external https to internal http, so all external traffic is secure. Yours is http to http and it does not do the same thing.
Also, as posted by the author of xbt_tracker not all torrent clients include the ip address in the query string, my code adds it to the proxied url just in case it isn't already there.
And, I have logged the announce also, it looks like this
Code:
1589673357	127.0.0.1	37032	GET /blahblahblah/announce?info_hash=blahblahblah&peer_id=-qB4030-xRH7k*70(3me&port=8999&uploaded=0&downloaded=0&left=0&corrupt=0&key=6E012D46&event=stopped&numwant=0&compact=1&no_peer_id=1&supportcrypto=1&redundant=0&ip=ipaddress HTTP/1.0
I grant you that the buffers may not be needed, but I did google a bit and thats what I found to be recommended.

I have no issue with saying your code works, but I do have an issue with you saying mine does not.

In my searches, neither method (proxy_pass, rewrite) is recommended over the other, so it comes down to what you prefer. I could not find any evidence that one is faster than the other.
Reply With Quote
  #20  
Old 12th April 2021, 06:34
protocolprowler's Avatar
protocolprowler protocolprowler is offline
Member
 
Join Date: Aug 2020
Posts: 9
Default Trouble getting the real IP to XBT once proxied with NGINX
Quote:
Originally Posted by darkalchemy View Post
YMMV
Try this, it works with proxying xbt, but not tested with cloudflare:

Code:
    location ~ ^/(.*?)/announce$ {
        proxy_pass http://127.0.0.1:2710/$1/announce$is_args$args&ip=$remote_addr;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $remote_addr;
        proxy_pass_header Content-Type;
        proxy_pass_header Content-Disposition;
        proxy_pass_header Content-Length;
        proxy_buffering off;
        proxy_buffer_size 128k;
        proxy_busy_buffers_size 256k;
        proxy_buffers 4 256k;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $http_connection;

        real_ip_recursive on;
    }
nginx variables to explain those used above. You may or may not need all of those headers.

I've been successfully using XBT on my HTTPS Apache powered site for about a year now but only running HTTP on the tracker. Decided to finally attempt securing my tracker and do have client connections working but no matter which NGINX config I try XBT still keeps getting 127.0.0.1 on all client IPs seen from my XBT debug page. Any ideas on what I'm doing wrong? My NGINX config is below. Thanks


Code:
# START REV-PROXY CONF
server {
    listen 8443 ssl http2;
    server_name tracker.example.com;

    ssl_certificate /etc/letsencrypt/live/tracker.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/tracker.example.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/tracker.example.com/chain.pem;
    include snippets/ssl.conf;

    location / {
      rewrite ^(.*)$ $1?ip=$remote_addr break;
      proxy_pass http://127.0.0.1:4000/;
      proxy_redirect     off;
      proxy_set_header   Host             $http_host;
      proxy_set_header   X-Real-IP        $remote_addr;
      proxy_set_header   X-Forwarded-For  $remote_addr;
      access_log off;
      log_not_found off;
    }
}
# END REV-PROXY CONF
Below is what I see on my XBT debug page with NGINX Rev-Proxy.

IPv4 IPv6 Port UID Seeder Modified Peer ID
127.0.0.1:: 51159 398 0 12.1 minutes

127.0.0.1:: 20035 28 1 28.0 seconds


Any and all help anyone can provide is greatly appreciated. Thanks again.
Reply With Quote
Reply

Tags
cloudflare , tracker , xbt

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump



All times are GMT +2. The time now is 13:31. vBulletin skin by ForumMonkeys. Powered by vBulletin® Version 3.8.11 Beta 3
Copyright ©2000 - 2024, vBulletin Solutions Inc.