Topic: Ban Bitcoin XT connections to my node? - page 3. (Read 2747 times)
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
bip 101 strikes fear into the hearts of paranoid bitcoiners.
Oh no blacklisting is so bad.... 
Bunch of hypocrites.
Bunch of hypocrites.
Ironic isn't it?
BitcoinXT reminds me of the early days of bitcoin ....
You know when you get blacklisted and blocked by financial institutions.
It all starts like this. First they ignore you, then they fight you...
BTW OP what you're doing is nothing compared to the piece of shit who is DDoSing XTnodes.
Fill in ban list
This one should be done periodically
Code:
[root@localhost ~]# grep BitcoinXT /var/log/kern.log | perl -e 'while (<>) { if (/SRC=(\d+\.\d+\.\d+\.\d+)/) {print "$1\n";} }' | sort | uniq -u | xargs -L 1 ipset add bitcoinxt
[root@localhost ~]# ipset list
Name: bitcoinxt
Type: hash:ip
Header: family inet hashsize 1024 maxelem 65536 timeout 0
Size in memory: 8588
References: 1
Members:
95.52.18.154 timeout 0
31.162.118.16 timeout 0
188.18.202.245 timeout 0
92.37.204.174 timeout 0
92.37.173.6 timeout 0
95.37.186.63 timeout 0
86.102.161.110 timeout 0
178.44.216.148 timeout 0
195.78.126.113 timeout 0
92.49.177.97 timeout 0This one should be done periodically
Code:
grep BitcoinXT /var/log/kern.log | perl -e 'while (<>) { if (/SRC=(\d+\.\d+\.\d+\.\d+)/) {print "$1\n";} }' | sort | uniq -u | xargs -L 1 ipset add bitcoinxt
Now drop blacklisted IP using firewall
Code:
iptables -A INPUT -m set --set bitcoinxt src -j DROP
Oh no blacklisting is so bad....
Bunch of hypocrites.
Bunch of hypocrites.
Ironic isn't it?
Now create ipset
Code:
# ipset create bitcoinxt iphash timeout 0
petition to sticky this thread lol.
Supporting sticky thread. Those parasitic Altcoin nodes are trying to suck bandwidth resources out of the Bitcoin network.
Oh no blacklisting is so bad....
Bunch of hypocrites.
Bunch of hypocrites.
I hope you people feel "safe" now.
Got a list!
Code:
# grep BitcoinXT /var/log/kern.log | perl -e 'while (<>) { if (/SRC=(\d+\.\d+\.\d+\.\d+)/) {print "$1\n";} }' | sort | uniq -u
188.18.202.245
195.78.126.113
86.102.161.110
92.49.177.97
Fuck the windows.
Okay, I put this:
Now need a way to extract logged IP and put it to ipset
Got log entry, found asshole 188.18.202.245
Okay, I put this:
Code:
iptables -A INPUT -p tcp -m tcp --dport 8333 -m string --string "Bitcoin XT" --algo bm --to 65535 -j LOG --log-prefix "BitcoinXT" --log-level 1
Now need a way to extract logged IP and put it to ipset
Got log entry, found asshole 188.18.202.245
Code:
BitcoinXTIN=eth0 OUT= MAC=XXX SRC=188.18.202.245 DST=XXMYIPXX LEN=172 TOS=0x00 PREC=0x00 TTL=56 ID=64279 DF PROTO=TCP SPT=35311 DPT=8333 WINDOW=2840 RES=0x00 ACK PSH URGP=0
petition to sticky this thread lol.
Fuck the windows.
Okay, I put this:
Now need a way to extract logged IP and put it to ipset
Got log entry, found asshole 188.18.202.245
Okay, I put this:
Code:
iptables -A INPUT -p tcp -m tcp --dport 8333 -m string --string "Bitcoin XT" --algo bm --to 65535 -j LOG --log-prefix "BitcoinXT" --log-level 1
Now need a way to extract logged IP and put it to ipset
Got log entry, found asshole 188.18.202.245
Code:
BitcoinXTIN=eth0 OUT= MAC=XXX SRC=188.18.202.245 DST=XXMYIPXX LEN=172 TOS=0x00 PREC=0x00 TTL=56 ID=64279 DF PROTO=TCP SPT=35311 DPT=8333 WINDOW=2840 RES=0x00 ACK PSH URGP=0
Depends on the OS. It's very easy if you use Windows.
Is there any effective way to do this?
UPDATE. Found solution.
All paths are according to CeontOS 7. If you have different distrib, change paths.
This goes to autostart:
This goes to /etc/cron.hourly/bitcoinxt
Also
This goes to iptables
Dont forget to
UPDATE. Found solution.
All paths are according to CeontOS 7. If you have different distrib, change paths.
This goes to autostart:
Code:
echo "/usr/bin/ipset create bitcoinxt iphash timeout 0" >> /etc/rc.local
This goes to /etc/cron.hourly/bitcoinxt
Code:
#!/bin/bash
/bin/grep BitcoinXT /var/log/kern.log | /usr/bin/perl -e 'while (<>) { if (/SRC=(\d+\.\d+\.\d+\.\d+)/) {print "$1\n";} }' | /bin/sort | /usr/bin/uniq -u | /usr/bin/xargs -L 1 ipset -exist add bitcoinxt
Also
Code:
# chmod 755 /etc/cron.hourly/bitcoinxt
This goes to iptables
Code:
iptables -A INPUT -m set --set bitcoinxt src -j DROP
iptables -A INPUT -p tcp -m tcp --dport 8333 -m string --string "Bitcoin XT" --algo bm --to 65535 -j LOG --log-prefix "BitcoinXT" --log-level 1
iptables -A OUTPUT -m set --match-set bitcoinxt dst -j DROP
Dont forget to
Code:
/etc/init.d/iptables save
Jump to: