Ban Bitcoin XT connections to my node?

[masterluc]

Is there any effective way to do this?

UPDATE. Found solution.

All paths are according to CeontOS 7. If you have different distrib, change paths.

This goes to autostart:

Code:

echo "/usr/bin/ipset create bitcoinxt iphash timeout 0" >> /etc/rc.local

This goes to /etc/cron.hourly/bitcoinxt

Code:

#!/bin/bash
/bin/grep BitcoinXT /var/log/kern.log | /usr/bin/perl -e 'while (<>) { if (/SRC=(\d+\.\d+\.\d+\.\d+)/) {print "$1\n";} }' | /bin/sort | /usr/bin/uniq -u | /usr/bin/xargs -L 1 ipset -exist add bitcoinxt

Also

Code:

# chmod 755 /etc/cron.hourly/bitcoinxt

This goes to iptables

Code:

iptables -A INPUT -m set --set bitcoinxt src -j DROP
iptables -A INPUT -p tcp -m tcp --dport 8333 -m string --string "Bitcoin XT" --algo bm --to 65535 -j LOG --log-prefix "BitcoinXT" --log-level 1
iptables -A OUTPUT -m set --match-set bitcoinxt dst -j DROP

Dont forget to

Code:

/etc/init.d/iptables save

[Holliday]

Depends on the OS. It's very easy if you use Windows.

[masterluc]

Fuck the windows.

Okay, I put this:

Code:

iptables -A INPUT -p tcp -m tcp --dport 8333 -m string --string "Bitcoin XT" --algo bm --to 65535 -j LOG --log-prefix "BitcoinXT" --log-level 1 

Now need a way to extract logged IP and put it to ipset

Got log entry, found asshole 188.18.202.245

Code:

BitcoinXTIN=eth0 OUT= MAC=XXX SRC=188.18.202.245 DST=XXMYIPXX LEN=172 TOS=0x00 PREC=0x00 TTL=56 ID=64279 DF PROTO=TCP SPT=35311 DPT=8333 WINDOW=2840 RES=0x00 ACK PSH URGP=0 

[Carlton Banks]

Fuck the windows.

Okay, I put this:

Code:

iptables -A INPUT -p tcp -m tcp --dport 8333 -m string --string "Bitcoin XT" --algo bm --to 65535 -j LOG --log-prefix "BitcoinXT" --log-level 1 

Now need a way to extract logged IP and put it to ipset

Got log entry, found asshole 188.18.202.245

Code:

BitcoinXTIN=eth0 OUT= MAC=XXX SRC=188.18.202.245 DST=XXMYIPXX LEN=172 TOS=0x00 PREC=0x00 TTL=56 ID=64279 DF PROTO=TCP SPT=35311 DPT=8333 WINDOW=2840 RES=0x00 ACK PSH URGP=0 

petition to sticky this thread lol.

[masterluc]

Got a list!

Code:

# grep BitcoinXT /var/log/kern.log | perl -e 'while (<>) { if (/SRC=(\d+\.\d+\.\d+\.\d+)/) {print "$1\n";} }' | sort | uniq -u
188.18.202.245
195.78.126.113
86.102.161.110
92.49.177.97

[knight22]

I hope you people feel "safe" now. 

[meono]

Oh no blacklisting is so bad....


Bunch of hypocrites.

[IIOII]

petition to sticky this thread lol.

Supporting sticky thread. Those parasitic Altcoin nodes are trying to suck bandwidth resources out of the Bitcoin network.

[masterluc]

Now create ipset

Code:

# ipset create bitcoinxt iphash timeout 0

[knight22]

Oh no blacklisting is so bad....


Bunch of hypocrites.

Ironic isn't it? 

[masterluc]

Now drop blacklisted IP using firewall

Code:

iptables -A INPUT -m set --set bitcoinxt src -j DROP

[masterluc]

Fill in ban list

Code:

[root@localhost ~]# grep BitcoinXT /var/log/kern.log | perl -e 'while (<>) { if (/SRC=(\d+\.\d+\.\d+\.\d+)/) {print "$1\n";} }' | sort | uniq -u | xargs -L 1 ipset add bitcoinxt 
[root@localhost ~]# ipset list
Name: bitcoinxt
Type: hash:ip
Header: family inet hashsize 1024 maxelem 65536 timeout 0 
Size in memory: 8588
References: 1
Members:
95.52.18.154 timeout 0
31.162.118.16 timeout 0
188.18.202.245 timeout 0
92.37.204.174 timeout 0
92.37.173.6 timeout 0
95.37.186.63 timeout 0
86.102.161.110 timeout 0
178.44.216.148 timeout 0
195.78.126.113 timeout 0
92.49.177.97 timeout 0

This one should be done periodically

Code:

grep BitcoinXT /var/log/kern.log | perl -e 'while (<>) { if (/SRC=(\d+\.\d+\.\d+\.\d+)/) {print "$1\n";} }' | sort | uniq -u | xargs -L 1 ipset add bitcoinxt

[meono]

Oh no blacklisting is so bad....


Bunch of hypocrites.

Ironic isn't it? 

BitcoinXT reminds me of the early days of bitcoin ....

You know when you get blacklisted and blocked by financial institutions.

It all starts like this. First they ignore you, then they fight you...

BTW OP what you're doing is nothing compared to the piece of shit who is DDoSing XTnodes.

[jonald_fyookball]

bip 101 strikes fear into the hearts of paranoid bitcoiners. 

[meono]

Fill in ban list

Code:

[root@localhost ~]# grep BitcoinXT /var/log/kern.log | perl -e 'while (<>) { if (/SRC=(\d+\.\d+\.\d+\.\d+)/) {print "$1\n";} }' | sort | uniq -u | xargs -L 1 ipset add bitcoinxt 
[root@localhost ~]# ipset list
Name: bitcoinxt
Type: hash:ip
Header: family inet hashsize 1024 maxelem 65536 timeout 0 
Size in memory: 8588
References: 1
Members:
95.52.18.154 timeout 0
31.162.118.16 timeout 0
188.18.202.245 timeout 0
92.37.204.174 timeout 0
92.37.173.6 timeout 0
95.37.186.63 timeout 0
86.102.161.110 timeout 0
178.44.216.148 timeout 0
195.78.126.113 timeout 0
92.49.177.97 timeout 0

This one should be done periodically

Code:

grep BitcoinXT /var/log/kern.log | perl -e 'while (<>) { if (/SRC=(\d+\.\d+\.\d+\.\d+)/) {print "$1\n";} }' | sort | uniq -u | xargs -L 1 ipset add bitcoinxt

You know you should write " hundreds thousands lines of code" (hi ! Turtlehuricane ) as a new blacklisting feature for the next version of bitcoin core.

Gotta love to read how the hypocrites pos in here defend their god given bitcoin rule.

[LiteCoinGuy]

to ban it is very silly.

i recommend this podcast with gavin:

https://epicenterbitcoin.com/podcast/094/

[poeEDgar]

Oh no blacklisting is so bad....

Bunch of hypocrites.

Huh? If you were actually reading the TOR IP list thread, one of the recurring arguments is that it's fine for nodes to individually ban IPs that are attacking them (obviously), but that it's unnecessary to introduce a centralized, trusted list of such IPs.

There is nothing wrong with people in this thread individually banning IPs that they don't want connecting to them. There is nothing centralized or trust-adding about that.

[knight22]

Oh no blacklisting is so bad....

Bunch of hypocrites.

Huh? If you were actually reading the TOR IP list thread, one of the recurring arguments is that it's fine for nodes to individually ban IPs that are attacking them (obviously), but that it's unnecessary to introduce a centralized, trusted list of such IPs.

There is nothing wrong with people in this thread individually banning IPs that they don't want connecting to them. There is nothing centralized or trust-adding about that.

True that. XT just like Core is supposed to stand on its own regardless of bad actors.

[masterluc]

Ah, of course outgoing connections

Code:

iptables -A OUTPUT -m set --match-set bitcoinxt dst -j DROP

The result:

Code:

[root@localhost ~]# ping 95.52.18.154
PING 95.52.18.154 (95.52.18.154) 56(84) bytes of data.
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted
^C
--- 95.52.18.154 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4524ms

[root@localhost ~]# ping 178.44.216.148
PING 178.44.216.148 (178.44.216.148) 56(84) bytes of data.
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted
^C

Sorry guys, I have only 64 connections and don't want to waste them for XT

[Holliday]

Oh no blacklisting is so bad....

Bad: Client tells individual which information will be shared with whom.

Good: Individual tells client which information will be shared with whom.

Let's not be intentionally obtuse and conflate the two.