feat(announcer): Added some disallowed ports by default (#1767)

* feat(announcer): Added some disallowed ports by default * Update announce.php
2025-08-20 13:24:01 -07:00 · 2025-01-16 16:29:04 +03:00 · 2025-01-16 16:29:04 +03:00 · 46288ec198
commit 46288ec198
parent a43085a659
2 changed files with 20 additions and 1 deletions
--- a/bt/announce.php
+++ b/bt/announce.php
@ -128,7 +128,9 @@ if (
    !isset($port)
    || !is_numeric($port)
    || ($port < 1024 && !$stopped)
-    || $port > 0xFFFF) {
+    || $port > 0xFFFF
    || (!empty($bb_cfg['disallowed_ports']) && in_array($port, $bb_cfg['disallowed_ports']))
 ) {
    msg_die('Invalid port: ' . $port);
 }
--- a/library/config.php
+++ b/library/config.php
@ -98,6 +98,23 @@ $bb_cfg['passkey_key'] = 'uk'; // Passkey key name in GET request
 $bb_cfg['ignore_reported_ip'] = false; // Ignore IP reported by client
 $bb_cfg['verify_reported_ip'] = true; // Verify IP reported by client against $_SERVER['HTTP_X_FORWARDED_FOR']
 $bb_cfg['allow_internal_ip'] = false; // Allow internal IP (10.xx.. etc.)
 $bb_cfg['disallowed_ports'] = [
    // https://github.com/HDInnovations/UNIT3D-Community-Edition/blob/c64275f0b5dcb3c4c845d5204871adfe24f359d6/app/Http/Controllers/AnnounceController.php#L53
    // Hyper Text Transfer Protocol (HTTP) - port used for web traffic
    8080,
    8081,
    // Kazaa - peer-to-peer file sharing, some known vulnerabilities, and at least one worm (Benjamin) targeting it.
    1214,
    // IANA registered for Microsoft WBT Server, used for Windows Remote Desktop and Remote Assistance connections
    3389,
    // eDonkey 2000 P2P file sharing service. http://www.edonkey2000.com/
    4662,
    // Gnutella (FrostWire, Limewire, Shareaza, etc.), BearShare file sharing app
    6346,
    6347,
    // Port used by p2p software, such as WinMX, Napster.
    6699,
 ];
 $bb_cfg['client_ban'] = [
    'enabled' => false,
    'only_allow_mode' => false,