But I'm sure you know more about the technical details of torrenting than the QBittorrent developers.
Works really well on a small machine. Start aria2 as a service in systemd tied to a user with some basic isolation (or put it in a Docker container!)
[1] https://github.com/aria2/aria2 [2] https://github.com/mayswind/AriaNg
It's fine, I guess. QBittorrent is just much more powerful and stable.
When I saw that in the ipleak after seeding something to my private server I was in awe; that good software like this would allow something like that.
Note that this can still leak traffic like DNS requests via domain sockets that connect to a handler outside the namespace. The New Namespace Solution on that page should prevent that I think if you want to route all traffic through the vpn by default.
You do not have to rely on the qbittorrent client to do any proxying. Turn that setting off.
A wireguard VPN is literally a network that you can route traffic through. If you can somehow force qbittorrent to route all its traffic through a wireguard interface and not your wifi/eth interface, you wont need the proxy settings as your IP will be hidden by virtue of you using the wireguard network rather than your home network.
I will say, I don’t have a ‘standard’ setup with qBittorrent and a VPN provider, so I’ll share some details in hopes that it will be useful to someone.
I use qBittorrent in headless mode with the web interface- so it’s running on a little server within docker. The docker compose has two services, one WireGuard (lscr.io/linuxserver/wireguard) the other qBittorrent (lscr.io/linuxserver/qbittorrent). The qBittorrent service has ‘network_mode: service:WireGuard’ so that it uses the WireGuard network. I’ve got WireGuard all setup with my VPN provider.
While all that should theoretically be all you need, I also configure qBittorrent to use my VPN’s SOCKS5 proxy. This acts as a great safeguard, if the VPN isn’t functioning, then the proxy auth will fail and will act as a kill switch to qbittorrent. Be sure to configure qBittorrent to use the proxy for everything (I can’t remember if this is default or not).
If we're actually talking proxies: If you enable UDP-based protocols, it's very hard to avoid IP leaking. A surprising amount of clients just don't support proxying UDP at at all, or misbehave in various ways.
Word of advice: Set up the torrent client in a dedicated VM (or box) and set it up on kernel-level to route all its traffic through a separate VM(/box), which itself connects to the VPN (Wireguard,OVPN or what-have-you) and forwards traffic. It sounds complex but is robust and avoids a lot of potential pitfalls.
Reliably routing P2P UDP traffic with container networks is a fool's errand so I wouldn't recommend Docker networks (ofc fine to run the container with network=host tho)
https://github.com/qdm12/gluetun
With this it is not much effort to set up qbittorrent in a privacy secure way.
services:
vpncontainer:
image: <whatever>
container_name: vpncontainer
cap_add: [NET_ADMIN]
vpn-qbittorrent:
image: lscr.io/linuxserver/qbittorrent:latest
container_name: vpn-qbittorrent
network_mode: service:vpncontainer
# and optionally, for other purposes, not qbittorrent above
vpn-socks:
image: serjs/go-socks5-proxy
container_name: vpn-socks
network_mode: service:vpncontainer
# environments, volumes, ports, systctls, port-fwd helpers omitted
If you verify that it behaves like you intend (dump network traffic and make sure packets go where they should over some reasonable timespan and across restarts) and ideally are prepared to file issue for any bug you come across (clears throat) definitely don't let me dissuade you from trying, though. It _should_ work.
( again, IIRC )
Question is, of course, how many release groups, public and private trackers are supporting this feature?
https://medium.com/@kyodo-tech/bittorrent-protocol-v2-and-dy...
https://www.bittorrent.org/beps/bep_0046.html
Right, like in all decentralized systems, ensuring that all parts are working together is a challenge. Thanks for this.
https://www.ghacks.net/2022/01/08/bittorrent-client-qbittorr...
For example (say) a 2024 Season release torrent of Free-To-Air Australian Media Watch that updates each week with additional (weekly) episodes and corrected subtitles as they're improved
(typically three waves of subtitles- "Live to air" real time lagging subtitles with errors; then corrected and tightened subtitles, and lastly 'perfect' subs with precise syncing and no [undeciphered mumble])
The tooling is there, the community support and uptake is still lagging.
Alternatively, it can just have the old torrent file in the new torrent: Many clients support recursive downloading, it will then recognize that it already has the old torrent, and won't re-download.