Hi there.
Today I installed qBittorrent 3.3.0, and I noticed at run time that qBittorrent was connecting to the following IP Addresses (I removed the irrelevant information from the netstat output):
$ netstat -tunaepc | grep -i qbittorrent
(Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.)
tcp 50.184.49.21:80 ESTABLISHED qbittorrent
tcp 97.74.205.114:80 ESTABLISHED qbittorrent
tcp 149.20.53.86:80 ESTABLISHED qbittorrent
tcp 188.138.70.92:80 ESTABLISHED qbittorrent
tcp6 2001:4f8:3:7:14::25:80 ESTABLISHED qbittorrent
Those are all BitTorrent Trackers from where qBittorrent attempts to download "favicon.ico" from and fails. I used TCPDump to find out what was happening in more detail (example: "# tcpdump -v -i eth0 dst 50.184.49.21 and port 80").
According to sledgehammer_999 (https://github.com/qbittorrent/qBittorrent/issues/4103), there isn't a way (yet) to disable the retrieval of the favicon.ico files from the BitTorrent Trackers, but on Linux there is a workaround (there probably are more methods than the one I'll describe here). One alternative would be to make your own favicon.ico file and redirect the requests to your local machine where it's stored.
IPTables:
1.
# iptables -F (flush all the current IPv4 rules)
# ip6tables -F (flush all the current IPv6 rules)
2.
# iptables -A OUTPUT -p tcp -d 50.184.49.21,97.74.205.114,149.20.53.86,188.138.70.92 --dport 80 -j REJECT
# ip6tables -A OUTPUT -p tcp -d 2001:4f8:3:7:14::25 --dport 80 -j REJECT
3.
# iptables -L -n -v (verify that the IPv4 rules are in place)
# ip6tables -L -n -v (verify that the IPv6 rules are in place)
To make the changes permanent, check your Linux distribution documentation on how to save IPTables rules permanently. One thing you should be aware of. TCP Port 80 is the default port for HTTP Servers, so whatever IP Addresses that are blocked (DROP/REJECT) for TCP Port 80 will be unreachable from your browser. It's a good way of testing if the rules are working.
After doing those commands, close qBittorrent, run netstat ($ netstat -tunaepc | grep -i qbittorrent) then run qBittorrent, and you'll notice that ESTABLISHED changed to SYN_SENT, and soon enough the IP Addresses will disappear from netstat. The reason they'll disappear is because I used REJECT. If you change REJECT to DROP, qBittorrent will not be notified by IPTables that those IP Addresses are being effectively dropped, and will continue to attempt to connect. With REJECT, IPTables informs the source IP Address (qBittorrent in this case) that the destination/port is unreachable.
Compass.