[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [torspec/master] tor-spec: Document DoS mitigation consensus param

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [torspec/master] tor-spec: Document DoS mitigation consensus param
From: nickm@xxxxxxxxxxxxxx
Date: Sat, 3 Mar 2018 16:55:38 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 03 Mar 2018 12:50:34 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-commits/>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: "auto: code repository commits" <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: David Goulet <dgoulet@xxxxxxxxxxxxxx>
Sender: "tor-commits" <tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx>

commit ed14d85d57cdcf0742040a57e9f0a75f69567482
Author: David Goulet <dgoulet@xxxxxxxxxxxxxx>
Date:   Tue Feb 13 09:44:07 2018 -0500

    tor-spec: Document DoS mitigation consensus param
    
    Closes #25095
    
    Signed-off-by: David Goulet <dgoulet@xxxxxxxxxxxxxx>
---
 dir-spec.txt | 41 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)

diff --git a/dir-spec.txt b/dir-spec.txt
index ece2991..bcfa62c 100644
--- a/dir-spec.txt
+++ b/dir-spec.txt
@@ -1995,6 +1995,47 @@
         Min 1. Max 10. Default 2.
         First-appeared: 0.3.3.0-alpha.
 
+        Denial of Service mitigation parameters. Introduced in 0.3.3.2-alpha:
+
+         "DoSCircuitCreationEnabled" -- Enable the circuit creation DoS
+         mitigation.
+
+         "DoSCircuitCreationMinConnections" -- Minimum threshold of concurrent
+         connections before a client address can be flagged as executing a
+         circuit creation DoS
+
+         "DoSCircuitCreationRate" -- Allowed circuit creation rate per second
+         per client IP address once the minimum concurrent connection
+         threshold is reached.
+
+         "DoSCircuitCreationBurst" -- The allowed circuit creation burst per
+         client IP address once the minimum concurrent connection threshold is
+         reached.
+
+         "DoSCircuitCreationDefenseType" -- Defense type applied to a detected
+         client address for the circuit creation mitigation.
+
+            1: No defense.
+            2: Refuse circuit creation for the
+               DoSCircuitCreationDefenseTimePeriod period.
+
+         "DoSCircuitCreationDefenseTimePeriod" -- The base time period that
+         the DoS defense is activated for.
+
+         "DoSConnectionEnabled" -- Enable the connection DoS mitigation.
+
+         "DoSConnectionMaxConcurrentCount" -- The maximum threshold of
+         concurrent connection from a client IP address.
+
+         "DoSConnectionDefenseType" -- Defense type applied to a detected
+         client address for the connection mitigation. Possible values are:
+
+            1: No defense.
+            2: Immediately close new connections.
+
+         "DoSRefuseSingleHopClientRendezvous" -- Refuse establishment of
+         rendezvous points for single hop clients.
+
     "shared-rand-previous-value" SP NumReveals SP Value NL
 
         [At most once]



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [tor/release-0.2.9] Merge remote-tracking branch 'catalyst-github/bug25388-025' into maint-0.2.5
Next by Author: [tor-commits] [tor/master] Merge branch 'maint-0.3.2' into maint-0.3.3
Previous by thread: [tor-commits] [tor/release-0.3.3] Remove the old ("deterministic") download schedule.
Next by thread: [tor-commits] [tor/release-0.3.3] Remove MaxDownloadTries options from the manpage
Index(es):
- Author
- Thread