[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
From: Quintin <tor-admin@portaltodark.world>
Date: Fri, 26 Jan 2018 05:37:05 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 26 Jan 2018 00:37:35 -0500
In-reply-to: <66a3a502-6292-9cef-8dab-bca31ba094d5@riseup.net>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <6b6c355f-dffb-26eb-5135-814d4a7e3d6e@riseup.net> <CACKQKwOVxc8np+d_CasiRGiRVAcsi2+FP=Yx6BVfOUVaVhSi0g@mail.gmail.com> <8a7ad7ad-cc65-23bf-edce-147306f72c81@riseup.net> <CACKQKwOCfLYpjwQoQ4GgCnoujw4LV4kKeH2gW7Xuj1mitaUxiA@mail.gmail.com> <26092435-5a5e-14df-3b6c-98290b6f280b@riseup.net> <CACKQKwNYi4sFHb=_6qTMDSntSRCm8JGt-kAtHPdgxMeDxbRGqA@mail.gmail.com> <6e3414ab-12ef-20ba-9a79-2579a5285436@riseup.net> <CACKQKwNOeoUgR7DmVmgRgA6hwQu-NP0RQQ2cA2+1sh8NeTaCJg@mail.gmail.com> <6eea237a-07f5-f855-10c5-02f5faaee716@riseup.net> <CACKQKwNu5pTmMpfDOopJRexUF3TszHd779b_mNDQOmC5R6+UFA@mail.gmail.com> <59f08b06-4318-f236-c00f-09dc844a4072@riseup.net> <CAHZ_AjvfAwx3CQDF+Z8L719s1c6cx+ABShqG-=fqVCJem7sjjQ@mail.gmail.com> <CACKQKwOko=d9UzM_UeR58oaZxA4AHp79enU=crvpvfpt=z8ezA@mail.gmail.com> <66a3a502-6292-9cef-8dab-bca31ba094d5@riseup.net>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

Hi nusenu,

Server has now been unsuspended, and is back online. You asked "do you require a stateful packet filter?". Do you mean to disable conntrack?

I have removed all my connection tracking iptables entries. My iptables looks like this now. Will keep an eye on it now.

*filter

:INPUT ACCEPT [0:0]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [6716:3141641]

-A INPUT -p icmp -j ACCEPT

-A INPUT -i lo -j ACCEPT

-A INPUT -s x.x.x.x -p tcp -m comment --comment SSH -m tcp --dport 22 -j ACCEPT

-A INPUT -p tcp -m comment --comment Tor -m tcp --dport 80 -j ACCEPT

-A INPUT -p tcp -m comment --comment Tor -m tcp --dport 443 -j ACCEPT

-A INPUT -j DROP

-A FORWARD -j DROP

COMMIT

Quintin

On Wed, Jan 24, 2018 at 9:15 PM nusenu <nusenu-lists@xxxxxxxxxx> wrote:

Quintin:
> Seems my VPS got suspended when I increased the connlimit above 10000. Do
> you think my INPUT filters which use conntrack could have caused this issue?

You did confirm that already, no?

--
https://mastodon.social/@nusenu
twitter: @nusenu_

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

0101100101000001010010000101011101000101010010000010000001000010

0100110001000101010100110101001100100000010110010100111101010101

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
  - From: nusenu

References:
- Re: [tor-relays] Assigning BadExit to Exits failing to resolve hostnames starting on 2018-01-15
  - From: nusenu
- [tor-relays] debugging unbound on 'torexit' failing DNS queries
  - From: nusenu
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries
  - From: Quintin
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries
  - From: nusenu
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries
  - From: Quintin
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries
  - From: nusenu
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries
  - From: Quintin
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
  - From: nusenu
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
  - From: eric gisse
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
  - From: Quintin
- Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
  - From: nusenu

Prev by Author: Re: [tor-relays] unreplied conntrack sessions
Next by Author: [tor-relays] unreplied conntrack sessions
Previous by thread: Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
Next by thread: Re: [tor-relays] debugging unbound on 'torexit' failing DNS queries (solved)
Index(es):
- Author
- Thread