On 7/10/22 22:28, Logforme wrote:
A week ago I implemented connection limits per Toralf's post:iptables -A INPUT -p tcp --destination-port 443 -m connlimit --connlimit-mask 32 --connlimit-above 30 -j DROPThis reduced the number of connections to about 10000. I just now noticed that the relay is flagged as overloaded. What to do? Decrease the connection limit from 32 to .. what?Decrease my RelayBandwidthRate even more? Seems like giving in to the DoSer.
There're still about 200-300 VPS systems DDoS'ing my 2 Tor relays. The iptables rule halfs the pressure. I could nearly fully stop the DDoS by using [1]. [1] https://github.com/toralf/torutils/blob/master/ddos-inbound.sh -- Toralf
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays