[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] many connections

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] many connections
From: Richie <richie@xxxxxxxxxx>
Date: Mon, 3 Oct 2022 12:26:24 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 03 Oct 2022 18:28:24 -0400
In-reply-to: <51b8de59-06b6-6a10-1afb-f2a7b87dc540@gmx.de>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <6d2fb6ea-37c9-4c59-cd0a-5773f3ce122c@gmail.com> <51b8de59-06b6-6a10-1afb-f2a7b87dc540@gmx.de>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.11.0

Hi, toralf,

since i'm quite a n00b regarding iptables and shellscripts: are theresomewhere n00b-proof setup instructions for the ddos protection scripts?here: relay (schlafschaf) with the usual connection floods, running onKubuntu (latest LTS)


What i found out:
ipset is not installed per default, added via
sudo apt-get install iptables
Also installed as recommended: stem, jq

Trivial, nevertheless: edited the ORPort address on Line 122
Outcommented Lines 79-103 (hetzner, zwiebeltoralf only)

running the script results in output as with iptables -L, containing
tcp dpt:443 #conn src/32 > 30
@ the "chain input ACCEPT" line
and no entries in the chain PREROUTUNG, OUTPUT, PREROUTING and OUTPUT lines.

Strange: sudo watch ipv4-rules.sh results in
1: ipv4-rules.sh: not found

My apologies if its not the right place to ask.
greetz
Korrupt

Am 03.10.22 um 09:43 schrieb Toralf Förster:

On 9/30/22 17:57, Sandro Auerbach wrote:

30 minutes later still 22000 connections...
Have you observed something similar?


I reduced those spikes [1] by using certain iptables rules [2].


[1] https://github.com/toralf/torutils/blob/main/sysstat.svg
[2] https://github.com/toralf/torutils


_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] many connections
  - From: Toralf Förster
- Re: [tor-relays] many connections
  - From: Chris

References:
- [tor-relays] many connections
  - From: Sandro Auerbach
- Re: [tor-relays] many connections
  - From: Toralf Förster

Prev by Author: Re: [tor-relays] many connections
Next by Author: Re: [tor-relays] many connections
Previous by thread: Re: [tor-relays] many connections
Next by thread: Re: [tor-relays] many connections
Index(es):
- Author
- Thread