On Tuesday, 22 October 2024 19:24 Top wrote: > My tor relays[1] traffic decreased a lot and I think this *might* be > connected to some kind of DDOS attack. > So I wanted to use this situation to set up some DDOS protection. > For that I stumbled upon Enkidus tor DDOS mitigation script. [2] > However, this script is made for `iptables`, not `nftables`. > I use `firewalld` with `nftables` on my system, since this seems to be > the new default. [3] > I don't really know that much about firewalls, so this situation > overwhelms me a bit. > So how can I apply proper DDOS protection firewall rules whilst using > `nftables`? > Is there some easy way to modify the script to make it work? Nftables is just a single simple text file ;-) My nftables examples: https://github.com/boldsuck/tor-relay-bootstrap/tree/nft/etc It's actually the same thing that Bo posted here: https://gitlab.torproject.org/tpo/community/support/-/issues/40093 If you have an exit, surgprotector is more suitable. -- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom!
Attachment:
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays