> Suggestion: DoSCircuitCreationMinConnections=1 be established in consensus
The man page for the above option says: "Minimum threshold of concurrent connections before a client address can be flagged as executing a circuit creation DoS. In other words, once a client address reaches the circuit rate and has a minimum of NUM concurrent connections, a detection is positive. "0" means use the consensus parameter. If not defined in the consensus, the value is 3. (Default: 0)" Reading this, I get the impression that lowering the value to 1 would negatively impact clients behind carrier NAT. Isn't that the case? If we only allow 1 concurrent connection per IP, wouldn't that prevent multiple users behind a single IP? I would think the same problem would apply to lowering DoSConnectionMaxConcurrentCount as well (which I think is currently 50 in the consensus, but I've seen suggestions to lower it to 4). Am I misunderstanding? _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
