Hi Am 19-May-18 um 16:28 schrieb starlight.201...@binnacle.cx: > Dirport is a handy convenience, but is not essential to proper > functioning of the network. Put a connection rate-limit on > dirport and it stopped the abuser cold. Dirport traffic went > from 15% of total back down to 1-2% where it belongs. > > Nonetheless the questions posed are valid. > > At 12:25 5/18/2018 -0400, starlight.201...@binnacle.cx wrote: >> Lately seeing escalating abuse traffic on the relay dirport, now up to 20k >> rotating source IP addresses per week. >>
It makes sense to rate limit (syn/sec) and connection limit Dirport usage. I do this since years. The smaller a relay is the more it suffers from excessive clients. Can we get the DOS mitigation to perform it? As long as I observe this issue it behaves like the Orport misuse in the near past. -- Cheers, Felix _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
