On 11/8/22 10:57, Chris wrote:
The main reason is that a simple SYN flood can quickly fill up your
conntrack table and then legitimate packets are quietly dropped and you
won't see any problems thinking everything is perfect with your server
unless you dig into your system logs.
Hhm, my system log doesn't show any problems, maybe due to (or
regardless of?):
CONFIG_SYN_COOKIES=y
?
Nevertheless, I updated the Readme to explain my point of view [1] [2].
[1] https://github.com/toralf/torutils#block-ddos-traffic
[2] https://github.com/toralf/torutils#rule-set
--
Toralf
_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
