<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p><font size="-1"><font face="Arial">Hi Richie</font></font></p>
<p><font size="-1"><font face="Arial">I was a bit lost myself having
to deal with the scripts and additional packages to install.
So I put something together for myself based on the same rules
and added a few twists but in a simple text n00b proof format.
It's as simple as copy and paste and because it's all in clear
text, you can modify it without worrying about breaking any
script. My rules are a tad more strict but you can modify them
as you wish. But the concept is what @toralf has been
implementing with a few twists for efficiency's sake.<br>
</font></font></p>
<p><font size="-1"><font face="Arial">You can find them here:</font></font></p>
<p><font size="-1"><font face="Arial"><a class="moz-txt-link-freetext" href="https://github.com/Enkidu-6/tor-ddos">https://github.com/Enkidu-6/tor-ddos</a></font></font></p>
<p><font size="-1"><font face="Arial"><br>
</font></font></p>
<div class="moz-cite-prefix">On 10/3/2022 6:26 AM, Richie wrote:<br>
</div>
<blockquote type="cite"
cite="mid:9ead6575-36b9-677b-2581-c12b14ca45e6@zuviel.org">Hi,
toralf,
<br>
<br>
since i'm quite a n00b regarding iptables and shellscripts: are
there somewhere n00b-proof setup instructions for the ddos
protection scripts?
<br>
here: relay (schlafschaf) with the usual connection floods,
running on Kubuntu (latest LTS)
<br>
<br>
What i found out:
<br>
ipset is not installed per default, added via
<br>
sudo apt-get install iptables
<br>
Also installed as recommended: stem, jq
<br>
<br>
Trivial, nevertheless: edited the ORPort address on Line 122
<br>
Outcommented Lines 79-103 (hetzner, zwiebeltoralf only)
<br>
<br>
running the script results in output as with iptables -L,
containing
<br>
tcp dpt:443 #conn src/32 > 30
<br>
@ the "chain input ACCEPT" line
<br>
and no entries in the chain PREROUTUNG, OUTPUT, PREROUTING and
OUTPUT lines.
<br>
<br>
Strange: sudo watch ipv4-rules.sh results in
<br>
1: ipv4-rules.sh: not found
<br>
<br>
My apologies if its not the right place to ask.
<br>
greetz
<br>
Korrupt
<br>
<br>
Am 03.10.22 um 09:43 schrieb Toralf Förster:
<br>
<blockquote type="cite">On 9/30/22 17:57, Sandro Auerbach wrote:
<br>
<blockquote type="cite">30 minutes later still 22000
connections...
<br>
Have you observed something similar?
<br>
</blockquote>
<br>
I reduced those spikes [1] by using certain iptables rules [2].
<br>
<br>
<br>
[1] <a class="moz-txt-link-freetext" href="https://github.com/toralf/torutils/blob/main/sysstat.svg">https://github.com/toralf/torutils/blob/main/sysstat.svg</a>
<br>
[2] <a class="moz-txt-link-freetext" href="https://github.com/toralf/torutils">https://github.com/toralf/torutils</a>
<br>
<br>
<br>
_______________________________________________
<br>
tor-relays mailing list
<br>
<a class="moz-txt-link-abbreviated" href="mailto:tor-relays@lists.torproject.org">tor-relays@lists.torproject.org</a>
<br>
<a class="moz-txt-link-freetext" href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a>
<br>
</blockquote>
<br>
_______________________________________________
<br>
tor-relays mailing list
<br>
<a class="moz-txt-link-abbreviated" href="mailto:tor-relays@lists.torproject.org">tor-relays@lists.torproject.org</a>
<br>
<a class="moz-txt-link-freetext" href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a>
<br>
</blockquote>
</body>
</html>