commit 21b347e291871ab89c140c9842f72cee76dd1c29 Author: Mike Perry mikeperry-git@torproject.org Date: Wed Apr 11 02:47:00 2018 +0000
doc: Fix typo and clarify that DoS options are relay only --- doc/tor.1.txt | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 8ce374c12..369cdb526 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -2412,7 +2412,8 @@ DENIAL OF SERVICE MITIGATION OPTIONS Tor has three built-in mitigation options that can be individually enabled/disabled and fine-tuned, but by default Tor directory authorities will define reasonable values for relays and no explicit configuration is required -to make use of these protections. The mitigations are: +to make use of these protections. The mitigations take place at relays, +and are as follows:
1. If a single client address makes too many concurrent connections (this is configurable via DoSConnectionMaxConcurrentCount), hang up on further @@ -2429,13 +2430,13 @@ to make use of these protections. The mitigations are: Tor2Web client), ignore the request.
These defenses can be manually controlled by torrc options, but relays will -also take guidance from consensus parameters, so there's no need to configure -anything manually. In doubt, do not change those values. +also take guidance from consensus parameters using these same names, so there's +no need to configure anything manually. In doubt, do not change those values.
The values set by the consensus, if any, can be found here: https://consensus-health.torproject.org/#consensusparams
-If any of the DoS mitigations are enabled, an heartbeat message will appear in +If any of the DoS mitigations are enabled, a heartbeat message will appear in your log at NOTICE level which looks like:
DoS mitigation since startup: 429042 circuits rejected, 17 marked addresses.