On Fri, Oct 25, 2013 at 12:10 AM, Roger Dingledine arma@mit.edu wrote:
On Fri, Oct 25, 2013 at 12:43:42PM +0900, mett wrote:
Since yesterday, the kern.log of the relay I'm running is flooded with "TCP: drop open request from".
I first thought it was a kind of DDOS on our servers but it seems to be related to Tor (When I stop Tor, kernel doesn't complain anymore).
if you're in BSD-land.
It's a Linux message. Feed it to a search engine and you'll find several things to try depending on what the cause is. It shuts off either because Tor is attracting the syn's or the overall count is lower with Tor off, you'll have to tcpdump to see. Look into syn cookies, packet filter rules, and stack tuning.