8 Aug
2023
8 Aug
'23
7:21 a.m.
Few days ago the throughput of my Tor relay went down to nearly zero for about 3 minutes. It turned out that the reason (maybe) was a change here in my iptables rules. Especially I switched these 2 lines:
iptables -A INPUT -m conntrack --ctstate INVALID -j DROP iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
and run then few hours later into problems. And switched back ofc. An explanation for the dropdown was given in [1]. Given that the explanation is right:
How is the Tor application harmed if an attacker mangles packets so that the state of them are INVALID for the conntrack module but they do pass the RELATED,ESTABLISHED rule ?
[1] https://forums.gentoo.org/viewtopic-p-8798034.html -- Toralf