On 7/10/22 22:28, Logforme wrote:
A week ago I implemented connection limits per Toralf's post: iptables -A INPUT -p tcp --destination-port 443 -m connlimit --connlimit-mask 32 --connlimit-above 30 -j DROP This reduced the number of connections to about 10000.
I just now noticed that the relay is flagged as overloaded. What to do? Decrease the connection limit from 32 to .. what? Decrease my RelayBandwidthRate even more? Seems like giving in to the DoSer.
There're still about 200-300 VPS systems DDoS'ing my 2 Tor relays. The iptables rule halfs the pressure. I could nearly fully stop the DDoS by using [1].
[1] https://github.com/toralf/torutils/blob/master/ddos-inbound.sh