Re: [tor-relays] DDOS alerts from my provider

On Donnerstag, 8. August 2024 22:20:35 CEST eff_03675549@posteo.se wrote:

Hi Rafo,

My apologies for the late reply in your request for the code on banning tor exits into *GUARDS or middle-relays*

Before many people copy this, a note: A relay with exit flag is MOSTLY used for exit traffic but not ONLY. A Tor-exit can also act as a guard or middle relay in a circuit.

And especially .onion services are broken: All relays, including exits, can be Introduction & rendevous point, HSDir, EntryNodes, HSLayer2Nodes and HSLayer3Nodes in Onion Service Circuits.

Blocking relays should only happen in exceptional cases, e.g. DOS or DDoS. And then only dynamically, e.g. with IP/NFtables for 12-48 hours.