Then they are modified, or ?
You don't know that, and Tor has code to defend against such attacks, both limiting concurrent requests, creating too many circuits and putting a threshold on connect() aka TCP SYN packets, the latter though only being available on 0.4.6.1-alpha or later.
https://gitlab.torproject.org/tpo/core/tor/-/issues/40253
I'd advise against such firewall rules and let tor handle it.
- William
On 24/02/2021, Toralf Förster toralf.foerster@gmx.de wrote:
On 2/22/21 7:29 PM, William Kane wrote:
A hard limit of 9 might be a little too low - then again, a legit, unmodified tor binary would hold it's TCP connection established for as long as needed -
Hhm, I'm really under the impression that even 5 or 4 should be enough. If a client connects more often than every 15 seconds to its guard or a relay opens a conenction for more often than 4x per minute to another relay - then they are modified, or ?
-- Toralf _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays