On Samstag, 22. Oktober 2022 22:40:38 CEST Toralf Förster wrote:
On 10/21/22 22:09, Alexander Dietrich wrote:
This is still experimental, so if you decide to give the script a try, please keep an eye on it.
IMO a "reload tor" is fully sufficient and should be preferrred over "restart", or ?
Years ago I wrote a bash script, which created for an ip to be blocked just an own file. Such a file can be easily removed and then tor reloaded to unblock that ip ;)
Just tested because Applied Privacy and I have the problem that the exit policy rules do not work with some IPs¹. Last night at 10pm: IP 79.137.192.228 had 500k connections. Added the IP to the exit policy and reloaded tor. Policy in that order: ExitPolicy reject 79.137.192.228/32:* ExitPolicy reject *:22 ExitPolicy reject *:25 ExitPolicy accept *:* 12 hours later the IP still has over 100k connections. -> systemctl restart tor 1 hour later the IP has 0 connections :-) ¹https://gitlab.torproject.org/tpo/core/tor/-/issues/40676 -- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom!