
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
If somebody can tell me where to look...
You likely need to taylor your iptables rules to also log when you reject these connections: http://www.cyberciti.biz/tips/force-iptables-to-log-messages-to-a-different-...
This is a *very* dangerous thing for *any* relay to do. Does iptables have support for ‘counters’?
Yes, I first thought about a simple rule counting outgoing TCP SYN packets but I didn't suggest it because I thought there are better ways via the control port and as Mike said if you have already a connection to relay foo new circuits to using relay foo wont result in new connection attempts. you can count outgoing connection attempts to port 443 from tor like this: iptables -I OUTPUT -m owner --uid-owner yourtorUID -p tcp --syn --dport 443 Counter can be inspected by looking at the iptables -vL output. -----BEGIN PGP SIGNATURE----- iF4EAREKAAYFAk3qDeAACgkQyM26BSNOM7Y9HQEAqs0diu79m93mz5TjOZ8KPrEC I9uJeCQCoLZm0zV+N/8BAJ/JtKXsa7LeS5wqa9KahsXhTuJTMbvKsMC4rOFyyPHJ =bX+l -----END PGP SIGNATURE-----