Hi,
On 16 Aug 2019, at 04:22, potlatch potlatch@protonmail.com wrote:
One question remains: At any time I look there are 20-150 Iranian IP addresses trying to access the Tor server. Their IP range is from 5.113.x.x to 5.126.x.x. None have hashed fingerprints. Is it okay to let these guys go? Can they harm or slow Tor? Should I ban them? I'd like to learn from this.
This is probably a connection error caused by Iranian censorship.
We're working on anti-censorship and stats fixes, but I can't find the tickets right now.
In the meantime, try using a lower value for Tor's DoSConnectionMaxConcurrentCount option. The consensus value is 50, but you should set your value based on the number of connections from a single IP address. Or just try 25, then 12, ...
If no single IP address is problematic by itself, you can use a firewall to limit the number of connections, or the new connection rate, from an entire address block.
T
-- teor ----------------------------------------------------------------------