On Tuesday, 22 October 2024 19:24 Top wrote:
My tor relays[1] traffic decreased a lot and I think this *might* be connected to some kind of DDOS attack. So I wanted to use this situation to set up some DDOS protection. For that I stumbled upon Enkidus tor DDOS mitigation script. [2] However, this script is made for `iptables`, not `nftables`. I use `firewalld` with `nftables` on my system, since this seems to be the new default. [3] I don't really know that much about firewalls, so this situation overwhelms me a bit.
So how can I apply proper DDOS protection firewall rules whilst using `nftables`? Is there some easy way to modify the script to make it work?
Nftables is just a single simple text file ;-) My nftables examples: https://github.com/boldsuck/tor-relay-bootstrap/tree/nft/etc It's actually the same thing that Bo posted here: https://gitlab.torproject.org/tpo/community/support/-/issues/40093 If you have an exit, surgprotector is more suitable. -- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom!