[tor-relays] TCP: drop open request

mett mett at pmars.jp
Sat Oct 26 03:33:51 UTC 2013


On Fri, 25 Oct 2013 01:13:57 -0400
grarpamp <grarpamp at gmail.com> wrote:

> On Fri, Oct 25, 2013 at 12:10 AM, Roger Dingledine <arma at mit.edu>
> wrote:
> > On Fri, Oct 25, 2013 at 12:43:42PM +0900, mett wrote:
> >> Since yesterday, the kern.log of the relay I'm running is flooded
> >> with "TCP: drop open request from".
> >>
> >> I first thought it was a kind of DDOS on our servers but it seems
> >> to be related to Tor (When I stop Tor, kernel doesn't
> >> complain anymore).
> >
> > if you're in BSD-land.
> 
> It's a Linux message. Feed it to a search engine and you'll find
> several things to try depending on what the cause is. It shuts
> off either because Tor is attracting the syn's or the overall count
> is lower with Tor off, you'll have to tcpdump to see. Look into
> syn cookies, packet filter rules, and stack tuning.
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Thanks a lot for both answers.

Actually, I recently changed my IP from dynamic to static(a week ago),
and at the same time I changed the settings regarding syn cookies and
spoofed IP's source address verification, so it might have been related.

I'll definitely tcdump my connection to check deeper.

By the way, the system is debian-squeeze on a P4(linux kernel 2.6
serie, 2.4CPU for 512RAM), that I use as a multipurpose router/server.





More information about the tor-relays mailing list