[tor-relays] Handling possible abuse requests

pa011 pa011 at web.de
Thu May 19 20:44:05 UTC 2016 

Thank you all who have contributed with there hints, support and
motivation so far. I will dig into that links and papers hopefully in
the coming days and probably ask again afterwards :-)

What seems to be important is to get an IP reassignment from the ISP -is
that really essential to start?

And furthermore is it ok to run with such a set of IP4 rules:

/etc/iptables/rules.v4
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

Thank you again

PA

Am 19.05.2016 um 13:56 schrieb Moritz Bartl:
> On 05/18/2016 10:13 PM, pa011 wrote:
>> Is there anybody out there who can give me some advice, or even help me
>> doing (answering) these?
> 
> I think it is pretty much straightforward. You can explain what Tor is,
> why you are supporting it, and in some more heated cases offer to
> temporarily block destination IP/port pairs. You will come up with your
> own language and standard cases as you go along, and from that can
> derive some template replies.
> 
>> How many of those abuses are to expect?
>> How to avoid on changing what parameters?
> 
> The easiest parameter to tune is bandwidth. The more bandwidth you
> provide, the more abusive traffic you will see. The second most
> important parameter is the ExitPolicy. See also
> https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment
> and https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines .
> 
> Thanks for running Tor relays, and welcome to the exit business! :)
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xC8C330E7.asc
Type: application/pgp-keys
Size: 3104 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160519/a01eda07/attachment.key>

More information about the tor-relays mailing list