[tor-relays] connlimit: better to use "DROP" or "REJECT --reject-with tcp-reset"?

tor tor at anondroid.com
Fri Jan 5 18:44:15 UTC 2018

For relay operators using iptables connlimit to mitigate DoS attacks (or increased load from new clients)‚Äč, is it better for the Tor network to use "DROP" rules, or should we use something like "REJECT --reject-with tcp-reset"?

More information about the tor-relays mailing list