[tor-relays] connlimit: better to use "DROP" or "REJECT --reject-with tcp-reset"?

tor tor at anondroid.com
Fri Jan 5 18:44:15 UTC 2018

Previous message (by thread): [tor-relays] [tor-dev] Marker branch for current tor release(s)
Next message (by thread): [tor-relays] connlimit: better to use "DROP" or "REJECT --reject-with tcp-reset"?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

For relay operators using iptables connlimit to mitigate DoS attacks (or increased load from new clients), is it better for the Tor network to use "DROP" rules, or should we use something like "REJECT --reject-with tcp-reset"?

Previous message (by thread): [tor-relays] [tor-dev] Marker branch for current tor release(s)
Next message (by thread): [tor-relays] connlimit: better to use "DROP" or "REJECT --reject-with tcp-reset"?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the tor-relays mailing list