[tor-relays] connlimit: better to use "DROP" or "REJECT --reject-with tcp-reset"?
Toralf Förster
toralf.foerster at gmx.de
Thu Jan 11 16:55:14 UTC 2018
On 01/11/2018 02:10 AM, teor wrote:
> We allow 2 relays per IPv4 address, and each relay makes 1-2 connections
> to each other relay. (Or more, if the connections start failing. This is
> a bug we want to fix.)
>
> So if you're going to do this, please set a much higher limit than 2.
> I would suggest at least 4, but 10 or more is better.
>
> You might be able to set it higher if you put a limit on repeated
> connection attempts.
Right - good hint !
--
Toralf
PGP C4EACDDE 0076E94E
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20180111/23617e69/attachment.sig>
More information about the tor-relays
mailing list