[tor-relays] preventing DDoS is more than just network filtering
Toralf Förster
toralf.foerster at gmx.de
Wed Nov 9 16:34:05 UTC 2022
On 11/8/22 10:57, Chris wrote:
> The main reason is that a simple SYN flood can quickly fill up your
> conntrack table and then legitimate packets are quietly dropped and you
> won't see any problems thinking everything is perfect with your server
> unless you dig into your system logs.
Hhm, my system log doesn't show any problems, maybe due to (or
regardless of?):
CONFIG_SYN_COOKIES=y
?
Nevertheless, I updated the Readme to explain my point of view [1] [2].
[1] https://github.com/toralf/torutils#block-ddos-traffic
[2] https://github.com/toralf/torutils#rule-set
--
Toralf
More information about the tor-relays
mailing list