[tor-relays] many connections

Richie richie at zuviel.org
Thu Oct 6 17:13:00 UTC 2022 

Hoi, Chris,

oh wow, that seems to help a lot. Uptime 1/2 hour now, load 50-60% and 
six IPs collected according to compare.sh. No signs of overload yet.

Thanks a lot, and i'll report, how things evolved. ATM, it looks like 
you can add the "n00b proof"-stamp to your concept :)

Greets and thanks again,
Richie

Am 06.10.22 um 11:47 schrieb Chris:
> Hi Richie
> 
> I was a bit lost myself having to deal with the scripts and additional 
> packages to install. So I put something together for myself based on the 
> same rules and added a few twists but in a simple text n00b proof 
> format. It's as simple as copy and paste and because it's all in clear 
> text, you can modify it without worrying about breaking any script. My 
> rules are a tad more strict but you can modify them as you wish. But the 
> concept is what @toralf has been implementing with a few twists for 
> efficiency's sake.
> 
> You can find them here:
> 
> https://github.com/Enkidu-6/tor-ddos
> 
> 
> On 10/3/2022 6:26 AM, Richie wrote:
>> Hi, toralf,
>>
>> since i'm quite a n00b regarding iptables and shellscripts: are there 
>> somewhere n00b-proof setup instructions for the ddos protection scripts?
>> here: relay (schlafschaf) with the usual connection floods, running on 
>> Kubuntu (latest LTS)
>>
>> What i found out:
>> ipset is not installed per default, added via
>> sudo apt-get install iptables
>> Also installed as recommended: stem, jq
>>
>> Trivial, nevertheless: edited the ORPort address on Line 122
>> Outcommented Lines 79-103 (hetzner, zwiebeltoralf only)
>>
>> running the script results in output as with iptables -L, containing
>> tcp dpt:443 #conn src/32 > 30
>> @ the "chain input ACCEPT" line
>> and no entries in the chain PREROUTUNG, OUTPUT, PREROUTING and OUTPUT 
>> lines.
>>
>> Strange: sudo watch ipv4-rules.sh results in
>> 1: ipv4-rules.sh: not found
>>
>> My apologies if its not the right place to ask.
>> greetz
>> Korrupt
>>
>> Am 03.10.22 um 09:43 schrieb Toralf Förster:
>>> On 9/30/22 17:57, Sandro Auerbach wrote:
>>>> 30 minutes later still 22000 connections...
>>>> Have you observed something similar?
>>>
>>> I reduced those spikes [1] by using certain iptables rules [2].
>>>
>>>
>>> [1] https://github.com/toralf/torutils/blob/main/sysstat.svg
>>> [2] https://github.com/toralf/torutils
>>>
>>>
>>> _______________________________________________
>>> tor-relays mailing list
>>> tor-relays at lists.torproject.org
>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>
>> _______________________________________________
>> tor-relays mailing list
>> tor-relays at lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

More information about the tor-relays mailing list