on the evening of 2022-10-18, we (Artikel10) started getting alerts about our Tor servers, while our traffic declined sharply. When we investigated, we found that there were hundreds of thousands of TCP connections (per server) open to a single address, orders of magnitude more than any other address. We blocked this address via “ExitPolicy reject”, then another one, and since then things seem to have improved.
IMO a "reload tor" is fully sufficient and should be preferrred over
"restart", or ?
Years ago I wrote a bash script, which created for an ip to be blocked
just an own file. Such a file can be easily removed and then tor
reloaded to unblock that ip
···
On 10/21/22 22:09, Alexander Dietrich wrote:
This is still experimental, so if you decide to give the script a try,
please keep an eye on it.
On Samstag, 22. Oktober 2022 22:40:38 CEST Toralf Förster wrote:
On 10/21/22 22:09, Alexander Dietrich wrote:
> This is still experimental, so if you decide to give the script a try,
> please keep an eye on it.
IMO a "reload tor" is fully sufficient and should be preferrred over
"restart", or ?
Years ago I wrote a bash script, which created for an ip to be blocked
just an own file. Such a file can be easily removed and then tor
reloaded to unblock that ip
Toralf Förster <toralf.foerster@gmx.de> hat am 22.10.2022 22:40 CEST geschrieben:
IMO a "reload tor" is fully sufficient and should be preferrred over
"restart", or ?
A "reload" will update the ExitPolicy, but not drain existing connections very quickly, at least on our servers. Feel free to use whatever your preferred command/script is, though.