Hi, toralf,
since i'm quite a n00b regarding iptables and shellscripts: are there somewhere n00b-proof setup instructions for the ddos protection scripts? here: relay (schlafschaf) with the usual connection floods, running on Kubuntu (latest LTS)
What i found out: ipset is not installed per default, added via sudo apt-get install iptables Also installed as recommended: stem, jq
Trivial, nevertheless: edited the ORPort address on Line 122 Outcommented Lines 79-103 (hetzner, zwiebeltoralf only)
running the script results in output as with iptables -L, containing tcp dpt:443 #conn src/32 > 30 @ the "chain input ACCEPT" line and no entries in the chain PREROUTUNG, OUTPUT, PREROUTING and OUTPUT lines.
Strange: sudo watch ipv4-rules.sh results in 1: ipv4-rules.sh: not found
My apologies if its not the right place to ask. greetz Korrupt
Am 03.10.22 um 09:43 schrieb Toralf Förster:
On 9/30/22 17:57, Sandro Auerbach wrote:
30 minutes later still 22000 connections... Have you observed something similar?
I reduced those spikes [1] by using certain iptables rules [2].
[1] https://github.com/toralf/torutils/blob/main/sysstat.svg [2] https://github.com/toralf/torutils
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays