Re: [tor-relays] max TCP interruption before Tor circuit teardown?

On 2013-10-27 15:00:10 (-0700), Gordon Morehouse wrote:

Here's my 'iptables -L' output, on pastebin because it's a mess when formatted for email: http://pastebin.com/f1VZNeTF

That's not a fresh boot, though, I did:

'iptables -F' 'service fail2ban reload'

and then ran the iptables commands by hand, in order.

Things may potentially be different after a reboot, so I'd recommend rebooting now and see how the firewall ends up. Right now it seems that fail2ban would ban and break existing circuits. It all depends on what rules it inserts into its chain.

However, do you need fail2ban now that you are throttling SYNs without affecting circuits?