[tor-bugs] #33018 [Core Tor/Tor]: Dir auths using an unsustainable 400+ mbit/s, need to diagnose and fix
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Feb 2 04:01:00 UTC 2020
#33018: Dir auths using an unsustainable 400+ mbit/s, need to diagnose and fix
---------------------------------------+-----------------------------------
Reporter: arma | Owner: dgoulet
Type: defect | Status: assigned
Priority: Medium | Milestone: Tor:
| 0.4.3.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: network-health 043-should | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
---------------------------------------+-----------------------------------
Comment (by starlight):
How about throwing up an iptables recent module rule limiting the maximum
request rate from any single IP address and seeing if it helps? My
observation is botnet abuse often arrives with high intensity from a
limited number of addresses during a given interval. Set at a perhaps
twice the maximum rate expected of a bootstrapping relay. If it works
similar logic could be added to the relay logic. I have a couple of rules
I'll share privately, though it's hardly rocket science.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33018#comment:19>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list