Re: [tor-relays] Firewalls

2018-03-04 Thread Quintin
On Fri, Mar 2, 2018 at 10:04 AM TorGate wrote: > Hi to all, > I have a simple question, what is the best firewall solution ? > With sourcecode and must be opensource. > What are you trying to protect? An entire network or a single host? Q --

Re: [tor-relays] bridge behavior question

2018-03-04 Thread teor
> On 5 Mar 2018, at 08:28, Arisbe wrote: > > Hello all, > > I have run a number of Tor nodes for five years but I started adding a few > bridges last year. I have one bridge recently installed on a lease VPS that > has not reported a single inbound connection in over 40 days

Re: [tor-relays] Publishing bridge contact information

2018-03-04 Thread Roger Dingledine
On Tue, Feb 20, 2018 at 05:51:44PM +0100, Karsten Loesing wrote: > FWIW, we collected all feedback from this thread, discussed this change > in the metrics team, and forwarded our planned change to the Tor > Research Safety Board. I don't know how fast that will move, but I could > imagine it's a

Re: [tor-relays] less than 3 bw auths available: self-measurement (with 10k cap in effect)

2018-03-04 Thread teor
> On 5 Mar 2018, at 00:35, Stijn Jonker wrote: > > Perhaps it makes sense to do a call and add some more bandwidth authority > relays > during the upcoming meeting in Rome similar to the Montreal meeting. > Would the following documents still be valid (They themselves state

Re: [tor-relays] One pubblic IP, two or more relay on different ports

2018-03-04 Thread teor
> On 5 Mar 2018, at 00:20, MLTorNode wrote: > > Mar 04 04:31:37.000 [notice] Your relay has a very large number of > connections to other relays. Is your outbound address the same as your relay > address? Does your NAT box have multiple IP addresses? Does it have an

[tor-relays] bridge behavior question

2018-03-04 Thread Arisbe
Hello all, I have run a number of Tor nodes for five years but I started adding a few bridges last year.  I have one bridge recently installed on a lease VPS that has not reported a single inbound connection in over 40 days (except for Bifroest hanging out).  I see up to 4 outbound

Re: [tor-relays] CPU saturation attack/abuse

2018-03-04 Thread Dhalgren Tor
Found other ones: December 24 where egress was much higher then ingress (but crypto-workers were pegged, not main thread). December 28 & 29, attack like today. Feburary 1 & 2, like today with ingress higher than egress. In today's and the latter-two above the main event thread was pegged

Re: [tor-relays] CPU saturation attack/abuse

2018-03-04 Thread Dhalgren Tor
On Sun, Mar 4, 2018 at 7:06 PM, Toralf Förster wrote: > On 03/04/2018 07:41 PM, Dhalgren Tor wrote: >> the main event-worker thread >> going from a normal load level of about 30%/core to 100%/core and >> staying there for about 30 seconds; > I do wonder if this is just

Re: [tor-relays] CPU saturation attack/abuse

2018-03-04 Thread Toralf Förster
On 03/04/2018 07:41 PM, Dhalgren Tor wrote: > the main event-worker thread > going from a normal load level of about 30%/core to 100%/core and > staying there for about 30 seconds; I do wonder if this is just the normal behaviour when - IIRC correctly - consensus documents are compressed before

[tor-relays] CPU saturation attack/abuse

2018-03-04 Thread Dhalgren Tor
Upgraded exit to 0.3.3.3 and now seeing a curious CPU saturation attack. Whatever the cause, result is the main event-worker thread going from a normal load level of about 30%/core to 100%/core and staying there for about 30 seconds; then CPU consumption declines back to 30%. Gradual change on

Re: [tor-relays] less than 3 bw auths available: self-measurement (with 10k cap in effect)

2018-03-04 Thread Stijn Jonker
Hi Teor & Others, Thanks for your response, On 2 Mar 2018, at 23:26, teor wrote: > > On 3 Mar 2018, at 02:15, Stijn Jonker wrote: >> >> On 2 Mar 2018, at 12:08, Vasilis wrote: >> >> Hi, >> >> Roger Dingledine: >> >> On Tue, Feb 27, 2018 at 06:47:00PM +, nusenu wrote: >>

Re: [tor-relays] One pubblic IP, two or more relay on different ports

2018-03-04 Thread MLTorNode
nusenu ha scritto il 03/03/2018 alle 20:03: > > > MLTorNode: >> Is it possibile? I have one dynamic public IP with one relay server published on >> ORPort 443 and DIRport 80 (with IPv6 ORPort too). >> Can i add a second relay with OR and DIR natted on other ports published on the >> same IP

Re: [tor-relays] [WARN] Your computer is too slow to handle this many circuit creation requests

2018-03-04 Thread Vasilis
Hi, *UPDATE** I'm still seeing these warning messages but in a lower frequency: Your computer is too slow to handle this many circuit creation requests! Please consider using the MaxAdvertisedBandwidth config option or choosing a more restricted exit policy. [1077 similar message(s) suppressed in