#24902: Denial of Service mitigation subsystem -------------------------------------------------+------------------------- Reporter: dgoulet | Owner: dgoulet Type: enhancement | Status: | needs_review Priority: Very High | Milestone: Tor: | 0.3.3.x-final Component: Core Tor/Tor | Version: Severity: Normal | Resolution: Keywords: ddos, tor-relay, review-group-30, | Actual Points: 029-backport, 031-backport, 032-backport, | review-group-31 | Parent ID: | Points: Reviewer: | Sponsor: -------------------------------------------------+-------------------------
Comment (by dgoulet): Replying to [comment:41 arma]: > I would think that for DoS info, like circuit info, the thing I most want to know is "very recently, what happened"? So I personally would prefer the "since last time" data. But I can totally see this going either way. I implemented that before but then I switched because I wanted to have a big picture of the DoS where stats every heartbeat gives you an idea of the "right now" situation. I do think both would be useful tbh because for instance the "marked address" will go to some number then at some point will be 0 all the time because your tor marked all the addresses so that could be a bit confusing. Wouldn't be complicated to have both counts, a long term one and a "since last heartbeat" ? > Speaking of heartbeat, "40 marked address" doesn't tell me how many addresses are being rejected *right now*. In fact, this could be a single address that got marked 40 times since startup of my relay? (I guess not quite because I have 36 hours of uptime and there were 40 marked addresses, but it's close.) You can "double mark" an address only if it is marked once then removed from the geoip cache and then it comes back and marked again. In that case, the counter will do a ++ twice for the same address. Once the `marked_until_ts` is set, it is never put back to 0 so it can't be counted twice unless the entry is removed from the geoip cache. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24902#comment:47> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs