-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 08/16/2017 12:22 AM, Roger Dingledine wrote: > On Tue, Aug 15, 2017 at 11:52:31PM +0200, Toralf Förster wrote: >> Does a particular Tor server/client will open more than 1 >> connection at a time from to the DirPort ? > > I think we definitely want to support that in the protocol. > > I'm not sure whether it happens right now, but it might. > > But preventing it from happening is likely bad. > > Note that most clients use the ORPort for fetching directory > stuff, and that's heading towards "all clients" as people upgrade > and stop using weird configurations. So the DirPort is mainly used > on authorities (by relays that fetch dir stuff or upload relay > descriptors), and by auxiliary tools like stem and the various > metrics project scripts. > > If you're worried about denial of service issues on the DirPort, > maybe the simple answer is to turn off the DirPort? I think the > only real impact might have something to do with whether old > clients believe that you're a usable guard. >
understood - removed those iptables rules - -- Toralf PGP C4EACDDE 0076E94E -----BEGIN PGP SIGNATURE----- iI0EAREIADUWIQQaN2+ZSp0CbxPiTc/E6s3eAHbpTgUCWZR6CxccdG9yYWxmLmZv ZXJzdGVyQGdteC5kZQAKCRDE6s3eAHbpTgNjAP0QUqGlvZdmppzthH85VXkS43xO iQRyNlODzRe5Jf9TpgD+JX+/bCuuOH/qh+Jdd9GrDBJZ9uvjtQX3OKF9C+u9oKo= =9bQM -----END PGP SIGNATURE----- _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays