commit 21b347e291871ab89c140c9842f72cee76dd1c29
parent 712a7d76a00789e88de731dc7f69616119bbe3e1
Author: Mike Perry <mikeperry-git@torproject.org>
Date: Wed, 11 Apr 2018 02:47:00 +0000
doc: Fix typo and clarify that DoS options are relay only
Diffstat:
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
@@ -2412,7 +2412,8 @@ DENIAL OF SERVICE MITIGATION OPTIONS
Tor has three built-in mitigation options that can be individually
enabled/disabled and fine-tuned, but by default Tor directory authorities will
define reasonable values for relays and no explicit configuration is required
-to make use of these protections. The mitigations are:
+to make use of these protections. The mitigations take place at relays,
+and are as follows:
1. If a single client address makes too many concurrent connections (this is
configurable via DoSConnectionMaxConcurrentCount), hang up on further
@@ -2429,13 +2430,13 @@ to make use of these protections. The mitigations are:
Tor2Web client), ignore the request.
These defenses can be manually controlled by torrc options, but relays will
-also take guidance from consensus parameters, so there's no need to configure
-anything manually. In doubt, do not change those values.
+also take guidance from consensus parameters using these same names, so there's
+no need to configure anything manually. In doubt, do not change those values.
The values set by the consensus, if any, can be found here:
https://consensus-health.torproject.org/#consensusparams
-If any of the DoS mitigations are enabled, an heartbeat message will appear in
+If any of the DoS mitigations are enabled, a heartbeat message will appear in
your log at NOTICE level which looks like:
DoS mitigation since startup: 429042 circuits rejected, 17 marked addresses.
