On Wed, 06 Nov 2024 22:40:08 +0000 Matt Palmer <mpal...@hezmatt.org> allegedly wrote: > > Egress rules won't help, because the traffic never hits your server -- > the source IP address is spoofed as yours, but the packets are > injected into the Internet from another location entirely. >
But they will allow you to prove to yourself, and your ISP, that the spoofed packets CANNOT have come from your address. I now have such egress iptables rules on my node blocking all access to: 202.91.160.0/24 202.91.161.0/24 202.91.162.0/24 202.91.163.0/24 And as further proof (if any were needed) that watchdogcyberdefense.com is run by bozos one of their "abuse" reports to Hetzner reportedly shows a “log entry” which reported attacks from my IP address to the RFC 1918 address 192.168.200.216. That address, like all such 192.168/16 prefix addresses is not even routeable across the internet. Mick --------------------------------------------------------------------- Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 blog: baldric.net --------------------------------------------------------------------- _______________________________________________ tor-relays mailing list -- tor-relays@lists.torproject.org To unsubscribe send an email to tor-relays-le...@lists.torproject.org
