[Tor-BSD] kernel: ... was killed: out of swap space

Wed Feb 21 10:06:28 EST 2018

Am 19.02.2018 um 21:30 schrieb George Rosamond:
> teor:
>>
>>> On 20 Feb 2018, at 05:51, George Rosamond <george at ceetonetechnology.com> wrote:
>>>
>>> But the best route would be to update security/tor to 0.3.2.9.  I
>>> *think* it deals with the DDOS'g you're experiencing.
>>
>> Unfortunately, 0.3.2.9 does not have the DDoS feature.
>> Please wait for the 0.3.2.10 release, which should be out soon.
> 
> Cool.
> 
>>
>> In the meantime, please try adjusting:
>>
>> MaxMemInQueues 1 GB # Or half your free RAM
>>
> 
> Changing MaxMemInQues had no effect for my FreeBSD relay.
> 
>> And please disable CellStatistics and ConnDirectionStatistics.
>>
> 
> CellStatistics off did but note it's not on by default.
> 
>> We could give you better advice if you posted your machine specs
>> and torrc.
> 
> Definitely.  I clearly made some sweeping assumptions in terms of diagnosis.
> 
>>
>>> I can say that the current security/tor-devel (0.3.3.2) does deal with
>>> it, and I see a good number of messages like:
>>>
>>> Feb 19 18:44:21.000 [notice] {HEARTBEAT} DoS mitigation since startup:
>>> 1083 circuits rejected, 6 marked addresses. 59073 connections closed.
>>> 1330 single hop clients refused.
>>
>> The combination of DDoS defence and turning off statistics dropped my
>> (Linux) relay RAM usage from 6-10 GB to about 1 GB.
> 
> I never had any issues with the OpenBSD relays, but with FreeBSD I had
> to cron restarting tor every 15 hours or so.
> 
> The TorBSD wiki page I posted has some mitigations, but none seemed
> effective.  It's good newer versions of Tor are dealing, but mitigating
> further from the node is also good, like limiting tcp states via network
> firewall, etc.
> 
> g

Thanks to all your input first!
You may laugh or cry, at worst think its a waste of time - for me its kind of "what can I get for smallest amount of invested money"
This experiment worked well on several exits for over a year now - with different success depending on ISP and location - starting to turn sour with DDos attacks last year.
It is strange that one small Exit doesn’t get affected by those attacks at one place running average 25Mbit/s while hardly doing 5 Mbit/s at an other and breaking every single day.

So the facts:

VPS RAM: 512MB 
FreeBSD 11.1-RELEASE-p4 on GENERIC  amd64
Running 2 instances of Tor 0.3.1.9

I did "CellStatistics off" a few days ago - little help
MaxMemInQueues always at default 324 MB

I will follow now George in doing cron reboots every maybe 10 to 15 hours. 

Furthermore I tried to install tor-0.3.3.2-alpha from ports which stopped unfortunately here:
" asciidoc-8.6.10_1 depends on shared library: libxml2.so - not found"

What should I do there - please keep in mind I am not a coder :-(

Paul