I’ve been running a Tor bridge for a while in a Docker container at my home connection (nothing fancy – just VDSL with about 50 Mbps upload). Currently version 0.4.8.16. For the most part, the bridge behaves normally.
However, in the past few weeks, I’ve noticed a sharp increase in warnings like these in the logs:
Jul 20 08:48:48.000 [warn] Detected possible compression bomb with input size = 60245 and output size = 1693217
Jul 20 08:48:48.000 [warn] Possible compression bomb; abandoning stream.
Some days it’s a few dozen of these messages, other days a few hundred. Today it’s already close to 2k – and the day’s not even over yet…
Other than that, the bridge works as expected. It’s never been 100% stable though (the OBFS4 status tends to flip to dysfunctional every 2–30 days, but that’s been happening ever since I switched from relay to bridge.)
Some more context:
I'm using a dynamic IP that changes on reconnect (though it hasn’t changed in several weeks).
The bridge is not exposed to anything else, and there are no other major issues I’ve noticed.
My question: should I be concerned about this sudden surge in “compression bomb” warnings?
Any best practices for bridge operators in this situation?
I’ve been running several webtunnel bridges, spread across a couple of cloud providers, all running since January. About half of them got thousands of these errors in the past week, and about half of them got less than a hundred. I don’t see any obvious patterns in which bridge got lots of these errors vs which got nothing. None of them got zero.
they’re onto me!