Thank you @Anafabula@discuss.tchncs.de ! it works !

Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
(7) DSA (set your own capabilities)
(8) RSA (set your own capabilities)
(9) ECC and ECC
(10) ECC (sign only)
(11) ECC (set your own capabilities)
(13) Existing key
(14) Existing key from card\

I’m wondering whats is the option: (9) ECC and ECC ?? I found nothing in their documentation :/

Well received, any sources where we could corroborate that statement ?

Damn

now that I open few ports 9001

I see incoming connection that are dropped because they use totally diffrent ports

drop: IN=eth0 OUT= MAC=aMacadrs SRC=aIP DST=aMyIP LEN=64 TOS=0x00 PREC=0x00 TTL=48 ID=65508 DF PROTO=TCP SPT=443 DPT=50194 WINDOW=501 RES=0x00 ACK URGP=0

.

it’s weird in my nftable config file I have

type filter hook input priority 0; policy drop;
ct state established,related accept

Any ideas ?

Thank you ! @thingsiplay@beehaw.org 👍
-E solved it :)

Yes

👍 Thanks again @qprimed@lemmy.ml

Thank you very much @qprimed@lemmy.ml ! indeed I saw in my nftables log tentative to 443 and 9001. ( I didn’t find this in the tor doc … )

9050 is your socks proxy - so protect it. if your nftables is blocking localhost:9050/TCP then you need to correct that.

is this will do : ip saddr 127.0.0.1 ip daddr 127.0.0.1 accept ?