dos: Avoid blacklisting Exit relays
View options
It is possible to do "tor-in-tor" meaning a tor client connection can exit the network and come back at a Guard node.
And if this happens to be detected by the DoS subsystem, we'll blacklist the Exit relay for a while. That is NOT good.
Now that we have #25183 (moved), we can lookup the inbound address to learn if we know it. And if we do, don't consider it a potential malicious client that we need to look at.
That is one part of the solution, the second part is #2667 (moved) so we actually prevent reentry from Exit but that part won't be backported just yet (if ever).
This work will be part of #24902 (moved) so once merge_ready, it will be merged into my branch ticket24902_029_05.