A quick check for blocked IPv4 relays is made by
TORUTILS_TMPDIR=/tmp /etc/conf.d/ipv4-rules.sh save
grep -c -f /var/tmp/relays /tmp/tor-ddos-*
rm /tmp/tor-ddos-*and for IPv6 run
TORUTILS_TMPDIR=/tmp /etc/conf.d/ipv6-rules.sh save
grep -c -f /var/tmp/relays6 /tmp/tor-ddos6-*
rm /tmp/tor-ddos6-*ddos-inbound.sh lists ips having more inbound connections to the ORPort than a given limit (example). hash-stats.sh plots the distribution of timeout values of an iptables hash (example). ipset-stats.sh plots distribution of timeout values of an ipset as well as occurrences of ip addresses in subsequent ipset output files (example). For plots the package gnuplot is needed. The SVG graphs are created by the sysstat command sadf, the canvas size is fixed for an already reported issue in this way:
args="-n DEV,SOCK,SOCK6 --iface=enp8s0" # set it to "-A" to display all collected metrics
svg=/tmp/graph.svg
sadf -g -t /var/log/sa/sa${DAY:-`date +%d`} -O skipempty,oneday -- $args >$svg
h=$(tail -n 2 $svg | head -n 1 | cut -f 5 -d ' ') # fix the SVG canvas size
sed -i -e "s,height=\"[0-9]*\",height=\"$h\"," $svg
firefox $svg