This is a guide to my personal solution to the Tor netscan problem, which can affect the reputation of exit nodes. The solution uses ufw, fail2ban, and systemd-journal, but can be adapted to suit your needs. This approach is not perfect, but it helps prevent netscan abuse while still supporting the Tor network.
The solution works by temporarily banning outgoing traffic to a specific port if too many connections are made in a short period of time. This may affect some legitimate traffic, but due to the anonymous nature of Tor, it's not possible to block specific traffic sources.