On 08/31/2010 08:59 PM, G.W. Haywood wrote:
Hi there,
On Tue, 31 Aug 2010, mc0fred wrote:
As it is the firewall that is having an issue not the server the
restrict would reduce the outbound packets but not the inbound packets.
The block in the upstream router will relieve both the up/down stream
load on the firewall. So I guess unless you can use the KOD packets or
get the offender to stop your router solution looks good.
Why not just '/sbin/iptables -j DROP' the incoming packets at the firewall?
That's what I do for around 60,000 /24 networks that pain me, not to mention
a few /8. :)
--
73,
Ged.
_______________________________________________
pool mailing list
[email protected]
http://lists.ntp.org/listinfo/pool
The firewall still needs to spend cycles processing the incoming packets
to determine if it should be dropped. This is the issue.
Regards Scott
_______________________________________________
pool mailing list
[email protected]
http://lists.ntp.org/listinfo/pool
