Scott Baker wrote:
I want to block any client that sends an NTP packet more than 10 per
second. I'm trying to implement an IPTables rule to do this:
iptables -A INPUT -p udp -m limit --dport 123 --limit 10/s -j DROP
It is matching and blocking SOME packets, but definitely not the bulk of
them. Has anyone use IPTables to limit the rate packets are accepted?
Any sage advice for me?
Some time ago someone posted these rules:
iptables -A INPUT -i eth0 -p udp -m udp --dport 123 -m recent --set --name
NTPTRAFFIC --rsource
iptables -A INPUT -i eth0 -p udp -m udp --dport 123 -m recent --update
--seconds 60 --hitcount 7 --name NTPTRAFFIC --rsource -j DROP
This looks like a more advanced filter that limits per IP address.
Maybe you can work from that.
Rob
_______________________________________________
pool mailing list
[email protected]
http://lists.ntp.org/listinfo/pool
