To whom it may concern. Hi guys,
This morning I checked some of pool servers and I found that a few clients send enermous amount of NTP requests. I decided to limit the rate of this traffic by iptables. I applied these rules: -A INPUT --protocol udp --dport ntp --match hashlimit --hashlimit 100/hour --hashlimit-mode srcip --hashlimit-name ntp_ratelimit --jump ACCEPT -A INPUT --protocol udp --dport ntp --match limit --limit 5/min --jump LOG --log-level debug --log-prefix "Dropped, NTP ratelimit: " Logging is on for diagnostic purposes for a while. Filtering seems to be working well. Regards Gabor _______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
