> > -A INPUT --protocol udp --dport ntp --match limit --limit 5/min --jump LOG > > --log-level debug --log-prefix "Dropped, NTP ratelimit: " > > Will that let through all 8 packets from an iburst?
Ooops. You are right. First I gave --hashlimit-burst 10 but later I deleted it. > How much kernel memory will that use on a busy server? Actually I don't know. > How do things like "--limit 5/min" actually work? Or where are the details > described? This would not distinguish packets from different sources. Gabor _______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
