Matt Wagner wrote: > I've never had to deal with this before... How do you guys block these > nuts? It's just a handful of badly-configured clients, so I don't want > to leave the pool entirely. I'm not sure how the KoD works, nor how to > configure it. Do most clients respect that, or do I have to look at > firewalling? Does ntod respect /etc/hosts.deny?
Hi Matt, I use a pair of scripts written by Richard Leach that evaluate NTP connections via /proc/net/ip_conntrack and automatically drop requests from the offending IP addresses using IPTables. Once the offending client improves its request rate the rule is removed and allowed access again. I don't recall anyone else but myself replying to Richard regarding his conntrack scripts, but I find that they work quite well. I've had them running since he fixed his original version (going on three months now), with no problems. Dropping abusive clients' requests does nothing for the traffic, but at least there's some satisfaction knowing that they aren't getting time from you. You can download it here: http://www.penninespringmusic.co.uk/rich/software/conntrack.tgz Details are in the README. Dennis -- Dennis Hilberg, Jr. \ [EMAIL PROTECTED] NTP Server Information: \ http://saturn.dennishilberg.com/ntp.php _______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
