On Sat, Apr 26, 2008 at 10:05:54PM -0700, Dennis Hilberg, Jr. has written: > Matt Wagner wrote: > > I've never had to deal with this before... How do you guys block these > > nuts? It's just a handful of badly-configured clients, so I don't want > > to leave the pool entirely. I'm not sure how the KoD works, nor how to > > configure it. Do most clients respect that, or do I have to look at > > firewalling? Does ntod respect /etc/hosts.deny? > > Hi Matt, > > I use a pair of scripts written by Richard Leach that evaluate NTP > connections via /proc/net/ip_conntrack and automatically drop requests from > the offending IP addresses using IPTables. Once the offending client > improves its request rate the rule is removed and allowed access again. > > I don't recall anyone else but myself replying to Richard regarding his > conntrack scripts, but I find that they work quite well. I've had them > running since he fixed his original version (going on three months now), > with no problems. > > Dropping abusive clients' requests does nothing for the traffic, but at > least there's some satisfaction knowing that they aren't getting time from > you. > > You can download it here: > > http://www.penninespringmusic.co.uk/rich/software/conntrack.tgz > > Details are in the README. > > Dennis > > -- > Dennis Hilberg, Jr. \ [EMAIL PROTECTED] > NTP Server Information: \ http://saturn.dennishilberg.com/ntp.php > _______________________________________________ > timekeepers mailing list > [email protected] > https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
Thanks Dennis. Now comes with a free restart script, which re-instantiates the drop rules which were in existence before you so unfortunately went down. My top ranker today is 79.66.74.17, requesting at nearly 12 times a minute. Clearly I don't bother my adsl upload channel with him! -- Richard A Leach | No windoze, no gates. Just be free and out there. The great little festival -- http://www.PennineSpringMusic.co.uk A Centre of Excellence for Domestic Information Technology Solutions 5344.9735,N,00201.2268,W,263.0 _______________________________________________ timekeepers mailing list [email protected] https://fortytwo.ch/mailman/cgi-bin/listinfo/timekeepers
