[time] Abusive Clients, Brazilian Servers
Dennis Hilberg, Jr.
Sun Apr 27 05:05:54 UTC 2008
Matt Wagner wrote:
> I've never had to deal with this before... How do you guys block these
> nuts? It's just a handful of badly-configured clients, so I don't want
> to leave the pool entirely. I'm not sure how the KoD works, nor how to
> configure it. Do most clients respect that, or do I have to look at
> firewalling? Does ntod respect /etc/hosts.deny?
I use a pair of scripts written by Richard Leach that evaluate NTP
connections via /proc/net/ip_conntrack and automatically drop requests from
the offending IP addresses using IPTables. Once the offending client
improves its request rate the rule is removed and allowed access again.
I don't recall anyone else but myself replying to Richard regarding his
conntrack scripts, but I find that they work quite well. I've had them
running since he fixed his original version (going on three months now),
with no problems.
Dropping abusive clients' requests does nothing for the traffic, but at
least there's some satisfaction knowing that they aren't getting time from you.
You can download it here:
Details are in the README.
Dennis Hilberg, Jr. \ timekeeper at dennishilberg.com
NTP Server Information: \ http://saturn.dennishilberg.com/ntp.php
More information about the pool