Avoid keeping state of ntp requests
Ask Bjørn Hansen
ask at develooper.com
Mon Nov 16 10:37:44 UTC 2009
Hi,
I'm trying to avoid keeping state of ntp requests to our ntp servers. They are on UDP and numerous, so it's just wasting a lot of space in the state table.
I've tried various variations of 'pass quick', but some rule keeps adding state for the port 123 requests. I've put the full output of 'pfctl -sa' here:
http://tmp.askask.com/2009/11/pf.txt
Any ideas?
- ask
More information about the freebsd-pf
mailing list