Skip to content
Permalink
Browse files Browse the repository at this point in the history
Limit connections to ntp service in firewall
This should help mitigate potential NTP amplification attacks.
  • Loading branch information
drybjed committed Oct 8, 2014
1 parent 7e4716c commit ed4ca2c
Showing 1 changed file with 8 additions and 1 deletion.
9 changes: 8 additions & 1 deletion meta/main.yml
Expand Up @@ -7,12 +7,19 @@ dependencies:

- type: 'dport_accept'
dport: [ 'ntp' ]
protocol: [ 'tcp', 'udp' ]
saddr: '{{ ntp_allow }}'
accept_any: True
filename: 'ntp_dependency_accept'
weight: '50'
enabled: '{{ ntp_listen }}'

- type: 'dport_limit'
dport: [ 'ntp' ]
protocol: [ 'tcp', 'udp' ]
filename: 'ntp_dependency_limit'
weight: '50'
enabled: '{{ ntp_listen }}'

galaxy_info:
author: 'Maciej Delmanowski'
description: 'Manage time synchronization, NTP server and timezone'
Expand Down

0 comments on commit ed4ca2c

Please sign in to comment.