OpenNTPD warning: "malformed packet received from..."

Mon, 16 Mar 2009 02:21:58 -0700 

Hi folks,
Looking at /var/log/messages in my time server (OpenBSD 4.2, amd) I see a lot of: 


Mar 13 15:03:11 ntp01 ntpd[22179]: malformed packet received from 
217.125.3.73
Mar 13 15:11:43 ntp01 ntpd[22179]: malformed packet received from 
83.50.162.232
Mar 13 15:14:35 ntp01 ntpd[22179]: malformed packet received from 
212.170.161.87
Mar 13 15:15:29 ntp01 ntpd[22179]: malformed packet received from 
83.37.26.197
Mar 13 15:20:34 ntp01 ntpd[22179]: malformed packet received from 
80.37.229.49
Mar 13 15:20:36 ntp01 ntpd[22179]: malformed packet received from 
80.37.229.49
Mar 13 18:03:12 ntp01 ntpd[22179]: malformed packet received from 
217.125.3.73
Mar 13 19:06:40 ntp01 ntpd[22179]: malformed packet received from 
80.33.152.58
Mar 13 19:10:03 ntp01 ntpd[22179]: malformed packet received from 
89.141.96.144
Mar 13 20:33:12 ntp01 ntpd[22179]: malformed packet received from 
217.125.3.73
Mar 13 22:25:00 ntp01 ntpd[22179]: malformed packet received from 
80.24.191.155
Mar 13 22:25:05 ntp01 ntpd[22179]: malformed packet received from 
80.24.191.155
Mar 13 22:33:12 ntp01 ntpd[22179]: malformed packet received from 
217.125.3.73
Mar 13 23:25:00 ntp01 ntpd[22179]: malformed packet received from 
80.24.191.155
Mar 13 23:25:05 ntp01 ntpd[22179]: malformed packet received from 
80.24.191.155
Mar 13 23:33:12 ntp01 ntpd[22179]: malformed packet received from 
217.125.3.73
Mar 14 00:25:00 ntp01 ntpd[22179]: malformed packet received from 
80.24.191.155
Mar 14 00:25:05 ntp01 ntpd[22179]: malformed packet received from 
80.24.191.155
Mar 14 01:25:00 ntp01 ntpd[22179]: malformed packet received from 
80.24.191.155
Mar 14 01:25:05 ntp01 ntpd[22179]: malformed packet received from 
80.24.191.155
Mar 14 02:03:12 ntp01 ntpd[22179]: malformed packet received from 
217.125.3.73
Mar 14 02:25:00 ntp01 ntpd[22179]: malformed packet received from 
80.24.191.155
Mar 14 02:25:05 ntp01 ntpd[22179]: malformed packet received from 
80.24.191.155
Mar 14 02:31:41 ntp01 ntpd[22179]: malformed packet received from 
80.174.61.213
Mar 14 02:39:46 ntp01 ntpd[22179]: malformed packet received from 
62.42.183.151
Mar 14 03:25:01 ntp01 ntpd[22179]: malformed packet received from 
80.24.191.155
Mar 14 03:25:06 ntp01 ntpd[22179]: malformed packet received from 
80.24.191.155



Looking at relationed code (ntp_msg.c and ntp.h) I understand that it's 
only a warning and the real culprit it's a buggy client. But...



?OpenNTPD serves the time is this case (when the client sends a 
malformed packet)?

If yes ?affects in the general performance of the service?

Aside of this, I'm using PF and the scrubbing options on same machine.

?Can I avoid these "malformed" packets with PF-scrub intervention?

--
Thanks,
Jordi Espasa Clofent























					Reply via email to