Re: [Cooker-firewall] ntp ofer SNF

Wed, 31 Oct 2001 10:35:08 -0800 


I've had this problem on a regular ipchains firewall before too.  I had to
write add an ipchains line in my time script to allow ntp and then
afterwards a line to remove that rule.


______________________________________

Brent J. Baude   |   Information Architect for TCP/IP, Security, & Linux
3605 Hwy 52N
Rochester, MN  55901

(507) 253-0708
T/L 8-553-0708
FAX (507) 253-5192




                                                                                       
                                    
                    Andre Krajnik                                                      
                                    
                    <[EMAIL PROTECTED]>                   To:     Mandrake-Firewall 
<[EMAIL PROTECTED]>           
                    Sent by:                             cc:                           
                                    
                    cooker-firewall-owner@linux-ma       Subject:     
[Cooker-firewall] ntp ofer SNF                       
                    ndrake.com                                                         
                                    
                                                                                       
                                    
                                                                                       
                                    
                    10/31/2001 12:08 PM                                                
                                    
                    Please respond to                                                  
                                    
                    cooker-firewall                                                    
                                    
                                                                                       
                                    
                                                                                       
                                    



Hi!

I've trouble to use ntpdate to syncronize a linux-Server behind the SNF.
I use the following script:

#!/bin/sh
ntpdate -v ptbtime1.ptb.de ptbtime2.ptb.de
rustime01.rus.uni-stuttgart.de

[root@server1 andre]# /root/bin/ntp.sh
19 Oct 17:35:53 ntpdate[2279]: ntpdate 3-5.93e Sat Apr  8 15:58:28 CEST
2000 (1)
19 Oct 17:35:58 ntpdate[2279]: no server suitable for synchronization
found
[root@server1 andre]#
[root@server1 andre]# netstat -nr
Kernel IP Routentabelle
Ziel            Router          Genmask         Flags   MSS Fenster irtt
Iface
zzz.yyy.xx.1    0.0.0.0         255.255.255.255 UH        0 0          0
eth0
255.255.255.255 0.0.0.0         255.255.255.255 UH        0 0          0
eth0
zzz.yyy.xx.0    0.0.0.0         255.255.255.0   U         0 0          0
eth0
127.0.0.0       0.0.0.0         255.0.0.0       U         0 0          0
lo
0.0.0.0         zzz.yyy.xx.254  0.0.0.0         UG        0 0          0
eth0
[root@server1 andre]# ifconfig
eth0       Linkverkapselung:Ethernet  HWaddr 00:04:AC:D6:30:2F
           inet addr:zzz.yyy.xx.1  Bcast:zzz.yyy.xx.255
Maske:255.255.255.0
           UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
           Empfangene Pakete:43864 Fehler:0 Weggeworfen:0 Überlauf:0
Rahmen:0
           Verschickte Packete:43475 Fehler:0 Weggeworfen:0 Überlauf:0
Rahmen:0
           Kollisionen:0 Sendewarteschlangenlänge:100
           Interrupt:10 Basisadresse:0x1000

lo         Linkverkapselung:Locale Schleife
           inet addr:127.0.0.1  Maske:255.0.0.0
           UP LOOPBACK RUNNING  MTU:3924  Metric:1
           Empfangene Pakete:2439 Fehler:0 Weggeworfen:0 Überlauf:0
Rahmen:0
           Verschickte Packete:2439 Fehler:0 Weggeworfen:0 Überlauf:0
Rahmen:0
           Kollisionen:0 Sendewarteschlangenlänge:0

[root@server1 andre]#

The routers IP is zzz.yyy.xx.254.

It's OK if server1 dials directly into the internet via a modem and
changing the defaultgateway to zzz.yyy.xx.1

--
mfg

Andre

Reply via email to