Thank you Charles for the expert advice on upd. I did a little more snooping and turns out #netdate command (linux box) is port 37 while ntp is port 123. (I realize I'm beginning to sound like a total moron and should have done the homework and rtfmed).
I downloaded a program called automachron for the M$ box (which looks pretty good for free) that specifically calls out which port it plans to connect to, 37 or 123. I asked it to hit the firewall 192.168.1.254 and received "Error: 192.168.1.254 (123) - Socket Error: Valid name, no data record of requested type". Asking it to look at a 'real' server under the various protocols (v1,v2,v3,v4) produced the desired result of providing information to update the time. The LEAF "Time in Bearing" 14.5 Subsection indicates that the combination of libm.lrp and ntpsimpl.lrp can be used to create a time server. The paper then explicitly says to open the firewall with: ACCEPT loc fw upd ntp (to query the Bering time server for local net). I did NOT attempt to improve the standard firewall rules so your comment below saying the internal network should be able to access the firewall should still be valid. Maybe a little more snooping in the ntpsimpl.lrp documentation is the next step. Thank you for your valued comments and opinions. R - Bill --- Charles Steinkuehler <[EMAIL PROTECTED]> wrote: > Don't knock yourself out about the missing listen. > UDP is a stateless > protocol, so *NO* UDP entries in the netstat output > will have anything > in the "state" column. "States" only make sense for > TCP. > > It looks like your server is listening to the > internal interface, and > there are no firewall rules blocking any access from > internal networks > to the firewall itself, so unless you did something > really wacky to the > ipchains rules, that's not your problem either. > > I'd make sure your windows client is actually > talking NTP, rather than > one of the other (typically simpler) time protocols. > > -- > Charles Steinkuehler __________________________________________________ Do you Yahoo!? Yahoo! Web Hosting - establish your business online http://webhosting.yahoo.com ------------------------------------------------------- This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
