Tom Eastep wrote: > Jeff Gregor wrote: > >> I want to redirect clients on my local network to the local time server, >> so that they aren't making calls out to a public server on the internet >> (it's a satellite link, bandwidth is a real problem and every little bit >> I can save helps...) >> My firewall box has three interfaces: >> eth0 (WAN/Internet) -- connected to satellite modem >> eth1 (LAN, my office clients) -- IP 192.168.1.1, serves clients on >> 192.168.1.0/24 >> eth2 (PUB, public clients) -- IP 192.168.2.1, serves clients on >> 192.168.2.0/24 >> NTP is running on the firewall, listening on eth1 and eth2. >> What I want to do is each time a client on LAN or PUB tries to connect >> to an external time server, I want to redirect it back to the >> appropriate interface (ie, 192.168.1.1 or 192.168.2.1). > > I agree with Christ Sclacta -- just use NTP/REDIRECT.
For the record, here is what you want in the rules: REDIRECT lan 123 udp 123 REDIRECT pub 123 udp 123 Simple & easy - i use this all the time and it works well for me. If you have systems on those LANs which use NTP rather than SNTP (the cut-down version used by Windows), then you probably want to make exceptions for them. Paul ------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
