I have a Red Hat 6.1 box that is my "speaker-to-cablemodem" (Thank you
Niven) (firewall/web server/ftp/mail server/younameit server).
I'm trying to use ntpdate on it, but I'm getting an error message.
[root@kramer ntp-4.0.99f]# /usr/local/bin/ntpdate -v time-b.nist.gov
25 Apr 01:21:05 ntpdate[8760]: ntpdate 4.0.99f Mon Apr 24 21:37:57 EDT
2000 (1)
25 Apr 01:21:05 ntpdate[8760]: sendto(129.6.15.29): Operation not
permitted
25 Apr 01:21:06 ntpdate[8760]: sendto(129.6.15.29): Operation not
permitted
25 Apr 01:21:07 ntpdate[8760]: sendto(129.6.15.29): Operation not
permitted
25 Apr 01:21:08 ntpdate[8760]: sendto(129.6.15.29): Operation not
permitted
25 Apr 01:21:09 ntpdate[8760]: no server suitable for synchronization
found
When I try it form a Suse box that is actually behind this firewall, it
works great. So is the operation that is not permitted (1) connecting
to that server on that port or (2) setting the time based on the data
gotten?
Now here's my firewall situation. I've added
NTP_TIME_SERVER="any/0" # if used
...
ipchains -A output -i $EXTERNAL_INTERFACE -p udp \
-s $IPADDR $UNPRIVPORTS \
-d $NTP_TIME_SERVER 123 -j ACCEPT
ipchains -A input -i $EXTERNAL_INTERFACE -p udp \
-s $NTP_TIME_SERVER 123 \
-d $IPADDR $UNPRIVPORTS -j ACCEPT
ipchains -A output -i $EXTERNAL_INTERFACE -p tcp \
-s $IPADDR $UNPRIVPORTS \
-d $NTP_TIME_SERVER 123 -j ACCEPT
ipchains -A input -i $EXTERNAL_INTERFACE -p tcp \
-s $NTP_TIME_SERVER 123 \
-d $IPADDR $UNPRIVPORTS -j ACCEPT
[root@kramer ntp-4.0.99f]# ipchains -L | grep ntp
ACCEPT tcp !y---- anywhere kramer.ne.mediaone.net
nntp -> 1024:65535
ACCEPT udp ------ anywhere kramer.ne.mediaone.net ntp
-> 1024:65535
ACCEPT tcp ------ anywhere kramer.ne.mediaone.net ntp
-> 1024:65535
ACCEPT tcp ------ kramer.ne.mediaone.net anywhere
1024:65535 -> nntp
ACCEPT udp ------ kramer.ne.mediaone.net anywhere
1024:65535 -> ntp
ACCEPT tcp ------ kramer.ne.mediaone.net anywhere
1024:65535 -> ntp
Any sage advice?
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
