[rhn-users] Re: NTP
Nick Baronian
kvetch at gmail.com
Fri Nov 3 16:35:00 UTC 2006
Oops, the -p tcp was a typo on my part.
What I am really getting at is if there is a way to have ntp work like
some other client apps. I want to sync to redhat's time server but I
don't want to have a constant connection. Kinda like if I was ssh'ing
or ftp'ing into a server. The server would be running the ssh/ftp
service and have port 22 or 21 open but my machine would open a random
non-priv port get my payload and then close it.
Is NTP different because the polling is so frequent?
Thanks,
Nick
On 11/2/06, Cameron Simpson <cs at zip.com.au> wrote:
> On 02Nov2006 15:20, Nick Baronian <kvetch at gmail.com> wrote:
> | If I want to use NTP to sync to a time server does my machine have to
> | open port 123 UDP. I don't want to be a NTP server, I just want to be
> | the client that polls a server. I know I can use iptables to do
> | something like
> | $IPTABLES -A INPUT -j ACCEPT -p tcp -s 66.187.224.4 --dport 123
> | But I would like to completely close the port if possible.
> | Can this be done?
>
> NTP uses udp, not tcp.
> $IPTABLES -A INPUT -j ACCEPT -p udp -s 66.187.224.4 --sport 123 --dport 123
> and outbound (to make queries):
> $IPTABLES -A INPUT -j ACCEPT -p udp -d 66.187.224.4 --sport 123 --dport 123
>
> Try that. It should be obvious you can't close the port completely - how
> would ntp work it not traffic can flow?
> --
> Cameron Simpson <cs at zip.com.au> DoD#743
> http://www.cskk.ezoshosting.com/cs/
>
> Dope will carry you through times of no money better than money will carry
> you through times of no dope! - Freewheelin' Franklin
>
> _______________________________________________
> rhn-users mailing list
> rhn-users at redhat.com
> https://www.redhat.com/mailman/listinfo/rhn-users
>
More information about the rhn-users
mailing list