On 11/5/2016 1:13 PM, Jean-Roch Blais wrote: > Hello VIctor, and list, > > some examples might help me … thank’s > > jrb > I use a LEAF 6.0.0 GEODE on a PC Engines ALIX.
The LEAF handles NTP using bbntpd. However, I allow it to sync with only one trusted external time server. /etc/default/ntpd NTPDRUN=yes NTPDOPTS='-l -p name of trusted timeserver' IoT devices get their time from the LEAF bbntpd *** in /etc/shorewall/rules NTP(ACCEPT) fw net:w.x.y.z w.x.y.z is the ip or dname of the trusted time server. NTP(ACCEPT) loc fw #Block access to net from IoT devices DROP loc:a.b.c.d,e.f.g.h net a.b.c.d is the static ip of the IoT devices I do not want to access the web. *** One of the devices that has no access to the Internet is a wireless router configured as an AP. It has a fixed IP address and is NOT configured to do DHCP. Wireless clients pass through to access dnsmasq on the LEAF box via its ethernet connection. dnsmaq assigns static addresses to each wireless client example. dhcp-host=11:22:33:44:55:66,device dhcp name,192.168.1.x #comment Victor ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today. http://sdm.link/xeonphi ------------------------------------------------------------------------ leaf-user mailing list: [email protected] https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
