poti sa dai un tcpdump pe client tcpdump -ni eth0 udp port 123
in timp ce dai ntpdate 10.0.0.2 tx. On 11/16/05, Alex <[EMAIL PROTECTED]> wrote: > Sal Lucian, > > > > > 123/udp open|filtered ntp > > > > mai verifica totusi firewall-ul de pe 10.1.1.2... > > de pe 10.0.0.2 (care este serverul de timp) dau catre clientul meu (10.0.0.19) > > # ping -R 10.0.0.19 > PING 10.0.0.19 (10.0.0.19) 56(124) bytes of data. > 64 bytes from 10.0.0.19: icmp_seq=0 ttl=64 time=0.292 ms > RR: 10.0.0.2 > 10.0.0.19 > 10.0.0.19 > 10.0.0.2 > > 64 bytes from 10.0.0.19: icmp_seq=1 ttl=64 time=0.300 ms (same route) > 64 bytes from 10.0.0.19: icmp_seq=2 ttl=64 time=0.311 ms (same route) > > de pe client (10.0.0.19) dau in server (10.0.0.2) > > # ping -R 10.0.0.2 > PING 10.0.0.2 (10.0.0.2) 56(124) bytes of data. > 64 bytes from 10.0.0.2: icmp_seq=0 ttl=64 time=0.332 ms > RR: 10.0.0.19 > 10.0.0.2 > 10.0.0.2 > 10.0.0.19 > > 64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=0.320 ms (same route) > 64 bytes from 10.0.0.2: icmp_seq=2 ttl=64 time=0.260 ms (same route) > > Acum, mai dau si firewall-ul jos (pe ambele masini trec pe default): > # iptables -L -n > Chain INPUT (policy ACCEPT) > target prot opt source destination > > Chain FORWARD (policy ACCEPT) > target prot opt source destination > > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > [EMAIL PROTECTED] ~]# > > Deci cu siguranta acum portul 123 UDP este deschis, foarte deschis chiar daca > nmap-ul raporteaza si un filtered ... Este el un pic confuz, dar portul este > deschis. > 123/udp open|filtered ntp (asta inseamna deschis sau filtrat) > > Dau sa ma sincronizez cu serverul de pe clientul 10.0.0.19: > # ntpdate -u 10.0.0.2 > 16 Nov 10:42:43 ntpdate[9117]: no server suitable for synchronization found > > Deci nu merge!!!! In schimb, de pe un RH7.2 care se afla remote (in bv) si mai > trece si printr-un tunel VPN, dau: > > # ntpq -p > remote refid st t when poll reach delay offset jitter > ============================================================================== > 10.0.0.2 0.0.0.0 16 u - 1024 0 0.000 0.000 4000.00 > *LOCAL(0) LOCAL(0) 10 l 52 64 377 0.000 0.000 0.008 > [EMAIL PROTECTED] alx_bkup]# ntpdate -u 10.0.0.2 > 16 Nov 10:34:01 ntpdate[26124]: step time server 10.0.0.2 offset 230.975701 > sec > [EMAIL PROTECTED] alx_bkup]# date > Wed Nov 16 10:34:17 EET 2005 > [EMAIL PROTECTED] alx_bkup]# ntpdate -u 10.0.0.2 > 16 Nov 10:34:44 ntpdate[26129]: adjust time server 10.0.0.2 offset 0.002209 > sec > [EMAIL PROTECTED] alx_bkup]# ntpq -p > remote refid st t when poll reach delay offset jitter > ============================================================================== > 10.0.0.2 0.0.0.0 16 u - 1024 0 0.000 0.000 4000.00 > *LOCAL(0) LOCAL(0) 10 l 288 64 377 0.000 0.000 0.008 > [EMAIL PROTECTED] alx_bkup]# > > Ce pusca mea nu e in regula? > > Pe masina RH7.2 de la brasov am: > # rpm -q ntp > ntp-4.1.1-1 > > pe serverul de timp cit si pe clientul 10.0.0.19 am centos 4 cu: > # rpm -q ntp > ntp-4.2.0.a.20040617-4 > > Alex > > _______________________________________________ > RLUG mailing list > [email protected] > http://lists.lug.ro/mailman/listinfo/rlug > _______________________________________________ RLUG mailing list [email protected] http://lists.lug.ro/mailman/listinfo/rlug
