ok, superb, serverul nu raspunde, continua cu tcpdump pe server, sa vezi acolo ce apare.
On 11/16/05, Alex <[EMAIL PROTECTED]> wrote: > On Wednesday 16 November 2005 14:07, Catalin Muresan wrote: > > poti sa dai un tcpdump pe client > > > > tcpdump -ni eth0 udp port 123 > > > > in timp ce dai ntpdate 10.0.0.2 > > > > tx. > > [EMAIL PROTECTED] ~]# ntpdate -u 10.0.0.2 > 16 Nov 14:37:35 ntpdate[23795]: no server suitable for synchronization found > > [EMAIL PROTECTED] ~]# tcpdump -ni eth0 udp port 123 > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes > 14:37:31.053297 IP 10.0.0.19.38826 > 10.0.0.2.ntp: NTPv4, Client, length 48 > 14:37:32.058076 IP 10.0.0.19.38826 > 10.0.0.2.ntp: NTPv4, Client, length 48 > 14:37:33.062896 IP 10.0.0.19.38826 > 10.0.0.2.ntp: NTPv4, Client, length 48 > 14:37:34.067704 IP 10.0.0.19.38826 > 10.0.0.2.ntp: NTPv4, Client, length 48 > > 4 packets captured > 4 packets received by filter > 0 packets dropped by kernel > [EMAIL PROTECTED] ~]# > > Un nou tcpdump dat de data asta verbose, arata cam asa: > > [EMAIL PROTECTED] ~]# ntpdate -u 10.0.0.2 > 16 Nov 14:45:01 ntpdate[24174]: no server suitable for synchronization found > > [EMAIL PROTECTED] ~]# tcpdump -v -ni eth0 udp port 123 > tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes > 14:44:57.568226 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto 17, > length: 76) 10.0.0.19.38839 > 10.0.0.2.ntp: NTPv4, length 48 > Client, Leap indicator: clock unsynchronized (192), Stratum 0, poll > 4s, precision -6 > Root Delay: 1.000000, Root dispersion: 1.000000, Reference-ID: > (unspec) > Reference Timestamp: 0.000000000 > Originator Timestamp: 0.000000000 > Receive Timestamp: 0.000000000 > Transmit Timestamp: 3341133897.568203999 (2005/11/16 14:44:57) > Originator - Receive Timestamp: 0.000000000 > Originator - Transmit Timestamp: 3341133897.568203999 (2005/11/16 > 14:44:57) > 14:44:58.573009 IP (tos 0x0, ttl 64, id 1, offset 0, flags [DF], proto 17, > length: 76) 10.0.0.19.38839 > 10.0.0.2.ntp: NTPv4, length 48 > Client, Leap indicator: clock unsynchronized (192), Stratum 0, poll > 4s, precision -6 > Root Delay: 1.000000, Root dispersion: 1.000000, Reference-ID: > (unspec) > Reference Timestamp: 0.000000000 > Originator Timestamp: 0.000000000 > Receive Timestamp: 0.000000000 > Transmit Timestamp: 3341133898.572992999 (2005/11/16 14:44:58) > Originator - Receive Timestamp: 0.000000000 > Originator - Transmit Timestamp: 3341133898.572992999 (2005/11/16 > 14:44:58) > 14:44:59.577819 IP (tos 0x0, ttl 64, id 2, offset 0, flags [DF], proto 17, > length: 76) 10.0.0.19.38839 > 10.0.0.2.ntp: NTPv4, length 48 > Client, Leap indicator: clock unsynchronized (192), Stratum 0, poll > 4s, precision -6 > Root Delay: 1.000000, Root dispersion: 1.000000, Reference-ID: > (unspec) > Reference Timestamp: 0.000000000 > Originator Timestamp: 0.000000000 > Receive Timestamp: 0.000000000 > Transmit Timestamp: 3341133899.577802999 (2005/11/16 14:44:59) > Originator - Receive Timestamp: 0.000000000 > Originator - Transmit Timestamp: 3341133899.577802999 (2005/11/16 > 14:44:59) > 14:45:00.582631 IP (tos 0x0, ttl 64, id 3, offset 0, flags [DF], proto 17, > length: 76) 10.0.0.19.38839 > 10.0.0.2.ntp: NTPv4, length 48 > Client, Leap indicator: clock unsynchronized (192), Stratum 0, poll > 4s, precision -6 > Root Delay: 1.000000, Root dispersion: 1.000000, Reference-ID: > (unspec) > Reference Timestamp: 0.000000000 > Originator Timestamp: 0.000000000 > Receive Timestamp: 0.000000000 > Transmit Timestamp: 3341133900.582614999 (2005/11/16 14:45:00) > Originator - Receive Timestamp: 0.000000000 > Originator - Transmit Timestamp: 3341133900.582614999 (2005/11/16 > 14:45:00) > > Alx > > > > On 11/16/05, Alex <[EMAIL PROTECTED]> wrote: > > > Sal Lucian, > > > > > > > 123/udp open|filtered ntp > > > > > > > > mai verifica totusi firewall-ul de pe 10.1.1.2... > > > > > > de pe 10.0.0.2 (care este serverul de timp) dau catre clientul meu > > > (10.0.0.19) > > > > > > # ping -R 10.0.0.19 > > > PING 10.0.0.19 (10.0.0.19) 56(124) bytes of data. > > > 64 bytes from 10.0.0.19: icmp_seq=0 ttl=64 time=0.292 ms > > > RR: 10.0.0.2 > > > 10.0.0.19 > > > 10.0.0.19 > > > 10.0.0.2 > > > > > > 64 bytes from 10.0.0.19: icmp_seq=1 ttl=64 time=0.300 ms (same > > > route) 64 bytes from 10.0.0.19: icmp_seq=2 ttl=64 time=0.311 ms > > > (same route) > > > > > > de pe client (10.0.0.19) dau in server (10.0.0.2) > > > > > > # ping -R 10.0.0.2 > > > PING 10.0.0.2 (10.0.0.2) 56(124) bytes of data. > > > 64 bytes from 10.0.0.2: icmp_seq=0 ttl=64 time=0.332 ms > > > RR: 10.0.0.19 > > > 10.0.0.2 > > > 10.0.0.2 > > > 10.0.0.19 > > > > > > 64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=0.320 ms (same route) > > > 64 bytes from 10.0.0.2: icmp_seq=2 ttl=64 time=0.260 ms (same route) > > > > > > Acum, mai dau si firewall-ul jos (pe ambele masini trec pe default): > > > # iptables -L -n > > > Chain INPUT (policy ACCEPT) > > > target prot opt source destination > > > > > > Chain FORWARD (policy ACCEPT) > > > target prot opt source destination > > > > > > Chain OUTPUT (policy ACCEPT) > > > target prot opt source destination > > > [EMAIL PROTECTED] ~]# > > > > > > Deci cu siguranta acum portul 123 UDP este deschis, foarte deschis chiar > > > daca nmap-ul raporteaza si un filtered ... Este el un pic confuz, dar > > > portul este deschis. > > > 123/udp open|filtered ntp (asta inseamna deschis sau filtrat) > > > > > > Dau sa ma sincronizez cu serverul de pe clientul 10.0.0.19: > > > # ntpdate -u 10.0.0.2 > > > 16 Nov 10:42:43 ntpdate[9117]: no server suitable for synchronization > > > found > > > > > > Deci nu merge!!!! In schimb, de pe un RH7.2 care se afla remote (in bv) > > > si mai trece si printr-un tunel VPN, dau: > > > > > > # ntpq -p > > > remote refid st t when poll reach delay offset > > > jitter > > > ========================================================================= > > >===== 10.0.0.2 0.0.0.0 16 u - 1024 0 0.000 > > > 0.000 4000.00 *LOCAL(0) LOCAL(0) 10 l 52 64 377 > > > 0.000 0.000 0.008 [EMAIL PROTECTED] alx_bkup]# ntpdate -u 10.0.0.2 > > > 16 Nov 10:34:01 ntpdate[26124]: step time server 10.0.0.2 offset > > > 230.975701 sec > > > [EMAIL PROTECTED] alx_bkup]# date > > > Wed Nov 16 10:34:17 EET 2005 > > > [EMAIL PROTECTED] alx_bkup]# ntpdate -u 10.0.0.2 > > > 16 Nov 10:34:44 ntpdate[26129]: adjust time server 10.0.0.2 offset > > > 0.002209 sec > > > [EMAIL PROTECTED] alx_bkup]# ntpq -p > > > remote refid st t when poll reach delay offset > > > jitter > > > ========================================================================= > > >===== 10.0.0.2 0.0.0.0 16 u - 1024 0 0.000 > > > 0.000 4000.00 *LOCAL(0) LOCAL(0) 10 l 288 64 377 > > > 0.000 0.000 0.008 [EMAIL PROTECTED] alx_bkup]# > > > > > > Ce pusca mea nu e in regula? > > > > > > Pe masina RH7.2 de la brasov am: > > > # rpm -q ntp > > > ntp-4.1.1-1 > > > > > > pe serverul de timp cit si pe clientul 10.0.0.19 am centos 4 cu: > > > # rpm -q ntp > > > ntp-4.2.0.a.20040617-4 > > > > > > Alex > > > > > > _______________________________________________ > > > RLUG mailing list > > > [email protected] > > > http://lists.lug.ro/mailman/listinfo/rlug > > > > _______________________________________________ > > RLUG mailing list > > [email protected] > > http://lists.lug.ro/mailman/listinfo/rlug > > _______________________________________________ > RLUG mailing list > [email protected] > http://lists.lug.ro/mailman/listinfo/rlug > _______________________________________________ RLUG mailing list [email protected] http://lists.lug.ro/mailman/listinfo/rlug
