This is a multipart message in MIME format.
--=_alternative 006CDAB188256C46_Content-Type: text/plain;
charset="us-ascii"
Probably obvious, but I''m missing it.....
I wish to add NTP to a SuSE 7.3 three NIC box running Shorewall 1.3.9a
eth0 to Internet
eth1 to DMZ
eth2 to local network
Software installed just fine....I tried to open up ntp port to $NTPSERVERS
like the Tom Home Configuration and I get an error that $NTPSERVERS
isn''t
defined....hmmm. So I add a variable "NTPSERVERS" to
/etc/shorewall/params and give it three IP''s separated by commas (no
intervening spaces) It still doesn''t like it. So I add
/etc/shorewall/zone entry of ntpservers NTSPSERVERS and I get
Zone ntpservers is empty.
I comment out the $NTPSERVERS entries (2 places) in /etc/shorewall/rules
and replace with
ACCEPT fw net:aa.bb.cc.dd udp ntp
-and-
ACCEPT dmz net:aa.bb.cc.dd udp ntp
End result - I still get net2all:DROP
And, obviously - the ntp logfile gives:
date time ntpd[15513]: sendto(aa.bb.cc.dd): Operation not permitted
date time ntpd[15513]: ntpd exiting on signal 15
So the questions are twofold -
1 - How (and where) do I specify the $NTPSERVERS IP addresses ?
2 - Why does my net:aa.bb.cc.dd workaround not work ?
==============================================================
Unrelated - 90 % of my logs are now net2all:DROP of TCP ports 1214
(KAZAA)
and 1433 (SQL Database exploit). Can I NOT log just those (or any other
for that matter) ?
And, continue logging the other things ?
==============================================================
--=_alternative 006CDAB188256C46_Content-Type: text/html;
charset="us-ascii"
<br><font size=2 face="sans-serif">Probably obvious, but
I''m missing it.....</font>
<br>
<br><font size=2 face="sans-serif">I wish to add NTP to a
SuSE 7.3 three NIC box running Shorewall
1.3.9a</font>
<br>
<br><font size=2 face="sans-serif">eth0
to Internet</font>
<br><font size=2 face="sans-serif">eth1
to DMZ</font>
<br><font size=2 face="sans-serif">eth2
to local network</font>
<br>
<br><font size=2 face="sans-serif">Software installed just
fine....I tried to open up ntp port to $NTPSERVERS like the Tom Home
Configuration and I get an error that $NTPSERVERS isn''t
defined....hmmm. So I add a variable "NTPSERVERS" to
/etc/shorewall/params and give it three IP''s separated by commas (no
intervening spaces) It still doesn''t like it. So I
add /etc/shorewall/zone entry of ntpservers
NTSPSERVERS and I get Zone ntpservers
is empty. </font>
<br>
<br><font size=2 face="sans-serif">I comment out the
$NTPSERVERS entries (2 places) in /etc/shorewall/rules and replace
with</font>
<br>
<br><font size=2 face="sans-serif">ACCEPT
fw
net:aa.bb.cc.dd
udp
ntp</font>
<br>
<br><font size=2 face="sans-serif">-and-</font>
<br>
<br><font size=2 face="sans-serif">ACCEPT
dmz
net:aa.bb.cc.dd
udp
ntp</font>
<br>
<br><font size=2 face="sans-serif">End result - I still
get net2all:DROP </font>
<br>
<br><font size=2 face="sans-serif">And, obviously - the
ntp logfile gives: </font>
<br><font size=2 face="sans-serif">date time ntpd[15513]:
sendto(aa.bb.cc.dd): Operation not permitted</font>
<br><font size=2 face="sans-serif">date time ntpd[15513]:
ntpd exiting on signal 15</font>
<br>
<br><font size=2 face="sans-serif">So the questions are
twofold -</font>
<br>
<br><font size=2 face="sans-serif">1 - How (and where) do
I specify the $NTPSERVERS IP addresses ?</font>
<br><font size=2 face="sans-serif">2 - Why does my
net:aa.bb.cc.dd workaround not work ?</font>
<br>
<br>
<br><font size=2
face="sans-serif">===============================================================</font>
<br>
<br><font size=2 face="sans-serif">Unrelated -
90 % of my logs are now net2all:DROP of TCP ports 1214
(KAZAA)</font>
<br><font size=2 face="sans-serif">and 1433 (SQL Database
exploit). Can I NOT log just those (or any other for that matter)
?</font>
<br><font size=2 face="sans-serif">And, continue logging
the other things ?</font>
<br>
<br><font size=2
face="sans-serif">===============================================================</font>
<br>
--=_alternative 006CDAB188256C46_=--