RE: [suse-security] Looking for a secure time service
iptables -t filter -A INPUT -i <your interface> -m state -p udp -d <your ip> -s <ntp server> --sport 123 --state ESTABLISHED -j ACCEPT iptables -t filter -A OUTPUT -o <your interface> -m state -p udp -s <your ip> -d <ntp server> --dport 123 --state NEW,ESTABLISHED -j ACCEPT
I must have missed something.. What's the 'filter' table in netfilter? I guess I've been away from that list for too long.. Apart from that, you can further specify the local port, as (x)ntpd will always use UDP port 123. Otherwise, it looks good (IMHO). Tobias
Hi List On 2001.08.29 10:21:44 +0100 "Reckhard, Tobias" wrote:
I must have missed something.. What's the 'filter' table in netfilter? I guess I've been away from that list for too long..
the "filter" table is the default table, and so not often typed. Other tables are nat and mangle. See ~> man iptables for more. HTH Maf.
Tobias
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Maf. King Standby Exhibition Services ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "It is easier to do a job right than to explain why you didn't." - Martin Van Buren ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
participants (2)
-
maf king
-
Reckhard, Tobias