![](https://seccdn.libravatar.org/avatar/77cb4da5f72bc176182dcc33f03a18f3.jpg?s=120&d=mm&r=g)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday, 2016-03-17 at 12:26 +0100, Carlos E. R. wrote:
On 2016-03-17 10:59, Per Jessen wrote:
I understand it allows access to clients :-?
If I read it correctly, it says that this client will only accept time information from 192.168.1.0 when it's authenticated. Authenticated = both server and client use the same key.
No, I understand it allows time exchange without authentication with anybody in the world, and admin access on the LAN with authentication.
Unless the rule:
restrict -4 default kod notrap nomodify nopeer noquery
is negated by the later rule:
restrict 192.168.1.0 mask 255.255.255.0 notrust
:-?
I commented out that last line on both machines, and now both use the other local machine, with stratum 3. So no need for that iptables output. - -- Cheers, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iEYEARECAAYFAlbqrPoACgkQtTMYHG2NR9WjxACcD4EwMxrSYu0Vj0Z4bJQaE2K+ A/QAnj3aqxd+2SAZWLRWm8WCq/76krHb =1NM4 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org