Re: chrony lan - OT -_-

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 04.01.2015 17:29, Bob Goodwin wrote:
> 
> On 01/04/15 06:26, poma wrote:
>> ACTING AS AN NTP SERVER /usr/share/doc/chrony/chrony.conf.example 
>> http://git.tuxfamily.org/chrony/chrony.git/?p=chrony/chrony.git;a=blob;f=examples/chrony.conf.example#l167 
>> Good morning Alfred 
> 
> On 01/03/15 19:04, Ed Greshko wrote:
>> Assuming that one of them is running chronyd you'll need to configure it to Allow NTP client access from local network using the "allow" directive in the config file.  You'll also need to change the firewall settings to allow incoming ntp requests as this is normally blocked.
>>
>> On the SL7 side you'll need to configure it to point to the workstation acting as the time server instead of servers on the internet.
> 
> So it appears that I need to change box10 to make it an ntp server:
> 
> # Allow NTP client access from local network.
> #allow 192.168/16
> allow 192.168.1.0/24
> 
> In the firewalld GUI I have checked NTP under SERVICES and made it 
> PERMANENT. I'm really unsure of myself there!
> 
> And then I assume I can add 192.168.1.10 [box10 ntp server] at the top 
> of the list of the pool of public servers in /etc/chrony.conf in 
> 192.168.1.48 [the samba server to be blocked from the internet]?
> 
> Perhaps instead of 192.168.1.10 I could use 192.168.1.0/24?
> 
> I would like some reassurance on this ...
> 
> Bob
> 

All three combinations should work.
/etc/chrony.conf
...
# Allow NTP client access from local network.
allow 192.168.1
# or
allow 192.168.1/24
# or
allow 192.168.1.2
allow 192.168.1.3
...

$ systemctl restart chronyd.service

Open port 123/udp
/usr/lib/firewalld/services/ntp.xml

$ firewall-cmd --permanent --add-service=ntp
$ firewall-cmd --reload
$ firewall-cmd --query-service=ntp

man 1 firewall-cmd

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux