Re: [cobalt-users] RE: NTP Servers Again

["E.B. Dreger" <eddy+public+spam@xxxxxxxxxxxxxxxxx>]

DL> Date: Sat, 06 Jul 2002 13:59:52 -0500
DL> From: David Lucas


DL> >Now it looks like you're bumping into firewall rules.  Before,
DL> >you couldn't bind() the low port number.  Now, ipfwadm/ipchains
DL> >(what model RaQ?) is preventing the packets from flowing.
DL> >
DL> >NTP runs on port 123, and "time" on 37.  I know NTP uses UDP;
DL> >beyond that, I'd need to STFW/RTFM in a hurry on where TCP/UDP
DL> >can or must be used.
DL> 
DL> 
DL> Excuse me, but could you say that again in plain english for
DL> us uneducated.

Not sure what part was unclear, so I'll try rephrasing the whole
thing...

The original error about "bind() fails" was because ntp was being
run as non-root.  To use a port below 1024, a process must be run
as root.  The NTP protocol runs on 123/UDP.  (I don't know if it
ever uses 123/TCP; I need to search to find the answer.)  I
believe that the new "operation not permitted" is caused by the
firewall rules on the local machine.

However, the part about "can't connect:37" in the original post
led me to believe that something might be trying to use the
"time" protocol, which is different from NTP.  I don't know if
"time" uses UDP, TCP, or both; again, I must search.

Chae, what model is your RaQ?  Can you check or post your
firewall rules?  It appears that port 123 is being blocked.


Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist@xxxxxxxxx>
To: blacklist@xxxxxxxxx
Subject: Please ignore this portion of my mail signature.

These last few lines are a trap for address-harvesting spambots.
Do NOT send mail to <blacklist@xxxxxxxxx>, or you are likely to
be blocked.