Re: NTP && IP Filter / NAT
This is a discussion on Re: NTP && IP Filter / NAT within the IPFilter forums, part of the System Security and Security Related category; El día Wednesday, September 05, 2007 a las 11:30:02PM -0700, Darren Reed escribió: > You can do ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
09-06-2007
|
|||
|
|||
Re: NTP && IP Filter / NAT
El día Wednesday, September 05, 2007 a las 11:30:02PM -0700, Darren Reed escribió:
> You can do this: > > map em1 from 193.31.10.32/24 to any port = 123 -> xxx.xxx.xxx.xxx/32 udp age 30/1 > > to limit make the timeout 30 seconds for a reply and 1 second after the > reply > has been recieved. Hello Darren, Sorry to have overlooked the 'age' parameter in the man page, I was doing 'man -S5 ipnat | col -b | fgrep time'; but it gives now an error and the line 37 is exactly cut&pasted from your hint and changed xxx.xxx.xxx.xxx to the real IP of the NIC): # ipnat -CF -f /etc/ipnat.rules 0 entries flushed from NAT table 3 entries flushed from NAT list syntax error error at "age", line 37 Thanks again for your hint matthias -- Matthias Apitz Manager Technical Support - OCLC PICA GmbH Gruenwalder Weg 28g - 82041 Oberhaching - Germany t +49-89-61308 351 - f +49-89-61308 399 - m +49-170-4527211 e <m.apitz@oclcpica.org> - w http://www.oclcpica.org/ http://www.UnixArea.de/ b http://gurucubano.blogspot.com/ OCLC PICA GmbH, Geschaeftsfuehrer: Christine Magin-Weeger, Norbert Weinberger Sitz der Gesellschaft: Oberhaching, HRB Muenchen: 113261 
|
Linear Mode
