# How to keep your clock on track.

## Stormy Eyes

I bet I'm not the only one who sometimes finds his computer's internal clock drifting, but Gentoo does have tools to solve this problem: ntp. NTP is the "Network Time Protocol", which allows hosts to connect to time servers and sync their clocks to that of the server.

The NTP tools can be obtained using portage from the net-misc/ collection: 

```
emerge ntp
```

Once the NTP tools have been installed, you will find two scripts in /etc/init.d: ntpd and ntp-client. ntpd is intended for use in the default run-level, and can be set up in the following manner: 

```
/etc/init.d/ntpd start

rc-update add ntpd default
```

/etc/init.d/ntp-client, on the other hand, requires a little bit of configuration first. To configure the NTP client, you must edit /etc/conf.d/ntp-client. 

```
nano -w /etc/conf.d/ntp-client
```

You have to pick from this list the name of the time server closest to your location and edit this part of /etc/conf.d/ntp-client: 

```
# Options to pass to the above command

# Most people should just uncomment this variable and

# change 'someserver' to a valid hostname which you

# can aquire from the URL's below

NTPCLIENT_OPTS="-b timex.cs.columbia.edu"
```

Since I live in Connecticut, I chose a server located in New York. Once you've set your time server, save the file and close the editor. Then run /etc/init.d/ntp-client start to reset your clock.

----------

## agent_jdh

If you choose to go with ntpd (which is arguably the better solution, as it keeps your clock synched silently, i.e. no user intervention required), you need to do a bit more to get it working.  You have to edit the file /etc/ntp.conf and add in what timeservers you want to use (I would select stratum 2 - secondary - servers at the foot of the link you provided).  Mine looks like this -

```
server ntp.cis.strath.ac.uk

server ntp2a.mcc.ac.uk

server time-server.ndo.com
```

Once you've added it to the default runlevel, you can just start it with 

```
/etc/init.d/ntpd start
```

 to save you rebooting.

----------

## nevynxxx

Nice tip(s), now the next step, how would I set my router machine to be an ntp server for the local network? (not much point on small networks I know but on say a corporate network this could be useful)

-Anthony

----------

## Stormy Eyes

 *agent_jdh wrote:*   

> You have to edit the file /etc/ntp.conf and add in what timeservers you want to use (I would select stratum 2 - secondary - servers at the foot of the link you provided).  Mine looks like this

 

Thank you. I had forgotten about /etc/ntp.conf as ntpd didn't gripe about needing a tweak to its config file, unlike ntp-client. If you don't mind, I'll edit my original post to include your tip after work.

----------

## Stormy Eyes

 *nevynxxx wrote:*   

> Nice tip(s), now the next step, how would I set my router machine to be an ntp server for the local network? (not much point on small networks I know but on say a corporate network this could be useful)
> 
> -Anthony

 

The first thing I'd try is to configure the router as I outlined above, with agent_jdh's addition to /etc/ntp.conf, and then configure the ntpd on all the machines that talk to the router to use the router as a time server. 

[edit: I'm a home Linux user who just runs a couple of X terminals off his desktop, so my suggestion could be wrong. You'll have to try it yourself. ]

----------

## ILikePi

David Mills, who is one of the primary maintainers of the software, maintains a nice list of public NTP servers.  Home users should try to limit themselves to servers on the "stratum 2" list.

I setup xntpd on a university department subnet a few years ago.  It basically involved choosing the servers and configuring the daemons on the three machines.  xntpd had some security features in it that allowed you to say things like "allow clock updates only from these addresses" or "allow clock queries from etc..."  it also had some sort of key exchange type thing that went on between the 3 local servers.  i'm not sure if the particular ntp daemon you all are referencing has that sort of thing though.  also, can't remember for sure...but the hardware clock may need to be in GMT.  but once it's configured and running, it's all hands-off.

----------

## Stormy Eyes

 *ILikePi wrote:*   

> David Mills, who is one of the primary maintainers of the software, maintains a nice list of public NTP servers.  Home users should try to limit themselves to servers on the "stratum 2" list.

 

Thanks, but I linked to Mr. Mills' stratum 2 list in my original post. No point in being rude and tying up the the primary servers, right? >^..^< I'm using the NTP from http://www.ntp.org/, by the way.

----------

## agent_jdh

 *nevynxxx wrote:*   

> Nice tip(s), now the next step, how would I set my router machine to be an ntp server for the local network? (not much point on small networks I know but on say a corporate network this could be useful)
> 
> -Anthony

 

As Stormy Eyes says, you should be able to just set up ntpd on your router and then point your /etc/ntp.conf file to that (just use the router's IP address in the server line, e.g. server     192.168.1.1)

I've checked it by pointing my /etc/ntp.conf server setting to another (Debian) machine on my network (not the router, it doesn't have enough space to run ntpd as it boots off a floppy), and restarted the ntpd daemon on my Gentoo box, ntpd stopped and started with no arguments and there was nothing in /var/log/messages either.  Whether or not it keeps time is another question....

EDIT - Actually I'm not sure about this .... I've just had lunch and come back, and now /var/log/messages has an entry from ntpd saying synchronisation lost.  I'm not 100% sure on this, because looking back through the /var/log/messages file this happens a fair bit.

One thing I have noticed, I've added another option to /etc/ntp.conf 

```
driftfile /var/lib/ntp/ntp.drift
```

 which seems popular, but /var/log/messages shows "Un-parsable frequency in /var/lib/ntp/ntp.drift" when ntpd starts.  /var/lib/ntp/ntp.drift is an empty file, but on my Debian box which also runs ntpd it contains a value.  Anyone know how this file gets populated?

EDIT again - Ignore that last bit, the ntp.drift file gets automagically created after a period (presumably to measure my systems drift).

----------

## nevynxxx

Thanks all, can't test if my box is being a server, but from what you said it should be. When I edited my /etc/ntp.conf it had a line

restrict <my routers external address> mask 255.255.255.0

I chancged it to my internal network so my conf now looks like;

```

restrict default noquery notrust nomodify

restrict 160.220.48.0 mask 255.255.255.0

fudge 127.127.1.0 stratum 3

eerver 127.127.1.0

driftfile /var/lib/ntp/ntp.drift

logfile /var/log/ntp.log

server ntp2a.mcc.ac.uk

server ntp.cis.strath.ac.uk

server time-server.ndo.com

```

that seem ok? (yes I did copy and past the server lines from a previous post and then rearrange them as I live in manchester...hehehe)

----------

## keschrich

I've got my ntpd.conf all set up, and when I run '/etc/init.d/ntpd start' everything seems to work great.  I have noticed one problem though:  whenever I reboot my computer, ntpd.conf seems to  be replaced with this:

 *Quote:*   

> 
> 
> restrict default noquery notrust nomodify
> 
> restrict 127.0.0.1
> ...

 

which obviously does not suit my needs at all..  any idea why this would be happening?

----------

## agent_jdh

 *keschrich wrote:*   

> I've got my ntpd.conf all set up, and when I run '/etc/init.d/ntpd start' everything seems to work great.  I have noticed one problem though:  whenever I reboot my computer, ntpd.conf seems to  be replaced with this:
> 
>  *Quote:*   
> 
> restrict default noquery notrust nomodify
> ...

 

I take it you mean /etc/ntp.conf and not ntpd.conf?  Just a starter for 10...

----------

## jetblack

 *keschrich wrote:*   

> I've got my ntpd.conf all set up, and when I run '/etc/init.d/ntpd start' everything seems to work great.  I have noticed one problem though:  whenever I reboot my computer, ntpd.conf seems to  be replaced with this:
> 
>  *Quote:*   
> 
> restrict default noquery notrust nomodify
> ...

 

Are you using dhcp? I seem to recall reading somewhere that a DHCP server can override your /etc/ntp.conf settings.

This isn't exactly what I recall reading, but it's close enough...

----------

## ILikePi

 *Stormy Eyes wrote:*   

> Thanks, but I linked to Mr. Mills' stratum 2 list in my original post. No point in being rude and tying up the the primary servers, right? >^..^< I'm using the NTP from http://www.ntp.org/, by the way.

 

ermmm......woops  :Embarassed: 

 :Very Happy: 

----------

## NME

nice howto, thanks a lot  :Smile: 

----------

## k12linux

 *nevynxxx wrote:*   

> Thanks all, can't test if my box is being a server, but from what you said it should be.

 

run:  netstat -lu

and look for a line like: udp        0      0 *:ntp                   *:*

----------

## k12linux

 *jetblack wrote:*   

>  *keschrich wrote:*   I've got my ntpd.conf all set up, and when I run '/etc/init.d/ntpd start' everything seems to work great.  I have noticed one problem though:  whenever I reboot my computer, ntpd.conf seems to  be replaced 
> 
> Are you using dhcp? I seem to recall reading somewhere that a DHCP server can override your /etc/ntp.conf settings.

 

Bingo.  DHCP is the culprit.  It replaces your ntp.conf file each time.  I looked it over and there IS a fix.  If you don't want this to happen, just edit  /etc/conf.d/net and set

```
dhcpcd_eth0="-N"
```

  (or dhcpcd_eth1="-N" if it's eth1 getting an address via DHCP)

Doing that will keep DHCP from replacing your ntp.conf.     :Very Happy: 

OR.. you could always add the "option ntp-server" setting in your DHCP server's /etc/dhcp/dhcpd.conf and auto-config ntp on all your clients from now on.

----------

## Cid

i'm having a little trouble getting this to work...here's the error:

# /etc/init.d/ntp-client start

 * Setting clock via the ntp client 'ntpdate'...

25 Mar 09:31:38 ntpdate[4695]: the NTP socket is in use, exiting

 * Failed to set clock                                                    [ !! ]

any suggestions?

----------

## k12linux

 *Cid wrote:*   

> i'm having a little trouble getting this to work...here's the error:
> 
> # /etc/init.d/ntp-client start
> 
>  * Setting clock via the ntp client 'ntpdate'...
> ...

 

Stop ntpd first, start ntp-client, then you can start ntpd again.  ntp-client just runst the ntpdate command to set your clock.  It won't run if ntpd is running.

On boot, it's normally auto-run just before ntpd.

----------

## neenee

hm.. what about a cronjob calling rdate?

----------

## k12linux

 *neenee wrote:*   

> hm.. what about a cronjob calling rdate?

 

If you are only syncing to a single time source, then that'd probably suffice.  Or even a cron job that runs ntpdate occasionaly (ntpdate doesn't act as a daemon.. justs sets the time and exits.)  Once you want other systems to sync to your box's time, then you should look at ntp.

If you want to be as accurate as possible, use ntpd on 3+ systems and have each get it's time from 3-5 strata 2 timeservers.  (Don't do strata one unless you have litterally thousands of systems which will get their time from your ntp servers.)  Configure your 3 (or more) ntp servers to talk to each other as peers.

ntp will calculate accuracy between the strata2 servers and compare time to your other ntp servers.  When all is said and done, your time should be within a couple thousands of a second of "official" UTC time.

----------

## neenee

okidoki. i just thought ntp for a normal

user system to be a bit overkill  :Wink: 

----------

## k12linux

Yeah, really it is overkill if all you want to do is keep your time from being way off "real" time.  I run NTP on my home network because I want several systems to sync to it.  If I only had a single (or a couple) PCs I'd probably just use ntpdate by itself.

And of course at work I use it because there it actually matters that I have a local accurate time source.

----------

## szaman

is it possible to sync wind*ws systems to my ntp servers?

----------

## BlauwVoet

ntp seemed to complicated and too big (small HD) for me.

besides, I'm not interested knowing the time with a precision of nanoseconds.

something small, simple and fast is what I need

my linux-clock seems to work fine, so as long as my pc is switched on, everything runs smoothly.

my hardware-clock on the contrary is waaaaaaaaaaaay off; so every time I boot I have to adjust the time.  (afraid the MoBo battery might fail pretty soon?)  So I wanted to have something to do that automatically.  

the ntp-ebuild is quite big, has several dependencies, seems to be quite complicated and to heavy for this simple task.  So I tried clockspeed, only 25 kB.

```
# emerge clockspeed
```

This installs some tiny commands, such as

sntpclock : takes the IP-number of a NTP-host as parameter, and prints out the time in TAI-format

clockadd : reads a TAI-time adjustment from Stdin, and adds it to the local clock (no matter the time difference)

IP-numbers of NTP-hosts can be found on http://www.eecis.udel.edu/~mills/ntp/servers.html.  In my example I will use ntp.telenet.be with IP 195.130.132.18 as this is an ntp-host close to me;  this corrects the time (as root):

```
# sntpclock 195.130.132.18 | clockadd
```

To have the time adjusted each time I boot up, I've added this line to /etc/conf.d/local.start

```
# echo " --> syncing time with ntp.telenet.be" >>/etc/conf.d/local.start

# echo "sntpclock 195.130.132.18 | clockadd" >> /etc/conf.d/local.start
```

Now I have allways the right time   :Very Happy: 

******

you could also add this to cron

******

the clockspeed command in the same ebuild resets the local clock each 3 seconds, it reads the real time measurements from /var/lib/clockspeed/adjust in TAI-format.  

I haven't figured out (yet) how it works (because I'm quite satisfied with sntpclock/clockadd); feel free to experiment

----------

## Andersson

 *neenee wrote:*   

> hm.. what about a cronjob calling rdate?

 

From what I've heard, the problem with this solution is that if your computer is running a little fast, rdate/ntpdate will set the new time a few seconds earlier. This may confuse some programs (you know, time travel and stuff  :Wink: ). Ntpd will instead slow the clock down a little until it's correct.

 *szaman wrote:*   

> is it possible to sync wind*ws systems to my ntp servers?

 

Yes, as long as your computer is a correctly configured ntp server. There are programs for this in windows. I used one called... netsync, timesync, datesync or similar.

----------

## szaman

a nice link about win* ntp CLIENTS/servers:

http://geodsoft.com/howto/timesync/wininstall.htm

----------

## szaman

NetTime works perfect for me. (http://sourceforge.net/projects/nettime/).

----------

## Cqwense

Hi,

after emerging ntp , and adding a valid server to /etc/conf.d/ntp-client, i get the following error:

```
 * Re-caching dependency info (mtimes differ)...

 * Setting clock via the ntp client 'ntpd'...

ntpd: unknown option -Q

usage: ntpd [ -abdgmnqx ] [ -c config_file ] [ -e e_delay ]

                [ -f freq_file ] [ -k key_file ] [ -l log_file ]

                [ -p pid_file ] [ -r broad_delay ] [ -s statdir ]

                [ -t trust_key ] [ -v sys_var ] [ -V default_sysvar ]

                [ -P fixed_process_priority ]

                [ -u user[:group] ] [ -i chrootdir ]

 * Failed to set clock                                                    [ !! ]
```

There doesnt seem to be a -Q option for ntp-client anywhere, so I tried removing it from /etc/init.d/ntp-client.  Afterwards i get:

```
 * Re-caching dependency info (mtimes differ)...

 * Setting clock via the ntp client 'ntpd'...

usage: ntpd [ -abdgmnqx ] [ -c config_file ] [ -e e_delay ]

                [ -f freq_file ] [ -k key_file ] [ -l log_file ]

                [ -p pid_file ] [ -r broad_delay ] [ -s statdir ]

                [ -t trust_key ] [ -v sys_var ] [ -V default_sysvar ]

                [ -P fixed_process_priority ]

                [ -u user[:group] ] [ -i chrootdir ]

 * Failed to set clock                                                    [ !! ]
```

im assuming maybe -Q is an attempt at a "quiet" option ( ? ) that emerge threw in ... but as you can see im still unable to use the service. 

Anyways, thanks for reading

~ Cqwense

----------

## szaman

please, post your /etc/init.d/ntpd and /etc/conf.d/ntpd

regards

----------

## viperlin

and Cqwense your avatar has scared me for life  :Wink: 

strangely enough i have just been playing with ntp again due to rdate fucking up bigtime (reports wrong time on gentoo box's, my openBSD box gets the right time with rdate, so somethings up.

anyway from the output it looks like there is a -Q option that should not be in a config file

----------

## VinzC

 *szaman wrote:*   

> a nice link about win* ntp CLIENTS/servers:
> 
> http://geodsoft.com/howto/timesync/wininstall.htm

 

Adding my 2 cents: see http://support.microsoft.com/default.aspx?scid=kb;EN-US;216734 for more information on synchronizing the clock on a Win server.

Just issue the command net time /setsntp:server_list on your Windows server to synch on an external clock reference. Afterwards your server becomes an authoritative time server for the domain.

Why?

As M$ says, Kerberos authentication requires extreme clock accuracy. Tokens are generated on time basis. If machines clock get out of sync authentication might fail.

I have run the command with only one server and it works quite well. I am now syncing my Linux machine with the domain controller. Just for the fun.  :Smile: 

As you can see there is no need for external tools. I just wonder why such an information has been made that hidden. People have to dig deep to find it most of the time.

----------

## dylix

 *viperlin wrote:*   

> and Cqwense your avatar has scared me for life 
> 
> strangely enough i have just been playing with ntp again due to rdate fucking up bigtime (reports wrong time on gentoo box's, my openBSD box gets the right time with rdate, so somethings up.
> 
> anyway from the output it looks like there is a -Q option that should not be in a config file

 

make sure the timezones are set the same on both bawxes, and also make sure rc.conf is the same.. i think bsd has a rc.conf.. anywho, whether rc.conf says local or utc will affect your time aswell.

----------

## viperlin

fixed it a while ago, using Europe/London instead of GMT

----------

## Lowspirit

Huge thanks to BlauwVoet, your post/suggestion did exactly what I was looking for (ntp was overkill for the job).

----------

## Yama

If you have multiple machines on your network, IMHO the best thing to do is to have the gateway box sync over the Internet via ntpd, but then have the clients sync with the gateway via something simpler. I keep a simple script in /etc/cron.hourly/ on each of these client machines:

```
if [ -x /usr/bin/ntpdate ]

then

   /usr/bin/ntpdate -b -s 192.168.0.1 && hwclock --systohc

fi
```

192.168.0.1 is the IP of the gateway on the LAN.

There's no need to have a daemon running 100% of the time, and ntpdate should suffice.

----------

## Hauser

 *BlauwVoet wrote:*   

> the clockspeed command in the same ebuild resets the local clock each 3 seconds, it reads the real time measurements from /var/lib/clockspeed/adjust in TAI-format.  
> 
> I haven't figured out (yet) how it works (because I'm quite satisfied with sntpclock/clockadd); feel free to experiment

 

Here's a nice page about clockspeed setup:

http://fte.tegtmeyer.net/djbware/clockspeed_setup.html

The clocksd package mentioned in the article can be quite useful:

http://www.guinix.com/software/clocksd.html

----------

## Negated Void

How do i configure timezones/Daylight savings stuff? Both my linux boxes, using ntpd, are an hour off.

----------

## viperlin

like in the gentoo guide when you pick the timezone, just pick the correct one and it's automatic. i had the same problem until i picked a city for a timezone instead of GMT

----------

## Major

I have some trouble with my ntpd and ntp-client ... maybe there is something I dont understand but here :

I have install and setuped ntpd and ntp-client ... but my clock isn't correct.

I have to do each time I want to set my clock 

```

ntpdate SERVER_ADDDRESS

killall gnome-panel

```

to have my clock set on my bar but not on my gkrellm2 clock.

so I guess I set something wrong or should ntp-client update (using ntpdate) via ntpd which should set itself with the list of server I set in a config file ?

Major

----------

## Andersson

 *Major wrote:*   

> I have some trouble with my ntpd and ntp-client ... maybe there is something I dont understand but here :
> 
> I have install and setuped ntpd and ntp-client ... but my clock isn't correct.
> 
> I have to do each time I want to set my clock 
> ...

 

It works when you use ntpdate from the command line, when you specify a server adress? Then perhaps ntpd and ntp-client can't find any servers to connect to, a spelling error in the config perhaps? What do you see if you type ntpq -p (when ntpd is running)? Could you post your config files? (/etc/ntp.conf and /etc/conf.d/ntp-client).

----------

## Major

```
root # ntpq -p

     remote           refid      st t when poll reach   delay   offset  jitter

==============================================================================

 CLOCK.uregina.c .INIT.          16 u    -   64    0    0.000    0.000 4000.00

 sue.cc.uregina. .INIT.          16 u    -   64    0    0.000    0.000 4000.00

 ensb.cpsc.ucalg .INIT.          16 u    -   64    0    0.000    0.000 4000.00

 wxo-svr1.cmc.ec .INIT.          16 u    -   64    0    0.000    0.000 4000.00

 wxo-svr2.cmc.ec .INIT.          16 u    -   64    0    0.000    0.000 4000.00

```

```
root # cat /etc/ntp.conf

...

#server         ntp.example.tld         iburst

#University of Regina

server clock.uregina.ca

server timelord.uregina.ca

#University of Calgary

server ntp.cpsc.ucalgary.ca

#Canadian Meteorological Centre

server ntp1.cmc.ec.gc.ca

server ntp2.cmc.ec.gc.ca

 

##

# -=JAY=-

# Verify that correct time was set by going to

# http://tycho.usno.navy.mil/cgi-bin/timer.pl

# (for North American time zones only)

##

 

# you should not need to modify the following paths

logfile         /var/log/ntpd.log

driftfile       /var/lib/ntp/ntp.drift

 

restrict default ignore

 

#restrict default notrust nomodify

restrict 127.0.0.1

restrict 192.168.1.3

#restrict 192.168.1.0 mask 255.255.255.0 notrust nomodify notrap

```

```
root # cat /etc/conf.d/ntp-client

...

NTPCLIENT_CMD="ntpdate"

 

#NTPCLIENT_OPTS="-b someserver"

NTPCLIENT_OPTS="-b clock.uregina.ca"

```

----------

## Andersson

I think it's the restrict default ignore. Try adding this:

```
restrict clock.uregina.ca nomodify

restrict timelord.uregina.ca nomodify
```

...and so on for all your servers. By the way, two or three servers is enough  :Wink: 

----------

## Joseph_sys

Here is my sript to adjust the time:

Firtst:

emerge rdate

Make a script:

#!/bin/sh

rdate -s time.nist.gov   #or your favorite server

hwclock --systohc

That is all (run it as root), your time and date will be  synchronized to one of the time servers you set.  Enjoy!

----------

## NiK[IT]

I feel stupid but after configuring the ntpd system clock shows the wrong hour (I live in Italy so GMT+1). It shows my current time -2.

Its surely a problem of localization that I've missed out...

Anyone can help?

thx

----------

## lucaberta

NiK,

you don't live in GMT+1... GMT+1 doesn't change with the Daylight Savings Time, as GMT doesn't change!

Your /etc/localtime should instead be something like

```
lrwxrwxrwx  1 root root 23 Jun  5 12:28 localtime -> /usr/share/zoneinfo/CET
```

like it is in my case.

The good thing about Unix is its marvelous support of timezones and UTC, as long as it is well configured!    :Smile: 

Ciao, Luca

----------

## naelr

OK I live in WV so I should be eastern standard time.. what is the difference between EST and EST5EDT  

Has anyone had a problem using their router with shorewall and trying to use it for an NTP  server... I can't get my local machines to get the time from it...  I think I might be missing something in the shorewall configuration... when I try to rdate 192.168.0.1  I get connection refused... can anyone start me in the right direction?

Naelr

----------

## lucaberta

 *naelr wrote:*   

> OK I live in WV so I should be eastern standard time.. what is the difference between EST and EST5EDT

 

I'd say that the former would not do any Daylight Savings Time change, while the latter takes care of switching to DST automagically.

Remember, it's Eastern Standard Time in the winter, and Eastern Daylight Time in the summer, unless WV does the same as Arizona, not changing to DST.

Bye, Luca

----------

## naelr

yes we do change to DST thanks that was what I was missing... anyone have any idea on my other problem?

----------

## dj_farid

I have the same script as Joseph_sys. When I set the date, it sets it two hours behind.

My rc-conf is set lo local time.

I didn't have the /etc/localtime link before, but I made it now.

#ln -sf /usr/share/zoneinfo/CET /etc/localtime

It still sets the time two hours behind. What could be wrong?

----------

## lucaberta

 *dj_farid wrote:*   

> I have the same script as Joseph_sys. When I set the date, it sets it two hours behind.
> 
> My rc-conf is set lo local time.
> 
> I didn't have the /etc/localtime link before, but I made it now.
> ...

 

Not sure what could be the problem, as I don't use rdate but rather run a full NTP server on my system.

Remember that you can always check that Linux has the right UTC time by using the command "date -u" to show UTC time instead of local time. Currently UTC is behing CET by two hours as we're on summertime, so apparently rdate is not setting date according to your local time clock setting.

Ciao, Luca

----------

## lucid007

 *naelr wrote:*   

> Has anyone had a problem using their router with shorewall and trying to use it for an NTP  server... I can't get my local machines to get the time from it...  I think I might be missing something in the shorewall configuration... when I try to rdate 192.168.0.1  I get connection refused... can anyone start me in the right direction?
> 
> Naelr

 

I have (Shorewall 2.0.3a), in /etc/shorewall:

action.AllowNTP:

```
ACCEPT - - udp 123
```

actions:

```
AllowNTP
```

rules:

```
AllowNTP  fw  net

AllowNTP  loc  fw
```

And in /etc/conf.ntp:

```
restrict 192.168.0.0 mask 255.255.255.0 nomodify notrap
```

But this does not permit to get time with rdate, because rdate attempt to connect on time port (37); I configured my lan machines with ntp-client:

/etc/conf.d/ntp-client:

```
NTPCLIENT_OPTS="-b 192.168.0.1"
```

Best regards,

lucid007

----------

## dj_farid

 *Quote:*   

> 
> 
> dj_farid wrote: 
> 
> I have the same script as Joseph_sys. When I set the date, it sets it two hours behind. 
> ...

 

I forgot to mention that date IS showing the time in UTC even though I got it set to local...

 *Quote:*   

> # date -u
> 
> Sat Jul  3 17:47:14 UTC 2004

 

I have not rebooted after setting the symlink. Do I need to do that? (Really would like to avoid that).

----------

## lucaberta

 *dj_farid wrote:*   

> I forgot to mention that date IS showing the time in UTC even though I got it set to local...
> 
>  *Quote:*   # date -u
> 
> Sat Jul  3 17:47:14 UTC 2004 
> ...

 

And what does "date" alone, without the -u flag, give you?

Rebooting should not be needed, as long as "date -u" shows a correct UTC time things should be OK on your system.

Bye, Luca

----------

## dj_farid

The date without the -u flag shows the exact same output with the UTC time.

----------

## lucaberta

 *dj_farid wrote:*   

> The date without the -u flag shows the exact same output with the UTC time.

 

This is quite strange.  Check again that the /etc/localtime link really points to a correct file in /usr/share/zoneinfo but beyond that I wouldn't know what to think.

I have just tried an strace on date and it effectively looks for the /etc/localtime file in real time, so a reboot would not be necessary to activate a timezone.

Sorry I can't be of much help!

Bye, Luca

----------

## dj_farid

Thanks for the help!

Something was wrong with the link. I deleted it and made a new one. I should have tried it earlier...

Anyways, thanks.

----------

