[ previous ] [ next ] [ threads ]
 From:  "Michael Mee" <mm2001 at pobox dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Cc:  "Jorgen Norrman" <jurg at home dot se>
 Subject:  Re: [m0n0wall] ntp, bad idea?
 Date:  Mon, 26 Jan 2004 00:40:45 -0800
As the original contributor of the ntp client integration that's in m0n0wall
(with much nice tweaking by Manuel I hasten to add!), here's some notes
extracted from emails I sent offline to the last person interested in
getting the server running. In brief:

1) the UI changes are harder than the actual coding changes (which are
trivial), and they're not that hard either
2) XP's ntp support is broken and hence msntp 'correctly' fails its sync -
but I think msntp should be hacked to work with XP since the real world
isn't always 'correct' unfortunately

Hope this helps someone finish the job. Note that (1) without (2) will
likely cause more problems than its worth (if only because we'll get lots
more messages here asking why XP doesn't time sync with m0n0wall).

cheers, michael

There's a bunch of stuff in the archive about this from when I was adding
this. But roughly the status is:

ntp client is running
ntp server is NOT running

However, the ntp server is there (its the same program as the client), it
just needs to be hooked in with some UI to enable/disable it and the right
command line settings to trigger it at startup.

The other big thing that *I* think needs to be done, though I may be in a
minority here, is to hack the ntp server code to allow it to work with XP
which makes some broken requests (again see archives).

Never thought about the rules necessary to get to a local NTP server, but
that's a great idea!
I doubt its a common scenario that people want to get to the time server
from the outside world, but I think its analogous to the smtp scenario,
where you need to create a new rule to allow it using the GUI (Firewall ->
rules). I.e., if you have the time server running, then that's probably
enough!  All we need is a config option in the GUI (and corresponding
config.xml entry) to enable it at boot up.

Prompted by your interest, I went digging into my old mails and the msntp
man entry (e.g. http://pigtail.net/LRP/msntp.html). Note that I think you
need to invoke msntp a second time for the -S flag to take affect. I.e., it
can run as a client or a server, but not both at once. Thus the file
/usr/local/bin/runmsntp.sh may not be the best place to invoke it.

Also, there's probably not a lot of value in running msntp as a server only
without a client. I doubt the on board RT clock keeps good enough time for
that! Something to think about for the web page design.

In the fwiw department, here's my status note from when I last worked on it
which included my ideas for adding the server support:

The long thread that started it all is here:

Hope this helps!
msntp won't work with XP with the builtin ntp prog. I've forgotten the
details but XP has the wrong time stratum info or something. That's why I
wanted to hack the msntp sources. If you put msntp in major debug mode (-W?)
then it will show you why it fails the XP time request and then you can find
the place to change.
> I am currently playng with using ntpd instead of msntp on the m0n0wall.
>  What are your thoughts?

At the time, it appeared that this would be much larger. But maybe that's
not the case if you tweak it?  If you can get size to be similar and there's
no other startup issues, I doubt there'd be any problems with swapping it.
However, it was quite a bit larger when I looked at it...