Jorgen Norrman wrote:
> It would be nice if m0n0wall could act as ntp server for the
> lan/pptp/ipsec clients.
Apart from hairy questions about what set of features to support in the
GUI, what reference clock drivers to include (if at all), etc., ntpd
simply doesn't belong on a firewall.
If you really have the need for ntp in your network, you should set up
an ntp server yourself, perhaps conveniently by running ntpd on one of
your existing Unix, *BSD, or Linux boxes.
Also note that the suggestion to use external servers (in another post)
is not necessarily a good one: if you have a dozen of clients, you don't
want them all individually to go out to public servers. And if you must,
*please* use pool.ntp.org as that is a round robin of servers that
permit this kind of use.
Because of the ugliness oozing out of that last point, a reasonable
compromise *could* be to support enough of the protocol to simply let
m0n0wall report its own time. This will keep clients happy that don't
run ntp themselves but only periodically call ntpdate. I don't know if
such minimalistic ntp server code exists somewhere. I'll give it a google...