Ubuntu

ubuntu:打開 udp 埠 123

  • March 28, 2013

進入我的linux伺服器(Ubuntu 8),我已經為ntp打開了埠123。我已將其寫入 /etc/iptables.rules:

:INPUT ACCEPT [7496:9080183]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [4393:322232]
[0:0] -A INPUT -p udp -m udp --sport 8100 -j ACCEPT
[0:0] -A INPUT -p udp -m udp --dport 8100 -j ACCEPT
[0:0] -I INPUT -p udp --dport 123 -j ACCEPT
[0:0] -I OUTPUT -p udp --sport 123 -j ACCEPT
COMMIT

但是如果我啟動這個命令:

nmap localhost -p123

還給我:

Starting Nmap 4.53 ( http://insecure.org ) at 2013-03-28 12:05 CET
Interesting ports on localhost (127.0.0.1):
PORT    STATE  SERVICE
123/tcp closed ntp

如果我午餐這個

ntpdate -d it.pool.ntp.org

還給我:

28 Mar 11:07:31 ntpdate[5132]: ntpdate 4.2.4p4@1.1520-o Fri Dec  4 18:18:35 UTC 2009 (1)
transmit(212.45.144.59)
transmit(212.45.144.16)
transmit(2.228.72.62)
transmit(84.38.50.20)
transmit(212.45.144.59)
transmit(212.45.144.16)
transmit(2.228.72.62)
transmit(84.38.50.20)
transmit(212.45.144.59)
transmit(212.45.144.16)
transmit(2.228.72.62)
transmit(84.38.50.20)
transmit(212.45.144.59)
transmit(212.45.144.16)
transmit(2.228.72.62)
transmit(84.38.50.20)
transmit(212.45.144.59)
transmit(212.45.144.16)
transmit(2.228.72.62)
transmit(84.38.50.20)
212.45.144.59: Server dropped: no data
212.45.144.16: Server dropped: no data
2.228.72.62: Server dropped: no data
84.38.50.20: Server dropped: no data
server 212.45.144.59, port 123
stratum 0, precision 0, leap 00, trust 000
refid [212.45.144.59], delay 0.00000, dispersion 64.00000
transmitted 4, in filter 4
reference time:    00000000.00000000  Thu, Feb  7 2036  7:28:16.000
originate timestamp: 00000000.00000000  Thu, Feb  7 2036  7:28:16.000
transmit timestamp:  d4fe94e6.3e0589ac  Thu, Mar 28 2013 11:07:34.242
filter delay:  0.00000  0.00000  0.00000  0.00000
        0.00000  0.00000  0.00000  0.00000
filter offset: 0.000000 0.000000 0.000000 0.000000
        0.000000 0.000000 0.000000 0.000000
delay 0.00000, dispersion 64.00000
offset 0.000000

server 212.45.144.16, port 123
stratum 0, precision 0, leap 00, trust 000
refid [212.45.144.16], delay 0.00000, dispersion 64.00000
transmitted 4, in filter 4
reference time:    00000000.00000000  Thu, Feb  7 2036  7:28:16.000
originate timestamp: 00000000.00000000  Thu, Feb  7 2036  7:28:16.000
transmit timestamp:  d4fe94e6.7138de6d  Thu, Mar 28 2013 11:07:34.442
filter delay:  0.00000  0.00000  0.00000  0.00000
        0.00000  0.00000  0.00000  0.00000
filter offset: 0.000000 0.000000 0.000000 0.000000
        0.000000 0.000000 0.000000 0.000000
delay 0.00000, dispersion 64.00000
offset 0.000000

server 2.228.72.62, port 123
stratum 0, precision 0, leap 00, trust 000
refid [2.228.72.62], delay 0.00000, dispersion 64.00000
transmitted 4, in filter 4
reference time:    00000000.00000000  Thu, Feb  7 2036  7:28:16.000
originate timestamp: 00000000.00000000  Thu, Feb  7 2036  7:28:16.000
transmit timestamp:  d4fe94e6.a46f049a  Thu, Mar 28 2013 11:07:34.642
filter delay:  0.00000  0.00000  0.00000  0.00000
        0.00000  0.00000  0.00000  0.00000
filter offset: 0.000000 0.000000 0.000000 0.000000
        0.000000 0.000000 0.000000 0.000000
delay 0.00000, dispersion 64.00000
offset 0.000000

server 84.38.50.20, port 123
stratum 0, precision 0, leap 00, trust 000
refid [84.38.50.20], delay 0.00000, dispersion 64.00000
transmitted 4, in filter 4
reference time:    00000000.00000000  Thu, Feb  7 2036  7:28:16.000
originate timestamp: 00000000.00000000  Thu, Feb  7 2036  7:28:16.000
transmit timestamp:  d4fe94e6.d7a22706  Thu, Mar 28 2013 11:07:34.842
filter delay:  0.00000  0.00000  0.00000  0.00000
        0.00000  0.00000  0.00000  0.00000
filter offset: 0.000000 0.000000 0.000000 0.000000
        0.000000 0.000000 0.000000 0.000000
delay 0.00000, dispersion 64.00000
offset 0.000000

28 Mar 11:07:35 ntpdate[5132]: no server suitable for synchronization found

我必須重新啟動某些東西或我的配置錯誤?

ntp 是 udp,您正在掃描 tcp,這就是它說它已關閉的原因。

試試這個

nmap -sT -sU -p 123 localhost

NTP 正在通過 UDP 工作。您需要執行以下命令:

[10:05:28] [root@dewa vol]# nmap -sU -P0 -p 123 127.0.0.1

Starting Nmap 5.51 ( http://nmap.org ) at 2013-03-28 10:05 UTC
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00030s latency).
PORT    STATE SERVICE
123/udp open  ntp

Nmap done: 1 IP address (1 host up) scanned in 0.07 seconds

引用自:https://serverfault.com/questions/493121