
#-----------------------------------------------------------------------
# CHANGES
#-----------------------------------------------------------------------
#
# 2001-02-07  Jean-Sebastien Morisset <jsmoriss@mvlan.net>
#             Replaced high-port rules with Accept_Hostports function.
#             Also added check for CLUSTER_NAMES and assoc. rules.
# 2000-10-26  Jean-Sebastien Morisset <jsmoriss@jsm-mv.dyndns.org>
#             Added the "#m# 123" module config.
# 2000-10-17  Jean-Sebastien Morisset <jsmoriss@jsm-mv.dyndns.org>
#             Added rule to allow outgoing UDP from high-ports.
# 2000-10-14  Jean-Sebastien Morisset <jsmoriss@jsm-mv.dyndns.org>
#             Initial module written for v5.0.
#
#-----------------------------------------------------------------------
# MODULE CONFIGURATION
#-----------------------------------------------------------------------
#
#m# 123
#a# accept
#i# cluster novirtual
#n# ntp
#t# servers
#
#   |--------------------------------------------------------------------|
#d# The NTP server hostname(s) where you get your time.
#d#
#d# Example:
#d#   accept-eth1-ntp-servers = clock.uregina.ca
#   |--------------------------------------------------------------------|
#
#-----------------------------------------------------------------------
# START OF MODULE CODE
#-----------------------------------------------------------------------

for host in `Option_Value accept $INTOPT ntp servers`
do
	[ "$MODE" -gt "1" ] && Accept_Hostports remote udp "NTP" $host ntp

	if [ "$CLUSTER_NAME" ]
	then
		ipchains -A $OUTCHAIN -j ACCEPT -p udp -s $host   ntp -d $IPADDR ntp $LOG
		ipchains -A $INCHAIN  -j ACCEPT -p udp -s $IPADDR ntp -d $host   ntp $LOG
	else
		ipchains -A $INCHAIN  -j ACCEPT -p udp -s $host   ntp -d $IPADDR ntp $LOG
		ipchains -A $OUTCHAIN -j ACCEPT -p udp -s $IPADDR ntp -d $host   ntp $LOG
	fi
done
unset host

