Forcing All Devices to Use pfSense for NTP (Correction NOT NNTP)


  • Is it possible (likely with DNS magic or something similar) to forcie all Device (including embedded devices with hard coded NNTP pool urls)  to Use pfSense for NNTP?  If so, how?

    Any assistance would be much appreciated.


  • Try this.  It's DNS-specific but the concepts should still apply.

    https://doc.pfsense.org/index.php/Redirecting_all_DNS_Requests_to_pfSense

  • Rebel Alliance Developer Netgate

    May seem nitpicky but do you actually mean NTP (Network Time Protocol)?

    NNTP is a much different protocol (Network News Transfer Protocol, Usenet news groups).

    If NTP is what you're after, then KOM's solution is the closest you'll get.


  • You're dating yourself. :)

    @jimp:

    NNTP is a much different protocol (Network News Transfer Protocol, Usenet news groups).


  • You think so?
    The latest RFC update concerning NNTP is from 2006. https://tools.ietf.org/html/rfc3977

    We still don't know if OP meant NNTP or (S)NTP.


  • Yep, just in time for the formal declaration of Usenet's death. :)

    @jahonix:

    The latest RFC update concerning NNTP is from 2006.


  • Yep, just in time for the formal declaration of Usenet's death. :)

    And yet here I am, 10 years later, still sending money to Giganews on a monthly basis.  You can still find lots of obscure, cool stuff via Usenet that isn't on torrent.


  • @jimp:

    May seem nitpicky but do you actually mean NTP (Network Time Protocol)?

    NNTP is a much different protocol (Network News Transfer Protocol, Usenet news groups).

    If NTP is what you're after, then KOM's solution is the closest you'll get.

    Thanks for catching that… I actually do know that... just some sloppy typing..... Maybe I should start another thread?  Also forget to set the notify me check, so I didn't notice it.


  • The answer you got from @KOM is the same way I handle NTP redirects(and DNS for that matter).
    Works just fine in my environment ;)


  • @brandur:

    The answer you got from @KOM is the same way I handle NTP redirects(and DNS for that matter).
    Works just fine in my environment ;)

    Thanks… Just wondering does NTP validate the source in any way, or does simply routing traffic to the internal server that I want to handle it get the job done?


  • @KOM:

    Try this.  It's DNS-specific but the concepts should still apply.

    https://doc.pfsense.org/index.php/Redirecting_all_DNS_Requests_to_pfSense

    Thanks… I gave this a try, and... since I want to do the same thing with DNS, so I tried to do exactly what it said in the directions, and all DNS is blocked by the default deny - so for some reason this rule isn't getting triggered. Or am I missing something (or did I find a bug)?







  • @guardian:

    @KOM:

    Try this.  It's DNS-specific but the concepts should still apply.

    https://doc.pfsense.org/index.php/Redirecting_all_DNS_Requests_to_pfSense

    Thanks… I gave this a try, and... since I want to do the same thing with DNS, so I tried to do exactly what it said in the directions, and all DNS is blocked by the default deny - so for some reason this rule isn't getting triggered. Or am I missing something (or did I find a bug)?

    Hi,
    I also using the redirect all DNS request to OpenDNS servers for my LAN_2 users
    This is my firewall rule for my LAN_2 users.  By this I prevent them for using another DNS, Only OpenDNS in this case.

    ![Desktop 26-07-2016 22.03.45-233.png](/public/imported_attachments/1/Desktop 26-07-2016 22.03.45-233.png)
    ![Desktop 26-07-2016 22.03.45-233.png_thumb](/public/imported_attachments/1/Desktop 26-07-2016 22.03.45-233.png_thumb)