1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

NTP blocked; Alternatives to ntpd for updating time?

Discussion in 'Asuswrt-Merlin' started by jarmka, May 10, 2018.

Thread Status:
Not open for further replies.
  1. dugaduga

    dugaduga Regular Contributor

    Joined:
    May 12, 2018
    Messages:
    98
    date -s `curl -I 'https://google.com/' 2>/dev/null | grep -i '^date:' | sed 's/^[Dd]ate: //g'`

    the curl command is almost perfect, and allows for time retrieval from a near infinite source of urls in a manner that cannot be detected or censored... without the presence of potentially vulnerable ntp servers or clients revealed; however the date received from the url is for example

    Code:
    Sat, 12 May 2018 18:49:18 GMT"
    
    and date -s requires something more like

    Code:
    2018-05-12 2018 18:49:18
    
    so a simple script or code embedded in the above example that translates and properly orders the dates, and names into numbers would totally void any need for third party software, local servers, ported software, and extra ports being opened. Its also able to pull code from https / tls links so you can optionally get similar encrypted results as tlsdate.

    Other than that imo tlsdate looks favorable. http://www.timesynctool.com/ looks really awesome too! A very well made piece of software! And works like twiglets said, even if there is no internet. (The primary issue being, you need the computer/server up in order for it to sync) Thank you Twiglets! I'll give it a try as well.
     
    Last edited: May 13, 2018
    Fitz Mutch and Twiglets like this.
  2. dugaduga

    dugaduga Regular Contributor

    Joined:
    May 12, 2018
    Messages:
    98
    Using timesynctool I am able to successfully sync router time locally whereas outgoing connections were blocked, for whatever reason. If it were not of any importance I'm sure it wouldn't have happened, so this is a viable alternative that nullifies any attempts at censoring timesync; though it does open up unlikely vectors for potential exploitation should the lan or router become compromised.

    timesynctool
    You should see the following in NetTime logviewer:
     
    Last edited: May 13, 2018
    Twiglets likes this.
  3. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    6,990
    Location:
    UK
    @dugaduga I didn't realise that you actually had this problem (NTP being blocked), I thought it was just for academic interest.:D

    If you are suffering from the "AT&T issue" have you tried the solution in the original thread on the subject? To me it makes more sense to fix NTP for the entire network with a single firewall rule, rather than a convoluted solution involving internal servers.
     
    dugaduga likes this.
  4. Twiglets

    Twiglets Regular Contributor

    Joined:
    Aug 15, 2014
    Messages:
    154
    Glad it solved your problem.
    I found 'NetTime.exe' a few years ago when I was in need of something to sync time on a PC when the ususal 'Windows Services' were inaccurate/flaky :)
     
    dugaduga likes this.
  5. dugaduga

    dugaduga Regular Contributor

    Joined:
    May 12, 2018
    Messages:
    98
    @ColinTaylor; I tried creating /jffs/scripts/init-nat
    with
    Code:
    #!/bin/sh
    iptables -t nat -I POSTROUTING -o $(nvram get wan0_ifname) -p udp --sport 123 -j MASQUERADE --to-ports 49152-65535 --random
    
    No luck. Disabled all my mods again. No luck either. It will eventually connect randomly without user intervention, sometimes after 20-30 minutes.
     
  6. Fitz Mutch

    Fitz Mutch Senior Member

    Joined:
    May 27, 2016
    Messages:
    465
    Location:
    Portsmouth
    Don't need to bother with DNS lookups either. This way is my favorite.

    date -s `curl -I 'https://1.1.1.1/' 2>/dev/null | grep -i '^date:' | sed 's/^[Dd]ate: //g'`
     
    dugaduga likes this.
  7. dugaduga

    dugaduga Regular Contributor

    Joined:
    May 12, 2018
    Messages:
    98
    @Fitz Mutch did you manage to get that working for you?
     
    Fitz Mutch likes this.
  8. Twiglets

    Twiglets Regular Contributor

    Joined:
    Aug 15, 2014
    Messages:
    154
    Does not work as the Date format returned by the curl is not accepted by the 'date' command.

    Curl returns date format of the form "Sun, 13 May 2018 21:33:16 GMT" ===> this is not valid with the date command !!!

    [Tried it on a RT-AC56U running 384.4_2 RMerlin Firmware]
     
    Fitz Mutch and dugaduga like this.
  9. Fitz Mutch

    Fitz Mutch Senior Member

    Joined:
    May 27, 2016
    Messages:
    465
    Location:
    Portsmouth
    It is for demonstration purposes only.

    date -u -D '%a, %d %b %Y %H:%M:%S' -d "$(curl -I 'https://1.1.1.1/' 2>/dev/null | grep -i '^date:' | sed 's/^[Dd]ate: //g')"
     
    ColinTaylor likes this.
  10. dugaduga

    dugaduga Regular Contributor

    Joined:
    May 12, 2018
    Messages:
    98
    Here is another code, the results are cleaner than the rest; but result is still invalid
    Code:
    date -s "$(wget -qSO- --max-redirect=0 startpage.com 2>&1 | grep Date: | cut -d' ' -f5-8)"
    
    Results in the following:

    date: invalid date '13 May 2018 22:46:44'

    I was told this is "Very likely a limitation in the busybox date implementation - in which case you'd have to do your own parsing. sed (amongst others) would work using capture groups."

    We'll we're getting closer. Great work fitz, thank you SO much.
     
    Last edited by a moderator: May 14, 2018
    Fitz Mutch likes this.
  11. Twiglets

    Twiglets Regular Contributor

    Joined:
    Aug 15, 2014
    Messages:
    154
    Here is an alternative that DOES set the date !!! [-s option].
    Prints out 'Date' it retrieves & the 'Date' that is set for comparison.

    Only thing that is odd is that the date retrieved is ".... GMT" and the date utility sets the correct time but changes it to "... DST"
    Environment has TZ set to "GMT"

    datetext=$(curl -I 'https://1.1.1.1/' 2>/dev/null | grep "Date:" |sed 's/Date: [A-Z][a-z][a-z], //g'| sed 's/\r//') ; echo "Date Retrieved = $datetext" ; echo -n "Date set = " ; date -s "$datetext" -D'%d %b %Y %T %Z'
     
    Last edited: May 13, 2018
    dugaduga and FreshJR like this.
  12. thiggins

    thiggins Mr. Easy Staff Member

    Joined:
    May 18, 2008
    Messages:
    13,631
    Gentlemen,
    Please just report suspect posts.

    Engagement like this doesn't help.

    Locking thread.
     
    Fitz Mutch, Beherit and ColinTaylor like this.
Thread Status:
Not open for further replies.