![首頁 Logo Keith ]p !!](/themes/mytheme/logo.png){kind=logo}
最後更新: 2022-07-19
目錄
date
設定:
date [-u|--utc|--universal] FORMAT
opts:
- -u,--utc
- -s,--set (-s, --set=STRING)
- -d,--date TIME Display TIME, not 'now'
- -R,--rfc-2822 Output RFC-2822 compliant date string (Sat, 01 Jan 2000 01:02:42 +0000)
FORMAT:
- hh:mm[:ss]
- YYYY-MM-DD hh:mm[:ss]
e.g.
date -s "2000-01-01 01:01"
# Display Format
date +%s
P.S.
%s Epoch
%Y year
%m month (01..12)
%d day of month (e.g, 01)
%k hour ( 0..23)
%M minute (00..59)
%S second (00..60)
%F full date; same as %Y-%m-%d
# Display time described by STRING
Usage
-d, --date=STRING
date +%s -d"Jan 1, 1980 00:00:01"
315504001
date -d @1190000000
output:
Mon Sep 17 11:33:20 HKT 2007
# Time Zone
tzconfig
tzselect
hwclock
查看當時時間
hwclock (相當於 hwclock --show --utc 縮寫 hwclock -r -u)
Output
Thu 08 Nov 2018 05:19:37 PM HKT -1.005565 seconds
Remark
ISO 8601 format.
The time shown is always in local time, even if you keep your Hardware Clock in UTC.
UTC or the local timescale
The Hardware Clock may be configured to use either the UTC or the local timescale
Indicate which timescale the Hardware Clock is set to.
- --localtime
- --utc, -u (Default)
hwclock --localtime
Thu 08 Nov 2018 09:26:07 AM HKT -0.360894 seconds
hwclock --utc
Thu 08 Nov 2018 05:26:12 PM HKT -0.360834 seconds
互 sync
hwclock --hctosys # -s
hwclock --systohc # -w
設定時間:
hwclock --set --date=newdate
Example:
hwclock --set --date="2011-08-14 16:45:05"
* local time
有關檔案
/etc/default/rcS:
# assume that the BIOS clock is set to UTC time (recommended) UTC=no
ntpdate
Centos6 Package:
yum install ntpdate
更新系統時間:
ntpdate stdtime.gov.hk
Options:
-d Enable the debugging mode
-u Direct ntpdate to use an unprivileged port for outgoing packets.
Trobleshoot:
1:
2 Jul 10:25:06 ntpdate[24686]: the NTP socket is in use, exiting
# 原因: ntpd service 是啟動狀態導致無法使用 ntpdate
Debian
/usr/sbin/ntpdate-debian 與 ntpdate 是一樣的 program.
它們分別在它會讀取
- /etc/default/ntpdate
- /etc/ntp.conf
去更新時間
# /etc/ntp.conf
NTPDATE_USE_NTP_CONF=yes NTPSERVERS="ntp.ubuntu.com"
- -q Query only - don't set the clock.
- -d Enable the debugging mode
- -u Direct ntpdate to use an unprivileged port for outgoing packets.
22 Jul 09:40:23 ntpdate[26930]: ntpdate [email protected] Tue Jun 5 20:12:09 UTC 2012 (1) Looking for host stdtime.gov.hk and service ntp host found : 118.143.17.82 transmit(118.143.17.82) receive(118.143.17.82) transmit(118.143.17.82) receive(118.143.17.82) transmit(118.143.17.82) receive(118.143.17.82) transmit(118.143.17.82) receive(118.143.17.82) transmit(118.143.17.82) server 118.143.17.82, port 123 stratum 1, precision -19, leap 00, trust 000 refid [MRS], delay 0.02773, dispersion 0.00005 transmitted 4, in filter 4 reference time: d5970c10.095f035a Mon, Jul 22 2013 9:40:32.036 originate timestamp: d5970c14.772ed3bc Mon, Jul 22 2013 9:40:36.465 transmit timestamp: d5970c11.14e85899 Mon, Jul 22 2013 9:40:33.081 filter delay: 0.02924 0.02782 0.02802 0.02773 0.00000 0.00000 0.00000 0.00000 filter offset: 3.382756 3.382675 3.382854 3.382739 0.000000 0.000000 0.000000 0.000000 delay 0.02773, dispersion 0.00005 offset 3.382739 22 Jul 09:40:35 ntpdate[26930]: step time server 118.143.17.82 offset 3.382739 sec
Openwrt - NTP
( 由 BusyBox v1.19.4 提供 )
它是同一個 Program 提供了 Server 及 Client 的功能的
NTP client/server:
-d Verbose
-n Do not daemonize
-q Quit after clock is set
-N Run at high priority
-w Do not set time (only query peers), implies -n
-l Run as server on port 123
-S PROG Run PROG after stepping time, stratum change, and every 11 mins
-p PEER Obtain time from PEER (may be repeated)
start up script:
/etc/init.d/sysntpd [start|Stop|enable|disable]
Query only:
行以下 command 之後鍵入 "Ctrl + c"
ntpd -q 0.openwrt.pool.ntp.org
-q Query only - don't set the clock.
config:
/etc/config/system
config timeserver 'ntp'
list server '0.openwrt.pool.ntp.org'
list server '1.openwrt.pool.ntp.org'
list server '2.openwrt.pool.ntp.org'
list server '3.openwrt.pool.ntp.org'
option enable_server '0'
Attack Description
NTP amplification is essentially a type of reflection attack. Reflection attacks involve eliciting a response from a server to a spoofed IP address. The attacker sends a packet with a forged IP address (the victim’s) and the server replies to this address.
Reflection attacks are dangerous. But they are even more dangerous when amplified. “Amplification,” in this context,
In an NTP amplification attack, the query-to-response ratio is anywhere between 20:1 and 200:1 or more.
Public Time Server
- time.google.com
- stdtime.gov.hk # 香港天文台
限 IP
time.google.com 它一共有4架server, 分別係
- time1.google.com
- time2.google.com
- time3.google.com
- time4.google.com
chain=input action=accept protocol=udp src-address-list=GoogleNTP dst-address-list=RouterIP in-interface=eth16-mgt src-port=123 dst-port=123
Sync time scripts
/root/scripts/synctime.sh
/usr/sbin/ntpdate time.google.com > /dev/null 2>&1 hwclock -w > /dev/null 2>&1
timesyncd
On Ubuntu 20 LTS, ystemd-timesyncd.service is running by default on
Config
/etc/systemd/timesyncd.conf
A space-separated list of NTP server host names or IP addresses.
systemd-timesyncd will contact all configured system or
per-interface servers in turn until one is found that responds.
NTP=time.google.com
# the maximum estimated time required for a packet to travel to the server we are connected to from the server with the reference clock.
# If the current server does not satisfy this limit, systemd-timesyncd will switch to a different server
RootDistanceMaxSec=5
# 多久 refresh 一次
# Default Settings PollIntervalMinSec=32 PollIntervalMaxSec=2048
Service
systemctl restart systemd-timesyncd
timedatectl timesync-status
