<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Scot L. Harris wrote:
<blockquote cite="mid1134174702.31137.23.camel@lathe.slh.lan"
type="cite">
<pre wrap="">On Fri, 2005-12-09 at 19:12, jdow wrote:
</pre>
<blockquote type="cite">
<pre wrap="">From: "Paul Smith" <a class="moz-txt-link-rfc2396E" href="mailto:phhs80@gmail.com"><phhs80@gmail.com></a>
</pre>
</blockquote>
<pre wrap=""><!---->
</pre>
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">Is your iptables open for NTP?
I have this:
-A INPUT -s 66.187.233.4 -p udp -m udp --sport 123 --dport 123 -j ACCEPT
-A INPUT -s 66.187.224.4 -p udp -m udp --sport 123 --dport 123 -j ACCEPT
</pre>
</blockquote>
</blockquote>
</blockquote>
<pre wrap="">
NOTE: that is only good if you have "clock1.redhat.com" as your clock
server. Make it correct for the clock server you select. You may have to
make it a range of addresses.
</pre>
</blockquote>
<pre wrap=""><!---->
Why would you need to open these ports to have your system update it's
time using NTP? My systems seem to get NTP updates just fine sitting
behind a firewall that does not have these ports opened.
</pre>
</blockquote>
Then it isn't a firewall. Well, I guess it could be, but it is a very
poor firewall. I'll almost guarantee that the ports are open, you just
don't know it.<br>
</body>
</html>