NTP, ntpdate, and ISP-based firewall
jdow
jdow at earthlink.net
Thu Mar 4 19:29:10 UTC 2004
From: "Don Levey" <fedora-list at the-leveys.us>
> fedora-list-admin at redhat.com wrote:
> > Rodolfo J. Paiz wrote:
> >> At 12:17 3/4/2004, you wrote:
> >>
> >>> I'm not getting anything back. Feh. Doesn't deem to make a
> >>> difference whether or not I have iptables running.
> >> Make sure you can type "iptables -L" and get a display with no rules
> >> and all policies set to ACCEPT.
> >
> > It shouldn't matter. The tcpdump shows that the packets aren't even
> > getting to his system. The default iptables doesn't get in the way of
> > replies anyway. Even if it did, the tcpdump would have shown the
> > server packet arriving and then iptables sending an ICMP prohibited
> > reply.
> >
> >>> I opened port 123 on my Linksys firewall
> >> Make sure you open UDP/123 instead of TCP.
> >
> > This, on the other hand, may be relevant.
>
> As I recall, this is what I did yesterday.
> It's at home right now, with no remote access to configuration, but I can
> confirm later.
> -Don
If your own firewall is blocking the return packets it should show up
in your main system logs, /var/log/messages.
Run a tcpdump while you set time using ntpdate. If ntpdate works there is
no sensible reason ntpd should not unless you are trying the multicasting
"stuff".
{^_^}
More information about the fedora-list
mailing list