Gui for configuring NTP
jdow
jdow at earthlink.net
Sat Dec 10 01:12:50 UTC 2005
From: "Scot L. Harris" <webid at cfl.rr.com>
> On Fri, 2005-12-09 at 19:12, jdow wrote:
>> From: "Paul Smith" <phhs80 at gmail.com>
>>
>
>> >> > Is your iptables open for NTP?
>> >> > I have this:
>> >> > -A INPUT -s 66.187.233.4 -p udp -m udp --sport 123 --dport 123 -j ACCEPT
>> >> > -A INPUT -s 66.187.224.4 -p udp -m udp --sport 123 --dport 123 -j ACCEPT
>>
>>
>>
>> NOTE: that is only good if you have "clock1.redhat.com" as your clock
>> server. Make it correct for the clock server you select. You may have to
>> make it a range of addresses.
>>
>
> Why would you need to open these ports to have your system update it's
> time using NTP? My systems seem to get NTP updates just fine sitting
> behind a firewall that does not have these ports opened.
I've seen some firewall setups wherein this was a problem. I have my
firewall setup so that it is not a problem. But I am just passing along
the benefits of long experience. That is why I suggested the various
ntpq and ntpdate tests along with watching for firewall messages.
I've been using ntp since the xntp days and have seen all manner of silly
problems.
{^_^}
More information about the fedora-list
mailing list