Hi, I'm still having trouble getting time synchronization to work with SuSEfirewall2. First, if I turn off the firewall, the following script works fine. When I turn on the firewall, I get an error: "No suitable server found for synchronization"; and packets to port 123 get dropped, even though I tell the firewall to allow them. What's going on? #the timeset script ################################################# #!/bin/sh ntpdate -b -v 'time-nw.nist.gov' hwclock --systohc ################################################## In my firewall2 config file #################################################### FW_ALLOW_INCOMING_HIGHPORTS_UDP="domain ntp 123" #################################################### My firewall log shows this: #################################################### Oct 13 05:54:46 zentara kernel: SuSE-FW-DROP-DEFAULTIN=ppp0 OUT= MAC= SRC=131.107.1.10 DST=67.243.199.204 LEN=76 TOS=0x10 PREC=0x00 TTL=14 ID=14545 PROTO=UDP SPT=123 DPT=123 LEN=56 Oct 13 05:54:47 zentara kernel: SuSE-FW-DROP-DEFAULTIN=ppp0 OUT= MAC= SRC=131.107.1.10 DST=67.243.199.204 LEN=76 TOS=0x10 PREC=0x00 TTL=14 ID=18694 PROTO=UDP SPT=123 DPT=123 LEN=56 Oct 13 05:58:26 zentara kernel: SuSE-FW-ACCEPTIN=ppp0 OUT= MAC= SRC=198.6.1.218 DST=67.243.199.207 LEN=156 TOS=0x00 PREC=0x00 TTL=245 ID=55897 DF PROTO=UDP SPT=53 DPT=1024 LEN=136 Oct 13 05:58:27 zentara kernel: SuSE-FW-DROP-DEFAULTIN=ppp0 OUT= MAC= SRC=131.107.1.10 DST=67.243.199.207 LEN=76 TOS=0x10 PREC=0x00 TTL=14 ID=34218 PROTO=UDP SPT=123 DPT=123 LEN=56 Oct 13 05:58:28 zentara kernel: SuSE-FW-DROP-DEFAULTIN=ppp0 OUT= MAC= SRC=131.107.1.10 DST=67.243.199.207 LEN=76 TOS=0x10 PREC=0x00 TTL=14 ID=38299 PROTO=UDP SPT=123 DPT=123 LEN=56 #################################################### So I have ntp and 123 in the list to accept, but they get dropped. Why? It's just a minor annoyance, the firewall works fine otherwise, but it bugs the heck out of me, that it dosn't do what it's told to do. -- use Perl; #powerful programmable prestidigitation