SuSE 8.1/cable internet access. I have xntpd running and cannot maintain system time thru SuSEfirewall2. I have: FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes" and iptables -A input_ext -j ACCEPT -m state --state ESTABLISHED,RELATED -p udp --sport ntp --dport ntp But, neither rule seems to allow ntp access thru the firewall. I know that the firewall is blocking because, if I stop the firewall, ntp will update the system time. # iptables -L | grep ntp DROP udp -- anywhere anywhere udp dpt:ntp ACCEPT udp -- anywhere anywhere state NEW,RELATED,ESTABLISHED udp spt:ntp dpts:1024:65535 DROP udp -- anywhere anywhere udp dpt:ntp DROP udp -- anywhere anywhere udp dpt:ntp ACCEPT udp -- anywhere anywhere state NEW,RELATED,ESTABLISHED udp spt:ntp dpts:1024:65535 DROP udp -- anywhere anywhere udp dpt:ntp ACCEPT udp -- anywhere anywhere state NEW,RELATED,ESTABLISHED udp spt:ntp dpts:1024:65535 Also, SuSE 7.3 gave me firewall logs, /var/log/firewall, but SuSE 8.1 does not. Have I configured something wrong or is it just different? I see that everything that was in firewall (log) is also in messages (I think). -- Patrick Shanahan Registered Linux User #207535 @ http://counter.li.org icq#173753138