Hi, I've installed SuSEfirewall2 on my suse 7.2 pc with two nic's (eth0 external and eth1 internal). When I use msntp ntp.pandora.be on my firewall, I get a timeout. In the log file there is the following: Nov 12 11:51:41 menhir kernel: SuSE-FW-DROP-DEFAULTIN=eth0 OUT= MAC=00:60:08:6c:ff:27:08:00:3e:15:ba:62:08:00 SRC=195.130.132.18 DST=213.224.17.141 LEN=76 TOS=0x00 PREC=0x00 TTL=250 ID=19913 DF PROTO=UDP SPT=123 DPT=1024 LEN=56 Does anyone knows which option I have to set? I already opened the high UDP ports for my ISP DNS servers (FW_ALLOW_INCOMING_HIGHPORTS_UDP = "DNS"), the npt.pandora.be is an alias for my primary DNS server. I tried to open the higports for UDP packets coming from the NTP port (FW_ALLOW_INCOMING_HIGHPORTS_UDP = "DNS ntp") and this works. But it doesn't look very secure to me. Any suggestions? David