On Tue, Jul 30, 2002 at 07:16:12PM -0500, wideglide@myrealbox.com wrote:
What do I need to do to adjust SuSEFirewall2 to allow ntp connections to correct my local clock?
I have xntpd running and have set locations to check the clock. But I am getting the following ??UANLLOWED?? entries in my firewall log:
this is ONE line: Jul 30 08:00:13 wahoo kernel: SuSE-FW-UNALLOWED-TARGETIN=eth0 OUT= MAC=00:**mac address:00 SRC=24.30.200.3 DST=192.168.0.2 LEN=188 TOS=0x00 PREC=0x00 TTL=246 ID=34023 DF PROTO=UDP SPT=53 DPT=1027 LEN=168
This does not look like ntp traffic. Judging by source port number it's DNS.
Doesn't this mean that the firewall is not allowing access? & How do I change to allow updating my clock??
One possible solution is to put your NTP server(s) into FW_TRUSTED_NETS variable: FW_TRUSTED_NETS="<ntp server IP>,udp,ntp" Regards, -Kastus