Interesting. I added an input rule to allow outside udp to the masq machine on 123, and now I see
ntpdate 131.216.18.4 13 Dec 11:33:50 ntpdate[19926]: adjust time server 131.216.18.4 offset 0.005303 sec I though I had tried enabling 123, but I may have only done it for inside traffic (actually, it was already enabled inside, but I added an explicit rule for that port). It wasn't clear to me that 123 had to be open to the outside world to get this to work, but apparently it does... If this is all it was, thanks! If not, at least I feel like I cam getting closer... thanks for the comments and suggestions! Dan Hugo William Burrow wrote: > > On Mon, Dec 13, 1999 at 08:45:04AM -0200, Henrique M Holschuh wrote: > > Don't kill tcp or udp packets from/to the ntp service port, nor delay them. > > When in doubt, try ntpq -p <host> to "ping" the servers. > > This will work even if the ntp ports are blocked by ipchains. Be sure > port 123 is accessable through ipchains. > > -- > William Burrow -- New Brunswick, Canada > A 'box' is something that accomplishes a task -- you feed in input and > out comes the output, just as God and Larry Wall intended. > -- brian moore > > -- > Unsubscribe? mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
