On Jun 6, 2011, at 10:39 AM, Ask Bjørn Hansen wrote: > ip6tables on Linux doesn't seem to have state tracking and it appears I > messed up the firewall rules a bit. I realized it last night actually as I > was going to bed, but it was already crazy o'clock. I will get them fixed > within an hour or so.
You almost certainly don't want to be implementing stateful rules for NTP traffic; you'll fill up the state table with lots of entries for no benefit, as UDP isn't stateful. Just pass UDP 123 and ephemeral high ports in both directions. Regards, -- -Chuck _______________________________________________ pool mailing list [email protected] http://lists.ntp.org/listinfo/pool
