Hi Voytek, Try permitting 123/UDP out/in. I see your rules are 123/tcp which may account for it, cheers
kind regards Norman On Mon, 17 Nov 2003, Voytek wrote: > I'm still struggling with the ntpd, the firwall has been (supposedly ?) opened to > allow my server port 123 traffic, but, I get this: > > # ntpdate clock.redhat.com > 17 Nov 17:35:34 ntpdate[22454]: no server suitable for synchronization found > > I can not see anything rwong in /var/log/messages > > after starting ntpd, 'messages' has: > > Nov 17 17:38:49 koala ntpd[22490]: ntpd [EMAIL PROTECTED] Mon Apr 8 06:30:52 EDT > 2002 > (1) > Nov 17 17:38:49 koala ntpd: ntpd startup succeeded > Nov 17 17:38:49 koala ntpd[22490]: precision = 9 usec > Nov 17 17:38:49 koala ntpd[22490]: kernel time discipline status 0040 > Nov 17 17:38:49 koala ntpd[22490]: frequency initialized 0.000 from /etc/ntp/dri > ft > > [EMAIL PROTECTED] etc]# telnet clock.redhat.com 123 > Trying 66.187.233.4... > > my ipchains has: > > -A input -s 0/0 -d 0/0 ntp -p tcp -y -j ACCEPT > -A input -s 0/0 -d 0/0 443 -p tcp -y -j ACCEPT > -A input -s 0/0 -d 0/0 110 -p tcp -y -j ACCEPT > -A input -s 0/0 -d 0/0 25 -p tcp -y -j ACCEPT > -A input -s 0/0 -d 0/0 80 -p tcp -y -j ACCEPT > -A input -s 0/0 -d 0/0 21 -p tcp -y -j ACCEPT > -A input -s 0/0 -d 0/0 22 -p tcp -y -j ACCEPT > -A input -s 0/0 67:68 -d 0/0 67:68 -p udp -i eth0 -j ACCEPT > -A input -s 0/0 67:68 -d 0/0 67:68 -p udp -i eth1 -j ACCEPT > -A input -s 0/0 -d 0/0 -i lo -j ACCEPT > -A input -p tcp -s 0/0 -d 0/0 0:1023 -y -j REJECT > -A input -p tcp -s 0/0 -d 0/0 2049 -y -j REJECT > -A input -p udp -s 0/0 -d 0/0 0:1023 -j REJECT > -A input -p udp -s 0/0 -d 0/0 2049 -j REJECT > -A input -p tcp -s 0/0 -d 0/0 6000:6009 -y -j REJECT > -A input -p tcp -s 0/0 -d 0/0 7100 -y -j REJECT > > am I blocking it myself ? ? -- E-Solutions for BSD and Linux http://www.paladincorp.com.au/ -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
