Date: 15 Nov 2005 12:14:37 -0500 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: Dave <dmehler26@woh.rr.com> Cc: freebsd-questions@freebsd.org Subject: Re: ntp handling in 6.0 Message-ID: <44ek5hg7eq.fsf@be-well.ilk.org> In-Reply-To: <002301c5e947$5c4c6ef0$0900a8c0@satellite> References: <000901c5e7da$2bf28cd0$0900a8c0@satellite> <44iruv9suv.fsf@be-well.ilk.org> <002301c5e947$5c4c6ef0$0900a8c0@satellite>
next in thread | previous in thread | raw e-mail | index | archive | help
Don't top-post, please.
"Dave" <dmehler26@woh.rr.com> writes:
> Thanks for your reply. My server box does indeed have ntpd running
> i confirmed it with ps -aux and it does have a pf firewall. The rules
> are:
>
> # allow UDP requests to port 123 from firewall to exit ext_if_if
> # in order to contact internet ntp servers
> # (keep state on this connection)
> pass out quick on $ext_if inet proto { tcp, udp} from $ext_if to any port 123 keep state
>
> # allow UDP requests to ports 67, 68, and 123 from # in order to perform dhcp and ntp queries on the firewall
> # ( Keep state on this connection)
> pass in quick on $int_if inet proto { tcp,udp } from $int_net to $int_if port { 67, 68, 123 } keep state
There's probably a syntax issue here; I don't use pf, so the fact that
I don't personally see a problem may not mean anthing. You could try
debugging it by seeing whether the request packets actually get out of
the firewall, and whether responses come back.
> and ntpdc shows me a prompt.
But does it see any peers?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44ek5hg7eq.fsf>