Subject: Re: ntp & ipf?
To: <>
From: Jan Danielsson <jan.danielsson@gmail.com>
List: netbsd-users
Date: 08/24/2005 01:04:20
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig305312CD65323B3E8E871181
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Jan Danielsson wrote:
> Hello all,
>
> I'm trying to get ntp working through a firewall.
>
> I have this:
>
> # local interface flows freely
> pass in quick on lo0 all
> pass out quick on lo0 all
>
> # Allow NTP
> pass in quick proto udp from any to any port=ntp
> pass out quick proto udp from any to any port=ntp
>
> ..in my ipf.conf. However, I can not verify that it works because
> ntpq won't run properly:
>
> # ntpq -n
> ntpq> pe
> ntpq: write to localhost failed: Permission denied
>
>
> I even tried:
> pass in quick on lo0 all
> pass out quick on lo0 all
> pass in quick on rtk0 all
> pass out quick on rtk0 all
>
> ..to the top of my ipf.conf, and it still fails with the same
> message. I guess it's something trivial that I have missed, but I can't
> see it.
>
> NetBSD 2.0.2/i386. ipfilter is blocking packets by default.
>
> Thankful for any tips & pointers.
I forgot to mention: All works ok when I disable ipfiler.
--
Kind Regards,
Jan Danielsson
Te audire no possum. Musa sapientum fixa est in aure.
--------------enig305312CD65323B3E8E871181
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
iD8DBQFDC6t68wBCTJQ8HEIRAsM9AKDA7gyvj9ApX1X/Vr6IDCuQqmQtlACfZRQ/
8SapjZnBeD0/FBhIlbjS8sQ=
=t+u6
-----END PGP SIGNATURE-----
--------------enig305312CD65323B3E8E871181--