Shorewall users - Jul 2002 - ntp and shorewall

Does shorewall have a problem with ntp? 

My client machines inside the firewall never seem
to contact the ntp server, and nothing shows
up in the shorewall logs.  But If i move the client
to the other side of the firewall it works fine.
I''ve configured the thing with a numerical ip so
its not a dns problem. 

______________________________________
John Andersen
NORCOM / Juneau, Alaska
http://www.screenio.com/
(907) 790-3386

On Mon, 22 Jul 2002, John Andersen wrote:
> Does shorewall have a problem with ntp? 
>
No.
 
> My client machines inside the firewall never seem
> to contact the ntp server, and nothing shows
> up in the shorewall logs.  But If i move the client
> to the other side of the firewall it works fine.
> I''ve configured the thing with a numerical ip so
> its not a dns problem. 
> 
As a general principle, broadcast doesn''t work through a router. A 
firewall running Shorewall is a router. So if you configure your system to 
use NTP broadcasts, when you insert a router between the client and the 
server it doesn''t work.

Here is the /etc/ntp.conf file from the system I''m writing this on:

server 206.124.128.1
logconfig syncall +clockall
driftfile /etc/ntp/drift


-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net

On Mon, 22 Jul 2002, Tom Eastep wrote:
> 
> Here is the /etc/ntp.conf file from the system I''m writing this
on:
> 
> server 206.124.128.1
> logconfig syncall +clockall
> driftfile /etc/ntp/drift
> 
Make that:

server 206.124.128.1
driftfile /etc/ntp/drift
authenticate no

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net