On Tue, 3 Dec 2002, Jim Locke wrote:
> I'm trying to connect to outside ntp server from internal server
> Doesn't appear to be working.
>
> Do I need to specifically open udp/tcp 123 for this to work?
The obvious answer is that of course it has to be allowed, and if you are
configuring and invoking the ntp software properly and still cannot make
it work, then you probably need to do something with the router.
However, this is a poorly phrased question, because the context
("LEAF") encompasses many different preconfigured images and even
different firewall packages (with associated default configurations).
Thus, whether _you_ need to _specifically_ open it is not something we can
answer.
Another note: You should be clear that "opening" a port generally has to
be done in the context of a connectivity direction and networking
interface... typically, the interface is the external ("upstream")
interface, and the "inbound" direction is the one most often
discussed. Some rulesets disable outbound connections by default, and
require you to specifically allow them if you want them, but such
configurations seem to be the minority in preconfigured images, and it may
not be immediately clear how you would even implement outbound
block-unless-specifically allowed rulesets.
Have you read this (from the mailing list footer):
> SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Starting with confirming the correct application invocation, proceeding to
determining whether packets are headed toward the router, and from there
to the web, and whether reply packets are coming back, and whether they
are being passed back to your server... you can be a lot more specific in
describing where the problem is. There are firewall logs, and commands to
show the firewall ruleset as the kernel knows it, which typically include
counters that indicate whether the rules are being activated.
With all this potential test data available, telling us what image (type,
version/date), packages, and configuration you have performed is really a
very minimal effort.
---------------------------------------------------------------------------
Jeff Newmiller The ..... ..... Go Live...
DCN:<[EMAIL PROTECTED]> Basics: ##.#. ##.#. Live Go...
Live: OO#.. Dead: OO#.. Playing
Research Engineer (Solar/Batteries O.O#. #.O#. with
/Software/Embedded Controllers) .OO#. .OO#. rocks...2k
---------------------------------------------------------------------------
-------------------------------------------------------
This SF.net email is sponsored by: Microsoft Visual Studio.NET
comprehensive development tool, built to increase your
productivity. Try a free online hosted session at:
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr0003en
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
