John Hasler wrote: > Juergen Beisert wrote: >> Why is port 123 open on eth0? > > David Woolley writes: >> To allow the replies to come back in from the time servers. ntpd >> sends UDP packets with both source and destination set to 123, not >> just when talking to peers. > > With a stateful firewall it is only necessary to allow outgoing packets > on a port to establish a connection from inside. The firewall will > recognize the reply packets as part of an established connection.
Since ntpd sends from and to port 123/UDP I am not sure what that has to do with it. That's not a firewall issue. If you want to restrict packets at the firewall then the firewall also has to be configured correctly. Juergen was asking about the addresses and ports on eth0 which has nothing to do with the firewall. Danny -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ questions mailing list [email protected] https://lists.ntp.org/mailman/listinfo/questions
