[Shorewall-users] ntp and shorewall

Tom Eastep teastep@shorewall.net
Mon, 22 Jul 2002 17:30:10 -0700 (PDT)

On Mon, 22 Jul 2002, John Andersen wrote:

> Does shorewall have a problem with ntp? 

> My client machines inside the firewall never seem
> to contact the ntp server, and nothing shows
> up in the shorewall logs.  But If i move the client
> to the other side of the firewall it works fine.
> I've configured the thing with a numerical ip so
> its not a dns problem. 

As a general principle, broadcast doesn't work through a router. A 
firewall running Shorewall is a router. So if you configure your system to 
use NTP broadcasts, when you insert a router between the client and the 
server it doesn't work.

Here is the /etc/ntp.conf file from the system I'm writing this on:

logconfig syncall +clockall
driftfile /etc/ntp/drift

Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net