-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/25/15 05:47, Sam Varshavchik wrote: > As far as I can determine, the way that firewalld sets up masquerading > completely breaks both ntpd and chrony. > > Both servers appears to start, but their corresponding client-side tools, > ntpdc or chronyc, cannot talk to them. strace shows that UDP packets to > 127.0.0.1 have their source IP address rewritten to the public interface, and > the server's response is lost. > > This bug with firewalld's masquerading rules was reported back in October, as > bug 1152472. > > If anyone managed to get either ntpd or chrony fully functional on a server > that has firewalld's masquerading enabled, I'd love to know how you did that.
It isn't 100% clear to me the configuration of which you speak. Are you talking about a 2 interface system with the Fedora firewalld system acting as a "router" with masquerading for a set of clients "behind" it? And where are the ntp clients in relation to the server? - -- If you can't laugh at yourself, others will gladly oblige. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlTEFvEACgkQ4JnKjVbCBvq8bgCeNArlhvB8tZv+DKg/n7mpZW2C 5QQAn1ptCi2kDPYjOVh6tZeop14f7OWB =wkCI -----END PGP SIGNATURE----- -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
