On 03/09/2012 13:00, Philippe Naudin wrote:
Le lun. 03 sept. 2012 13:15:41 CEST, Leonard den Ottolander a écrit:
On Sun, 2012-09-02 at 07:46 +0000, Artifex Maximus wrote:
Any idea what is wrong?
The iptables rules you specify only allow clients from your local network access to your "proxy" ntp server. However, you do not specify any rules for eth1 to allow that ntp server to synchronise with the remote servers it is using. So unless you are using a local time source that might be your problem.
I don't think this is the problem : the firewall accept everything in the output chain, and established/related in input : my ntp server works fine with the same rules (123/tcp is indeed useless).
For me, the problem is not ntp+iptables, or it should appears in /var/log/messages, thanks to the -j LOG. There can be something wrong in ntp.conf (but this is probably not the case since it works without firewall), in the firewall (for example, if it blocks DNS requests), or in the network configuration.
Regards,
Does 'ntpq -p' show your server actually syncing with ntp hosts?