Anyone gotten either ntp or chrony working when masquerading is enabled
Sam Varshavchik
mrsam at courier-mta.com
Sat Jan 24 21:47:34 UTC 2015
As far as I can determine, the way that firewalld sets up masquerading
completely breaks both ntpd and chrony.
Both servers appears to start, but their corresponding client-side tools,
ntpdc or chronyc, cannot talk to them. strace shows that UDP packets to
127.0.0.1 have their source IP address rewritten to the public interface,
and the server's response is lost.
This bug with firewalld's masquerading rules was reported back in October,
as bug 1152472.
If anyone managed to get either ntpd or chrony fully functional on a server
that has firewalld's masquerading enabled, I'd love to know how you did that.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20150124/ba366e2c/attachment-0001.sig>
More information about the users
mailing list