On Fri, 28 Jan 2005 12:48:27 +0200, Markku Kolkka <markkuk@xxxxxxxxx> wrote: > Joel Stookey kirjoitti viestissään (lähetysaika perjantai, 28. > tammikuuta 2005 07:37): > > I am running a workstation FC1 installation on a dial-up > > connection and want to connect ntpd to a server for a time > > correction. I think I have it worked out except for how to > > assure that UDP port 123 will open for it > > This is only needed if you want to use your machine as a NTP > server for other machines. You can make NTP queries from your > machine to NTP servers without changing anything in the default > firewall configuration. > I'll second that. If the original poster's intentions are to simply make an outbound connection to ANOTHER NTP Server, then he does not have to change anything on his firewall. Unless, of course, the firewall has been strictly locked down to only allow outbound traffic on certain ports. Traffic coming FROM your machine to the internet should be trusted, and with a stateful firewall, when you establish a connection to an outside connection, the return traffic should be automatically accepted. So basically, you can't receive incoming traffic on UDP:123, but if you make an outbound connection from your machine to 123.45.67.89:123, you are telling your firewall to allow traffic to come back from 123.45.67.89:123 and it should allow it. Again, the only caveat here is that it is assumed your firewall has not been locked down any tighter than normal. -- David ----------------------------------------------------------------------- There are only 10 kinds of people in this world, those who understand binary, and those who don't.