Date: Mon, 25 Mar 2002 21:00:02 +0200 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: Nikolaus Hiebaum <news@hiebaum.org> Cc: freebsd-questions@freebsd.org Subject: Re: firewall & ntpdate Message-ID: <20020325190001.GA14251@hades.hell.gr> In-Reply-To: <Pine.BSF.4.30.0203251335060.44266-100000@okkod.pair.com> References: <Pine.BSF.4.30.0203251335060.44266-100000@okkod.pair.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2002-03-25 13:52, Nikolaus Hiebaum wrote:
>
> 1) deals with firewall(s): I wanted to use my OpenBSD firewall (ipf based)
> on my FreeBSD box, but it appears the syntax doesn't fit.
Although FreeBSD has ipfilter, it's not compiled into the kernel by
default. You have to rebuild your kernel with the IPFILTER option.
> So, instead I am using ipfw.rules, and I'm using the sample script as
> found in the FreeBSD handbook. It works all right, but how can I reload
> a new ruleset. I use ipfw -f flush, but this does not seem to reload a new
> ruleset.
First "flush" deleting all the old craft, and then load the rules from your
rule file:
# ipfw flush
# ipfw -f /path/to/file
> 2) Time Synchronization:
> ntpdate -d -u -v 129.6.15.28
>
> results in "no server suitable for synchronization found". Any ideas?
You've blocked NTP. You need to open udp port 123.
Here's the relevant rule from my /etc/ipfw.rules file:
# grep 123 /etc/ipfw.rules
add allow udp from any to any 123 keep-state out
Giorgos Keramidas FreeBSD Documentation Project
keramida@{freebsd.org,ceid.upatras.gr} http://www.FreeBSD.org/docproj/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020325190001.GA14251>