6

Chrony and iptables

view full story
linux-howto

http://forums.fedoraforum.org – Hi This is my iptables configuration (only allow chronyd for NTP): *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -i lo -j ACCEPT -A OUTPUT -o lo -j ACCEPT -A OUTPUT -p tcp --dport 53 -m owner --uid-owner chrony -j ACCEPT -A OUTPUT -p udp --dport 53 -m owner --uid-owner chrony -j ACCEPT -A OUTPUT -p udp --dport 123 -m owner --uid-owner root -j ACCEPT COMMIT 53 tcp/udp for DNS lookup of pool.ntp.org. 123 udp for NTP. Can someone explain why I need to open ntp port for root and dns for chro (HowTos)