OK, I've solved this now, with some degree of trial and error, combined with reading the logs. I've included the changed rules below. If anyone notices a glaring error in what I've done, please let me know!

2008/11/1 Sam Kuper <sam.kuper@uclmail.net>

[...] I am having some trouble with ntp and iptables.*[...]Here is my iptables ruleset (which is based on the one Michael Rash provides in his book Linux Firewalls):

### ACCEPT rules$IPTABLES -A INPUT -i eth0 -p tcp --dport 22 --syn -m state --state NEW -j ACCEPT*$IPTABLES -A INPUT -i eth0 -p udp --sport 123 -m state --state NEW,ESTABLISHED -j ACCEPT # SPK for ntpd

$IPTABLES -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
Second line should have been:$IPTABLES -A INPUT -p udp --dport 123 -m state --state NEW -j ACCEPT

*
### anti-spoofing rules

$IPTABLES -A OUTPUT -s ! $INT_NET -j LOG --log-prefix "SPOOFED PKT "$IPTABLES -A OUTPUT -s ! $INT_NET -j DROP
Inserted new rule in front of the two above:
$IPTABLES -A OUTPUT -s 127.0.0.1 -j ACCEPT
Hope this helps someone,
Sam*

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users