Show Table of Contents
18.15. Configure the Firewall to Allow Incoming NTP Packets
The
NTP traffic consists of UDP packets on port 123 and needs to be permitted through network and host-based firewalls in order for NTP to function.
Check if the firewall is configured to allow incoming
NTP traffic for clients using the graphical Firewall Configuration tool.
To start the graphical firewall-config tool, press the Super key to enter the Activities Overview, type
firewall and then press Enter. The Firewall Configuration window opens. You will be prompted for your user password.
To start the graphical firewall configuration tool using the command line, enter the following command as
root user:
~]# firewall-config
The Firewall Configuration window opens. Note, this command can be run as normal user but you will then be prompted for the root password from time to time.
Look for the word “Connected” in the lower left corner. This indicates that the firewall-config tool is connected to the user space daemon,
firewalld.
18.15.1. Change the Firewall Settings
To immediately change the current firewall settings, ensure the drop-down selection menu labeled Configuration is set to . Alternatively, to edit the settings to be applied at the next system start, or firewall reload, select from the drop-down list.
Note
When making changes to the firewall settings in mode, your selection takes immediate effect when you set or clear the check box associated with the service. You should keep this in mind when working on a system that may be in use by other users.
When making changes to the firewall settings in mode, your selection will only take effect when you reload the firewall or the system restarts. To reload the firewall, select the menu and select .
18.15.2. Open Ports in the Firewall for NTP Packets
To permit traffic through the firewall to a certain port, start the firewall-config tool and select the network zone whose settings you want to change. Select the Ports tab and then click the button. The Port and Protocol window opens.
Enter the port number
123 and select from the drop-down list.
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.