[ntp:questions] ntpd as a client when port 123 blocked

Rob nomail at example.com
Sat Apr 26 12:23:47 UTC 2014

On a Linux system we ran into the problem that port 123 has been blocked
for incoming traffic (probably as a general countermeasure against
abuse of badly configured servers, this server was configured correctly).

As it is not possible to change the source port number in ntpd, I
translated the source port using a nat rule:

iptables -t nat -A POSTROUTING -p udp --sport 123 -j SNAT --to-source :12300

Now it again works fine.  Of course it cannot be used as a server by
outside clients, but that was not the objective anyway.

More information about the questions mailing list