Both servers appears to start, but their corresponding client-side tools, ntpdc or chronyc, cannot talk to them. strace shows that UDP packets to 127.0.0.1 have their source IP address rewritten to the public interface, and the server's response is lost.
This bug with firewalld's masquerading rules was reported back in October, as bug 1152472.
If anyone managed to get either ntpd or chrony fully functional on a server that has firewalld's masquerading enabled, I'd love to know how you did that.
Attachment:
pgpWJjCVIUw2O.pgp
Description: PGP signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org