View Full Version : IPFW Deny UDP 18.104.22.168:123
04-29-2002, 08:14 AM
Why do I constantly have these lines showing up in my console:
Apr 29 01:36:03 g4 mach_kernel: ipfw: 52039 Deny UDP 22.214.171.124:123 192.168.1.100:123 in via en0
I did an nslookup on the address and it comes back:
Why would Apple be constantly contacting my machine? I thought it might be the time server - but I don't believe so as my netwrok timeserver is working fine.
04-29-2002, 08:28 AM
Port 123 is the time server. You should allow access to your port 123 for the address you used in your time server settings (and no other address).
ipfw add allow udp from 126.96.36.199 123 to $yourip vie en0
04-29-2002, 08:37 AM
Thnx I fig thats what it was - but I already have the timeserver ports open in the firewall - or so I thought. So I should just open it for this specific UDP port URL - correct?
Craig R. Arko
04-29-2002, 08:51 AM
Yup, I remember getting those same error messages on the UDP time server port after using BrickHouse. Just open it up for that port, as Novajo suggests.
04-30-2002, 09:41 AM
The firewall makes a difference between all the ports (0 to 65535) as well as the protocol used (Transfer Control Protocol (TCP) or User Datagram Protocol (UDP) or ICMP (stands for Control ?)). The Internet Protocol (IP) encompasses all of them. They refer to the way the packets are formed.
Most communication protocols (i.e. the information contained in the packets) (HTTP, telnet, mail (SMTP), etc...) use the TCP packets. However, the Network Time Protocol uses the UDP packets. It's just the way it is. Open port 123 (time server or ntp for short) for the UDP protocol to solve your problem, yet be as restrictive as possible.
Think of "packet" protocols (TCP, UDP) as the alphabet (roman, cyrillic, etc...).
Think of "communication" protocols (HTTP, FTP, etc) as languages (english, french, spanish, all use the same alphabet yet they are different).
Think of the ports as the secretary working for you (you could have 65535 secretaries working for you). They know the TCP, UDP, ICMP alphabets and that's it. When they receive a packet, the "open it" (like a letter), and pass on the information to the boss.
Think of the deamons (server software (Apache, ftpd, etc...) as the boss that sifts through what the secretary passes on. The boss knows a certain language (HTTP, FTP, SMTP, etc...). It deals with the information and gives it to its secretary to send to the appropriate person.
vBulletin® v3.8.7, Copyright ©2000-2013, vBulletin Solutions, Inc.