IPTables rules for NTP and SNTP

To open access to the NTP client and NTP server in IPTables, you need to add rules:

sudo iptables -A OUTPUT -p udp -m udp -m multiport --dports 123 -m state --state NEW -j ACCEPT
sudo iptables -A INPUT -m state --state NEW -p udp --dport 123 -j ACCEPT

To access only a particular network, for example 10.0.0.0/24:

sudo iptables -A OUTPUT -p udp -m udp -m multiport --dports 123 -m state --state NEW -j ACCEPT
sudo iptables -A INPUT -s 10.0.0.0/24 -m state --state NEW -p udp --dport 123 -j ACCEPT

To remove a rule, we’ll specify the same command, replacing -A with -D, for example:

sudo iptables -D OUTPUT -p udp -m udp -m multiport --dports 123 -m state --state NEW -j ACCEPT
sudo iptables -D INPUT -m state --state NEW -p udp --dport 123 -j ACCEPT

To view the list of rules, use the command:

sudo iptables -nvL

See also:
Configuring IPTables
Configuring NTP Client and Server in Linux

Leave a Reply