I'm having trouble getting chronyc to talk to chronyd locally once I enable firewalld. I'm not sure if this qualifies as a chrony or firewall issue (or operator error....) but I'm trying here first:
My chrony.conf is set up to allow commands from localhost only:
makestep 10 3
When I enabled firewalld (in Fedora 20), configured like this:
drop (default, active)
services: http ntp smtp ssh
chronyc gives me this error on the sources command:
506 Cannot talk to daemon
for the locally running chronyd. This happens only when masquerading is "yes", when I disable masquerading the sources command runs fine..
In what way should I set up things to get chronyc to be able to talk to chronyd locally with masquerading "on" for my NIC(em1), I don't understand how/why the masquerading on em1 to interfere with the localhost UDP 323 traffic.