firestack icon indicating copy to clipboard operation
firestack copied to clipboard
verified publisher icon celzero

Forward NTP to a userset endpoint

Open ignoramous opened this issue 4 years ago • 1 comments

The smart solution of the DNS Firewall does not block anything except custom DNS but now allows to force use it by "Forward all traffic to port 53 to user-configured DNS endpoint." That's clever since some apps tried contact 8.8.8.8/8.8.4.4 on their own. Its called RethinkDNS and not RethinkNTP. So you cannot cover any application layer protocols. But how about Idea of doing similar traffic forwarding by firewall for this type of traffic? "Forward all traffic to port 123 to (user-configured/default) NTP endpoint."

From: celzero/rethink-app#310

ignoramous avatar Sep 25 '21 14:09 ignoramous

This should be including a protocol converter not just simply forward connections. There is network time security (NTS), there is Roughtime and there is GrapheneOS with a simple Header transmitted in a https protected connection as described in https://grapheneos.org/faq#default-connections

yoshimo avatar Jul 26 '25 09:07 yoshimo