I'm on Ubuntu 22.04 and I would like to disable connection tracking for UDP port 123, so I tried:
firewall-cmd --direct --add-rule ipv4 raw PREROUTING 1 -p udp --dport 123 -j NOTRACK
firewall-cmd --direct --add-rule ipv4 raw OUTPUT 1 -p udp --sport 123 -j NOTRACK
but this causes all traffic on that port to be blocked somehow. Can it be that it does not work because my Firewalld uses NFTables instead of IPTables as a backend?
I also tried:
firewall-cmd --direct --add-rule ipv4 raw OUTPUT 0 -p udp --dport 123 -j CT --notrack
firewall-cmd --direct --add-rule ipv4 raw OUTPUT 0 -p udp --sport 123 -j CT --notrack
firewall-cmd --direct --add-rule ipv4 raw PREROUTING 0 -p udp --dport 123 -j CT --notrack
firewall-cmd --direct --add-rule ipv4 raw PREROUTING 0 -p udp --sport 123 -j CT --notrack
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p udp --dport 123 -j ACCEPT
firewall-cmd --direct --add-rule ipv4 filter INPUT 0 -p udp --sport 123 -j ACCEPT
firewall-cmd --direct --add-rule ipv4 filter OUTPUT 0 -p udp --dport 123 -j ACCEPT
firewall-cmd --direct --add-rule ipv4 filter OUTPUT 0 -p udp --sport 123 -j ACCEPT
But it had the same result.. What will be the right rules to use?