From owner-freebsd-stable@FreeBSD.ORG Thu Sep 4 21:26:01 2014 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 422CA298 for ; Thu, 4 Sep 2014 21:26:01 +0000 (UTC) Received: from eccles.ee.ryerson.ca (eccles.ee.ryerson.ca [141.117.1.2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E35DB18DF for ; Thu, 4 Sep 2014 21:26:00 +0000 (UTC) Received: from [172.16.2.5] (76-10-151-25.dsl.teksavvy.com [76.10.151.25]) (authenticated bits=0) by eccles.ee.ryerson.ca (8.14.4/8.14.4) with ESMTP id s84LIb5I092320 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Thu, 4 Sep 2014 17:18:38 -0400 (EDT) (envelope-from dmagda@ee.ryerson.ca) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\)) Subject: Re: Stale NTP software included in FreeBSD (RELEASE/STABLE/CURRENT) From: David Magda In-Reply-To: Date: Thu, 4 Sep 2014 17:18:51 -0400 Content-Transfer-Encoding: quoted-printable Message-Id: References: <20140903061024.GA14382@rwpc15.gfn.riverwillow.net.au> <20140903120746.GI63085@ivaldir.etoilebsd.net> <20140903134946.GA24397@satori.lan> <1409763486566-5945075.post@n5.nabble.com> <540881EC.7010407@milos.co.za> To: dweimer@dweimer.net X-Mailer: Apple Mail (2.1510) Cc: freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Sep 2014 21:26:01 -0000 On Sep 4, 2014, at 13:17, dweimer wrote: > You can add this to rc.conf, if I am not mistaken, and it will do the = same thing for ntpd > ntpd_flags=3D"-I 192.168.1.2" >=20 > Probably not quite as clean as adding it to the configuration file, = but gets the job done. =46rom the 4.2.6 ntpd(1) man page on Mac OS X: -I iface, --interface=3Diface Listen on an interface name or address. This option may = appear an unlimited number of times. Open the network address given, or all the addresses = associated with the given interface name. This option may appear = multiple times. This option also implies not opening other = addresses, except wildcard and localhost. This option is = deprecated. Please consider using the configuration file interface = command, which is more versatile. And for ntp.conf: > interface [listen | ignore | drop] [all | ipv4 | ipv6 | wildcard | = name | address[/prefixlen]] >=20 > This command controls which network addresses ntpd opens, and whether = input is dropped without processing. The first parameter determines the = action for addresses which match the second parameter. That parameter = specifies a class of addresses, or a specific interface name, or an = address. In the address case, prefixlen determines how many bits must = match for this rule to apply. ignoreprevents opening matching addresses, = drop causes ntpd to open the address and drop all received packets = without examination. Multipleinterface commands can be used. The last = rule which matches a particular address determines the action for it. = interface commands are disabled if any -I, --interface, -L, or = --novirtualips command-line options are used. If none of those options = are used and nointerface actions are specified in the configuration = file, all available network addresses are opened. The nic command is an = alias forinterface. http://www.eecis.udel.edu/~mills/ntp/html/miscopt.html#interface So be mindful about that option if you every upgrade.