From owner-freebsd-bugs  Fri Sep 27 13:50: 8 2002
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 35B8237B401
	for <freebsd-bugs@hub.freebsd.org>; Fri, 27 Sep 2002 13:50:05 -0700 (PDT)
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D59E543E81
	for <freebsd-bugs@hub.freebsd.org>; Fri, 27 Sep 2002 13:50:04 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id g8RKo4Co036619
	for <freebsd-bugs@freefall.freebsd.org>; Fri, 27 Sep 2002 13:50:04 -0700 (PDT)
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.12.6/8.12.6/Submit) id g8RKo4FL036618;
	Fri, 27 Sep 2002 13:50:04 -0700 (PDT)
Date: Fri, 27 Sep 2002 13:50:04 -0700 (PDT)
Message-Id: <200209272050.g8RKo4FL036618@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
Cc: 
From: marius@alchemy.franken.de
Subject: Re: i386/39327: bind ntpd to only one IP
Reply-To: marius@alchemy.franken.de
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org

The following reply was made to PR i386/39327; it has been noted by GNATS.

From: marius@alchemy.franken.de
To: freebsd-gnats-submit@FreeBSD.org
Cc: fbsd@koethe.net, marck@rinet.ru, "."@babolo.ru, dougb@FreeBSD.org
Subject: Re: i386/39327: bind ntpd to only one IP
Date: Fri, 27 Sep 2002 22:42:18 +0200

 --9s922KAXlWjPfK/Q
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 
 
 Hi,
 
 the patch at http://free.babolo.ru/patch/src.usr.sbin.ntp.patch doesn't
 work, it makes ntpd to only bind to the address specified with "-h" but
 then ntpd just sits there and apparently does nothing.
 The patch Dmitry submitted as a followup does work, however I think
 adding a "-h" flag is the wrong approach. Ntpd already only binds to the
 first IP-address of an interface if there are aliases on BSD/OS:
 ntp_io.c around line 306:
                 /*
                  * look for an already existing source interface address.  If   
                  * the machine has multiple point to point interfaces, then
                  * the local address may appear more than once.
                  *
                  * A second problem exists if we have two addresses on 
                  * the same network (via "ifconfig alias ...").  Don't
                  * make two xntp interfaces for the two aliases on the
                  * one physical interface. -wsr
                  */
                 for (j=0; j < i; j++)
                     if (inter_list[j].sin.sin_addr.s_addr &
                         inter_list[j].mask.sin_addr.s_addr ==
                         inter_list[i].sin.sin_addr.s_addr &
                         inter_list[i].mask.sin_addr.s_addr)
                     {
                             if (inter_list[j].flags & INT_LOOPBACK)
                                 inter_list[j] = inter_list[i];
                             break;
                     }
 
 NetBSD once fixed this for xntpd:
 http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/usr.sbin/xntp/xntpd/Attic/ntp_io.c?rev=1.10&content-type=text/x-cvsweb-markup
 and now use and fixed the BSD/OS code:
 http://cvsweb.netbsd.org/bsdweb.cgi/basesrc/dist/ntp/ntpd/ntp_io.c?rev=1.6&content-type=text/x-cvsweb-markup
 
 Unfortunately their code doesn't work on FreeBSD to also determine aliases
 because FreeBSD does not use the same netmask for aliases as for the non-
 alias IP-address (like BSD/OS, NetBSD, OpenBSD, ...) but 0xffffffff.
 Therefore I think something like the attached should be commited. This
 isn't exactly what a "-h" would offer but fixes ntpd for usage in a jail
 host (which IMHO is the main concern here).
 
 
 --9s922KAXlWjPfK/Q
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: attachment; filename="ntp_io.c.diff"
 
 --- ntp_io.c.orig	Fri Sep 27 16:29:34 2002
 +++ ntp_io.c	Fri Sep 27 22:09:46 2002
 @@ -579,10 +579,32 @@
  		 * look for an already existing source interface address.  If
  		 * the machine has multiple point to point interfaces, then
  		 * the local address may appear more than once.
 +		 *
 +		 * A second problem exists if we have two addresses on
 +		 * the same network (via "ifconfig alias ...").  Don't
 +		 * make two xntp interfaces for the two aliases on the
 +		 * one physical interface. -wsr
  		 */
  		for (j=0; j < i; j++)
 -		    if (inter_list[j].sin.sin_addr.s_addr ==
 -			inter_list[i].sin.sin_addr.s_addr) {
 +		    if (((inter_list[j].sin.sin_addr.s_addr &
 +			inter_list[j].mask.sin_addr.s_addr) ==
 +			(inter_list[i].sin.sin_addr.s_addr &
 +			inter_list[i].mask.sin_addr.s_addr))
 +#ifdef __FreeBSD__
 +			/*
 +			 * FreeBSD uses a mask of 0xffffffff for aliases,
 +			 * therefore we check if the address is in the same
 +			 * subnet as an already existing source interface
 +			 * address.
 +			 */
 +			|| ((inter_list[j].sin.sin_addr.s_addr &
 +			inter_list[j].mask.sin_addr.s_addr) ==
 +			(inter_list[i].sin.sin_addr.s_addr &
 +			inter_list[j].mask.sin_addr.s_addr))
 +#endif
 +			) {
 +			    if (inter_list[j].flags & INT_LOOPBACK)
 +				inter_list[j] = inter_list[i];
  			    break;
  		    }
  		if (j == i)
 
 --9s922KAXlWjPfK/Q--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message