Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 13 Aug 2002 09:24:40 +0100
From:      Matthew Seaman <m.seaman@infracaninophile.co.uk>
To:        "Patrick O'Reilly" <bsd@perimeter.co.za>
Cc:        BSD Freak <bsd-freak@mbox.com.au>, Marc Schneiders <marc@schneiders.org>, FreeBSD Questions <freebsd-questions@FreeBSD.ORG>
Subject:   Re: [PRIVATE] Re: Getting ntp to bind only to a certain IP address
Message-ID:  <20020813082440.GB11918@happy-idiot-talk.infracaninophi>
In-Reply-To: <018a01c2429d$32c20530$b50d030a@PATRICK>
References:  <1163dfb1162eb2.1162eb21163dfb@mbox.com.au> <018a01c2429d$32c20530$b50d030a@PATRICK>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Tue, Aug 13, 2002 at 09:44:00AM +0200, Patrick O'Reilly wrote:
> From: "BSD Freak" <bsd-freak@mbox.com.au>
> > No I tried twice and got no reply :-(
> >
> > From: Marc Schneiders <marc@schneiders.org>
> > > I saw no reply on the list. Did you perhaps get one privately?
> > > Happens sometimes to me. And I would very much like to have an
> > > answer to your question myself.
> >
> > > On Mon, 12 Aug 2002, at 07:19 [=GMT+1000], BSD Freak wrote:
> > > > Just a quick one. Does anyone know how to get NTP to bind
> > > > only to a certain IP address on a system (4.6-R) with multiple
> > > > IP addresses (aliases)?
> 
> I don't know any way - and all the man pages make no reference to such a
> possibility.  I use ipfw and only allow connections to the specific IP
> address, or via the specific NIC.

Seems that there isn't any way to control how ntpd binds to interfaces
--- if you look at the source code in
/usr/src/contrib/ntp/ntpd/ntp_config.c, there aren't any controls that
could control that sort of thing.

The closest possibility available is the 'restrict' command, which you
can use to prevent ntpd responding to network addresses accessible
through particular interfaces, or like Patrick says, use a firewall to
block the traffic:

    add 999 add deny udp from any 123 to any 123 via xl0

	Cheers,

	Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
Tel: +44 1628 476614                                  Marlow
Fax: +44 0870 0522645                                 Bucks., SL7 1TH UK

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020813082440.GB11918>