16 May
2003
16 May
'03
18:28
* GentooRulez (paranoiac_user@freenet.de) [030516 10:00]:
xntpd does listen on all interfaces it found while coming up. i googled around and read the fine manuals but i did'nt found any option to bind only a certain interface to listen on udp 123
Any suggestions ?
You need to do that with 'restrict' statements in ntp.conf. E.g., # Set the default policy restrict default ignore # Allow queries from 10.0.0.0/8 but nothing else restrict 10.0.0.0 255.0.0.0 nomodify # Allow localhost to do whatever it wants restrict 127.0.0.1 Keep in mind that this is all udp and easily spoofed so you'll want to keep your packet filtering as well. See /usr/share/doc/packages/xntp-doc/ for details. -- -ckm