How to bind ntpd to a single address?
Darren Pilgrim
darren.pilgrim at bitfreak.org
Wed Jan 4 01:14:06 PST 2006
From: Matthew Seaman [mailto:m.seaman at infracaninophile.co.uk]
> Darren Pilgrim wrote:
> > I don't like (let alone want) ntpd binding to every IP address on
> > the host. The man pages don't say anything about specifying a
> > binding address for ntpd. A search of the sources and Google
> > also failed to reveal anything useful.
> >
> > So how to I tell ntpd to bind to a specific IP address?
>
> ntpd doesn't have that functionality I'm afraid. The next best you
> can do is review your /etc/ntpd.conf 'restrict' rules carefully and
> implement a firewall to control access to port 123/UDP.
The ntp.conf(5) man page isn't what I would consider well-written, so it's a
bit difficult understand how rules are applied. For example, if I put:
restrict default noquery nopeer limited
restrict local_network/mask nomodify
restrict peerhost nomodify
restrict 127.0.0.1
Does that mean:
- Provide only rate-limited, non-peering time service by default.
- Provide unlimited time service to the local network and also let the local
network make read-only mode 6/7 queries.
- Peers are given the same treatment as the local network.
- Let localhost do anything.
More information about the freebsd-questions
mailing list