LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

June 2005

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS June 2005

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: ntpd listen on
From:	"Steven J. Yellin" <[log in to unmask]>
Reply To:	Steven J. Yellin
Date:	Thu, 23 Jun 2005 00:21:22 -0700
Content-Type:	TEXT/PLAIN
Parts/Attachments:	TEXT/PLAIN (34 lines)

    Put the restrictions into a firewall.  For example, assuming
the firewall is iptables, in the INPUT chain direct all packets
which are not from yourself, but have destination 123, to target
"NTP".  Then do something like

# Create the NTP chain
iptables -N NTP
#
# Specify which IP's and interfaces are accepted.  For example,
# accept only eth1, IP 123.123.123.123 and eth0, IP 203.14.211.14
iptables -A NTP -i eth1 -s 123.123.123.123 -j ACCEPT
iptables -A NTP -i eth0 -s 203.14.211.14 -j ACCEPT
#
# Ignore anybody else entering this chain (coming in on port 123)
iptables -A NTP -j DROP

Steven Yellin

On Thu, 23 Jun 2005, Michael Mansour wrote:

> Hi,
>
> When I run ntpd on SL3/4 and it listens on port 123 on all my interfaces,
> including virtual interfaces.
>
> How can I tell it to only listen on a certain IP/certain interface only?
>
> I've googled for this but can't find anything relevant.
>
> Thanks.
>
> Michael.
>

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV