Subject: | |
From: | |
Reply To: | Steven J. Yellin |
Date: | Thu, 23 Jun 2005 00:21:22 -0700 |
Content-Type: | TEXT/PLAIN |
Parts/Attachments: |
|
|
Put the restrictions into a firewall. For example, assuming
the firewall is iptables, in the INPUT chain direct all packets
which are not from yourself, but have destination 123, to target
"NTP". Then do something like
# Create the NTP chain
iptables -N NTP
#
# Specify which IP's and interfaces are accepted. For example,
# accept only eth1, IP 123.123.123.123 and eth0, IP 203.14.211.14
iptables -A NTP -i eth1 -s 123.123.123.123 -j ACCEPT
iptables -A NTP -i eth0 -s 203.14.211.14 -j ACCEPT
#
# Ignore anybody else entering this chain (coming in on port 123)
iptables -A NTP -j DROP
Steven Yellin
On Thu, 23 Jun 2005, Michael Mansour wrote:
> Hi,
>
> When I run ntpd on SL3/4 and it listens on port 123 on all my interfaces,
> including virtual interfaces.
>
> How can I tell it to only listen on a certain IP/certain interface only?
>
> I've googled for this but can't find anything relevant.
>
> Thanks.
>
> Michael.
>
|
|
|