You might want to review /etc/rc.d/init.d/ntpd since it does diddle the 
firewall (hate to see you place restrictions that get superceded).  You 
may need to set FIREWALL_MODS=no in /etc/sysconfig/ntpd to avoid it 
changing the firewall rules for you.

Steven J. Yellin wrote:

>    Put the restrictions into a firewall.  For example, assuming
>the firewall is iptables, in the INPUT chain direct all packets
>which are not from yourself, but have destination 123, to target
>"NTP".  Then do something like
>
># Create the NTP chain
>iptables -N NTP
>#
># Specify which IP's and interfaces are accepted.  For example,
># accept only eth1, IP 123.123.123.123 and eth0, IP 203.14.211.14
>iptables -A NTP -i eth1 -s 123.123.123.123 -j ACCEPT
>iptables -A NTP -i eth0 -s 203.14.211.14 -j ACCEPT
>#
># Ignore anybody else entering this chain (coming in on port 123)
>iptables -A NTP -j DROP
>
>Steven Yellin
>
>On Thu, 23 Jun 2005, Michael Mansour wrote:
>
>  
>
>>Hi,
>>
>>When I run ntpd on SL3/4 and it listens on port 123 on all my interfaces,
>>including virtual interfaces.
>>
>>How can I tell it to only listen on a certain IP/certain interface only?
>>
>>I've googled for this but can't find anything relevant.
>>
>>Thanks.
>>
>>Michael.
>>
>>    
>>
>
>  
>