[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: xntpd

To: luci-discuss@luci.org
Subject: Re: xntpd
From: Steven Pritchard <steve@silug.org>
Date: Fri, 28 Jul 2000 15:56:31 -0500 (CDT)
In-Reply-To: <20000727123906.B27749@cloud233.cloudmaster.com>"from Danny Sauer at Jul 27, 2000 12:39:06 pm"
Organization: Linux Users of Central Illinois
Reply-To: luci-discuss@luci.org
Sender: owner-luci-discuss@luci.org

Danny Sauer said:
> In the "crappy ways to not fix stuff right" arena, you could just
> set up ipchains (or iptables/ipfwadm) to block all the traffic you
> don't want on the interfaces you don't want it on. :)  I couldn't
> find anything in the xntpd docs describing listen or bind, and I don't
> have the source laying around to look through, so I don't have a
> better solution...

Unfortunately, that's the only solution I was able to come up with.
Of course, with the annoying limitations of ipchains (can't
distinguish between masqueraded connections and "real" connections in
the input chain), it's nearly impossible to do properly with ipchains.
It should be trivial with iptables (on 2.4.x) though.  In the mean
time, accept that you have to run a service on your firewall or
(better) don't run xntpd on your firewall until 2.4.x is available.
(Or you could try 2.4.0-testX.)

Steve
-- 
steve@silug.org           | Linux Users of Central Illinois
(618)398-7320             | Meetings the 4th Tuesday of every month
Steven Pritchard          | http://www.luci.org/ for more info
-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.

References:
- Re: xntpd
  - From: Danny Sauer <sauer@cloudmaster.com>

Prev by Date: Re: xntpd
Next by Date: Re: Miguel's speech on lwn.net?
Prev by thread: Re: xntpd
Next by thread: Re: xntpd
Index(es):
- Date
- Thread