[ntp:questions] Re: ntpd without binding?

Maarten Wiltink maarten at kittensandcats.net
Sun Aug 14 12:32:19 UTC 2005

<t_pascal at my-deja.com> wrote in message
news:1123976265.911695.30460 at g44g2000cwa.googlegroups.com...

> Using ntp-4.1.2 on RedHat ES 3, I'd like to configure a "client only"
> ntp system.  Easy enough to edit ntp.conf, but I'm trying to get ntpd
> to stop listening on port 123 (blocked by iptables anyway).  Any way to
> stop binding to interfaces, or select which (internal) interface I want
> to listen only?

This is *UDP*. There are no connections. All packets are equal on the
outside, even if some become more equal than others once arrived, if the
daemon was expecting them.

Port 123 blocked means no NTP for you, client or server.

Stateful firewalls invalidate all this. Still, the usual way to build
this configuration is to not block anything to start with, then disable
server functionality in the daemon, then _perhaps_ to make the firewall
a little more discerning.

Maarten Wiltink

More information about the questions mailing list