Bug 211253 - /etc/init.d/ntpd opens firewall for 127.127.x.x (local time sources)
Summary: /etc/init.d/ntpd opens firewall for 127.127.x.x (local time sources)
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: ntp
Version: 3.8
Hardware: All
OS: Linux
low
medium
Target Milestone: ---
Assignee: Miroslav Lichvar
QA Contact: Brian Brock
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-10-18 05:00 UTC by Aleksandar Milivojevic
Modified: 2007-11-17 01:14 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-12-11 16:30:45 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
Fix /etc/init.d/ntpd to ignore 127.127.x.x for firewall rules (829 bytes, patch)
2006-10-18 05:00 UTC, Aleksandar Milivojevic 		no flags Details | Diff
View All

Description Aleksandar Milivojevic 2006-10-18 05:00:05 UTC 
Description of problem:
In ntpd, lines like "server 127.127.x.x" are used to reference local time
sources.  The /etc/init.d/ntpd script should not open firewall for those
addresses.  Fix is simple, patch is attached.

Version-Release number of selected component (if applicable):
ntp-4.1.2-4.EL3.1

How reproducible:
Always

Steps to Reproduce:
1. Define local clock as time source in ntp.conf (server 127.127.1.0, fudge
127.127.1.0 stratum 10)
2. /etc/init.d/ntpd restart
3.
  
Actual results:
Opens port 123 for 127.127.1.0

Expected results:
Should not open firewall for 127.127.x.x addresses

Additional info:
Comment 1 Aleksandar Milivojevic 2006-10-18 05:00:05 UTC 
Created attachment 138750 [details]
Fix /etc/init.d/ntpd to ignore 127.127.x.x for firewall rules
Comment 2 Daniel Riek 2006-12-11 16:06:56 UTC 
The opening of the firewall for a local timesource is the intended behaviour in
RHEL3.

This request does not meet the inclusion criteria for the final RHEL3 minor release.
Comment 3 RHEL Program Management 2006-12-11 16:30:45 UTC 
Product Management has reviewed and declined this request.  You may appeal this
decision by reopening this request.
Note You need to log in before you can comment on or make changes to this bug.