Bug 211253 - /etc/init.d/ntpd opens firewall for 127.127.x.x (local time sources)
/etc/init.d/ntpd opens firewall for 127.127.x.x (local time sources)
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: ntp (Show other bugs)
All Linux
low Severity medium
: ---
: ---
Assigned To: Miroslav Lichvar
Brian Brock
Depends On:
  Show dependency treegraph
Reported: 2006-10-18 01:00 EDT by Aleksandar Milivojevic
Modified: 2007-11-16 20:14 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-12-11 11:30:45 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Fix /etc/init.d/ntpd to ignore 127.127.x.x for firewall rules (829 bytes, patch)
2006-10-18 01:00 EDT, Aleksandar Milivojevic
no flags Details | Diff

  None (edit)
Description Aleksandar Milivojevic 2006-10-18 01:00:05 EDT
Description of problem:
In ntpd, lines like "server 127.127.x.x" are used to reference local time
sources.  The /etc/init.d/ntpd script should not open firewall for those
addresses.  Fix is simple, patch is attached.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Define local clock as time source in ntp.conf (server, fudge stratum 10)
2. /etc/init.d/ntpd restart
Actual results:
Opens port 123 for

Expected results:
Should not open firewall for 127.127.x.x addresses

Additional info:
Comment 1 Aleksandar Milivojevic 2006-10-18 01:00:05 EDT
Created attachment 138750 [details]
Fix /etc/init.d/ntpd to ignore 127.127.x.x for firewall rules
Comment 2 Daniel Riek 2006-12-11 11:06:56 EST
The opening of the firewall for a local timesource is the intended behaviour in

This request does not meet the inclusion criteria for the final RHEL3 minor release.
Comment 3 RHEL Product and Program Management 2006-12-11 11:30:45 EST
Product Management has reviewed and declined this request.  You may appeal this
decision by reopening this request. 

Note You need to log in before you can comment on or make changes to this bug.