The ntpd init script contains a simple regex to avoid punching holes for localhost in the firewall. It does this by deleting any line that contains 127.*. As you can probably see plainly once this is pointed out :) this is a bit *too* simple -- a host like 192.169.127.14 would get deleted too. The expression needs to be tightened to match only hosts that *begin* with 127.
I know, I know... fix didn't make it in the final version..
*** This bug has been marked as a duplicate of 82713 ***
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.