Hello,
This is used in a VPN network to bind the internal IP address and allow ntpd
running of firewalls to get the time from a time source in a different
protected subnet.
I've changed two files
ntp_io.c
cmd_args.c
in /usr/ports/net/ntp
See the diffs below. Hope they can be added to the ports tree.
Regards,
./catalin
--- ntp_io.c_orig Thu Jul 5 11:42:32 2007
+++ ntp_io.c Thu Jul 5 11:39:47 2007
@@ -112,6 +112,7 @@
int nwilds; /* Total number of wildcard intefaces */
int wildipv4 = -1; /* Index into inter_list for IPv4 wildcard */
int wildipv6 = -1; /* Index into inter_list for IPv6 wildcard */
+extern char* szBindIPAddr; /* SDDEV */
#ifdef REFCLOCK
/*
@@ -1959,6 +1960,24 @@
rtn = getsockname(s, (struct sockaddr *)&saddr, &saddrlen);
closesocket(s);
+
+ /*
+ * SDDEV
+ * If there is an interface specified bind that one instead of
+ * using all the interfaces
+ */
+ if ( NULL != szBindIPAddr )
+ {
+ for (i = 0; i < ninterfaces; i++)
+ {
+ if ( 0 == strcmp( stoa(&inter_list[i].sin),
szBindIPAddr ) )
+ {
+ return (&inter_list[i]);
+ }
+ }
+ return ANY_INTERFACE_CHOOSE(addr);
+ }
+
#ifndef SYS_WINNT
if (rtn < 0)
#else
--- cmd_args.c_orig Thu Jul 5 11:16:02 2007
+++ cmd_args.c Thu Jul 5 11:36:03 2007
@@ -14,16 +14,31 @@
#endif /* SIM */
/*
+ * SDDEV
+ * These three headers are included in order to use inet_pton to verify if
+ * the IP address received as command-line parameter is valid
+ */
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
+/*
* Definitions of things either imported from or exported to outside
*/
extern char const *progname;
int listen_to_virtual_ips = 1;
+/*
+ * SDDEV
+ * Used to store the IP address received as command-line param.
+ */
+char *szBindIPAddr = NULL;
+
#ifdef SYS_WINNT
extern BOOL NoWinService;
#endif
-static const char *ntp_options =
"aAbB:c:C:dD:f:gi:k:l:LmnNO:p:P:qr:s:S:t:T:W:u:v:V:xY:Z:-:";
+static const char *ntp_options =
"aAbB:c:C:dD:f:gi:I:k:l:LmnNO:p:P:qr:s:S:t:T:W:u:v:V:xY:Z:-:";
#ifdef HAVE_NETINFO
extern int check_netinfo;
@@ -84,6 +99,28 @@
++errflg;
break;
#endif
+ /*
+ * SDDEV
+ * Specify the internal interface
+ */
+ case 'I':
+ {
+ // used here to test if the given IP is correct
+ struct sockaddr_in saTmp;
+
+ szBindIPAddr = (char*)malloc( 32*sizeof(char) );
+ strcpy(szBindIPAddr, ntp_optarg);
+
+ /* test if the given IP is correct (a.b.c.d),
with a,b,c,d in [0,255] */
+ if ( 1 != inet_pton(AF_INET, szBindIPAddr,
&saTmp.sin_addr) )
+ {
+ msyslog(LOG_ERR, "the given interface
is in wrong format");
+ fprintf(stderr, "the given interface
is in wrong format");
+ free(szBindIPAddr);
+ szBindIPAddr = NULL;
+ }
+ }
+ break;
case 'L':
listen_to_virtual_ips = 0;
break;
@@ -158,6 +195,7 @@
(void) fprintf(stderr, "\t\t[ -f freq_file ] [ -k key_file ] [ -l log_file
]\n");
(void) fprintf(stderr, "\t\t[ -p pid_file ] [ -r broad_delay ] [ -s statdir
]\n");
(void) fprintf(stderr, "\t\t[ -t trust_key ] [ -v sys_var ] [ -V
default_sysvar ]\n");
+ (void) fprintf(stderr, "\t\t[ -I ip_addr ]\n"); //SDDEV
#if defined(HAVE_SCHED_SETSCHEDULER)
(void) fprintf(stderr, "\t\t[ -P fixed_process_priority ]\n");
#endif
@@ -264,6 +302,11 @@
#else
errflg++;
#endif
+
+ // SDDEV
+ case 'I': /* already done at prescan */
+ break;
+
case 'k':
getauthkeys(ntp_optarg);
break;
@@ -414,6 +457,7 @@
(void) fprintf(stderr, "\t\t[ -f freq_file ] [ -k key_file ] [ -l log_file
]\n");
(void) fprintf(stderr, "\t\t[ -p pid_file ] [ -r broad_delay ] [ -s statdir
]\n");
(void) fprintf(stderr, "\t\t[ -t trust_key ] [ -v sys_var ] [ -V
default_sysvar ]\n");
+ (void) fprintf(stderr, "\t\t[ -I ip_addr ]\n");
#if defined(HAVE_SCHED_SETSCHEDULER)
(void) fprintf(stderr, "\t\t[ -P fixed_process_priority ]\n");
#endif
---------------------------------
Be smarter than spam. See how smart SpamGuard is at giving junk email the boot
with the All-new Yahoo! Mail
