Possible Design Flaw - why does IPFire time server listen on RED?

Help on building IPFire & Feature Requests
Post Reply
dnl
Posts: 375
Joined: June 28th, 2013, 11:03 am

Possible Design Flaw - why does IPFire time server listen on RED?

Post by dnl » July 27th, 2019, 6:42 am

I recently reinstalled IPFire from scratch, without using backups. Why does the IPFire time server service listen on the RED interface?
Surely that's a design/security flaw. I expected the service to only listen on internal networks (i.e GREEN BLUE ORANGE)

Thanks!
IPFire 2.x (Latest Update) on x86_64 Intel Bay Trail CPU, 4GiB RAM, RED + GREEN + BLUE + ORANGE

User avatar
Arne.F
Core Developer
Core Developer
Posts: 8522
Joined: May 7th, 2006, 8:57 am
Location: BS <-> NDH
Contact:

Re: Possible Design Flaw - why does IPFire time server listen on RED?

Post by Arne.F » July 28th, 2019, 10:45 am

Normal it is not a problem if a service is bound to all interfaces because red is in masquerade mode so it is not accessible unless you create a rule that allow the connection.
Arne

Support the project on the donation!

Image

Image

Image
PS: I will not answer support questions via email and ignore IPFire related messages on my non IPFire.org mail addresses.

dnl
Posts: 375
Joined: June 28th, 2013, 11:03 am

Re: Possible Design Flaw - why does IPFire time server listen on RED?

Post by dnl » July 28th, 2019, 11:15 am

Arne.F wrote:
July 28th, 2019, 10:45 am
Normal it is not a problem if a service is bound to all interfaces because red is in masquerade mode so it is not accessible unless you create a rule that allow the connection.
Thanks for the response Arne

Yes that is true, but I had expected ntpd to be configured only to listen on internal interfaces.

I've manually configured /etc/ntp.conf

Code: Select all

interface listen green0
interface listen blue0
interface listen orange0
although it doesn't listen on orange, probably due to some other restriction built-in to IPFire (by design?).
IPFire 2.x (Latest Update) on x86_64 Intel Bay Trail CPU, 4GiB RAM, RED + GREEN + BLUE + ORANGE

Post Reply