diff --git a/conf.c b/conf.c index 0a1f9ed..0b63ae9 100644 --- a/conf.c +++ b/conf.c @@ -53,6 +53,7 @@ static int parse_double(char *line, double *result); static int parse_null(char *line); static void parse_allow(char *); +static void parse_bindacqaddress(char *); static void parse_bindaddress(char *); static void parse_bindcmdaddress(char *); static void parse_broadcast(char *); @@ -166,10 +167,14 @@ static unsigned long client_log_limit = 524288; static int fb_drift_min = 0; static int fb_drift_max = 0; -/* IP addresses for binding the NTP socket to. UNSPEC family means INADDR_ANY - will be used */ +/* IP addresses for binding the NTP server sockets to. UNSPEC family means + INADDR_ANY will be used */ static IPAddr bind_address4, bind_address6; +/* IP addresses for binding the NTP client sockets to. UNSPEC family means + INADDR_ANY will be used */ +static IPAddr bind_acq_address4, bind_acq_address6; + /* IP addresses for binding the command socket to. UNSPEC family means use the value of bind_address */ static IPAddr bind_cmd_address4, bind_cmd_address6; @@ -336,6 +341,8 @@ CNF_ReadFile(const char *filename) parse_int(p, &acquisition_port); } else if (!strcasecmp(command, "allow")) { parse_allow(p); + } else if (!strcasecmp(command, "bindacqaddress")) { + parse_bindacqaddress(p); } else if (!strcasecmp(command, "bindaddress")) { parse_bindaddress(p); } else if (!strcasecmp(command, "bindcmdaddress")) { @@ -1004,6 +1011,24 @@ parse_cmddeny(char *line) /* ================================================== */ +static void +parse_bindacqaddress(char *line) +{ + IPAddr ip; + + check_number_of_args(line, 1); + if (UTI_StringToIP(line, &ip)) { + if (ip.family == IPADDR_INET4) + bind_acq_address4 = ip; + else if (ip.family == IPADDR_INET6) + bind_acq_address6 = ip; + } else { + command_parse_error(); + } +} + +/* ================================================== */ + static void parse_bindaddress(char *line) { @@ -1528,6 +1553,19 @@ CNF_GetBindAddress(int family, IPAddr *addr) /* ================================================== */ +void +CNF_GetBindAcquisitionAddress(int family, IPAddr *addr) +{ + if (family == IPADDR_INET4) + *addr = bind_acq_address4; + else if (family == IPADDR_INET6) + *addr = bind_acq_address6; + else + addr->family = IPADDR_UNSPEC; +} + +/* ================================================== */ + void CNF_GetBindCommandAddress(int family, IPAddr *addr) { diff --git a/conf.h b/conf.h index 957aafb..bdc3e7b 100644 --- a/conf.h +++ b/conf.h @@ -70,6 +70,7 @@ extern int CNF_GetNoClientLog(void); extern unsigned long CNF_GetClientLogLimit(void); extern void CNF_GetFallbackDrifts(int *min, int *max); extern void CNF_GetBindAddress(int family, IPAddr *addr); +extern void CNF_GetBindAcquisitionAddress(int family, IPAddr *addr); extern void CNF_GetBindCommandAddress(int family, IPAddr *addr); extern char *CNF_GetPidFile(void); extern char *CNF_GetLeapSecTimezone(void); diff --git a/ntp_io.c b/ntp_io.c index f96be7f..639ec46 100644 --- a/ntp_io.c +++ b/ntp_io.c @@ -188,7 +188,10 @@ prepare_socket(int family, int port_number, int client_only) my_addr.in4.sin_family = family; my_addr.in4.sin_port = htons(port_number); - CNF_GetBindAddress(IPADDR_INET4, &bind_address); + if (!client_only) + CNF_GetBindAddress(IPADDR_INET4, &bind_address); + else + CNF_GetBindAcquisitionAddress(IPADDR_INET4, &bind_address); if (bind_address.family == IPADDR_INET4) my_addr.in4.sin_addr.s_addr = htonl(bind_address.addr.in4); @@ -201,7 +204,10 @@ prepare_socket(int family, int port_number, int client_only) my_addr.in6.sin6_family = family; my_addr.in6.sin6_port = htons(port_number); - CNF_GetBindAddress(IPADDR_INET6, &bind_address); + if (!client_only) + CNF_GetBindAddress(IPADDR_INET6, &bind_address); + else + CNF_GetBindAcquisitionAddress(IPADDR_INET6, &bind_address); if (bind_address.family == IPADDR_INET6) memcpy(my_addr.in6.sin6_addr.s6_addr, bind_address.addr.in6,