I've noticed that the NTP daemon appears to be listening on all the available interfaces on my router:
david@erx# sudo netstat -a -n -p ... udp 0 0 10.0.4.1:123 0.0.0.0:* 30654/ntpd udp 0 0 10.0.5.1:123 0.0.0.0:* 30654/ntpd udp 0 0 10.0.6.1:123 0.0.0.0:* 30654/ntpd udp 0 0 10.0.2.1:123 0.0.0.0:* 30654/ntpd udp 0 0 10.0.3.1:123 0.0.0.0:* 30654/ntpd udp 0 0 73.73.xx.xxx:123 0.0.0.0:* 30654/ntpd udp 0 0 127.0.0.1:123 0.0.0.0:* 30654/ntpd udp 0 0 0.0.0.0:123 0.0.0.0:* 30654/ntpd
I would prefer to be able to restrict this to only listen on the loopback and local switch port interfaces, so that it's not listening on the WAN interface (the one with the 73.73.xx.xxx IP), but I can't find a configuration option to do this.
Is this possible?