Getting ntp status page to work without globally allowing queries
-
the status_ntpd.php page will only work if you globally allow queries, I modified the code in a patch so it does not carry out the check, this means if you dont have an ACL to allow it for localhost you will get some kind of error, but for those who want this behaviour I am pasting the patch.
I didnt submit this as I think its not clean enough, its probable any proper solution would still need to generate the proper error page so basically a proper solution would need to check if an ACL is enabling access.
--- status_ntpd.php.orig 2017-08-06 23:16:40.585209000 +0100 +++ status_ntpd.php 2017-08-06 23:27:51.295867000 +0100 @@ -33,128 +33,127 @@ require_once("guiconfig.inc"); -if (!isset($config['ntpd']['noquery'])) { - if (isset($config['system']['ipv6allow'])) { - $inet_version = ""; - } else { - $inet_version = " -4"; - } - - exec("/usr/local/sbin/ntpq -pn $inet_version | /usr/bin/tail +3", $ntpq_output); +//if (!isset($config['ntpd']['noquery'])) { +if (isset($config['system']['ipv6allow'])) { + $inet_version = ""; +} else { + $inet_version = " -4"; +} - $ntpq_servers = array(); - foreach ($ntpq_output as $line) { - $server = array(); - $status_char = substr($line, 0, 1); - $line = substr($line, 1); - $peerinfo = preg_split("/[\s\t]+/", $line); - - $server['server'] = $peerinfo[0]; - $server['refid'] = $peerinfo[1]; - $server['stratum'] = $peerinfo[2]; - $server['type'] = $peerinfo[3]; - $server['when'] = $peerinfo[4]; - $server['poll'] = $peerinfo[5]; - $server['reach'] = $peerinfo[6]; - $server['delay'] = $peerinfo[7]; - $server['offset'] = $peerinfo[8]; - $server['jitter'] = $peerinfo[9]; - - switch ($status_char) { - case " ": - if ($server['refid'] == ".POOL.") { - $server['status'] = gettext("Pool Placeholder"); - } else { - $server['status'] = gettext("Unreach/Pending"); - } - break; - case "*": - $server['status'] = gettext("Active Peer"); - break; - case "+": - $server['status'] = gettext("Candidate"); - break; - case "o": - $server['status'] = gettext("PPS Peer"); - break; - case "#": - $server['status'] = gettext("Selected"); - break; - case ".": - $server['status'] = gettext("Excess Peer"); - break; - case "x": - $server['status'] = gettext("False Ticker"); - break; - case "-": - $server['status'] = gettext("Outlier"); - break; - } +exec("/usr/local/sbin/ntpq -pn $inet_version | /usr/bin/tail +3", $ntpq_output); - $ntpq_servers[] = $server; +$ntpq_servers = array(); +foreach ($ntpq_output as $line) { + $server = array(); + $status_char = substr($line, 0, 1); + $line = substr($line, 1); + $peerinfo = preg_split("/[\s\t]+/", $line); + + $server['server'] = $peerinfo[0]; + $server['refid'] = $peerinfo[1]; + $server['stratum'] = $peerinfo[2]; + $server['type'] = $peerinfo[3]; + $server['when'] = $peerinfo[4]; + $server['poll'] = $peerinfo[5]; + $server['reach'] = $peerinfo[6]; + $server['delay'] = $peerinfo[7]; + $server['offset'] = $peerinfo[8]; + $server['jitter'] = $peerinfo[9]; + + switch ($status_char) { + case " ": + if ($server['refid'] == ".POOL.") { + $server['status'] = gettext("Pool Placeholder"); + } else { + $server['status'] = gettext("Unreach/Pending"); + } + break; + case "*": + $server['status'] = gettext("Active Peer"); + break; + case "+": + $server['status'] = gettext("Candidate"); + break; + case "o": + $server['status'] = gettext("PPS Peer"); + break; + case "#": + $server['status'] = gettext("Selected"); + break; + case ".": + $server['status'] = gettext("Excess Peer"); + break; + case "x": + $server['status'] = gettext("False Ticker"); + break; + case "-": + $server['status'] = gettext("Outlier"); + break; } - exec("/usr/local/sbin/ntpq -c clockvar $inet_version", $ntpq_clockvar_output); - foreach ($ntpq_clockvar_output as $line) { - if (substr($line, 0, 9) == "timecode=") { - $tmp = explode('"', $line); - $tmp = $tmp[1]; - if (substr($tmp, 0, 6) == '$GPRMC') { - $gps_vars = explode(",", $tmp); - $gps_ok = ($gps_vars[2] == "A"); - $gps_lat_deg = substr($gps_vars[3], 0, 2); - $gps_lat_min = substr($gps_vars[3], 2); - $gps_lon_deg = substr($gps_vars[5], 0, 3); - $gps_lon_min = substr($gps_vars[5], 3); - $gps_lat = $gps_lat_deg + $gps_lat_min / 60.0; - $gps_lat = $gps_lat * (($gps_vars[4] == "N") ? 1 : -1); - $gps_lon = $gps_lon_deg + $gps_lon_min / 60.0; - $gps_lon = $gps_lon * (($gps_vars[6] == "E") ? 1 : -1); - $gps_lat_dir = $gps_vars[4]; - $gps_lon_dir = $gps_vars[6]; - } elseif (substr($tmp, 0, 6) == '$GPGGA') { - $gps_vars = explode(",", $tmp); - $gps_ok = $gps_vars[6]; - $gps_lat_deg = substr($gps_vars[2], 0, 2); - $gps_lat_min = substr($gps_vars[2], 2); - $gps_lon_deg = substr($gps_vars[4], 0, 3); - $gps_lon_min = substr($gps_vars[4], 3); - $gps_lat = $gps_lat_deg + $gps_lat_min / 60.0; - $gps_lat = $gps_lat * (($gps_vars[3] == "N") ? 1 : -1); - $gps_lon = $gps_lon_deg + $gps_lon_min / 60.0; - $gps_lon = $gps_lon * (($gps_vars[5] == "E") ? 1 : -1); - $gps_alt = $gps_vars[9]; - $gps_alt_unit = $gps_vars[10]; - $gps_sat = (int)$gps_vars[7]; - $gps_lat_dir = $gps_vars[3]; - $gps_lon_dir = $gps_vars[5]; - } elseif (substr($tmp, 0, 6) == '$GPGLL') { - $gps_vars = preg_split('/[,\*]+/', $tmp); - $gps_ok = ($gps_vars[6] == "A"); - $gps_lat_deg = substr($gps_vars[1], 0, 2); - $gps_lat_min = substr($gps_vars[1], 2); - $gps_lon_deg = substr($gps_vars[3], 0, 3); - $gps_lon_min = substr($gps_vars[3], 3); - $gps_lat = $gps_lat_deg + $gps_lat_min / 60.0; - $gps_lat = $gps_lat * (($gps_vars[2] == "N") ? 1 : -1); - $gps_lon = $gps_lon_deg + $gps_lon_min / 60.0; - $gps_lon = $gps_lon * (($gps_vars[4] == "E") ? 1 : -1); - $gps_lat_dir = $gps_vars[2]; - $gps_lon_dir = $gps_vars[4]; - } elseif (substr($tmp, 0, 6) == '$PGRMF') { - $gps_vars = preg_split('/[,\*]+/', $tmp); - $gps_ok = $gps_vars[11]; - $gps_lat_deg = substr($gps_vars[6], 0, 2); - $gps_lat_min = substr($gps_vars[6], 2); - $gps_lon_deg = substr($gps_vars[8], 0, 3); - $gps_lon_min = substr($gps_vars[8], 3); - $gps_lat = $gps_lat_deg + $gps_lat_min / 60.0; - $gps_lat = $gps_lat * (($gps_vars[7] == "N") ? 1 : -1); - $gps_lon = $gps_lon_deg + $gps_lon_min / 60.0; - $gps_lon = $gps_lon * (($gps_vars[9] == "E") ? 1 : -1); - $gps_lat_dir = $gps_vars[7]; - $gps_lon_dir = $gps_vars[9]; - } + $ntpq_servers[] = $server; +} + +exec("/usr/local/sbin/ntpq -c clockvar $inet_version", $ntpq_clockvar_output); +foreach ($ntpq_clockvar_output as $line) { + if (substr($line, 0, 9) == "timecode=") { + $tmp = explode('"', $line); + $tmp = $tmp[1]; + if (substr($tmp, 0, 6) == '$GPRMC') { + $gps_vars = explode(",", $tmp); + $gps_ok = ($gps_vars[2] == "A"); + $gps_lat_deg = substr($gps_vars[3], 0, 2); + $gps_lat_min = substr($gps_vars[3], 2); + $gps_lon_deg = substr($gps_vars[5], 0, 3); + $gps_lon_min = substr($gps_vars[5], 3); + $gps_lat = $gps_lat_deg + $gps_lat_min / 60.0; + $gps_lat = $gps_lat * (($gps_vars[4] == "N") ? 1 : -1); + $gps_lon = $gps_lon_deg + $gps_lon_min / 60.0; + $gps_lon = $gps_lon * (($gps_vars[6] == "E") ? 1 : -1); + $gps_lat_dir = $gps_vars[4]; + $gps_lon_dir = $gps_vars[6]; + } elseif (substr($tmp, 0, 6) == '$GPGGA') { + $gps_vars = explode(",", $tmp); + $gps_ok = $gps_vars[6]; + $gps_lat_deg = substr($gps_vars[2], 0, 2); + $gps_lat_min = substr($gps_vars[2], 2); + $gps_lon_deg = substr($gps_vars[4], 0, 3); + $gps_lon_min = substr($gps_vars[4], 3); + $gps_lat = $gps_lat_deg + $gps_lat_min / 60.0; + $gps_lat = $gps_lat * (($gps_vars[3] == "N") ? 1 : -1); + $gps_lon = $gps_lon_deg + $gps_lon_min / 60.0; + $gps_lon = $gps_lon * (($gps_vars[5] == "E") ? 1 : -1); + $gps_alt = $gps_vars[9]; + $gps_alt_unit = $gps_vars[10]; + $gps_sat = (int)$gps_vars[7]; + $gps_lat_dir = $gps_vars[3]; + $gps_lon_dir = $gps_vars[5]; + } elseif (substr($tmp, 0, 6) == '$GPGLL') { + $gps_vars = preg_split('/[,\*]+/', $tmp); + $gps_ok = ($gps_vars[6] == "A"); + $gps_lat_deg = substr($gps_vars[1], 0, 2); + $gps_lat_min = substr($gps_vars[1], 2); + $gps_lon_deg = substr($gps_vars[3], 0, 3); + $gps_lon_min = substr($gps_vars[3], 3); + $gps_lat = $gps_lat_deg + $gps_lat_min / 60.0; + $gps_lat = $gps_lat * (($gps_vars[2] == "N") ? 1 : -1); + $gps_lon = $gps_lon_deg + $gps_lon_min / 60.0; + $gps_lon = $gps_lon * (($gps_vars[4] == "E") ? 1 : -1); + $gps_lat_dir = $gps_vars[2]; + $gps_lon_dir = $gps_vars[4]; + } elseif (substr($tmp, 0, 6) == '$PGRMF') { + $gps_vars = preg_split('/[,\*]+/', $tmp); + $gps_ok = $gps_vars[11]; + $gps_lat_deg = substr($gps_vars[6], 0, 2); + $gps_lat_min = substr($gps_vars[6], 2); + $gps_lon_deg = substr($gps_vars[8], 0, 3); + $gps_lon_min = substr($gps_vars[8], 3); + $gps_lat = $gps_lat_deg + $gps_lat_min / 60.0; + $gps_lat = $gps_lat * (($gps_vars[7] == "N") ? 1 : -1); + $gps_lon = $gps_lon_deg + $gps_lon_min / 60.0; + $gps_lon = $gps_lon * (($gps_vars[9] == "E") ? 1 : -1); + $gps_lat_dir = $gps_vars[7]; + $gps_lon_dir = $gps_vars[9]; } } } @@ -194,14 +193,14 @@ function print_status() { global $config, $ntpq_servers; - if (isset($config['ntpd']['noquery'])): +// if (isset($config['ntpd']['noquery'])): - print("\n"); - print(''); - printf(gettext('Statistics unavailable because ntpq and ntpdc queries are disabled in the %1$sNTP service settings%2$s'), '[', '](services_ntpd.php)'); - print("\n"); - print("\n"); - elseif (count($ntpq_servers) == 0): +// print("\n"); +// print(''); +// printf(gettext('Statistics unavailable because ntpq and ntpdc queries are disabled in the %1$sNTP service settings%2$s'), '[', '](services_ntpd.php)'); +// print("\n"); +// print("\n"); + if (count($ntpq_servers) == 0): print("\n"); print(''); printf(gettext('No peers found, %1$sis the ntp service running?%2$s'), '[', '](status_services.php)'); -
Same problem exists in 2.3.x. I opened Bug 7609 https://redmine.pfsense.org/issues/7609 a few months back. See if you think it's the same problem.
-
yep thats the same problem.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.