forked from ports/contrib
ntp: adjust ntp default config, thanks Amnesia
This commit is contained in:
Thomas Penteker
parent
cac408d6b0
commit
3c8440925d
54
ntp/ntp.conf
54
ntp/ntp.conf
@ -10,57 +10,19 @@ pidfile /var/run/ntp/ntpd.pid
|
||||
driftfile /var/lib/ntp/ntp.drift
|
||||
#statsdir /var/lib/ntp/stats/
|
||||
|
||||
###############################################################################
|
||||
# Authentication stuff
|
||||
#
|
||||
# keys /etc/ntp/ntp.keys # path for keys file
|
||||
# trustedkey 1 2 3 4 5 6 14 15 # define trusted keys
|
||||
# requestkey 15 # key (7) for accessing server variables
|
||||
# controlkey 15 # key (6) for accessing server variables
|
||||
# Associate to public NTP pool servers
|
||||
server 0.pool.ntp.org
|
||||
server 1.pool.ntp.org
|
||||
server 2.pool.ntp.org
|
||||
|
||||
###############################################################################
|
||||
# Undisciplined Local Clock. This is a fake driver intended for backup
|
||||
# and when no outside source of synchronized time is available.
|
||||
|
||||
server 127.127.1.0 # local clock (LCL)
|
||||
fudge 127.127.1.0 stratum 10 # LCL is unsynchronized
|
||||
|
||||
|
||||
## Generic DCF77 clock on serial port (Conrad DCF77)
|
||||
## Address: 127.127.8.u
|
||||
## Serial Port: /dev/refclock-u
|
||||
## Sample project: http://www.obbl-net.de/dcf77.html by Martin Opel
|
||||
##
|
||||
## u = Number of your serial port
|
||||
##
|
||||
## (create soft link /dev/refclock-0 to the particular ttyS?)
|
||||
##
|
||||
# server 127.127.8.0 mode 5 prefer
|
||||
|
||||
|
||||
###############################################################################
|
||||
# Specify the servers you are interested in
|
||||
|
||||
server ntps1-0.cs.tu-berlin.de prefer
|
||||
server ntps1-1.cs.tu-berlin.de
|
||||
server ntp1.ptb.de
|
||||
server ntp1.fau.de
|
||||
|
||||
###############################################################################
|
||||
# Then we restrict the type of access you allow these servers.
|
||||
# Were not allowing them to modify or query our Linux NTP server
|
||||
|
||||
restrict default ignore notrust nomodify notrap
|
||||
# Only allow read-only access from localhost
|
||||
restrict default noquery nopeer
|
||||
restrict 127.0.0.1
|
||||
#restrict <YOUR_IP_HERE>
|
||||
restrict ntps1-0.cs.tu-berlin.de mask 255.255.255.255 nomodify notrap noquery
|
||||
restrict ntps1-1.cs.tu-berlin.de mask 255.255.255.255 nomodify notrap noquery
|
||||
restrict ntp1.ptb.de mask 255.255.255.255 nomodify notrap noquery
|
||||
restrict ntp1.fau.de mask 255.255.255.255 nomodify notrap noquery
|
||||
restrict ::1
|
||||
|
||||
# Now list the NTP clients on our home network which should be able to query
|
||||
# our server for the time (notice that the noquery has been removed)
|
||||
|
||||
#
|
||||
#restrict 192.168.0.0 mask 255.255.255.0
|
||||
|
||||
# End of file
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user