diff options
Diffstat (limited to 'patches/source/ntp/ntp.conf')
| -rw-r--r-- | patches/source/ntp/ntp.conf | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/patches/source/ntp/ntp.conf b/patches/source/ntp/ntp.conf new file mode 100644 index 00000000..1844fb91 --- /dev/null +++ b/patches/source/ntp/ntp.conf @@ -0,0 +1,72 @@ +# Sample /etc/ntp.conf: Configuration file for ntpd. +# +# Undisciplined Local Clock. This is a fake driver intended for backup +# and when no outside source of synchronized time is available. The +# default stratum is usually 3, but in this case we elect to use stratum +# 0. Since the server line does not have the prefer keyword, this driver +# is never used for synchronization, unless no other other +# synchronization source is available. In case the local host is +# controlled by some external source, such as an external oscillator or +# another protocol, the prefer keyword would cause the local host to +# disregard all other synchronization sources, unless the kernel +# modifications are in use and declare an unsynchronized condition. +# +server 127.127.1.0 # local clock +fudge 127.127.1.0 stratum 10 + +# +# NTP server (list one or more) to synchronize with: +#server 0.pool.ntp.org iburst +#server 1.pool.ntp.org iburst +#server 2.pool.ntp.org iburst +#server 3.pool.ntp.org iburst + +# +# Drift file. Put this in a directory which the daemon can write to. +# No symbolic links allowed, either, since the daemon updates the file +# by creating a temporary in the same directory and then rename()'ing +# it to the file. +# +driftfile /etc/ntp/drift + +# +# Uncomment to use a multicast NTP server on the local subnet: +#multicastclient 224.0.1.1 # listen on default 224.0.1.1 +# Set an optional compensation for broadcast packet delay: +#broadcastdelay 0.008 + +# +# Keys file. If you want to diddle your server at run time, make a +# keys file (mode 600 for sure) and define the key number to be +# used for making requests. +# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote +# systems might be able to reset your clock at will. +# +#keys /etc/ntp/keys +#trustedkey 65535 +#requestkey 65535 +#controlkey 65535 + +# +# Don't serve time or stats to anyone else by default (more secure) +restrict default limited kod nomodify notrap nopeer noquery +restrict -6 default limited kod nomodify notrap nopeer noquery + +# +# Use these lines instead if you do want to serve time and stats to +# other machines on the network: +#restrict default limited kod nomodify notrap nopeer +#restrict -6 default limited kod nomodify notrap nopeer + +# +# Disable the ntpdc -c monlist command, which is insecure and can be used +# to cause a denial of service attack (CVE-2013-5211). Future versions of +# NTP will remove this command. +# (this feature was disabled by default with ntpd 4.2.7p230) +disable monitor + +# +# Trust ourselves. :-) +restrict 127.0.0.1 +restrict ::1 + |