evolix
/
ansible-roles
Watch 17
Star 2
Fork 0
Code Issues 50 Pull Requests 12 Releases 26 Wiki Activity
Browse Source

* ntpd: Update the restrictions to follow wiki.evolix.org/HowtoNTP client config 

- Ensure the client won't respond to anybody but accept the timeserver 
answers
- Should work on both Jessie and Stretch
alert5-minifirewall-restart
Ludovic Poujol 1 year ago
parent
87860d5b7f
commit
af896fe1fc
2 changed files with 5 additions and 2 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -0
      CHANGELOG.md
  2. +4
    -2
      ntpd/defaults/main.yml

+ 1
- 0
CHANGELOG.md View File

@@ -15,6 +15,7 @@ The **patch** part changes incrementally at each release.
### Changed

### Fixed
* ntpd: Update the restrictions to follow wiki.evolix.org/HowtoNTP client config

### Security



+ 4
- 2
ntpd/defaults/main.yml View File

@@ -2,7 +2,9 @@
ntpd_servers:
- 'ntp.evolix.net iburst'
ntpd_acls:
- '-4 default kod notrap nomodify nopeer noquery'
- '-6 default kod notrap nomodify nopeer noquery'
- '-4 default ignore'
- '-6 default ignore'
- 'source nomodify noquery notrap' # Debian 9 and later
- 'ntp.evolix.net nomodify noquery notrap' # Debian 8
- '127.0.0.1'
- '::1'

Write Preview
Loading…
Cancel
Save