* ntpd: Update the restrictions to follow wiki.evolix.org/HowtoNTP client config
- Ensure the client won't respond to anybody but accept the timeserver answers - Should work on both Jessie and Stretch
This commit is contained in:
parent
87860d5b7f
commit
af896fe1fc
|
@ -15,6 +15,7 @@ The **patch** part changes incrementally at each release.
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
* ntpd: Update the restrictions to follow wiki.evolix.org/HowtoNTP client config
|
||||||
|
|
||||||
### Security
|
### Security
|
||||||
|
|
||||||
|
|
|
@ -2,7 +2,9 @@
|
||||||
ntpd_servers:
|
ntpd_servers:
|
||||||
- 'ntp.evolix.net iburst'
|
- 'ntp.evolix.net iburst'
|
||||||
ntpd_acls:
|
ntpd_acls:
|
||||||
- '-4 default kod notrap nomodify nopeer noquery'
|
- '-4 default ignore'
|
||||||
- '-6 default kod notrap nomodify nopeer noquery'
|
- '-6 default ignore'
|
||||||
|
- 'source nomodify noquery notrap' # Debian 9 and later
|
||||||
|
- 'ntp.evolix.net nomodify noquery notrap' # Debian 8
|
||||||
- '127.0.0.1'
|
- '127.0.0.1'
|
||||||
- '::1'
|
- '::1'
|
||||||
|
|
Loading…
Reference in a new issue