added access restrictions to ntp.conf

diff --git a/PlanetLabConf/ntp.conf.php b/PlanetLabConf/ntp.conf.php
index 4945fb0..247ffe1 100755 (executable)
--- a/PlanetLabConf/ntp.conf.php
+++ b/PlanetLabConf/ntp.conf.php
@@ -49,6 +49,13 @@ if (!empty($sites)) {
 print( "# node $hostname site $site_name $mylat $mylong $model\n");
 print( "driftfile /var/lib/ntp/ntp.drift\n" );
 print( "statsdir /var/log/ntpstats/\n" );
+print( "# Permit time synchronization with our time source, but do not\n");
+print( "# permit the source to query or modify the service on this system.\n");
+print( "restrict default kod nomodify notrap nopeer noquery\n");
+print( "restrict -6 default kod nomodify notrap nopeer noquery");
+print( "restrict 127.0.0.1");
+print( "restrict -6 ::1");
+
 if (is_numeric(array_search($model, $problem_models))) {
   print( "tinker stepout 0\n" );
 }