From: Ciro Scognamiglio <ciro.scognamiglio@cslash.net>
Date: Mon, 23 Dec 2013 14:31:17 +0000 (+0100)
Subject: added access restrictions to ntp.conf
X-Git-Tag: nodeconfig-5.2-4~3
X-Git-Url: http://git.onelab.eu/?p=nodeconfig.git;a=commitdiff_plain;h=1612c8dfe992fba0af1e8c283da36f7dfb2164f7

added access restrictions to ntp.conf
---

diff --git a/PlanetLabConf/ntp.conf.php b/PlanetLabConf/ntp.conf.php
index 4945fb0..247ffe1 100755
--- a/PlanetLabConf/ntp.conf.php
+++ b/PlanetLabConf/ntp.conf.php
@@ -49,6 +49,13 @@ if (!empty($sites)) {
 print( "# node $hostname site $site_name $mylat $mylong $model\n");
 print( "driftfile /var/lib/ntp/ntp.drift\n" );
 print( "statsdir /var/log/ntpstats/\n" );
+print( "# Permit time synchronization with our time source, but do not\n");
+print( "# permit the source to query or modify the service on this system.\n");
+print( "restrict default kod nomodify notrap nopeer noquery\n");
+print( "restrict -6 default kod nomodify notrap nopeer noquery");
+print( "restrict 127.0.0.1");
+print( "restrict -6 ::1");
+
 if (is_numeric(array_search($model, $problem_models))) {
   print( "tinker stepout 0\n" );
 }