diff options
Diffstat (limited to 'abs/core/ntp/ntp.conf')
| -rwxr-xr-x | abs/core/ntp/ntp.conf | 80 |
1 files changed, 35 insertions, 45 deletions
diff --git a/abs/core/ntp/ntp.conf b/abs/core/ntp/ntp.conf index 9411643..93fc919 100755 --- a/abs/core/ntp/ntp.conf +++ b/abs/core/ntp/ntp.conf @@ -1,57 +1,47 @@ -# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help +# NOTES: +# - you should only have to update the server line below +# - if you start getting lines like 'restrict' and 'fudge' +# and you didnt add them, AND you run dhcpcd on your +# network interfaces, be sure to add '-Y -N' to the +# dhcpcd_ethX variables in /etc/conf.d/net -#driftfile /var/lib/ntp/ntp.drift -driftfile /etc/ntp.drift +# Name of the servers ntpd should sync with +# Please respect the access policy as stated by the responsible person. +#server ntp.example.tld iburst +server pool.ntp.org -# Enable this if you want statistics to be logged. -#statsdir /var/log/ntpstats/ - -statistics loopstats peerstats clockstats -filegen loopstats file loopstats type day enable -filegen peerstats file peerstats type day enable -filegen clockstats file clockstats type day enable - +## +# A list of available servers can be found here: +# http://www.pool.ntp.org/ +# http://www.pool.ntp.org/#use +# A good way to get servers for your machine is: +# netselect -s 3 pool.ntp.org +## -# You do need to talk to an NTP server or two (or three). -#server ntp.your-provider.example +# you should not need to modify the following paths +driftfile /var/lib/ntp/ntp.drift -# pool.ntp.org maps to about 1000 low-stratum NTP servers. Your server will -# pick a different set every time it starts up. Please consider joining the -# pool: <http://www.pool.ntp.org/join.html> -server pool.ntp.org -server 0.us.pool.ntp.org iburst -server 1.us.pool.ntp.org iburst -server 2.us.pool.ntp.org iburst -server 3.us.pool.ntp.org iburst +#server ntplocal.example.com prefer +#server timeserver.example.org +# Warning: Using default NTP settings will leave your NTP +# server accessible to all hosts on the Internet. -# Access control configuration; see /usr/share/doc/ntp-doc/html/accopt.html for -# details. The web page <http://support.ntp.org/bin/view/Support/AccessRestrictions> -# might also be helpful. -# -# Note that "restrict" applies to both servers and clients, so a configuration -# that might be intended to block requests from certain clients could also end -# up blocking replies from your own upstream servers. +# If you want to deny all machines (including your own) +# from accessing the NTP server, uncomment: +#restrict default ignore -# By default, exchange time with everybody, but don't allow configuration. -restrict -4 default kod notrap nomodify nopeer noquery -restrict -6 default kod notrap nomodify nopeer noquery -# Local users may interrogate the ntp server more closely. +# To deny other machines from changing the +# configuration but allow localhost: +restrict default nomodify nopeer restrict 127.0.0.1 -restrict ::1 - -# Clients from this (example!) subnet have unlimited access, but only if -# cryptographically authenticated. -#restrict 192.168.123.0 mask 255.255.255.0 notrust -# If you want to provide time to your local subnet, change the next line. -# (Again, the address is an example only.) -#broadcast 192.168.123.255 - -# If you want to listen to time broadcasts on your local subnet, de-comment the -# next lines. Please do this only if you trust everybody on the network! -#disable auth -#broadcastclient
\ No newline at end of file +# To allow machines within your network to synchronize +# their clocks with your server, but ensure they are +# not allowed to configure the server or used as peers +# to synchronize against, uncomment this line. +# +#restrict 192.168.0.0 mask 255.255.255.0 nomodify nopeer notrap |