On 2010-10-28, [email protected] wrote: > Florin Andrei wrote: >> above would be great. Would have saved me a lot of trouble. > > restrict source ... > has been around since ntp 4.2.7p22 (01-Apr-2010)?
NTP4 v2.7.22 > However you are using ntp 4.2.2p1-7 (08-Jul-2006) ? NTP4 v2.2.1-7 The prepackaged versiom of NTP shipped by most OSes does tend to be a bit old. We do provide Debian packages of the current ntp-dev snapshot (binary i386 on Stable, and source debs). The Debian Testimg release usually ships a relatively recent stable relase of NTP (which can be used on a "stable" machine through "apt pinning". >> restrict 10.10.16.64 noquery >> restrict 10.10.16.65 noquery > > So, those server can't get time from yours, but they can change your > running conf Not unless you either (a) start ntpd with -A to disable NTP auth or (b) you configure symmetric keys for remote control _and_ the remote end has that information. > and request to be a trap? Which is only a monitor. >> # now close the door >> restrict default ignore > > I would have done it in the opposite order, > (default ignore, before allows), perhaps it doesn't matter. The order does not matter. -- Steve Kostecke <[email protected]> NTP Public Services Project - http://support.ntp.org/ _______________________________________________ questions mailing list [email protected] http://lists.ntp.org/listinfo/questions
