Date: Sat, 05 Nov 2011 10:10:48 +0200 From: Alexander Kapshuk <alexander.kapshuk@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: trouble setting timezone for ukraine Message-ID: <4EB4EF88.20507@gmail.com> In-Reply-To: <4EB4EE92.60303@infracaninophile.co.uk> References: <4EB44272.6060809@gmail.com> <44vcqzbrlu.fsf@be-well.ilk.org> <20111104215321.5f9ca2eb@nonamehost.> <44r51nbq4p.fsf@be-well.ilk.org> <4EB457C1.2070607@gmail.com> <44lirvbopw.fsf@be-well.ilk.org> <4EB46E5C.2000107@gmail.com> <44bosro5uj.fsf@lowell-desk.lan> <4EB4EA43.80405@gmail.com> <4EB4EE92.60303@infracaninophile.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On 11/05/11 10:06, Matthew Seaman wrote: > On 05/11/2011 07:48, Alexander Kapshuk wrote: >> i'm not sure i clearly understand what has to be done to make the ntp >> server on my system to be inaccessible to anyone but me. >> >> a sample /etc/ntp.conf would be appreciated. >> > You need the 'restrict' keyword to control access to ntpd -- add a block > something like this to the beginning of ntp.conf: > > restrict default nomodify nopeer noquery notrap # everyone can go away... > restrict -6 default nomodify nopeer noquery notrap > restrict 127.0.0.1 # except me ... > restrict -6 ::1 > restrict 81.187.76.160 mask 255.255.255.248 nomodify notrap nopeer # or > the local net > restrict -6 2001:8b0:151:1:: mask ffff:ffff:ffff:ffff:: nomodify notrap > nopeer > > Except, obviously, replace the network addresses and netmasks in the > last two lines with appropriate settings for your environment. See > ntp.conf(5). Note these restrictions apply to outgoing as well as > incoming queries, so you can block your own access to NTP servers on the > net if not careful. > > Cheers, > > Matthew > understood. thanks. sasha
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4EB4EF88.20507>