From owner-freebsd-net@FreeBSD.ORG Fri Jun 5 14:27:28 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EF20B1065675; Fri, 5 Jun 2009 14:27:28 +0000 (UTC) (envelope-from valentin.bud@gmail.com) Received: from mail-bw0-f217.google.com (mail-bw0-f217.google.com [209.85.218.217]) by mx1.freebsd.org (Postfix) with ESMTP id C59138FC17; Fri, 5 Jun 2009 14:27:27 +0000 (UTC) (envelope-from valentin.bud@gmail.com) Received: by bwz17 with SMTP id 17so419881bwz.43 for ; Fri, 05 Jun 2009 07:27:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :from:date:message-id:subject:to:cc:content-type; bh=tTTXWDU9IpuyLzpMGxXjsFbVNxW6HQbRUOn34cQX4Gk=; b=TuTasg1t1/h4NUUaTFnosHxz5rR0oZgbvXIdinQDiGYMWiOuLcZsdGM6aA4aoe9utD zzgYCI2VpCeWujfWKSIk1dYmfetjbmkhqnMeUvT88UdIrTL60zs6ym137NfY08Gio5Vd KSnas/WEc7ffan46VrV+gsW//Xo62jpsW3caI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; b=I3utt5EifN+K4clTL3UbWNl1o3rv0Slzx0OAb0g6PY2sBI5n7dgtM5bnKJZCH9ilxy iZpNnJIE+TfefjhMOOlzG9yizUL8yP40E3owIrZQbbmivli4GuqOdavm5Gy2uvntB7k9 56Jn0hQZfB/lOVKP8Eq7RnS91EhWcr7ShwwLg= MIME-Version: 1.0 Received: by 10.103.168.12 with SMTP id v12mr2166720muo.130.1244210193127; Fri, 05 Jun 2009 06:56:33 -0700 (PDT) In-Reply-To: References: <20090605124428.GA85576@mavetju.org> From: Valentin Bud Date: Fri, 5 Jun 2009 16:56:13 +0300 Message-ID: <139b44430906050656pe72d107mfa23561f8f706461@mail.gmail.com> To: "Sean C. Farley" Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Ollivier Robert , freebsd-net@freebsd.org, Edwin Groothuis Subject: Re: NTP - default /etc/ntp.conf X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Jun 2009 14:27:29 -0000 On Fri, Jun 5, 2009 at 4:52 PM, Sean C. Farley wrote: > On Fri, 5 Jun 2009, Edwin Groothuis wrote: > > After pondering at conf/58595, I came with this text. >> >> The ntpd is not enabled by default, so the fact that the servers >> are commented out should not be an issue. >> >> Any objections against adding it to the tree? >> > > I like it. > > I would also add restrict lines to it since ntp defaults to being open to > all packets. > > These would ignore everything except the pools (restricted) and localhost > (open): > restrict default ignore > restrict pool.ntp.org nomodify nopeer noquery notrap > restrict pool.ntp.org nomodify nopeer noquery notrap > restrict 127.0.0.1 > restrict -6 ::1 > > > Index: etc/ntp.conf >> =================================================================== >> --- etc/ntp.conf (revision 0) >> +++ etc/ntp.conf (revision 0) >> @@ -0,0 +1,28 @@ >> +# >> +# $FreeBSD$ >> +# >> +# Default NTP servers for the FreeBSD operating system. >> +# >> +# Don't forget to enable ntpd in /etc/rc.conf with: >> +# ntpd_enable="YES" >> +# >> + >> +driftfile /var/db/ntpd.drift >> + >> +# >> +# Uncomment the following three lines to sync against three "local" >> +# public NTP servers. >> +# >> +# server pool.ntp.org >> +# server pool.ntp.org >> +# server pool.ntp.org >> + >> +# >> +# If you want to pick yourself which country's public NTP server >> +# you want sync against, comment out the above servers, uncomment >> +# the next ones and replace CC with the country's abbrevation. >> +# >> +# server CC.pool.ntp.org >> +# server CC.pool.ntp.org >> +# server CC.pool.ntp.org >> +# >> Index: etc/Makefile >> =================================================================== >> --- etc/Makefile (revision 193485) >> +++ etc/Makefile (working copy) >> @@ -14,7 +14,7 @@ >> hosts hosts.allow hosts.equiv \ >> inetd.conf libalias.conf login.access login.conf mac.conf motd \ >> netconfig network.subr networks newsyslog.conf nsswitch.conf \ >> - phones profile protocols \ >> + ntpd.conf phones profile protocols \ >> > > ntpd.conf or ntp.conf? I guess it's a typo and should be ntp.conf. > > > Sean > -- > scf@FreeBSD.org > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" > That's a very good idea. It provides a starting point for new users of ntpd. my 7c, v -- network warrior since 2005