From owner-freebsd-net@FreeBSD.ORG Fri Jun 5 13:52:06 2009 Return-Path: Delivered-To: freebsd-net@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 58AA01065678; Fri, 5 Jun 2009 13:52:06 +0000 (UTC) (envelope-from scf@FreeBSD.org) Received: from mail.farley.org (mail.farley.org [IPv6:2001:470:1f0f:20:2::11]) by mx1.freebsd.org (Postfix) with ESMTP id C10EC8FC1B; Fri, 5 Jun 2009 13:52:03 +0000 (UTC) (envelope-from scf@FreeBSD.org) Received: from thor.farley.org (HPooka@thor.farley.org [IPv6:2001:470:1f0f:20:1::5]) by mail.farley.org (8.14.3/8.14.3) with ESMTP id n55Dq1Qn031368; Fri, 5 Jun 2009 08:52:01 -0500 (CDT) (envelope-from scf@FreeBSD.org) Date: Fri, 5 Jun 2009 08:52:01 -0500 (CDT) From: "Sean C. Farley" To: Edwin Groothuis In-Reply-To: <20090605124428.GA85576@mavetju.org> Message-ID: References: <20090605124428.GA85576@mavetju.org> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Spam-Status: No, score=-2.6 required=4.0 tests=BAYES_00,NO_RELAYS autolearn=ham version=3.2.5 X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on mail.farley.org Cc: Ollivier Robert , freebsd-net@FreeBSD.org Subject: Re: NTP - default /etc/ntp.conf X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Jun 2009 13:52:07 -0000 On Fri, 5 Jun 2009, Edwin Groothuis wrote: > After pondering at conf/58595, I came with this text. > > The ntpd is not enabled by default, so the fact that the servers > are commented out should not be an issue. > > Any objections against adding it to the tree? I like it. I would also add restrict lines to it since ntp defaults to being open to all packets. These would ignore everything except the pools (restricted) and localhost (open): restrict default ignore restrict pool.ntp.org nomodify nopeer noquery notrap restrict pool.ntp.org nomodify nopeer noquery notrap restrict 127.0.0.1 restrict -6 ::1 > Index: etc/ntp.conf > =================================================================== > --- etc/ntp.conf (revision 0) > +++ etc/ntp.conf (revision 0) > @@ -0,0 +1,28 @@ > +# > +# $FreeBSD$ > +# > +# Default NTP servers for the FreeBSD operating system. > +# > +# Don't forget to enable ntpd in /etc/rc.conf with: > +# ntpd_enable="YES" > +# > + > +driftfile /var/db/ntpd.drift > + > +# > +# Uncomment the following three lines to sync against three "local" > +# public NTP servers. > +# > +# server pool.ntp.org > +# server pool.ntp.org > +# server pool.ntp.org > + > +# > +# If you want to pick yourself which country's public NTP server > +# you want sync against, comment out the above servers, uncomment > +# the next ones and replace CC with the country's abbrevation. > +# > +# server CC.pool.ntp.org > +# server CC.pool.ntp.org > +# server CC.pool.ntp.org > +# > Index: etc/Makefile > =================================================================== > --- etc/Makefile (revision 193485) > +++ etc/Makefile (working copy) > @@ -14,7 +14,7 @@ > hosts hosts.allow hosts.equiv \ > inetd.conf libalias.conf login.access login.conf mac.conf motd \ > netconfig network.subr networks newsyslog.conf nsswitch.conf \ > - phones profile protocols \ > + ntpd.conf phones profile protocols \ ntpd.conf or ntp.conf? Sean -- scf@FreeBSD.org