summaryrefslogtreecommitdiffstats
path: root/patches/source/ntp/ntp.conf
diff options
context:
space:
mode:
Diffstat (limited to 'patches/source/ntp/ntp.conf')
-rw-r--r--patches/source/ntp/ntp.conf72
1 files changed, 72 insertions, 0 deletions
diff --git a/patches/source/ntp/ntp.conf b/patches/source/ntp/ntp.conf
new file mode 100644
index 00000000..1844fb91
--- /dev/null
+++ b/patches/source/ntp/ntp.conf
@@ -0,0 +1,72 @@
+# Sample /etc/ntp.conf: Configuration file for ntpd.
+#
+# Undisciplined Local Clock. This is a fake driver intended for backup
+# and when no outside source of synchronized time is available. The
+# default stratum is usually 3, but in this case we elect to use stratum
+# 0. Since the server line does not have the prefer keyword, this driver
+# is never used for synchronization, unless no other other
+# synchronization source is available. In case the local host is
+# controlled by some external source, such as an external oscillator or
+# another protocol, the prefer keyword would cause the local host to
+# disregard all other synchronization sources, unless the kernel
+# modifications are in use and declare an unsynchronized condition.
+#
+server 127.127.1.0 # local clock
+fudge 127.127.1.0 stratum 10
+
+#
+# NTP server (list one or more) to synchronize with:
+#server 0.pool.ntp.org iburst
+#server 1.pool.ntp.org iburst
+#server 2.pool.ntp.org iburst
+#server 3.pool.ntp.org iburst
+
+#
+# Drift file. Put this in a directory which the daemon can write to.
+# No symbolic links allowed, either, since the daemon updates the file
+# by creating a temporary in the same directory and then rename()'ing
+# it to the file.
+#
+driftfile /etc/ntp/drift
+
+#
+# Uncomment to use a multicast NTP server on the local subnet:
+#multicastclient 224.0.1.1 # listen on default 224.0.1.1
+# Set an optional compensation for broadcast packet delay:
+#broadcastdelay 0.008
+
+#
+# Keys file. If you want to diddle your server at run time, make a
+# keys file (mode 600 for sure) and define the key number to be
+# used for making requests.
+# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote
+# systems might be able to reset your clock at will.
+#
+#keys /etc/ntp/keys
+#trustedkey 65535
+#requestkey 65535
+#controlkey 65535
+
+#
+# Don't serve time or stats to anyone else by default (more secure)
+restrict default limited kod nomodify notrap nopeer noquery
+restrict -6 default limited kod nomodify notrap nopeer noquery
+
+#
+# Use these lines instead if you do want to serve time and stats to
+# other machines on the network:
+#restrict default limited kod nomodify notrap nopeer
+#restrict -6 default limited kod nomodify notrap nopeer
+
+#
+# Disable the ntpdc -c monlist command, which is insecure and can be used
+# to cause a denial of service attack (CVE-2013-5211). Future versions of
+# NTP will remove this command.
+# (this feature was disabled by default with ntpd 4.2.7p230)
+disable monitor
+
+#
+# Trust ourselves. :-)
+restrict 127.0.0.1
+restrict ::1
+