1 |
misc |
18 |
# |
2 |
|
|
# Undisciplined Local Clock. This is a fake driver intended for backup |
3 |
|
|
# and when no outside source of synchronized time is available. The |
4 |
|
|
# default stratum is usually 3, but in this case we elect to use stratum |
5 |
|
|
# 0. Since the server line does not have the prefer keyword, this driver |
6 |
|
|
# is never used for synchronization, unless no other other |
7 |
|
|
# synchronization source is available. In case the local host is |
8 |
|
|
# controlled by some external source, such as an external oscillator or |
9 |
|
|
# another protocol, the prefer keyword would cause the local host to |
10 |
|
|
# disregard all other synchronization sources, unless the kernel |
11 |
|
|
# modifications are in use and declare an unsynchronized condition. |
12 |
|
|
# |
13 |
|
|
server 127.127.1.0 # local clock |
14 |
|
|
fudge 127.127.1.0 stratum 10 |
15 |
|
|
|
16 |
|
|
server fr.pool.ntp.org |
17 |
|
|
|
18 |
|
|
# |
19 |
|
|
# Drift file. Put this in a directory which the daemon can write to. |
20 |
|
|
# No symbolic links allowed, either, since the daemon updates the file |
21 |
|
|
# by creating a temporary in the same directory and then rename()'ing |
22 |
|
|
# it to the file. |
23 |
|
|
# |
24 |
|
|
driftfile /var/lib/ntp/drift |
25 |
|
|
multicastclient # listen on default 224.0.1.1 |
26 |
|
|
broadcastdelay 0.008 |
27 |
|
|
|
28 |
boklm |
3399 |
# http://www.kb.cert.org/vuls/id/348126 |
29 |
|
|
restrict default nomodify notrap nopeer noquery |
30 |
|
|
restrict -6 default nomodify notrap nopeer noquery |
31 |
|
|
# https://isc.sans.edu/forums/diary/NTP+reflection+attack/17300 |
32 |
|
|
disable monitor |
33 |
|
|
|
34 |
misc |
18 |
# |
35 |
|
|
# Keys file. If you want to diddle your server at run time, make a |
36 |
|
|
# keys file (mode 600 for sure) and define the key number to be |
37 |
|
|
# used for making requests. |
38 |
|
|
# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote |
39 |
|
|
# systems might be able to reset your clock at will. |
40 |
|
|
# |
41 |
|
|
#keys /etc/ntp/keys |
42 |
|
|
#trustedkey 65535 |
43 |
|
|
#requestkey 65535 |
44 |
|
|
#controlkey 65535 |
45 |
|
|
|
46 |
|
|
#restrict default ignore |