45 lines
1.2 KiB
Django/Jinja
45 lines
1.2 KiB
Django/Jinja
#
|
|
# ACTHUNG:
|
|
#
|
|
# Wird via Ansible konfiguriert. Bitte nicht manuell ändern!
|
|
#
|
|
|
|
# /etc/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
|
|
|
|
driftfile /var/lib/ntp/ntp.drift
|
|
|
|
logfile /var/log/ntpstats/ntp.log
|
|
|
|
statistics loopstats peerstats clockstats
|
|
filegen loopstats file loopstats type day enable
|
|
filegen peerstats file peerstats type day enable
|
|
filegen clockstats file clockstats type day enable
|
|
|
|
server 127.127.1.0
|
|
fudge 127.127.1.0 stratum 10
|
|
|
|
server ptbtime1.ptb.de
|
|
server ptbtime2.ptb.de
|
|
server ptbtime3.ptb.de
|
|
server 0.de.pool.ntp.org
|
|
server 1.de.pool.ntp.org
|
|
|
|
# Restrict all incoming connection
|
|
restrict -4 default ignore
|
|
restrict -6 default ignore
|
|
|
|
restrict 192.53.103.108 nomodify notrap nopeer noquery
|
|
restrict 192.53.103.104 nomodify notrap nopeer noquery
|
|
restrict 192.53.103.103 nomodify notrap nopeer noquery
|
|
|
|
# Local users may interrogate the ntp server more closely.
|
|
restrict 127.0.0.1
|
|
restrict -6 ::1
|
|
|
|
# Disable the monlist request as this is associated with ntp
|
|
# amplification attacks
|
|
disable monitor
|
|
restrict {{ ffhh.prefix4.split("/")[0] }} mask {{ ffhh.prefix4 | ipaddr('netmask') }} nomodify notrap nopeer
|
|
restrict {{ ffhh.prefix6.split("/")[0] }} mask {{ ffhh.prefix6 | ipaddr('netmask') }} nomodify notrap nopeer
|
|
|