ntpd
. The file contains one value used to adjust the system clock frequency after every system or service start. See Understanding the Drift File for more information. nomodify
options prevents any changes to the configuration. notrap
option prevents ntpdc
control message protocol traps. nopeer
option prevents a peer association being formed. noquery
option prevents ntpq
and ntpdc
queries, but not time queries, from being answered. ntpq
and ntpdc
queries can be used in amplification attacks, therefore do not remove the noquery
option from the restrict default
command on publicly accessible systems. 127.0.0.0/8
are sometimes required by various processes or applications. As the 'restrict default' line above prevents access to everything not explicitly allowed, access to the standard loopback address for IPv4
and IPv6
is permitted by means of the following lines: Addresses can be added underneath if specifically required by another application. 192.0.2.0/24
network to query the time and statistics but nothing more, a line in the following format is required: To allow unrestricted access from a specific host, for example 192.0.2.250/32
, a line in the following format is required: A mask of 255.255.255.255
is applied if none is specified. ntp_acc(5)
man page. ntp.conf
file contains four public server entries: ntp.conf
file contains some commented out examples. These are largely self explanatory. See Section 15.17, “Configure NTP” for the explanation of the specific commands. If required, add your commands just below the examples.