I'm trying to secure the ntp.conf file on a server.
currently the /etc/ntp.conf file looks like following (except with real ips/networks):
the problem is the stupid implementation of the 'default' keyword. basically i want the x.0.0.0 network to be able to query the server to set their own time, but i want EVERYONE ELSE to be ignored.
the 'restrict default ignore' statement will ignore EVERYONE, regardless of whether there is a more specific rule or not AND regardless of the order it is in the file.
is what i want possible or do i have it restricted as much as i can?
**
server is running solaris 8 and ntp 4.2.0
currently the /etc/ntp.conf file looks like following (except with real ips/networks):
Code:
server x.x.x.x
driftfile /etc/ntp.drift
restrict default nomodify notrap nopeer
restrict x.0.0.0 mask 255.0.0.0 nomodify notrap nopeer
restrict 127.0.0.1
tinker panic 0
the problem is the stupid implementation of the 'default' keyword. basically i want the x.0.0.0 network to be able to query the server to set their own time, but i want EVERYONE ELSE to be ignored.
the 'restrict default ignore' statement will ignore EVERYONE, regardless of whether there is a more specific rule or not AND regardless of the order it is in the file.
is what i want possible or do i have it restricted as much as i can?
**
server is running solaris 8 and ntp 4.2.0