[chrony-users] Is restrict option supported in chrony.conf 2.1

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-users Archives ]

To: chrony-users@xxxxxxxxxxxxxxxxxxxx
Subject: [chrony-users] Is restrict option supported in chrony.conf 2.1
From: Robert Moskowitz <rgm@xxxxxxxxxxxxxxx>
Date: Tue, 27 Dec 2016 09:30:37 -0500

Dear list members:

I have used ntpd in the past. I am now working with chronyd on Centos7.3 which has v 2.1.1


For allowing local hosts to query my ntpd server I would use:

restrict 192.168.128.0 mask 255.255.255.0 nomodify notrap

In the chronyd docs I only see the following equivalent:

allow 192.168.128/24

Does this allow open up the server to updates from local hosts as wellas permitting them to get the time?

Basically how do I provide the level of protection of my time serverwith chonyd as I did with ntpd.


Additionally, ntpd provides protection from upstream servers:

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery

Is this an issue with chronyd?


thank you


--

To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxxwith "unsubscribe" in the subject.For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxxwith "help" in the subject.

Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.

Messages sorted by: [ date | thread ]
Prev by Date: [chrony-users] Leap second coming up.
Next by Date: Re: [chrony-users] Leap second coming up.
Previous by thread: Re: [chrony-users] Leap second coming up.

Mail converted by MHonArc 2.6.19+

http://listengine.tuxfamily.org/