[chrony-users] Is restrict option supported in chrony.conf 2.1

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-users Archives ]


Dear list members:

I have used ntpd in the past. I am now working with chronyd on Centos 7.3 which has v 2.1.1

For allowing local hosts to query my ntpd server I would use:

restrict 192.168.128.0 mask 255.255.255.0 nomodify notrap

In the chronyd docs I only see the following equivalent:

allow 192.168.128/24

Does this allow open up the server to updates from local hosts as well as permitting them to get the time?

Basically how do I provide the level of protection of my time server with chonyd as I did with ntpd.

Additionally, ntpd provides protection from upstream servers:

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default kod nomodify notrap nopeer noquery

Is this an issue with chronyd?


thank you


--
To unsubscribe email chrony-users-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject. For help email chrony-users-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.


Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/