Heads up - default restriction change
Hal Murray
hmurray at megapathdsl.net
Sat Apr 11 20:41:33 UTC 2020
This may break things.
The default restriction now starts with noquery and limited.
The idea is to reduce opportunities for DDoS-ing.
If you use ntpq, that will break things unless you have restrict lines that
explicitly allow access.
If you don't have any restrict lines, you probably want to add something like
this to your config file:
restrict 192.168.1.0/24
restrict 127.0.0.1
restrict ::1
----------
The action of restrict is more complicated than I expected.
restrict bob X
adds X to bob's restrictions rather than replacing bob's restrictions.
unrestrict bob
deletes the slot for bob. But not if bob is default.
If you want to get back to the old behavior, use
unrestrict default noquery limited
--
These are my opinions. I hate spam.
More information about the devel
mailing list