Heads up - default restriction change

Hal Murray hmurray at megapathdsl.net
Sat Apr 11 20:41:33 UTC 2020

This may break things.

The default restriction now starts with noquery and limited.
The idea is to reduce opportunities for DDoS-ing.

If you use ntpq, that will break things unless you have restrict lines that 
explicitly allow access.

If you don't have any restrict lines, you probably want to add something like 
this to your config file:
    restrict ::1


The action of restrict is more complicated than I expected.
  restrict bob X
adds X to bob's restrictions rather than replacing bob's restrictions.

unrestrict bob
deletes the slot for bob.  But not if bob is default.
If you want to get back to the old behavior, use
  unrestrict default noquery limited

These are my opinions.  I hate spam.

More information about the devel mailing list