[Git][NTPsec/ntpsec][master] reanchor documents
Richard Laager
gitlab at mg.gitlab.com
Mon Dec 9 22:34:03 UTC 2019
Richard Laager pushed to branch master at NTPsec / ntpsec
Commits:
5f885bab by James Browning at 2019-12-09T22:23:52Z
reanchor documents
- - - - -
10 changed files:
- docs/includes/access-commands.adoc
- docs/includes/accopt.adoc
- docs/includes/assoc-commands.adoc
- docs/includes/auth-commands.adoc
- docs/includes/clock-options.adoc
- docs/includes/manual.adoc
- docs/includes/misc-options.adoc
- docs/includes/mon-commands.adoc
- docs/includes/ntpq-body.adoc
- docs/includes/ntpsnmpd-body.adoc
Changes:
=====================================
docs/includes/access-commands.adoc
=====================================
@@ -1,7 +1,6 @@
// Access control commands. Is included twice.
-[[discard]]
-+discard+ [+average+ _avg_] [+minimum+ _min_] [+monitor+ _prob_]::
+[[discard]]+discard+ [+average+ _avg_] [+minimum+ _min_] [+monitor+ _prob_]::
Set the parameters of the +limited+ facility which protects the server
from client abuse. The +average+ subcommand specifies the minimum
average packet spacing, while the +minimum+ subcommand specifies the
@@ -22,8 +21,7 @@
is a performance optimization for servers with aggregate arrivals of
1000 packets per second or more.
-[[restrict]]
-+restrict+ _address_[/_cidr_] [+mask+ _mask_] [+flag+ +...+]::
+[[restrict]]+restrict+ _address_[/_cidr_] [+mask+ _mask_] [+flag+ +...+]::
The _address_ argument expressed in dotted-quad (for IPv4) or
:-delimited (for IPv6) form is the address of a
host or network. Alternatively, the _address_ argument can be a valid
@@ -109,8 +107,7 @@ though if it is otherwise unconfigured; no flags are associated with
the default entry (i.e., everything besides your own NTP server is
unrestricted).
-[[unrestrict]]
-+unrestrict+ _address_[/_cidr_] [+mask+ _mask_] [+flag+ +...+]::
+[[unrestrict]]+unrestrict+ _address_[/_cidr_] [+mask+ _mask_] [+flag+ +...+]::
Like a +restrict+ command, but turns off the specified flags rather
than turning them on (expected to be useful mainly with ntpq
:config). An unrestrict with no flags specified removes any rule
=====================================
docs/includes/accopt.adoc
=====================================
@@ -1,5 +1,6 @@
=== Access Control Commands and Options
* link:accopt.html#discard[discard - specify headway parameters]
* link:accopt.html#restrict[restrict - specify access restrictions]
+* link:accopt.html#unrestrict[unrestrict - remove access restrictions]
* link:comdex.html[Command Index]
=====================================
docs/includes/assoc-commands.adoc
=====================================
@@ -21,28 +21,24 @@ link-local IPV6 address with an interface specified in
+refclock+ directive; a missing unit clause is interpreted as unit
0.
-[[pool]]
-+pool+::
+[[pool]]+pool+::
For server addresses, this command mobilizes a persistent client
mode association with a number of remote servers. In this mode the
local clock can synchronized to the remote server, but the remote
server can never be synchronized to the local clock.
-[[server]]
-+server+::
+[[server]]+server+::
For server addresses, this command mobilizes a persistent client
mode association with the specified remote server or local radio
clock. In this mode the local clock can synchronized to the remote
server, but the remote server can never be synchronized to the local
clock.
-[[peer]]
-+peer+::
+[[peer]]+peer+::
NTP peer mode has been removed for security reasons. peer is now just
an alias for the server keyword. See above.
-[[unpeer]]
-+unpeer+::
+[[unpeer]]+unpeer+::
This command removes a previously configured association. An address
or association ID can be used to identify the association. Either an
IP address or DNS name can be used. This command is most useful when
=====================================
docs/includes/auth-commands.adoc
=====================================
@@ -2,22 +2,19 @@
The following declarations control MAC authentication:
-[[controlkey]]
-+controlkey+ _key_::
+[[controlkey]]+controlkey+ _key_::
Specifies the key identifier to use with the
{ntpqman} utility, which uses the standard protocol defined in
RFC 5905. The _key_ argument is the key identifier for a trusted key,
where the value can be in the range 1 to 65,535, inclusive.
-[[keys]]
-+keys+ _keyfile_::
+[[keys]]+keys+ _keyfile_::
Specifies the complete path and location of the key file
containing the keys and key identifiers used by {ntpdman},
and {ntpqman} when operating with symmetric-key cryptography.
This is the same operation as the +-k+ command line option.
-[[trustedkey]]
-+trustedkey+ _key..._ ::
+[[trustedkey]]+trustedkey+ _key..._ ::
Specifies the key identifiers which are trusted for the purposes of
authenticating peers with symmetric key cryptography, as well as keys
used by the {ntpqman} program.
=====================================
docs/includes/clock-options.adoc
=====================================
@@ -1,7 +1,6 @@
// Options for refclocks. Included twice.
-[[options-inner]]
-+refclock+ _drivername_ [+unit+ _u_] [+prefer+] [+subtype+ _int_] [+mode+ _int_] [+minpoll+ _int_] [+maxpoll+ _int_] [+time1+ _sec_] [+time2+ _sec_] [+stratum+ _int_] [+refid+ _string_] [+path+ 'filename'] [+ppspath+ 'filename'] [+baud+ 'number'] [+flag1+ {+0+ | +1+}] [+flag2+ {+0+ | +1+}] [+flag3+ {+0+ | +1+}] [+flag4+ {+0+ | +1+}]::
+[[options-inner]]+refclock+ _drivername_ [+unit+ _u_] [+prefer+] [+subtype+ _int_] [+mode+ _int_] [+minpoll+ _int_] [+maxpoll+ _int_] [+time1+ _sec_] [+time2+ _sec_] [+stratum+ _int_] [+refid+ _string_] [+path+ 'filename'] [+ppspath+ 'filename'] [+baud+ 'number'] [+flag1+ {+0+ | +1+}] [+flag2+ {+0+ | +1+}] [+flag3+ {+0+ | +1+}] [+flag4+ {+0+ | +1+}]::
This command is used to configure reference clocks.
The required _drivername_ argument is the shortname of a driver type
(e.g., +shm+, +nmea+, +generic+;
=====================================
docs/includes/manual.adoc
=====================================
@@ -11,6 +11,7 @@
* link:ntplogtemp.html[+ntplogtemp(1)+ - log system temperature data for use by ntpviz]
* link:ntpmon.html[+ntpmon(1)+ - real-time NTP status monitor]
* link:ntpq.html[+ntpq(1)+ - standard NTP query program]
+* link:ntpsnmp.html[+ntpsnmp(1)+ - an AgentX Simple Network Management Protocol sub-agent +[+experimental+]+]
* link:ntpsweep.html[+ntpsweep(1)+ - print information about given NTP servers]
* link:ntptime.html[+ntptime(8)+ - read and set kernel time variables]
* link:ntptrace.html[+ntptrace(1)+ - trace a chain of NTP servers back to the primary source]
=====================================
docs/includes/misc-options.adoc
=====================================
@@ -5,8 +5,7 @@
packets sent in burst or iburst mode to allow additional time for a
modem or ISDN call to complete.
-[[driftfile]]
-+driftfile+ _driftfile_::
+[[driftfile]]+driftfile+ _driftfile_::
This command specifies the complete path and name of the file used to
record the frequency of the local clock oscillator; this is the same
operation as the +-f+ command line option. If the file exists, it is
@@ -25,8 +24,7 @@ to replace the old version; this implies that {ntpdman} must
have write permission for the directory the drift file is located in,
and that file system links, symbolic or otherwise, should be avoided.
-[[enable]]
-+enable+ [+auth+ | +calibrate+ | +kernel+ | +monitor+ | +ntp+ | +stats+]; +disable+ [+auth+ | +calibrate+ | +kernel+ | +monitor+ | +ntp+ | +stats+]::
+[[enable]]+enable+ [+auth+ | +calibrate+ | +kernel+ | +monitor+ | +ntp+ | +stats+]; +disable+ [+auth+ | +calibrate+ | +kernel+ | +monitor+ | +ntp+ | +stats+]::
Provides a way to enable or disable various server options. Flags not
mentioned are unaffected. Note that all of these flags can be
controlled remotely using the {ntpqman} utility program.
@@ -54,8 +52,7 @@ and that file system links, symbolic or otherwise, should be avoided.
section for further information. The default for this flag is
+disable+.
-[[includefile]]
-+includefile+ _includefile_::
+[[includefile]]+includefile+ _includefile_::
This command allows additional configuration commands to be included
from a separate file. Include files may be nested to a depth of
five; upon reaching the end of any include file, command processing
@@ -66,8 +63,7 @@ and that file system links, symbolic or otherwise, should be avoided.
multiple hosts, with (mostly) common options (e.g., a restriction
list).
-[[interface]]
-+interface+ [+listen+ | +ignore+ | +drop+] [+all+ | +ipv4+ | +ipv6+ | +wildcard+ | 'name' | 'address'[/'prefixlen']]::
+[[interface]]+interface+ [+listen+ | +ignore+ | +drop+] [+all+ | +ipv4+ | +ipv6+ | +wildcard+ | 'name' | 'address'[/'prefixlen']]::
This command controls which network addresses +ntpd+ opens, and
whether the input is dropped without processing. The first parameter
determines the action on addresses which match the second parameter.
@@ -83,8 +79,7 @@ and that file system links, symbolic or otherwise, should be avoided.
are specified in the configuration file, all available network
addresses are opened. The +nic+ command is an alias for +interface+.
-[[leapfile]]
-+leapfile+ 'leapfile'::
+[[leapfile]]+leapfile+ 'leapfile'::
This command loads the NIST leap seconds file and initializes the
leapsecond values for the next leap second time, expiration time and
TAI offset. The file can be obtained using +ntpleapfetch+.
@@ -101,8 +96,7 @@ checks once a day to see if the _leapfile_ has changed.
hours). DO NOT USE THIS OPTION ON PUBLIC-ACCESS SERVERS! See
http://bugs.ntp.org/2855 for more information.
-[[logconfig]]
-+logconfig+ _configkeyword_::
+[[logconfig]]+logconfig+ _configkeyword_::
This command controls the amount and type of output written to the
system _syslog(3)_ facility or the alternate log file. By
default, all output is turned on. All _configkeyword_ keywords can be
@@ -144,8 +138,7 @@ If your ntpd runs for a long time, you probably want to use logrotate or
newsyslog to switch to a new log file occasionally. SIGHUP will reopen
the log file.
-[[mru]]
-+mru+ [+maxdepth+ 'count' | +maxmem+ 'kilobytes' | +mindepth+ 'count' | +maxage+ 'seconds' | +minage+ 'seconds' | +initalloc+ 'count' | +initmem+ 'kilobytes' | +incalloc+ 'count' | +incmem+ 'kilobytes']::
+[[mru]]+mru+ [+maxdepth+ 'count' | +maxmem+ 'kilobytes' | +mindepth+ 'count' | +maxage+ 'seconds' | +minage+ 'seconds' | +initalloc+ 'count' | +initmem+ 'kilobytes' | +incalloc+ 'count' | +incmem+ 'kilobytes']::
Controls size limits of the monitoring facility Most Recently Used
(MRU) list of client addresses, which is also
used by the rate control facility.
@@ -198,8 +191,7 @@ the log file.
is reduced by half; this is intended to reduce the frequency of
unnecessary file writes for embedded systems with nonvolatile memory.
-[[phone]]
-+phone+ 'dial ...'::
+[[phone]]+phone+ 'dial ...'::
This command is used in conjunction with the ACTS modem driver (type
modem) or the JJY driver (type jjy). For ACTS, the arguments consist
of a maximum of 10 telephone numbers used to dial USNO, NIST or
@@ -208,13 +200,11 @@ the log file.
service. The Hayes command ATDT is normally prepended to the number,
which can contain other modem control codes as well.
-[[reset]]
-+reset [allpeers] [auth] [ctl] [io] [mem] [sys] [timer]+::
+[[reset]]+reset [allpeers] [auth] [ctl] [io] [mem] [sys] [timer]+::
Reset one or more groups of counters maintained by ntpd and exposed by
+ntpq+.
-[[setvar]]
-+setvar+ _variable_ [_default_]::
+[[setvar]]+setvar+ _variable_ [_default_]::
This command adds a system variable. These variables can
be used to distribute additional information such as the access
policy. If the variable of the form _name=value_ is followed by the
@@ -229,8 +219,7 @@ the log file.
peer variables and the +clock_var_list+ holds the names of the reference
clock variables.
-[[tinker]]
-+tinker+ [+allan+ _allan_ | +dispersion+ _dispersion_ | +freq+ _freq_ | +huffpuff+ _huffpuff_ | +panic+ _panic_ | +step+ _step_ | +stepback+ _stepback_ | +stepfwd+ _stepfwd_ | +stepout+ _stepout_]::
+[[tinker]]+tinker+ [+allan+ _allan_ | +dispersion+ _dispersion_ | +freq+ _freq_ | +huffpuff+ _huffpuff_ | +panic+ _panic_ | +step+ _step_ | +stepback+ _stepback_ | +stepfwd+ _stepfwd_ | +stepout+ _stepout_]::
This command can be used to alter several system variables in very
exceptional circumstances. It should occur in the configuration file
before any other configuration options. The default values of these
@@ -286,8 +275,7 @@ The variables operate as follows:
can be set to any positive number in seconds. If set to zero, the
stepout pulses will not be suppressed.
-[[rlimit]]
-+rlimit+ [+memlock+ _megabytes_ | +stacksize+ _4kPages_ | +filenum+ _filedescriptors_]::
+[[rlimit]]+rlimit+ [+memlock+ _megabytes_ | +stacksize+ _4kPages_ | +filenum+ _filedescriptors_]::
+memlock+ _megabytes_;;
Ignored for backward compatibility.
=====================================
docs/includes/mon-commands.adoc
=====================================
@@ -1,7 +1,6 @@
// Monitoring commands. Is included twice.
-[[statistics]]
-+statistics+ _name..._::
+[[statistics]]+statistics+ _name..._::
Enables writing of statistics records. Currently, eight kinds of
_name_ statistics are supported.
+
@@ -226,15 +225,13 @@ The remaining fields show the values used since the last report.
// End of super-long series of statistics directives
-[[statsdir]]
-+statsdir+ _directory_path_::
+[[statsdir]]+statsdir+ _directory_path_::
Indicates the full path of a directory where statistics files should
be created (see below). This keyword allows the (otherwise constant)
_filegen_ filename prefix to be modified for file generation sets,
which is useful for handling statistics logs.
-[[filegen]]
-+filegen+ _name_ [+file+ _filename_] [+type+ _typename_] [+link+ | +nolink+] [+enable+ | +disable+]::
+[[filegen]]+filegen+ _name_ [+file+ _filename_] [+type+ _typename_] [+link+ | +nolink+] [+enable+ | +disable+]::
Configures setting of the generation file set name. Generation file sets
provide a means for handling files that are continuously growing
during the lifetime of a server. Server statistics are a typical
=====================================
docs/includes/ntpq-body.adoc
=====================================
@@ -219,8 +219,7 @@ the server and expect a single response message. The exceptions are the
+peers+ command, which sends a series of messages, and the +mreadlist+
and +mreadvar+ commands, which iterate over a range of associations.
-[[as]]
-+associations+::
+[[as]]+associations+::
Display a list of mobilized associations in the form
+
---------------------------------------------------------
@@ -332,8 +331,7 @@ include::mrufmt.adoc[]
Perform the same function as the +associations command+, except that
it uses previously stored data rather than making a new query.
-[[pe]]
-+peers+::
+[[pe]]+peers+::
Display a list of peers in the form
+
+tally remote refid st t when pool reach delay offset jitter+
@@ -354,8 +352,7 @@ displayed.
+pstats+ _assocID_::
Show the statistics for the peer with the given _assocID_.
-[[rv]]
-+readvar+ 'assocID' [ 'name' ] [,...]::
+[[rv]]+readvar+ 'assocID' [ 'name' ] [,...]::
+rv+ 'assocID' [ 'name' ] [,...]::
Display the specified variables. If +assocID+ is zero, the variables
are from the link:#system[system variables] name space, otherwise they
=====================================
docs/includes/ntpsnmpd-body.adoc
=====================================
@@ -42,21 +42,17 @@ running NTP and SNMP daemons for ntpsnmpd to work.
=== /etc/ntpsnmpd.conf
-[[master-addr]]
-+master-addr+ _addr_::
+[[master-addr]]+master-addr+ _addr_::
The address of the SNMP master agent to connect to. Can be either a named
socket or an IP address / hostname and port number.
-[[ntp-addr]]
-+ntp-addr+ _addr_::
+[[ntp-addr]]+ntp-addr+ _addr_::
The address of the NTP daemon to monitor.
-[[logfile]]
-+logfile+ _filename_::
+[[logfile]]+logfile+ _filename_::
Log debugging output to the specified file.
-[[loglevel]]
-+loglevel+ _level_::
+[[loglevel]]+loglevel+ _level_::
Threshold for log messages. Equivalent to -D
=== /var/ntpsnmpd/notify.conf
@@ -64,36 +60,28 @@ running NTP and SNMP daemons for ntpsnmpd to work.
by writing to certain OIDs. Any comments will be overwritten by
ntpsnmpd upon write.
-[[notify-mode-change]]
-+notify-mode-change+ [ True | False ]::
+[[notify-mode-change]]+notify-mode-change+ [ True | False ]::
Enable notifications on ntpd mode change.
-[[notify-stratum-change]]
-+notify-stratum-change+ [ True | False ]::
+[[notify-stratum-change]]+notify-stratum-change+ [ True | False ]::
Enable notifications on NTP stratum change.
-[[notify-syspeer-change]]
-+notify-syspeer-change+ [ True | False ]::
+[[notify-syspeer-change]]+notify-syspeer-change+ [ True | False ]::
Enable notifications when ntpd selects a new system peer.
-[[notify-add-association]]
-+notify-add-association+ [ True | False ]::
+[[notify-add-association]]+notify-add-association+ [ True | False ]::
Enable notifications when ntpd adds a new peer.
-[[notify-rm-association]]
-+notify-rm-association+ [ True | False ]::
+[[notify-rm-association]]+notify-rm-association+ [ True | False ]::
Enable notifications when ntpd removes a peer.
-[[notify-leap-announced]]
-+notify-leap-announced+ [ True | False ]::
+[[notify-leap-announced]]+notify-leap-announced+ [ True | False ]::
Enable notifications on leap second announcement.
-[[notify-heartbeat]]
-+notify-heartbeat+ [ True | False ]::
+[[notify-heartbeat]]+notify-heartbeat+ [ True | False ]::
Send heartbeat notification.
-[[heartbeat-interval]]
-+heartbeat-interval+ _interval_::
+[[heartbeat-interval]]+heartbeat-interval+ _interval_::
Frequency of heartbeat notification in integer seconds.
== Known Limitations
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/5f885bab5160967e0a548c984fb113a38d32a199
--
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/commit/5f885bab5160967e0a548c984fb113a38d32a199
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20191209/35c0e79a/attachment-0001.htm>
More information about the vc
mailing list