[ntp:questions] Restrict statements and the "pool" directive

David Taylor david-taylor at blueyonder.co.uk.invalid
Sun Dec 21 14:19:10 UTC 2014

On 21/12/2014 11:17, Terje Mathisen wrote:
> 'restrict source' is the proper way to do it, as long as you have a
> version which supports that command.
> Terje

Thanks, Rob & Terje, that did the job.  Almost!

The except was that if you have a local node defined as a server, and 
you want that node to be able to issue ntpq commands, it seems that the 
configuration I suggested blocks this, even adding "query" to the line:

restrict default notrap nomodify nopeer noquery
restrict mask peer query

so I needed to make it:

restrict default notrap nomodify nopeer query
restrict mask peer

Perhaps I did something wrong?

These systems are unlikely to be connected as Internet-facing servers, 
so it more a learning exercise for me, but I need to know what to 
recommend to others.
Web: http://www.satsignal.eu

More information about the questions mailing list