mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-12-25 05:48:07 -05:00
services: ntp: Fix KOD warning.
Otherwise the following messages would be printed by ntpd: Sep 2 05:18:21 localhost ntpd[15849]: restrict default: KOD does nothing without LIMITE. Sep 2 05:18:21 localhost ntpd[15849]: restrict ::: KOD does nothing without LIMITED. Debian uses the same set of "restrict" keywords (see: https://sources.debian.org/src/ntp/1:4.2.8p13+dfsg-2/debian/ntp.conf). * gnu/services/networking.scm (ntp-shepherd-service): Add the 'limited' keyword to both the IPv4 and IPv6 'restrict' directives.
This commit is contained in:
parent
08b4a10fa6
commit
d4de2f9ea4
1 changed files with 2 additions and 2 deletions
|
@ -330,8 +330,8 @@ (define config
|
||||||
"
|
"
|
||||||
# Disable status queries as a workaround for CVE-2013-5211:
|
# Disable status queries as a workaround for CVE-2013-5211:
|
||||||
# <http://support.ntp.org/bin/view/Main/SecurityNotice#DRDoS_Amplification_Attack_using>.
|
# <http://support.ntp.org/bin/view/Main/SecurityNotice#DRDoS_Amplification_Attack_using>.
|
||||||
restrict default kod nomodify notrap nopeer noquery
|
restrict default kod nomodify notrap nopeer noquery limited
|
||||||
restrict -6 default kod nomodify notrap nopeer noquery
|
restrict -6 default kod nomodify notrap nopeer noquery limited
|
||||||
|
|
||||||
# Yet, allow use of the local 'ntpq'.
|
# Yet, allow use of the local 'ntpq'.
|
||||||
restrict 127.0.0.1
|
restrict 127.0.0.1
|
||||||
|
|
Loading…
Reference in a new issue