summaryrefslogtreecommitdiff
path: root/src/conf_mode/ntp.py
diff options
context:
space:
mode:
authorMarcel Gisselmann <mg@affito.de>2019-09-27 13:10:35 +0200
committerJohn Estabrook <jestabro@sentrium.io>2019-11-19 12:47:16 -0600
commit3d396586ee953c708465e00b6fef5d1f520d587c (patch)
tree44ffdc767ddf4924c5f0625177952ea0b21db77c /src/conf_mode/ntp.py
parent071fc0309ae5143eae66cafdf972ee418ee8acc8 (diff)
downloadvyos-1x-3d396586ee953c708465e00b6fef5d1f520d587c.tar.gz
vyos-1x-3d396586ee953c708465e00b6fef5d1f520d587c.zip
T1694 NTPd: Do not listen on all interfaces by default
(cherry picked from commit 258c24ab9be8aa4ced8bfa1c19f134ec8bbfb1a0)
Diffstat (limited to 'src/conf_mode/ntp.py')
-rwxr-xr-xsrc/conf_mode/ntp.py4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/conf_mode/ntp.py b/src/conf_mode/ntp.py
index 68a046939..65bd388bf 100755
--- a/src/conf_mode/ntp.py
+++ b/src/conf_mode/ntp.py
@@ -41,7 +41,8 @@ restrict default noquery nopeer notrap nomodify
restrict 127.0.0.1
restrict -6 ::1
-
+# Do not listen on any interface address by default
+interface ignore wildcard
#
# Configurable section
#
@@ -64,7 +65,6 @@ restrict {{ n.address }} mask {{ n.netmask }} nomodify notrap nopeer
{% if listen_address -%}
# NTP should listen on configured addresses only
-interface ignore wildcard
{% for a in listen_address -%}
interface listen {{ a }}
{% endfor -%}