diff options
| author | Marcel Gisselmann <mg@affito.de> | 2019-09-27 13:10:35 +0200 |
|---|---|---|
| committer | John Estabrook <jestabro@sentrium.io> | 2019-11-19 12:47:16 -0600 |
| commit | 3d396586ee953c708465e00b6fef5d1f520d587c (patch) | |
| tree | 44ffdc767ddf4924c5f0625177952ea0b21db77c /src | |
| parent | 071fc0309ae5143eae66cafdf972ee418ee8acc8 (diff) | |
| download | vyos-1x-3d396586ee953c708465e00b6fef5d1f520d587c.tar.gz vyos-1x-3d396586ee953c708465e00b6fef5d1f520d587c.zip | |
T1694 NTPd: Do not listen on all interfaces by default
(cherry picked from commit 258c24ab9be8aa4ced8bfa1c19f134ec8bbfb1a0)
Diffstat (limited to 'src')
| -rwxr-xr-x | src/conf_mode/ntp.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/conf_mode/ntp.py b/src/conf_mode/ntp.py index 68a046939..65bd388bf 100755 --- a/src/conf_mode/ntp.py +++ b/src/conf_mode/ntp.py @@ -41,7 +41,8 @@ restrict default noquery nopeer notrap nomodify restrict 127.0.0.1 restrict -6 ::1 - +# Do not listen on any interface address by default +interface ignore wildcard # # Configurable section # @@ -64,7 +65,6 @@ restrict {{ n.address }} mask {{ n.netmask }} nomodify notrap nopeer {% if listen_address -%} # NTP should listen on configured addresses only -interface ignore wildcard {% for a in listen_address -%} interface listen {{ a }} {% endfor -%} |