summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorDaniil Baturin <daniil@baturin.org>2019-09-27 18:14:38 +0700
committerGitHub <noreply@github.com>2019-09-27 18:14:38 +0700
commite44466768233d33aa26cd033fb66d1dbeec207a7 (patch)
treebbaa40d3bf0d7973d14f646d662903e8441632cf /src
parent9def20e8d74475a5fe3e4844c13e988e03f4c363 (diff)
parent258c24ab9be8aa4ced8bfa1c19f134ec8bbfb1a0 (diff)
downloadvyos-1x-e44466768233d33aa26cd033fb66d1dbeec207a7.tar.gz
vyos-1x-e44466768233d33aa26cd033fb66d1dbeec207a7.zip
Merge pull request #139 from phoenix0984/ntp
T1694 NTPd: Do not listen on all interfaces by default
Diffstat (limited to 'src')
-rwxr-xr-xsrc/conf_mode/ntp.py3
1 files changed, 2 insertions, 1 deletions
diff --git a/src/conf_mode/ntp.py b/src/conf_mode/ntp.py
index f706d502f..8f32e6e81 100755
--- a/src/conf_mode/ntp.py
+++ b/src/conf_mode/ntp.py
@@ -42,6 +42,8 @@ restrict default noquery nopeer notrap nomodify
restrict 127.0.0.1
restrict -6 ::1
+# Do not listen on any interface address by default
+interface ignore wildcard
#
# Configurable section
#
@@ -63,7 +65,6 @@ restrict {{ n.address }} mask {{ n.netmask }} nomodify notrap nopeer
{% if listen_address -%}
# NTP should listen on configured addresses only
-interface ignore wildcard
{% for a in listen_address -%}
interface listen {{ a }}
{% endfor -%}