Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
24.7 Production Series
»
Solved: ntp restrict noquery
« previous
next »
Print
Pages: [
1
]
Author
Topic: Solved: ntp restrict noquery (Read 393 times)
fastboot
Newbie
Posts: 44
Karma: 3
Solved: ntp restrict noquery
«
on:
September 27, 2024, 03:01:56 pm »
Hi,
following the release notes I would like to understand what the following means.
"Also take note that the NTP default changes to "restrict noquery" so that
the system cannot externally be queried for revealing system internals
anymore unless explicitly allowed."
Where can I find that setting?
"The interface selection must therefore include a WAN type interface so that normal routing to the internet can take place."
Ref:
https://docs.opnsense.org/manual/ntpd.html
That was my mistake at the beginning. So I had to add the WAN interface, but did not add any rules. As of course I did not want anyone in the internet to be able to connect to 123/UDP to my system.
https://docs.opnsense.org/manual/ntpd.html
«
Last Edit: September 27, 2024, 03:15:08 pm by fastboot
»
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: ntp restrict noquery
«
Reply #1 on:
September 27, 2024, 03:03:43 pm »
The relevant ticket is
https://github.com/opnsense/core/issues/7832
Cheers,
Franco
Logged
franco
Administrator
Hero Member
Posts: 17661
Karma: 1611
Re: ntp restrict noquery
«
Reply #2 on:
September 27, 2024, 03:05:49 pm »
And to answer your question:
Access restrictions -> Disable ntpq and ntpdc queries
But you don't really need to flip this. The default makes sense and was most likely only given backwards before so that the NTP status page could work but that isn't really necessary as the latest change shows.
Cheers,
Franco
«
Last Edit: September 27, 2024, 03:24:29 pm by franco
»
Logged
fastboot
Newbie
Posts: 44
Karma: 3
Re: Solved: ntp restrict noquery
«
Reply #3 on:
September 27, 2024, 03:15:46 pm »
Thanks a lot for the explanation and the super fast feedback.
So everything is fine then.
Keep up the good work!
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
24.7 Production Series
»
Solved: ntp restrict noquery