services.ntp.restrictDefault

The restriction flags to be set by default.

The default flags prevent external hosts from using ntpd as a DDoS reflector, setting system time, and querying OS/ntpd version. As recommended in section 6.5.1.1.3, answer "No" of https://support.ntp.org/Support/AccessRestrictions

Type

list of string

Default

[
  "limited"
  "kod"
  "nomodify"
  "notrap"
  "noquery"
  "nopeer"
]

Declared

<nixpkgs/nixos/modules/services/networking/ntp/ntpd.nix>