ntp — format of ntp component configuration


General syntax rules of Kernun Firewall configuration files are described in configuration(7). This man page describes types, sections and items specific for the ntp component configuration.

Repeatable sections/items are marked by the '*' before section/item name.


Configuration directives have attributes of several value-types. For the basic types description, see configuration(7).

Enumeration is a list of words (names) representing integer values. Some enumerations accept both names and direct integer values; in this case, enumeration description contains values for every name (in parenthesis next to name). For other enumerations, using of names is obligatory.

The following enumerations are used in ntp configuration directives:

destination (see common(5))

ntp-rest-flag (name-usage obligatory)

NTP configuration RESTRICT flags.

ignore, kod, limited, lowpriotrap, nomodify, noquery, nopeer, noserve, notrap, notrust, ntpport, version


Configuration of ntp library component consists of following prototypes:

  ntp { ... }


ntp {

  phase ... ;
* tag ... ;
  cfg-resolution ... ;
  drift-file ... ;
* peer ... ;
* server ... ;
* clock ... ;
* restrict ... ;


NTP daemon definition.

Most configuration directives are synonyms of NTP.CONF ones. See ntp.conf(5) for details.

Items & subsections:

phase [number];

Application Startup Phase.

number (type: uint8, optional, default: 70)

Phase number; the lower one, the earlier start.

tag value;

Configuration factorization tag.

This feature allows admin to create groups of Kernun applications (specially proxies and servers) according to various aspects (belonging to one customer, applications of particular network traffic etc.).

Each application can have several tag attributes and the KAT tool can run some commands (like 'ps', 'start' atc.) for applications with or without given tag.

value (type: str)


Tag must contain letters, digits, hyphens and dots, only.

cfg-resolution [max-addrs [min-ttl [def-ttl [max-ttl [hosts-ttl [pool-dir]]]]]];

Attributes for resolution of domain names in configuration.

max-addrs (type: uint8, optional, default: 10)

Maximum of addresses per a single domain name.

min-ttl (type: uint32, optional, default: 10)

Minimum TTL accepted, used instead of too small TTL values (e.g. 0).

def-ttl (type: uint32, optional, default: 1m)

Default TTL used in case of unsuccessful DNS resolution.

max-ttl (type: uint32, optional, default: 1d)

Maximum TTL accepted, used instead of large TTL values.

hosts-ttl (type: uint32, optional, default: 1d)

TTL used for names in /etc/hosts.

pool-dir (type: str, optional, default: "/tmp")

Directory for temporary files used to share results.

drift-file path;

NTP daemon drift-file full name.

path (type: str)


Path must be absolute and must not contain punctuation chars.

peer machine;

Host for peer-to-peer synchronization.

machine (type: host)

server machine;

Host for client-to-server synchronization.

machine (type: host)

clock type num stratum;

Device for local synchronization.

type (type: uint8)

Clock type.

num (type: uint8)

Unit number.

stratum (type: uint8)

Stratum number.


Unit number must be at most 3.

Stratum number must be at most 15.

restrict host host [flags];

restrict net net [flags];

restrict default [flags];

Host-based service restrictions.

<branching element> (type: destination)

host (type: host)

net (type: net)

flags (type: ntp-rest-flag-list, optional, default: {})

[End of section ntp description.]


configuration(7), common(5), ntp.conf(5)