From 5ca8d72ef80fba5edfbe63e2c9fdf3b8ca41de11 Mon Sep 17 00:00:00 2001 From: simher Date: Wed, 13 Jan 2016 13:07:29 +0100 Subject: [PATCH 01/10] Adding interface configuration --- manifests/init.pp | 1 + templates/ntp.conf.erb | 5 +++++ 2 files changed, 6 insertions(+) diff --git a/manifests/init.pp b/manifests/init.pp index befe888..46b0a01 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -40,6 +40,7 @@ $disable_monitor = true, $sysconfig_path = 'USE_DEFAULTS', $sysconfig_options = 'USE_DEFAULTS', + $interface = 'UNSET', ) { # validate type as array or fail diff --git a/templates/ntp.conf.erb b/templates/ntp.conf.erb index d1d3871..08076e0 100644 --- a/templates/ntp.conf.erb +++ b/templates/ntp.conf.erb @@ -116,3 +116,8 @@ tinker panic 0 # Disabling monitor - https://isc.sans.edu/diary/NTP+reflection+attack/17300 disable monitor <% end -%> + +# Interface configuration, see man ntp_misc +<% if @interface =! 'UNSET' %> <% @interface.each do |value| -%> +interface <%= value %> +<% end -%> From 64459729e855a3ef566970839bd2c39cafceb3cb Mon Sep 17 00:00:00 2001 From: simher Date: Wed, 13 Jan 2016 13:57:34 +0100 Subject: [PATCH 02/10] Updated README.md and moved comment for interface configuration --- README.md | 6 ++++++ templates/ntp.conf.erb | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 234b8c9..b773809 100644 --- a/README.md +++ b/README.md @@ -209,3 +209,9 @@ disable_monitor Adds 'disable monitor' line - disables NTP Monlist command, useful to prevent NTP reflection attack https://isc.sans.edu/forums/diary/NTP+reflection+attack/17300 - *Default*: false + +interface +--------------- +Adds 'interface' line - interface configuration, see man ntp_misc + +- *Default*: 'UNSET' diff --git a/templates/ntp.conf.erb b/templates/ntp.conf.erb index 08076e0..26ffa86 100644 --- a/templates/ntp.conf.erb +++ b/templates/ntp.conf.erb @@ -117,7 +117,7 @@ tinker panic 0 disable monitor <% end -%> -# Interface configuration, see man ntp_misc <% if @interface =! 'UNSET' %> <% @interface.each do |value| -%> +# Interface configuration interface <%= value %> <% end -%> From fbf790942387585baa92ff1bf4befb0fa69db4b8 Mon Sep 17 00:00:00 2001 From: simher Date: Wed, 13 Jan 2016 14:26:44 +0100 Subject: [PATCH 03/10] Typo fix --- templates/ntp.conf.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/ntp.conf.erb b/templates/ntp.conf.erb index 26ffa86..8a7740d 100644 --- a/templates/ntp.conf.erb +++ b/templates/ntp.conf.erb @@ -117,7 +117,7 @@ tinker panic 0 disable monitor <% end -%> -<% if @interface =! 'UNSET' %> <% @interface.each do |value| -%> +<% if @interface != 'UNSET' %> <% @interface.each do |value| -%> # Interface configuration interface <%= value %> <% end -%> From acdae109762df474d7bfeaf3ee91d00eda8be0d8 Mon Sep 17 00:00:00 2001 From: simher Date: Wed, 13 Jan 2016 14:32:18 +0100 Subject: [PATCH 04/10] Was missing an end.. --- templates/ntp.conf.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/ntp.conf.erb b/templates/ntp.conf.erb index 8a7740d..8e9546e 100644 --- a/templates/ntp.conf.erb +++ b/templates/ntp.conf.erb @@ -117,7 +117,7 @@ tinker panic 0 disable monitor <% end -%> -<% if @interface != 'UNSET' %> <% @interface.each do |value| -%> +<% if @interface != 'UNSET' %> <% @interface.each do |value| -%><% end %> # Interface configuration interface <%= value %> <% end -%> From 91c7376d70d85515489e20c581d3d72486904384 Mon Sep 17 00:00:00 2001 From: simher Date: Wed, 13 Jan 2016 14:40:09 +0100 Subject: [PATCH 05/10] End at wrong place --- templates/ntp.conf.erb | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/templates/ntp.conf.erb b/templates/ntp.conf.erb index 8e9546e..dd5eed5 100644 --- a/templates/ntp.conf.erb +++ b/templates/ntp.conf.erb @@ -117,7 +117,11 @@ tinker panic 0 disable monitor <% end -%> -<% if @interface != 'UNSET' %> <% @interface.each do |value| -%><% end %> + + +<% if @logfile != 'UNSET' %>logfile <%= @logfile %><% end %> + +<% if @interface != 'UNSET' %> <% @interface.each do |value| -%> # Interface configuration -interface <%= value %> +interface <%= value %><% end %> <% end -%> From 5c8ec0699d708302dbc80bb91196480263f985c9 Mon Sep 17 00:00:00 2001 From: simher Date: Wed, 13 Jan 2016 14:49:33 +0100 Subject: [PATCH 06/10] Cleanup, was a bit messy with the comments --- templates/ntp.conf.erb | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/templates/ntp.conf.erb b/templates/ntp.conf.erb index dd5eed5..b1b0a61 100644 --- a/templates/ntp.conf.erb +++ b/templates/ntp.conf.erb @@ -117,11 +117,8 @@ tinker panic 0 disable monitor <% end -%> - - -<% if @logfile != 'UNSET' %>logfile <%= @logfile %><% end %> - <% if @interface != 'UNSET' %> <% @interface.each do |value| -%> + # Interface configuration interface <%= value %><% end %> <% end -%> From 1df76ca35f6f72f6e37c324d4dca5ef112e0f6a9 Mon Sep 17 00:00:00 2001 From: simher Date: Wed, 13 Jan 2016 15:09:40 +0100 Subject: [PATCH 07/10] Moved the comment outside the loop --- templates/ntp.conf.erb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/ntp.conf.erb b/templates/ntp.conf.erb index b1b0a61..ae11859 100644 --- a/templates/ntp.conf.erb +++ b/templates/ntp.conf.erb @@ -117,8 +117,8 @@ tinker panic 0 disable monitor <% end -%> -<% if @interface != 'UNSET' %> <% @interface.each do |value| -%> - +<% if @interface != 'UNSET' %> # Interface configuration +<% @interface.each do |value| -%> interface <%= value %><% end %> <% end -%> From b545051523a026cb36331b9595fec950f2a2cef4 Mon Sep 17 00:00:00 2001 From: simher Date: Wed, 13 Jan 2016 15:42:41 +0100 Subject: [PATCH 08/10] Fixing output --- templates/ntp.conf.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/ntp.conf.erb b/templates/ntp.conf.erb index ae11859..1faf0bf 100644 --- a/templates/ntp.conf.erb +++ b/templates/ntp.conf.erb @@ -119,6 +119,6 @@ disable monitor <% if @interface != 'UNSET' %> # Interface configuration -<% @interface.each do |value| -%> +<% @interface.each do |value| %> interface <%= value %><% end %> <% end -%> From 0bc656a50a7ca792bdf62f61624e9b8cc2263a01 Mon Sep 17 00:00:00 2001 From: simher Date: Thu, 14 Jan 2016 09:56:50 +0100 Subject: [PATCH 09/10] Let's skip that newline shall we --- templates/ntp.conf.erb | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/templates/ntp.conf.erb b/templates/ntp.conf.erb index 1faf0bf..54df710 100644 --- a/templates/ntp.conf.erb +++ b/templates/ntp.conf.erb @@ -118,7 +118,6 @@ disable monitor <% end -%> <% if @interface != 'UNSET' %> -# Interface configuration -<% @interface.each do |value| %> +# Interface configuration <% @interface.each do |value| %> interface <%= value %><% end %> -<% end -%> +<% end %> From 80a7bc238a645ff1dd47116e1774de7df88fab4f Mon Sep 17 00:00:00 2001 From: Hannes Doyle Date: Tue, 27 Sep 2016 13:58:12 +0200 Subject: [PATCH 10/10] Looping through array, since if we dont stuff breaks... --- templates/ntp.conf.erb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/ntp.conf.erb b/templates/ntp.conf.erb index 54df710..df1140b 100644 --- a/templates/ntp.conf.erb +++ b/templates/ntp.conf.erb @@ -32,7 +32,7 @@ filegen clockstats file clockstats type day enable # pool: <% @servers.each do |server| -%> -server <%= server %><% if @server_options != 'UNSET' %> <%= @server_options %><% end %> +server <%= server %><% if @server_options != 'UNSET' %> <% @server_options.each do |option| -%><%= option %><% end -%><% end %> <% end -%> <% if @my_peers != ['UNSET'] -%> @@ -117,7 +117,7 @@ tinker panic 0 disable monitor <% end -%> -<% if @interface != 'UNSET' %> +<% if @interface != 'UNSET' %> # Interface configuration <% @interface.each do |value| %> interface <%= value %><% end %> <% end %>