diff options
author | jim-p <jimp@pfsense.org> | 2016-11-11 16:24:00 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2016-11-11 16:24:00 -0500 |
commit | fbb652ed28641c50b14b9897a914ed317c323d73 (patch) | |
tree | da44cf6b3e8b090264d120db9eca8a6b82faea4a | |
parent | 92a78939583e2be7f7cc52d045bc48a2e2264d1d (diff) | |
download | pfsense-fbb652ed28641c50b14b9897a914ed317c323d73.zip pfsense-fbb652ed28641c50b14b9897a914ed317c323d73.tar.gz |
Use the ntpd "pool" command for more robust timekeeping. Attempting to automatically determine if we are using a pool, and allow it to be set optionally otherwise. Implements #5985
-rw-r--r-- | src/etc/inc/system.inc | 34 | ||||
-rw-r--r-- | src/usr/local/www/services_ntpd.php | 20 | ||||
-rw-r--r-- | src/usr/local/www/status_ntpd.php | 36 |
3 files changed, 69 insertions, 21 deletions
diff --git a/src/etc/inc/system.inc b/src/etc/inc/system.inc index d6933b1..d9a723b 100644 --- a/src/etc/inc/system.inc +++ b/src/etc/inc/system.inc @@ -1695,11 +1695,20 @@ function system_ntp_configure() { $ntpcfg .= "fudge 127.127.1.0 stratum 12\n"; } /* End GPS configuration */ - + $auto_pool_suffix = "pool.ntp.org"; + $have_pools = false; $ntpcfg .= "\n\n# Upstream Servers\n"; /* foreach through ntp servers and write out to ntpd.conf */ foreach (explode(' ', $config['system']['timeservers']) as $ts) { - $ntpcfg .= "server {$ts} iburst maxpoll 9"; + if ((substr_compare($ts, $auto_pool_suffix, strlen($ts) - strlen($auto_pool_suffix), strlen($auto_pool_suffix)) === 0) + || substr_count($config['ntpd']['ispool'], $ts)) { + $ntpcfg .= 'pool '; + $have_pools = true; + } else { + $ntpcfg .= 'server '; + } + + $ntpcfg .= "{$ts} iburst maxpoll 9"; if (substr_count($config['ntpd']['prefer'], $ts)) { $ntpcfg .= ' prefer'; } @@ -1775,6 +1784,27 @@ function system_ntp_configure() { if (empty($config['ntpd']['notrap'])) { /*note: this one works backwards */ $ntpcfg .= ' notrap'; } + + /* Pools require "restrict source" and cannot contain "nopeer". */ + if ($have_pools) { + $ntpcfg .= "\nrestrict source"; + if (empty($config['ntpd']['kod'])) { /*note: this one works backwards */ + $ntpcfg .= ' kod limited'; + } + if (empty($config['ntpd']['nomodify'])) { /*note: this one works backwards */ + $ntpcfg .= ' nomodify'; + } + if (!empty($config['ntpd']['noquery'])) { + $ntpcfg .= ' noquery'; + } + if (!empty($config['ntpd']['noserve'])) { + $ntpcfg .= ' noserve'; + } + if (empty($config['ntpd']['notrap'])) { /*note: this one works backwards */ + $ntpcfg .= ' notrap'; + } + } + /* Custom Access Restrictions */ if (is_array($config['ntpd']['restrictions']) && is_array($config['ntpd']['restrictions']['row'])) { $networkacl = $config['ntpd']['restrictions']['row']; diff --git a/src/usr/local/www/services_ntpd.php b/src/usr/local/www/services_ntpd.php index 316e581..8f170bf 100644 --- a/src/usr/local/www/services_ntpd.php +++ b/src/usr/local/www/services_ntpd.php @@ -68,6 +68,7 @@ if ($_POST) { unset($config['ntpd']['prefer']); unset($config['ntpd']['noselect']); + unset($config['ntpd']['ispool']); $timeservers = ''; for ($i = 0; $i < NUMTIMESERVERS; $i++) { @@ -80,6 +81,9 @@ if ($_POST) { if (!empty($_POST["servselect{$i}"])) { $config['ntpd']['noselect'] .= "{$tserver} "; } + if (!empty($_POST["servispool{$i}"])) { + $config['ntpd']['ispool'] .= "{$tserver} "; + } } } if (trim($timeservers) == "") { @@ -218,6 +222,7 @@ $section->addInput(new Form_Select( $timeservers = explode(' ', $config['system']['timeservers']); $maxrows = max(count($timeservers), 1); +$auto_pool_suffix = "pool.ntp.org"; for ($counter=0; $counter < $maxrows; $counter++) { $group = new Form_Group($counter == 0 ? 'Time Servers':''); $group->addClass('repeatable'); @@ -244,6 +249,14 @@ for ($counter=0; $counter < $maxrows; $counter++) { isset($config['ntpd']['noselect']) && isset($timeservers[$counter]) && substr_count($config['ntpd']['noselect'], $timeservers[$counter]) ))->sethelp('No Select'); + $group->add(new Form_Checkbox( + 'servispool' . $counter, + null, + null, + (substr_compare($timeservers[$counter], $auto_pool_suffix, strlen($timeservers[$counter]) - strlen($auto_pool_suffix), strlen($auto_pool_suffix)) === 0) + || (isset($config['ntpd']['ispool']) && isset($timeservers[$counter]) && substr_count($config['ntpd']['ispool'], $timeservers[$counter])) + ))->sethelp('Is a Pool'); + $group->add(new Form_Button( 'deleterow' . $counter, 'Delete', @@ -264,9 +277,10 @@ $section->addInput(new Form_Button( $section->addInput(new Form_StaticText( null, $btnaddrow -))->setHelp('For best results three to five servers should be configured here.' . '<br />' . - 'The prefer option indicates that NTP should favor the use of this server more than all others.' . '<br />' . - 'The no select option indicates that NTP should not use this server for time, but stats for this server will be collected and displayed.'); +))->setHelp('For best results three to five servers should be configured here, or at least one pool.' . '<br />' . + 'The <b>Prefer</b> option indicates that NTP should favor the use of this server more than all others.' . '<br />' . + 'The <b>No Select</b> option indicates that NTP should not use this server for time, but stats for this server will be collected and displayed.' . '<br />' . + 'The <b>Is a Pool</b> option indicates this entry is a pool of NTP servers and not a single address. This is assumed for *.pool.ntp.org.'); $section->addInput(new Form_Input( 'ntporphan', diff --git a/src/usr/local/www/status_ntpd.php b/src/usr/local/www/status_ntpd.php index 8df5c49..56725ab 100644 --- a/src/usr/local/www/status_ntpd.php +++ b/src/usr/local/www/status_ntpd.php @@ -45,10 +45,28 @@ if (!isset($config['ntpd']['noquery'])) { $ntpq_servers = array(); foreach ($ntpq_output as $line) { $server = array(); + $status_char = substr($line, 0, 1); + $line = substr($line, 1); + $peerinfo = preg_split("/[\s\t]+/", $line); + + $server['server'] = $peerinfo[0]; + $server['refid'] = $peerinfo[1]; + $server['stratum'] = $peerinfo[2]; + $server['type'] = $peerinfo[3]; + $server['when'] = $peerinfo[4]; + $server['poll'] = $peerinfo[5]; + $server['reach'] = $peerinfo[6]; + $server['delay'] = $peerinfo[7]; + $server['offset'] = $peerinfo[8]; + $server['jitter'] = $peerinfo[9]; - switch (substr($line, 0, 1)) { + switch ($status_char) { case " ": - $server['status'] = gettext("Unreach/Pending"); + if ($server['refid'] == ".POOL.") { + $server['status'] = gettext("Pool Placeholder"); + } else { + $server['status'] = gettext("Unreach/Pending"); + } break; case "*": $server['status'] = gettext("Active Peer"); @@ -73,20 +91,6 @@ if (!isset($config['ntpd']['noquery'])) { break; } - $line = substr($line, 1); - $peerinfo = preg_split("/[\s\t]+/", $line); - - $server['server'] = $peerinfo[0]; - $server['refid'] = $peerinfo[1]; - $server['stratum'] = $peerinfo[2]; - $server['type'] = $peerinfo[3]; - $server['when'] = $peerinfo[4]; - $server['poll'] = $peerinfo[5]; - $server['reach'] = $peerinfo[6]; - $server['delay'] = $peerinfo[7]; - $server['offset'] = $peerinfo[8]; - $server['jitter'] = $peerinfo[9]; - $ntpq_servers[] = $server; } |