local, vampire, ibanez: Centralize definition of NTP servers.

We now have multiple independent NTP servers, so it makes sense to
have the list of upstream servers in only one place.  Make it so.

diff --git a/ibanez.m4 b/ibanez.m4
index f826e04..384bd17 100644 (file)
--- a/ibanez.m4
+++ b/ibanez.m4
@@ -49,7 +49,7 @@ allowservices inbound tcp \
        ssh
 
 ## We have to provide NTP service.  The guests sync to our clock.
-ntpclient inbound 158.152.1.76 158.152.1.204 194.159.253.2
+ntpclient inbound $ntp_servers
 
 m4_divert(-1)
 ###----- That's all, folks --------------------------------------------------

diff --git a/local.m4 b/local.m4
index b9fa700..0d67a97 100644 (file)
--- a/local.m4
+++ b/local.m4
@@ -51,6 +51,9 @@ defiface $if_trusted \
        safe:172.29.199.64/27 \
        untrusted:default
 
+## Default NTP servers.
+ntp_servers="158.152.1.76 158.152.1.204 194.159.253.2 195.173.57.232"
+
 m4_divert(60)m4_dnl
 ###--------------------------------------------------------------------------
 ### Special forwarding exemptions.

diff --git a/vampire.m4 b/vampire.m4
index 6dc3710..f6f5d46 100644 (file)
--- a/vampire.m4
+++ b/vampire.m4
@@ -86,7 +86,7 @@ run iptables -A OUTPUT -m multiport \
 
 ## Other interesting things.
 dnsresolver inbound
-ntpclient inbound 158.152.1.76 158.152.1.204 194.159.253.2
+ntpclient inbound $ntp_servers
 
 m4_divert(-1)
 ###----- That's all, folks --------------------------------------------------