source: hybrid/branches/releng-11/nanobsd/files/etc/rc.conf@ 14155

Last change on this file since 14155 was 14155, checked in by huub, 7 years ago

monit takes care of sshd as well, no need for watchdogd

  • Property svn:eol-style set to LF
File size: 2.9 KB
Line 
1# Stolen from /sbin/dhclient-script using using no /usr based binaries.
2# Converts an commented list into a SEP (default space) seperated list.
3make_list() {
4 SEP=${2:-' '}
5 oldifs="$IFS"
6 IFS="
7"
8 list=""
9 for line in $1; do
10 line=${line%%[ \t#]*}
11 [ -n "$line" ] && list="$list$SEP$line"
12 done
13 IFS=${oldifs}
14 echo ${list##$SEP}
15}
16
17# No kernel dumps as we don't have a place to store them
18dumpdev="NO"
19
20# We are an router/gateway (wireless to be precise) running the lvrouted
21# routing daemon.
22gateway_enable="YES"
23lvrouted_enable="YES"
24lvrouted_flags="-u -s s00p3rs3kr3t -m 28"
25
26# Takes lvrouted a small while to create reachable network nodes, make sure to
27# wait on it,to saves some bootup warnings.
28netwait_enable="YES"
29netwait_timeout="20"
30netwait_ip="8.8.8.8 172.16.4.46 172.27.129.1 172.17.14.1"
31
32# Block the full range as smaller subnets are used for allowances, this avoids
33# traffic going out (due to the default route) to unreachable parts to the
34# 172.16.0.0/12 network.
35static_routes="quickstop"
36route_quickstop="-net 172.16.0.0/12 127.0.0.1 -reject"
37
38# NTP server needs working config with WL network or internet on boot
39# so some warnings might pop up, but no harm
40ntpdate_enable="YES"
41ntpdate_flags="-b -s"
42ntpd_enable="YES"
43ntpd_sync_on_start="YES"
44ntpd_flags="-p /var/run/ntpd.pid -f /var/db/ntp.drift"
45
46# We need no running mail server
47sendmail_enable="NONE"
48
49# Don't let syslog accept input from other remote hosts
50syslogd_enable="YES"
51syslogd_flags="-s -N -A -c"
52
53# Remote login without DNS checking as it might not also be functionable
54# -u0 prevent sshd from making DNS requests unless the authentication mechanism
55# or configuration requires it.
56sshd_enable="YES"
57sshd_flags="-u0"
58
59# Monitoring deamons; monit replaced watchdogd
60snmpd_enable="YES"
61snmpd_flags="-Ls 1"
62monit_enable="YES"
63
64# Performance profiling
65iperf_enable="YES"
66
67# HTTP(S) proxy server
68tinyproxy_enable="NO"
69
70# Make sure generated ssh keys are saved
71nanobsd_save_sshkeys_enable="YES"
72
73# Deprecated: low-memory footprint DHCP and non-authorative recursive
74# forwarding DNS resolver
75dnsmasq_enable="NO"
76
77# Normal node, consist of fully-fleshed caching resolver and autoritive DNS
78# server for reverse entries (de-centralized setup).
79unbound_enable="YES"
80unbound_anchorflags="-f /etc/resolv.conf"
81nsd_enable="YES"
82
83# Explicitly enable isc-dhcp43-server, the alternative for dnsmasq
84dhcpd_enable="YES"
85dhcpd_flags="-q"
86
87# WL Captive Portal and WL Web Config Overview
88apache24_enable="YES"
89http302_enable="YES"
90
91# Hybrid setup, requires outgoing VPN Server
92openvpn_enable="NO"
93openvpn_if="tap"
94openvpn_configfile="/usr/local/etc/openvpn/client.conf"
95
96# Enable the firewall by default, needed for port redirection (captive portal,
97# splash screen)
98pf_enable="YES"
99
100# Autogenerated flags are used during runtime
101rc_conf_running='/etc/rc.conf.running'
102if [ -r $rc_conf_running ]; then
103 . $rc_conf_running
104else
105 : > $rc_conf_running
106fi
Note: See TracBrowser for help on using the repository browser.