source: hybrid/branches/releng-9.0/nanobsd/files/etc/rc.conf@ 10417

# No kernel dumps as we don't have a place to store them 

dumpdev="NO"                    

# We are an router/gateway (wireless to be precise)

gateway_enable="YES"



# NTP server needs working config with WL network or internet on boot

# so some warnings might pop up, but no harm

ntpdate_enable="YES"

ntpd_enable="YES"

ntpd_sync_on_start="YES"

ntpd_flags="-p /var/run/ntpd.pid -f /var/db/ntp.drift"



# We need no running mail server

sendmail_enable="NONE"



# Don't let syslog accept input from other remote hosts

syslogd_enable="YES"

syslogd_flags="-s -A -c"



# Remote login without DNS checking as it might not also be functionable

# -u0 prevent sshd from making DNS requests unless the authentication mechanism

# or configuration requires it.

sshd_enable="YES"

sshd_flags="-u0"



# Monitoring deamons

nrpe2_enable="YES"

snmpd_enable="YES"

snmpd_flags="-a -LF w /var/log/snmpd.log"



# HTTP(S) proxy server

tinyproxy_enable="YES"



# Make sure generated ssh keys are saved 

nanobsd_save_sshkeys_enable="YES"



# low-memory footprint DHCP and non-autoritive recursive DNS resolver

dnsmasq_enable="YES"



# Explicitly disable the memory-hungry alternatives

dhcpd_enable="NO"

named_enable="NO"

named_auto_forward="YES"



# WL Captive Portal and WL Web Config Overview

thttpd_enable="YES"

http302_enable="YES"



# Hybrid setup, requires outgoing VPN Server

openvpn_enable="NO"

openvpn_if="tap"



# Enable the firewall by default

pf_enable="YES"

pf_rules="/etc/pf.default.conf"

pf_flags="-D ext_if=vr0 -D int_if=vr1 -D publicnat={80,443}"