# No kernel dumps as we don't have a place to store them 
dumpdev="NO"			
# We are an router/gateway (wireless to be precise)
gateway_enable="YES"

# NTP server needs working config with WL network or internet on boot
# so some warnings might pop up, but no harm
ntpdate_enable="YES"
ntpd_enable="YES"
ntpd_sync_on_start="YES"
ntpd_flags="-p /var/run/ntpd.pid -f /var/db/ntp.drift"

# We need no running mail server
sendmail_enable="NONE"

# Don't let syslog accept input from other remote hosts
syslogd_enable="YES"
syslogd_flags="-s -A -c"

# Remote login without DNS checking as it might not also be functionable
# -u0 prevent sshd from making DNS requests unless the authentication mechanism
# or configuration requires it.
sshd_enable="YES"
sshd_flags="-u0"

# Monitoring deamons
nrpe2_enable="YES"
snmpd_enable="YES"
snmpd_flags="-a -LF w /var/log/snmpd.log"

# HTTP(S) proxy server
tinyproxy_enable="YES"

# Make sure generated ssh keys are saved 
nanobsd_save_sshkeys_enable="YES"

# low-memory footprint DHCP and non-autoritive recursive DNS resolver
dnsmasq_enable="YES"

# Explicitly disable the memory-hungry alternatives
dhcpd_enable="NO"
named_enable="NO"
named_auto_forward="YES"

# WL Captive Portal and WL Web Config Overview
thttpd_enable="YES"
http302_enable="YES"

# Hybrid setup, requires outgoing VPN Server
openvpn_enable="NO"
openvpn_if="tap"

# Enable the firewall by default
pf_enable="YES"
pf_rules="/etc/pf.default.conf"
pf_flags="-D ext_if=vr0 -D int_if=vr1 -D publicnat={80,443}"