|
Last change
on this file since 10185 was 10185, checked in by richardvm, 13 years ago |
|
firewall and portal fixes
|
-
Property svn:eol-style
set to
LF
-
Property svn:executable
set to
*
|
|
File size:
1.6 KB
|
| Line | |
|---|
| 1 | ## Building options
|
|---|
| 2 | dumpdev="NO" # No kernel dumps as we don't have a place to
|
|---|
| 3 | # store them
|
|---|
| 4 | ipv6_enable="NO" # No IPv6 support for now, near feature... ;-)
|
|---|
| 5 |
|
|---|
| 6 | # NTP server needs working config with WL network or internet on boot
|
|---|
| 7 | # so some warnings might pop up, but no harm
|
|---|
| 8 | ntpdate_enable="YES"
|
|---|
| 9 | ntpd_enable="YES"
|
|---|
| 10 | ntpd_sync_on_start="YES"
|
|---|
| 11 | ntpd_flags="-p /var/run/ntpd.pid -f /var/db/ntp.drift"
|
|---|
| 12 |
|
|---|
| 13 | # We need no running mail server
|
|---|
| 14 | sendmail_enable="NONE"
|
|---|
| 15 |
|
|---|
| 16 | # Don't let syslog accept input from other remote hosts
|
|---|
| 17 | syslogd_enable="YES"
|
|---|
| 18 | syslogd_flags="-s -A -c"
|
|---|
| 19 |
|
|---|
| 20 | # Remote login without DNS checking as it might not also be functionable
|
|---|
| 21 | # -u0 prevent sshd from making DNS requests unless the authentication mechanism
|
|---|
| 22 | # or configuration requires it.
|
|---|
| 23 | sshd_enable="YES"
|
|---|
| 24 | sshd_flags="-u0"
|
|---|
| 25 |
|
|---|
| 26 | # Don't update the motd as it not writeable, the update_nanobsd_motd is a
|
|---|
| 27 | # simple wrapper found at /usr/local/etc/rc.d supporting this featureg
|
|---|
| 28 | update_motd="NO"
|
|---|
| 29 | update_nanobsd_motd="YES"
|
|---|
| 30 |
|
|---|
| 31 | # Monitoring deamons
|
|---|
| 32 | nrpe2_enable="YES"
|
|---|
| 33 | snmpd_enable="YES"
|
|---|
| 34 | snmpd_flags="-a -LF w /var/log/snmpd.log"
|
|---|
| 35 |
|
|---|
| 36 | # HTTP(S) proxy server
|
|---|
| 37 | tinyproxy_enable="YES"
|
|---|
| 38 |
|
|---|
| 39 | # Make sure generated ssh keys are saved
|
|---|
| 40 | nanobsd_save_sshkeys_enable="YES"
|
|---|
| 41 |
|
|---|
| 42 | ## Port extentions
|
|---|
| 43 | # Serve our clients some pretty cool IP address to at least get connected
|
|---|
| 44 | # Also some low-memory footprint dns resolver
|
|---|
| 45 | dnsmasq_enable="YES"
|
|---|
| 46 |
|
|---|
| 47 | ## WL ports extentions
|
|---|
| 48 | thttpd_enable="YES"
|
|---|
| 49 | http302_enable="YES"
|
|---|
| 50 |
|
|---|
| 51 | # Make sure generated ssh keys are saved
|
|---|
| 52 | nanobsd_save_sshkeys_enable="YES"
|
|---|
| 53 |
|
|---|
| 54 | #Hybrid
|
|---|
| 55 | openvpn_enable="YES"
|
|---|
| 56 | openvpn_if="tap"
|
|---|
| 57 | cloned_interfaces="bridge0"
|
|---|
| 58 | gateway_enable="YES"
|
|---|
| 59 | pf_enable="YES"
|
|---|
| 60 | pf_rules="/etc/pf.conf.ileiden"
|
|---|
| 61 | pf_flags=""
|
|---|
| 62 | pf2_enable="YES"
|
|---|
Note:
See
TracBrowser
for help on using the repository browser.
