## Building options dumpdev="NO" # No kernel dumps as we don't have a place to # store them gateway_enable="YES" # Act like a gateway please ipv6_enable="NO" # No IPv6 support for now, near feature... ;-) # Firewall needed for port redirection (captive portal, splash screen) firewall_enable="YES" firewall_script="/etc/ipfw.sh" # NTP server needs working config with WL network or internet on boot # so some warnings might pop up, but no harm ntpdate_enable="YES" ntpd_enable="YES" ntpd_sync_on_start="YES" ntpd_flags="-p /var/run/ntpd.pid -f /var/db/ntp.drift" # We need no running mail server sendmail_enable="NONE" # Don't let syslog accept input from other remote hosts syslogd_enable="YES" syslogd_flags="-s -A -c -b 127.0.0.1" # Remote login without DNS checking as it might not also be functionable # -u0 prevent sshd from making DNS requests unless the authentication mechanism # or configuration requires it. sshd_enable="YES" sshd_flags="-u0" # Don't update the motd as it not writeable, the update_nanobsd_motd is a # simple wrapper found at /usr/local/etc/rc.d supporting this featureg update_motd="NO" update_nanobsd_motd="YES" ## Port extentions # Serve our clients some pretty cool IP address to at least get connected # Also some low-memory footprint dns resolver dnsmasq_enable="YES" # Monitoring deamons nrpe2_enable="YES" snmpd_enable="YES" snmpd_flags="-a -LF w /var/log/snmpd.log" # Some nodes will serve as HTTP(S) proxy server tinyproxy_enable="NO" ## WL ports extentions thttpd_enable="YES" http302_enable="YES" lvrouted_enable="YES" lvrouted_flags="-u -s s00p3rs3kr3t -m 28 -z 172.16.2.254,172.17.0.1,172.23.25.66,172.17.169.66" # Make sure generated ssh keys are saved nanobsd_save_sshkeys_enable="YES" # Do some cool stuff with pen, like checking on best connections and reload, so # need a wrapper instead of the conventional startup script pen_wrapper_enable="YES" ## Initial (network) configuration # hostname="ChangeMe.example.org" # XXX: Maybe something cool (zero config) as initial configuration ## Iperf server mode # iperf_enable="YES"