diff --git a/tools/tools/tinybsd/CHANGES b/tools/tools/tinybsd/CHANGES deleted file mode 100644 --- a/tools/tools/tinybsd/CHANGES +++ /dev/null @@ -1,43 +0,0 @@ -# $FreeBSD$ - -0.9: -- Added function personal_directories, you can create on conf dir your custom -personal directories with your custom files inside of them and it will be copied -to your image. -Thanks to Marcus Grando for the patch. - -0.8: -- Now FreeBSD 6.X is the default configuration on TinyBSD files. -- TinyBSD no longer use bootmanager, so fstab device was changed to ad0a. -- Added an example configuration to WRAP motherboards. Just use 'wrap' as argument on build to use it. - -0.7: -- Revision on Makefile to respect non-standard LOCALBASE/X11BASE on FreeBSD. -Thanks to Florent Thoumie . - -0.6: -- fix script problem on symlinks creation. -- added debug information on tinybsd build process with "====>". - -0.5: -- fix script problem when the kernel is not build, it's not should process -an image without kernel :) Thanks to Marten for the patch. - -0.4: -- added pre configured images to build tinybsd: default, bridge, minimal, vpn, -firewall and wireless. -- added etc/ on each image directory to the user copy your custom etc -configuration. - -0.3: -- fix named directory missing on etc build. - -0.2: -- added "device ath_rate_onoe" on kernel config file to be compiled on -FreeBSD 6. -- added on tinybsd script a line to clean up kernel build directory -- added on tinybsd script a for function to copy correct pam depends. - -0.1: -- TinyBSD released - diff --git a/tools/tools/tinybsd/README b/tools/tools/tinybsd/README deleted file mode 100644 --- a/tools/tools/tinybsd/README +++ /dev/null @@ -1,259 +0,0 @@ -# $FreeBSD$ - -- TinyBSD - -You must read this to know how to build embedded systems with TinyBSD. - -- TinyBSD files - -TinyBSD's creation conf files are available under /usr/src/tools/tools/tinybsd/conf -and the script are available under /usr/src/tools/tools/tinybsd/tinybsd. - -The system has been entirely based on the ease of image customization from -PicoBSD, and the compilation script based on NanoBSD's. - -# ls /usr/src/tools/tools/tinybsd/conf -bridge/ default/ firewall/ minimal/ vpn/ wireless/ wrap/ - -We have these six pre configured images to build. On each directory we have 3 -main files in there. Let's see what each of them are: - -# ls /usr/src/tools/tools/tinybsd/conf/default -TINYBSD etc/ tinybsd.basefiles - -TINYBSD: Just like PicoBSD had its kernel previously compiled, we call ours -TINYBSD. - -# more TINYBSD - -machine i386 -cpu I486_CPU -cpu I586_CPU -cpu I686_CPU -ident TINYBSD - -#To statically compile in device wiring instead of /boot/device.hints -#hints "GENERIC.hints" #Default places to look for devices. -... - -As you can see, it's a kernel file identical to your system's, leaving only -the task of enabling or disabling options, according to your needs. - -tinybsd.basefiles: Just like PicoBSD had its crunch.conf file to define which -files we'd want the new system to have, in this one we'll have all files to be -put into our embedded system, already having all available files for running -the system well. Put in or take out the files you need according to your -needs. Let's see it: - -# more tinybsd.basefiles -# contents of ${WORKDIR}/boot -boot/boot0 -boot/boot1 -boot/boot2 -boot/defaults/loader.conf -boot/device.hints -... -# contents of ${WORKDIR}/bin -bin/[:bin/test -bin/cat -bin/chflags -bin/chio -bin/chmod -... - -And so on. In case you'd want to add the binary "setkey", sitting on -/usr/sbin, you'd only need to add the following line inside the /usr/sbin part -of the file, like this: - -usr/sbin/pw -usr/sbin/pwd_mkdb -usr/sbin/setkey - -tinybsd.ports: Here you can add the applications from the FreeBSD Ports Collection -which you want TinyBSD ports system to install in your embedded system. You whould -list one application per line, mentioning its category and name, like the examples: -www/mini_httpd -net-mgmt/rate - -etc/: This is the directory where you can put your custom /etc configuration. - -# ls /usr/src/tools/tools/tinybsd/tinybsd -tinybsd - -tinybsd: This is the script that builds the entire system. You'll hardly -need to modify it at all. The idea is for it to create a temporary work -directory for it to create the entire system tree. Once done, it'll copy all -files listed in tinybsd.basefiles to this tree, then it'll compile a new -kernel using the definitions in the TINYBSD file, and finally copy the library -dependencies the binaries will have. We'll then populate /etc on that -temporary tree and put in a few important default configurations inside on -/usr/src/tools/tools/tinybsd/conf/YOURCHOICE/etc/ like rc.conf, fstab and others. - -Finally, we create an empty image, according to your media's specifications, -passed on to the script on the command line, and copy the entire temporary -work tree into the image mounted on /mnt. - -- Running TinyBSD - -Now that we know how it works, it's time for us to build our own image. Let's -do that step-by-step. - -1) Choose what pre-configured image you want. - -2) Edit the TINYBSD kernel file and add/remove all options you'll need. - -3) Edit the tinybsd.basefiles file and add/remove all binaries you'll need on -your system. - -4) Copy all your /etc configuration which you want to conf/YOURIMAGE/etc/. - -5) Gather the right information on your destination media. To do that, plug in -the device on the system and fetch the information using diskinfo(8): - -# diskinfo -v /dev/ad2 -ad2 - 512 # sectorsize - 20060135424 # mediasize in bytes (19G) - 39179952 # mediasize in sectors - 38869 # Cylinders according to firmware. - 16 # Heads according to firmware. - 63 # Sectors according to firmware. - -To create my image, I'll need to know the media size in sectors, Heads -according to firmware and Sectors according to firmware. Optionally, you may -define the name of the generated image's file, but if you don't, it'll be -named tinybsd.bin. Now that we have gathered these informations through -diskinfo, all we need to do is run tinybsd. Remember that it has 3 -parameters plus 1 optional, and if you don't pass on the required ones, the -script will warn you about it: - -# /usr/src/tools/tools/tinybsd/tinybsd -Woops! - Usage: tinybsd - [] - - Example: tinybsd 62592 4 32 - - or - - /usr/src/tools/tools/tinybsd/tinybsd 62592 4 32 wireless - - Run diskinfo(8) -v against your CF device to get correct information - about your disk. - -Passing on the parameters correctly: - -# /usr/src/tools/tools/tinybsd/tinybsd 39179952 16 63 wireless -Creating directory hierarchy... -./bin missing (created) -./boot missing (created) -./boot/defaults missing (created) -./boot/kernel missing (created) -./boot/modules missing (created) -./dev missing (created) -./etc missing (created) -... - -In the end, we have the generated tinybsd.bin image. Now we have to copy it to -its final destination: - -# dd if=/usr/src/tools/tools/tinybsd/tinybsd.bin of=/dev/ad2 - -Boot up your new embedded system and log on it. If you're ever going to modify -it, you must first remount the root slice as read-write, as it operates by -default on read-only mode, saving disk writes and preventing data-loss in case -of power failures. To mount it for read-write, use mount: - -# mount -u -o rw / - -Once you're done, return it to read-only mode: - -# mount -u -o ro / - -The first thing you need to do after logging for the first time, is to set a -root password. By default, it's created with no root password. - -If you run df(1), you'll see the following partitions: - -# df -Filesystem 1K-blocks Used Avail Capacity Mounted on -/dev/ad0a 29359 19446 7565 72% / -devfs 1 1 0 100% /dev -procfs 4 4 0 100% /proc -/dev/md0 3694 114 3286 3% /var -/dev/md1 19566 6 17996 0% /tmp - -As you can see, /var and /tmp are mounted on /dev/md0 and /dev/md1 -respectively, using memory disk devices. That's because both /var and /tmp are -write-intensive, and as our system works mostly on read-only mode, we'd suffer -with writing problems there, so the memory disk approach works fine. On the -other hand, whenever you reboot the system, those directories' contents -(including logs on /var/log) will be lost. If you need to keep the contents of -those directories, I suggest you to always upload them to another box. - -The configuration line that fires up the system script to create /var as a -memory disk partition is "varmfs="YES"", inside -/etc/rc.conf. Besides mounting /var as a memory disk device, it also populates -its tree with the necessary subdirectories. Initially, /var is created on -memory using only 32MB of space, and that's usually enough. Although, if you -find it necessary to tweak that configuration, you may edit this line of -/etc/rc.conf: - -varsize="32m" - -Change 32m to whatever value you see fit (in MBytes). Take care of not using -your entire memory for /var. - -- Ports and TinyBSD - -You can also install ports on the new system via ports. For that, you'll need -to set the PREFIX environment variable to the image's destination path. Let's -assume you want to install apache on the newly-created image. For that, I'd do -this: - -# mdconfig -a -t vnode -f /usr/src/tools/tools/tinybsd/tinybsd.bin -u 0 - -That uses mdconfig to enable the memory disk 0. - -# mount /dev/md0a /mnt - -Now we've mounted the image on the temporary directory /mnt. Let's then -install apache via ports: - -# cd /usr/ports/www/apache13 -# make install PREFIX=/mnt/usr/local -===> Vulnerability check disabled ->> apache_1.3.31.tar.gz doesn't seem to exist in /usr/ports/distfiles/. ->> Attempting to fetch from http://www.apache.org/dist/httpd/. -... - This port has installed the following startup scripts which may cause - these network services to be started at boot time. -/mnt/usr/local/etc/rc.d/apache.sh -.... - -Once the install is finished, let's verify that apache has indeed been -properly installed under our /mnt directory: - -# cd /mnt/usr/local/sbin -# ls -lga httpd --rwxr-xr-x 1 root wheel 252439 Jul 14 15:31 httpd - -Our software has been successfully installed. You must notice that at the end -of the install, it shows the full path for the PREFIX variable we passed it. -The problem with that is that at boot-time, your system is going to look for -it under /mnt instead of /usr. So we need to edit apache's initialization -script under /usr/local/etc/rc.d (apache.sh) and remove all instances of -"/mnt" in it. - -WARNING: A very important thing to care about are dependencies. Before -installing anything, check to see if it has any dependencies, and that you'll -have enough disk space on the destination system for both the application -you're installing and its dependencies. - -- Script download - -TinyBSD is still a project under heavy development, both the script itself and -its documentation. - -In case you'd like to try or use the BETA version of the script, feel free to -download it from the project's official site at http://code.google.com/p/tinybsd/. diff --git a/tools/tools/tinybsd/conf/bridge/TINYBSD b/tools/tools/tinybsd/conf/bridge/TINYBSD deleted file mode 100644 --- a/tools/tools/tinybsd/conf/bridge/TINYBSD +++ /dev/null @@ -1,155 +0,0 @@ -# $FreeBSD$ - -machine i386 -cpu I486_CPU -cpu I586_CPU -cpu I686_CPU -ident TINYBSD - -# To statically compile in device wiring instead of /boot/device.hints -#hints "GENERIC.hints" # Default places to look for devices. - -options SCHED_4BSD # 4BSD scheduler -options INET # InterNETworking -options FFS # Berkeley Fast Filesystem -options SOFTUPDATES # Enable FFS soft updates support -options UFS_DIRHASH # Improve performance on big directories -options MD_ROOT # MD is a potential root device -options PROCFS # Process filesystem (requires PSEUDOFS) -options PSEUDOFS # Pseudo-filesystem framework -options GEOM_PART_GPT # GUID Partition Tables. -options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!] -options COMPAT_FREEBSD4 # Compatible with FreeBSD4 -options SYSVSHM # SYSV-style shared memory -options SYSVMSG # SYSV-style message queues -options SYSVSEM # SYSV-style semaphores -options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions -options KBD_INSTALL_CDEV # install a CDEV entry in /dev -options AHC_REG_PRETTY_PRINT # Print register bitfields in debug - # output. Adds ~128k to driver. -options AHD_REG_PRETTY_PRINT # Print register bitfields in debug - # output. Adds ~215k to driver. -options ADAPTIVE_GIANT # Giant mutex is adaptive. - -device apic # I/O APIC - -device eisa -device pci - -# Floppy drives -#device fdc - -# ATA and ATAPI devices -device ata -device atadisk # ATA disk drives -options ATA_STATIC_ID # Static device numbering - -# atkbdc0 controls both the keyboard and the PS/2 mouse -device atkbdc # AT keyboard controller -device atkbd # AT keyboard -device psm # PS/2 mouse - -device vga # VGA video card driver - -#device splash # Splash screen and screen saver support - -# syscons is the default console driver, resembling an SCO console -device sc - -# Enable this for the pcvt (VT220 compatible) console driver -#device vt -#options XSERVER # support for X server on a vt console -#options FAT_CURSOR # start with block cursor - -device agp # support several AGP chipsets - -# PCCARD (PCMCIA) support -# PCMCIA and cardbus bridge support -device cbb # cardbus (yenta) bridge -device pccard # PC Card (16-bit) bus -device cardbus # CardBus (32-bit) bus - -# Serial (COM) ports -device sio # 8250, 16[45]50 based serial ports - -# PCI Ethernet NICs. -device de # DEC/Intel DC21x4x (``Tulip'') -device em # Intel PRO/1000 adapter Gigabit Ethernet Card -device txp # 3Com 3cR990 (``Typhoon'') -device vx # 3Com 3c590, 3c595 (``Vortex'') - -# PCI Ethernet NICs that use the common MII bus controller code. -# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs! -device miibus # MII bus support -device bfe # Broadcom BCM440x 10/100 Ethernet -device bge # Broadcom BCM570xx Gigabit Ethernet -device dc # DEC/Intel 21143 and various workalikes -device fxp # Intel EtherExpress PRO/100B (82557, 82558) -device lge # Level 1 LXT1001 gigabit ethernet -device nge # NatSemi DP83820 gigabit ethernet -device pcn # AMD Am79C97x PCI 10/100 (precedence over 'lnc') -device re # RealTek 8139C+/8169/8169S/8110S -device rl # RealTek 8129/8139 -device sf # Adaptec AIC-6915 (``Starfire'') -device sis # Silicon Integrated Systems SiS 900/SiS 7016 -device sk # SysKonnect SK-984x & SK-982x gigabit Ethernet -device ste # Sundance ST201 (D-Link DFE-550TX) -device ti # Alteon Networks Tigon I/II gigabit Ethernet -device tl # Texas Instruments ThunderLAN -device tx # SMC EtherPower II (83c170 ``EPIC'') -device vge # VIA VT612x gigabit ethernet -device vr # VIA Rhine, Rhine II -device wb # Winbond W89C840F -device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'') - -# ISA Ethernet NICs. pccard NICs included. -device cs # Crystal Semiconductor CS89x0 NIC -# 'device ed' requires 'device miibus' -device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards -device ex # Intel EtherExpress Pro/10 and Pro/10+ -device ep # Etherlink III based cards -device fe # Fujitsu MB8696x based cards -device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc. -device sn # SMC's 9000 series of Ethernet chips -device xe # Xircom pccard Ethernet - -# ISA devices that use the old ISA shims -#device le - -# Wireless NIC cards -device wlan # 802.11 support -device an # Aironet 4500/4800 802.11 wireless NICs. -device awi # BayStack 660 and others -device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs. -#device wl # Older non 802.11 Wavelan wireless NIC. - -# Pseudo devices. -device loop # Network loopback -device ether # Ethernet support -device pty # Pseudo-ttys (telnet etc) -device md # Memory "disks" - -# The `bpf' device enables the Berkeley Packet Filter. -# Be aware of the administrative consequences of enabling this! -# Note that 'bpf' is required for DHCP. -device bpf # Berkeley packet filter - -options IPFIREWALL -options IPFIREWALL_DEFAULT_TO_ACCEPT - -device ath -device ath_hal -device ath_rate_sample - -device if_bridge #Bridge interface - -# CLK_USE_I8254_CALIBRATION causes the calibrated frequency of the i8254 -# clock to actually be used. -options CLK_USE_I8254_CALIBRATION - -# CPU_ELAN enables support for AMDs ElanSC520 CPU. -options CPU_ELAN -options CPU_SOEKRIS -options CPU_ELAN_XTAL=32768000 -options CPU_ELAN_PPS - diff --git a/tools/tools/tinybsd/conf/bridge/etc/fstab b/tools/tools/tinybsd/conf/bridge/etc/fstab deleted file mode 100644 --- a/tools/tools/tinybsd/conf/bridge/etc/fstab +++ /dev/null @@ -1,2 +0,0 @@ -# $FreeBSD$ -/dev/ad0a / ufs ro 1 1 diff --git a/tools/tools/tinybsd/conf/bridge/etc/rc.conf b/tools/tools/tinybsd/conf/bridge/etc/rc.conf deleted file mode 100644 --- a/tools/tools/tinybsd/conf/bridge/etc/rc.conf +++ /dev/null @@ -1,17 +0,0 @@ -# $FreeBSD$ -hostname="tinybsd.freebsd.org" -sendmail_enable="NONE" -sshd_enable="YES" -usbd_enable="NO" -inetd_enable="NO" -portmap_enable="NO" -update_motd="NO" -varmfs="YES" -populate_var="YES" -varsize="8192" -tmpmfs="YES" - -# Bridge configuration -# Replace both ath0 and xl1 by your bridge interfaces -cloned_interfaces="bridge0" -ifconfig_bridge0="addm ath0 addm xl1 up" diff --git a/tools/tools/tinybsd/conf/bridge/etc/sysctl.conf b/tools/tools/tinybsd/conf/bridge/etc/sysctl.conf deleted file mode 100644 --- a/tools/tools/tinybsd/conf/bridge/etc/sysctl.conf +++ /dev/null @@ -1,5 +0,0 @@ -# $FreeBSD$ - -# BRIDGE Options -net.link.bridge.ipfw=1 -net.link.bridge.pfil_onlyip=1 diff --git a/tools/tools/tinybsd/conf/bridge/tinybsd.basefiles b/tools/tools/tinybsd/conf/bridge/tinybsd.basefiles deleted file mode 100644 --- a/tools/tools/tinybsd/conf/bridge/tinybsd.basefiles +++ /dev/null @@ -1,236 +0,0 @@ -# $FreeBSD$ -# contents of ${WORKDIR}/boot -boot/boot0 -boot/boot1 -boot/boot2 -boot/defaults/loader.conf -boot/device.hints -boot/loader -boot/loader.4th -boot/loader.help -boot/loader.rc -boot/mbr -boot/support.4th - -# contents of ${WORKDIR}/libexec -libexec/ld-elf.so.1:usr/libexec/ld-elf.so.1 - -# contents of ${WORKDIR}/bin -bin/[:bin/test -bin/cat -bin/chflags -bin/chio -bin/chmod -bin/cp -bin/csh:bin/tcsh -bin/date -bin/dd -bin/df -bin/domainname -bin/echo -bin/ed:bin/red -bin/expr -bin/hostname -bin/kenv -bin/kill -bin/ln:bin/link -bin/ls -bin/mkdir -bin/mv -bin/pax -bin/ps -bin/pwd -bin/realpath -bin/rm:bin/unlink -bin/rmdir -bin/sh -bin/sleep -bin/stty -bin/sync - -# contents of ${WORKDIR}/sbin -sbin/adjkerntz -sbin/comcontrol -sbin/disklabel -sbin/dmesg -sbin/fastboot:sbin/reboot -sbin/fasthalt:sbin/halt -sbin/fsck -sbin/fsck_ufs:sbin/fsck_ffs -sbin/fsck_ufs:sbin/fsck_4.2bsd -sbin/ifconfig -sbin/init -sbin/ipfw -sbin/kldconfig -sbin/kldload -sbin/kldstat -sbin/kldunload -sbin/ldconfig -sbin/md5 -sbin/mdconfig -sbin/mknod -sbin/mdmfs -sbin/mount -sbin/mount_nfs -sbin/mount_nullfs -sbin/mount_unionfs -sbin/newfs -sbin/nextboot -sbin/nologin -sbin/nos-tun -sbin/ping -sbin/rcorder -sbin/route -sbin/shutdown -sbin/slattach -sbin/swapon -sbin/sysctl -sbin/umount - -# contents of ${WORKDIR}/usr/sbin -usr/bin/at:usr/bin/atq -usr/bin/at:usr/bin/atrm -usr/bin/at:usr/bin/batch -usr/bin/awk -usr/bin/basename -usr/bin/bunzip2:usr/bin/bzcat -usr/bin/bunzip2:usr/bin/bzip2 -usr/bin/chat -usr/bin/chfn:usr/bin/chpass -usr/bin/chfn:usr/bin/chsh -usr/bin/chgrp -usr/bin/cksum -usr/bin/clear -usr/bin/cmp -usr/bin/compress:usr/bin/uncompress -usr/bin/cpio -usr/bin/crontab -usr/bin/cu -usr/bin/dig -usr/bin/dirname -usr/bin/du -usr/bin/ee -usr/bin/egrep:usr/bin/fgrep -usr/bin/egrep:usr/bin/grep -usr/bin/env -usr/bin/false -usr/bin/fetch -usr/bin/find -usr/bin/finger -usr/bin/fstat -usr/bin/fsync -usr/bin/ftp -usr/bin/gunzip:usr/bin/gzcat -usr/bin/gunzip:usr/bin/gzip -usr/bin/gzexe -usr/bin/head -usr/bin/hexdump -usr/bin/id:usr/bin/whoami -usr/bin/ident -usr/bin/killall -usr/bin/last -usr/bin/less:usr/bin/more -usr/bin/limits -usr/bin/lock -usr/bin/lockf -usr/bin/logger -usr/bin/login -usr/bin/logname -usr/bin/mesg -usr/bin/minigzip -usr/bin/mkfifo -usr/bin/mktemp -usr/bin/msgs -usr/bin/netstat -usr/bin/nfsstat -usr/bin/nice -usr/bin/nslookup -usr/bin/nsupdate -usr/bin/nohup -usr/bin/objformat -usr/bin/openssl -usr/bin/passwd -usr/bin/printf -usr/bin/renice -usr/bin/reset:usr/sbin/tset -usr/bin/scp -usr/bin/script -usr/bin/sed -usr/bin/sftp -usr/bin/shar -usr/bin/slogin:usr/bin/ssh -usr/bin/sort -usr/bin/split -usr/bin/ssh-keygen -usr/bin/su -usr/bin/tail -usr/bin/tar -usr/bin/tee -usr/bin/telnet -usr/bin/tftp -usr/bin/time -usr/bin/top -usr/bin/touch -usr/bin/tput -usr/bin/tr -usr/bin/true -usr/bin/tty -usr/bin/uname -usr/bin/uptime:usr/bin/w -usr/bin/users -usr/bin/uudecode -usr/bin/uuencode -usr/bin/vi -usr/bin/vmstat -usr/bin/wall -usr/bin/who -usr/bin/whois -usr/bin/write -usr/bin/yes - -# contents of ${WORKDIR}/usr/sbin -usr/sbin/arp -usr/sbin/boot0cfg -usr/sbin/chown -usr/sbin/chroot -usr/sbin/cron -usr/sbin/idprio:usr/sbin/rtprio -usr/sbin/inetd -usr/sbin/iostat -usr/sbin/kbdcontrol -usr/sbin/lastlogin -usr/sbin/memcontrol -usr/sbin/mountd -usr/sbin/mtree -usr/sbin/newsyslog -usr/sbin/ngctl -usr/sbin/nghook -usr/sbin/ntpdate -usr/sbin/pciconf -usr/sbin/pw -usr/sbin/pwd_mkdb -usr/sbin/slstat -usr/sbin/sshd -usr/sbin/syslogd -usr/sbin/tcpdchk -usr/sbin/tcpdmatch -usr/sbin/tcpdump -usr/sbin/traceroute -usr/sbin/vidcontrol -usr/sbin/vipw -usr/sbin/vnconfig -usr/sbin/watch -usr/sbin/pccardc -usr/sbin/pccardd - -# contents of ${WORKDIR}/usr/libexec -usr/libexec/atrun -usr/libexec/ftpd -usr/libexec/getty -usr/libexec/sftp-server -usr/libexec/telnetd -usr/libexec/tftpd - -# contents of ${WORKDIR}/usr/share -usr/share/misc/termcap - diff --git a/tools/tools/tinybsd/conf/bridge/tinybsd.ports b/tools/tools/tinybsd/conf/bridge/tinybsd.ports deleted file mode 100644 --- a/tools/tools/tinybsd/conf/bridge/tinybsd.ports +++ /dev/null @@ -1,9 +0,0 @@ -# $FreeBSD$ -# Here you can add the applications from the FreeBSD Ports Collection which you -# want TinyBSD ports system to install in your embedded system. You whould list -# one application per line, mentioning its category and name, like the examples: -# -# www/mini_httpd -# net-mgmt/rate -# -# Make sure you have enough space to add it. diff --git a/tools/tools/tinybsd/conf/default/TINYBSD b/tools/tools/tinybsd/conf/default/TINYBSD deleted file mode 100644 --- a/tools/tools/tinybsd/conf/default/TINYBSD +++ /dev/null @@ -1,170 +0,0 @@ -# $FreeBSD$ - -machine i386 -cpu I486_CPU -cpu I586_CPU -cpu I686_CPU -ident TINYBSD - -# To statically compile in device wiring instead of /boot/device.hints -#hints "GENERIC.hints" # Default places to look for devices. - -options SCHED_4BSD # 4BSD scheduler -options INET # InterNETworking -options FFS # Berkeley Fast Filesystem -options SOFTUPDATES # Enable FFS soft updates support -options UFS_ACL # Support for access control lists -options UFS_DIRHASH # Improve performance on big directories -options MD_ROOT # MD is a potential root device -options NFSCLIENT # Network Filesystem Client -options NFSSERVER # Network Filesystem Server -options NFS_ROOT # NFS usable as /, requires NFSCLIENT -options MSDOSFS # MSDOS Filesystem -options CD9660 # ISO 9660 Filesystem -options PROCFS # Process filesystem (requires PSEUDOFS) -options PSEUDOFS # Pseudo-filesystem framework -options GEOM_PART_GPT # GUID Partition Tables. -options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!] -options COMPAT_FREEBSD4 # Compatible with FreeBSD4 -options SYSVSHM # SYSV-style shared memory -options SYSVMSG # SYSV-style message queues -options SYSVSEM # SYSV-style semaphores -options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions -options KBD_INSTALL_CDEV # install a CDEV entry in /dev -options AHC_REG_PRETTY_PRINT # Print register bitfields in debug - # output. Adds ~128k to driver. -options AHD_REG_PRETTY_PRINT # Print register bitfields in debug - # output. Adds ~215k to driver. -options ADAPTIVE_GIANT # Giant mutex is adaptive. - -device apic # I/O APIC - -device eisa -device pci - -# Floppy drives -#device fdc - -# ATA and ATAPI devices -device ata -device atadisk # ATA disk drives -#device ataraid # ATA RAID drives -#device atapicd # ATAPI CDROM drives -#device atapifd # ATAPI floppy drives -device atapist # ATAPI tape drives -options ATA_STATIC_ID # Static device numbering - -# atkbdc0 controls both the keyboard and the PS/2 mouse -device atkbdc # AT keyboard controller -device atkbd # AT keyboard -device psm # PS/2 mouse - -device vga # VGA video card driver - -#device splash # Splash screen and screen saver support - -# syscons is the default console driver, resembling an SCO console -device sc - -# Enable this for the pcvt (VT220 compatible) console driver -#device vt -#options XSERVER # support for X server on a vt console -#options FAT_CURSOR # start with block cursor - -device agp # support several AGP chipsets - -# PCCARD (PCMCIA) support -# PCMCIA and cardbus bridge support -device cbb # cardbus (yenta) bridge -device pccard # PC Card (16-bit) bus -device cardbus # CardBus (32-bit) bus - -# Serial (COM) ports -device sio # 8250, 16[45]50 based serial ports - -# PCI Ethernet NICs. -device de # DEC/Intel DC21x4x (``Tulip'') -device em # Intel PRO/1000 adapter Gigabit Ethernet Card -device txp # 3Com 3cR990 (``Typhoon'') -device vx # 3Com 3c590, 3c595 (``Vortex'') - -# PCI Ethernet NICs that use the common MII bus controller code. -# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs! -device miibus # MII bus support -device bfe # Broadcom BCM440x 10/100 Ethernet -device bge # Broadcom BCM570xx Gigabit Ethernet -device dc # DEC/Intel 21143 and various workalikes -device fxp # Intel EtherExpress PRO/100B (82557, 82558) -device lge # Level 1 LXT1001 gigabit ethernet -device nge # NatSemi DP83820 gigabit ethernet -device pcn # AMD Am79C97x PCI 10/100 (precedence over 'lnc') -device re # RealTek 8139C+/8169/8169S/8110S -device rl # RealTek 8129/8139 -device sf # Adaptec AIC-6915 (``Starfire'') -device sis # Silicon Integrated Systems SiS 900/SiS 7016 -device sk # SysKonnect SK-984x & SK-982x gigabit Ethernet -device ste # Sundance ST201 (D-Link DFE-550TX) -device ti # Alteon Networks Tigon I/II gigabit Ethernet -device tl # Texas Instruments ThunderLAN -device tx # SMC EtherPower II (83c170 ``EPIC'') -device vge # VIA VT612x gigabit ethernet -device vr # VIA Rhine, Rhine II -device wb # Winbond W89C840F -device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'') - -# ISA Ethernet NICs. pccard NICs included. -device cs # Crystal Semiconductor CS89x0 NIC -# 'device ed' requires 'device miibus' -device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards -device ex # Intel EtherExpress Pro/10 and Pro/10+ -device ep # Etherlink III based cards -device fe # Fujitsu MB8696x based cards -device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc. -device sn # SMC's 9000 series of Ethernet chips -device xe # Xircom pccard Ethernet - -# ISA devices that use the old ISA shims -#device le - -# Wireless NIC cards -device wlan # 802.11 support -device an # Aironet 4500/4800 802.11 wireless NICs. -device awi # BayStack 660 and others -device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs. -#device wl # Older non 802.11 Wavelan wireless NIC. - -# Pseudo devices. -device loop # Network loopback -device ether # Ethernet support -device ppp # Kernel PPP -device tun # Packet tunnel. -device pty # Pseudo-ttys (telnet etc) -device md # Memory "disks" -device gif # IPv6 and IPv4 tunneling - -# The `bpf' device enables the Berkeley Packet Filter. -# Be aware of the administrative consequences of enabling this! -# Note that 'bpf' is required for DHCP. -device bpf # Berkeley packet filter - -options IPFIREWALL -options IPFIREWALL_DEFAULT_TO_ACCEPT -options IPDIVERT -options DUMMYNET - -device ath -device ath_hal -device ath_rate_sample - -device if_bridge #Bridge interface - -# CLK_USE_I8254_CALIBRATION causes the calibrated frequency of the i8254 -# clock to actually be used. -options CLK_USE_I8254_CALIBRATION - -# CPU_ELAN enables support for AMDs ElanSC520 CPU. -options CPU_ELAN -options CPU_SOEKRIS -options CPU_ELAN_XTAL=32768000 -options CPU_ELAN_PPS - diff --git a/tools/tools/tinybsd/conf/default/etc/fstab b/tools/tools/tinybsd/conf/default/etc/fstab deleted file mode 100644 --- a/tools/tools/tinybsd/conf/default/etc/fstab +++ /dev/null @@ -1,2 +0,0 @@ -# $FreeBSD$ -/dev/ad0a / ufs ro 1 1 diff --git a/tools/tools/tinybsd/conf/default/etc/rc.conf b/tools/tools/tinybsd/conf/default/etc/rc.conf deleted file mode 100644 --- a/tools/tools/tinybsd/conf/default/etc/rc.conf +++ /dev/null @@ -1,12 +0,0 @@ -# $FreeBSD$ -hostname="tinybsd.freebsd.org" -sendmail_enable="NONE" -sshd_enable="YES" -usbd_enable="NO" -inetd_enable="NO" -portmap_enable="NO" -update_motd="NO" -varmfs="YES" -populate_var="YES" -varsize="8192" -tmpmfs="YES" diff --git a/tools/tools/tinybsd/conf/default/tinybsd.basefiles b/tools/tools/tinybsd/conf/default/tinybsd.basefiles deleted file mode 100644 --- a/tools/tools/tinybsd/conf/default/tinybsd.basefiles +++ /dev/null @@ -1,247 +0,0 @@ -# $FreeBSD$ -# contents of ${WORKDIR}/boot -boot/boot0 -boot/boot1 -boot/boot2 -boot/defaults/loader.conf -boot/device.hints -boot/loader -boot/loader.4th -boot/loader.help -boot/loader.rc -boot/mbr -boot/support.4th - -# contents of ${WORKDIR}/libexec -libexec/ld-elf.so.1:usr/libexec/ld-elf.so.1 - -# contents of ${WORKDIR}/bin -bin/[:bin/test -bin/cat -bin/chflags -bin/chio -bin/chmod -bin/cp -bin/csh:bin/tcsh -bin/date -bin/dd -bin/df -bin/domainname -bin/echo -bin/ed:bin/red -bin/expr -bin/hostname -bin/kenv -bin/kill -bin/ln:bin/link -bin/ls -bin/mkdir -bin/mv -bin/pax -bin/ps -bin/pwd -bin/realpath -bin/rm:bin/unlink -bin/rmdir -bin/sh -bin/sleep -bin/stty -bin/sync - -# contents of ${WORKDIR}/sbin -sbin/adjkerntz -sbin/comcontrol -sbin/dhclient -sbin/dhclient-script -sbin/disklabel -sbin/dmesg -sbin/fastboot:sbin/reboot -sbin/fasthalt:sbin/halt -sbin/fsck -sbin/fsck_ufs:sbin/fsck_ffs -sbin/fsck_ufs:sbin/fsck_4.2bsd -sbin/ifconfig -sbin/init -sbin/ipfw -sbin/kldconfig -sbin/kldload -sbin/kldstat -sbin/kldunload -sbin/ldconfig -sbin/md5 -sbin/mdconfig -sbin/mknod -sbin/mdmfs -sbin/mount -sbin/mount_nfs -sbin/mount_nullfs -sbin/mount_unionfs -sbin/natd -sbin/nfsiod -sbin/newfs -sbin/nextboot -sbin/nologin -sbin/nos-tun -sbin/ping -sbin/rcorder -sbin/route -sbin/shutdown -sbin/slattach -sbin/swapon -sbin/sysctl -sbin/umount - -# contents of ${WORKDIR}/usr/sbin -usr/bin/at:usr/bin/atq -usr/bin/at:usr/bin/atrm -usr/bin/at:usr/bin/batch -usr/bin/awk -usr/bin/basename -usr/bin/bunzip2:usr/bin/bzcat -usr/bin/bunzip2:usr/bin/bzip2 -usr/bin/chat -usr/bin/chfn:usr/bin/chpass -usr/bin/chfn:usr/bin/chsh -usr/bin/chgrp -usr/bin/cksum -usr/bin/clear -usr/bin/cmp -usr/bin/compress:usr/bin/uncompress -usr/bin/cpio -usr/bin/crontab -usr/bin/cu -usr/bin/dig -usr/bin/dirname -usr/bin/du -usr/bin/ee -usr/bin/egrep:usr/bin/fgrep -usr/bin/egrep:usr/bin/grep -usr/bin/env -usr/bin/false -usr/bin/fetch -usr/bin/find -usr/bin/finger -usr/bin/fstat -usr/bin/fsync -usr/bin/ftp -usr/bin/gunzip:usr/bin/gzcat -usr/bin/gunzip:usr/bin/gzip -usr/bin/gzexe -usr/bin/head -usr/bin/hexdump -usr/bin/id:usr/bin/whoami -usr/bin/ident -usr/bin/killall -usr/bin/last -usr/bin/less:usr/bin/more -usr/bin/limits -usr/bin/lock -usr/bin/lockf -usr/bin/logger -usr/bin/login -usr/bin/logname -usr/bin/mesg -usr/bin/minigzip -usr/bin/mkfifo -usr/bin/mktemp -usr/bin/msgs -usr/bin/netstat -usr/bin/nfsstat -usr/bin/nice -usr/bin/nslookup -usr/bin/nsupdate -usr/bin/nohup -usr/bin/objformat -usr/bin/openssl -usr/bin/passwd -usr/bin/printf -usr/bin/renice -usr/bin/reset:usr/sbin/tset -usr/bin/scp -usr/bin/script -usr/bin/sed -usr/bin/sftp -usr/bin/shar -usr/bin/slogin:usr/bin/ssh -usr/bin/sort -usr/bin/split -usr/bin/ssh-keygen -usr/bin/su -usr/bin/tail -usr/bin/tar -usr/bin/tee -usr/bin/telnet -usr/bin/tftp -usr/bin/time -usr/bin/top -usr/bin/touch -usr/bin/tput -usr/bin/tr -usr/bin/true -usr/bin/tty -usr/bin/uname -usr/bin/uptime:usr/bin/w -usr/bin/users -usr/bin/uudecode -usr/bin/uuencode -usr/bin/vi -usr/bin/vmstat -usr/bin/wall -usr/bin/who -usr/bin/whois -usr/bin/write -usr/bin/yes - -# contents of ${WORKDIR}/usr/sbin -usr/sbin/arp -usr/sbin/boot0cfg -usr/sbin/chown -usr/sbin/chroot -usr/sbin/cron -usr/sbin/idprio:usr/sbin/rtprio -usr/sbin/inetd -usr/sbin/iostat -usr/sbin/kbdcontrol -usr/sbin/lastlogin -usr/sbin/memcontrol -usr/sbin/mountd -usr/sbin/mtree -usr/sbin/named -usr/sbin/named.reload -usr/sbin/newsyslog -usr/sbin/nfsd -usr/sbin/ngctl -usr/sbin/nghook -usr/sbin/ntpdate -usr/sbin/pciconf -usr/sbin/ppp -usr/sbin/pppctl -usr/sbin/pppstats -usr/sbin/pw -usr/sbin/pwd_mkdb -usr/sbin/rpcbind -usr/sbin/slstat -usr/sbin/sshd -usr/sbin/syslogd -usr/sbin/tcpdchk -usr/sbin/tcpdmatch -usr/sbin/tcpdump -usr/sbin/traceroute -usr/sbin/vidcontrol -usr/sbin/vipw -usr/sbin/vnconfig -usr/sbin/watch -usr/sbin/pccardc -usr/sbin/pccardd - -# contents of ${WORKDIR}/usr/libexec -usr/libexec/atrun -usr/libexec/ftpd -usr/libexec/getty -usr/libexec/sftp-server -usr/libexec/telnetd -usr/libexec/tftpd - -# contents of ${WORKDIR}/usr/share -usr/share/misc/termcap - diff --git a/tools/tools/tinybsd/conf/default/tinybsd.ports b/tools/tools/tinybsd/conf/default/tinybsd.ports deleted file mode 100644 --- a/tools/tools/tinybsd/conf/default/tinybsd.ports +++ /dev/null @@ -1,9 +0,0 @@ -# $FreeBSD$ -# Here you can add the applications from the FreeBSD Ports Collection which you -# want TinyBSD ports system to install in your embedded system. You whould list -# one application per line, mentioning its category and name, like the examples: -# -# www/mini_httpd -# net-mgmt/rate -# -# Make sure you have enough space to add it. diff --git a/tools/tools/tinybsd/conf/firewall/TINYBSD b/tools/tools/tinybsd/conf/firewall/TINYBSD deleted file mode 100644 --- a/tools/tools/tinybsd/conf/firewall/TINYBSD +++ /dev/null @@ -1,168 +0,0 @@ -# $FreeBSD$ -machine i386 -cpu I486_CPU -cpu I586_CPU -cpu I686_CPU -ident TINYBSD - -# To statically compile in device wiring instead of /boot/device.hints -#hints "GENERIC.hints" # Default places to look for devices. - -options SCHED_4BSD # 4BSD scheduler -options INET # InterNETworking -options FFS # Berkeley Fast Filesystem -options SOFTUPDATES # Enable FFS soft updates support -options UFS_DIRHASH # Improve performance on big directories -options MD_ROOT # MD is a potential root device -options PROCFS # Process filesystem (requires PSEUDOFS) -options PSEUDOFS # Pseudo-filesystem framework -options GEOM_PART_GPT # GUID Partition Tables. -options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!] -options COMPAT_FREEBSD4 # Compatible with FreeBSD4 -options SYSVSHM # SYSV-style shared memory -options SYSVMSG # SYSV-style message queues -options SYSVSEM # SYSV-style semaphores -options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions -options KBD_INSTALL_CDEV # install a CDEV entry in /dev -options AHC_REG_PRETTY_PRINT # Print register bitfields in debug - # output. Adds ~128k to driver. -options AHD_REG_PRETTY_PRINT # Print register bitfields in debug - # output. Adds ~215k to driver. -options ADAPTIVE_GIANT # Giant mutex is adaptive. - -device apic # I/O APIC - -device eisa -device pci - -# Floppy drives -#device fdc - -# ATA and ATAPI devices -device ata -device atadisk # ATA disk drives -options ATA_STATIC_ID # Static device numbering - -# atkbdc0 controls both the keyboard and the PS/2 mouse -device atkbdc # AT keyboard controller -device atkbd # AT keyboard -device psm # PS/2 mouse - -device vga # VGA video card driver - -#device splash # Splash screen and screen saver support - -# syscons is the default console driver, resembling an SCO console -device sc - -# Enable this for the pcvt (VT220 compatible) console driver -#device vt -#options XSERVER # support for X server on a vt console -#options FAT_CURSOR # start with block cursor - -device agp # support several AGP chipsets - -# PCCARD (PCMCIA) support -# PCMCIA and cardbus bridge support -#device cbb # cardbus (yenta) bridge -#device pccard # PC Card (16-bit) bus -#device cardbus # CardBus (32-bit) bus - -# Serial (COM) ports -device sio # 8250, 16[45]50 based serial ports - -# PCI Ethernet NICs. -device de # DEC/Intel DC21x4x (``Tulip'') -device em # Intel PRO/1000 adapter Gigabit Ethernet Card -device txp # 3Com 3cR990 (``Typhoon'') -device vx # 3Com 3c590, 3c595 (``Vortex'') - -# PCI Ethernet NICs that use the common MII bus controller code. -# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs! -device miibus # MII bus support -device bfe # Broadcom BCM440x 10/100 Ethernet -device bge # Broadcom BCM570xx Gigabit Ethernet -device dc # DEC/Intel 21143 and various workalikes -device fxp # Intel EtherExpress PRO/100B (82557, 82558) -device lge # Level 1 LXT1001 gigabit ethernet -device nge # NatSemi DP83820 gigabit ethernet -device pcn # AMD Am79C97x PCI 10/100 (precedence over 'lnc') -device re # RealTek 8139C+/8169/8169S/8110S -device rl # RealTek 8129/8139 -device sf # Adaptec AIC-6915 (``Starfire'') -device sis # Silicon Integrated Systems SiS 900/SiS 7016 -device sk # SysKonnect SK-984x & SK-982x gigabit Ethernet -device ste # Sundance ST201 (D-Link DFE-550TX) -device ti # Alteon Networks Tigon I/II gigabit Ethernet -device tl # Texas Instruments ThunderLAN -device tx # SMC EtherPower II (83c170 ``EPIC'') -device vge # VIA VT612x gigabit ethernet -device vr # VIA Rhine, Rhine II -device wb # Winbond W89C840F -device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'') - -# ISA Ethernet NICs. pccard NICs included. -device cs # Crystal Semiconductor CS89x0 NIC -# 'device ed' requires 'device miibus' -device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards -device ex # Intel EtherExpress Pro/10 and Pro/10+ -device ep # Etherlink III based cards -device fe # Fujitsu MB8696x based cards -device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc. -device sn # SMC's 9000 series of Ethernet chips -device xe # Xircom pccard Ethernet - -# ISA devices that use the old ISA shims -#device le - -# Wireless NIC cards -device wlan # 802.11 support -#device an # Aironet 4500/4800 802.11 wireless NICs. -#device awi # BayStack 660 and others -#device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs. -#device wl # Older non 802.11 Wavelan wireless NIC. - -# Pseudo devices. -device loop # Network loopback -device ether # Ethernet support -device pty # Pseudo-ttys (telnet etc) -device md # Memory "disks" - -# The `bpf' device enables the Berkeley Packet Filter. -# Be aware of the administrative consequences of enabling this! -# Note that 'bpf' is required for DHCP. -device bpf # Berkeley packet filter - -options IPFIREWALL -options IPFIREWALL_DEFAULT_TO_ACCEPT -options IPDIVERT -options DUMMYNET - -device pf #PF OpenBSD packet-filter firewall -device pflog #logging support interface for PF -device pfsync #synchronization interface for PF -device carp #Common Address Redundancy Protocol - -options ALTQ -options ALTQ_CBQ # Class Based Queueing -options ALTQ_RED # Random Early Detection -options ALTQ_RIO # RED In/Out -options ALTQ_HFSC # Hierarchical Packet Scheduler -options ALTQ_CDNR # Traffic conditioner -options ALTQ_PRIQ # Priority Queueing -options ALTQ_NOPCC # Required for SMP build - -device ath -device ath_hal -device ath_rate_sample - -# CLK_USE_I8254_CALIBRATION causes the calibrated frequency of the i8254 -# clock to actually be used. -options CLK_USE_I8254_CALIBRATION - -# CPU_ELAN enables support for AMDs ElanSC520 CPU. -options CPU_ELAN -options CPU_SOEKRIS -options CPU_ELAN_XTAL=32768000 -options CPU_ELAN_PPS - diff --git a/tools/tools/tinybsd/conf/firewall/etc/authpf/authpf.rules b/tools/tools/tinybsd/conf/firewall/etc/authpf/authpf.rules deleted file mode 100644 --- a/tools/tools/tinybsd/conf/firewall/etc/authpf/authpf.rules +++ /dev/null @@ -1 +0,0 @@ -# $FreeBSD$ diff --git a/tools/tools/tinybsd/conf/firewall/etc/fstab b/tools/tools/tinybsd/conf/firewall/etc/fstab deleted file mode 100644 --- a/tools/tools/tinybsd/conf/firewall/etc/fstab +++ /dev/null @@ -1,2 +0,0 @@ -# $FreeBSD$ -/dev/ad0a / ufs ro 1 1 diff --git a/tools/tools/tinybsd/conf/firewall/etc/natd.conf b/tools/tools/tinybsd/conf/firewall/etc/natd.conf deleted file mode 100644 --- a/tools/tools/tinybsd/conf/firewall/etc/natd.conf +++ /dev/null @@ -1 +0,0 @@ -# $FreeBSD$ diff --git a/tools/tools/tinybsd/conf/firewall/etc/pf.conf b/tools/tools/tinybsd/conf/firewall/etc/pf.conf deleted file mode 100644 --- a/tools/tools/tinybsd/conf/firewall/etc/pf.conf +++ /dev/null @@ -1,78 +0,0 @@ -# $FreeBSD$ -# -# See pf.conf(5) and /usr/share/examples/pf for syntax and examples. -# Required order: options, normalization, queueing, translation, filtering. -# Macros and tables may be defined and used anywhere. -# Note that translation rules are first match while filter rules are last match. - -# Macros: define common values, so they can be referenced and changed easily. -#ext_if="ext0" # replace with actual external interface name i.e., dc0 -#int_if="int0" # replace with actual internal interface name i.e., dc1 -#internal_net="10.1.1.1/8" -#external_addr="192.168.1.1" - -# Tables: similar to macros, but more flexible for many addresses. -#table { 10.0.0.0/8, !10.1.0.0/16, 192.168.0.0/24, 192.168.1.18 } - -# Options: tune the behavior of pf, default values are given. -#set timeout { interval 10, frag 30 } -#set timeout { tcp.first 120, tcp.opening 30, tcp.established 86400 } -#set timeout { tcp.closing 900, tcp.finwait 45, tcp.closed 90 } -#set timeout { udp.first 60, udp.single 30, udp.multiple 60 } -#set timeout { icmp.first 20, icmp.error 10 } -#set timeout { other.first 60, other.single 30, other.multiple 60 } -#set timeout { adaptive.start 0, adaptive.end 0 } -#set limit { states 10000, frags 5000 } -#set loginterface none -#set optimization normal -#set block-policy drop -#set require-order yes -#set fingerprints "/etc/pf.os" - -# Normalization: reassemble fragments and resolve or reduce traffic ambiguities. -#scrub in all - -# Queueing: rule-based bandwidth control. -#altq on $ext_if bandwidth 2Mb cbq queue { dflt, developers, marketing } -#queue dflt bandwidth 5% cbq(default) -#queue developers bandwidth 80% -#queue marketing bandwidth 15% - -# Translation: specify how addresses are to be mapped or redirected. -# nat: packets going out through $ext_if with source address $internal_net will -# get translated as coming from the address of $ext_if, a state is created for -# such packets, and incoming packets will be redirected to the internal address. -#nat on $ext_if from $internal_net to any -> ($ext_if) - -# rdr: packets coming in on $ext_if with destination $external_addr:1234 will -# be redirected to 10.1.1.1:5678. A state is created for such packets, and -# outgoing packets will be translated as coming from the external address. -#rdr on $ext_if proto tcp from any to $external_addr/32 port 1234 -> 10.1.1.1 port 5678 - -# rdr outgoing FTP requests to the ftp-proxy -#rdr on $int_if proto tcp from any to any port ftp -> 127.0.0.1 port 8021 - -# spamd-setup puts addresses to be redirected into table . -#table persist -#no rdr on { lo0, lo1 } from any to any -#rdr inet proto tcp from to any port smtp -> 127.0.0.1 port 8025 - -# Filtering: the implicit first two rules are -#pass in all -#pass out all - -# block all incoming packets but allow ssh, pass all outgoing tcp and udp -# connections and keep state, logging blocked packets. -#block in log all -#pass in on $ext_if proto tcp from any to $ext_if port 22 keep state -#pass out on $ext_if proto { tcp, udp } all keep state - -# pass incoming packets destined to the addresses given in table . -#pass in on $ext_if proto { tcp, udp } from any to port 80 keep state - -# pass incoming ports for ftp-proxy -#pass in on $ext_if inet proto tcp from any to $ext_if user proxy keep state - -# assign packets to a queue. -#pass out on $ext_if from 192.168.0.0/24 to any keep state queue developers -#pass out on $ext_if from 192.168.1.0/24 to any keep state queue marketing diff --git a/tools/tools/tinybsd/conf/firewall/etc/pf.os b/tools/tools/tinybsd/conf/firewall/etc/pf.os deleted file mode 100644 --- a/tools/tools/tinybsd/conf/firewall/etc/pf.os +++ /dev/null @@ -1,549 +0,0 @@ -# $FreeBSD$ -# passive OS fingerprinting -# ------------------------- -# -# SYN signatures. Those signatures work for SYN packets only (duh!). -# -# (C) Copyright 2000-2003 by Michal Zalewski -# (C) Copyright 2003 by Mike Frantzen -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -# -# -# This fingerprint database is adapted from Michal Zalewski's p0f passive -# operating system package. -# -# -# Each line in this file specifies a single fingerprint. Please read the -# information below carefully before attempting to append any signatures -# reported as UNKNOWN to this file to avoid mistakes. -# -# We use the following set metrics for fingerprinting: -# -# - Window size (WSS) - a highly OS dependent setting used for TCP/IP -# performance control (max. amount of data to be sent without ACK). -# Some systems use a fixed value for initial packets. On other -# systems, it is a multiple of MSS or MTU (MSS+40). In some rare -# cases, the value is just arbitrary. -# -# NEW SIGNATURE: if p0f reported a special value of 'Snn', the number -# appears to be a multiple of MSS (MSS*nn); a special value of 'Tnn' -# means it is a multiple of MTU ((MSS+40)*nn). Unless you notice the -# value of nn is not fixed (unlikely), just copy the Snn or Tnn token -# literally. If you know this device has a simple stack and a fixed -# MTU, you can however multiply S value by MSS, or T value by MSS+40, -# and put it instead of Snn or Tnn. -# -# If WSS otherwise looks like a fixed value (for example a multiple -# of two), or if you can confirm the value is fixed, please quote -# it literally. If there's no apparent pattern in WSS chosen, you -# should consider wildcarding this value. -# -# - Overall packet size - a function of all IP and TCP options and bugs. -# -# NEW SIGNATURE: Copy this value literally. -# -# - Initial TTL - We check the actual TTL of a received packet. It can't -# be higher than the initial TTL, and also shouldn't be dramatically -# lower (maximum distance is defined as 40 hops). -# -# NEW SIGNATURE: *Never* copy TTL from a p0f-reported signature literally. -# You need to determine the initial TTL. The best way to do it is to -# check the documentation for a remote system, or check its settings. -# A fairly good method is to simply round the observed TTL up to -# 32, 64, 128, or 255, but it should be noted that some obscure devices -# might not use round TTLs (in particular, some shoddy appliances use -# "original" initial TTL settings). If not sure, you can see how many -# hops you're away from the remote party with traceroute or mtr. -# -# - Don't fragment flag (DF) - some modern OSes set this to implement PMTU -# discovery. Others do not bother. -# -# NEW SIGNATURE: Copy this value literally. -# -# - Maximum segment size (MSS) - this setting is usually link-dependent. P0f -# uses it to determine link type of the remote host. -# -# NEW SIGNATURE: Always wildcard this value, except for rare cases when -# you have an appliance with a fixed value, know the system supports only -# a very limited number of network interface types, or know the system -# is using a value it pulled out of nowhere. Specific unique MSS -# can be used to tell Google crawlbots from the rest of the population. -# -# - Window scaling (WSCALE) - this feature is used to scale WSS. -# It extends the size of a TCP/IP window to 32 bits. Some modern -# systems implement this feature. -# -# NEW SIGNATURE: Observe several signatures. Initial WSCALE is often set -# to zero or other low value. There's usually no need to wildcard this -# parameter. -# -# - Timestamp - some systems that implement timestamps set them to -# zero in the initial SYN. This case is detected and handled appropriately. -# -# - Selective ACK permitted - a flag set by systems that implement -# selective ACK functionality. -# -# - The sequence of TCP all options (MSS, window scaling, selective ACK -# permitted, timestamp, NOP). Other than the options previously -# discussed, p0f also checks for timestamp option (a silly -# extension to broadcast your uptime ;-), NOP options (used for -# header padding) and sackOK option (selective ACK feature). -# -# NEW SIGNATURE: Copy the sequence literally. -# -# To wildcard any value (except for initial TTL or TCP options), replace -# it with '*'. You can also use a modulo operator to match any values -# that divide by nnn - '%nnn'. -# -# Fingerprint entry format: -# -# wwww:ttt:D:ss:OOO...:OS:Version:Subtype:Details -# -# wwww - window size (can be *, %nnn, Snn or Tnn). The special values -# "S" and "T" which are a multiple of MSS or a multiple of MTU -# respectively. -# ttt - initial TTL -# D - don't fragment bit (0 - not set, 1 - set) -# ss - overall SYN packet size -# OOO - option value and order specification (see below) -# OS - OS genre (Linux, Solaris, Windows) -# Version - OS Version (2.0.27 on x86, etc) -# Subtype - OS subtype or patchlevel (SP3, lo0) -# details - Generic OS details -# -# If OS genre starts with '*', p0f will not show distance, link type -# and timestamp data. It is useful for userland TCP/IP stacks of -# network scanners and so on, where many settings are randomized or -# bogus. -# -# If OS genre starts with @, it denotes an approximate hit for a group -# of operating systems (signature reporting still enabled in this case). -# Use this feature at the end of this file to catch cases for which -# you don't have a precise match, but can tell it's Windows or FreeBSD -# or whatnot by looking at, say, flag layout alone. -# -# Option block description is a list of comma or space separated -# options in the order they appear in the packet: -# -# N - NOP option -# Wnnn - window scaling option, value nnn (or * or %nnn) -# Mnnn - maximum segment size option, value nnn (or * or %nnn) -# S - selective ACK OK -# T - timestamp -# T0 - timestamp with a zero value -# -# To denote no TCP options, use a single '.'. -# -# Please report any additions to this file, or any inaccuracies or -# problems spotted, to the maintainers: lcamtuf@coredump.cx, -# frantzen@openbsd.org and bugs@openbsd.org with a tcpdump packet -# capture of the relevant SYN packet(s) -# -# WARNING WARNING WARNING -# ----------------------- -# -# Do not add a system X as OS Y just because NMAP says so. It is often -# the case that X is a NAT firewall. While nmap is talking to the -# device itself, p0f is fingerprinting the guy behind the firewall -# instead. -# -# When in doubt, use common sense, don't add something that looks like -# a completely different system as Linux or FreeBSD or LinkSys router. -# Check DNS name, establish a connection to the remote host and look -# at SYN+ACK - does it look similar? -# -# Some users tweak their TCP/IP settings - enable or disable RFC1323 -# functionality, enable or disable timestamps or selective ACK, -# disable PMTU discovery, change MTU and so on. Always compare a new rule -# to other fingerprints for this system, and verify the system isn't -# "customized" before adding it. It is OK to add signature variants -# caused by a commonly used software (personal firewalls, security -# packages, etc), but it makes no sense to try to add every single -# possible /proc/sys/net/ipv4 tweak on Linux or so. -# -# KEEP IN MIND: Some packet firewalls configured to normalize outgoing -# traffic (OpenBSD pf with "scrub" enabled, for example) will, well, -# normalize packets. Signatures will not correspond to the originating -# system (and probably not quite to the firewall either). -# -# NOTE: Try to keep this file in some reasonable order, from most to -# least likely systems. This will speed up operation. Also keep most -# generic and broad rules near the end. -# - -########################## -# Standard OS signatures # -########################## - -# ----------------- AIX --------------------- - -# AIX is first because its signatures are close to NetBSD, MacOS X and -# Linux 2.0, but it uses a fairly rare MSSes, at least sometimes... -# This is a shoddy hack, though. - -16384:64:0:44:M512: AIX:4.3:2-3:AIX 4.3.2 and earlier - -16384:64:0:60:M512,N,W%2,N,N,T: AIX:4.3:3:AIX 4.3.3-5.2 -16384:64:0:60:M512,N,W%2,N,N,T: AIX:5.1-5.2::AIX 4.3.3-5.2 -32768:64:0:60:M512,N,W%2,N,N,T: AIX:4.3:3:AIX 4.3.3-5.2 -32768:64:0:60:M512,N,W%2,N,N,T: AIX:5.1-5.2::AIX 4.3.3-5.2 -65535:64:0:60:M512,N,W%2,N,N,T: AIX:4.3:3:AIX 4.3.3-5.2 -65535:64:0:60:M512,N,W%2,N,N,T: AIX:5.1-5.2::AIX 4.3.3-5.2 -65535:64:0:64:M*,N,W1,N,N,T,N,N,S: AIX:5.3:ML1:AIX 5.3 ML1 - -# ----------------- Linux ------------------- - -512:64:0:44:M*: Linux:2.0:3x:Linux 2.0.3x -16384:64:0:44:M*: Linux:2.0:3x:Linux 2.0.3x - -# Endian snafu! Nelson says "ha-ha": -2:64:0:44:M*: Linux:2.0:3x:Linux 2.0.3x (MkLinux) on Mac -64:64:0:44:M*: Linux:2.0:3x:Linux 2.0.3x (MkLinux) on Mac - - -S4:64:1:60:M1360,S,T,N,W0: Linux:google::Linux (Google crawlbot) - -S2:64:1:60:M*,S,T,N,W0: Linux:2.4::Linux 2.4 (big boy) -S3:64:1:60:M*,S,T,N,W0: Linux:2.4:18-21:Linux 2.4.18 and newer -S4:64:1:60:M*,S,T,N,W0: Linux:2.4::Linux 2.4/2.6 -S4:64:1:60:M*,S,T,N,W0: Linux:2.6::Linux 2.4/2.6 - -S3:64:1:60:M*,S,T,N,W1: Linux:2.5::Linux 2.5 -S4:64:1:60:M*,S,T,N,W1: Linux:2.5-2.6::Linux 2.5/2.6 - -S20:64:1:60:M*,S,T,N,W0: Linux:2.2:20-25:Linux 2.2.20 and newer -S22:64:1:60:M*,S,T,N,W0: Linux:2.2::Linux 2.2 -S11:64:1:60:M*,S,T,N,W0: Linux:2.2::Linux 2.2 - -# Popular cluster config scripts disable timestamps and -# selective ACK: -S4:64:1:48:M1460,N,W0: Linux:2.4:cluster:Linux 2.4 in cluster - -# This needs to be investigated. On some systems, WSS -# is selected as a multiple of MTU instead of MSS. I got -# many submissions for this for many late versions of 2.4: -T4:64:1:60:M1412,S,T,N,W0: Linux:2.4::Linux 2.4 (late, uncommon) - -# This happens only over loopback, but let's make folks happy: -32767:64:1:60:M16396,S,T,N,W0: Linux:2.4:lo0:Linux 2.4 (local) -S8:64:1:60:M3884,S,T,N,W0: Linux:2.2:lo0:Linux 2.2 (local) - -# Opera visitors: -16384:64:1:60:M*,S,T,N,W0: Linux:2.2:Opera:Linux 2.2 (Opera?) -32767:64:1:60:M*,S,T,N,W0: Linux:2.4:Opera:Linux 2.4 (Opera?) - -# Some fairly common mods: -S4:64:1:52:M*,N,N,S,N,W0: Linux:2.4:ts:Linux 2.4 w/o timestamps -S22:64:1:52:M*,N,N,S,N,W0: Linux:2.2:ts:Linux 2.2 w/o timestamps - - -# ----------------- FreeBSD ----------------- - -16384:64:1:44:M*: FreeBSD:2.0-2.2::FreeBSD 2.0-4.1 -16384:64:1:44:M*: FreeBSD:3.0-3.5::FreeBSD 2.0-4.1 -16384:64:1:44:M*: FreeBSD:4.0-4.1::FreeBSD 2.0-4.1 -16384:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.4::FreeBSD 4.4 - -1024:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.4::FreeBSD 4.4 - -57344:64:1:44:M*: FreeBSD:4.6-4.8:noRFC1323:FreeBSD 4.6-4.8 (no RFC1323) -57344:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.6-4.8::FreeBSD 4.6-4.8 - -32768:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.8-4.9::FreeBSD 4.8-5.1 (or MacOS X) -32768:64:1:60:M*,N,W0,N,N,T: FreeBSD:5.0-5.1::FreeBSD 4.8-5.1 (or MacOS X) -65535:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.8-4.9::FreeBSD 4.8-5.1 (or MacOS X) -65535:64:1:60:M*,N,W0,N,N,T: FreeBSD:5.0-5.1::FreeBSD 4.8-5.1 (or MacOS X) -65535:64:1:60:M*,N,W1,N,N,T: FreeBSD:4.7-4.9::FreeBSD 4.7-5.1 -65535:64:1:60:M*,N,W1,N,N,T: FreeBSD:5.0-5.1::FreeBSD 4.7-5.1 - -# 16384:64:1:60:M*,N,N,N,N,N,N,T:FreeBSD:4.4:noTS:FreeBSD 4.4 (w/o timestamps) - -# ----------------- NetBSD ------------------ - -65535:64:0:60:M*,N,W0,N,N,T0: NetBSD:1.6:opera:NetBSD 1.6 (Opera) -16384:64:0:60:M*,N,W0,N,N,T0: NetBSD:1.6::NetBSD 1.6 -16384:64:1:60:M*,N,W0,N,N,T0: NetBSD:1.6:df:NetBSD 1.6 (DF) -16384:64:0:60:M*,N,W0,N,N,T: NetBSD:1.3::NetBSD 1.3 -65535:64:1:60:M*,N,W1,N,N,T0: NetBSD:1.6::NetBSD 1.6W-current (DF) - -# ----------------- OpenBSD ----------------- - -16384:64:0:60:M*,N,W0,N,N,T: OpenBSD:2.6::NetBSD 1.3 (or OpenBSD 2.6) -16384:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-3.4::OpenBSD 3.0-3.4 -16384:64:0:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-3.4:no-df:OpenBSD 3.0-3.4 (scrub no-df) -57344:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.3-3.4::OpenBSD 3.3-3.4 -57344:64:0:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.3-3.4:no-df:OpenBSD 3.3-3.4 (scrub no-df) - -65535:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-3.4:opera:OpenBSD 3.0-3.4 (Opera) - -# ----------------- Solaris ----------------- - -S17:64:1:64:N,W3,N,N,T0,N,N,S,M*: Solaris:8:RFC1323:Solaris 8 RFC1323 -S17:64:1:48:N,N,S,M*: Solaris:8::Solaris 8 -S17:255:1:44:M*: Solaris:2.5-2.7::Solaris 2.5 to 7 - -S6:255:1:44:M*: Solaris:2.6-2.7::Solaris 2.6 to 7 -S23:255:1:44:M*: Solaris:2.5:1:Solaris 2.5.1 -S34:64:1:48:M*,N,N,S: Solaris:2.9::Solaris 9 -S44:255:1:44:M*: Solaris:2.7::Solaris 7 - -# ----------------- IRIX -------------------- - -49152:64:0:44:M*: IRIX:6.4::IRIX 6.4 -61440:64:0:44:M*: IRIX:6.2-6.5::IRIX 6.2-6.5 -49152:64:0:52:M*,N,W2,N,N,S: IRIX:6.5:RFC1323:IRIX 6.5 (RFC1323) -49152:64:0:52:M*,N,W3,N,N,S: IRIX:6.5:RFC1323:IRIX 6.5 (RFC1323) - -61440:64:0:48:M*,N,N,S: IRIX:6.5:12-21:IRIX 6.5.12 - 6.5.21 -49152:64:0:48:M*,N,N,S: IRIX:6.5:15-21:IRIX 6.5.15 - 6.5.21 - -# ----------------- Tru64 ------------------- - -32768:64:1:48:M*,N,W0: Tru64:4.0::Tru64 4.0 -32768:64:0:48:M*,N,W0: Tru64:5.0::Tru64 5.0 -8192:64:0:44:M1460: Tru64:5.1:noRFC1323:Tru64 6.1 (no RFC1323) (or QNX 6) - -# This looks awfully Linuxish :/ -# S22:64:0:60:M*,S,T,N,W0: Tru64:5.0:a:Tru64 5.0a - -61440:64:0:48:M*,N,W0: Tru64:5.1a:JP4:Tru64 v5.1a JP4 (or OpenVMS 7.x on Compaq 5.x stack) - - -# ----------------- OpenVMS ----------------- - -6144:64:1:60:M*,N,W0,N,N,T: OpenVMS:7.2::OpenVMS 7.2 (Multinet 4.4 stack) - -# ----------------- MacOS ------------------- - -16616:255:1:48:M*,W0: MacOS:7.3-7.6:OTTCP:MacOS 7.3-8.6 (OTTCP) -16616:255:1:48:M*,W0: MacOS:8.0-8.6:OTTCP:MacOS 7.3-8.6 (OTTCP) -32768:255:1:48:M*,W0,N: MacOS:9.1-9.2::MacOS 9.1/9.2 -32768:64:0:60:M*,N,W0,N,N,T: MacOS:X:10.2:MacOS X 10.2 - -# ----------------- Windows ----------------- - -# Windows 95 - need more: - -8192:32:1:44:M*: Windows:95::Windows 95 (low TTL) - -# Windows 98 - plenty of silly signatures: -S44:32:1:48:M*,N,N,S: Windows:98::Windows 98 (low TTL) -8192:32:1:48:M*,N,N,S: Windows:98::Windows 98 (low TTL) - -%8192:64:1:48:M*,N,N,S: Windows:98::Windows 98 (or newer XP/2000 with tweaked TTL) -S4:64:1:48:M*,N,N,S: Windows:98::Windows 98 -S6:64:1:48:M*,N,N,S: Windows:98::Windows 98 -S12:64:1:48:M*,N,N,S: Windows:98::Windows 98 -32767:64:1:48:M*,N,N,S: Windows:98::Windows 98 -37300:64:1:48:M*,N,N,S: Windows:98::Windows 98 -46080:64:1:52:M*,N,W3,N,N,S: Windows:98:RFC1323:Windows 98 (RFC1323) -65535:64:1:44:M*: Windows:98:noSACK:Windows 98 (no sack) - -S16:128:1:48:M*,N,N,S: Windows:98::Windows 98 -S16:128:1:64:M*,N,W0,N,N,T0,N,N,S: Windows:98::Windows 98 -S26:128:1:48:M*,N,N,S: Windows:98::Windows 98 -T30:128:1:48:M*,N,N,S: Windows:98::Windows 98 -32767:128:1:52:M*,N,W0,N,N,S: Windows:98::Windows 98 -60352:128:1:48:M*,N,N,S: Windows:98::Windows 98 -60352:128:1:64:M*,N,W2,N,N,T0,N,N,S: Windows:98::Windows 98 - -# Windows NT 4.0 - need more: - -64512:128:1:44:M1414: Windows:NT:4.0:Windows NT 4.0 SP6a -8192:128:1:44:M*: Windows:NT:4.0:Windows NT 4.0 (older) -6144:128:1:52:M*,W0,N,S,N,N: Windows:NT:4.0:Windows NT 4.0 (RFC1323) - -# Windows XP and 2000. Most of the signatures that were -# either dubious or non-specific (no service pack data) -# were deleted and replaced with generics at the end. - -65535:128:1:48:M*,N,N,S: Windows:2000:SP4:Windows 2000 SP4, XP SP1 -%8192:128:1:48:M*,N,N,S: Windows:2000:SP4:Windows 2000 SP4, XP SP1 -S45:128:1:48:M*,N,N,S: Windows:2000:SP4:Windows 2000 SP4 -S6:128:1:48:M*,N,N,S: Windows:2000:SP4:Windows XP SP1, 2000 SP4 -S44:128:1:48:M*,N,N,S: Windows:2000:SP3:Windows XP Pro SP1, 2000 SP3 - -S6:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows XP SP1, 2000 SP4 -S44:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows XP Pro SP1, 2000 SP3 -64512:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows XP SP1 -32767:128:1:48:M1452,N,N,S: Windows:XP:SP1:Windows XP SP1 -65535:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows 2000 SP4, XP SP1 -%8192:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows 2000 SP4, XP SP1 - -# Odds, ends, mods: - -S52:128:1:48:M1260,N,N,S: Windows:XP:Cisco:Windows XP/2000 via Cisco -S52:128:1:48:M1260,N,N,S: Windows:2000:Cisco:Windows XP/2000 via Cisco - -# HUNT DOWN: -# *:128:1:48:M*,N,N,S:U:@Windows:XP (leak) (PLEASE REPORT) - -# ----------------- HP/UX ------------------- - -32768:64:1:44:M*: HP-UX:B.10.20::HP-UX B.10.20 -32768:64:0:48:M*,W0,N: HP-UX:11.0::HP-UX 11.0 -32768:64:1:48:M*,W0,N: HP-UX:11.10::HP-UX 11.0 or 11.11 -32768:64:1:48:M*,W0,N: HP-UX:11.11::HP-UX 11.0 or 11.11 - -# Whoa. Hardcore WSS. -0:64:0:48:M*,W0,N: HP-UX:B.11.00:A:HP-UX B.11.00 A (RFC1323) - - -# ----------------- RiscOS ------------------ - -# We don't yet support the ?12 TCP option -#16384:64:1:68:M1460,N,W0,N,N,T,N,N,?12: RISCOS:3.70-4.36::RISC OS 3.70-4.36 - -# ----------------- BSD/OS ------------------ - -# Once again, power of two WSS is also shared by MacOS X with DF set -8192:64:1:60:M1460,N,W0,N,N,T: BSD/OS:3.1::BSD/OS 3.1-4.3 (or MacOS X 10.2 w/DF) -8192:64:1:60:M1460,N,W0,N,N,T: BSD/OS:4.0-4.3::BSD/OS 3.1-4.3 (or MacOS X 10.2) - - -# ---------------- NewtonOS ----------------- - -4096:64:0:44:M1420: NewtonOS:2.1::NewtonOS 2.1 - -# ---------------- NeXTSTEP ----------------- - -S8:64:0:44:M512: NeXTSTEP:3.3::NeXTSTEP 3.3 - -# ------------------ BeOS ------------------- - -1024:255:0:48:M*,N,W0: BeOS:5.0-5.1::BeOS 5.0-5.1 -12288:255:0:44:M1402: BeOS:5.0::BeOS 5.0.x - -# ------------------ OS/400 ----------------- - -8192:64:1:60:M1440,N,W0,N,N,T: OS/400:VR4::OS/400 VR4/R5 -8192:64:1:60:M1440,N,W0,N,N,T: OS/400:VR5::OS/400 VR4/R5 -4096:64:1:60:M1440,N,W0,N,N,T: OS/400:V4R5:CF67032:OS/400 V4R5 + CF67032 - - -# ------------------ ULTRIX ----------------- - -16384:64:0:40:.: ULTRIX:4.5::ULTRIX 4.5 - -# ------------------- QNX ------------------- - -S16:64:0:44:M512: QNX:::QNX demodisk - -# ------------------ Novell ----------------- - -16384:128:1:44:M1460: Novell:NetWare:5.0:Novel Netware 5.0 -6144:128:1:44:M1460: Novell:IntranetWare:4.11:Novell IntranetWare 4.11 - -# ----------------- SCO ------------------ -S17:64:1:44:M1460: SCO:Unixware:7.0:SCO Unixware 7.0.0 or OpenServer 5.0.4-5.06 -S17:64:1:44:M1460: SCO:OpenServer:5.0:SCO Unixware 7.0.0 or OpenServer 5.0.4-5.06 -S3:64:1:60:M1460,N,W0,N,N,T: SCO:UnixWare:7.1:SCO UnixWare 7.1 - -# ------------------- DOS ------------------- - -2048:255:0:44:M536: DOS:WATTCP:1.05:DOS Arachne via WATTCP/1.05 - -########################################### -# Appliance / embedded / other signatures # -########################################### - -# ---------- Firewalls / routers ------------ - -S12:64:1:44:M1460: @Checkpoint:::Checkpoint (unknown 1) -S12:64:1:48:N,N,S,M1460: @Checkpoint:::Checkpoint (unknown 2) -4096:32:0:44:M1460: ExtremeWare:4.x::ExtremeWare 4.x -60352:64:0:52:M1460,N,W2,N,N,S: Clavister:7::Clavister firewall 7.x - -# ------- Switches and other stuff ---------- - -4128:255:0:44:M*: Cisco:::Cisco Catalyst 3500, 7500 etc -S8:255:0:44:M*: Cisco:12008::Cisco 12008 -60352:128:1:64:M1460,N,W2,N,N,T,N,N,S: Alteon:ACEswitch::Alteon ACEswitch -64512:128:1:44:M1370: Nortel:Contivity Client::Nortel Conectivity Client - - -# ---------- Caches and whatnots ------------ - -S4:64:1:52:M1460,N,N,S,N,W0: AOL:web cache::AOL web cache - -32850:64:1:64:N,W1,N,N,T,N,N,S,M*: NetApp:5.x::NetApp Data OnTap 5.x -16384:64:1:64:M1460,N,N,S,N,W0,N: NetApp:5.3:1:NetApp 5.3.1 -65535:64:0:64:M1460,N,N,S,N,W3,N,N,T: NetApp:5.3:1:NetApp 5.3.1 -65535:64:0:60:M1460,N,W0,N,N,T: NetApp:CacheFlow::NetApp CacheFlow -8192:64:1:64:M1460,N,N,S,N,W0,N,N,T: NetApp:5.2:1:NetApp NetCache 5.2.1 - -S4:64:0:48:M1460,N,N,S: Cisco:Content Engine::Cisco Content Engine - -27085:128:0:40:.: Dell:PowerApp cache::Dell PowerApp (Linux-based) - -65535:255:1:48:N,W1,M1460: Inktomi:crawler::Inktomi crawler -S1:255:1:60:M1460,S,T,N,W0: LookSmart:ZyBorg::LookSmart ZyBorg - - -16384:255:0:40:.: Proxyblocker:::Proxyblocker (what's this?) - -# ----------- Embedded systems -------------- - -S9:255:0:44:M536: PalmOS:Tungsten:C:PalmOS Tungsten C -S5:255:0:44:M536: PalmOS:3::PalmOS 3/4 -S5:255:0:44:M536: PalmOS:4::PalmOS 3/4 -S4:255:0:44:M536: PalmOS:3:5:PalmOS 3.5 -2948:255:0:44:M536: PalmOS:3:5:PalmOS 3.5.3 (Handera) - -S23:64:1:64:N,W1,N,N,T,N,N,S,M1460: SymbianOS:7::SymbianOS 7 -8192:255:0:44:M1460: SymbianOS:6048::SymbianOS 6048 (on Nokia 7650?) -8192:255:0:44:M536: SymbianOS:::SymbianOS (on Nokia 9210?) - - -# Perhaps S4? -5840:64:1:60:M1452,S,T,N,W1: Zaurus:3.10::Zaurus 3.10 - -32768:128:1:64:M1460,N,W0,N,N,T0,N,N,S: PocketPC:2002::PocketPC 2002 - -S1:255:0:44:M346: Contiki:1.1:rc0:Contiki 1.1-rc0 - -4096:128:0:44:M1460: Sega:Dreamcast:3.0:Sega Dreamcast Dreamkey 3.0 - -S12:64:0:44:M1452: AXIS:5600:v5.64:AXIS Printer Server 5600 v5.64 - - - -#################### -# Fancy signatures # -#################### - -1024:64:0:40:.: *NMAP:syn scan:1:NMAP syn scan (1) -2048:64:0:40:.: *NMAP:syn scan:2:NMAP syn scan (2) -3072:64:0:40:.: *NMAP:syn scan:3:NMAP syn scan (3) -4096:64:0:40:.: *NMAP:syn scan:4:NMAP syn scan (4) - -1024:64:0:60:W10,N,M265,T: *NMAP:OS:1:NMAP OS detection probe (1) -2048:64:0:60:W10,N,M265,T: *NMAP:OS:2:NMAP OS detection probe (2) -3072:64:0:60:W10,N,M265,T: *NMAP:OS:3:NMAP OS detection probe (3) -4096:64:0:60:W10,N,M265,T: *NMAP:OS:4:NMAP OS detection probe (4) - -##################################### -# Generic signatures - just in case # -##################################### - -#*:64:1:60:M*,N,W*,N,N,T: @FreeBSD:4.0-4.9::FreeBSD 4.x/5.x -#*:64:1:60:M*,N,W*,N,N,T: @FreeBSD:5.0-5.1::FreeBSD 4.x/5.x - -*:128:1:52:M*,N,W0,N,N,S: @Windows:XP:RFC1323:Windows XP/2000 (RFC1323 no tstamp) -*:128:1:52:M*,N,W0,N,N,S: @Windows:2000:RFC1323:Windows XP/2000 (RFC1323 no tstamp) -*:128:1:64:M*,N,W0,N,N,T0,N,N,S: @Windows:XP:RFC1323:Windows XP/2000 (RFC1323) -*:128:1:64:M*,N,W0,N,N,T0,N,N,S: @Windows:2000:RFC1323:Windows XP/2000 (RFC1323) -*:128:1:64:M*,N,W*,N,N,T0,N,N,S: @Windows:XP:RFC1323:Windows XP (RFC1323, w+) -*:128:1:48:M*,N,N,S: @Windows:XP::Windows XP/2000 -*:128:1:48:M*,N,N,S: @Windows:2000::Windows XP/2000 diff --git a/tools/tools/tinybsd/conf/firewall/etc/rc.conf b/tools/tools/tinybsd/conf/firewall/etc/rc.conf deleted file mode 100644 --- a/tools/tools/tinybsd/conf/firewall/etc/rc.conf +++ /dev/null @@ -1,41 +0,0 @@ -# $FreeBSD$ -hostname="tinybsd.freebsd.org" -sendmail_enable="NONE" -sshd_enable="YES" -usbd_enable="NO" -inetd_enable="NO" -portmap_enable="NO" -update_motd="NO" -varmfs="YES" -populate_var="YES" -varsize="8192" -tmpmfs="YES" - -# IPFW -firewall_enable="YES" -firewall_script="/etc/rc.firewall" -firewall_type="closed" - -# NAT -natd_enable="NO" -natd_interface="" -natd_flags="" - -# PF -pf_enable="NO" -pf_rules="/etc/pf.conf" -pf_program="/sbin/pfctl" -pf_flags="" -pflog_enable="NO" -pflog_logfile="/var/log/pflog" -pflog_program="/sbin/pflogd" -pflog_flags="" - -# CARP Example -#cloned_interfaces="carp0" -#ifconfig_carp0="vhid 1 pass xalala 192.168.1.1/24" - - - - - diff --git a/tools/tools/tinybsd/conf/firewall/etc/rc.firewall b/tools/tools/tinybsd/conf/firewall/etc/rc.firewall deleted file mode 100644 --- a/tools/tools/tinybsd/conf/firewall/etc/rc.firewall +++ /dev/null @@ -1,302 +0,0 @@ -#!/bin/sh - -# Copyright (c) 1996 Poul-Henning Kamp -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $FreeBSD$ -# - -# -# Setup system for firewall service. -# - -# Suck in the configuration variables. -if [ -z "${source_rc_confs_defined}" ]; then - if [ -r /etc/defaults/rc.conf ]; then - . /etc/defaults/rc.conf - source_rc_confs - elif [ -r /etc/rc.conf ]; then - . /etc/rc.conf - fi -fi - -############ -# Define the firewall type in /etc/rc.conf. Valid values are: -# open - will allow anyone in -# client - will try to protect just this machine -# simple - will try to protect a whole network -# closed - totally disables IP services except via lo0 interface -# UNKNOWN - disables the loading of firewall rules. -# filename - will load the rules in the given filename (full path required) -# -# For ``client'' and ``simple'' the entries below should be customized -# appropriately. - -############ -# -# If you don't know enough about packet filtering, we suggest that you -# take time to read this book: -# -# Building Internet Firewalls, 2nd Edition -# Brent Chapman and Elizabeth Zwicky -# -# O'Reilly & Associates, Inc -# ISBN 1-56592-871-7 -# http://www.ora.com/ -# http://www.oreilly.com/catalog/fire2/ -# -# For a more advanced treatment of Internet Security read: -# -# Firewalls & Internet Security -# Repelling the wily hacker -# William R. Cheswick, Steven M. Bellowin -# -# Addison-Wesley -# ISBN 0-201-63357-4 -# http://www.awl.com/ -# http://www.awlonline.com/product/0%2C2627%2C0201633574%2C00.html -# - -setup_loopback () { - ############ - # Only in rare cases do you want to change these rules - # - ${fwcmd} add 100 pass all from any to any via lo0 - ${fwcmd} add 200 deny all from any to 127.0.0.0/8 - ${fwcmd} add 300 deny ip from 127.0.0.0/8 to any -} - -if [ -n "${1}" ]; then - firewall_type="${1}" -fi - -############ -# Set quiet mode if requested -# -case ${firewall_quiet} in -[Yy][Ee][Ss]) - fwcmd="/sbin/ipfw -q" - ;; -*) - fwcmd="/sbin/ipfw" - ;; -esac - -############ -# Flush out the list before we begin. -# -${fwcmd} -f flush - -############ -# Network Address Translation. All packets are passed to natd(8) -# before they encounter your remaining rules. The firewall rules -# will then be run again on each packet after translation by natd -# starting at the rule number following the divert rule. -# -# For ``simple'' firewall type the divert rule should be put to a -# different place to not interfere with address-checking rules. -# -case ${firewall_type} in -[Oo][Pp][Ee][Nn]|[Cc][Ll][Ii][Ee][Nn][Tt]) - case ${natd_enable} in - [Yy][Ee][Ss]) - if [ -n "${natd_interface}" ]; then - ${fwcmd} add 50 divert natd all from any to any via ${natd_interface} - fi - ;; - esac -esac - -############ -# If you just configured ipfw in the kernel as a tool to solve network -# problems or you just want to disallow some particular kinds of traffic -# then you will want to change the default policy to open. You can also -# do this as your only action by setting the firewall_type to ``open''. -# -# ${fwcmd} add 65000 pass all from any to any - - -# Prototype setups. -# -case ${firewall_type} in -[Oo][Pp][Ee][Nn]) - setup_loopback - ${fwcmd} add 65000 pass all from any to any - ;; - -[Cc][Ll][Ii][Ee][Nn][Tt]) - ############ - # This is a prototype setup that will protect your system somewhat - # against people from outside your own network. - ############ - - # set these to your network and netmask and ip - net="192.0.2.0" - mask="255.255.255.0" - ip="192.0.2.1" - - setup_loopback - - # Allow any traffic to or from my own net. - ${fwcmd} add pass all from ${ip} to ${net}:${mask} - ${fwcmd} add pass all from ${net}:${mask} to ${ip} - - # Allow TCP through if setup succeeded - ${fwcmd} add pass tcp from any to any established - - # Allow IP fragments to pass through - ${fwcmd} add pass all from any to any frag - - # Allow setup of incoming email - ${fwcmd} add pass tcp from any to ${ip} 25 setup - - # Allow setup of outgoing TCP connections only - ${fwcmd} add pass tcp from ${ip} to any setup - - # Disallow setup of all other TCP connections - ${fwcmd} add deny tcp from any to any setup - - # Allow DNS queries out in the world - ${fwcmd} add pass udp from ${ip} to any 53 keep-state - - # Allow NTP queries out in the world - ${fwcmd} add pass udp from ${ip} to any 123 keep-state - - # Everything else is denied by default, unless the - # IPFIREWALL_DEFAULT_TO_ACCEPT option is set in your kernel - # config file. - ;; - -[Ss][Ii][Mm][Pp][Ll][Ee]) - ############ - # This is a prototype setup for a simple firewall. Configure this - # machine as a DNS and NTP server, and point all the machines - # on the inside at this machine for those services. - ############ - - # set these to your outside interface network and netmask and ip - oif="em0" - onet="192.0.2.0" - omask="255.255.255.240" - oip="192.0.2.1" - - # set these to your inside interface network and netmask and ip - iif="em1" - inet="192.0.2.16" - imask="255.255.255.240" - iip="192.0.2.17" - - setup_loopback - - # Stop spoofing - ${fwcmd} add deny all from ${inet}:${imask} to any in via ${oif} - ${fwcmd} add deny all from ${onet}:${omask} to any in via ${iif} - - # Stop RFC1918 nets on the outside interface - ${fwcmd} add deny all from any to 10.0.0.0/8 via ${oif} - ${fwcmd} add deny all from any to 172.16.0.0/12 via ${oif} - ${fwcmd} add deny all from any to 192.168.0.0/16 via ${oif} - - # Stop draft-manning-dsua-03.txt (1 May 2000) nets (includes RESERVED-1, - # DHCP auto-configuration, NET-TEST, MULTICAST (class D), and class E) - # on the outside interface - ${fwcmd} add deny all from any to 0.0.0.0/8 via ${oif} - ${fwcmd} add deny all from any to 169.254.0.0/16 via ${oif} - ${fwcmd} add deny all from any to 192.0.2.0/24 via ${oif} - ${fwcmd} add deny all from any to 224.0.0.0/4 via ${oif} - ${fwcmd} add deny all from any to 240.0.0.0/4 via ${oif} - - # Network Address Translation. This rule is placed here deliberately - # so that it does not interfere with the surrounding address-checking - # rules. If for example one of your internal LAN machines had its IP - # address set to 192.0.2.1 then an incoming packet for it after being - # translated by natd(8) would match the `deny' rule above. Similarly - # an outgoing packet originated from it before being translated would - # match the `deny' rule below. - case ${natd_enable} in - [Yy][Ee][Ss]) - if [ -n "${natd_interface}" ]; then - ${fwcmd} add divert natd all from any to any via ${natd_interface} - fi - ;; - esac - - # Stop RFC1918 nets on the outside interface - ${fwcmd} add deny all from 10.0.0.0/8 to any via ${oif} - ${fwcmd} add deny all from 172.16.0.0/12 to any via ${oif} - ${fwcmd} add deny all from 192.168.0.0/16 to any via ${oif} - - # Stop draft-manning-dsua-03.txt (1 May 2000) nets (includes RESERVED-1, - # DHCP auto-configuration, NET-TEST, MULTICAST (class D), and class E) - # on the outside interface - ${fwcmd} add deny all from 0.0.0.0/8 to any via ${oif} - ${fwcmd} add deny all from 169.254.0.0/16 to any via ${oif} - ${fwcmd} add deny all from 192.0.2.0/24 to any via ${oif} - ${fwcmd} add deny all from 224.0.0.0/4 to any via ${oif} - ${fwcmd} add deny all from 240.0.0.0/4 to any via ${oif} - - # Allow TCP through if setup succeeded - ${fwcmd} add pass tcp from any to any established - - # Allow IP fragments to pass through - ${fwcmd} add pass all from any to any frag - - # Allow setup of incoming email - ${fwcmd} add pass tcp from any to ${oip} 25 setup - - # Allow access to our DNS - ${fwcmd} add pass tcp from any to ${oip} 53 setup - ${fwcmd} add pass udp from any to ${oip} 53 - ${fwcmd} add pass udp from ${oip} 53 to any - - # Allow access to our WWW - ${fwcmd} add pass tcp from any to ${oip} 80 setup - - # Reject&Log all setup of incoming connections from the outside - ${fwcmd} add deny log tcp from any to any in via ${oif} setup - - # Allow setup of any other TCP connection - ${fwcmd} add pass tcp from any to any setup - - # Allow DNS queries out in the world - ${fwcmd} add pass udp from ${oip} to any 53 keep-state - - # Allow NTP queries out in the world - ${fwcmd} add pass udp from ${oip} to any 123 keep-state - - # Everything else is denied by default, unless the - # IPFIREWALL_DEFAULT_TO_ACCEPT option is set in your kernel - # config file. - ;; - -[Cc][Ll][Oo][Ss][Ee][Dd]) - setup_loopback - ;; -[Uu][Nn][Kk][Nn][Oo][Ww][Nn]) - ;; -*) - if [ -r "${firewall_type}" ]; then - ${fwcmd} ${firewall_flags} ${firewall_type} - fi - ;; -esac diff --git a/tools/tools/tinybsd/conf/firewall/etc/sysctl.conf b/tools/tools/tinybsd/conf/firewall/etc/sysctl.conf deleted file mode 100644 --- a/tools/tools/tinybsd/conf/firewall/etc/sysctl.conf +++ /dev/null @@ -1,5 +0,0 @@ -# $FreeBSD$ -# CARP Options -#net.inet.carp.preempt=1 -#net.inet.carp.arpbalance=1 - diff --git a/tools/tools/tinybsd/conf/firewall/tinybsd.basefiles b/tools/tools/tinybsd/conf/firewall/tinybsd.basefiles deleted file mode 100644 --- a/tools/tools/tinybsd/conf/firewall/tinybsd.basefiles +++ /dev/null @@ -1,240 +0,0 @@ -# $FreeBSD$ -# contents of ${WORKDIR}/boot -boot/boot0 -boot/boot1 -boot/boot2 -boot/defaults/loader.conf -boot/device.hints -boot/loader -boot/loader.4th -boot/loader.help -boot/loader.rc -boot/mbr -boot/support.4th - -# contents of ${WORKDIR}/libexec -libexec/ld-elf.so.1:usr/libexec/ld-elf.so.1 - -# contents of ${WORKDIR}/bin -bin/[:bin/test -bin/cat -bin/chflags -bin/chio -bin/chmod -bin/cp -bin/csh:bin/tcsh -bin/date -bin/dd -bin/df -bin/domainname -bin/echo -bin/ed:bin/red -bin/expr -bin/hostname -bin/kenv -bin/kill -bin/ln:bin/link -bin/ls -bin/mkdir -bin/mv -bin/pax -bin/ps -bin/pwd -bin/realpath -bin/rm:bin/unlink -bin/rmdir -bin/sh -bin/sleep -bin/stty -bin/sync - -# contents of ${WORKDIR}/sbin -sbin/adjkerntz -sbin/comcontrol -sbin/disklabel -sbin/dmesg -sbin/fastboot:sbin/reboot -sbin/fasthalt:sbin/halt -sbin/fsck -sbin/fsck_ufs:sbin/fsck_ffs -sbin/fsck_ufs:sbin/fsck_4.2bsd -sbin/ifconfig -sbin/init -sbin/ipfw -sbin/kldconfig -sbin/kldload -sbin/kldstat -sbin/kldunload -sbin/ldconfig -sbin/md5 -sbin/mdconfig -sbin/mknod -sbin/mdmfs -sbin/mount -sbin/mount_nfs -sbin/mount_nullfs -sbin/mount_unionfs -sbin/natd -sbin/newfs -sbin/nextboot -sbin/nologin -sbin/nos-tun -sbin/pfctl -sbin/pflogd -sbin/ping -sbin/rcorder -sbin/route -sbin/shutdown -sbin/slattach -sbin/swapon -sbin/sysctl -sbin/umount - -# contents of ${WORKDIR}/usr/sbin -usr/bin/at:usr/bin/atq -usr/bin/at:usr/bin/atrm -usr/bin/at:usr/bin/batch -usr/bin/awk -usr/bin/basename -usr/bin/bunzip2:usr/bin/bzcat -usr/bin/bunzip2:usr/bin/bzip2 -usr/bin/chat -usr/bin/chfn:usr/bin/chpass -usr/bin/chfn:usr/bin/chsh -usr/bin/chgrp -usr/bin/cksum -usr/bin/clear -usr/bin/cmp -usr/bin/compress:usr/bin/uncompress -usr/bin/cpio -usr/bin/crontab -usr/bin/cu -usr/bin/dig -usr/bin/dirname -usr/bin/du -usr/bin/ee -usr/bin/egrep:usr/bin/fgrep -usr/bin/egrep:usr/bin/grep -usr/bin/env -usr/bin/false -usr/bin/fetch -usr/bin/find -usr/bin/finger -usr/bin/fstat -usr/bin/fsync -usr/bin/ftp -usr/bin/gunzip:usr/bin/gzcat -usr/bin/gunzip:usr/bin/gzip -usr/bin/gzexe -usr/bin/head -usr/bin/hexdump -usr/bin/id:usr/bin/whoami -usr/bin/ident -usr/bin/killall -usr/bin/last -usr/bin/less:usr/bin/more -usr/bin/limits -usr/bin/lock -usr/bin/lockf -usr/bin/logger -usr/bin/login -usr/bin/logname -usr/bin/mesg -usr/bin/minigzip -usr/bin/mkfifo -usr/bin/mktemp -usr/bin/msgs -usr/bin/netstat -usr/bin/nfsstat -usr/bin/nice -usr/bin/nslookup -usr/bin/nsupdate -usr/bin/nohup -usr/bin/objformat -usr/bin/openssl -usr/bin/passwd -usr/bin/printf -usr/bin/renice -usr/bin/reset:usr/sbin/tset -usr/bin/scp -usr/bin/script -usr/bin/sed -usr/bin/sftp -usr/bin/shar -usr/bin/slogin:usr/bin/ssh -usr/bin/sort -usr/bin/split -usr/bin/ssh-keygen -usr/bin/su -usr/bin/tail -usr/bin/tar -usr/bin/tee -usr/bin/telnet -usr/bin/tftp -usr/bin/time -usr/bin/top -usr/bin/touch -usr/bin/tput -usr/bin/tr -usr/bin/true -usr/bin/tty -usr/bin/uname -usr/bin/uptime:usr/bin/w -usr/bin/users -usr/bin/uudecode -usr/bin/uuencode -usr/bin/vi -usr/bin/vmstat -usr/bin/wall -usr/bin/who -usr/bin/whois -usr/bin/write -usr/bin/yes - -# contents of ${WORKDIR}/usr/sbin -usr/sbin/arp -usr/sbin/authpf -usr/sbin/boot0cfg -usr/sbin/chown -usr/sbin/chroot -usr/sbin/cron -usr/sbin/idprio:usr/sbin/rtprio -usr/sbin/inetd -usr/sbin/iostat -usr/sbin/kbdcontrol -usr/sbin/lastlogin -usr/sbin/memcontrol -usr/sbin/mountd -usr/sbin/mtree -usr/sbin/named -usr/sbin/named.reload -usr/sbin/newsyslog -usr/sbin/ngctl -usr/sbin/nghook -usr/sbin/ntpdate -usr/sbin/pciconf -usr/sbin/pw -usr/sbin/pwd_mkdb -usr/sbin/slstat -usr/sbin/sshd -usr/sbin/syslogd -usr/sbin/tcpdchk -usr/sbin/tcpdmatch -usr/sbin/tcpdump -usr/sbin/traceroute -usr/sbin/vidcontrol -usr/sbin/vipw -usr/sbin/vnconfig -usr/sbin/watch - -# contents of ${WORKDIR}/usr/libexec -usr/libexec/atrun -usr/libexec/ftpd -usr/libexec/getty -usr/libexec/sftp-server -usr/libexec/telnetd -usr/libexec/tftpd - -# contents of ${WORKDIR}/usr/share -usr/share/misc/termcap - diff --git a/tools/tools/tinybsd/conf/firewall/tinybsd.ports b/tools/tools/tinybsd/conf/firewall/tinybsd.ports deleted file mode 100644 --- a/tools/tools/tinybsd/conf/firewall/tinybsd.ports +++ /dev/null @@ -1,9 +0,0 @@ -# $FreeBSD$ -# Here you can add the applications from the FreeBSD Ports Collection which you -# want TinyBSD ports system to install in your embedded system. You whould list -# one application per line, mentioning its category and name, like the examples: -# -# www/mini_httpd -# net-mgmt/rate -# -# Make sure you have enough space to add it. diff --git a/tools/tools/tinybsd/conf/minimal/TINYBSD b/tools/tools/tinybsd/conf/minimal/TINYBSD deleted file mode 100644 --- a/tools/tools/tinybsd/conf/minimal/TINYBSD +++ /dev/null @@ -1,77 +0,0 @@ -# $FreeBSD$ -machine i386 -cpu I486_CPU -cpu I586_CPU -cpu I686_CPU -ident TINYBSD - -# To statically compile in device wiring instead of /boot/device.hints -#hints "GENERIC.hints" # Default places to look for devices. - -options SCHED_4BSD # 4BSD scheduler -options INET # InterNETworking -options FFS # Berkeley Fast Filesystem -options SOFTUPDATES # Enable FFS soft updates support -options UFS_DIRHASH # Improve performance on big directories -options MD_ROOT # MD is a potential root device -options PROCFS # Process filesystem (requires PSEUDOFS) -options PSEUDOFS # Pseudo-filesystem framework -options GEOM_PART_GPT # GUID Partition Tables. -options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!] -options COMPAT_FREEBSD4 # Compatible with FreeBSD4 -options SYSVSHM # SYSV-style shared memory -options SYSVMSG # SYSV-style message queues -options SYSVSEM # SYSV-style semaphores -options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions -options KBD_INSTALL_CDEV # install a CDEV entry in /dev -options AHC_REG_PRETTY_PRINT # Print register bitfields in debug - # output. Adds ~128k to driver. -options AHD_REG_PRETTY_PRINT # Print register bitfields in debug - # output. Adds ~215k to driver. -options ADAPTIVE_GIANT # Giant mutex is adaptive. - -device apic # I/O APIC - -device pci - -# ATA and ATAPI devices -device ata -device atadisk # ATA disk drives -options ATA_STATIC_ID # Static device numbering - -# atkbdc0 controls both the keyboard and the PS/2 mouse -device atkbdc # AT keyboard controller -device atkbd # AT keyboard -device psm # PS/2 mouse - -device vga # VGA video card driver - -#device splash # Splash screen and screen saver support - -# syscons is the default console driver, resembling an SCO console -device sc - -# Enable this for the pcvt (VT220 compatible) console driver -#device vt -#options XSERVER # support for X server on a vt console -#options FAT_CURSOR # start with block cursor - -device agp # support several AGP chipsets - -# Pseudo devices. -device loop # Network loopback -device ether # Ethernet support -device pty # Pseudo-ttys (telnet etc) -device md # Memory "disks" - -# CLK_USE_I8254_CALIBRATION causes the calibrated frequency of the i8254 -# clock to actually be used. -options CLK_USE_I8254_CALIBRATION - -# CPU_ELAN enables support for AMDs ElanSC520 CPU. -options CPU_ELAN -options CPU_SOEKRIS -options CPU_ELAN_XTAL=32768000 -options CPU_ELAN_PPS - -device bpf diff --git a/tools/tools/tinybsd/conf/minimal/etc/fstab b/tools/tools/tinybsd/conf/minimal/etc/fstab deleted file mode 100644 --- a/tools/tools/tinybsd/conf/minimal/etc/fstab +++ /dev/null @@ -1,2 +0,0 @@ -# $FreeBSD$ -/dev/ad0a / ufs ro 1 1 diff --git a/tools/tools/tinybsd/conf/minimal/etc/rc.conf b/tools/tools/tinybsd/conf/minimal/etc/rc.conf deleted file mode 100644 --- a/tools/tools/tinybsd/conf/minimal/etc/rc.conf +++ /dev/null @@ -1,12 +0,0 @@ -# $FreeBSD$ -hostname="tinybsd.freebsd.org" -sendmail_enable="NONE" -sshd_enable="YES" -usbd_enable="NO" -inetd_enable="NO" -portmap_enable="NO" -update_motd="NO" -varmfs="YES" -populate_var="YES" -varsize="8192" -tmpmfs="YES" diff --git a/tools/tools/tinybsd/conf/minimal/tinybsd.basefiles b/tools/tools/tinybsd/conf/minimal/tinybsd.basefiles deleted file mode 100644 --- a/tools/tools/tinybsd/conf/minimal/tinybsd.basefiles +++ /dev/null @@ -1,167 +0,0 @@ -# $FreeBSD$ -# contents of ${WORKDIR}/boot -boot/boot0 -boot/boot1 -boot/boot2 -boot/defaults/loader.conf -boot/device.hints -boot/loader -boot/loader.4th -boot/loader.help -boot/loader.rc -boot/mbr -boot/support.4th - -# contents of ${WORKDIR}/libexec -libexec/ld-elf.so.1:usr/libexec/ld-elf.so.1 - -# contents of ${WORKDIR}/bin -bin/[:bin/test -bin/cat -bin/chflags -bin/chio -bin/chmod -bin/cp -bin/csh:bin/tcsh -bin/date -bin/df -bin/domainname -bin/echo -bin/ed:bin/red -bin/expr -bin/hostname -bin/kenv -bin/kill -bin/ln:bin/link -bin/ls -bin/mkdir -bin/mv -bin/pax -bin/ps -bin/pwd -bin/realpath -bin/rm:bin/unlink -bin/rmdir -bin/sh -bin/sleep -bin/stty -bin/sync - -# contents of ${WORKDIR}/sbin -sbin/adjkerntz -sbin/disklabel -sbin/dmesg -sbin/fastboot:sbin/reboot -sbin/fasthalt:sbin/halt -sbin/fsck -sbin/fsck_ufs:sbin/fsck_ffs -sbin/fsck_ufs:sbin/fsck_4.2bsd -sbin/ifconfig -sbin/init -sbin/kldconfig -sbin/kldload -sbin/kldstat -sbin/kldunload -sbin/ldconfig -sbin/mdconfig -sbin/mknod -sbin/mdmfs -sbin/mount -sbin/mount_nullfs -sbin/mount_unionfs -sbin/newfs -sbin/nextboot -sbin/nologin -sbin/rcorder -sbin/shutdown -sbin/swapon -sbin/sysctl -sbin/umount - -# contents of ${WORKDIR}/usr/sbin -usr/bin/at:usr/bin/atq -usr/bin/at:usr/bin/atrm -usr/bin/at:usr/bin/batch -usr/bin/awk -usr/bin/basename -usr/bin/bunzip2:usr/bin/bzcat -usr/bin/bunzip2:usr/bin/bzip2 -usr/bin/chfn:usr/bin/chpass -usr/bin/chfn:usr/bin/chsh -usr/bin/chgrp -usr/bin/cksum -usr/bin/clear -usr/bin/compress:usr/bin/uncompress -usr/bin/crontab -usr/bin/ee -usr/bin/egrep:usr/bin/fgrep -usr/bin/egrep:usr/bin/grep -usr/bin/env -usr/bin/false -usr/bin/fstat -usr/bin/fsync -usr/bin/gunzip:usr/bin/gzcat -usr/bin/gunzip:usr/bin/gzip -usr/bin/head -usr/bin/hexdump -usr/bin/id:usr/bin/whoami -usr/bin/killall -usr/bin/last -usr/bin/less:usr/bin/more -usr/bin/logger -usr/bin/login -usr/bin/logname -usr/bin/mesg -usr/bin/minigzip -usr/bin/mkfifo -usr/bin/mktemp -usr/bin/msgs -usr/bin/nice -usr/bin/nohup -usr/bin/objformat -usr/bin/passwd -usr/bin/printf -usr/bin/reset:usr/sbin/tset -usr/bin/scp -usr/bin/sed -usr/bin/slogin:usr/bin/ssh -usr/bin/su -usr/bin/tail -usr/bin/tar -usr/bin/tee -usr/bin/time -usr/bin/top -usr/bin/touch -usr/bin/true -usr/bin/tty -usr/bin/uname -usr/bin/uptime:usr/bin/w -usr/bin/users -usr/bin/uudecode -usr/bin/uuencode -usr/bin/vmstat -usr/bin/who -usr/bin/whois - -# contents of ${WORKDIR}/usr/sbin -usr/sbin/boot0cfg -usr/sbin/chown -usr/sbin/cron -usr/sbin/idprio:usr/sbin/rtprio -usr/sbin/lastlogin -usr/sbin/memcontrol -usr/sbin/mtree -usr/sbin/newsyslog -usr/sbin/pw -usr/sbin/pwd_mkdb -usr/sbin/syslogd -usr/sbin/vidcontrol -usr/sbin/vipw - -# contents of ${WORKDIR}/usr/libexec -usr/libexec/atrun -usr/libexec/getty - -# contents of ${WORKDIR}/usr/share -usr/share/misc/termcap - diff --git a/tools/tools/tinybsd/conf/minimal/tinybsd.ports b/tools/tools/tinybsd/conf/minimal/tinybsd.ports deleted file mode 100644 --- a/tools/tools/tinybsd/conf/minimal/tinybsd.ports +++ /dev/null @@ -1,9 +0,0 @@ -# $FreeBSD$ -# Here you can add the applications from the FreeBSD Ports Collection which you -# want TinyBSD ports system to install in your embedded system. You whould list -# one application per line, mentioning its category and name, like the examples: -# -# www/mini_httpd -# net-mgmt/rate -# -# Make sure you have enough space to add it. diff --git a/tools/tools/tinybsd/conf/vpn/TINYBSD b/tools/tools/tinybsd/conf/vpn/TINYBSD deleted file mode 100644 --- a/tools/tools/tinybsd/conf/vpn/TINYBSD +++ /dev/null @@ -1,153 +0,0 @@ -# $FreeBSD$ -machine i386 -cpu I486_CPU -cpu I586_CPU -cpu I686_CPU -ident TINYBSD - -# To statically compile in device wiring instead of /boot/device.hints -#hints "GENERIC.hints" # Default places to look for devices. - -options SCHED_4BSD # 4BSD scheduler -options INET # InterNETworking -options FFS # Berkeley Fast Filesystem -options SOFTUPDATES # Enable FFS soft updates support -options UFS_DIRHASH # Improve performance on big directories -options MD_ROOT # MD is a potential root device -options PROCFS # Process filesystem (requires PSEUDOFS) -options PSEUDOFS # Pseudo-filesystem framework -options GEOM_PART_GPT # GUID Partition Tables. -options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!] -options COMPAT_FREEBSD4 # Compatible with FreeBSD4 -options SYSVSHM # SYSV-style shared memory -options SYSVMSG # SYSV-style message queues -options SYSVSEM # SYSV-style semaphores -options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions -options KBD_INSTALL_CDEV # install a CDEV entry in /dev -options AHC_REG_PRETTY_PRINT # Print register bitfields in debug - # output. Adds ~128k to driver. -options AHD_REG_PRETTY_PRINT # Print register bitfields in debug - # output. Adds ~215k to driver. -options ADAPTIVE_GIANT # Giant mutex is adaptive. - -device apic # I/O APIC - -device eisa -device pci - -# Floppy drives -#device fdc - -# ATA and ATAPI devices -device ata -device atadisk # ATA disk drives -device atapist # ATAPI tape drives -options ATA_STATIC_ID # Static device numbering - -# atkbdc0 controls both the keyboard and the PS/2 mouse -device atkbdc # AT keyboard controller -device atkbd # AT keyboard -device psm # PS/2 mouse - -device vga # VGA video card driver - -#device splash # Splash screen and screen saver support - -# syscons is the default console driver, resembling an SCO console -device sc - -# Enable this for the pcvt (VT220 compatible) console driver -#device vt -#options XSERVER # support for X server on a vt console -#options FAT_CURSOR # start with block cursor - -device agp # support several AGP chipsets - -# PCCARD (PCMCIA) support -# PCMCIA and cardbus bridge support -#device cbb # cardbus (yenta) bridge -#device pccard # PC Card (16-bit) bus -#device cardbus # CardBus (32-bit) bus - -# Serial (COM) ports -device sio # 8250, 16[45]50 based serial ports - -# PCI Ethernet NICs. -device de # DEC/Intel DC21x4x (``Tulip'') -device em # Intel PRO/1000 adapter Gigabit Ethernet Card -device txp # 3Com 3cR990 (``Typhoon'') -device vx # 3Com 3c590, 3c595 (``Vortex'') - -# PCI Ethernet NICs that use the common MII bus controller code. -# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs! -device miibus # MII bus support -device bfe # Broadcom BCM440x 10/100 Ethernet -device bge # Broadcom BCM570xx Gigabit Ethernet -device dc # DEC/Intel 21143 and various workalikes -device fxp # Intel EtherExpress PRO/100B (82557, 82558) -device lge # Level 1 LXT1001 gigabit ethernet -device nge # NatSemi DP83820 gigabit ethernet -device pcn # AMD Am79C97x PCI 10/100 (precedence over 'lnc') -device re # RealTek 8139C+/8169/8169S/8110S -device rl # RealTek 8129/8139 -device sf # Adaptec AIC-6915 (``Starfire'') -device sis # Silicon Integrated Systems SiS 900/SiS 7016 -device sk # SysKonnect SK-984x & SK-982x gigabit Ethernet -device ste # Sundance ST201 (D-Link DFE-550TX) -device ti # Alteon Networks Tigon I/II gigabit Ethernet -device tl # Texas Instruments ThunderLAN -device tx # SMC EtherPower II (83c170 ``EPIC'') -device vge # VIA VT612x gigabit ethernet -device vr # VIA Rhine, Rhine II -device wb # Winbond W89C840F -device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'') - -# ISA Ethernet NICs. pccard NICs included. -device cs # Crystal Semiconductor CS89x0 NIC -# 'device ed' requires 'device miibus' -device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards -device ex # Intel EtherExpress Pro/10 and Pro/10+ -device ep # Etherlink III based cards -device fe # Fujitsu MB8696x based cards -device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc. -device sn # SMC's 9000 series of Ethernet chips -device xe # Xircom pccard Ethernet - -# ISA devices that use the old ISA shims -#device le - -# Wireless NIC cards -#device wlan # 802.11 support -#device an # Aironet 4500/4800 802.11 wireless NICs. -#device awi # BayStack 660 and others -#device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs. -#device wl # Older non 802.11 Wavelan wireless NIC. - -# Pseudo devices. -device loop # Network loopback -device ether # Ethernet support -device ppp # Kernel PPP -device tun # Packet tunnel. -device pty # Pseudo-ttys (telnet etc) -device md # Memory "disks" -device gif # IPv6 and IPv4 tunneling - -# The `bpf' device enables the Berkeley Packet Filter. -# Be aware of the administrative consequences of enabling this! -# Note that 'bpf' is required for DHCP. -device bpf # Berkeley packet filter - -# CLK_USE_I8254_CALIBRATION causes the calibrated frequency of the i8254 -# clock to actually be used. -options CLK_USE_I8254_CALIBRATION - -# CPU_ELAN enables support for AMDs ElanSC520 CPU. -options CPU_ELAN -options CPU_SOEKRIS -options CPU_ELAN_XTAL=32768000 -options CPU_ELAN_PPS - -# IPSEC -options IPSEC -options IPSEC_ESP - diff --git a/tools/tools/tinybsd/conf/vpn/etc/fstab b/tools/tools/tinybsd/conf/vpn/etc/fstab deleted file mode 100644 --- a/tools/tools/tinybsd/conf/vpn/etc/fstab +++ /dev/null @@ -1,2 +0,0 @@ -# $FreeBSD$ -/dev/ad0a / ufs ro 1 1 diff --git a/tools/tools/tinybsd/conf/vpn/etc/rc.conf b/tools/tools/tinybsd/conf/vpn/etc/rc.conf deleted file mode 100644 --- a/tools/tools/tinybsd/conf/vpn/etc/rc.conf +++ /dev/null @@ -1,22 +0,0 @@ -# $FreeBSD$ -hostname="tinybsd.freebsd.org" -sendmail_enable="NONE" -sshd_enable="YES" -usbd_enable="NO" -inetd_enable="NO" -portmap_enable="NO" -update_motd="NO" -varmfs="YES" -populate_var="YES" -varsize="8192" -tmpmfs="YES" - -# VPN -ipsec_enable="YES" -ipsec_file="/etc/ipsec.conf" - -# Set here your VPN configuration -gif_interfaces="gif0" -ifconfig_gif0="inet 192.168.1.1 192.168.2.1 netmask 0xffffffff" -static_routes="vpn" -route_vpn="192.168.2.0 192.168.2.1 netmask 0xffffff00" diff --git a/tools/tools/tinybsd/conf/vpn/etc/setkey.conf b/tools/tools/tinybsd/conf/vpn/etc/setkey.conf deleted file mode 100644 --- a/tools/tools/tinybsd/conf/vpn/etc/setkey.conf +++ /dev/null @@ -1 +0,0 @@ -# $FreeBSD$ diff --git a/tools/tools/tinybsd/conf/vpn/tinybsd.basefiles b/tools/tools/tinybsd/conf/vpn/tinybsd.basefiles deleted file mode 100644 --- a/tools/tools/tinybsd/conf/vpn/tinybsd.basefiles +++ /dev/null @@ -1,222 +0,0 @@ -# $FreeBSD$ -# contents of ${WORKDIR}/boot -boot/boot0 -boot/boot1 -boot/boot2 -boot/defaults/loader.conf -boot/device.hints -boot/loader -boot/loader.4th -boot/loader.help -boot/loader.rc -boot/mbr -boot/support.4th - -# contents of ${WORKDIR}/libexec -libexec/ld-elf.so.1:usr/libexec/ld-elf.so.1 - -# contents of ${WORKDIR}/bin -bin/[:bin/test -bin/cat -bin/chflags -bin/chio -bin/chmod -bin/cp -bin/csh:bin/tcsh -bin/date -bin/df -bin/domainname -bin/echo -bin/ed:bin/red -bin/expr -bin/hostname -bin/kenv -bin/kill -bin/ln:bin/link -bin/ls -bin/mkdir -bin/mv -bin/pax -bin/ps -bin/pwd -bin/realpath -bin/rm:bin/unlink -bin/rmdir -bin/sh -bin/sleep -bin/stty -bin/sync - -# contents of ${WORKDIR}/sbin -sbin/adjkerntz -sbin/comcontrol -sbin/disklabel -sbin/dmesg -sbin/fastboot:sbin/reboot -sbin/fasthalt:sbin/halt -sbin/fsck -sbin/fsck_ufs:sbin/fsck_ffs -sbin/fsck_ufs:sbin/fsck_4.2bsd -sbin/ifconfig -sbin/init -sbin/ipfw -sbin/kldconfig -sbin/kldload -sbin/kldstat -sbin/kldunload -sbin/ldconfig -sbin/md5 -sbin/mdconfig -sbin/mknod -sbin/mdmfs -sbin/mount -sbin/mount_nullfs -sbin/mount_unionfs -sbin/newfs -sbin/nextboot -sbin/nologin -sbin/nos-tun -sbin/ping -sbin/rcorder -sbin/route -sbin/setkey -sbin/shutdown -sbin/slattach -sbin/swapon -sbin/sysctl -sbin/umount - -# contents of ${WORKDIR}/usr/sbin -usr/bin/at:usr/bin/atq -usr/bin/at:usr/bin/atrm -usr/bin/at:usr/bin/batch -usr/bin/awk -usr/bin/basename -usr/bin/bunzip2:usr/bin/bzcat -usr/bin/bunzip2:usr/bin/bzip2 -usr/bin/chat -usr/bin/chfn:usr/bin/chpass -usr/bin/chfn:usr/bin/chsh -usr/bin/chgrp -usr/bin/cksum -usr/bin/clear -usr/bin/cmp -usr/bin/compress:usr/bin/uncompress -usr/bin/cpio -usr/bin/crontab -usr/bin/cu -usr/bin/dig -usr/bin/dirname -usr/bin/du -usr/bin/ee -usr/bin/egrep:usr/bin/fgrep -usr/bin/egrep:usr/bin/grep -usr/bin/env -usr/bin/false -usr/bin/fetch -usr/bin/find -usr/bin/fstat -usr/bin/fsync -usr/bin/ftp -usr/bin/gunzip:usr/bin/gzcat -usr/bin/gunzip:usr/bin/gzip -usr/bin/gzexe -usr/bin/head -usr/bin/hexdump -usr/bin/id:usr/bin/whoami -usr/bin/ident -usr/bin/killall -usr/bin/last -usr/bin/less:usr/bin/more -usr/bin/limits -usr/bin/lock -usr/bin/lockf -usr/bin/logger -usr/bin/login -usr/bin/logname -usr/bin/mesg -usr/bin/minigzip -usr/bin/mkfifo -usr/bin/mktemp -usr/bin/msgs -usr/bin/netstat -usr/bin/nfsstat -usr/bin/nice -usr/bin/nslookup -usr/bin/nsupdate -usr/bin/nohup -usr/bin/objformat -usr/bin/openssl -usr/bin/passwd -usr/bin/printf -usr/bin/renice -usr/bin/reset:usr/sbin/tset -usr/bin/scp -usr/bin/script -usr/bin/sed -usr/bin/sftp -usr/bin/shar -usr/bin/slogin:usr/bin/ssh -usr/bin/sort -usr/bin/split -usr/bin/ssh-keygen -usr/bin/su -usr/bin/tail -usr/bin/tar -usr/bin/tee -usr/bin/telnet -usr/bin/time -usr/bin/top -usr/bin/touch -usr/bin/tput -usr/bin/tr -usr/bin/true -usr/bin/tty -usr/bin/uname -usr/bin/uptime:usr/bin/w -usr/bin/users -usr/bin/uudecode -usr/bin/uuencode -usr/bin/vi -usr/bin/vmstat -usr/bin/wall -usr/bin/who -usr/bin/whois -usr/bin/write -usr/bin/yes - -# contents of ${WORKDIR}/usr/sbin -usr/sbin/boot0cfg -usr/sbin/chown -usr/sbin/cron -usr/sbin/idprio:usr/sbin/rtprio -usr/sbin/iostat -usr/sbin/kbdcontrol -usr/sbin/lastlogin -usr/sbin/memcontrol -usr/sbin/mtree -usr/sbin/newsyslog -usr/sbin/ntpdate -usr/sbin/pciconf -usr/sbin/pw -usr/sbin/pwd_mkdb -usr/sbin/slstat -usr/sbin/sshd -usr/sbin/syslogd -usr/sbin/tcpdchk -usr/sbin/tcpdmatch -usr/sbin/tcpdump -usr/sbin/traceroute -usr/sbin/vidcontrol -usr/sbin/vipw -usr/sbin/vnconfig -usr/sbin/watch - -# contents of ${WORKDIR}/usr/libexec -usr/libexec/atrun -usr/libexec/getty -usr/libexec/sftp-server - -# contents of ${WORKDIR}/usr/share -usr/share/misc/termcap - diff --git a/tools/tools/tinybsd/conf/vpn/tinybsd.ports b/tools/tools/tinybsd/conf/vpn/tinybsd.ports deleted file mode 100644 --- a/tools/tools/tinybsd/conf/vpn/tinybsd.ports +++ /dev/null @@ -1,9 +0,0 @@ -# $FreeBSD$ -# Here you can add the applications from the FreeBSD Ports Collection which you -# want TinyBSD ports system to install in your embedded system. You whould list -# one application per line, mentioning its category and name, like the examples: -# -# www/mini_httpd -# net-mgmt/rate -# -# Make sure you have enough space to add it. diff --git a/tools/tools/tinybsd/conf/wireless/TINYBSD b/tools/tools/tinybsd/conf/wireless/TINYBSD deleted file mode 100644 --- a/tools/tools/tinybsd/conf/wireless/TINYBSD +++ /dev/null @@ -1,167 +0,0 @@ -# $FreeBSD$ -machine i386 -cpu I486_CPU -cpu I586_CPU -cpu I686_CPU -ident TINYBSD - -# To statically compile in device wiring instead of /boot/device.hints -#hints "GENERIC.hints" # Default places to look for devices. - -options SCHED_4BSD # 4BSD scheduler -options INET # InterNETworking -options FFS # Berkeley Fast Filesystem -options SOFTUPDATES # Enable FFS soft updates support -options UFS_DIRHASH # Improve performance on big directories -options MD_ROOT # MD is a potential root device -options PROCFS # Process filesystem (requires PSEUDOFS) -options PSEUDOFS # Pseudo-filesystem framework -options GEOM_PART_GPT # GUID Partition Tables. -options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!] -options COMPAT_FREEBSD4 # Compatible with FreeBSD4 -options SYSVSHM # SYSV-style shared memory -options SYSVMSG # SYSV-style message queues -options SYSVSEM # SYSV-style semaphores -options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions -options KBD_INSTALL_CDEV # install a CDEV entry in /dev -options AHC_REG_PRETTY_PRINT # Print register bitfields in debug - # output. Adds ~128k to driver. -options AHD_REG_PRETTY_PRINT # Print register bitfields in debug - # output. Adds ~215k to driver. -options ADAPTIVE_GIANT # Giant mutex is adaptive. - -device apic # I/O APIC - -device eisa -device pci - -# Floppy drives -#device fdc - -# ATA and ATAPI devices -device ata -device atadisk # ATA disk drives -device atapist # ATAPI tape drives -options ATA_STATIC_ID # Static device numbering - -# atkbdc0 controls both the keyboard and the PS/2 mouse -device atkbdc # AT keyboard controller -device atkbd # AT keyboard -device psm # PS/2 mouse - -device vga # VGA video card driver - -#device splash # Splash screen and screen saver support - -# syscons is the default console driver, resembling an SCO console -device sc - -# Enable this for the pcvt (VT220 compatible) console driver -#device vt -#options XSERVER # support for X server on a vt console -#options FAT_CURSOR # start with block cursor - -device agp # support several AGP chipsets - -# PCCARD (PCMCIA) support -# PCMCIA and cardbus bridge support -device cbb # cardbus (yenta) bridge -device pccard # PC Card (16-bit) bus -device cardbus # CardBus (32-bit) bus - -# Serial (COM) ports -device sio # 8250, 16[45]50 based serial ports - -# PCI Ethernet NICs. -#device de # DEC/Intel DC21x4x (``Tulip'') -#device em # Intel PRO/1000 adapter Gigabit Ethernet Card -#device txp # 3Com 3cR990 (``Typhoon'') -#device vx # 3Com 3c590, 3c595 (``Vortex'') - -# PCI Ethernet NICs that use the common MII bus controller code. -# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs! -#device miibus # MII bus support -#device bfe # Broadcom BCM440x 10/100 Ethernet -#device bge # Broadcom BCM570xx Gigabit Ethernet -#device dc # DEC/Intel 21143 and various workalikes -#device fxp # Intel EtherExpress PRO/100B (82557, 82558) -#device lge # Level 1 LXT1001 gigabit ethernet -#device nge # NatSemi DP83820 gigabit ethernet -#device pcn # AMD Am79C97x PCI 10/100 (precedence over 'lnc') -#device re # RealTek 8139C+/8169/8169S/8110S -#device rl # RealTek 8129/8139 -#device sf # Adaptec AIC-6915 (``Starfire'') -#device sis # Silicon Integrated Systems SiS 900/SiS 7016 -#device sk # SysKonnect SK-984x & SK-982x gigabit Ethernet -#device ste # Sundance ST201 (D-Link DFE-550TX) -#device ti # Alteon Networks Tigon I/II gigabit Ethernet -#device tl # Texas Instruments ThunderLAN -#device tx # SMC EtherPower II (83c170 ``EPIC'') -#device vge # VIA VT612x gigabit ethernet -#device vr # VIA Rhine, Rhine II -#device wb # Winbond W89C840F -#device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'') - -# ISA Ethernet NICs. pccard NICs included. -#device cs # Crystal Semiconductor CS89x0 NIC -# 'device ed' requires 'device miibus' -#device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards -#device ex # Intel EtherExpress Pro/10 and Pro/10+ -#device ep # Etherlink III based cards -#device fe # Fujitsu MB8696x based cards -#device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc. -#device lnc # NE2100, NE32-VL Lance Ethernet cards -#device sn # SMC's 9000 series of Ethernet chips -#device xe # Xircom pccard Ethernet - -# ISA devices that use the old ISA shims -#device le - -# Wireless NIC cards -device wlan # 802.11 support -device wlan_wep #802.11 WEP support -device wlan_ccmp #802.11 CCMP support -device wlan_tkip #802.11 TKIP support -device wlan_xauth #802.11 external authenticator support -device wlan_acl #802.11 MAC ACL support -device an # Aironet 4500/4800 802.11 wireless NICs. -device awi # BayStack 660 and others -device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs. -#device wl # Older non 802.11 Wavelan wireless NIC. - -# Pseudo devices. -device loop # Network loopback -device ether # Ethernet support -device pty # Pseudo-ttys (telnet etc) -device md # Memory "disks" - -# The `bpf' device enables the Berkeley Packet Filter. -# Be aware of the administrative consequences of enabling this! -# Note that 'bpf' is required for DHCP. -device bpf # Berkeley packet filter - -options IPFIREWALL -options IPFIREWALL_DEFAULT_TO_ACCEPT -options IPDIVERT -options DUMMYNET - -device pf #PF OpenBSD packet-filter firewall -device pflog #logging support interface for PF -device pfsync #synchronization interface for PF - -device ath -device ath_hal -device ath_rate_sample - -device if_bridge - -# CLK_USE_I8254_CALIBRATION causes the calibrated frequency of the i8254 -# clock to actually be used. -options CLK_USE_I8254_CALIBRATION - -# CPU_ELAN enables support for AMDs ElanSC520 CPU. -options CPU_ELAN -options CPU_SOEKRIS -options CPU_ELAN_XTAL=32768000 -options CPU_ELAN_PPS - diff --git a/tools/tools/tinybsd/conf/wireless/etc/authpf/authpf.rules b/tools/tools/tinybsd/conf/wireless/etc/authpf/authpf.rules deleted file mode 100644 --- a/tools/tools/tinybsd/conf/wireless/etc/authpf/authpf.rules +++ /dev/null @@ -1 +0,0 @@ -# $FreeBSD$ diff --git a/tools/tools/tinybsd/conf/wireless/etc/fstab b/tools/tools/tinybsd/conf/wireless/etc/fstab deleted file mode 100644 --- a/tools/tools/tinybsd/conf/wireless/etc/fstab +++ /dev/null @@ -1,2 +0,0 @@ -# $FreeBSD$ -/dev/ad0a / ufs ro 1 1 diff --git a/tools/tools/tinybsd/conf/wireless/etc/natd.conf b/tools/tools/tinybsd/conf/wireless/etc/natd.conf deleted file mode 100644 --- a/tools/tools/tinybsd/conf/wireless/etc/natd.conf +++ /dev/null @@ -1 +0,0 @@ -# $FreeBSD$ diff --git a/tools/tools/tinybsd/conf/wireless/etc/pf.conf b/tools/tools/tinybsd/conf/wireless/etc/pf.conf deleted file mode 100644 --- a/tools/tools/tinybsd/conf/wireless/etc/pf.conf +++ /dev/null @@ -1,78 +0,0 @@ -# $FreeBSD$ -# -# See pf.conf(5) and /usr/share/examples/pf for syntax and examples. -# Required order: options, normalization, queueing, translation, filtering. -# Macros and tables may be defined and used anywhere. -# Note that translation rules are first match while filter rules are last match. - -# Macros: define common values, so they can be referenced and changed easily. -#ext_if="ext0" # replace with actual external interface name i.e., dc0 -#int_if="int0" # replace with actual internal interface name i.e., dc1 -#internal_net="10.1.1.1/8" -#external_addr="192.168.1.1" - -# Tables: similar to macros, but more flexible for many addresses. -#table { 10.0.0.0/8, !10.1.0.0/16, 192.168.0.0/24, 192.168.1.18 } - -# Options: tune the behavior of pf, default values are given. -#set timeout { interval 10, frag 30 } -#set timeout { tcp.first 120, tcp.opening 30, tcp.established 86400 } -#set timeout { tcp.closing 900, tcp.finwait 45, tcp.closed 90 } -#set timeout { udp.first 60, udp.single 30, udp.multiple 60 } -#set timeout { icmp.first 20, icmp.error 10 } -#set timeout { other.first 60, other.single 30, other.multiple 60 } -#set timeout { adaptive.start 0, adaptive.end 0 } -#set limit { states 10000, frags 5000 } -#set loginterface none -#set optimization normal -#set block-policy drop -#set require-order yes -#set fingerprints "/etc/pf.os" - -# Normalization: reassemble fragments and resolve or reduce traffic ambiguities. -#scrub in all - -# Queueing: rule-based bandwidth control. -#altq on $ext_if bandwidth 2Mb cbq queue { dflt, developers, marketing } -#queue dflt bandwidth 5% cbq(default) -#queue developers bandwidth 80% -#queue marketing bandwidth 15% - -# Translation: specify how addresses are to be mapped or redirected. -# nat: packets going out through $ext_if with source address $internal_net will -# get translated as coming from the address of $ext_if, a state is created for -# such packets, and incoming packets will be redirected to the internal address. -#nat on $ext_if from $internal_net to any -> ($ext_if) - -# rdr: packets coming in on $ext_if with destination $external_addr:1234 will -# be redirected to 10.1.1.1:5678. A state is created for such packets, and -# outgoing packets will be translated as coming from the external address. -#rdr on $ext_if proto tcp from any to $external_addr/32 port 1234 -> 10.1.1.1 port 5678 - -# rdr outgoing FTP requests to the ftp-proxy -#rdr on $int_if proto tcp from any to any port ftp -> 127.0.0.1 port 8021 - -# spamd-setup puts addresses to be redirected into table . -#table persist -#no rdr on { lo0, lo1 } from any to any -#rdr inet proto tcp from to any port smtp -> 127.0.0.1 port 8025 - -# Filtering: the implicit first two rules are -#pass in all -#pass out all - -# block all incoming packets but allow ssh, pass all outgoing tcp and udp -# connections and keep state, logging blocked packets. -#block in log all -#pass in on $ext_if proto tcp from any to $ext_if port 22 keep state -#pass out on $ext_if proto { tcp, udp } all keep state - -# pass incoming packets destined to the addresses given in table . -#pass in on $ext_if proto { tcp, udp } from any to port 80 keep state - -# pass incoming ports for ftp-proxy -#pass in on $ext_if inet proto tcp from any to $ext_if user proxy keep state - -# assign packets to a queue. -#pass out on $ext_if from 192.168.0.0/24 to any keep state queue developers -#pass out on $ext_if from 192.168.1.0/24 to any keep state queue marketing diff --git a/tools/tools/tinybsd/conf/wireless/etc/pf.os b/tools/tools/tinybsd/conf/wireless/etc/pf.os deleted file mode 100644 --- a/tools/tools/tinybsd/conf/wireless/etc/pf.os +++ /dev/null @@ -1,549 +0,0 @@ -# $FreeBSD$ -# passive OS fingerprinting -# ------------------------- -# -# SYN signatures. Those signatures work for SYN packets only (duh!). -# -# (C) Copyright 2000-2003 by Michal Zalewski -# (C) Copyright 2003 by Mike Frantzen -# -# Permission to use, copy, modify, and distribute this software for any -# purpose with or without fee is hereby granted, provided that the above -# copyright notice and this permission notice appear in all copies. -# -# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -# -# -# This fingerprint database is adapted from Michal Zalewski's p0f passive -# operating system package. -# -# -# Each line in this file specifies a single fingerprint. Please read the -# information below carefully before attempting to append any signatures -# reported as UNKNOWN to this file to avoid mistakes. -# -# We use the following set metrics for fingerprinting: -# -# - Window size (WSS) - a highly OS dependent setting used for TCP/IP -# performance control (max. amount of data to be sent without ACK). -# Some systems use a fixed value for initial packets. On other -# systems, it is a multiple of MSS or MTU (MSS+40). In some rare -# cases, the value is just arbitrary. -# -# NEW SIGNATURE: if p0f reported a special value of 'Snn', the number -# appears to be a multiple of MSS (MSS*nn); a special value of 'Tnn' -# means it is a multiple of MTU ((MSS+40)*nn). Unless you notice the -# value of nn is not fixed (unlikely), just copy the Snn or Tnn token -# literally. If you know this device has a simple stack and a fixed -# MTU, you can however multiply S value by MSS, or T value by MSS+40, -# and put it instead of Snn or Tnn. -# -# If WSS otherwise looks like a fixed value (for example a multiple -# of two), or if you can confirm the value is fixed, please quote -# it literally. If there's no apparent pattern in WSS chosen, you -# should consider wildcarding this value. -# -# - Overall packet size - a function of all IP and TCP options and bugs. -# -# NEW SIGNATURE: Copy this value literally. -# -# - Initial TTL - We check the actual TTL of a received packet. It can't -# be higher than the initial TTL, and also shouldn't be dramatically -# lower (maximum distance is defined as 40 hops). -# -# NEW SIGNATURE: *Never* copy TTL from a p0f-reported signature literally. -# You need to determine the initial TTL. The best way to do it is to -# check the documentation for a remote system, or check its settings. -# A fairly good method is to simply round the observed TTL up to -# 32, 64, 128, or 255, but it should be noted that some obscure devices -# might not use round TTLs (in particular, some shoddy appliances use -# "original" initial TTL settings). If not sure, you can see how many -# hops you're away from the remote party with traceroute or mtr. -# -# - Don't fragment flag (DF) - some modern OSes set this to implement PMTU -# discovery. Others do not bother. -# -# NEW SIGNATURE: Copy this value literally. -# -# - Maximum segment size (MSS) - this setting is usually link-dependent. P0f -# uses it to determine link type of the remote host. -# -# NEW SIGNATURE: Always wildcard this value, except for rare cases when -# you have an appliance with a fixed value, know the system supports only -# a very limited number of network interface types, or know the system -# is using a value it pulled out of nowhere. Specific unique MSS -# can be used to tell Google crawlbots from the rest of the population. -# -# - Window scaling (WSCALE) - this feature is used to scale WSS. -# It extends the size of a TCP/IP window to 32 bits. Some modern -# systems implement this feature. -# -# NEW SIGNATURE: Observe several signatures. Initial WSCALE is often set -# to zero or other low value. There's usually no need to wildcard this -# parameter. -# -# - Timestamp - some systems that implement timestamps set them to -# zero in the initial SYN. This case is detected and handled appropriately. -# -# - Selective ACK permitted - a flag set by systems that implement -# selective ACK functionality. -# -# - The sequence of TCP all options (MSS, window scaling, selective ACK -# permitted, timestamp, NOP). Other than the options previously -# discussed, p0f also checks for timestamp option (a silly -# extension to broadcast your uptime ;-), NOP options (used for -# header padding) and sackOK option (selective ACK feature). -# -# NEW SIGNATURE: Copy the sequence literally. -# -# To wildcard any value (except for initial TTL or TCP options), replace -# it with '*'. You can also use a modulo operator to match any values -# that divide by nnn - '%nnn'. -# -# Fingerprint entry format: -# -# wwww:ttt:D:ss:OOO...:OS:Version:Subtype:Details -# -# wwww - window size (can be *, %nnn, Snn or Tnn). The special values -# "S" and "T" which are a multiple of MSS or a multiple of MTU -# respectively. -# ttt - initial TTL -# D - don't fragment bit (0 - not set, 1 - set) -# ss - overall SYN packet size -# OOO - option value and order specification (see below) -# OS - OS genre (Linux, Solaris, Windows) -# Version - OS Version (2.0.27 on x86, etc) -# Subtype - OS subtype or patchlevel (SP3, lo0) -# details - Generic OS details -# -# If OS genre starts with '*', p0f will not show distance, link type -# and timestamp data. It is useful for userland TCP/IP stacks of -# network scanners and so on, where many settings are randomized or -# bogus. -# -# If OS genre starts with @, it denotes an approximate hit for a group -# of operating systems (signature reporting still enabled in this case). -# Use this feature at the end of this file to catch cases for which -# you don't have a precise match, but can tell it's Windows or FreeBSD -# or whatnot by looking at, say, flag layout alone. -# -# Option block description is a list of comma or space separated -# options in the order they appear in the packet: -# -# N - NOP option -# Wnnn - window scaling option, value nnn (or * or %nnn) -# Mnnn - maximum segment size option, value nnn (or * or %nnn) -# S - selective ACK OK -# T - timestamp -# T0 - timestamp with a zero value -# -# To denote no TCP options, use a single '.'. -# -# Please report any additions to this file, or any inaccuracies or -# problems spotted, to the maintainers: lcamtuf@coredump.cx, -# frantzen@openbsd.org and bugs@openbsd.org with a tcpdump packet -# capture of the relevant SYN packet(s) -# -# WARNING WARNING WARNING -# ----------------------- -# -# Do not add a system X as OS Y just because NMAP says so. It is often -# the case that X is a NAT firewall. While nmap is talking to the -# device itself, p0f is fingerprinting the guy behind the firewall -# instead. -# -# When in doubt, use common sense, don't add something that looks like -# a completely different system as Linux or FreeBSD or LinkSys router. -# Check DNS name, establish a connection to the remote host and look -# at SYN+ACK - does it look similar? -# -# Some users tweak their TCP/IP settings - enable or disable RFC1323 -# functionality, enable or disable timestamps or selective ACK, -# disable PMTU discovery, change MTU and so on. Always compare a new rule -# to other fingerprints for this system, and verify the system isn't -# "customized" before adding it. It is OK to add signature variants -# caused by a commonly used software (personal firewalls, security -# packages, etc), but it makes no sense to try to add every single -# possible /proc/sys/net/ipv4 tweak on Linux or so. -# -# KEEP IN MIND: Some packet firewalls configured to normalize outgoing -# traffic (OpenBSD pf with "scrub" enabled, for example) will, well, -# normalize packets. Signatures will not correspond to the originating -# system (and probably not quite to the firewall either). -# -# NOTE: Try to keep this file in some reasonable order, from most to -# least likely systems. This will speed up operation. Also keep most -# generic and broad rules near the end. -# - -########################## -# Standard OS signatures # -########################## - -# ----------------- AIX --------------------- - -# AIX is first because its signatures are close to NetBSD, MacOS X and -# Linux 2.0, but it uses a fairly rare MSSes, at least sometimes... -# This is a shoddy hack, though. - -16384:64:0:44:M512: AIX:4.3:2-3:AIX 4.3.2 and earlier - -16384:64:0:60:M512,N,W%2,N,N,T: AIX:4.3:3:AIX 4.3.3-5.2 -16384:64:0:60:M512,N,W%2,N,N,T: AIX:5.1-5.2::AIX 4.3.3-5.2 -32768:64:0:60:M512,N,W%2,N,N,T: AIX:4.3:3:AIX 4.3.3-5.2 -32768:64:0:60:M512,N,W%2,N,N,T: AIX:5.1-5.2::AIX 4.3.3-5.2 -65535:64:0:60:M512,N,W%2,N,N,T: AIX:4.3:3:AIX 4.3.3-5.2 -65535:64:0:60:M512,N,W%2,N,N,T: AIX:5.1-5.2::AIX 4.3.3-5.2 -65535:64:0:64:M*,N,W1,N,N,T,N,N,S: AIX:5.3:ML1:AIX 5.3 ML1 - -# ----------------- Linux ------------------- - -512:64:0:44:M*: Linux:2.0:3x:Linux 2.0.3x -16384:64:0:44:M*: Linux:2.0:3x:Linux 2.0.3x - -# Endian snafu! Nelson says "ha-ha": -2:64:0:44:M*: Linux:2.0:3x:Linux 2.0.3x (MkLinux) on Mac -64:64:0:44:M*: Linux:2.0:3x:Linux 2.0.3x (MkLinux) on Mac - - -S4:64:1:60:M1360,S,T,N,W0: Linux:google::Linux (Google crawlbot) - -S2:64:1:60:M*,S,T,N,W0: Linux:2.4::Linux 2.4 (big boy) -S3:64:1:60:M*,S,T,N,W0: Linux:2.4:18-21:Linux 2.4.18 and newer -S4:64:1:60:M*,S,T,N,W0: Linux:2.4::Linux 2.4/2.6 -S4:64:1:60:M*,S,T,N,W0: Linux:2.6::Linux 2.4/2.6 - -S3:64:1:60:M*,S,T,N,W1: Linux:2.5::Linux 2.5 -S4:64:1:60:M*,S,T,N,W1: Linux:2.5-2.6::Linux 2.5/2.6 - -S20:64:1:60:M*,S,T,N,W0: Linux:2.2:20-25:Linux 2.2.20 and newer -S22:64:1:60:M*,S,T,N,W0: Linux:2.2::Linux 2.2 -S11:64:1:60:M*,S,T,N,W0: Linux:2.2::Linux 2.2 - -# Popular cluster config scripts disable timestamps and -# selective ACK: -S4:64:1:48:M1460,N,W0: Linux:2.4:cluster:Linux 2.4 in cluster - -# This needs to be investigated. On some systems, WSS -# is selected as a multiple of MTU instead of MSS. I got -# many submissions for this for many late versions of 2.4: -T4:64:1:60:M1412,S,T,N,W0: Linux:2.4::Linux 2.4 (late, uncommon) - -# This happens only over loopback, but let's make folks happy: -32767:64:1:60:M16396,S,T,N,W0: Linux:2.4:lo0:Linux 2.4 (local) -S8:64:1:60:M3884,S,T,N,W0: Linux:2.2:lo0:Linux 2.2 (local) - -# Opera visitors: -16384:64:1:60:M*,S,T,N,W0: Linux:2.2:Opera:Linux 2.2 (Opera?) -32767:64:1:60:M*,S,T,N,W0: Linux:2.4:Opera:Linux 2.4 (Opera?) - -# Some fairly common mods: -S4:64:1:52:M*,N,N,S,N,W0: Linux:2.4:ts:Linux 2.4 w/o timestamps -S22:64:1:52:M*,N,N,S,N,W0: Linux:2.2:ts:Linux 2.2 w/o timestamps - - -# ----------------- FreeBSD ----------------- - -16384:64:1:44:M*: FreeBSD:2.0-2.2::FreeBSD 2.0-4.1 -16384:64:1:44:M*: FreeBSD:3.0-3.5::FreeBSD 2.0-4.1 -16384:64:1:44:M*: FreeBSD:4.0-4.1::FreeBSD 2.0-4.1 -16384:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.4::FreeBSD 4.4 - -1024:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.4::FreeBSD 4.4 - -57344:64:1:44:M*: FreeBSD:4.6-4.8:noRFC1323:FreeBSD 4.6-4.8 (no RFC1323) -57344:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.6-4.8::FreeBSD 4.6-4.8 - -32768:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.8-4.9::FreeBSD 4.8-5.1 (or MacOS X) -32768:64:1:60:M*,N,W0,N,N,T: FreeBSD:5.0-5.1::FreeBSD 4.8-5.1 (or MacOS X) -65535:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.8-4.9::FreeBSD 4.8-5.1 (or MacOS X) -65535:64:1:60:M*,N,W0,N,N,T: FreeBSD:5.0-5.1::FreeBSD 4.8-5.1 (or MacOS X) -65535:64:1:60:M*,N,W1,N,N,T: FreeBSD:4.7-4.9::FreeBSD 4.7-5.1 -65535:64:1:60:M*,N,W1,N,N,T: FreeBSD:5.0-5.1::FreeBSD 4.7-5.1 - -# 16384:64:1:60:M*,N,N,N,N,N,N,T:FreeBSD:4.4:noTS:FreeBSD 4.4 (w/o timestamps) - -# ----------------- NetBSD ------------------ - -65535:64:0:60:M*,N,W0,N,N,T0: NetBSD:1.6:opera:NetBSD 1.6 (Opera) -16384:64:0:60:M*,N,W0,N,N,T0: NetBSD:1.6::NetBSD 1.6 -16384:64:1:60:M*,N,W0,N,N,T0: NetBSD:1.6:df:NetBSD 1.6 (DF) -16384:64:0:60:M*,N,W0,N,N,T: NetBSD:1.3::NetBSD 1.3 -65535:64:1:60:M*,N,W1,N,N,T0: NetBSD:1.6::NetBSD 1.6W-current (DF) - -# ----------------- OpenBSD ----------------- - -16384:64:0:60:M*,N,W0,N,N,T: OpenBSD:2.6::NetBSD 1.3 (or OpenBSD 2.6) -16384:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-3.4::OpenBSD 3.0-3.4 -16384:64:0:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-3.4:no-df:OpenBSD 3.0-3.4 (scrub no-df) -57344:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.3-3.4::OpenBSD 3.3-3.4 -57344:64:0:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.3-3.4:no-df:OpenBSD 3.3-3.4 (scrub no-df) - -65535:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-3.4:opera:OpenBSD 3.0-3.4 (Opera) - -# ----------------- Solaris ----------------- - -S17:64:1:64:N,W3,N,N,T0,N,N,S,M*: Solaris:8:RFC1323:Solaris 8 RFC1323 -S17:64:1:48:N,N,S,M*: Solaris:8::Solaris 8 -S17:255:1:44:M*: Solaris:2.5-2.7::Solaris 2.5 to 7 - -S6:255:1:44:M*: Solaris:2.6-2.7::Solaris 2.6 to 7 -S23:255:1:44:M*: Solaris:2.5:1:Solaris 2.5.1 -S34:64:1:48:M*,N,N,S: Solaris:2.9::Solaris 9 -S44:255:1:44:M*: Solaris:2.7::Solaris 7 - -# ----------------- IRIX -------------------- - -49152:64:0:44:M*: IRIX:6.4::IRIX 6.4 -61440:64:0:44:M*: IRIX:6.2-6.5::IRIX 6.2-6.5 -49152:64:0:52:M*,N,W2,N,N,S: IRIX:6.5:RFC1323:IRIX 6.5 (RFC1323) -49152:64:0:52:M*,N,W3,N,N,S: IRIX:6.5:RFC1323:IRIX 6.5 (RFC1323) - -61440:64:0:48:M*,N,N,S: IRIX:6.5:12-21:IRIX 6.5.12 - 6.5.21 -49152:64:0:48:M*,N,N,S: IRIX:6.5:15-21:IRIX 6.5.15 - 6.5.21 - -# ----------------- Tru64 ------------------- - -32768:64:1:48:M*,N,W0: Tru64:4.0::Tru64 4.0 -32768:64:0:48:M*,N,W0: Tru64:5.0::Tru64 5.0 -8192:64:0:44:M1460: Tru64:5.1:noRFC1323:Tru64 6.1 (no RFC1323) (or QNX 6) - -# This looks awfully Linuxish :/ -# S22:64:0:60:M*,S,T,N,W0: Tru64:5.0:a:Tru64 5.0a - -61440:64:0:48:M*,N,W0: Tru64:5.1a:JP4:Tru64 v5.1a JP4 (or OpenVMS 7.x on Compaq 5.x stack) - - -# ----------------- OpenVMS ----------------- - -6144:64:1:60:M*,N,W0,N,N,T: OpenVMS:7.2::OpenVMS 7.2 (Multinet 4.4 stack) - -# ----------------- MacOS ------------------- - -16616:255:1:48:M*,W0: MacOS:7.3-7.6:OTTCP:MacOS 7.3-8.6 (OTTCP) -16616:255:1:48:M*,W0: MacOS:8.0-8.6:OTTCP:MacOS 7.3-8.6 (OTTCP) -32768:255:1:48:M*,W0,N: MacOS:9.1-9.2::MacOS 9.1/9.2 -32768:64:0:60:M*,N,W0,N,N,T: MacOS:X:10.2:MacOS X 10.2 - -# ----------------- Windows ----------------- - -# Windows 95 - need more: - -8192:32:1:44:M*: Windows:95::Windows 95 (low TTL) - -# Windows 98 - plenty of silly signatures: -S44:32:1:48:M*,N,N,S: Windows:98::Windows 98 (low TTL) -8192:32:1:48:M*,N,N,S: Windows:98::Windows 98 (low TTL) - -%8192:64:1:48:M*,N,N,S: Windows:98::Windows 98 (or newer XP/2000 with tweaked TTL) -S4:64:1:48:M*,N,N,S: Windows:98::Windows 98 -S6:64:1:48:M*,N,N,S: Windows:98::Windows 98 -S12:64:1:48:M*,N,N,S: Windows:98::Windows 98 -32767:64:1:48:M*,N,N,S: Windows:98::Windows 98 -37300:64:1:48:M*,N,N,S: Windows:98::Windows 98 -46080:64:1:52:M*,N,W3,N,N,S: Windows:98:RFC1323:Windows 98 (RFC1323) -65535:64:1:44:M*: Windows:98:noSACK:Windows 98 (no sack) - -S16:128:1:48:M*,N,N,S: Windows:98::Windows 98 -S16:128:1:64:M*,N,W0,N,N,T0,N,N,S: Windows:98::Windows 98 -S26:128:1:48:M*,N,N,S: Windows:98::Windows 98 -T30:128:1:48:M*,N,N,S: Windows:98::Windows 98 -32767:128:1:52:M*,N,W0,N,N,S: Windows:98::Windows 98 -60352:128:1:48:M*,N,N,S: Windows:98::Windows 98 -60352:128:1:64:M*,N,W2,N,N,T0,N,N,S: Windows:98::Windows 98 - -# Windows NT 4.0 - need more: - -64512:128:1:44:M1414: Windows:NT:4.0:Windows NT 4.0 SP6a -8192:128:1:44:M*: Windows:NT:4.0:Windows NT 4.0 (older) -6144:128:1:52:M*,W0,N,S,N,N: Windows:NT:4.0:Windows NT 4.0 (RFC1323) - -# Windows XP and 2000. Most of the signatures that were -# either dubious or non-specific (no service pack data) -# were deleted and replaced with generics at the end. - -65535:128:1:48:M*,N,N,S: Windows:2000:SP4:Windows 2000 SP4, XP SP1 -%8192:128:1:48:M*,N,N,S: Windows:2000:SP4:Windows 2000 SP4, XP SP1 -S45:128:1:48:M*,N,N,S: Windows:2000:SP4:Windows 2000 SP4 -S6:128:1:48:M*,N,N,S: Windows:2000:SP4:Windows XP SP1, 2000 SP4 -S44:128:1:48:M*,N,N,S: Windows:2000:SP3:Windows XP Pro SP1, 2000 SP3 - -S6:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows XP SP1, 2000 SP4 -S44:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows XP Pro SP1, 2000 SP3 -64512:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows XP SP1 -32767:128:1:48:M1452,N,N,S: Windows:XP:SP1:Windows XP SP1 -65535:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows 2000 SP4, XP SP1 -%8192:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows 2000 SP4, XP SP1 - -# Odds, ends, mods: - -S52:128:1:48:M1260,N,N,S: Windows:XP:Cisco:Windows XP/2000 via Cisco -S52:128:1:48:M1260,N,N,S: Windows:2000:Cisco:Windows XP/2000 via Cisco - -# HUNT DOWN: -# *:128:1:48:M*,N,N,S:U:@Windows:XP (leak) (PLEASE REPORT) - -# ----------------- HP/UX ------------------- - -32768:64:1:44:M*: HP-UX:B.10.20::HP-UX B.10.20 -32768:64:0:48:M*,W0,N: HP-UX:11.0::HP-UX 11.0 -32768:64:1:48:M*,W0,N: HP-UX:11.10::HP-UX 11.0 or 11.11 -32768:64:1:48:M*,W0,N: HP-UX:11.11::HP-UX 11.0 or 11.11 - -# Whoa. Hardcore WSS. -0:64:0:48:M*,W0,N: HP-UX:B.11.00:A:HP-UX B.11.00 A (RFC1323) - - -# ----------------- RiscOS ------------------ - -# We don't yet support the ?12 TCP option -#16384:64:1:68:M1460,N,W0,N,N,T,N,N,?12: RISCOS:3.70-4.36::RISC OS 3.70-4.36 - -# ----------------- BSD/OS ------------------ - -# Once again, power of two WSS is also shared by MacOS X with DF set -8192:64:1:60:M1460,N,W0,N,N,T: BSD/OS:3.1::BSD/OS 3.1-4.3 (or MacOS X 10.2 w/DF) -8192:64:1:60:M1460,N,W0,N,N,T: BSD/OS:4.0-4.3::BSD/OS 3.1-4.3 (or MacOS X 10.2) - - -# ---------------- NewtonOS ----------------- - -4096:64:0:44:M1420: NewtonOS:2.1::NewtonOS 2.1 - -# ---------------- NeXTSTEP ----------------- - -S8:64:0:44:M512: NeXTSTEP:3.3::NeXTSTEP 3.3 - -# ------------------ BeOS ------------------- - -1024:255:0:48:M*,N,W0: BeOS:5.0-5.1::BeOS 5.0-5.1 -12288:255:0:44:M1402: BeOS:5.0::BeOS 5.0.x - -# ------------------ OS/400 ----------------- - -8192:64:1:60:M1440,N,W0,N,N,T: OS/400:VR4::OS/400 VR4/R5 -8192:64:1:60:M1440,N,W0,N,N,T: OS/400:VR5::OS/400 VR4/R5 -4096:64:1:60:M1440,N,W0,N,N,T: OS/400:V4R5:CF67032:OS/400 V4R5 + CF67032 - - -# ------------------ ULTRIX ----------------- - -16384:64:0:40:.: ULTRIX:4.5::ULTRIX 4.5 - -# ------------------- QNX ------------------- - -S16:64:0:44:M512: QNX:::QNX demodisk - -# ------------------ Novell ----------------- - -16384:128:1:44:M1460: Novell:NetWare:5.0:Novel Netware 5.0 -6144:128:1:44:M1460: Novell:IntranetWare:4.11:Novell IntranetWare 4.11 - -# ----------------- SCO ------------------ -S17:64:1:44:M1460: SCO:Unixware:7.0:SCO Unixware 7.0.0 or OpenServer 5.0.4-5.06 -S17:64:1:44:M1460: SCO:OpenServer:5.0:SCO Unixware 7.0.0 or OpenServer 5.0.4-5.06 -S3:64:1:60:M1460,N,W0,N,N,T: SCO:UnixWare:7.1:SCO UnixWare 7.1 - -# ------------------- DOS ------------------- - -2048:255:0:44:M536: DOS:WATTCP:1.05:DOS Arachne via WATTCP/1.05 - -########################################### -# Appliance / embedded / other signatures # -########################################### - -# ---------- Firewalls / routers ------------ - -S12:64:1:44:M1460: @Checkpoint:::Checkpoint (unknown 1) -S12:64:1:48:N,N,S,M1460: @Checkpoint:::Checkpoint (unknown 2) -4096:32:0:44:M1460: ExtremeWare:4.x::ExtremeWare 4.x -60352:64:0:52:M1460,N,W2,N,N,S: Clavister:7::Clavister firewall 7.x - -# ------- Switches and other stuff ---------- - -4128:255:0:44:M*: Cisco:::Cisco Catalyst 3500, 7500 etc -S8:255:0:44:M*: Cisco:12008::Cisco 12008 -60352:128:1:64:M1460,N,W2,N,N,T,N,N,S: Alteon:ACEswitch::Alteon ACEswitch -64512:128:1:44:M1370: Nortel:Contivity Client::Nortel Conectivity Client - - -# ---------- Caches and whatnots ------------ - -S4:64:1:52:M1460,N,N,S,N,W0: AOL:web cache::AOL web cache - -32850:64:1:64:N,W1,N,N,T,N,N,S,M*: NetApp:5.x::NetApp Data OnTap 5.x -16384:64:1:64:M1460,N,N,S,N,W0,N: NetApp:5.3:1:NetApp 5.3.1 -65535:64:0:64:M1460,N,N,S,N,W3,N,N,T: NetApp:5.3:1:NetApp 5.3.1 -65535:64:0:60:M1460,N,W0,N,N,T: NetApp:CacheFlow::NetApp CacheFlow -8192:64:1:64:M1460,N,N,S,N,W0,N,N,T: NetApp:5.2:1:NetApp NetCache 5.2.1 - -S4:64:0:48:M1460,N,N,S: Cisco:Content Engine::Cisco Content Engine - -27085:128:0:40:.: Dell:PowerApp cache::Dell PowerApp (Linux-based) - -65535:255:1:48:N,W1,M1460: Inktomi:crawler::Inktomi crawler -S1:255:1:60:M1460,S,T,N,W0: LookSmart:ZyBorg::LookSmart ZyBorg - - -16384:255:0:40:.: Proxyblocker:::Proxyblocker (what's this?) - -# ----------- Embedded systems -------------- - -S9:255:0:44:M536: PalmOS:Tungsten:C:PalmOS Tungsten C -S5:255:0:44:M536: PalmOS:3::PalmOS 3/4 -S5:255:0:44:M536: PalmOS:4::PalmOS 3/4 -S4:255:0:44:M536: PalmOS:3:5:PalmOS 3.5 -2948:255:0:44:M536: PalmOS:3:5:PalmOS 3.5.3 (Handera) - -S23:64:1:64:N,W1,N,N,T,N,N,S,M1460: SymbianOS:7::SymbianOS 7 -8192:255:0:44:M1460: SymbianOS:6048::SymbianOS 6048 (on Nokia 7650?) -8192:255:0:44:M536: SymbianOS:::SymbianOS (on Nokia 9210?) - - -# Perhaps S4? -5840:64:1:60:M1452,S,T,N,W1: Zaurus:3.10::Zaurus 3.10 - -32768:128:1:64:M1460,N,W0,N,N,T0,N,N,S: PocketPC:2002::PocketPC 2002 - -S1:255:0:44:M346: Contiki:1.1:rc0:Contiki 1.1-rc0 - -4096:128:0:44:M1460: Sega:Dreamcast:3.0:Sega Dreamcast Dreamkey 3.0 - -S12:64:0:44:M1452: AXIS:5600:v5.64:AXIS Printer Server 5600 v5.64 - - - -#################### -# Fancy signatures # -#################### - -1024:64:0:40:.: *NMAP:syn scan:1:NMAP syn scan (1) -2048:64:0:40:.: *NMAP:syn scan:2:NMAP syn scan (2) -3072:64:0:40:.: *NMAP:syn scan:3:NMAP syn scan (3) -4096:64:0:40:.: *NMAP:syn scan:4:NMAP syn scan (4) - -1024:64:0:60:W10,N,M265,T: *NMAP:OS:1:NMAP OS detection probe (1) -2048:64:0:60:W10,N,M265,T: *NMAP:OS:2:NMAP OS detection probe (2) -3072:64:0:60:W10,N,M265,T: *NMAP:OS:3:NMAP OS detection probe (3) -4096:64:0:60:W10,N,M265,T: *NMAP:OS:4:NMAP OS detection probe (4) - -##################################### -# Generic signatures - just in case # -##################################### - -#*:64:1:60:M*,N,W*,N,N,T: @FreeBSD:4.0-4.9::FreeBSD 4.x/5.x -#*:64:1:60:M*,N,W*,N,N,T: @FreeBSD:5.0-5.1::FreeBSD 4.x/5.x - -*:128:1:52:M*,N,W0,N,N,S: @Windows:XP:RFC1323:Windows XP/2000 (RFC1323 no tstamp) -*:128:1:52:M*,N,W0,N,N,S: @Windows:2000:RFC1323:Windows XP/2000 (RFC1323 no tstamp) -*:128:1:64:M*,N,W0,N,N,T0,N,N,S: @Windows:XP:RFC1323:Windows XP/2000 (RFC1323) -*:128:1:64:M*,N,W0,N,N,T0,N,N,S: @Windows:2000:RFC1323:Windows XP/2000 (RFC1323) -*:128:1:64:M*,N,W*,N,N,T0,N,N,S: @Windows:XP:RFC1323:Windows XP (RFC1323, w+) -*:128:1:48:M*,N,N,S: @Windows:XP::Windows XP/2000 -*:128:1:48:M*,N,N,S: @Windows:2000::Windows XP/2000 diff --git a/tools/tools/tinybsd/conf/wireless/etc/rc.conf b/tools/tools/tinybsd/conf/wireless/etc/rc.conf deleted file mode 100644 --- a/tools/tools/tinybsd/conf/wireless/etc/rc.conf +++ /dev/null @@ -1,32 +0,0 @@ -# $FreeBSD$ -hostname="tinybsd.freebsd.org" -sendmail_enable="NONE" -sshd_enable="YES" -usbd_enable="NO" -inetd_enable="NO" -portmap_enable="NO" -update_motd="NO" -varmfs="YES" -populate_var="YES" -varsize="8192" -tmpmfs="YES" - -# IPFW -firewall_enable="YES" -firewall_script="/etc/rc.firewall" -firewall_type="closed" - -# NAT -natd_enable="NO" -natd_interface="" -natd_flags="" - -# PF -pf_enable="NO" -pf_rules="/etc/pf.conf" -pf_program="/sbin/pfctl" -pf_flags="" -pflog_enable="NO" -pflog_logfile="/var/log/pflog" -pflog_program="/sbin/pflogd" -pflog_flags="" diff --git a/tools/tools/tinybsd/conf/wireless/etc/rc.firewall b/tools/tools/tinybsd/conf/wireless/etc/rc.firewall deleted file mode 100644 --- a/tools/tools/tinybsd/conf/wireless/etc/rc.firewall +++ /dev/null @@ -1,302 +0,0 @@ -#!/bin/sh - -# Copyright (c) 1996 Poul-Henning Kamp -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -# $FreeBSD$ -# - -# -# Setup system for firewall service. -# - -# Suck in the configuration variables. -if [ -z "${source_rc_confs_defined}" ]; then - if [ -r /etc/defaults/rc.conf ]; then - . /etc/defaults/rc.conf - source_rc_confs - elif [ -r /etc/rc.conf ]; then - . /etc/rc.conf - fi -fi - -############ -# Define the firewall type in /etc/rc.conf. Valid values are: -# open - will allow anyone in -# client - will try to protect just this machine -# simple - will try to protect a whole network -# closed - totally disables IP services except via lo0 interface -# UNKNOWN - disables the loading of firewall rules. -# filename - will load the rules in the given filename (full path required) -# -# For ``client'' and ``simple'' the entries below should be customized -# appropriately. - -############ -# -# If you don't know enough about packet filtering, we suggest that you -# take time to read this book: -# -# Building Internet Firewalls, 2nd Edition -# Brent Chapman and Elizabeth Zwicky -# -# O'Reilly & Associates, Inc -# ISBN 1-56592-871-7 -# http://www.ora.com/ -# http://www.oreilly.com/catalog/fire2/ -# -# For a more advanced treatment of Internet Security read: -# -# Firewalls & Internet Security -# Repelling the wily hacker -# William R. Cheswick, Steven M. Bellowin -# -# Addison-Wesley -# ISBN 0-201-63357-4 -# http://www.awl.com/ -# http://www.awlonline.com/product/0%2C2627%2C0201633574%2C00.html -# - -setup_loopback () { - ############ - # Only in rare cases do you want to change these rules - # - ${fwcmd} add 100 pass all from any to any via lo0 - ${fwcmd} add 200 deny all from any to 127.0.0.0/8 - ${fwcmd} add 300 deny ip from 127.0.0.0/8 to any -} - -if [ -n "${1}" ]; then - firewall_type="${1}" -fi - -############ -# Set quiet mode if requested -# -case ${firewall_quiet} in -[Yy][Ee][Ss]) - fwcmd="/sbin/ipfw -q" - ;; -*) - fwcmd="/sbin/ipfw" - ;; -esac - -############ -# Flush out the list before we begin. -# -${fwcmd} -f flush - -############ -# Network Address Translation. All packets are passed to natd(8) -# before they encounter your remaining rules. The firewall rules -# will then be run again on each packet after translation by natd -# starting at the rule number following the divert rule. -# -# For ``simple'' firewall type the divert rule should be put to a -# different place to not interfere with address-checking rules. -# -case ${firewall_type} in -[Oo][Pp][Ee][Nn]|[Cc][Ll][Ii][Ee][Nn][Tt]) - case ${natd_enable} in - [Yy][Ee][Ss]) - if [ -n "${natd_interface}" ]; then - ${fwcmd} add 50 divert natd all from any to any via ${natd_interface} - fi - ;; - esac -esac - -############ -# If you just configured ipfw in the kernel as a tool to solve network -# problems or you just want to disallow some particular kinds of traffic -# then you will want to change the default policy to open. You can also -# do this as your only action by setting the firewall_type to ``open''. -# -# ${fwcmd} add 65000 pass all from any to any - - -# Prototype setups. -# -case ${firewall_type} in -[Oo][Pp][Ee][Nn]) - setup_loopback - ${fwcmd} add 65000 pass all from any to any - ;; - -[Cc][Ll][Ii][Ee][Nn][Tt]) - ############ - # This is a prototype setup that will protect your system somewhat - # against people from outside your own network. - ############ - - # set these to your network and netmask and ip - net="192.0.2.0" - mask="255.255.255.0" - ip="192.0.2.1" - - setup_loopback - - # Allow any traffic to or from my own net. - ${fwcmd} add pass all from ${ip} to ${net}:${mask} - ${fwcmd} add pass all from ${net}:${mask} to ${ip} - - # Allow TCP through if setup succeeded - ${fwcmd} add pass tcp from any to any established - - # Allow IP fragments to pass through - ${fwcmd} add pass all from any to any frag - - # Allow setup of incoming email - ${fwcmd} add pass tcp from any to ${ip} 25 setup - - # Allow setup of outgoing TCP connections only - ${fwcmd} add pass tcp from ${ip} to any setup - - # Disallow setup of all other TCP connections - ${fwcmd} add deny tcp from any to any setup - - # Allow DNS queries out in the world - ${fwcmd} add pass udp from ${ip} to any 53 keep-state - - # Allow NTP queries out in the world - ${fwcmd} add pass udp from ${ip} to any 123 keep-state - - # Everything else is denied by default, unless the - # IPFIREWALL_DEFAULT_TO_ACCEPT option is set in your kernel - # config file. - ;; - -[Ss][Ii][Mm][Pp][Ll][Ee]) - ############ - # This is a prototype setup for a simple firewall. Configure this - # machine as a DNS and NTP server, and point all the machines - # on the inside at this machine for those services. - ############ - - # set these to your outside interface network and netmask and ip - oif="ed0" - onet="192.0.2.0" - omask="255.255.255.240" - oip="192.0.2.1" - - # set these to your inside interface network and netmask and ip - iif="ed1" - inet="192.0.2.16" - imask="255.255.255.240" - iip="192.0.2.17" - - setup_loopback - - # Stop spoofing - ${fwcmd} add deny all from ${inet}:${imask} to any in via ${oif} - ${fwcmd} add deny all from ${onet}:${omask} to any in via ${iif} - - # Stop RFC1918 nets on the outside interface - ${fwcmd} add deny all from any to 10.0.0.0/8 via ${oif} - ${fwcmd} add deny all from any to 172.16.0.0/12 via ${oif} - ${fwcmd} add deny all from any to 192.168.0.0/16 via ${oif} - - # Stop draft-manning-dsua-03.txt (1 May 2000) nets (includes RESERVED-1, - # DHCP auto-configuration, NET-TEST, MULTICAST (class D), and class E) - # on the outside interface - ${fwcmd} add deny all from any to 0.0.0.0/8 via ${oif} - ${fwcmd} add deny all from any to 169.254.0.0/16 via ${oif} - ${fwcmd} add deny all from any to 192.0.2.0/24 via ${oif} - ${fwcmd} add deny all from any to 224.0.0.0/4 via ${oif} - ${fwcmd} add deny all from any to 240.0.0.0/4 via ${oif} - - # Network Address Translation. This rule is placed here deliberately - # so that it does not interfere with the surrounding address-checking - # rules. If for example one of your internal LAN machines had its IP - # address set to 192.0.2.1 then an incoming packet for it after being - # translated by natd(8) would match the `deny' rule above. Similarly - # an outgoing packet originated from it before being translated would - # match the `deny' rule below. - case ${natd_enable} in - [Yy][Ee][Ss]) - if [ -n "${natd_interface}" ]; then - ${fwcmd} add divert natd all from any to any via ${natd_interface} - fi - ;; - esac - - # Stop RFC1918 nets on the outside interface - ${fwcmd} add deny all from 10.0.0.0/8 to any via ${oif} - ${fwcmd} add deny all from 172.16.0.0/12 to any via ${oif} - ${fwcmd} add deny all from 192.168.0.0/16 to any via ${oif} - - # Stop draft-manning-dsua-03.txt (1 May 2000) nets (includes RESERVED-1, - # DHCP auto-configuration, NET-TEST, MULTICAST (class D), and class E) - # on the outside interface - ${fwcmd} add deny all from 0.0.0.0/8 to any via ${oif} - ${fwcmd} add deny all from 169.254.0.0/16 to any via ${oif} - ${fwcmd} add deny all from 192.0.2.0/24 to any via ${oif} - ${fwcmd} add deny all from 224.0.0.0/4 to any via ${oif} - ${fwcmd} add deny all from 240.0.0.0/4 to any via ${oif} - - # Allow TCP through if setup succeeded - ${fwcmd} add pass tcp from any to any established - - # Allow IP fragments to pass through - ${fwcmd} add pass all from any to any frag - - # Allow setup of incoming email - ${fwcmd} add pass tcp from any to ${oip} 25 setup - - # Allow access to our DNS - ${fwcmd} add pass tcp from any to ${oip} 53 setup - ${fwcmd} add pass udp from any to ${oip} 53 - ${fwcmd} add pass udp from ${oip} 53 to any - - # Allow access to our WWW - ${fwcmd} add pass tcp from any to ${oip} 80 setup - - # Reject&Log all setup of incoming connections from the outside - ${fwcmd} add deny log tcp from any to any in via ${oif} setup - - # Allow setup of any other TCP connection - ${fwcmd} add pass tcp from any to any setup - - # Allow DNS queries out in the world - ${fwcmd} add pass udp from ${oip} to any 53 keep-state - - # Allow NTP queries out in the world - ${fwcmd} add pass udp from ${oip} to any 123 keep-state - - # Everything else is denied by default, unless the - # IPFIREWALL_DEFAULT_TO_ACCEPT option is set in your kernel - # config file. - ;; - -[Cc][Ll][Oo][Ss][Ee][Dd]) - setup_loopback - ;; -[Uu][Nn][Kk][Nn][Oo][Ww][Nn]) - ;; -*) - if [ -r "${firewall_type}" ]; then - ${fwcmd} ${firewall_flags} ${firewall_type} - fi - ;; -esac diff --git a/tools/tools/tinybsd/conf/wireless/tinybsd.basefiles b/tools/tools/tinybsd/conf/wireless/tinybsd.basefiles deleted file mode 100644 --- a/tools/tools/tinybsd/conf/wireless/tinybsd.basefiles +++ /dev/null @@ -1,232 +0,0 @@ -# $FreeBSD$ -# contents of ${WORKDIR}/boot -boot/boot0 -boot/boot1 -boot/boot2 -boot/defaults/loader.conf -boot/device.hints -boot/loader -boot/loader.4th -boot/loader.help -boot/loader.rc -boot/mbr -boot/support.4th - -# contents of ${WORKDIR}/libexec -libexec/ld-elf.so.1:usr/libexec/ld-elf.so.1 - -# contents of ${WORKDIR}/bin -bin/[:bin/test -bin/cat -bin/chflags -bin/chio -bin/chmod -bin/cp -bin/csh:bin/tcsh -bin/date -bin/dd -bin/df -bin/domainname -bin/echo -bin/ed:bin/red -bin/expr -bin/hostname -bin/kenv -bin/kill -bin/ln:bin/link -bin/ls -bin/mkdir -bin/mv -bin/pax -bin/ps -bin/pwd -bin/realpath -bin/rm:bin/unlink -bin/rmdir -bin/sh -bin/sleep -bin/stty -bin/sync - -# contents of ${WORKDIR}/sbin -sbin/adjkerntz -sbin/comcontrol -sbin/disklabel -sbin/dmesg -sbin/fastboot:sbin/reboot -sbin/fasthalt:sbin/halt -sbin/fsck -sbin/fsck_ufs:sbin/fsck_ffs -sbin/fsck_ufs:sbin/fsck_4.2bsd -sbin/ifconfig -sbin/init -sbin/ipfw -sbin/kldconfig -sbin/kldload -sbin/kldstat -sbin/kldunload -sbin/ldconfig -sbin/md5 -sbin/mdconfig -sbin/mknod -sbin/mdmfs -sbin/mount -sbin/mount_nullfs -sbin/mount_unionfs -sbin/natd -sbin/newfs -sbin/nextboot -sbin/nologin -sbin/nos-tun -sbin/pfctl -sbin/pflogd -sbin/ping -sbin/rcorder -sbin/route -sbin/shutdown -sbin/slattach -sbin/swapon -sbin/sysctl -sbin/umount - -# contents of ${WORKDIR}/usr/sbin -usr/bin/at:usr/bin/atq -usr/bin/at:usr/bin/atrm -usr/bin/at:usr/bin/batch -usr/bin/awk -usr/bin/basename -usr/bin/bunzip2:usr/bin/bzcat -usr/bin/bunzip2:usr/bin/bzip2 -usr/bin/chat -usr/bin/chfn:usr/bin/chpass -usr/bin/chfn:usr/bin/chsh -usr/bin/chgrp -usr/bin/cksum -usr/bin/clear -usr/bin/cmp -usr/bin/compress:usr/bin/uncompress -usr/bin/cpio -usr/bin/crontab -usr/bin/cu -usr/bin/dig -usr/bin/dirname -usr/bin/du -usr/bin/ee -usr/bin/egrep:usr/bin/fgrep -usr/bin/egrep:usr/bin/grep -usr/bin/env -usr/bin/false -usr/bin/fetch -usr/bin/find -usr/bin/finger -usr/bin/fstat -usr/bin/fsync -usr/bin/ftp -usr/bin/gunzip:usr/bin/gzcat -usr/bin/gunzip:usr/bin/gzip -usr/bin/gzexe -usr/bin/head -usr/bin/hexdump -usr/bin/id:usr/bin/whoami -usr/bin/ident -usr/bin/killall -usr/bin/last -usr/bin/less:usr/bin/more -usr/bin/limits -usr/bin/lock -usr/bin/lockf -usr/bin/logger -usr/bin/login -usr/bin/logname -usr/bin/mesg -usr/bin/minigzip -usr/bin/mkfifo -usr/bin/mktemp -usr/bin/msgs -usr/bin/netstat -usr/bin/nfsstat -usr/bin/nice -usr/bin/nslookup -usr/bin/nsupdate -usr/bin/nohup -usr/bin/objformat -usr/bin/openssl -usr/bin/passwd -usr/bin/printf -usr/bin/renice -usr/bin/reset:usr/sbin/tset -usr/bin/scp -usr/bin/script -usr/bin/sed -usr/bin/sftp -usr/bin/shar -usr/bin/slogin:usr/bin/ssh -usr/bin/sort -usr/bin/split -usr/bin/ssh-keygen -usr/bin/su -usr/bin/tail -usr/bin/tar -usr/bin/tee -usr/bin/telnet -usr/bin/time -usr/bin/top -usr/bin/touch -usr/bin/tput -usr/bin/tr -usr/bin/true -usr/bin/tty -usr/bin/uname -usr/bin/uptime:usr/bin/w -usr/bin/users -usr/bin/uudecode -usr/bin/uuencode -usr/bin/vi -usr/bin/vmstat -usr/bin/wall -usr/bin/who -usr/bin/whois -usr/bin/write -usr/bin/yes - -# contents of ${WORKDIR}/usr/sbin -usr/sbin/arp -usr/sbin/authpf -usr/sbin/boot0cfg -usr/sbin/chown -usr/sbin/cron -usr/sbin/idprio:usr/sbin/rtprio -usr/sbin/inetd -usr/sbin/iostat -usr/sbin/kbdcontrol -usr/sbin/lastlogin -usr/sbin/memcontrol -usr/sbin/mtree -usr/sbin/newsyslog -usr/sbin/ntpdate -usr/sbin/pciconf -usr/sbin/pw -usr/sbin/pwd_mkdb -usr/sbin/slstat -usr/sbin/sshd -usr/sbin/syslogd -usr/sbin/tcpdchk -usr/sbin/tcpdmatch -usr/sbin/tcpdump -usr/sbin/traceroute -usr/sbin/vidcontrol -usr/sbin/vipw -usr/sbin/vnconfig -usr/sbin/watch -usr/sbin/pccardc -usr/sbin/pccardd - -# contents of ${WORKDIR}/usr/libexec -usr/libexec/atrun -usr/libexec/ftpd -usr/libexec/getty -usr/libexec/sftp-server - -# contents of ${WORKDIR}/usr/share -usr/share/misc/termcap - diff --git a/tools/tools/tinybsd/conf/wireless/tinybsd.ports b/tools/tools/tinybsd/conf/wireless/tinybsd.ports deleted file mode 100644 --- a/tools/tools/tinybsd/conf/wireless/tinybsd.ports +++ /dev/null @@ -1,9 +0,0 @@ -# $FreeBSD$ -# Here you can add the applications from the FreeBSD Ports Collection which you -# want TinyBSD ports system to install in your embedded system. You whould list -# one application per line, mentioning its category and name, like the examples: -# -# www/mini_httpd -# net-mgmt/rate -# -# Make sure you have enough space to add it. diff --git a/tools/tools/tinybsd/conf/wrap/TINYBSD b/tools/tools/tinybsd/conf/wrap/TINYBSD deleted file mode 100644 --- a/tools/tools/tinybsd/conf/wrap/TINYBSD +++ /dev/null @@ -1,138 +0,0 @@ -# $FreeBSD$ -machine i386 -cpu I586_CPU -ident TINYBSD -maxusers 8 -options CPU_GEODE - -# To statically compile in device wiring instead of /boot/device.hints -#hints "GENERIC.hints" # Default places to look for devices. -options SCHED_4BSD # 4BSD scheduler -options INET # InterNETworking -options FFS # Berkeley Fast Filesystem -options SOFTUPDATES # Enable FFS soft updates support -options UFS_ACL # Support for access control lists -options UFS_DIRHASH # Improve performance on big directories -options MD_ROOT # MD is a potential root device -options NFSCLIENT # Network Filesystem Client -options NFSSERVER # Network Filesystem Server -options NFS_ROOT # NFS usable as /, requires NFSCLIENT -options PROCFS # Process filesystem (requires PSEUDOFS) -options PSEUDOFS # Pseudo-filesystem framework -options GEOM_PART_GPT # GUID Partition Tables. -options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!] -options COMPAT_FREEBSD4 # Compatible with FreeBSD4 -options SYSVSHM # SYSV-style shared memory -options SYSVMSG # SYSV-style message queues -options SYSVSEM # SYSV-style semaphores -options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions -options KBD_INSTALL_CDEV # install a CDEV entry in /dev -options AHC_REG_PRETTY_PRINT # Print register bitfields in debug - # output. Adds ~128k to driver. -options AHD_REG_PRETTY_PRINT # Print register bitfields in debug - # output. Adds ~215k to driver. -options ADAPTIVE_GIANT # Giant mutex is adaptive. - -#device apic # I/O APIC - -device pci - -# ATA and ATAPI devices -device ata -device atadisk # ATA disk drives -options ATA_STATIC_ID # Static device numbering - -# Serial (COM) ports -device sio # 8250, 16[45]50 based serial ports - -# PCI Ethernet NICs. -device de # DEC/Intel DC21x4x (``Tulip'') -device em # Intel PRO/1000 adapter Gigabit Ethernet Card -device txp # 3Com 3cR990 (``Typhoon'') -device vx # 3Com 3c590, 3c595 (``Vortex'') - -# PCI Ethernet NICs that use the common MII bus controller code. -# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs! -device miibus # MII bus support -device bfe # Broadcom BCM440x 10/100 Ethernet -device bge # Broadcom BCM570xx Gigabit Ethernet -device dc # DEC/Intel 21143 and various workalikes -device fxp # Intel EtherExpress PRO/100B (82557, 82558) -device lge # Level 1 LXT1001 gigabit ethernet -device nge # NatSemi DP83820 gigabit ethernet -device pcn # AMD Am79C97x PCI 10/100 (precedence over 'lnc') -device re # RealTek 8139C+/8169/8169S/8110S -device rl # RealTek 8129/8139 -device sf # Adaptec AIC-6915 (``Starfire'') -device sis # Silicon Integrated Systems SiS 900/SiS 7016 -device sk # SysKonnect SK-984x & SK-982x gigabit Ethernet -device ste # Sundance ST201 (D-Link DFE-550TX) -device ti # Alteon Networks Tigon I/II gigabit Ethernet -device tl # Texas Instruments ThunderLAN -device tx # SMC EtherPower II (83c170 ``EPIC'') -device vge # VIA VT612x gigabit ethernet -device vr # VIA Rhine, Rhine II -device wb # Winbond W89C840F -device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'') - -# ISA Ethernet NICs. pccard NICs included. -device cs # Crystal Semiconductor CS89x0 NIC -# 'device ed' requires 'device miibus' -device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards -device ex # Intel EtherExpress Pro/10 and Pro/10+ -device ep # Etherlink III based cards -device fe # Fujitsu MB8696x based cards -device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc. -device sn # SMC's 9000 series of Ethernet chips -device xe # Xircom pccard Ethernet - -# Wireless NIC cards -device wlan # 802.11 support -device wlan_wep #802.11 WEP support -device wlan_ccmp #802.11 CCMP support -device wlan_tkip #802.11 TKIP support -device wlan_xauth #802.11 external authenticator support -device wlan_acl #802.11 MAC ACL support -device an # Aironet 4500/4800 802.11 wireless NICs. -device awi # BayStack 660 and others -device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs. -device ath -device ath_hal -device ath_rate_sample - -# Pseudo devices. -device loop # Network loopback -device ether # Ethernet support -device ppp # Kernel PPP -device tun # Packet tunnel. -device pty # Pseudo-ttys (telnet etc) -device md # Memory "disks" -device gif # IPv6 and IPv4 tunneling - -# The `bpf' device enables the Berkeley Packet Filter. -# Be aware of the administrative consequences of enabling this! -# Note that 'bpf' is required for DHCP. -device bpf # Berkeley packet filter - -options INCLUDE_CONFIG_FILE - -options IPFIREWALL -options IPFIREWALL_DEFAULT_TO_ACCEPT -options IPDIVERT -options DUMMYNET - -options ALTQ -options ALTQ_CBQ -options ALTQ_RED -options ALTQ_RIO -options ALTQ_HFSC -options ALTQ_CDNR -options ALTQ_PRIQ - -device pf -device pflog -device pfsync -device carp -device if_bridge - -options DEVICE_POLLING diff --git a/tools/tools/tinybsd/conf/wrap/etc/fstab b/tools/tools/tinybsd/conf/wrap/etc/fstab deleted file mode 100644 --- a/tools/tools/tinybsd/conf/wrap/etc/fstab +++ /dev/null @@ -1,2 +0,0 @@ -# $FreeBSD$ -/dev/ad0a / ufs ro 1 1 diff --git a/tools/tools/tinybsd/conf/wrap/etc/rc.conf b/tools/tools/tinybsd/conf/wrap/etc/rc.conf deleted file mode 100644 --- a/tools/tools/tinybsd/conf/wrap/etc/rc.conf +++ /dev/null @@ -1,12 +0,0 @@ -# $FreeBSD$ -hostname="tinybsd.freebsd.org" -sendmail_enable="NONE" -sshd_enable="YES" -usbd_enable="NO" -inetd_enable="NO" -portmap_enable="NO" -update_motd="NO" -varmfs="YES" -populate_var="YES" -varsize="8192" -tmpmfs="YES" diff --git a/tools/tools/tinybsd/conf/wrap/etc/ttys b/tools/tools/tinybsd/conf/wrap/etc/ttys deleted file mode 100644 --- a/tools/tools/tinybsd/conf/wrap/etc/ttys +++ /dev/null @@ -1,308 +0,0 @@ -# -# $FreeBSD$ -# -# This file specifies various information about terminals on the system. -# It is used by several different programs. Common entries for the -# various columns include: -# -# name The name of the terminal device. -# -# getty The program to start running on the terminal. Typically a -# getty program, as the name implies. Other common entries -# include none, when no getty is needed, and xdm, to start the -# X Window System. -# -# type The initial terminal type for this port. For hardwired -# terminal lines, this will contain the type of terminal used. -# For virtual consoles, the correct type is typically xterm, but -# vt220 will work better if you need interoperability with other -# systems like Solaris or GNU/Linux. -# Other common values include network for network connections on -# pseudo-terminals, dialup for incoming modem ports, and unknown -# when the terminal type cannot be predetermined. -# -# status Must be on or off. If on, init will run the getty program on -# the specified port. If the word "secure" appears, this tty -# allows root login. -# -# name getty type status comments -# -# If console is marked "insecure", then init will ask for the root password -# when going to single-user mode. -console none unknown off secure -# -ttyv0 "/usr/libexec/getty Pc" xterm off secure -# Virtual terminals -ttyv1 "/usr/libexec/getty Pc" xterm off secure -ttyv2 "/usr/libexec/getty Pc" xterm off secure -ttyv3 "/usr/libexec/getty Pc" xterm off secure -ttyv4 "/usr/libexec/getty Pc" xterm off secure -ttyv5 "/usr/libexec/getty Pc" xterm off secure -ttyv6 "/usr/libexec/getty Pc" xterm off secure -ttyv7 "/usr/libexec/getty Pc" xterm off secure -ttyv8 "/usr/local/bin/xdm -nodaemoff" xterm off secure -# Serial terminals -# The 'dialup' keyword identifies dialin lines to login, fingerd etc. -ttyu0 "/usr/libexec/getty std.9600" dialup on secure -ttyu1 "/usr/libexec/getty std.9600" dialup off secure -ttyu2 "/usr/libexec/getty std.9600" dialup off secure -ttyu3 "/usr/libexec/getty std.9600" dialup off secure -# Dumb console -dcons "/usr/libexec/getty std.9600" vt100 off secure -# Pseudo terminals -ttyp0 none network -ttyp1 none network -ttyp2 none network -ttyp3 none network -ttyp4 none network -ttyp5 none network -ttyp6 none network -ttyp7 none network -ttyp8 none network -ttyp9 none network -ttypa none network -ttypb none network -ttypc none network -ttypd none network -ttype none network -ttypf none network -ttypg none network -ttyph none network -ttypi none network -ttypj none network -ttypk none network -ttypl none network -ttypm none network -ttypn none network -ttypo none network -ttypp none network -ttypq none network -ttypr none network -ttyps none network -ttypt none network -ttypu none network -ttypv none network -ttyq0 none network -ttyq1 none network -ttyq2 none network -ttyq3 none network -ttyq4 none network -ttyq5 none network -ttyq6 none network -ttyq7 none network -ttyq8 none network -ttyq9 none network -ttyqa none network -ttyqb none network -ttyqc none network -ttyqd none network -ttyqe none network -ttyqf none network -ttyqg none network -ttyqh none network -ttyqi none network -ttyqj none network -ttyqk none network -ttyql none network -ttyqm none network -ttyqn none network -ttyqo none network -ttyqp none network -ttyqq none network -ttyqr none network -ttyqs none network -ttyqt none network -ttyqu none network -ttyqv none network -ttyr0 none network -ttyr1 none network -ttyr2 none network -ttyr3 none network -ttyr4 none network -ttyr5 none network -ttyr6 none network -ttyr7 none network -ttyr8 none network -ttyr9 none network -ttyra none network -ttyrb none network -ttyrc none network -ttyrd none network -ttyre none network -ttyrf none network -ttyrg none network -ttyrh none network -ttyri none network -ttyrj none network -ttyrk none network -ttyrl none network -ttyrm none network -ttyrn none network -ttyro none network -ttyrp none network -ttyrq none network -ttyrr none network -ttyrs none network -ttyrt none network -ttyru none network -ttyrv none network -ttys0 none network -ttys1 none network -ttys2 none network -ttys3 none network -ttys4 none network -ttys5 none network -ttys6 none network -ttys7 none network -ttys8 none network -ttys9 none network -ttysa none network -ttysb none network -ttysc none network -ttysd none network -ttyse none network -ttysf none network -ttysg none network -ttysh none network -ttysi none network -ttysj none network -ttysk none network -ttysl none network -ttysm none network -ttysn none network -ttyso none network -ttysp none network -ttysq none network -ttysr none network -ttyss none network -ttyst none network -ttysu none network -ttysv none network -ttyP0 none network -ttyP1 none network -ttyP2 none network -ttyP3 none network -ttyP4 none network -ttyP5 none network -ttyP6 none network -ttyP7 none network -ttyP8 none network -ttyP9 none network -ttyPa none network -ttyPb none network -ttyPc none network -ttyPd none network -ttyPe none network -ttyPf none network -ttyPg none network -ttyPh none network -ttyPi none network -ttyPj none network -ttyPk none network -ttyPl none network -ttyPm none network -ttyPn none network -ttyPo none network -ttyPp none network -ttyPq none network -ttyPr none network -ttyPs none network -ttyPt none network -ttyPu none network -ttyPv none network -ttyQ0 none network -ttyQ1 none network -ttyQ2 none network -ttyQ3 none network -ttyQ4 none network -ttyQ5 none network -ttyQ6 none network -ttyQ7 none network -ttyQ8 none network -ttyQ9 none network -ttyQa none network -ttyQb none network -ttyQc none network -ttyQd none network -ttyQe none network -ttyQf none network -ttyQg none network -ttyQh none network -ttyQi none network -ttyQj none network -ttyQk none network -ttyQl none network -ttyQm none network -ttyQn none network -ttyQo none network -ttyQp none network -ttyQq none network -ttyQr none network -ttyQs none network -ttyQt none network -ttyQu none network -ttyQv none network -ttyR0 none network -ttyR1 none network -ttyR2 none network -ttyR3 none network -ttyR4 none network -ttyR5 none network -ttyR6 none network -ttyR7 none network -ttyR8 none network -ttyR9 none network -ttyRa none network -ttyRb none network -ttyRc none network -ttyRd none network -ttyRe none network -ttyRf none network -ttyRg none network -ttyRh none network -ttyRi none network -ttyRj none network -ttyRk none network -ttyRl none network -ttyRm none network -ttyRn none network -ttyRo none network -ttyRp none network -ttyRq none network -ttyRr none network -ttyRs none network -ttyRt none network -ttyRu none network -ttyRv none network -ttyS0 none network -ttyS1 none network -ttyS2 none network -ttyS3 none network -ttyS4 none network -ttyS5 none network -ttyS6 none network -ttyS7 none network -ttyS8 none network -ttyS9 none network -ttySa none network -ttySb none network -ttySc none network -ttySd none network -ttySe none network -ttySf none network -ttySg none network -ttySh none network -ttySi none network -ttySj none network -ttySk none network -ttySl none network -ttySm none network -ttySn none network -ttySo none network -ttySp none network -ttySq none network -ttySr none network -ttySs none network -ttySt none network -ttySu none network -ttySv none network diff --git a/tools/tools/tinybsd/conf/wrap/tinybsd.basefiles b/tools/tools/tinybsd/conf/wrap/tinybsd.basefiles deleted file mode 100644 --- a/tools/tools/tinybsd/conf/wrap/tinybsd.basefiles +++ /dev/null @@ -1,232 +0,0 @@ -# $FreeBSD$ -# contents of ${WORKDIR}/boot -boot/boot0 -boot/boot1 -boot/boot2 -boot/defaults/loader.conf -boot/device.hints -boot/loader -boot/loader.4th -boot/loader.help -boot/loader.rc -boot/mbr -boot/support.4th - -# contents of ${WORKDIR}/libexec -libexec/ld-elf.so.1:usr/libexec/ld-elf.so.1 - -# contents of ${WORKDIR}/bin -bin/[:bin/test -bin/cat -bin/chflags -bin/chio -bin/chmod -bin/cp -bin/csh:bin/tcsh -bin/date -bin/dd -bin/df -bin/domainname -bin/echo -bin/ed:bin/red -bin/expr -bin/hostname -bin/kenv -bin/kill -bin/ln:bin/link -bin/ls -bin/mkdir -bin/mv -bin/pax -bin/ps -bin/pwd -bin/realpath -bin/rm:bin/unlink -bin/rmdir -bin/sh -bin/sleep -bin/stty -bin/sync - -# contents of ${WORKDIR}/sbin -sbin/adjkerntz -sbin/comcontrol -sbin/disklabel -sbin/dmesg -sbin/fastboot:sbin/reboot -sbin/fasthalt:sbin/halt -sbin/fsck -sbin/fsck_ufs:sbin/fsck_ffs -sbin/fsck_ufs:sbin/fsck_4.2bsd -sbin/ifconfig -sbin/init -sbin/ipfw -sbin/kldconfig -sbin/kldload -sbin/kldstat -sbin/kldunload -sbin/ldconfig -sbin/md5 -sbin/mdconfig -sbin/mknod -sbin/mdmfs -sbin/mount -sbin/mount_nullfs -sbin/mount_unionfs -sbin/natd -sbin/newfs -sbin/nextboot -sbin/nologin -sbin/nos-tun -sbin/pfctl -sbin/pflogd -sbin/ping -sbin/rcorder -sbin/route -sbin/shutdown -sbin/slattach -sbin/swapon -sbin/sysctl -sbin/umount - -# contents of ${WORKDIR}/usr/sbin -usr/bin/at:usr/bin/atq -usr/bin/at:usr/bin/atrm -usr/bin/at:usr/bin/batch -usr/bin/awk -usr/bin/basename -usr/bin/bunzip2:usr/bin/bzcat -usr/bin/bunzip2:usr/bin/bzip2 -usr/bin/chat -usr/bin/chfn:usr/bin/chpass -usr/bin/chfn:usr/bin/chsh -usr/bin/chgrp -usr/bin/cksum -usr/bin/clear -usr/bin/cmp -usr/bin/compress:usr/bin/uncompress -usr/bin/cpio -usr/bin/crontab -usr/bin/cu -usr/bin/dig -usr/bin/dirname -usr/bin/du -usr/bin/ee -usr/bin/egrep:usr/bin/fgrep -usr/bin/egrep:usr/bin/grep -usr/bin/env -usr/bin/false -usr/bin/fetch -usr/bin/find -usr/bin/finger -usr/bin/fstat -usr/bin/fsync -usr/bin/ftp -usr/bin/gunzip:usr/bin/gzcat -usr/bin/gunzip:usr/bin/gzip -usr/bin/gzexe -usr/bin/head -usr/bin/hexdump -usr/bin/id:usr/bin/whoami -usr/bin/ident -usr/bin/killall -usr/bin/last -usr/bin/less:usr/bin/more -usr/bin/limits -usr/bin/lock -usr/bin/lockf -usr/bin/logger -usr/bin/login -usr/bin/logname -usr/bin/mesg -usr/bin/minigzip -usr/bin/mkfifo -usr/bin/mktemp -usr/bin/msgs -usr/bin/netstat -usr/bin/nfsstat -usr/bin/nice -usr/bin/nslookup -usr/bin/nsupdate -usr/bin/nohup -usr/bin/objformat -usr/bin/openssl -usr/bin/passwd -usr/bin/printf -usr/bin/renice -usr/bin/reset:usr/sbin/tset -usr/bin/scp -usr/bin/script -usr/bin/sed -usr/bin/sftp -usr/bin/shar -usr/bin/slogin:usr/bin/ssh -usr/bin/sort -usr/bin/split -usr/bin/ssh-keygen -usr/bin/su -usr/bin/tail -usr/bin/tar -usr/bin/tee -usr/bin/telnet -usr/bin/time -usr/bin/top -usr/bin/touch -usr/bin/tput -usr/bin/tr -usr/bin/true -usr/bin/tty -usr/bin/uname -usr/bin/uptime:usr/bin/w -usr/bin/users -usr/bin/uudecode -usr/bin/uuencode -usr/bin/vi -usr/bin/vmstat -usr/bin/wall -usr/bin/who -usr/bin/whois -usr/bin/write -usr/bin/yes - -# contents of ${WORKDIR}/usr/sbin -usr/sbin/arp -usr/sbin/authpf -usr/sbin/boot0cfg -usr/sbin/chown -usr/sbin/cron -usr/sbin/idprio:usr/sbin/rtprio -usr/sbin/inetd -usr/sbin/iostat -usr/sbin/kbdcontrol -usr/sbin/lastlogin -usr/sbin/memcontrol -usr/sbin/mtree -usr/sbin/newsyslog -usr/sbin/ntpdate -usr/sbin/pciconf -usr/sbin/pw -usr/sbin/pwd_mkdb -usr/sbin/slstat -usr/sbin/sshd -usr/sbin/syslogd -usr/sbin/tcpdchk -usr/sbin/tcpdmatch -usr/sbin/tcpdump -usr/sbin/traceroute -usr/sbin/vidcontrol -usr/sbin/vipw -usr/sbin/vnconfig -usr/sbin/watch -usr/sbin/pccardc -usr/sbin/pccardd - -# contents of ${WORKDIR}/usr/libexec -usr/libexec/atrun -usr/libexec/ftpd -usr/libexec/getty -usr/libexec/sftp-server - -# contents of ${WORKDIR}/usr/share -usr/share/misc/termcap - diff --git a/tools/tools/tinybsd/conf/wrap/tinybsd.ports b/tools/tools/tinybsd/conf/wrap/tinybsd.ports deleted file mode 100644 --- a/tools/tools/tinybsd/conf/wrap/tinybsd.ports +++ /dev/null @@ -1,9 +0,0 @@ -# $FreeBSD$ -# Here you can add the applications from the FreeBSD Ports Collection which you -# want TinyBSD ports system to install in your embedded system. You whould list -# one application per line, mentioning its category and name, like the examples: -# -# www/mini_httpd -# net-mgmt/rate -# -# Make sure you have enough space to add it. diff --git a/tools/tools/tinybsd/tinybsd b/tools/tools/tinybsd/tinybsd deleted file mode 100755 --- a/tools/tools/tinybsd/tinybsd +++ /dev/null @@ -1,526 +0,0 @@ -#!/bin/sh - -# Copyright (c) 2006 Jean Milanez Melo -# -# Patrick Tracanelli -# -# $FreeBSD$ -#set -xv -CURRENTDIR=/usr/src/tools/tools/tinybsd -if [ ! -d $CURRENTDIR ] -then - CURRENTDIR=`pwd` -else - cd $CURRENTDIR -fi - -WORKDIR=/usr/obj/tinybsdbuild -KERNCONF=TINYBSD -BASEFILE="tinybsd.basefiles" -PORTSFILE="tinybsd.ports" -PORTSDIR=/usr/ports -DEFINSTARGS="-o 0 -g 0 -m 555" -TINYARCH=$(uname -p) - -TS="=====>" - -splitarg1 () { - local IFS - IFS='=' - set $1 - echo $1 -} - -splitarg2 () { - local IFS - IFS='=' - set $1 - echo $2 -} - -getargs () { - ARGS="$*" - for arg in $* - do - ARG=`splitarg1 $arg` - VAL=`splitarg2 $arg` - case $ARG in - sectors) - SECTUNIT=$VAL - ;; - heads) - TRACKCYL=$VAL - ;; - spt) - SECTRACK=$VAL - ;; - conf) - CONF=$VAL - ;; - mfsroot) - MFSROOT=$VAL - ;; - image) - IMG=$VAL - ;; - batch) - NO_PROMPTS="YES" - ;; - new) - NO_READ="YES" - ;; - *) - usage - ;; - esac - done -} - -usage () { - echo "Woops - Usage: $0 sectors= [80000] - heads= [4] - spt= [32] - conf= (see conf/name) [default] - mfsroot[=] [no] - image= [tinybsd.bin] - batch[=] (do not ask interactively) - new[=] (do not read previous values) - - Examples: - $0 sectors=65536 heads=8 spt=16 conf=wireless mfsroot=yes image=myimage.img batch - - Default values are set in the program. - Environment values override defaults. - Previous values override environment values but can be disabled. - Command arguments override previous values. - Interactive values override command arguments but can be disabled. - - Run diskinfo(8) -v against your CF device to get correct information - about your disk. USB keys do not need any specific geometry" - exit 1 -} - -######## -# Load variables from stdin (could be a file) -# Look for lines that match foo=bar -# do not run the file.. that is asking for trouble -######## -loadvars () { - while : - do - OIFS=$IFS - IFS="=" - if read PART1 PART2 - then - IFS="$OIFS" - case "$PART1" in - \#*) - ;; - "") - ;; - *) - set "${PART1}" - if [ $# = "1" ] - then - eval "${PART1}='${PART2}'" - fi - ;; - esac - else - IFS="$OIFS" - return 0 - fi - done -} - -######## -# get values from the user -######## -confirm_action(){ - local ANSWER - local MESSAGE - ANSWER=$1 - MESSAGE=$2 - if [ "$NO_PROMPTS" != "YES" ] - then - echo -n "$MESSAGE [$ANSWER] " > /dev/tty - read result - [ "$result" != "" ] && ANSWER=$result - fi - - ANSWER=`eval "echo $ANSWER"` - echo $ANSWER -} - -######## -# These are only used the VERY first time you run the program (on this machine) -######## -setdefaults () { - NO_PROMPTS=${NO_PROMPTS:-NO} - NO_READ=${NO_READ:-NO} - SECTUNIT=${SECTUNIT:-80000}; export SECTUNIT - TRACKCYL=${TRACKCYL:-4}; export TRACKCYL - SECTRACK=${SECTRACK:-32}; export SECTRACK - CONF=${CONF:-default}; export CONF - MFSROOT=${MFSROOT:-NO}; export MFSROOT - IMG=${IMG:-tinybsd.bin}; export IMG - -} - -####### -# get ourselves set up. -# Partly by reading config files and partly from asking questions. -####### -loadconfig () { - if [ "${NO_READ}" = "YES" ] - then - return - fi - - HOSTNAME=`hostname` - HOSTPART=${HOSTNAME%%.*} - FILENAME=".tinybsd.${HOSTPART}.${USER}" - FULLFILENAME=$HOME/$FILENAME - - if [ -f ${FULLFILENAME} ] - then - loadvars <${FULLFILENAME} - fi - - SECTUNIT=`confirm_action "$SECTUNIT" "512 byte sectors per unit?"` - TRACKCYL=`confirm_action "$TRACKCYL" "Tracks per cylinder?"` - SECTRACK=`confirm_action "$SECTRACK" "Sectors per track?"` - while : - do - echo "The following configurations exist:" - ls -l conf|awk '/^d/{print " ",$9}'|grep -v CVS - CONF=`confirm_action "$CONF" "Configuration name?"` - if [ ! -d "${CURRENTDIR}/conf/$CONF" ] - then - echo "${TS} Error: Could not find config (${CONF})" - if [ "$NO_PROMPTS" = "YES" ] - then - exit 1 - fi - else - break - fi - done - MFSROOT=`confirm_action "$MFSROOT" "Use an MFSROOT? (yes/no)"` - IMG=`confirm_action "$IMG" "Image file to generate?"` - -# example of formatted value (NNN in this case) -# #condition and format the number -# if [ -z "${BUILDNUM}" ] -# then -# echo "Starting with build 001" -# BUILDNUM="001" -# else -# BUILDNUM=`printf "%03d\n" $(($BUILDNUM))` -# fi - - -} - -saveconfig () { - HOSTNAME=`hostname` - HOSTPART=${HOSTNAME%%.*} - FILENAME=".tinybsd.${HOSTPART}.${USER}" - FULLFILENAME=$HOME/$FILENAME - ( - echo "# written by tinybsd" `date` - echo "SECTUNIT=${SECTUNIT}" - echo "TRACKCYL=${TRACKCYL}" - echo "SECTRACK=${SECTRACK}" - echo "CONF=${CONF}" - echo "MFSROOT=${MFSROOT:-NO}" - echo "IMG=${IMG}" - ) >${FULLFILENAME} -} - -check_alt_imgname() { - if [ ${IMG} = 'tinybsd.bin' ] - then - echo "${TS} Alternative image name not set; defaulting to 'tinybsd.bin'" - fi -} - -rotate_buidlog() { - mv -f ${HOME}/tinybsd.log ${HOME}/tinybsd.log.old -} - -remove_workdir() { - # Before removing check if there is not a mount under $WORKDIR anymore - MOUNT_CHECK=`mount|egrep "on ${WORKDIR}"` - - if [ ! -z "${MOUNT_CHECK}" ]; then - echo "There are mounts under the workdir (${WORKDIR}). Please umount them before running this script" - exit 1 - else - chflags -R noschg ${WORKDIR} - echo "${TS} Removing "${WORKDIR} - rm -rf ${WORKDIR} - echo "${TS} Removing Build Kernel Directory" - rm -rf /usr/obj/usr/src/sys/${KERNCONF} - echo "${TS} done." - fi -} - - -prework() { - remove_workdir - mkdir -p ${WORKDIR} -} - - -create_tree() { - echo "${TS} Creating directory hierarchy... " - mtree -deU -f /etc/mtree/BSD.root.dist -p ${WORKDIR} - mtree -deU -f /etc/mtree/BIND.chroot.dist -p ${WORKDIR} - mtree -deU -f /etc/mtree/BSD.usr.dist -p ${WORKDIR}/usr - mtree -deU -f /etc/mtree/BSD.local.dist -p ${WORKDIR}/usr/local - mtree -deU -f /etc/mtree/BSD.var.dist -p ${WORKDIR}/var -} - -copy_binaries() { - cd ${CURRENTDIR}/conf/${CONF} - - for file in `cat ${CURRENTDIR}/conf/${CONF}/${BASEFILE} | grep -v "#" | \ - cut -f1 -d":" | sort | uniq` ; do - echo "${TS} Copying "/${file}" to "${WORKDIR}/${file} - cp -fp /${file} ${WORKDIR}/${file} ; - done -} - -install_ports() { - for portname in `cat ${CURRENTDIR}/conf/${CONF}/${PORTSFILE} | grep -v '#'` ; do - if [ ! -d "${WORKDIR}/usr/ports" ]; then - mkdir -p "${WORKDIR}/usr/ports" - fi - - PNAME=`/usr/bin/basename "${portname}"` - PORT_OPTION_FILE="/var/db/ports/${PNAME}/options" - - if [ -f "${PORT_OPTION_FILE}" ]; then - mkdir -p "${WORKDIR}/var/db/ports/${PNAME}" - cp "${PORT_OPTION_FILE}" "${WORKDIR}/var/db/ports/${PNAME}/" - fi - - mount_nullfs /lib "${WORKDIR}/lib" - mount_nullfs /usr/bin "${WORKDIR}/usr/bin" - mount_nullfs /usr/sbin "${WORKDIR}/usr/sbin" - mount_nullfs /usr/ports "${WORKDIR}/usr/ports" - mount_nullfs /usr/share "${WORKDIR}/usr/share" - mount_nullfs /usr/libexec "${WORKDIR}/usr/libexec" - mount_nullfs /usr/lib "${WORKDIR}/usr/lib" - mount_nullfs /usr/include "${WORKDIR}/usr/include" - - cd ${PORTSDIR}/${portname} - make fetch-recursive - make DESTDIR_ENV_LIST=PATH DESTDIR="${WORKDIR}" install - make clean - - umount "${WORKDIR}/lib" - umount "${WORKDIR}/usr/ports" - umount "${WORKDIR}/usr/bin" - umount "${WORKDIR}/usr/sbin" - umount "${WORKDIR}/usr/share" - umount "${WORKDIR}/usr/libexec" - umount "${WORKDIR}/usr/lib" - umount "${WORKDIR}/usr/include" - done -} - -make_kernel() { - echo "${TS} Building customized tiny beastie kernel... " - cp -p ${CURRENTDIR}/conf/${CONF}/${KERNCONF} /usr/src/sys/${TINYARCH}/conf - cd /usr/src - make buildkernel KERNCONF=${KERNCONF} || exit 1 - gzip -9 /usr/obj/usr/src/sys/${KERNCONF}/kernel - install ${DEFINSTARGS} /usr/obj/usr/src/sys/${KERNCONF}/kernel.gz ${WORKDIR}/boot/kernel/ - install ${DEFINSTARGS} \ - /usr/obj/usr/src/sys/${KERNCONF}/modules/usr/src/sys/modules/acpi/acpi/acpi.ko \ - ${WORKDIR}/boot/kernel - install -o 0 -g 0 -m 444 /sys/${TINYARCH}/conf/GENERIC.hints ${WORKDIR}/boot/device.hints -} - -copy_libraries() { - TDEPFILE="`mktemp -t deps`" - TDEPFILES="`mktemp -t depsymlnk`" - - find "${WORKDIR}" -type f |while read file; do - ldd -f "%p\n" ${file} >> ${TDEPFILE} ; # don't worry on progs been "not dynamic" - done - - for libdeplib in `cat ${TDEPFILE} | sort | uniq`; do - ldd -f "%p\n" /${libdeplib} >> ${TDEPFILE} ; - done - - for pamdep in `ls -1 /usr/lib/pam*`; do - echo $pamdep >> ${TDEPFILE} ; - ldd -f "%p\n" /${pamdep} >> ${TDEPFILE} ; - done - - for lib in `cat ${TDEPFILE} | sort | uniq`; do - echo "${TS} Copying "${lib}" to "${WORKDIR}${lib} - cp -fp ${lib} ${WORKDIR}${lib} ; - done - - for depsymlink in `cat ${TDEPFILE}`; do - echo "${TS} Checking if ${depsymlink} is a symbolic link" - /bin/ls -l $depsymlink | grep "\->" | awk '{print $11":"$9}' >> ${TDEPFILES} - done - - for i in `cat ${TDEPFILES}`; do - SOURCE_FILE=`echo $i | awk -F ":" '{print $1}'` - TARGET_FILE=`echo $i | awk -F ":" '{print $2}'` - - echo "${TS} Unlinking ${WORKDIR}${TARGET_FILE}" - chroot ${WORKDIR} /bin/chflags 0 ${TARGET_FILE} - chroot ${WORKDIR} /bin/rm -f ${TARGET_FILE} - - echo "${TS} Symlinking ${SOURCE_FILE} to ${TARGET_FILE}" - chroot ${WORKDIR} /bin/ln -s ${SOURCE_FILE} ${TARGET_FILE} - done - - echo -n "${TS} Unlinking " - rm -fv ${TDEPFILE} ${TDEPFILES} -} - -create_etc() { - cd /usr/src/etc/sendmail/ - make freebsd.cf freebsd.submit.cf - - cd /usr/src/etc/ - mkdir -p ${WORKDIR}/var/named/etc/namedb - make distribution DESTDIR=${WORKDIR} || exit 1 -} - -create_ssh_keys() { - echo "Creating ssh keys..." - ssh-keygen -t rsa1 -b 1024 -f ${WORKDIR}/etc/ssh/ssh_host_key -N '' - ssh-keygen -t dsa -f ${WORKDIR}/etc/ssh/ssh_host_dsa_key -N '' - ssh-keygen -t rsa -f ${WORKDIR}/etc/ssh/ssh_host_rsa_key -N '' -} - -personal_conf() { - echo "${TS} Copying your custom configuration on conf/ ..." - for custom in `find ${CURRENTDIR}/conf/${CONF}/ -type d -depth 1 \! -name CVS`; do - cp -Rp ${custom}/* ${WORKDIR}/${custom#${CURRENTDIR}/conf/${CONF}/}/ - done - - if [ -f ${CURRENTDIR}/conf/${CONF}/boot.config ]; then - cp ${CURRENTDIR}/conf/${CONF}/boot.config ${WORKDIR}/boot.config - fi -} - -symlinks() { -#set -xv - for i in `cat ${CURRENTDIR}/conf/${CONF}/${BASEFILE}| grep -v "#" | grep ":"`; do - SOURCE_FILE=`echo $i | awk -F ":" {'print $1'}` - TARGET_FILE=`echo $i | awk -F ":" {'print $2'}` - chroot ${WORKDIR} /bin/ln -vs /${SOURCE_FILE} ${TARGET_FILE} - done -#set +xv -} - - -create_image() { - VNODEFILE=`mktemp -t tinybsd` - IMGMNT=`mktemp -d -t tinybsd` - - dd if=/dev/zero of=${VNODEFILE} count=${SECTUNIT} - - MD=`mdconfig -a -t vnode -f ${VNODEFILE} -x ${SECTRACK} -y ${TRACKCYL}` - - diskinfo -v /dev/${MD} - - fdisk -I /dev/${MD} - fdisk /dev/${MD} - - cp -p /boot/boot0 ${WORKDIR}/boot/boot0 - bsdlabel -w -B /dev/${MD} - newfs -O2 -U /dev/${MD}a - - mount /dev/${MD}a ${IMGMNT} - - if [ ${MFSROOT} = 'yes' ] - then - echo "${TS} Creating MFS root..." - # Update is not done yet - #mkdir -p ${WORKDIR}/usr/local/bin/ - #cp -p ${CURRENTDIR}/update/update ${WORKDIR}/usr/local/bin/ - rm ${WORKDIR}/etc/fstab - cd ${WORKDIR} && find . -print | sed '/kernel/ d' | cpio -dump ${IMGMNT} || true - umount ${IMGMNT} - dd if=/dev/${MD} of=${CURRENTDIR}/mfsroot.img - gzip -9 < ${CURRENTDIR}/mfsroot.img > ${CURRENTDIR}/mfsroot.gz - rm ${CURRENTDIR}/mfsroot.img - mount /dev/${MD}a ${IMGMNT} - rm -rf ${IMGMNT}/* - cp -rp ${WORKDIR}/boot ${IMGMNT} - rm ${IMGMNT}/boot/device.hints - ( \ - echo 'set vfs.root.mountfrom="ufs:/dev/md0a"' ; \ - echo 'set bootfile="/boot/kernel/kernel"' ; \ - sed -e '/^#/ d' -e 's/^/set /' < ${WORKDIR}/boot/device.hints ; \ - echo 'load /boot/kernel/kernel' ; \ - echo 'echo Loading mfsroot' ; \ - echo 'load -t mfs_root /mfsroot' ;\ - echo 'boot' ; \ - ) > ${IMGMNT}/boot/loader.rc - mv ${CURRENTDIR}/mfsroot.gz ${IMGMNT} - else - ( cd ${WORKDIR} && find . -print | cpio -dump ${IMGMNT} ) || true - fi - - df ${IMGMNT} - sleep 1 - umount ${IMGMNT} - - dd if=/dev/${MD} of=${CURRENTDIR}/${IMG} bs=64k - - rm -vf ${VNODEFILE} - rm -rvf ${IMGMNT} - mdconfig -d -u ${MD} - echo "" - echo "${TS} Done!" - echo "${TS} Your configuration options were saved in ${FULLFILENAME}" - echo "${TS} You can see your build log in ${HOME}/tinybsd.log" - echo "${TS} Your final image is in ${CURRENTDIR}/${IMG}" - echo "${TS} Now use dd(1) to write it." -} - -########################## -# run things - -########################################## -## The actual program -########################################## -getargs $* -setdefaults -# Load as many of the configuration options as we can -loadconfig -saveconfig - -# Rotate build log -rotate_buidlog - -# Now start logging. -( - # Do the build - prework - check_alt_imgname - create_tree - copy_binaries - create_etc - install_ports - make_kernel - copy_libraries - symlinks - create_ssh_keys - personal_conf - create_image -#set +xv -) 2>&1 |tee -a ${HOME}/tinybsd.log -