diff -ur 2.2.7-RELEASE/etc/aliases 3.0-RELEASE/etc/aliases --- 2.2.7-RELEASE/etc/aliases Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/aliases Sun Oct 18 02:08:32 1998 @@ -1,4 +1,4 @@ -# $Id: aliases,v 1.3.2.2 1997/08/21 12:07:55 wosch Exp $ +# $Id: aliases,v 1.6 1997/08/19 17:16:14 wosch Exp $ # @(#)aliases 5.3 (Berkeley) 5/24/90 # # Aliases in this file will NOT be expanded in the header from diff -ur 2.2.7-RELEASE/etc/amd.map 3.0-RELEASE/etc/amd.map --- 2.2.7-RELEASE/etc/amd.map Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/amd.map Sun Oct 18 02:08:32 1998 @@ -1,2 +1,2 @@ /defaults type:=host;fs:=${autodir}/${rhost};rhost:=${key} -* opts:=rw,grpid,resvport,nfsv2,nosuid,nodev +* opts:=rw,grpid,resvport,vers=3,proto=tcp,nosuid,nodev Only in 3.0-RELEASE/etc: auth.conf diff -ur 2.2.7-RELEASE/etc/crontab 3.0-RELEASE/etc/crontab --- 2.2.7-RELEASE/etc/crontab Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/crontab Sun Oct 18 02:08:32 1998 @@ -1,7 +1,6 @@ # /etc/crontab - root's crontab for FreeBSD # -# $Id: crontab,v 1.13 1996/01/06 22:21:37 ache Exp $ -# From: Id: crontab,v 1.6 1993/05/31 02:03:57 cgd Exp +# $Id: crontab,v 1.18 1998/03/30 09:17:25 ache Exp $ # SHELL=/bin/sh PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin @@ -12,14 +11,14 @@ */5 * * * * root /usr/libexec/atrun # # rotate log files every hour, if necessary -0 * * * * root /usr/sbin/newsyslog +0 * * * * root newsyslog # # do daily/weekly/monthly maintenance -0 2 * * * root /etc/daily 2>&1 | sendmail root -30 3 * * 6 root /etc/weekly 2>&1 | sendmail root -30 5 1 * * root /etc/monthly 2>&1 | sendmail root +0 2 * * * root periodic daily 2>&1 | sendmail root +30 3 * * 6 root periodic weekly 2>&1 | sendmail root +30 5 1 * * root periodic monthly 2>&1 | sendmail root # # time zone change adjustment for wall cmos clock, # does nothing, if you have UTC cmos clock. # See adjkerntz(8) for details. -1,31 0-4 * * * root /sbin/adjkerntz -a +1,31 0-5 * * * root adjkerntz -a diff -ur 2.2.7-RELEASE/etc/csh.cshrc 3.0-RELEASE/etc/csh.cshrc --- 2.2.7-RELEASE/etc/csh.cshrc Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/csh.cshrc Sun Oct 18 02:08:32 1998 @@ -1 +1,3 @@ +# $Id: csh.cshrc,v 1.2 1998/09/02 01:34:55 brian Exp $ +# # System-wide .cshrc file for csh(1). diff -ur 2.2.7-RELEASE/etc/csh.login 3.0-RELEASE/etc/csh.login --- 2.2.7-RELEASE/etc/csh.login Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/csh.login Sun Oct 18 02:08:32 1998 @@ -1,3 +1,5 @@ +# $Id: csh.login,v 1.18 1998/09/02 01:34:55 brian Exp $ +# # System-wide .login file for csh(1). # Uncomment this to give you the default 4.2 behavior, where disk # information is shown in K-Blocks diff -ur 2.2.7-RELEASE/etc/csh.logout 3.0-RELEASE/etc/csh.logout --- 2.2.7-RELEASE/etc/csh.logout Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/csh.logout Sun Oct 18 02:08:32 1998 @@ -1 +1,3 @@ +# $Id: csh.logout,v 1.2 1998/09/02 01:34:55 brian Exp $ +# # System-wide .logout file for csh(1). Only in 2.2.7-RELEASE/etc: daily diff -ur 2.2.7-RELEASE/etc/disktab 3.0-RELEASE/etc/disktab --- 2.2.7-RELEASE/etc/disktab Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/disktab Sun Oct 18 02:08:33 1998 @@ -1,3 +1,5 @@ +# $Id: disktab,v 1.17 1998/10/06 12:42:55 dfr Exp $ +# # Disk geometry and partition layout tables. # Key: # dt controller type diff -ur 2.2.7-RELEASE/etc/dm.conf 3.0-RELEASE/etc/dm.conf --- 2.2.7-RELEASE/etc/dm.conf Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/dm.conf Sun Oct 18 02:08:32 1998 @@ -1,5 +1,6 @@ # # Game Control File +# $Id: dm.conf,v 1.2 1998/09/02 01:34:55 brian Exp $ # @(#)dm.conf 5.5 (Berkeley) 4/12/89 # Only in 3.0-RELEASE/etc: fbtab diff -ur 2.2.7-RELEASE/etc/ftpusers 3.0-RELEASE/etc/ftpusers --- 2.2.7-RELEASE/etc/ftpusers Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/ftpusers Sun Oct 18 02:08:32 1998 @@ -1,3 +1,5 @@ +# $Id: ftpusers,v 1.4 1998/09/02 01:34:55 brian Exp $ +# # list of users disallowed any ftp access. # read by ftpd(8). root diff -ur 2.2.7-RELEASE/etc/gettytab 3.0-RELEASE/etc/gettytab --- 2.2.7-RELEASE/etc/gettytab Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/gettytab Sun Oct 18 02:08:32 1998 @@ -1,3 +1,4 @@ +# $Id: gettytab,v 1.16 1998/09/02 01:34:55 brian Exp $ # from: @(#)gettytab 5.14 (Berkeley) 3/27/91 # # Most of the table entries here are just copies of the old getty table, @@ -37,7 +38,7 @@ # np:ap: same as np except istrip. # default:\ - :cb:ce:ck:lc:fd#1000:im=\r\nFreeBSD (%h) (%t)\r\n\r\n:sp#1200: + :cb:ce:ck:lc:fd#1000:im=\r\n%s/%m (%h) (%t)\r\n\r\n:sp#1200: # # Fixed speed entries @@ -75,6 +76,8 @@ :np:sp#57600: std.115200|115200-baud:\ :np:sp#115200: +std.230400|230400-baud:\ + :np:sp#230400: # # Entry specifying explicit device settings. See termios(4) and diff -ur 2.2.7-RELEASE/etc/gnats/freefall 3.0-RELEASE/etc/gnats/freefall --- 2.2.7-RELEASE/etc/gnats/freefall Wed Jul 22 17:16:25 1998 +++ 3.0-RELEASE/etc/gnats/freefall Sun Oct 18 02:08:35 1998 @@ -7,3 +7,4 @@ misc ports sparc +alpha diff -ur 2.2.7-RELEASE/etc/group 3.0-RELEASE/etc/group --- 2.2.7-RELEASE/etc/group Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/group Sun Oct 18 02:08:32 1998 @@ -1,3 +1,5 @@ +# $Id: group,v 1.17 1998/09/13 23:05:46 brian Exp $ +# wheel:*:0:root daemon:*:1:daemon kmem:*:2:root diff -ur 2.2.7-RELEASE/etc/host.conf 3.0-RELEASE/etc/host.conf --- 2.2.7-RELEASE/etc/host.conf Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/host.conf Sun Oct 18 02:08:32 1998 @@ -1,4 +1,4 @@ -# $Id: host.conf,v 1.2 1993/11/07 01:02:57 wollman Exp $ +# $Id: host.conf,v 1.4 1997/02/23 09:20:40 peter Exp $ # Default is to use the nameserver first bind # If that doesn't work, then try the /etc/hosts file diff -ur 2.2.7-RELEASE/etc/hosts 3.0-RELEASE/etc/hosts --- 2.2.7-RELEASE/etc/hosts Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/hosts Sun Oct 18 02:08:32 1998 @@ -1,4 +1,4 @@ -# $Id: hosts,v 1.6.2.1 1998/07/19 06:53:17 jkh Exp $ +# $Id: hosts,v 1.9 1998/04/16 14:37:19 joerg Exp $ # # Host Database # This file should contain the addresses and aliases diff -ur 2.2.7-RELEASE/etc/hosts.equiv 3.0-RELEASE/etc/hosts.equiv --- 2.2.7-RELEASE/etc/hosts.equiv Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/hosts.equiv Sun Oct 18 02:08:32 1998 @@ -1,2 +1,4 @@ +# $Id: hosts.equiv,v 1.3 1998/09/02 01:34:56 brian Exp $ +# #localhost #my_very_good_friend.domain diff -ur 2.2.7-RELEASE/etc/hosts.lpd 3.0-RELEASE/etc/hosts.lpd --- 2.2.7-RELEASE/etc/hosts.lpd Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/hosts.lpd Sun Oct 18 02:08:32 1998 @@ -1,2 +1,4 @@ +# $Id: hosts.lpd,v 1.3 1998/09/02 01:34:56 brian Exp $ +# # See lpd(8) #machine.domain diff -ur 2.2.7-RELEASE/etc/inetd.conf 3.0-RELEASE/etc/inetd.conf --- 2.2.7-RELEASE/etc/inetd.conf Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/inetd.conf Sun Oct 18 02:08:32 1998 @@ -1,3 +1,4 @@ +# $Id: inetd.conf,v 1.30 1998/09/30 16:12:40 wosch Exp $ # # Internet server configuration database # @@ -7,7 +8,7 @@ telnet stream tcp nowait root /usr/libexec/telnetd telnetd shell stream tcp nowait root /usr/libexec/rshd rshd login stream tcp nowait root /usr/libexec/rlogind rlogind -finger stream tcp nowait nobody /usr/libexec/fingerd fingerd -s +finger stream tcp nowait/3/10 nobody /usr/libexec/fingerd fingerd -s #exec stream tcp nowait root /usr/libexec/rexecd rexecd #uucpd stream tcp nowait root /usr/libexec/uucpd uucpd #nntp stream tcp nowait usenet /usr/libexec/nntpd nntpd @@ -36,12 +37,12 @@ #klogin stream tcp nowait root /usr/libexec/rlogind rlogind -k #eklogin stream tcp nowait root /usr/libexec/rlogind rlogind -k -x #kshell stream tcp nowait root /usr/libexec/rshd rshd -k -#rkinit stream tcp nowait root /usr/libexec/rkinitd rkinitd +#kip stream tcp nowait root /usr/libexec/kipd kipd # -# Services run ONLY on the Kerberos server +# CVS servers - for master CVS repositories only! # -#krbupdate stream tcp nowait root /usr/libexec/registerd registerd -#kpasswd stream tcp nowait root /usr/libexec/kpasswdd kpasswdd +#cvspserver stream tcp nowait root /usr/bin/cvs cvs pserver +#cvs stream tcp nowait root /usr/bin/cvs cvs kserver # # RPC based services (you MUST have portmapper running to use these) # diff -ur 2.2.7-RELEASE/etc/locate.rc 3.0-RELEASE/etc/locate.rc --- 2.2.7-RELEASE/etc/locate.rc Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/locate.rc Sun Oct 18 02:08:33 1998 @@ -1,7 +1,7 @@ # # /etc/locate.rc - command script for updatedb(8) # -# $Id: locate.rc,v 1.2.2.2 1998/07/17 04:19:10 jkh Exp $ +# $Id: locate.rc,v 1.6 1998/03/08 16:09:26 wosch Exp $ # # All commented values are the defaults diff -ur 2.2.7-RELEASE/etc/login.access 3.0-RELEASE/etc/login.access --- 2.2.7-RELEASE/etc/login.access Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/login.access Sun Oct 18 02:08:33 1998 @@ -1,3 +1,5 @@ +# $Id: login.access,v 1.2 1998/09/02 01:34:56 brian Exp $ +# # Login access control table. # # When someone logs in, the table is scanned for the first entry that diff -ur 2.2.7-RELEASE/etc/login.conf 3.0-RELEASE/etc/login.conf --- 2.2.7-RELEASE/etc/login.conf Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/login.conf Sun Oct 18 02:08:32 1998 @@ -9,244 +9,61 @@ # This file controls resource limits, accounting limits and # default user environment settings. # -# $Id: login.conf,v 1.9.2.7 1998/03/09 03:03:23 steve Exp $ +# $Id: login.conf,v 1.22 1998/09/17 17:02:39 dt Exp $ # - -# Authentication methods - -auth-defaults:\ - :auth=krb_skey_or_passwd,passwd,kerberos,skey: - -auth-root-defaults:\ - :auth-login=krb_skey_or_passwd,passwd,kerberos,skey:\ - :auth-rlogin=krb_or_skey,kerberos,skey: - -auth-ftp-defaults:\ - :auth=skey_or_pwd,passwd,skey: - +# Default settings effectively disable resource limits, see the +# examples below for a starting point to enable them. # Example defaults # These settings are used by login(1) by default for classless users # Note that entries like "cputime" set both "cputime-cur" and "cputime-max" default:\ - :cputime=infinity:\ - :datasize-cur=22M:\ - :stacksize-cur=8M:\ - :memorylocked-cur=10M:\ - :memoryuse-cur=30M:\ - :filesize=infinity:\ - :coredumpsize=infinity:\ - :maxproc-cur=64:\ - :openfiles-cur=64:\ - :priority=0:\ - :requirehome@:\ - :umask=022:\ - :tc=auth-defaults: - - -# -# standard - standard user defaults -# -standard:\ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,EDITOR=/usr/bin/ee:\ :path=~/bin /bin /usr/bin /usr/local/bin:\ :manpath=/usr/share/man /usr/local/man:\ :nologin=/etc/nologin:\ - :cputime=1h30m:\ - :datasize=8M:\ - :stacksize=2M:\ - :memorylocked=4M:\ - :memoryuse=8M:\ - :filesize=8M:\ - :coredumpsize=8M:\ - :openfiles=24:\ - :maxproc=32:\ + :cputime=unlimited:\ + :datasize=unlimited:\ + :stacksize=unlimited:\ + :memorylocked=unlimited:\ + :memoryuse=unlimited:\ + :filesize=unlimited:\ + :coredumpsize=unlimited:\ + :openfiles=unlimited:\ + :maxproc=unlimited:\ :priority=0:\ - :requirehome:\ - :passwordperiod=90d:\ - :umask=002:\ :ignoretime@:\ - :tc=default: + :umask=022: # -# users of X (needs more resources!) +# A collection of common class names - forward them all to 'default' +# (login would normally do this anyway, but having a class name +# here suppresses the diagnostic) # +standard:\ + :tc=default: xuser:\ - :manpath=/usr/share/man /usr/X11R6/man /usr/local/man:\ - :cputime=4h:\ - :datasize=12M:\ - :stacksize=4M:\ - :filesize=8M:\ - :memoryuse=16M:\ - :openfiles=32:\ - :maxproc=48:\ - :tc=standard: - - -# -# Staff users - few restrictions and allow login anytime -# + :tc=default: staff:\ - :ignorenologin:\ - :ignoretime:\ - :requirehome@:\ - :accounted@:\ - :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\ - :umask=022:\ - :tc=standard: - - -# -# root - fallback for root logins -# -root:\ - :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\ - :cputime=infinity:\ - :datasize=infinity:\ - :stacksize=infinity:\ - :memorylocked=infinity:\ - :memoryuse=infinity:\ - :filesize=infinity:\ - :coredumpsize=infinity:\ - :openfiles=infinity:\ - :maxproc=infinity:\ - :memoryuse-cur=32M:\ - :maxproc-cur=64:\ - :openfiles-cur=1024:\ - :priority=0:\ - :requirehome@:\ - :umask=022:\ - :tc=auth-root-defaults: - - -# -# Settings used by /etc/rc -# + :tc=default: daemon:\ - :coredumpsize@:\ - :coredumpsize-cur=0:\ - :datasize=infinity:\ - :datasize-cur@:\ - :maxproc=512:\ - :maxproc-cur@:\ - :memoryuse-cur=64M:\ - :memorylocked-cur=64M:\ - :openfiles=1024:\ - :openfiles-cur@:\ - :stacksize=16M:\ - :stacksize-cur@:\ :tc=default: - - -# -# Settings used by news subsystem -# news:\ - :path=/usr/local/news/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\ - :cputime=infinity:\ - :filesize=128M:\ - :datasize-cur=64M:\ - :stacksize-cur=32M:\ - :coredumpsize-cur=0:\ - :maxmemorysize-cur=128M:\ - :memorylocked=32M:\ - :maxproc=128:\ - :openfiles=256:\ :tc=default: - +dialer:\ + :tc=default: # -# The dialer class should be used for a dialup PPP/SLIP accounts -# Welcome messages/news suppressed +# Root can always login # -dialer:\ - :hushlogin:\ - :requirehome@:\ - :cputime=unlimited:\ - :filesize=2M:\ - :datasize=2M:\ - :stacksize=4M:\ - :coredumpsize=0:\ - :memoryuse=4M:\ - :memorylocked=1M:\ - :maxproc=16:\ - :openfiles=32:\ - :tc=standard: - - -# -# Site full-time 24/7 PPP/SLIP connections -# - no time accounting, restricted to access via dialin lines -# -site:\ - :ignoretime:\ - :passwordperiod@:\ - :refreshtime@:\ - :refreshperiod@:\ - :sessionlimit@:\ - :autodelete@:\ - :expireperiod@:\ - :graceexpire@:\ - :gracetime@:\ - :warnexpire@:\ - :warnpassword@:\ - :idletime@:\ - :sessiontime@:\ - :daytime@:\ - :weektime@:\ - :monthtime@:\ - :warntime@:\ - :accounted@:\ - :tc=dialer:\ - :tc=staff: - - -# -# Example standard accounting entries for subscriber levels -# - -subscriber|Subscribers:\ - :accounted:\ - :refreshtime=180d:\ - :refreshperiod@:\ - :sessionlimit@:\ - :autodelete=30d:\ - :expireperiod=180d:\ - :graceexpire=7d:\ - :gracetime=10m:\ - :warnexpire=7d:\ - :warnpassword=7d:\ - :idletime=30m:\ - :sessiontime=4h:\ - :daytime=6h:\ - :weektime=40h:\ - :monthtime=120h:\ - :warntime=4h:\ - :tc=standard: - - -# -# Subscriber accounts. These accounts have their login times -# accounted and have access limits applied. -# -subppp|PPP Subscriber Accounts:\ - :tc=dialer:\ - :tc=subscriber: - - -subslip|SLIP Subscriber Accounts:\ - :tc=dialer:\ - :tc=subscriber: - - -subshell:Shell Subscriber Accounts:\ - :tc=subscriber: - +root:\ + :ignorenologin:\ + :tc=default: # # Russian Users Accounts. Setup proper environment variables. @@ -255,3 +72,257 @@ :charset=KOI8-R:\ :lang=ru_RU.KOI8-R:\ :tc=default: + + +###################################################################### +###################################################################### +## +## Example entries +## +###################################################################### +###################################################################### + +## Authentication methods +## Note that these are disabled by default, and libutil must +## be rebuilt with LOGIN_CAP_AUTH defined to use them. +# +#auth-defaults:\ +# :auth=krb_skey_or_passwd,passwd,kerberos,skey: +# +#auth-root-defaults:\ +# :auth-login=krb_skey_or_passwd,passwd,kerberos,skey:\ +# :auth-rlogin=krb_or_skey,kerberos,skey: +# +#auth-ftp-defaults:\ +# :auth=skey_or_pwd,passwd,skey: +# +# +## Example defaults +## These settings are used by login(1) by default for classless users +## Note that entries like "cputime" set both "cputime-cur" and "cputime-max" +# +#default:\ +# :cputime=infinity:\ +# :datasize-cur=22M:\ +# :stacksize-cur=8M:\ +# :memorylocked-cur=10M:\ +# :memoryuse-cur=30M:\ +# :filesize=infinity:\ +# :coredumpsize=infinity:\ +# :maxproc-cur=64:\ +# :openfiles-cur=64:\ +# :priority=0:\ +# :requirehome@:\ +# :umask=022:\ +# :tc=auth-defaults: +# +# +## +## standard - standard user defaults +## +#standard:\ +# :copyright=/etc/COPYRIGHT:\ +# :welcome=/etc/motd:\ +# :setenv=MAIL=/var/mail/$,BLOCKSIZE=K,EDITOR=/usr/bin/ee:\ +# :path=~/bin /bin /usr/bin /usr/local/bin:\ +# :manpath=/usr/share/man /usr/local/man:\ +# :nologin=/etc/nologin:\ +# :cputime=1h30m:\ +# :datasize=8M:\ +# :stacksize=2M:\ +# :memorylocked=4M:\ +# :memoryuse=8M:\ +# :filesize=8M:\ +# :coredumpsize=8M:\ +# :openfiles=24:\ +# :maxproc=32:\ +# :priority=0:\ +# :requirehome:\ +# :passwordperiod=90d:\ +# :umask=002:\ +# :ignoretime@:\ +# :tc=default: +# +# +## +## users of X (needs more resources!) +## +#xuser:\ +# :manpath=/usr/share/man /usr/X11R6/man /usr/local/man:\ +# :cputime=4h:\ +# :datasize=12M:\ +# :stacksize=4M:\ +# :filesize=8M:\ +# :memoryuse=16M:\ +# :openfiles=32:\ +# :maxproc=48:\ +# :tc=standard: +# +# +## +## Staff users - few restrictions and allow login anytime +## +#staff:\ +# :ignorenologin:\ +# :ignoretime:\ +# :requirehome@:\ +# :accounted@:\ +# :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\ +# :umask=022:\ +# :tc=standard: +# +# +## +## root - fallback for root logins +## +#root:\ +# :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\ +# :cputime=infinity:\ +# :datasize=infinity:\ +# :stacksize=infinity:\ +# :memorylocked=infinity:\ +# :memoryuse=infinity:\ +# :filesize=infinity:\ +# :coredumpsize=infinity:\ +# :openfiles=infinity:\ +# :maxproc=infinity:\ +# :memoryuse-cur=32M:\ +# :maxproc-cur=64:\ +# :openfiles-cur=1024:\ +# :priority=0:\ +# :requirehome@:\ +# :umask=022:\ +# :tc=auth-root-defaults: +# +# +## +## Settings used by /etc/rc +## +#daemon:\ +# :coredumpsize@:\ +# :coredumpsize-cur=0:\ +# :datasize=infinity:\ +# :datasize-cur@:\ +# :maxproc=512:\ +# :maxproc-cur@:\ +# :memoryuse-cur=64M:\ +# :memorylocked-cur=64M:\ +# :openfiles=1024:\ +# :openfiles-cur@:\ +# :stacksize=16M:\ +# :stacksize-cur@:\ +# :tc=default: +# +# +## +## Settings used by news subsystem +## +#news:\ +# :path=/usr/local/news/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\ +# :cputime=infinity:\ +# :filesize=128M:\ +# :datasize-cur=64M:\ +# :stacksize-cur=32M:\ +# :coredumpsize-cur=0:\ +# :maxmemorysize-cur=128M:\ +# :memorylocked=32M:\ +# :maxproc=128:\ +# :openfiles=256:\ +# :tc=default: +# +# +## +## The dialer class should be used for a dialup PPP/SLIP accounts +## Welcome messages/news suppressed +## +#dialer:\ +# :hushlogin:\ +# :requirehome@:\ +# :cputime=unlimited:\ +# :filesize=2M:\ +# :datasize=2M:\ +# :stacksize=4M:\ +# :coredumpsize=0:\ +# :memoryuse=4M:\ +# :memorylocked=1M:\ +# :maxproc=16:\ +# :openfiles=32:\ +# :tc=standard: +# +# +## +## Site full-time 24/7 PPP/SLIP connections +## - no time accounting, restricted to access via dialin lines +## +#site:\ +# :ignoretime:\ +# :passwordperiod@:\ +# :refreshtime@:\ +# :refreshperiod@:\ +# :sessionlimit@:\ +# :autodelete@:\ +# :expireperiod@:\ +# :graceexpire@:\ +# :gracetime@:\ +# :warnexpire@:\ +# :warnpassword@:\ +# :idletime@:\ +# :sessiontime@:\ +# :daytime@:\ +# :weektime@:\ +# :monthtime@:\ +# :warntime@:\ +# :accounted@:\ +# :tc=dialer:\ +# :tc=staff: +# +# +## +## Example standard accounting entries for subscriber levels +## +# +#subscriber|Subscribers:\ +# :accounted:\ +# :refreshtime=180d:\ +# :refreshperiod@:\ +# :sessionlimit@:\ +# :autodelete=30d:\ +# :expireperiod=180d:\ +# :graceexpire=7d:\ +# :gracetime=10m:\ +# :warnexpire=7d:\ +# :warnpassword=7d:\ +# :idletime=30m:\ +# :sessiontime=4h:\ +# :daytime=6h:\ +# :weektime=40h:\ +# :monthtime=120h:\ +# :warntime=4h:\ +# :tc=standard: +# +# +## +## Subscriber accounts. These accounts have their login times +## accounted and have access limits applied. +## +#subppp|PPP Subscriber Accounts:\ +# :tc=dialer:\ +# :tc=subscriber: +# +# +#subslip|SLIP Subscriber Accounts:\ +# :tc=dialer:\ +# :tc=subscriber: +# +# +#subshell:Shell Subscriber Accounts:\ +# :tc=subscriber: +# +# +## +## Russian Users Accounts. Setup proper environment variables. +## +#russian:Russian Users Accounts:\ +# :charset=KOI8-R:\ +# :lang=ru_RU.KOI8-R:\ +# :tc=default: \ No newline at end of file diff -ur 2.2.7-RELEASE/etc/mail/Makefile 3.0-RELEASE/etc/mail/Makefile --- 2.2.7-RELEASE/etc/mail/Makefile Wed Jul 22 17:16:40 1998 +++ 3.0-RELEASE/etc/mail/Makefile Sun Oct 18 02:08:54 1998 @@ -1,3 +1,5 @@ +# $Id: Makefile,v 1.5 1998/09/13 23:14:20 brian Exp $ + default: .if exists(/etc/mail/ips.txt) mv -f /etc/mail/ips.txt /etc/mail/ips.txt.0 diff -ur 2.2.7-RELEASE/etc/mail/README 3.0-RELEASE/etc/mail/README --- 2.2.7-RELEASE/etc/mail/README Wed Jul 22 17:16:40 1998 +++ 3.0-RELEASE/etc/mail/README Sun Oct 18 02:08:54 1998 @@ -1,4 +1,6 @@ - Filtering out SPAM from your site +# $Id: README,v 1.5 1998/09/02 01:34:57 brian Exp $ + + Filtering out SPAM from your site Introduction: The FreeBSD Project filters spam, unsolicited commerical @@ -12,6 +14,14 @@ from any machine that matches a entry in either database, or users in the fakenames database. + WARNING: We do not maintain the database source files. + Read domain.txt and ips.txt. + (Make will fetch them for you) + Domains that you want to allow, should be added + to the file /etc/mail/allowed_domains.txt. + IP addresses that you want to allow, should be added + to the file /etc/mail/allowed_ips.txt. + Filtering at your site: To filter spam at your site you need to: 1. modify your /etc/sendmail.cf, @@ -26,14 +36,21 @@ declarations to your /etc/sendmail.cf. 2. Fetching the database source files: + The database source files are available from Gulf Coast Internet via anonymous FTP. The Makefile in /etc/mail will retreive the source files for you: as root, type "cd /etc/mail; make" at the command line. The previous version of the database source -files is moved to .0. Local additions should be kept in -separate files. We use spamsites.local and denyip.local. You may -want to diff the new versions of the files against the previous -versions to see what has changed. +files is moved to .0. + + Local additions should be kept in separate files. We use +spamsites.local and denyip.local. You may want to diff the new +versions of the files against the previous versions to see what +has changed. + + Local deletions should be kept in separate files. We use +allowed_domain.txt and allowed_ips.txt. (This feature was added +after netcom.com was added to the spam block list.) 3. Make the databases: As root, type "cd /etc/mail; make install" will build the diff -ur 2.2.7-RELEASE/etc/mail/sendmail.cf.additions 3.0-RELEASE/etc/mail/sendmail.cf.additions --- 2.2.7-RELEASE/etc/mail/sendmail.cf.additions Wed Jul 22 17:16:40 1998 +++ 3.0-RELEASE/etc/mail/sendmail.cf.additions Sun Oct 18 02:08:54 1998 @@ -1,3 +1,5 @@ +# $Id: sendmail.cf.additions,v 1.10 1998/09/02 01:34:57 brian Exp $ +# # list of hosts and domains for whom we relay mail. # all .forward hosts, domains must be listed in this file. # same for hosts and domains in /etc/aliases diff -ur 2.2.7-RELEASE/etc/mail.rc 3.0-RELEASE/etc/mail.rc --- 2.2.7-RELEASE/etc/mail.rc Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/mail.rc Sun Oct 18 02:08:33 1998 @@ -1,2 +1,2 @@ -set append dot save ask +set append dot save ask crt ignore Received Message-Id Resent-Message-Id Status Mail-From Return-Path Via diff -ur 2.2.7-RELEASE/etc/make.conf 3.0-RELEASE/etc/make.conf --- 2.2.7-RELEASE/etc/make.conf Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/make.conf Sun Oct 18 02:08:33 1998 @@ -1,4 +1,4 @@ -# $Id: make.conf,v 1.37.2.15 1998/06/26 01:44:08 jkh Exp $ +# $Id: make.conf,v 1.70 1998/10/16 03:26:54 peter Exp $ # # This file, if present, will be read by make (see /usr/share/mk/sys.mk). # It allows you to override macro definitions to make without changing @@ -18,11 +18,17 @@ #NOPROFILE= true # Avoid compiling profiled libraries # +#INSTALL=install -C +# Compare before install +# # To avoid building the default system perl #NOPERL= true # To avoid building the suid perl #NOSUIDPERL= true # +# To avoid building sendmail +#NO_SENDMAIL= true +# # To have 'obj' symlinks created in your source directory # (they aren't needed/necessary) #OBJLINK= yes @@ -32,15 +38,18 @@ # #COPTFLAGS= -O -pipe # +# To use an ELF kernel, you can set this flag. MAKE SURE that you have a +# working /boot/loader installed. /boot.config should specify "/boot/loader" +# as the kernel. The bootblocks load the third stage loader, then it loads +# the kernel proper and any other modules you want. Its startup script +# file is /boot/loader.conf: +# +#KERNFORMAT= elf +# # To compile and install the 4.4 lite libm instead of the default use: # #WANT_CSRG_LIBM= yes # -# To compile and install the reentrant-safe/thread-safe versions of the -# standard library. This library is useful to the mysql port and other -# software that wants to use pthreads. -#WANT_LIBC_R= yes -# # If you do not want unformatted manual pages to be compressed # when they are installed: # @@ -64,7 +73,7 @@ # Default format for system documentation, depends on your printer. # Set this to "ascii" for simple printers or screen # -#PRINTER= ps +#PRINTERDEVICE= ps # # # How long to wait for a console keypress before booting the default kernel. @@ -100,6 +109,7 @@ # If you have Motif on your system, uncomment this. # #HAVE_MOTIF= yes +#MOTIF_STATIC= yes # # If the default location of the Motif library (specified below) is NOT # appropriate for you, uncomment this and change it to the correct value. @@ -120,44 +130,10 @@ # #USA_RESIDENT= YES # +# Next one will help ports developers to debug # -# Port mirror sites... +#FORCE_PKG_REGISTER= YES # -# If you have a ports distribution in one or more FTP sites closeby -# (such as a mirror on your own lan) you can list them here. Sites listed here -# will be checked after checking your cd rom but before any other -# FTP site. -# -#LOCAL_SITE_LIST?= ftp://ftp.my.domain.au/ \ -# ftp://ftp.my.friends.domain.au/ -# -# Uncomment your nearest location for preferred official mirrors. These will be -# checked after any local sites (set above) but before the default master sites. -# -#LOCALE?= Argentina -#LOCALE?= Australia -#LOCALE?= Brazil -#LOCALE?= Canada -#LOCALE?= Czech Republic -#LOCALE?= Estonia -#LOCALE?= Finland -#LOCALE?= France -#LOCALE?= Germany -#LOCALE?= Holland -#LOCALE?= Hong Kong -#LOCALE?= Iceland -#LOCALE?= Ireland -#LOCALE?= Israel -#LOCALE?= Japan -#LOCALE?= Korea -#LOCALE?= Poland -#LOCALE?= Portugal -#LOCALE?= Russia -#LOCALE?= South Africa -#LOCALE?= Sweden -#LOCALE?= Taiwan -#LOCALE?= UK -#LOCALE?= USA # # Port master sites. # @@ -166,10 +142,6 @@ # uncomment this and change it to a location nearest you. (Don't # remove the "/${DIST_SUBDIR}/" part.) # -# This site will be checked as a last resort unless MASTER_SITE_OVERRIDE -# is set (see below) in which case it is checked immediately after your -# local and "locale" sites. -# #MASTER_SITE_BACKUP?= \ # ftp://ftp.freebsd.org/pub/FreeBSD/distfiles/${DIST_SUBDIR}/ # @@ -202,6 +174,13 @@ #MAKE_KERBEROS4= yes # # +# Kerberos5 +# If you want to install Kerberos5 somewhere other than /usr/local, +# define this: +# +#KRB5_HOME= /usr/local/krb5 +# +# # CVSup update flags. Edit SUPFILE settings to reflect whichever distribution # file(s) you use on your site (see /usr/share/examples/cvsup/README for more # information on CVSup and these files). To use, do "make update" in /usr/src. @@ -221,3 +200,5 @@ # /etc/passwd. The default number is 20011. # #TOP_TABLE_SIZE= 101 + + diff -ur 2.2.7-RELEASE/etc/manpath.config 3.0-RELEASE/etc/manpath.config --- 2.2.7-RELEASE/etc/manpath.config Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/manpath.config Sun Oct 18 02:08:33 1998 @@ -1,4 +1,4 @@ -# manpath.config +# $Id: manpath.config,v 1.8 1998/10/02 13:01:59 ache Exp $ # # This file is read by manpath to configure the mandatory manpath, to # map each path element to a manpath element and to determine where the @@ -15,6 +15,7 @@ # every automatically generated MANPATH includes these fields # MANDATORY_MANPATH /usr/share/man +MANDATORY_MANPATH /usr/share/perl/man MANDATORY_MANPATH /usr/local/man #MANDATORY_MANPATH /usr/X386/man MANDATORY_MANPATH /usr/X11R6/man diff -ur 2.2.7-RELEASE/etc/manpath.config.sample 3.0-RELEASE/etc/manpath.config.sample --- 2.2.7-RELEASE/etc/manpath.config.sample Wed Jul 22 17:12:24 1998 +++ 3.0-RELEASE/etc/manpath.config.sample Sun Oct 18 02:02:36 1998 @@ -1,4 +1,4 @@ -# manpath.config +# $Id: manpath.config,v 1.8 1998/10/02 13:01:59 ache Exp $ # # This file is read by manpath to configure the mandatory manpath, to # map each path element to a manpath element and to determine where the @@ -15,6 +15,7 @@ # every automatically generated MANPATH includes these fields # MANDATORY_MANPATH /usr/share/man +MANDATORY_MANPATH /usr/share/perl/man MANDATORY_MANPATH /usr/local/man #MANDATORY_MANPATH /usr/X386/man MANDATORY_MANPATH /usr/X11R6/man diff -ur 2.2.7-RELEASE/etc/modems 3.0-RELEASE/etc/modems --- 2.2.7-RELEASE/etc/modems Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/modems Sun Oct 18 02:08:33 1998 @@ -1,4 +1,5 @@ # +# $Id: modems,v 1.3 1998/09/02 01:34:56 brian Exp $ # @(#)modems 3/24/95 # # modems -- modem configuration data base file Only in 2.2.7-RELEASE/etc: monthly diff -ur 2.2.7-RELEASE/etc/motd 3.0-RELEASE/etc/motd --- 2.2.7-RELEASE/etc/motd Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/motd Sun Oct 18 02:08:33 1998 @@ -1,21 +1,10 @@ FreeBSD ?.?.? (UNKNOWN) -Welcome to FreeBSD! You will find security advisories and updated -information on this releases posted at http://www.FreeBSD.ORG/releases/ +Welcome to FreeBSD! -Before asking for technical assistance: - 1. Consult the ERRATA section for your release at the location above. +If the doc distribution has been loaded on this machine, the FreeBSD +Handbook will be in file:/usr/share/doc/handbook and the FAQ in +file:/usr/share/doc/FAQ - 2. Search the Handbook, FAQ, and mail archives at - http://www.FreeBSD.ORG/search.html. If the doc distribution is - installed on this machine, you will also find the FAQ and Handbook - in /usr/share/doc/. - - 3. If you still have a question or problem, collect the output of - `uname -a' and include error messages from whatever part of the - system you are having problems with and email your question to - questions@FreeBSD.ORG. - -You may also use `/stand/sysinstall' to re-enter the installation and -configuration utility. Edit /etc/motd to change this login announcement. +Type /stand/sysinstall to re-enter the installation and configuration utility. diff -ur 2.2.7-RELEASE/etc/mtree/BSD.include.dist 3.0-RELEASE/etc/mtree/BSD.include.dist --- 2.2.7-RELEASE/etc/mtree/BSD.include.dist Wed Jul 22 17:16:40 1998 +++ 3.0-RELEASE/etc/mtree/BSD.include.dist Sun Oct 18 02:08:53 1998 @@ -1,10 +1,14 @@ -# $Id: BSD.include.dist,v 1.7.2.4 1998/02/27 21:01:42 jkh Exp $ +# $Id: BSD.include.dist,v 1.21 1998/09/19 10:41:35 vanilla Exp $ # -/set type=dir uname=bin gname=bin mode=0755 +/set type=dir uname=root gname=wheel mode=0755 . arpa .. + cam + scsi + .. + .. g++ std .. @@ -21,6 +25,8 @@ .. netatalk .. + netatm + .. netinet .. netipx @@ -35,6 +41,8 @@ .. pccard .. + posix4 + .. protocols .. readline @@ -49,8 +57,6 @@ .. ufs ffs - .. - lfs .. mfs .. diff -ur 2.2.7-RELEASE/etc/mtree/BSD.local.dist 3.0-RELEASE/etc/mtree/BSD.local.dist --- 2.2.7-RELEASE/etc/mtree/BSD.local.dist Wed Jul 22 17:16:40 1998 +++ 3.0-RELEASE/etc/mtree/BSD.local.dist Sun Oct 18 02:08:53 1998 @@ -1,4 +1,4 @@ -# $Id: BSD.local.dist,v 1.17.2.12 1998/03/20 16:54:33 itojun Exp $ +# $Id: BSD.local.dist,v 1.42 1998/10/11 17:31:35 markm Exp $ # /set type=dir uname=root gname=wheel mode=0755 @@ -14,55 +14,59 @@ info .. lib + perl5 + .. .. libexec .. man - cat1 uname=man +/set type=dir uname=man gname=wheel mode=0755 + cat1 .. - cat2 uname=man + cat2 .. - cat3 uname=man + cat3 .. - cat4 uname=man + cat4 .. - cat5 uname=man + cat5 .. - cat6 uname=man + cat6 .. - cat7 uname=man + cat7 .. - cat8 uname=man + cat8 .. - cat9 uname=man + cat9 .. - catl uname=man + catl .. - catn uname=man + catn .. - de_DE.ISO_8859-1 - cat1 uname=man + de_DE.ISO_8859-1 uname=root + cat1 .. - cat2 uname=man + cat2 .. - cat3 uname=man + cat3 .. - cat4 uname=man + cat4 .. - cat5 uname=man + cat5 .. - cat6 uname=man + cat6 .. - cat7 uname=man + cat7 .. - cat8 uname=man + cat8 .. - cat9 uname=man + cat9 .. - catl uname=man + catl .. - catn uname=man + catn .. +/set type=dir uname=root gname=wheel mode=0755 man1 .. man2 @@ -87,28 +91,30 @@ .. .. ja - cat1 uname=man +/set type=dir uname=man gname=wheel mode=0755 + cat1 .. - cat2 uname=man + cat2 .. - cat3 uname=man + cat3 .. - cat4 uname=man + cat4 .. - cat5 uname=man + cat5 .. - cat6 uname=man + cat6 .. - cat7 uname=man + cat7 .. - cat8 uname=man + cat8 .. - cat9 uname=man + cat9 .. - catl uname=man + catl .. - catn uname=man + catn .. +/set type=dir uname=root gname=wheel mode=0755 man1 .. man2 @@ -199,6 +205,8 @@ .. hr_HR.ISO_8859-2 .. + hu_HU.ISO_8859-2 + .. is_IS.ISO_8859-1 .. it_CH.ISO_8859-1 @@ -234,6 +242,10 @@ sl_SI.ISO_8859-2 .. sv_SE.ISO_8859-1 + .. + zh_CN.EUC + .. + zh_TW.BIG5 .. .. skel diff -ur 2.2.7-RELEASE/etc/mtree/BSD.root.dist 3.0-RELEASE/etc/mtree/BSD.root.dist --- 2.2.7-RELEASE/etc/mtree/BSD.root.dist Wed Jul 22 17:16:40 1998 +++ 3.0-RELEASE/etc/mtree/BSD.root.dist Sun Oct 18 02:08:53 1998 @@ -1,17 +1,27 @@ -# $Id: BSD.root.dist,v 1.20.6.2 1998/02/27 21:03:13 jkh Exp $ +# $Id: BSD.root.dist,v 1.31 1998/09/30 22:27:27 jkh Exp $ # /set type=dir uname=root gname=wheel mode=0755 . - bin uname=bin gname=bin + bin .. -/set type=dir uname=bin gname=bin mode=0555 - dev uname=root gname=wheel mode=0755 + boot + .. +/set type=dir uname=root gname=wheel mode=0555 + dev mode=0755 fd .. .. /set type=dir uname=root gname=wheel mode=0755 etc + periodic + daily + .. + weekly + .. + monthly + .. + .. gnats .. kerberosIV @@ -29,7 +39,7 @@ uucp uname=uucp gname=uucp mode=0770 .. .. - lkm uname=bin gname=bin + lkm .. mnt .. @@ -37,9 +47,9 @@ .. root .. - sbin uname=bin gname=bin + sbin .. - tmp uname=bin gname=bin mode=01777 + tmp uname=root gname=wheel mode=01777 .. usr .. diff -ur 2.2.7-RELEASE/etc/mtree/BSD.usr.dist 3.0-RELEASE/etc/mtree/BSD.usr.dist --- 2.2.7-RELEASE/etc/mtree/BSD.usr.dist Wed Jul 22 17:16:40 1998 +++ 3.0-RELEASE/etc/mtree/BSD.usr.dist Sun Oct 18 02:08:54 1998 @@ -1,33 +1,145 @@ -# $Id: BSD.usr.dist,v 1.74.2.23 1998/07/20 03:09:21 jkh Exp $ +# $Id: BSD.usr.dist,v 1.135 1998/10/11 17:31:35 markm Exp $ # -/set type=dir uname=bin gname=bin mode=0755 -. uname=root gname=wheel +/set type=dir uname=root gname=wheel mode=0755 +. bin .. -/set type=dir uname=games gname=bin mode=0700 - games uname=bin mode=0755 - hide gname=games uname=root mode=0550 + games + hide gname=games mode=0550 .. .. -/set type=dir uname=bin gname=bin mode=0755 include .. lib + aout + .. compat + aout + .. .. .. libdata + doscmd + .. gcc .. + ldscripts + .. lint .. msdosfs .. stallion .. + perl + 5.00502 + B + .. + CGI + .. + CPAN + .. + Class + .. + Data + .. + Devel + .. + ExtUtils + .. + File + Spec + .. + .. + Getopt + .. + I18N + .. + IPC + .. + Math + .. + Net + .. + Pod + .. + Search + .. + Sys + .. + Term + .. + Test + .. + Text + .. + Tie + .. + Time + .. + User + .. + auto + Getopt + Long + .. + .. + .. + mach + B + .. + CORE + .. + IO + .. + auto + B + .. + DB_File + .. + Data + Dumper + .. + .. + DynaLoader + .. + Fcntl + .. + IO + .. + IPC + SysV + .. + .. + NDBM_File + .. + Opcode + .. + POSIX + .. + SDBM_File + .. + Socket + .. + attrs + .. + re + .. + sdbm + .. + .. + .. + pod + .. + .. + .. .. libexec + aout + .. + elf + .. lpr ru .. @@ -37,11 +149,11 @@ uucp .. .. - local uname=root gname=wheel + local .. mdec .. - obj + obj nochange .. sbin .. @@ -61,6 +173,16 @@ .. handbook .. + es + FAQ + .. + .. + ja + FAQ + .. + handbook + .. + .. papers .. psd @@ -121,6 +243,28 @@ 18.net .. .. + tutorials + ddwg + .. + mh + .. + devel + .. + diskformat + .. + disklessx + .. + fonts + .. + ppp + .. + multios + .. + newuser + .. + upgrade + .. + .. usd 04.csh .. @@ -149,6 +293,10 @@ examples FreeBSD_version .. + atapi + .. + atm + .. cvs contrib .. @@ -189,10 +337,14 @@ .. perfmon .. + ppi + .. printing .. slattach .. + scsi_target + .. sliplogin .. startslip @@ -208,8 +360,7 @@ worm .. .. -/set type=dir uname=games gname=bin mode=0755 - games uname=bin + games atc .. fortune @@ -219,7 +370,6 @@ quiz.db .. .. -/set type=dir uname=bin gname=bin mode=0755 groff_font devX100 .. @@ -232,8 +382,6 @@ devascii .. devdvi - generate - .. .. devkoi8-r .. @@ -242,8 +390,6 @@ devlj4 .. devps - generate - .. .. .. info @@ -283,6 +429,8 @@ .. hr_HR.ISO_8859-2 .. + hu_HU.ISO_8859-2 + .. is_IS.ISO_8859-1 .. it_CH.ISO_8859-1 @@ -319,11 +467,17 @@ .. sv_SE.ISO_8859-1 .. + zh_CN.EUC + .. + zh_TW.BIG5 + .. .. -/set type=dir uname=man gname=bin mode=0755 - man uname=bin + man +/set type=dir uname=man gname=wheel mode=0755 cat1 .. + cat1aout + .. cat2 .. cat3 @@ -348,7 +502,7 @@ .. catn .. - ja uname=bin + ja uname=root gname=wheel cat1 .. cat2 @@ -369,34 +523,36 @@ .. catn .. - man1 uname=bin +/set type=dir uname=root gname=wheel mode=0755 + man1 .. - man2 uname=bin + man2 .. - man3 uname=bin + man3 .. - man4 uname=bin + man4 .. - man5 uname=bin + man5 .. - man6 uname=bin + man6 .. - man7 uname=bin + man7 .. - man8 uname=bin + man8 .. - man9 uname=bin + man9 .. - mann uname=bin + mann .. .. - man1 uname=bin + man1 + .. + man1aout .. - man2 uname=bin + man2 .. - man3 uname=bin + man3 .. -/set type=dir uname=bin gname=bin mode=0755 man4 i386 .. @@ -463,6 +619,8 @@ .. hr_HR.ISO_8859-2 .. + hu_HU.ISO_8859-2 + .. is_IS.ISO_8859-1 .. it_CH.ISO_8859-1 @@ -499,6 +657,8 @@ .. sv_SE.ISO_8859-1 .. + zh_CN.EUC + .. .. pcvt Doc @@ -506,10 +666,14 @@ Etc .. .. - perl - sys - .. - .. + perl + man + cat3 uname=man + .. + man3 + .. + .. + .. skel .. syscons @@ -536,8 +700,7 @@ tcl .. .. -/set type=dir uname=bin gname=bin mode=0555 - zoneinfo mode=0755 + zoneinfo Africa .. America @@ -566,6 +729,6 @@ .. .. .. - src mode=0755 + src mode=0755 nochange .. .. diff -ur 2.2.7-RELEASE/etc/mtree/BSD.var.dist 3.0-RELEASE/etc/mtree/BSD.var.dist --- 2.2.7-RELEASE/etc/mtree/BSD.var.dist Wed Jul 22 17:16:40 1998 +++ 3.0-RELEASE/etc/mtree/BSD.var.dist Sun Oct 18 02:08:54 1998 @@ -1,8 +1,8 @@ -# $Id: BSD.var.dist,v 1.26.2.6 1998/03/07 22:58:01 jkh Exp $ +# $Id: BSD.var.dist,v 1.37 1998/09/19 18:50:27 obrien Exp $ # -/set type=dir uname=bin gname=bin mode=0755 -. uname=root gname=wheel +/set type=dir uname=root gname=wheel mode=0755 +. account .. /set type=dir uname=daemon gname=wheel mode=0755 @@ -21,9 +21,9 @@ tabs .. .. - db uname=bin gname=bin mode=0755 + db uname=root gname=wheel mode=0755 .. -/set type=dir uname=root gname=bin mode=0755 +/set type=dir uname=root gname=wheel mode=0755 games gname=games mode=0775 hackdir gname=games mode=0770 save gname=games mode=0770 @@ -34,29 +34,29 @@ phantasia gname=games mode=0775 .. .. - log uname=bin + log .. - mail uname=bin gname=mail mode=0775 + mail uname=root gname=mail mode=0775 .. msgs uname=daemon .. - preserve uname=bin + preserve .. - run uname=root + run .. - rwho uname=bin gname=daemon mode=0775 + rwho uname=root gname=daemon mode=0775 .. /set type=dir uname=uucp gname=daemon mode=0755 - spool uname=bin gname=bin + spool uname=root gname=wheel lock gname=dialer mode=0775 .. - lpd uname=bin + lpd uname=root .. mqueue uname=root .. opielocks uname=root mode=0700 .. - output uname=bin + output uname=root lpd uname=root gname=daemon .. .. @@ -76,7 +76,7 @@ uucppublic mode=0777 .. .. -/set type=dir uname=bin gname=bin mode=01777 +/set type=dir uname=root gname=wheel mode=01777 tmp vi.recover .. diff -ur 2.2.7-RELEASE/etc/mtree/BSD.x11.dist 3.0-RELEASE/etc/mtree/BSD.x11.dist --- 2.2.7-RELEASE/etc/mtree/BSD.x11.dist Wed Jul 22 17:16:40 1998 +++ 3.0-RELEASE/etc/mtree/BSD.x11.dist Sun Oct 18 02:08:54 1998 @@ -1,4 +1,4 @@ -# $Id: BSD.x11.dist,v 1.1.2.3 1998/03/20 16:54:34 itojun Exp $ +# $Id: BSD.x11.dist,v 1.4 1998/09/19 18:50:27 obrien Exp $ # /set type=dir uname=root gname=wheel mode=0755 @@ -186,51 +186,53 @@ libexec .. man - cat1 uname=man +/set type=dir uname=man gname=wheel mode=0755 + cat1 .. - cat2 uname=man + cat2 .. - cat3 uname=man + cat3 .. - cat4 uname=man + cat4 .. - cat5 uname=man + cat5 .. - cat6 uname=man + cat6 .. - cat7 uname=man + cat7 .. - cat8 uname=man + cat8 .. - cat9 uname=man + cat9 .. - catl uname=man + catl .. - catn uname=man + catn .. - ja - cat1 uname=man + ja uname=root + cat1 .. - cat2 uname=man + cat2 .. - cat3 uname=man + cat3 .. - cat4 uname=man + cat4 .. - cat5 uname=man + cat5 .. - cat6 uname=man + cat6 .. - cat7 uname=man + cat7 .. - cat8 uname=man + cat8 .. - cat9 uname=man + cat9 .. - catl uname=man + catl .. - catn uname=man + catn .. +/set type=dir uname=root gname=wheel mode=0755 man1 .. man2 diff -ur 2.2.7-RELEASE/etc/namedb/PROTO.localhost.rev 3.0-RELEASE/etc/namedb/PROTO.localhost.rev --- 2.2.7-RELEASE/etc/namedb/PROTO.localhost.rev Wed Jul 22 17:16:40 1998 +++ 3.0-RELEASE/etc/namedb/PROTO.localhost.rev Sun Oct 18 02:08:54 1998 @@ -1,5 +1,5 @@ ; From: @(#)localhost.rev 5.1 (Berkeley) 6/30/90 -; $Id: PROTO.localhost.rev,v 1.1.6.1 1998/02/27 21:32:55 jkh Exp $ +; $Id: PROTO.localhost.rev,v 1.4 1997/05/01 21:02:37 ache Exp $ ; ; This file is automatically edited by the `make-localhost' script in ; the /etc/namedb directory. diff -ur 2.2.7-RELEASE/etc/namedb/make-localhost 3.0-RELEASE/etc/namedb/make-localhost --- 2.2.7-RELEASE/etc/namedb/make-localhost Wed Jul 22 17:16:40 1998 +++ 3.0-RELEASE/etc/namedb/make-localhost Sun Oct 18 02:08:54 1998 @@ -1,5 +1,7 @@ #!/bin/sh # +# $Id: make-localhost,v 1.3 1998/09/13 23:05:46 brian Exp $ +# # make-localhost - edit the appropriate local information into # /etc/namedb/localhost.rev # Only in 2.2.7-RELEASE/etc/namedb: named.boot Only in 3.0-RELEASE/etc/namedb: named.conf diff -ur 2.2.7-RELEASE/etc/netstart 3.0-RELEASE/etc/netstart --- 2.2.7-RELEASE/etc/netstart Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/netstart Sun Oct 18 02:08:33 1998 @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: netstart,v 1.51.2.1 1997/07/05 19:36:53 pst Exp $ +# $Id: netstart,v 1.52 1997/07/05 19:35:45 pst Exp $ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 # This file is NOT called by any of the other scripts - it has been diff -ur 2.2.7-RELEASE/etc/networks 3.0-RELEASE/etc/networks --- 2.2.7-RELEASE/etc/networks Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/networks Sun Oct 18 02:08:33 1998 @@ -1,3 +1,4 @@ +# $Id: networks,v 1.2 1998/09/02 01:34:56 brian Exp $ # @(#)networks 5.1 (Berkeley) 6/30/90 # # Your Local Networks Database diff -ur 2.2.7-RELEASE/etc/newsyslog.conf 3.0-RELEASE/etc/newsyslog.conf --- 2.2.7-RELEASE/etc/newsyslog.conf Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/newsyslog.conf Sun Oct 18 02:08:33 1998 @@ -1,7 +1,7 @@ # configuration file for newsyslog -# $Id: newsyslog.conf,v 1.6.2.4 1998/04/14 23:08:29 jmb Exp $ +# $Id: newsyslog.conf,v 1.16 1998/06/09 18:26:16 ache Exp $ # -# logfilename owner.group mode count size time [ZB] [/pid_file] +# logfilename owner.group mode count size time [ZB] [/pid_file] [sig_num] /var/cron/log 600 3 100 * Z /var/log/amd.log 664 7 100 * Z /var/log/kerberos.log 664 7 100 * Z Only in 3.0-RELEASE/etc: objformat diff -ur 2.2.7-RELEASE/etc/pccard.conf.sample 3.0-RELEASE/etc/pccard.conf.sample --- 2.2.7-RELEASE/etc/pccard.conf.sample Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/pccard.conf.sample Sun Oct 18 02:08:33 1998 @@ -8,7 +8,7 @@ # IRQ == 0 means "allocate free IRQ from IRQ pool" # IRQ == 16 means "do not use IRQ (e.g. PIO mode)" # -# $Id: pccard.conf.sample,v 1.4.2.6 1998/07/19 06:53:20 jkh Exp $ +# $Id: pccard.conf.sample,v 1.23 1998/09/25 22:08:53 brian Exp $ # Generally available IO ports io 0x240-0x360 @@ -124,6 +124,19 @@ config 0x22 "ed0" 9 insert /etc/pccard_ether ed0 remove /sbin/ifconfig ed0 delete + +# Fujitsu MBH10303 Ethernet PCMCIA +card "EAGLE Technology" "NE200 ETHERNET LAN MBH10303 " + config 0x1 "fe0" ? + insert /etc/pccard_ether fe0 + remove /sbin/ifconfig fe0 delete + +# Compex Net-A adapter +card "Ethernet" "Adapter" + config 0x1 "ed0" 11 + ether 0xff0 + insert /etc/pccard_ether ed0 + remove /sbin/ifconfig ed0 delete # Telecom Device SuperSocket RE450T # Note: There are several revisions of the cardon the market. @@ -239,6 +252,12 @@ insert echo Optima 288 inserted remove echo Optima 288 removed +# This one does work though +card "HAYES" "OPT288" + config 0x23 "sio3" 9 + insert echo Hayes Optima 28.8k inserted + remove echo Hayes Optima 28.8k removed + # PREMAX FM288 FAX/Data Modem card "PREMAX" "FM288 " config 0x23 "sio2" 10 @@ -302,6 +321,12 @@ config 0x22 "sio2" 10 insert echo U.S. Robotics XJ1560J inserted remove echo U.S. Robotics XJ1560J removed + +# 3com/USR/Megahertz 3CCM556 +card "3Com" "3CXM/3CCM556" + config 0x23 "sio2" 10 + insert echo 3Com PCMCIA 56K Modem inserted + remove echo 3Com PCMCIA 56K Modem removed # BUG Linkboy D64K (ISDN) card "BUG Inc." "Linkboy D64K" diff -ur 2.2.7-RELEASE/etc/pccard_ether 3.0-RELEASE/etc/pccard_ether --- 2.2.7-RELEASE/etc/pccard_ether Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/pccard_ether Sun Oct 18 02:08:33 1998 @@ -1,5 +1,7 @@ #!/bin/sh - # +# $Id: pccard_ether,v 1.9 1998/09/02 01:34:56 brian Exp $ +# # pccard_ether interfacename [ifconfig option] # # example: pccard_ether ep0 -link0 @@ -18,6 +20,12 @@ rm /var/run/dhclient.pid fi /usr/local/sbin/dhclient + elif [ -f /usr/local/sbin/dhcpc ] ; then + if [ -s /var/run/dhcpc.pid ] ; then + kill `cat /var/run/dhcpc.pid` + rm /var/run/dhcpc.pid + fi + /usr/local/sbin/dhcpc $* else echo "DHCP client software not available (isc-dhcp2)" fi Only in 3.0-RELEASE/etc: periodic diff -ur 2.2.7-RELEASE/etc/phones 3.0-RELEASE/etc/phones --- 2.2.7-RELEASE/etc/phones Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/phones Sun Oct 18 02:08:33 1998 @@ -1,4 +1,4 @@ -# $Id: phones,v 1.4.10.1 1998/02/27 20:49:11 jkh Exp $ +# $Id: phones,v 1.7 1997/10/13 03:17:08 hoek Exp $ # From: @(#)phones 5.2 (Berkeley) 6/30/90 # # phones -- remote host phone number data base diff -ur 2.2.7-RELEASE/etc/ppp/ppp.conf.sample 3.0-RELEASE/etc/ppp/ppp.conf.sample --- 2.2.7-RELEASE/etc/ppp/ppp.conf.sample Wed Jul 22 17:16:40 1998 +++ 3.0-RELEASE/etc/ppp/ppp.conf.sample Sun Oct 18 02:08:54 1998 @@ -4,7 +4,7 @@ # # Originally written by Toshiharu OHNO # -# $Id: ppp.conf.sample,v 1.5.2.14 1998/04/02 09:30:11 danny Exp $ +# $Id: ppp.conf.sample,v 1.33 1998/10/03 13:12:14 brian Exp $ # ################################################################# @@ -25,10 +25,9 @@ # so that subsequent commands are logged. # default: - set log Phase Chat Connect Carrier LCP IPCP CCP tun command + set log Phase Chat LCP IPCP CCP tun command set device /dev/cuaa1 set speed 115200 - deny lqr set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \"\" AT OK-AT-OK ATE1Q0 OK \\dATDT\\T TIMEOUT 40 CONNECT" # Client side PPP @@ -43,30 +42,32 @@ # An on demand example where we have dynamic IP addresses: # If the peer assigns us an arbitrary IP (most ISPs do this) and we # can't predict what their IP will be either, take a wild guess at -# some IPs that you can't currently route to. Ensure that the "delete" -# and "add" lines are also present in the pmdemand section of ppp.linkup -# so that when we connect, things will be put straight. -# -# This will work with static IP numbers too. You can also use this entry -# if you don't want on-demand dialup. The "set ifaddr", "delete" and -# "add" lines are required for on-demand. Note, for dynamic IP numbers, -# whether dialing manually or on demand, there should *always* be an entry -# in ppp.linkup. +# some IPs that you can't currently route to. # # The /0 bit in "set ifaddr" says that we insist on 0 bits of the # specified IP actually being correct, therefore, the other side can assign # any IP numbers. # -# The fourth arg to "set ifaddr" makes us send "0.0.0.0" as our requested +# The forth arg to "set ifaddr" makes us send "0.0.0.0" as our requested # IP number, forcing the peer to make the decision. # +# This entry also works with static IP numbers or when not in -auto mode. +# The ``add'' line adds a `sticky' default route that will be updated if +# and when any of the IP numbers are changed in IPCP negotiations. +# The "set ifaddr" is required in -auto mode. +# +# Finally, the ``enable dns'' bit tells ppp to ask the peer for the +# nameserver addresses that should be used. This isn't always supported +# by the other side, but if it is, /etc/resolv.conf will automatically be +# updated. +# pmdemand: set phone 1234567 - set login "TIMEOUT 5 ogin:--ogin: ppp word: ppp" + set login "ABORT NO\\sCARRIER TIMEOUT 5 ogin:--ogin: ppp word: ppp" set timeout 120 set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 - delete ALL - add 0 0 HISADDR + add default HISADDR + enable dns # When we want to use PAP or CHAP instead of using a unix-style login # proceedure, we do the following. Note, the peer suggests whether we @@ -79,8 +80,8 @@ set authkey MyKey set timeout 120 set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 - delete ALL - add 0 0 HISADDR + add default HISADDR + enable dns # On demand dialup example with static IP addresses: # Here, the local side uses 192.244.185.226 and the remote side @@ -88,17 +89,17 @@ # # # ppp -auto ondemand # -# It is not necessary to have an entry in ppp.linkup when both IP numbers -# are static. Be warned though, the MYADDR: label is executed from -# ppp.linkup if the "ondemand:" and "192.244.176.44" labels are not found. +# With static IP numbers, our setup is similar to dynamic: +# Remember, ppp.linkup is searched for a "192.244.176.44" label, then +# a "ondemand" label, and finally the "MYADDR" label. # ondemand: set phone 1234567 - set login "TIMEOUT 5 ogin:--ogin: ppp word: ppp" + set login "ABORT NO\\sCARRIER TIMEOUT 5 ogin:--ogin: ppp word: ppp" set timeout 120 - set ifaddr 192.244.185.226 192.244.176.44 255.255.255.0 - delete ALL - add 0 0 HISADDR + set ifaddr 192.244.185.226 192.244.176.44 + add default HISADDR + enable dns # Example segments # @@ -114,17 +115,16 @@ # set phone 12345678|12345679:12345670|12345671 # -# When in -auto, -ddial, -direct or -background mode, ppp can accept -# control instructions from the ``pppctl'' program. First, you must -# set up your control socket. It's safest to use a UNIX domain socket, -# and watch the permissions: +# Ppp can accept control instructions from the ``pppctl'' program. +# First, you must set up your control socket. It's safest to use +# a UNIX domain socket, and watch the permissions: # - set server /var/tmp/internet 0177 + set server /var/tmp/internet MySecretPassword 0177 # # Although a TCP port may be used if you want to allow control # connections from other machines: # - set server 6670 + set server 6670 MySecretpassword # # If you don't like ppp's builtin chat, use an external one: # @@ -144,20 +144,28 @@ set log local LCP IPCP CCP # # If you're seeing a lot of magic number problems and failed connections, -# try this (check out the FAQ): +# try this (see the man page): # - set openmode passive + set openmode active 5 # # For noisy lines, we may want to reconnect (up to 20 times) after loss -# of carrier: +# of carrier, with 3 second delays between each attempt: # set reconnect 3 20 # -# When playing server for M$ clients, tell them who our name servers are: +# When playing server for M$ clients, tell them who our NetBIOS name +# servers are: # - set ns 10.0.0.1 10.0.0.2 set nbns 10.0.0.1 10.0.0.2 - enable msext +# +# Inform the client if they ask for our DNS IP numbers: +# + enable dns +# +# If you don't want to tell them what's in your /etc/resolf.conf file +# with `enable dns', override the values: +# + set dns 10.0.0.1 10.0.0.2 # # If we're using the -alias switch, redirect ftp and http to an internal # machine: @@ -174,7 +182,8 @@ allow user brian # # But label `internet' contains passwords that even brian can't have, so -# I empty out the user access list in that section: +# I empty out the user access list in that section so that only root can +# have access: # allow users # @@ -188,15 +197,19 @@ # # If we don't want ICMP and DNS packets to keep the connection alive: # - set afilter 0 deny icmp - set afilter 1 deny udp src eq 53 - set afilter 2 deny udp dst eq 53 - set afilter 3 permit 0/0 0/0 + set filter alive 0 deny icmp + set filter alive 1 deny udp src eq 53 + set filter alive 2 deny udp dst eq 53 + set filter alive 3 permit 0 0 # # And we don't want ICMPs to cause a dialup: # - set dfilter 0 deny icmp - set dfilter 1 permit 0/0 0/0 + set filter dial 0 deny icmp + set filter dial 1 permit 0 0 +# +# or any TCP SYN or RST packets (badly closed TCP channels): +# + set filter dial 2 deny 0 0 tcp syn finrst # # Once the line's up, allow connections for ident (113), telnet (23), # ftp (20 & 21), DNS (53), my place of work (192.244.191.0/24), @@ -204,28 +217,28 @@ # # Anything else is blocked by default # - set ifilter 0 permit tcp dst eq 113 - set ofilter 0 permit tcp src eq 113 - set ifilter 1 permit tcp src eq 23 estab - set ofilter 1 permit tcp dst eq 23 - set ifilter 2 permit tcp src eq 21 estab - set ofilter 2 permit tcp dst eq 21 - set ifilter 3 permit tcp src eq 20 dst gt 1023 - set ofilter 3 permit tcp dst eq 20 - set ifilter 4 permit udp src eq 53 - set ofilter 4 permit udp dst eq 53 - set ifilter 5 permit 192.244.191.0/24 0/0 - set ofilter 5 permit 0/0 192.244.191.0/24 - set ifilter 6 permit icmp - set ofilter 6 permit icmp - set ifilter 7 permit udp dst gt 33433 - set ofilter 7 permit udp dst gt 33433 + set filter in 0 permit tcp dst eq 113 + set filter out 0 permit tcp src eq 113 + set filter in 1 permit tcp src eq 23 estab + set filter out 1 permit tcp dst eq 23 + set filter in 2 permit tcp src eq 21 estab + set filter out 2 permit tcp dst eq 21 + set filter in 3 permit tcp src eq 20 dst gt 1023 + set filter out 3 permit tcp dst eq 20 + set filter in 4 permit udp src eq 53 + set filter out 4 permit udp dst eq 53 + set filter in 5 permit 192.244.191.0/24 0/0 + set filter out 5 permit 0/0 192.244.191.0/24 + set filter in 6 permit icmp + set filter out 6 permit icmp + set filter in 7 permit udp dst gt 33433 + set filter out 7 permit udp dst gt 33433 # Server side PPP # If you want the remote system to authenticate itself, you insist # that the peer uses CHAP (or PAP) with the "enable" keyword. Both CHAP and -# PAP are disabled by default (we usually only "enable" on of them if the +# PAP are disabled by default (we usually only "enable" one of them if the # other side is dialing into our server). # When the peer authenticates itself, we use ppp.secret for verification. # @@ -233,65 +246,90 @@ # # ppp -direct CHAPserver # # Note: We can supply a third field in ppp.secret specifying the IP address -# for that user. +# for that user. We can even specify a forth field to specify the +# ppp.link{up,down} label to use. # CHAPserver: enable chap enable proxy set ifaddr 192.244.176.44 292.244.184.31 + accept dns # If we wish to act as a server, allowing PAP access according to -# accounts in /etc/passwd, we do this: +# accounts in /etc/passwd, we do this (Without `enable passwdauth', +# you may still enter ``*'' as the users password in ppp.secret and +# ppp will look it up in the passwd database. This is useful if you +# need to assign a special label or IP number or range): # PAPServerwithPASSWD: enable pap enable passwdauth enable proxy set ifaddr 192.244.176.44 292.244.184.31 + accept dns # Example to connect using a null-modem cable: # The important thing here is to allow the lqr packets on both sides. # Without them enabled, we can't tell if the line's dropped - there # should always be carrier on a direct connection. -# Here, the server sends lqr's every 10 seconds and quits if three in a +# Here, the server sends lqr's every 10 seconds and quits if five in a # row fail. # # Make sure you don't have "deny lqr" in your default: on the client ! +# If the peer denies LQR, we still send ECHO LQR packets at the given +# lqrperiod interval (ppp-style-pings). # direct-client: set dial "" set line /dev/cuaa0 set sp 115200 - set timeout 900 10 3 + set timeout 900 + set lqrperiod 10 set log Phase Chat LQM - set login "TIMEOUT 5 ogin:--ogin: ppp word: ppp HELLO" + set login "ABORT NO\\sCARRIER TIMEOUT 5 ogin:--ogin: ppp word: ppp HELLO" set ifaddr 10.0.4.2 10.0.4.1 enable lqr accept lqr direct-server: - set timeout 900 10 3 + set timeout 0 + set lqrperiod 10 set log Phase LQM set ifaddr 10.0.4.1 10.0.4.2 enable lqr accept lqr +# Example to connect via compuserve (who insist on 7 bits even parity +# during the chat phase). +# +compuserve: + set phone 1234567 + set parity even + set login "TIMEOUT 10 \"\" \"\" Name: CIS ID: 99999,9999/go:pppconnect \ + word: XXXXXXXX" + set timeout 300 + set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 + delete ALL + add default HISADDR + + # Example for PPP over TCP. # We assume that inetd on tcpsrv.mynet has been # configured to run "ppp -direct tcp-server" when it gets a connection on # port 1234. Read the man page for further details # +# Note, we assume we're using a binary-clean connection. If something +# such as `rlogin' is involved, you may need to ``set escape 0xff'' +# tcp-client: set device tcpsrv.mynet:1234 set dial set login - set escape 0xff set ifaddr 10.0.5.1 10.0.4.1 255.255.255.0 tcp-server: - set escape 0xff set ifaddr 10.0.4.1 10.0.5.1 255.255.255.0 # If you want to test ppp, do it through a loopback: @@ -308,13 +346,85 @@ set device localhost:ppploop set dial set login - set escape 0xff set ifaddr 127.0.0.2 127.0.0.3 - set openmode passive set server /var/tmp/loop "" 0177 loop-in: set timeout 0 - set log phase chat connect lcp ipcp command - set escape 0xff + set log phase lcp ipcp command + allow mode direct + +# If you're going to create a tunnel through a public network, your VPN +# should be set up something like this: +# +# /etc/ppp/secure (which should be executable) says: +# #! /bin/sh +# exec ssh whatevermachine /usr/sbin/ppp -direct loop-in +# +sloop: + load loop + set device !/etc/ppp/secure + +# If you wish to connect to a server that will dial back *without* using +# the ppp callback facility (rfc1570), take advantage of the fact that +# ppp doesn't look for carrier 'till `set login' is complete: +# +# Here, we expect the server to say DIALBACK then disconnect after +# we've authenticated ourselves. When this has happened, we wait +# 60 seconds for a RING. +# +dialback: + set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \"\" ATZ OK-ATZ-OK \ + ATDT\\T TIMEOUT 60 CONNECT" + set login "TIMEOUT 5 ogin:--ogin: ppp word: ppp TIMEOUT 15 DIALBACK \ + \"\" NO\\sCARRIER \"\" TIMEOUT 60 RING ATA CONNECT" + +# Alternatively, if the peer is using the PPP callback protocol, use +# normal dial and login scripts and add +# + set callback auth cbcp e.164 1234567 + set cbcp 1234567 + +# If we're running a ppp server that wants to only call back microsoft +# clients on numbers configured in /etc/ppp/ppp.secret (the 5th field): +# + set callback cbcp + set cbcp + set log +cbcp + set redial 3 1 + set device /dev/cuaa0 + set speed 115200 + set dial "TIMEOUT 10 \"\" AT OK-AT-OK ATDT\\T CONNECT" + +# Or if we want to allow authenticated clients to specify their own +# callback number, use this ``set cbcp'' line instead: +# + set cbcp * + +# Multilink mode is available (rfc1990). +# To enable multilink capabilities, you must specify a MRRU. 1500 is +# a reasonable value. To create new links, use the ``clone'' command +# to duplicate an existing link. If you already have more than one +# link, you must specify which link you wish to run the command on via +# the ``link'' command. +# +# You can now ``dial'' specific links, or even dial all links at the +# same time. The `dial' command may also be prefixed with a specific +# link that should do the dialing. +# + +mloop: + load loop + set mode interactive + set mrru 1500 + clone 1 2 3 + link deflink remove + # dial + # link 2 dial + # link 3 dial + +mloop-in: + set timeout 0 + set log tun phase allow mode direct + set mrru 1500 diff -ur 2.2.7-RELEASE/etc/ppp/ppp.deny 3.0-RELEASE/etc/ppp/ppp.deny --- 2.2.7-RELEASE/etc/ppp/ppp.deny Wed Jul 22 17:16:40 1998 +++ 3.0-RELEASE/etc/ppp/ppp.deny Sun Oct 18 02:08:54 1998 @@ -1,3 +1,5 @@ +# $Id: ppp.deny,v 1.2 1998/09/02 01:34:57 brian Exp $ +# # list of users disallowed any pppd access via 'system # password login'. # read by pppd(8). diff -ur 2.2.7-RELEASE/etc/ppp/ppp.linkdown.sample 3.0-RELEASE/etc/ppp/ppp.linkdown.sample --- 2.2.7-RELEASE/etc/ppp/ppp.linkdown.sample Wed Jul 22 17:16:40 1998 +++ 3.0-RELEASE/etc/ppp/ppp.linkdown.sample Sun Oct 18 02:08:54 1998 @@ -12,7 +12,7 @@ # 3) If no label has been found, use MYADDR if it exists. # # -# $Id: ppp.linkdown.sample,v 1.1.2.1 1998/01/30 19:54:37 brian Exp $ +# $Id: ppp.linkdown.sample,v 1.1 1997/11/08 20:58:40 brian Exp $ # ######################################################################### diff -ur 2.2.7-RELEASE/etc/ppp/ppp.linkup.sample 3.0-RELEASE/etc/ppp/ppp.linkup.sample --- 2.2.7-RELEASE/etc/ppp/ppp.linkup.sample Wed Jul 22 17:16:40 1998 +++ 3.0-RELEASE/etc/ppp/ppp.linkup.sample Sun Oct 18 02:08:54 1998 @@ -12,40 +12,34 @@ # 3) If no label has been found, use MYADDR if it exists. # # -# $Id: ppp.linkup.sample,v 1.3.2.5 1998/01/30 19:54:38 brian Exp $ +# $Id: ppp.linkup.sample,v 1.14 1998/05/21 21:45:47 brian Exp $ # ######################################################################### -# By default, simply delete any existing default route and add the peer -# as default gateway. +# It is no longer necessary to re-add the default route here as our +# ppp.conf route is `sticky' (see the man page). # If you're into sound effects when the link comes up, you can run # ``auplay'' (assuming NAS is installed and configured). # MYADDR: - delete 0 - add 0 0 HISADDR !bg /usr/X11R6/bin/auplay /etc/ppp/linkup.au # If we've got 192.244.176.32 as our address, then regard peer as a gateway -# to 192.244.176.0 network. +# to 192.244.176.0 network. This may also be done in ppp.conf instead. # 192.244.176.32: add 192.244.176.0 0 HISADDR -# If we are invoked with an argument ``pmdemand'', then -# delete all existing (wrong) routing entries and add the peer IP -# as our default gateway. -# This is vital if you don't already know either sides IP number. -# -# We also want to execute a script on startup. This script can do +#You may want to execute a script after connecting. This script can do # nice things such as kick off "sendmail -q", "popclient my.isp" and # "slurp -d news". It can be passed MYADDR, HISADDR and INTERFACE # as arguments too - useful for informing a DNS of your assigned IP. # +# You may also want some sound effects.... +# pmdemand: - delete ALL - add 0 0 HISADDR !bg /etc/ppp/ppp.etherup.pmdemand + ! sh -c "cat /etc/ppp/linkup.au >/dev/audio" # If your minimum call charge is 5 minutes, you may as well stay on # the line for that amount of time. If we want a 60 second subsequent diff -ur 2.2.7-RELEASE/etc/ppp/ppp.secret.sample 3.0-RELEASE/etc/ppp/ppp.secret.sample --- 2.2.7-RELEASE/etc/ppp/ppp.secret.sample Wed Jul 22 17:16:40 1998 +++ 3.0-RELEASE/etc/ppp/ppp.secret.sample Sun Oct 18 02:08:54 1998 @@ -5,19 +5,37 @@ # This file is used to authenticate incoming connections. # You must ``enable'' either PAP or CHAP in your ppp.conf file. # The peer may then use any of the Authname/Authkey pairs listed. -# If an IP address is given, it will be assigned to the peer. -# -# If an entry exists for your local machine (as given by the -# ``hostname -s'' command), the password specified will be -# required for all server socket connections. Refer to the ppp(8) -# and pppctl(8) man pages for further details. +# Additionally, if ``passwdauth'' is enabled and an entry isn't +# found in this file, the passwd(5) database is used. +# +# If the password is specified as "*", look it up in passwd(5). +# This doesn't work for CHAP connections as ppp must have access +# to the unencrypted password for CHAP. +# +# If an IP address or address range is given as the third field, it +# will be assigned to the peer. A ``*'' or an empty field may be +# used as a placeholder if you do not wish to override the IP +# address, but wish to specify further fields. # -# $Id: ppp.secret.sample,v 1.2.6.1 1998/01/30 19:54:38 brian Exp $ +# If a label is given as the forth field, it is used when reading +# the ppp.linkup and ppp.linkdown files. A ``*'' or an empty field +# can be used as a placeholder if you do not wish to override the +# label, but wish to specify further fields. +# +# If a phone number or list of phone numbers is given as the fifth +# field, these numbers will be used to call back the client if +# ``auth'' or ``cbcp'' callback is enabled (see ``set callback''). +# A ``*'' specifies that the client must specify the number. +# +# $Id: ppp.secret.sample,v 1.8 1998/08/07 18:44:31 brian Exp $ # ################################################## -# Authname Authkey Peer's IP address +# Authname Authkey Peer's IP address Label Callback -oscar OurSecretKey 192.244.184.34/24 -BigBird X4dWg9327 192.244.184.33/32 -tama localPasswdForControl +oscar OurSecretKey 192.2.18.34 +BigBird X4dWg9327 192.2.18.33/32 +fred * * fred +subnet * 192.2.18.35-192.2.18.70 subnet +admin * * * * +homeworker * * * 1234567 diff -ur 2.2.7-RELEASE/etc/ppp/ppp.shells.sample 3.0-RELEASE/etc/ppp/ppp.shells.sample --- 2.2.7-RELEASE/etc/ppp/ppp.shells.sample Wed Jul 22 17:16:40 1998 +++ 3.0-RELEASE/etc/ppp/ppp.shells.sample Sun Oct 18 02:08:54 1998 @@ -1,3 +1,5 @@ +# $Id: ppp.shells.sample,v 1.2 1998/09/02 01:34:57 brian Exp $ +# # List of acceptable shells for pppd(8). # Pppd will not accept a system password login # by a user whose shell is not listed below. diff -ur 2.2.7-RELEASE/etc/printcap 3.0-RELEASE/etc/printcap --- 2.2.7-RELEASE/etc/printcap Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/printcap Sun Oct 18 02:08:33 1998 @@ -1,5 +1,5 @@ # @(#)printcap 5.3 (Berkeley) 6/30/90 -# $Id: printcap,v 1.5.2.1 1998/02/07 19:17:32 ache Exp $ +# $Id: printcap,v 1.9 1998/02/04 12:09:06 ache Exp $ # # This enables a simple local "raw" printer, hooked up to the first diff -ur 2.2.7-RELEASE/etc/profile 3.0-RELEASE/etc/profile --- 2.2.7-RELEASE/etc/profile Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/profile Sun Oct 18 02:08:33 1998 @@ -1,3 +1,5 @@ +# $Id: profile,v 1.11 1998/09/02 01:34:56 brian Exp $ +# # System-wide .profile file for sh(1). # Uncomment this to give you the default 4.2 behavior, where disk # information is shown in K-Blocks diff -ur 2.2.7-RELEASE/etc/protocols 3.0-RELEASE/etc/protocols --- 2.2.7-RELEASE/etc/protocols Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/protocols Sun Oct 18 02:08:33 1998 @@ -1,7 +1,7 @@ # # Internet (IP) protocols # -# $Id: protocols,v 1.4.2.3 1998/02/13 20:25:42 julian Exp $ +# $Id: protocols,v 1.10 1998/02/13 20:21:04 julian Exp $ # from: @(#)protocols 5.1 (Berkeley) 4/17/89 # # See also http://www.iana.org/in-notes/iana/assignments/protocol-numbers Binary files 2.2.7-RELEASE/etc/pwd.db and 3.0-RELEASE/etc/pwd.db differ diff -ur 2.2.7-RELEASE/etc/rc 3.0-RELEASE/etc/rc --- 2.2.7-RELEASE/etc/rc Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/rc Sun Oct 18 02:08:33 1998 @@ -1,5 +1,5 @@ #!/bin/sh -# $Id: rc,v 1.104.2.34 1998/06/04 00:20:34 mph Exp $ +# $Id: rc,v 1.160 1998/10/09 17:11:14 des Exp $ # From: @(#)rc 5.27 (Berkeley) 6/5/91 # System startup script run by init on autoboot @@ -84,7 +84,7 @@ # If there is a global system configuration file, suck it in. if [ -f /etc/rc.conf ]; then - . /etc/rc.conf + . /etc/rc.conf fi # If old file exists, whine until they fix it. @@ -95,10 +95,25 @@ adjkerntz -i -rm -rf /var/run/* +clean_var() { + if [ ! -f /var/run/clean_var ]; then + rm -rf /var/run/* + rm -f /var/spool/lock/* + rm -rf /var/spool/uucp/.Temp/* + # Keep a copy of the boot messages around + dmesg >/var/run/dmesg.boot + # And an initial utmp file + (cd /var/run && cp /dev/null utmp && chmod 644 utmp; ) + >/var/run/clean_var + fi +} -# Keep a copy of the boot messages around -dmesg > /var/run/dmesg.boot +if [ -d /var/run -a -d /var/spool/lock -a -d /var/spool/uucp/.Temp ]; then + # network_pass1() *may* end up writing stuff to /var - we don't want to + # remove it immediately afterwards - *nor* to we want to fail to clean + # an nfs-mounted /var. + clean_var +fi # Add additional swapfile, if configured. if [ "x$swapfile" != "xNO" -a -w "$swapfile" -a -b /dev/vn0b ]; then @@ -122,16 +137,18 @@ network_pass1 fi +echo -n "Mounting NFS file systems" mount -a -t nfs +echo . # Whack the pty perms back into shape. chmod 666 /dev/tty[pqrsPQRS]* # clean up left-over files rm -f /etc/nologin -rm -f /var/spool/lock/* -rm -rf /var/spool/uucp/.Temp/* -(cd /var/run && { cp /dev/null utmp; chmod 644 utmp; }) + +clean_var # If it hasn't already been done +rm /var/run/clean_var # # Clearing /tmp at boot-time seems to have a long tradition. It doesn't @@ -147,13 +164,14 @@ # prune quickly with one rm, then use find to clean up /tmp/[lq]* # (not needed with mfs /tmp, but doesn't hurt there...) (cd /tmp && rm -rf [a-km-pr-zA-Z]* && - find -d . ! -name . ! -name lost+found ! -name quotas -exec rm -rf -- {} \;) + find -d . ! -name . ! -name lost+found ! -name quotas -exec rm -rf -- {} \;) - # Also remove X lock files since it will prevent you from - # restarting X11 after a system crash. - rm -f /tmp/.X*-lock /tmp/.X11-unix/* fi +# Remove X lock files, since they will prevent you from restarting X11 +# after a system crash. +rm -f /tmp/.X*-lock /tmp/.X11-unix/* + # snapshot any kernel -c changes back to disk echo 'recording kernel -c changes' dset -q @@ -173,10 +191,6 @@ rm -f /var/run/log echo -n ' syslogd'; syslogd ${syslogd_flags} fi - -if [ "X${tickadj_enable}" = X"YES" ]; then - echo -n ' tickadj'; tickadj ${tickadj_flags--Aq} -fi echo '.' # enable dumpdev so that savecore can see it @@ -189,7 +203,7 @@ fi if [ -n "$network_pass1_done" ]; then - network_pass2 + network_pass2 fi # Check the quotas (must be after ypbind if using NIS) @@ -201,7 +215,7 @@ fi if [ -n "$network_pass2_done" ]; then - network_pass3 + network_pass3 fi @@ -226,14 +240,30 @@ # Make shared lib searching a little faster. Leave /usr/lib first if you # add your own entries or you may come to grief. -_LDC=/usr/lib -for i in $ldconfig_paths; do - if test -d $i; then - _LDC="${_LDC} $i" +if [ -x /sbin/ldconfig ]; then + if [ X"`/usr/bin/objformat`" = X"elf" ]; then + _LDC=/usr/lib + for i in $ldconfig_paths; do + if test -d $i; then + _LDC="${_LDC} $i" + fi + done + echo 'setting ELF ldconfig path:' ${_LDC} + ldconfig -elf ${_LDC} fi -done -echo 'setting ldconfig path:' ${_LDC} -ldconfig ${_LDC} + + # Default the a.out ldconfig path, in case the system's + # /etc/rc.conf hasn't been updated. + : ${ldconfig_paths_aout=${ldconfig_paths}} + _LDC=/usr/lib/aout + for i in $ldconfig_paths_aout; do + if test -d $i; then + _LDC="${_LDC} $i" + fi + done + echo 'setting a.out ldconfig path:' ${_LDC} + ldconfig -aout ${_LDC} +fi # Now start up miscellaneous daemons that don't belong anywhere else # @@ -302,19 +332,36 @@ fi fi +# make a bounds file for msgs(1) if there isn't one already +if [ ! -f /var/msgs/bounds ]; then + echo 0 > /var/msgs/bounds +fi + # for each valid dir in $local_startup, search for init scripts matching *.sh if [ "X${local_startup}" != X"NO" ]; then echo -n 'Local package initialization:' for dir in ${local_startup}; do [ -d ${dir} ] && for script in ${dir}/*.sh; do - [ -x ${script} ] && ${script} start + [ -x ${script} ] && \ + (trap 'exit 1' 2 ; ${script} start ; echo -n) done done echo . fi +# Run rc.devfs if present to customify devfs +[ -f /etc/rc.devfs ] && sh /etc/rc.devfs + # Do traditional (but rather obsolete) rc.local file if it exists. [ -f /etc/rc.local ] && sh /etc/rc.local + +# Raise kernel security level. This should be done only after `fsck' has +# repaired local file systems if you want the securelevel to be greater than 1. +if [ "X${kern_securelevel_enable}" = X"YES" -a "${kern_securelevel}" -ge 0 ]; +then + echo 'Raising kernel security level' + sysctl -w kern.securelevel=${kern_securelevel} +fi date exit 0 Only in 3.0-RELEASE/etc: rc.atm diff -ur 2.2.7-RELEASE/etc/rc.conf 3.0-RELEASE/etc/rc.conf --- 2.2.7-RELEASE/etc/rc.conf Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/rc.conf Sun Oct 18 02:08:33 1998 @@ -6,7 +6,7 @@ # # All arguments must be in double or single quotes. # -# $Id: rc.conf,v 1.1.2.45 1998/06/27 21:23:17 steve Exp $ +# $Id: rc.conf,v 1.61 1998/10/08 18:47:29 des Exp $ ############################################################## ### Important initial Boot-time options ##################### @@ -18,6 +18,7 @@ pccard_mem="DEFAULT" # If pccard_enable=YES, this is card memory address. pccard_ifconfig="NO" # Specialized pccard ethernet configuration (or NO). local_startup="/usr/local/etc/rc.d /usr/X11R6/etc/rc.d" # startup script dirs. +local_periodic="/usr/local/etc/periodic /usr/X11R6/etc/periodic" # periodic script dirs ############################################################## @@ -30,7 +31,10 @@ firewall_enable="NO" # Set to YES to enable firewall functionality firewall_type="UNKNOWN" # Firewall type (see /etc/rc.firewall) firewall_quiet="NO" # Set to YES to suppress rule display -tcp_extensions="YES" # Allow RFC1323 & RFC1644 extensions (or NO). +natd_enable="NO" # Enable natd (if firewall_enable == YES). +natd_interface="fxp0" # Public interface to use with natd. +natd_flags="" # Additional flags for natd. +tcp_extensions="NO" # Disallow RFC1323 extensions (or YES). network_interfaces="lo0" # List of network interfaces (lo0 is loopback). ifconfig_lo0="inet 127.0.0.1" # default loopback device configuration. #ifconfig_lo0_alias0="inet 127.0.0.254 netmask 0xffffffff" # Sample alias entry. @@ -41,8 +45,9 @@ inetd_enable="YES" # Run the network daemon dispatcher (or NO). inetd_flags="" # Optional flags to inetd. named_enable="NO" # Run named, the DNS server (or NO). -named_program="/usr/sbin/named" # named program, in case we want bind8 instead. -named_flags="-b /etc/namedb/named.boot" # Flags to named (if enabled). +named_program="named" # path to named, if you want a different one. +named_flags="" # Flags for named (/etc/namedb/named.conf is + # the default now). kerberos_server_enable="NO" # Run a kerberos master server (or NO). kadmind_server_enable="NO" # Run kadmind (or NO) -- do not run on # a slave kerberos server @@ -50,16 +55,20 @@ rwhod_enable="NO" # Run the rwho daemon (or NO). amd_enable="NO" # Run amd service with $amd_flags (or NO). amd_flags="-a /net -c 1800 -k i386 -d my.domain -l syslog /host /etc/amd.map" +amd_map_program="NO" # Can be set to "ypcat -k amd.master" nfs_client_enable="NO" # This host is an NFS client (or NO). nfs_client_flags="-n 4" # Flags to nfsiod (if enabled). nfs_server_enable="NO" # This host is an NFS server (or NO). -nfs_server_flags="-u -t 4" # Flags to nfsd (if enabled). +nfs_server_flags="-u -t -n 4" # Flags to nfsd (if enabled). mountd_flags="-r" # Flags to mountd (if NFS server enabled). nfs_reserved_port_only="NO" # Provide NFS only on secure port (or NO). rpc_lockd_enable="NO" # Run NFS rpc.lockd (*broken!*) if nfs_server. rpc_statd_enable="YES" # Run NFS rpc.statd if nfs_server (or NO). portmap_enable="YES" # Run the portmapper service (or NO). portmap_flags="" # Flags to portmap (if enabled). +rpc_ypupdated_enable="NO" # Run if NIS master and SecureRPC (or NO). +keyserv_enable="NO" # Run the SecureRPC keyserver (or NO). +keyserv_flags="" # Flags to keyserv (if enabled). rarpd_enable="NO" # Run rarpd (or NO). rarpd_flags="" # Flags to rarpd. xtend_enable="NO" # Run the X-10 power controller daemon. @@ -73,9 +82,7 @@ ntpdate_flags="" # Flags to ntpdate (if enabled). xntpd_enable="NO" # Run xntpd Network Time Protocol (or NO). xntpd_program="xntpd" # path to xntpd, if you want a different one. -xntpd_flags="-p /var/run/xntpd.pid" # Flags to xntpd (if enabled). -tickadj_enable="NO" # Run tickadj (or NO). -tickadj_flags="-Aq" # Flags to tickadj (if enabled). +xntpd_flags="-p /var/run/xntpd.pid" # Flags to xntpd (if enabled). # Network Information Services (NIS) options: ### nis_client_enable="NO" # We're an NIS client (or NO). @@ -93,7 +100,7 @@ defaultrouter="NO" # Set to default gateway (or NO). static_routes="" # Set to static route list (or leave empty). gateway_enable="NO" # Set to YES if this host will be a gateway. -router_enable="YES" # Set to YES to enable a routing daemon. +router_enable="NO" # Set to YES to enable a routing daemon. router="routed" # Name of routing daemon to use if enabled. router_flags="-q" # Flags for routing daemon. mrouted_enable="NO" # Do multicast routing (see /etc/mrouted.conf). @@ -104,9 +111,20 @@ arpproxy_all="" # replaces obsolete kernel option ARP_PROXYALL. forward_sourceroute="NO" # do source routing (only if gateway_enable is set to "YES") accept_sourceroute="NO" # accept source routed packets to us -natd_enable="NO" # Enable natd if firewall_enable. -natd_interface="fxp0" # Public interface to use with natd if natd_enable. -natd_flags="" # Additional flags for natd. + +### ATM interface options: ### +atm_enable="NO" # Configure ATM interfaces (or NO). +#atm_netif_hea0="atm 1" # Network interfaces for physical interface. +#atm_sigmgr_hea0="uni31" # Signalling manager for physical interface. +#atm_prefix_hea0="ILMI" # NSAP prefix (UNI interfaces only) (or ILMI). +#atm_macaddr_hea0="NO" # Override physical MAC address (or NO). +#atm_arpserver_atm0="0x47.0005.80.999999.9999.9999.9999.999999999999.00" # ATMARP server address (or local). +#atm_scsparp_atm0="NO" # Run SCSP/ATMARP on network interface (or NO). +atm_pvcs="" # Set to PVC list (or leave empty). +atm_arps="" # Set to permanent ARP list (or leave empty). + +### Miscellaneous network options: ### +icmp_bmcastecho="NO" # respond to broadcast ping packets ############################################################## @@ -128,6 +146,7 @@ moused_type="auto" # See man page for rc.conf(5) for available settings. moused_port="/dev/cuaa0" # Set to your mouse port. moused_flags="" # Any additional flags to moused. +allscreens_flags="" # Set this vidcontrol mode for all virtual screens ############################################################## @@ -147,6 +166,9 @@ rand_irqs="NO" # Stir the entropy pool (like "5 11" or NO). clear_tmp_enable="NO" # Clear /tmp at startup. ldconfig_paths="/usr/lib/compat /usr/X11R6/lib /usr/local/lib" # shared library search paths +ldconfig_paths_aout="/usr/lib/compat/aout /usr/X11R6/lib/aout /usr/local/lib/aout" # a.out shared library search paths +kern_securelevel_enable="NO" # kernel security level (see init(8)), +kern_securelevel="-1" # range: -1..2 ; `-1' is the most insecure ############################################################## ### Allow local configuration override at the very end here ## Only in 3.0-RELEASE/etc: rc.devfs diff -ur 2.2.7-RELEASE/etc/rc.firewall 3.0-RELEASE/etc/rc.firewall --- 2.2.7-RELEASE/etc/rc.firewall Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/rc.firewall Sun Oct 18 02:08:33 1998 @@ -1,6 +1,6 @@ ############ # Setup system for firewall service. -# $Id: rc.firewall,v 1.6.2.9 1998/06/27 21:23:19 steve Exp $ +# $Id: rc.firewall,v 1.19 1998/04/25 00:40:55 alex Exp $ if [ -f /etc/rc.conf ]; then . /etc/rc.conf @@ -58,9 +58,10 @@ $fwcmd -f flush ############ -# These rules are required for using natd. All packets are passed to natd before -# they encounter your remaining rules. The firewall rules will then be run again -# on each packet after translation by natd, minus any divert rules (see natd(8)). +# These rules are required for using natd. All packets are passed to +# natd before they encounter your remaining rules. The firewall rules +# will then be run again on each packet after translation by natd, +# minus any divert rules (see natd(8)). if [ "X${natd_enable}" = X"YES" -a "X${natd_interface}" != X"" ]; then $fwcmd add divert natd all from any to any via ${natd_interface} fi diff -ur 2.2.7-RELEASE/etc/rc.i386 3.0-RELEASE/etc/rc.i386 --- 2.2.7-RELEASE/etc/rc.i386 Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/rc.i386 Sun Oct 18 02:08:33 1998 @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: rc.i386,v 1.18.2.10 1998/03/07 09:06:19 jkh Exp $ +# $Id: rc.i386,v 1.35 1998/07/22 05:38:58 phk Exp $ # Do i386 specific processing # @@ -94,7 +94,7 @@ # screen saver if [ "X${saver}" != X"NO" ] ; then echo -n ' screensaver' - modstat | grep _saver || \ + modstat | grep -q _saver || \ modload -u -o /tmp/saver_mod -q /lkm/${saver}_saver_mod.o fi @@ -103,6 +103,15 @@ echo -n ' moused' moused ${moused_flags} -p ${moused_port} -t ${moused_type} vidcontrol <${viddev} -m on +fi + +# set this mode for all virtual screens +if [ "X${allscreens_flags}" != X"" ] ; then + echo -n ' allscreens' + for ttyv in /dev/ttyv* + do + vidcontrol <$ttyv ${allscreens_flags} + done fi echo '.' diff -ur 2.2.7-RELEASE/etc/rc.local 3.0-RELEASE/etc/rc.local --- 2.2.7-RELEASE/etc/rc.local Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/rc.local Sun Oct 18 02:08:33 1998 @@ -1,7 +1,7 @@ # # site-specific startup actions, daemons # -# $Id: rc.local,v 1.21.2.2 1998/02/15 14:24:49 jkh Exp $ +# $Id: rc.local,v 1.25 1997/06/25 15:15:13 ache Exp $ # # If there is a global system configuration file, suck it in. diff -ur 2.2.7-RELEASE/etc/rc.network 3.0-RELEASE/etc/rc.network --- 2.2.7-RELEASE/etc/rc.network Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/rc.network Sun Oct 18 02:08:33 1998 @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: rc.network,v 1.1.2.21 1998/06/27 21:23:20 steve Exp $ +# $Id: rc.network,v 1.33 1998/10/06 19:24:14 phk Exp $ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 # Note that almost all the user-configurable behavior is no longer in @@ -25,6 +25,12 @@ fi echo '.' + # Initial ATM interface configuration + if [ "X${atm_enable}" = X"YES" -a -f /etc/rc.atm ]; then + . /etc/rc.atm + atm_pass1 + fi + # Set up all the network interfaces, calling startup scripts if needed for ifn in ${network_interfaces}; do if [ -e /etc/start_if.${ifn} ]; then @@ -65,8 +71,7 @@ fi if [ $firewall_in_kernel = 0 -a "x$firewall_enable" = "xYES" ] ; then - modload /lkm/ipfw_mod.o - if [ $? = 0 ]; then + if modload /lkm/ipfw_mod.o; then firewall_in_kernel=1 # module loaded successfully echo "Kernel firewall module loaded." else @@ -90,6 +95,11 @@ fi fi + # Additional ATM interface configuration + if [ -n "${atm_pass1_done}" ]; then + atm_pass2 + fi + # Configure routing if [ "x$defaultrouter" != "xNO" ] ; then @@ -109,7 +119,11 @@ if [ -n "$tcp_extensions" -a "x$tcp_extensions" != "xYES" ] ; then echo -n ' tcp extensions=NO' sysctl -w net.inet.tcp.rfc1323=0 >/dev/null 2>&1 - sysctl -w net.inet.tcp.rfc1644=0 >/dev/null 2>&1 + fi + + if [ X"$icmp_bmcastecho" = X"YES" ]; then + echo -n ' broadcast ping responses=YES' + sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null 2>&1 fi if [ "X$gateway_enable" = X"YES" ]; then @@ -127,28 +141,34 @@ sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null 2>&1 fi - if [ "X$router_enable" = X"YES" ]; then - echo -n " ${router}"; ${router} ${router_flags} - fi - if [ "X$ipxgateway_enable" = X"YES" ]; then echo -n ' IPX gateway=YES' sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null 2>&1 fi + if [ "X$arpproxy_all" = X"YES" ]; then + echo -n ' enabling ARP_PROXY_ALL: ' + sysctl -w net.link.ether.inet.proxyall=1 2>&1 + fi + echo '.' + + echo -n 'routing daemons:' + if [ "X$router_enable" = X"YES" ]; then + echo -n " ${router}"; ${router} ${router_flags} + fi + if [ "X$ipxrouted_enable" = X"YES" ]; then - echo -n ' IPXrouted: ' + echo -n ' IPXrouted' IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 fi - if [ "X$arpproxy_all" = X"YES" ]; then - echo -n ' enabling ARP_PROXY_ALL: ' - sysctl -w net.link.ether.inet.proxyall=1 2>&1 + if [ "X${mrouted_enable}" = X"YES" ]; then + echo -n ' mrouted'; mrouted ${mrouted_flags} fi + if [ "X$rarpd_enable" = X"YES" ]; then echo -n ' rarpd'; rarpd ${rarpd_flags} fi - echo '.' network_pass1_done=YES # Let future generations know we made it. } @@ -197,6 +217,20 @@ fi fi + # Start keyserv if we are running Secure RPC + if [ "X${keyserv_enable}" = X"YES" ]; then + echo -n ' keyserv'; keyserv ${keyserv_flags} + fi + # Start ypupdated if we are running Secure RPC and we are NIS master + if [ "X$rpc_ypupdated_enable" = X"YES" ]; then + echo -n ' rpc.ypupdated'; rpc.ypupdated + fi + + # Start ATM daemons + if [ -n "${atm_pass2_done}" ]; then + atm_pass3 + fi + echo '.' network_pass2_done=YES } @@ -211,7 +245,6 @@ fi mountd ${mountd_flags} if [ "X${nfs_reserved_port_only}" = X"YES" ]; then - echo -n ' nfsprivport=YES' sysctl -w vfs.nfs.nfs_privport=1 >/dev/null 2>&1 fi echo -n ' nfsd'; nfsd ${nfs_server_flags} @@ -229,6 +262,9 @@ if [ "X${amd_enable}" = X"YES" ]; then echo -n ' amd' + if [ "X${amd_map_program}" != X"NO" ]; then + amd_flags="${amd_flags} `eval ${amd_map_program}`" + fi amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null fi @@ -244,23 +280,25 @@ stash_flag= fi echo -n ' kerberos'; \ - kerberos ${stash_flags} >> /var/log/kerberos.log & + kerberos ${stash_flag} >> /var/log/kerberos.log & if [ "X${kadmind_server_enable}" = "XYES" ]; then echo -n ' kadmind'; \ - (sleep 20; kadmind ${stash_flags} >/dev/null 2>&1 &) & + (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & fi unset stash_flag fi - # IP multicast routing daemon - if [ "X${mrouted_enable}" = X"YES" ]; then - echo -n ' mrouted'; mrouted ${mrouted_flags} - fi - # Network Address Translation daemon - if [ "X${natd_enable}" = X"YES" -a "X${natd_interface}" != X"" -a "X${firewall_enable}" = X"YES" ]; then - echo -n ' natd'; natd ${natd_flags} -n ${natd_interface} - fi + if [ "X${natd_enable}" = X"YES" -a X"${natd_interface}" != X"" \ + -a X"${firewall_enable}" = X"YES" ]; then + if echo ${natd_interface} | \ + grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then + natd_ifarg="-a ${natd_interface}" + else + natd_ifarg="-n ${natd_interface}" + fi + echo -n ' natd'; natd ${natd_flags} ${natd_ifarg} + fi echo '.' network_pass3_done=YES diff -ur 2.2.7-RELEASE/etc/rc.pccard 3.0-RELEASE/etc/rc.pccard --- 2.2.7-RELEASE/etc/rc.pccard Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/rc.pccard Sun Oct 18 02:08:33 1998 @@ -3,6 +3,8 @@ # PC-card startup script # HOSOKAWA, Tatsumi # +# $Id: rc.pccard,v 1.6 1998/08/10 19:54:12 brian Exp $ +# if [ "X$pccard_enable" = X"YES" ] ; then if [ "x$pccard_mem" != "xDEFAULT" ] ; then diff -ur 2.2.7-RELEASE/etc/rc.serial 3.0-RELEASE/etc/rc.serial --- 2.2.7-RELEASE/etc/rc.serial Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/rc.serial Sun Oct 18 02:08:33 1998 @@ -1,5 +1,5 @@ #!/bin/sh -# $Id: rc.serial,v 1.6.2.3 1998/03/13 22:01:26 danny Exp $ +# $Id: rc.serial,v 1.11 1998/03/13 22:03:03 danny Exp $ # Change some defaults for serial devices. # Standard defaults are: Only in 3.0-RELEASE/etc: rc.shutdown diff -ur 2.2.7-RELEASE/etc/remote 3.0-RELEASE/etc/remote --- 2.2.7-RELEASE/etc/remote Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/remote Sun Oct 18 02:08:33 1998 @@ -1,3 +1,5 @@ +# $Id: remote,v 1.9 1998/09/02 01:34:56 brian Exp $ +# # @(#)remote 5.2 (Berkeley) 6/30/90 # # remote -- remote host description file diff -ur 2.2.7-RELEASE/etc/rpc 3.0-RELEASE/etc/rpc --- 2.2.7-RELEASE/etc/rpc Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/rpc Sun Oct 18 02:08:33 1998 @@ -1,4 +1,5 @@ # +# $Id: rpc,v 1.6 1998/09/02 01:34:56 brian Exp $ # rpc 88/08/01 4.0 RPCSRC; from 1.12 88/02/07 SMI # portmapper 100000 portmap sunrpc diff -ur 2.2.7-RELEASE/etc/security 3.0-RELEASE/etc/security --- 2.2.7-RELEASE/etc/security Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/security Sun Oct 18 02:08:33 1998 @@ -1,7 +1,7 @@ #!/bin/sh - # # @(#)security 5.3 (Berkeley) 5/28/91 -# $Id: security,v 1.16.2.6 1998/07/08 22:44:08 alex Exp $ +# $Id: security,v 1.27 1998/08/16 10:38:02 des Exp $ # PATH=/sbin:/bin:/usr/bin LC_ALL=C; export LC_ALL @@ -50,7 +50,11 @@ separator echo "checking for uids of 0:" -awk 'BEGIN {FS=":"} $3==0 {print $1,$3}' /etc/master.passwd +awk -F: '$3==0 {print $1,$3}' /etc/master.passwd + +separator +echo "checking for passwordless accounts:" +awk -F: '$2=="" {print $0}' /etc/master.passwd # show denied packets if ipfw -a l 2>/dev/null | egrep "deny|reset|unreach" > $TMP; then @@ -65,6 +69,18 @@ diff -b $LOG/ipfw.today $TMP | egrep "^>" mv $LOG/ipfw.today $LOG/ipfw.yesterday mv $TMP $LOG/ipfw.today + fi +fi + +# show ipfw rules which have reached the log limit +IPFW_LOG_LIMIT=`sysctl -n net.inet.ip.fw.verbose_limit 2> /dev/null` +if [ $? -eq 0 ] && [ $IPFW_LOG_LIMIT -ne 0 ]; then + ipfw -a l | grep " log " | perl -n -e \ + '/^\d+\s+(\d+)/; print if ($1 >= '$IPFW_LOG_LIMIT')' > $TMP + if [ -s $TMP ]; then + separator + echo "ipfw log limit reached:" + cat $TMP fi fi diff -ur 2.2.7-RELEASE/etc/sendmail.cf 3.0-RELEASE/etc/sendmail.cf --- 2.2.7-RELEASE/etc/sendmail.cf Wed Jul 22 17:16:25 1998 +++ 3.0-RELEASE/etc/sendmail.cf Sun Oct 18 02:08:36 1998 @@ -1,35 +1,13 @@ # -# Copyright (c) 1983, 1995 Eric P. Allman +# Copyright (c) 1998 Sendmail, Inc. All rights reserved. +# Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 # The Regents of the University of California. All rights reserved. # -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# 3. All advertising materials mentioning features or use of this software -# must display the following acknowledgement: -# This product includes software developed by the University of -# California, Berkeley and its contributors. -# 4. Neither the name of the University nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. +# By using this file, you agree to the terms and conditions set +# forth in the LICENSE file which can be found at the top level of +# the sendmail distribution. +# # ###################################################################### @@ -37,34 +15,38 @@ ##### ##### SENDMAIL CONFIGURATION FILE ##### -##### built by root@builder.cdrom.com on Wed Jul 22 07:57:41 GMT 1998 -##### in /usr/src/usr.sbin/sendmail/cf/cf -##### using ../ as configuration include directory +##### built by root@kickme.freebsd.org on Sat Oct 17 16:07:36 GMT 1998 +##### in /usr/src/etc/sendmail +##### using /usr/src/etc/sendmail/../../contrib/sendmail/cf/ as configuration include directory ##### ###################################################################### ###################################################################### -##### @(#)cfhead.m4 8.9 (Berkeley) 1/18/97 ##### -##### @(#)cf.m4 8.24 (Berkeley) 8/16/95 ##### -##### @(#)freebsd.mc $Revision: 1.1.4.4 $ ##### +##### @(#)cfhead.m4 8.22 (Berkeley) 5/19/98 ##### +##### @(#)cf.m4 8.29 (Berkeley) 5/19/98 ##### +##### @(#)freebsd.mc $Revision: 1.3 $ ##### + +##### @(#)bsd4.4.m4 8.9 (Berkeley) 5/19/98 ##### -##### @(#)bsd4.4.m4 8.4 (Berkeley) 11/13/95 ##### +##### @(#)generic.m4 8.9 (Berkeley) 5/19/98 ##### -##### @(#)generic.m4 8.3 (Berkeley) 3/24/96 ##### +##### @(#)redirect.m4 8.10 (Berkeley) 5/19/98 ##### -##### @(#)redirect.m4 8.5 (Berkeley) 8/17/96 ##### +##### @(#)use_cw_file.m4 8.6 (Berkeley) 5/19/98 ##### -##### @(#)use_cw_file.m4 8.1 (Berkeley) 6/7/93 ##### +##### @(#)mailertable.m4 8.9 (Berkeley) 5/19/98 ##### -##### @(#)mailertable.m4 8.3 (Berkeley) 8/7/93 ##### +##### @(#)proto.m4 8.223 (Berkeley) 6/30/98 ##### -##### @(#)proto.m4 8.151 (Berkeley) 7/31/97 ##### +# level 8 config file format +V8/Berkeley -# level 7 config file format -V7/Berkeley +# override file safeties - setting this option compromises system security +# need to set this now for the sake of class files +#O DontBlameSendmail=safe ################## # local info # @@ -92,9 +74,6 @@ # "Smart" relay host (may be null) DS -# place to which unknown users should be forwarded -#Kuser user -m -a<> -#DLname_of_luser_relay # operators that cannot be in local usernames (i.e., network indicators) CO @ % ! @@ -108,14 +87,18 @@ # Mailer table (overriding domains) Kmailertable hash -o /etc/mailertable -# Domain table (adding domains) -#Kdomaintable dbm /etc/domaintable -# Generics table (mapping outgoing addresses) -#Kgenerics dbm /etc/genericstable -# Virtual user table (maps incoming users) -#Kvirtuser dbm /etc/virtusertable + + + + + +# Resolve map (to check if a host exists in check_mail) +Kresolve host -a -T + +# Hosts that will permit relaying ($=R) +FR-o /etc/mail/relay-domains # who I send unqualified names to (null means deliver locally) DR @@ -142,7 +125,7 @@ CPREDIRECT # Configuration version number -DZ8.8.8 +DZ8.9.1 ############### @@ -214,7 +197,7 @@ O SendMimeErrors=True # Forward file search path -O ForwardPath=$z/.forward.$w:$z/.forward +O ForwardPath=$z/.forward.$w+$h:$z/.forward+$h:$z/.forward.$w:$z/.forward # open connection cache size O ConnectionCacheSize=2 @@ -300,7 +283,7 @@ #O TimeZoneSpec= # default UID (can be username or userid:groupid) -O DefaultUser=1:1 +#O DefaultUser=mailnull # list of locations of user database file (null means no lookup) #O UserDatabaseSpec=/etc/userdb @@ -374,6 +357,15 @@ # UNIX initial From header format (old $l macro) O UnixFromLine=From $g $d +# From: lines that have embedded newlines are unwrapped onto one line +#O SingleLineFromHeader=False + +# Allow HELO SMTP command that does not include a host name +#O AllowBogusHELO=False + +# Characters to be quoted in a full name phrase (@,;:\()[] are automatic) +#O MustQuoteChars=. + # delimiter (operator) characters (old $o macro) O OperatorChars=.:%@!^/[]+ @@ -384,11 +376,17 @@ #O UnsafeGroupWrites # where do errors that occur when sending errors get sent? -#O DoubleBounceAddress +#O DoubleBounceAddress=postmaster # what user id do we assume for the majority of the processing? #O RunAsUser=sendmail +# maximum number of recipients per SMTP envelope +#O MaxRecipientsPerMessage=100 + +# shall we get local names from our installed interfaces? +#O DontProbeInterfaces + ########################### # Message precedences # ########################### @@ -514,13 +512,12 @@ R$* < @@ $=w > $* $: $1 < @ $j . > $3 self-literal R$* < @@ $+ > $* $@ $1 < @ $2 > $3 canon IP addr -# look up domains in the domain table -#R$* < @ $+ > $* $: $1 < @ $(domaintable $2 $) > $3 + + # pass UUCP addresses straight through R$* < @ $+ . UUCP > $* $@ $1 < @ $2 . UUCP . > $3 - # pass to name server to make hostname canonical R$* < @ $* $~P > $* $: $1 < @ $[ $2 $3 $] > $4 @@ -575,45 +572,52 @@ S0 R$* $: $>Parse0 $1 initial parsing +R<@> $#local $: <@> special case error msgs R$* $: $>98 $1 handle local hacks R$* $: $>Parse1 $1 final parsing +# +# Parse0 -- do initial syntax checking and eliminate local addresses. +# This should either return with the (possibly modified) input +# or return with a #error mailer. It should not return with a +# #mailer other than the #error mailer. +# + SParse0 -R<@> $#local $: <@> special case error msgs -R$* : $* ; <@> $#error $@ 5.1.3 $: "list:; syntax illegal for recipient addresses" -R<@ $+> $#error $@ 5.1.1 $: "user address required" +R<@> $@ <@> special case error msgs +R$* : $* ; <@> $#error $@ 5.1.3 $: "List:; syntax illegal for recipient addresses" +#R@ <@ $* > < @ $1 > catch "@@host" bogosity +R<@ $+> $#error $@ 5.1.3 $: "User address required" R$* $: <> $1 R<> $* < @ [ $+ ] > $* $1 < @ [ $2 ] > $3 -R<> $* <$* : $* > $* $#error $@ 5.1.1 $: "colon illegal in host name part" +R<> $* <$* : $* > $* $#error $@ 5.1.3 $: "Colon illegal in host name part" R<> $* $1 -R$* < @ . $* > $* $#error $@ 5.1.2 $: "invalid host name" -R$* < @ $* .. $* > $* $#error $@ 5.1.2 $: "invalid host name" - -# handle numeric address spec -R$* < @ [ $+ ] > $* $: $>98 $1 < @ [ $2 ] > $3 numeric internet spec -R$* < @ [ $+ ] > $* $#esmtp $@ [$2] $: $1 < @ [$2] > $3 still numeric: send +R$* < @ . $* > $* $#error $@ 5.1.2 $: "Invalid host name" +R$* < @ $* .. $* > $* $#error $@ 5.1.2 $: "Invalid host name" # now delete the local info -- note $=O to find characters that cause forwarding R$* < @ > $* $@ $>Parse0 $>3 $1 user@ => user R< @ $=w . > : $* $@ $>Parse0 $>3 $2 @here:... -> ... R$- < @ $=w . > $: $(dequote $1 $) < @ $2 . > dequote "foo"@here -R< @ $+ > $#error $@ 5.1.1 $: "user address required" +R< @ $+ > $#error $@ 5.1.3 $: "User address required" R$* $=O $* < @ $=w . > $@ $>Parse0 $>3 $1 $2 $3 ...@here -> ... +R$- $: $(dequote $1 $) < @ *LOCAL* > dequote "foo" +R< @ *LOCAL* > $#error $@ 5.1.3 $: "User address required" +R$* $=O $* < @ *LOCAL* > + $@ $>Parse0 $>3 $1 $2 $3 ...@*LOCAL* -> ... +R$* < @ *LOCAL* > $: $1 + +# +# Parse1 -- the bottom half of ruleset 0. +# SParse1 -# handle virtual users -#R$+ < @ $=w . > $: < $(virtuser $1 @ $2 $@ $1 $: @ $) > $1 < @ $2 . > -#R<@> $+ + $* < @ $* . > - $: < $(virtuser $1 + * @ $3 $@ $1 $: @ $) > $1 + $2 < @ $3 . > -#R<@> $+ + $* < @ $* . > - $: < $(virtuser $1 @ $3 $@ $1 $: @ $) > $1 + $2 < @ $3 . > -#R<@> $+ < @ $+ . > $: < $(virtuser @ $2 $@ $1 $: @ $) > $1 < @ $2 . > -#R<@> $+ $: $1 -#R< error : $- $+ > $* $#error $@ $( dequote $1 $) $: $2 -#R< $+ > $+ < @ $+ > $: $>97 $1 +# handle numeric address spec +R$* < @ [ $+ ] > $* $: $>98 $1 < @ [ $2 ] > $3 numeric internet spec +R$* < @ [ $+ ] > $* $#esmtp $@ [$2] $: $1 < @ [$2] > $3 still numeric: send + # short circuit local delivery so forwarded email works -#R$+ . USENET < @ $=w . > $#usenet $: $1 handle usenet specially R$=L < @ $=w . > $#local $: @ $1 special local names R$+ < @ $=w . > $#local $: $1 regular local name @@ -639,10 +643,6 @@ # deal with other remote names R$* < @$* > $* $#esmtp $@ $2 $: $1 < @ $2 > $3 user@host.domain -# if this is quoted, strip the quotes and try again -R$+ $: $(dequote $1 $) strip quotes -R$+ $=O $+ $@ $>97 $1 $2 $3 try again - # handle locally delivered names R$=L $#local $: @ $1 special local names R$+ $#local $: $1 regular local names @@ -660,19 +660,15 @@ # prepend an empty "forward host" on the front R$+ $: <> $1 -# send unrecognized local users to a relay host -#R< > $+ $: < $L . > $( user $1 $) look up user -#R< $* > $+ <> $* $: < > $2 $3 found; strip $L -#R< $* . > $+ $: < $1 > $2 strip extra dot # see if we have a relay or a hub R< > $+ $: < $H > $1 try hub R< > $+ $: < $R > $1 try relay -R< > $+ $: < > < $1 $(dequote "" $&h $) > nope, restore +detail +R< > $+ $: < > < $1 $&h > nope, restore +detail R< > < $+ + $* > $* < > < $1 > + $2 $3 find the user part R< > < $+ > + $* $#local $@ $2 $: @ $1 strip the extra + R< > < $+ > $@ $1 no +detail -R$+ $: $1 $(dequote "" $&h $) add +detail back in +R$+ $: $1 $&h add +detail back in R< local : $* > $* $: $>95 < local : $1 > $2 no host extension R< error : $* > $* $: $>95 < error : $1 > $2 no host extension R< $- : $+ > $+ $: $>95 < $1 : $2 > $3 < @ $2 > @@ -684,11 +680,11 @@ S90 R$* <$- . $+ > $* $: $1$2 < $(mailertable .$3 $@ $1$2 $@ $2 $) > $4 -R$* <$~[ : $+ > $* $>95 < $2 : $3 > $4 check -- resolved? -R$* < . $+ > $* $@ $>90 $1 . <$2> $3 no -- strip & try again +R$* <$~[ : $+ > $* $>95 < $2 : $3 > $4 check -- resolved? +R$* < . $+ > $* $@ $>90 $1 . <$2> $3 no -- strip & try again R$* < $* > $* $: < $(mailertable . $@ $1$2 $) > $3 try "." -R< $~[ : $+ > $* $>95 < $1 : $2 > $3 "." found? -R< $* > $* $@ $2 no mailertable match +R< $~[ : $+ > $* $>95 < $1 : $2 > $3 "." found? +R< $* > $* $@ $2 no mailertable match ################################################################### ### Ruleset 95 -- canonify mailer:[user@]host syntax to triple ### @@ -696,7 +692,7 @@ S95 R< > $* $@ $1 strip off null relay -R< error : $- $+ > $* $#error $@ $( dequote $1 $) $: $2 +R< error : $- $+ > $* $#error $@ $(dequote $1 $) $: $2 R< local : $* > $* $>CanonLocal < $1 > $2 R< $- : $+ @ $+ > $*<$*>$* $# $1 $@ $3 $: $2<@$3> use literal user R< $- : $+ > $* $# $1 $@ $2 $: $3 try qualified mailer @@ -728,14 +724,6 @@ S93 -# handle generics database -#R$+ < @ $=G . > $: < $1@$2 > $1 < @ $2 . > @ mark -#R$+ < @ *LOCAL* > $: < $1@$j > $1 < @ *LOCAL* > @ mark -#R< $+ > $+ < $* > @ $: < $(generics $1 $: $) > $2 < $3 > -#R< > $+ < @ $+ > $: < $(generics $1 $: $) > $1 < @ $2 > -#R< $* @ $* > $* < $* > $@ $>3 $1 @ $2 found qualified -#R< $+ > $* < $* > $: $>3 $1 @ *LOCAL* found unqualified -#R< > $* $: $1 not found # special case the users that should be exposed R$=E < @ *LOCAL* > $@ $1 < @ $j . > leave exposed @@ -754,7 +742,6 @@ ################################################################### S94 -#R$+ $@ $>93 $1 R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2 ################################################################### @@ -767,6 +754,154 @@ R$* < @ $+ .REDIRECT. > $: $1 < @ $2 . REDIRECT . > < ${opMode} > R$* < @ $+ .REDIRECT. > $: $1 < @ $2 . REDIRECT. > R$* < @ $+ .REDIRECT. > < $- > $# error $@ 5.1.1 $: "551 User has moved; please try " <$1@$2> + + + +###################################################################### +### ParseRecipient -- Strip off hosts in $=R as well as possibly +### $* $=m or the access database. +### Check user portion for host separators. +### +### Parameters: +### $1 -- full recipient address +### +### Returns: +### parsed, non-local-relaying address +###################################################################### + +SParseRecipient +R$* $: $>Parse0 $>3 $1 +R $* < @ $* . > $1 < @ $2 > strip trailing dots +R $- < @ $* > $: $(dequote $1 $) < @ $2 > dequote local part + +# if no $=O character, no host in the user portion, we are done +R $* $=O $* < @ $* > $: $1 $2 $3 < @ $4> +R $* $@ $1 + +R $* < @ $* $=R > $: $1 < @ $2 $3 > +R $* < @ $* > $@ $>ParseRecipient $1 +R<$-> $* $@ $2 + +###################################################################### +### check_relay -- check hostname/address on SMTP startup +###################################################################### + +SLocal_check_relay +Scheck_relay +R$* $: $1 $| $>"Local_check_relay" $1 +R$* $| $* $| $#$* $#$3 +R$* $| $* $| $* $@ $>"Basic_check_relay" $1 $| $2 + +SBasic_check_relay +# check for deferred delivery mode +R$* $: < ${deliveryMode} > $1 +R< d > $* $@ deferred +R< $* > $* $: $2 + + + +###################################################################### +### check_mail -- check SMTP `MAIL FROM:' command argument +###################################################################### + +SLocal_check_mail +Scheck_mail +R$* $: $1 $| $>"Local_check_mail" $1 +R$* $| $#$* $#$2 +R$* $| $* $@ $>"Basic_check_mail" $1 + +SBasic_check_mail +# check for deferred delivery mode +R$* $: < ${deliveryMode} > $1 +R< d > $* $@ deferred +R< $* > $* $: $2 + +R<> $@ +R$* $: $>Parse0 $>3 $1 make domain canonical +R $* < @ $+ . > $* $1 < @ $2 > $3 strip trailing dots +# handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc) +R $* < $* $=P > $* $: $1 < @ $2 $3 > $4 +R $* < @ $+ > $* $: $) > $1 < @ $2 > $3 +R> $* < @ $+ > $* + $: <$2> $3 < @ $4 > $5 + +# handle case of @localhost on address +R<$+> $* < @localhost > $: < ? $&{client_name} > <$1> $2 < @localhost > +R<$+> $* < @localhost.$m > + $: < ? $&{client_name} > <$1> $2 < @localhost.$m > +R<$+> $* < @localhost.UUCP > + $: < ? $&{client_name} > <$1> $2 < @localhost.UUCP > +R <$+> $* <$2> $3 +R <$+> $* $#error $@ 5.5.4 $: "553 Real domain name required" +R <$+> $* $: <$1> $2 + + +# handle case of no @domain on address +R $* $: < ? $&{client_name} > $1 +R $* $@ ...local unqualed ok +R $* $#error $@ 5.5.4 $: "553 Domain name required" + ...remote is not +# check results +R $* $@ +R $* $@ +R $* $#error $@ 4.1.8 $: "451 Sender domain must resolve" +R $* $#error $@ 5.1.8 $: "501 Sender domain must exist" + +###################################################################### +### check_rcpt -- check SMTP `RCPT TO:' command argument +###################################################################### + +SLocal_check_rcpt +Scheck_rcpt +R$* $: $1 $| $>"Local_check_rcpt" $1 +R$* $| $#$* $#$2 +R$* $| $* $@ $>"Basic_check_rcpt" $1 + +SBasic_check_rcpt +# check for deferred delivery mode +R$* $: < ${deliveryMode} > $1 +R< d > $* $@ deferred +R< $* > $* $: $2 + +R$* $: $>ParseRecipient $1 strip relayable hosts + + +# anything terminating locally is ok +R$+ < @ $=w > $@ OK +R$+ < @ $* $=R > $@ OK + + +# check for local user (i.e. unqualified address) +R$* $: $1 +R $+ < @ $+ > $: $1 < @ $2 > +# local user is ok +R $+ $@ OK +R<$+> $* $: $2 + +# anything originating locally is ok +R$* $: $&{client_name} +# check if bracketed IP address (forward lookup != reverse lookup) +R [$+] $: [$1] +# pass to name server to make hostname canonical +R $* $~P $: $[ $1 $2 $] +R<$-> $* $: $2 +R$* . $1 strip trailing dots +R$@ $@ OK +R$=w $@ OK +R$* $=R $@ OK + +# check IP address +R$* $: $&{client_addr} +R$@ $@ OK originated locally +R0 $@ OK originated locally +R$=R $* $@ OK relayable IP address +R$* $: [ $1 ] put brackets around it... +R$=w $@ OK ... and see if it is local + + +# anything else is bogus +R$* $#error $@ 5.7.1 $: "550 Relaying denied" + # ###################################################################### ###################################################################### @@ -781,7 +916,7 @@ ### Local and Program Mailer specification ### ################################################## -##### @(#)local.m4 8.23 (Berkeley) 5/31/96 ##### +##### @(#)local.m4 8.30 (Berkeley) 6/30/98 ##### Mlocal, P=/usr/libexec/mail.local, F=lsDFMAw5:/|@qrmn9, S=10/30, R=20/40, T=DNS/RFC822/X-Unix, @@ -795,6 +930,7 @@ # S10 R<@> $n errors to mailer-daemon +R@ <@ $*> $n temporarily bypass Sun bogosity R$+ $: $>50 $1 add local domain if needed R$* $: $>94 $1 do masquerading @@ -809,6 +945,7 @@ # S30 R<@> $n errors to mailer-daemon +R@ <@ $*> $n temporarily bypass Sun bogosity R$+ $: $>50 $1 add local domain if needed R$* $: $>93 $1 do masquerading @@ -817,20 +954,17 @@ # S40 R$+ $: $>50 $1 add local domain if needed -#R$* $: $>93 $1 do all-masquerading # # Common code to add local domain name (only if always-add-domain) # S50 -#R$* < @ $* > $* $@ $1 < @ $2 > $3 already fully qualified -#R$+ $@ $1 < @ *LOCAL* > add local qualification ##################################### ### SMTP Mailer specification ### ##################################### -##### @(#)smtp.m4 8.33 (Berkeley) 7/9/96 ##### +##### @(#)smtp.m4 8.38 (Berkeley) 5/19/98 ##### Msmtp, P=[IPC], F=mDFMuX, S=11/31, R=21, E=\r\n, L=990, T=DNS/RFC822/SMTP, diff -ur 2.2.7-RELEASE/etc/services 3.0-RELEASE/etc/services --- 2.2.7-RELEASE/etc/services Wed Jul 22 17:16:24 1998 +++ 3.0-RELEASE/etc/services Sun Oct 18 02:08:33 1998 @@ -6,10 +6,17 @@ # even if the protocol doesn't support UDP operations. # Updated from RFC 1700, ``Assigned Numbers'' (October 1994). All ports # are included. +# +# The lastest IANA port assignments can be gotten from +# http://www.isi.edu/in-notes/iana/assignments/port-numbers +# The Well Known Ports are those from 0 through 1023. +# The Registered Ports are those from 1024 through 49151 +# The Dynamic and/or Private Ports are those from 49152 through 65535 +# # Kerberos services are for Kerberos v4, and are unofficial. Sites running # v5 should uncomment v5 entries and comment v4 entries. # -# $Id: services,v 1.27.2.21 1998/07/04 22:13:30 jdp Exp $ +# $Id: services,v 1.55 1998/09/16 15:42:32 des Exp $ # From: @(#)services 5.8 (Berkeley) 5/9/91 # # WELL KNOWN PORT NUMBERS @@ -84,8 +91,8 @@ ni-ftp 47/udp #NI FTP auditd 48/tcp #Digital Audit Daemon auditd 48/udp #Digital Audit Daemon -#login 49/tcp #Login Host Protocol -#login 49/udp #Login Host Protocol +tacacs 49/tcp #Login Host Protocol (TACACS) +tacacs 49/udp #Login Host Protocol (TACACS) re-mail-ck 50/tcp #Remote Mail Checking Protocol re-mail-ck 50/udp #Remote Mail Checking Protocol la-maint 51/tcp #IMP Logical Address Maintenance @@ -169,8 +176,8 @@ # 87/tcp any private terminal link #PROBLEMS!=========================================================== # 87/udp any private terminal link -kerberos-sec 88/tcp # krb5 # Kerberos (v5) -kerberos-sec 88/udp # krb5 # Kerberos (v5) +kerberos-sec 88/tcp kerberos # krb5 # Kerberos (v5) +kerberos-sec 88/udp kerberos # krb5 # Kerberos (v5) su-mit-tg 89/tcp #SU/MIT Telnet Gateway su-mit-tg 89/udp #SU/MIT Telnet Gateway dnsix 90/tcp #DNSIX Securit Attribute Token Map @@ -202,8 +209,8 @@ gppitnp 103/udp #Genesis Point-to-Point Trans Net acr-nema 104/tcp #ACR-NEMA Digital Imag. & Comm. 300 acr-nema 104/udp #ACR-NEMA Digital Imag. & Comm. 300 -csnet-ns 105/tcp cso-ns #Mailbox Name Nameserver -csnet-ns 105/udp cso-ns #Mailbox Name Nameserver +csnet-ns 105/tcp cso-ns cso #Mailbox Name Nameserver +csnet-ns 105/udp cso-ns cso #Mailbox Name Nameserver pop3pw 106/tcp 3com-tsmux #Eudora compatible PW changer 3com-tsmux 106/udp rtelnet 107/tcp #Remote Telnet Service @@ -262,8 +269,8 @@ statsrv 133/udp #Statistics Service ingres-net 134/tcp #INGRES-NET Service ingres-net 134/udp #INGRES-NET Service -loc-srv 135/tcp #Location Service -loc-srv 135/udp #Location Service +loc-srv 135/tcp epmap #Location Service +loc-srv 135/udp epmap #Location Service profile 136/tcp #PROFILE Naming System profile 136/udp #PROFILE Naming System netbios-ns 137/tcp #NETBIOS Name Service @@ -282,14 +289,18 @@ imap 143/udp imap2 imap4 #Interim Mail Access Protocol v2 NeWS 144/tcp # Window System NeWS 144/udp # Window System +#PROBLEMS!============================================================== +#uma 144/tcp #Universal Management Architecture +#uma 144/udp #Universal Management Architecture +#PROBLEMS!============================================================== uaac 145/tcp #UAAC Protocol uaac 145/udp #UAAC Protocol iso-tp0 146/tcp iso-tp0 146/udp iso-ip 147/tcp iso-ip 147/udp -cronus 148/tcp #CRONUS-SUPPORT -cronus 148/udp #CRONUS-SUPPORT +cronus 148/tcp jargon #CRONUS-SUPPORT +cronus 148/udp jargon #CRONUS-SUPPORT aed-512 149/tcp #AED 512 Emulation Service aed-512 149/udp #AED 512 Emulation Service sql-net 150/tcp @@ -348,7 +359,7 @@ genrad-mux 176/udp xdmcp 177/tcp #X Display Manager Control Protocol xdmcp 177/udp #X Display Manager Control Protocol -nextstep 178/tcp NextStep NeXTStep #NextStep Window Server +NextStep 178/tcp nextstep NeXTStep #NextStep Window Server NextStep 178/udp nextstep NeXTStep #NextStep Window Server bgp 179/tcp #Border Gateway Protocol bgp 179/udp #Border Gateway Protocol @@ -373,7 +384,7 @@ qft 189/tcp #Queued File Transport qft 189/udp #Queued File Transport gacp 190/tcp #Gateway Access Control Protocol -cacp 190/udp #Gateway Access Control Protocol +gacp 190/udp cacp #Gateway Access Control Protocol prospero 191/tcp #Prospero Directory Service prospero 191/udp #Prospero Directory Service osu-nms 192/tcp #OSU Network Monitoring System @@ -410,8 +421,12 @@ at-7 207/udp #AppleTalk Unused at-8 208/tcp #AppleTalk Unused at-8 208/udp #AppleTalk Unused -tam 209/tcp #Trivial Authenticated Mail Protocol -tam 209/udp #Trivial Authenticated Mail Protocol +qmtp 209/tcp #The Quick Mail Transfer Protocol +qmtp 209/udp #The Quick Mail Transfer Protocol +#PROBLEMS!============================================================== +#tam 209/tcp #Trivial Authenticated Mail Protocol +#tam 209/udp #Trivial Authenticated Mail Protocol +#PROBLEMS!============================================================== z39.50 210/tcp wais #ANSI Z39.50 z39.50 210/udp wais #ANSI Z39.50 914c/g 211/tcp #Texas Instruments 914C/G Terminal @@ -424,8 +439,8 @@ vmpwscs 214/udp softpc 215/tcp #Insignia Solutions softpc 215/udp #Insignia Solutions -atls 216/tcp #Access Technology License Server -atls 216/udp #Access Technology License Server +CAIlic 216/tcp atls #Computer Associates Int'l License Server +CAIlic 216/udp atls #Computer Associates Int'l License Server dbase 217/tcp #dBASE Unix dbase 217/udp #dBASE Unix mpp 218/tcp #Netix Message Posting Protocol @@ -440,12 +455,72 @@ rsh-spx 222/udp #Berkeley rshd with SPX auth cdc 223/tcp #Certificate Distribution Center cdc 223/udp #Certificate Distribution Center +direct 242/tcp +direct 242/udp sur-meas 243/tcp #Survey Measurement sur-meas 243/udp #Survey Measurement +dayna 244/tcp +dayna 244/udp link 245/tcp link 245/udp dsp3270 246/tcp #Display Systems Protocol dsp3270 246/udp #Display Systems Protocol + +subntbcst_tftp 247/tcp #subntbcst_tftp +subntbcst_tftp 247/udp #subntbcst_tftp +bhfhs 248/tcp +bhfhs 248/udp +# 249-255 reserved +rap 256/tcp +rap 256/udp +set 257/tcp #secure electronic transaction +set 257/udp #secure electronic transaction +yak-chat 258/tcp #yak winsock personal chat +yak-chat 258/udp #yak winsock personal chat +esro-gen 259/tcp #efficient short remote operations +esro-gen 259/udp #efficient short remote operations +openport 260/tcp +openport 260/udp +nsiiops 261/tcp #iiop name service over tls/ssl +nsiiops 261/udp #iiop name service over tls/ssl +arcisdms 262/tcp +arcisdms 262/udp +hdap 263/tcp +hdap 263/udp +bgmp 264/tcp +bgmp 264/udp +# 265-279 unassigned +http-mgmt 280/tcp +http-mgmt 280/udp +personal-link 281/tcp +personal-link 281/udp +cableport-ax 282/tcp #cable port a/x +cableport-ax 282/udp #cable port a/x +# 283-307 unassigned +novastorbakcup 308/tcp #novastor backup +novastorbakcup 308/udp #novastor backup +entrusttime 309/tcp +entrusttime 309/udp +bhmds 310/tcp +bhmds 310/udp +asip-webadmin 311/tcp #appleshare ip webadmin +asip-webadmin 311/udp #appleshare ip webadmin +vslmp 312/tcp +vslmp 312/udp +magenta-logic 313/tcp +magenta-logic 313/udp +opalis-robot 314/tcp +opalis-robot 314/udp +dpsi 315/tcp +dpsi 315/udp +decauth 316/tcp +decauth 316/udp +zannet 317/tcp +zannet 317/udp +# 318-320 #unassigned +pip 321/tcp +pip 321/udp +# 322-343 #unassigned pdap 344/tcp #Prospero Data Access Protocol pdap 344/udp #Prospero Data Access Protocol pawserv 345/tcp #Perf Analysis Workbench @@ -456,14 +531,64 @@ fatserv 347/udp #Fatmen Server csi-sgwp 348/tcp #Cabletron Management Protocol csi-sgwp 348/udp #Cabletron Management Protocol + + +mftp 349/tcp +mftp 349/udp +matip-type-a 350/tcp #MATIP Type A +matip-type-a 350/udp +matip-type-b 351/tcp #MATIP Type B +matip-type-b 351/udp +bhoetty 351/tcp #unassigned but widespread use +bhoetty 351/udp #unassigned but widespread use +dtag-ste-sb 352/tcp #DTAG +dtag-ste-sb 352/udp #DTAG +bhoedap4 352/tcp #unassigned but widespread use +bhoedap4 352/udp #unassigned but widespread use +ndsauth 353/tcp +ndsauth 353/udp +bh611 354/tcp +bh611 354/udp +datex-asn 355/tcp +datex-asn 355/udp +cloanto-net-1 356/tcp #Cloanto Net 1 +cloanto-net-1 356/udp +bhevent 357/tcp +bhevent 357/udp +shrinkwrap 358/tcp +shrinkwrap 358/udp +tenebris_nts 359/tcp #Tenebris Network Trace Service +tenebris_nts 359/udp #Tenebris Network Trace Service +scoi2odialog 360/tcp +scoi2odialog 360/udp +semantix 361/tcp +semantix 361/udp +srssend 362/tcp #SRS Send +srssend 362/udp #SRS Send +rsvp_tunnel 363/tcp +rsvp_tunnel 363/udp +aurora-cmgr 364/tcp +aurora-cmgr 364/udp +dtk 365/tcp #Deception Tool Kit - Fred Cohen +dtk 365/udp #Deception Tool Kit - Fred Cohen +odmr 366/tcp +odmr 366/udp +mortgageware 367/tcp +mortgageware 367/udp +qbikgdp 368/tcp #QbikGDP +qbikgdp 368/udp +rpc2portmap 369/tcp +rpc2portmap 369/udp +codaauth2 370/tcp +codaauth2 370/udp clearcase 371/tcp clearcase 371/udp -ulistserv 372/tcp #Unix Listserv -ulistserv 372/udp #Unix Listserv -legent-1 373/tcp #Legent Corporation -legent-1 373/udp #Legent Corporation -legent-2 374/tcp #Legent Corporation -legent-2 374/udp #Legent Corporation +ulistserv 372/tcp ulistproc #Unix Listserv +ulistserv 372/udp ulistproc #Unix Listserv +legent-1 373/tcp #Legent Corporation (now Computer Associates Intl.) +legent-1 373/udp #Legent Corporation (now Computer Associates Intl.) +legent-2 374/tcp #Legent Corporation (now Computer Associates Intl.) +legent-2 374/udp #Legent Corporation (now Computer Associates Intl.) hassle 375/tcp hassle 375/udp nip 376/tcp #Amiga Envoy Network Inquiry Proto @@ -611,8 +736,8 @@ ddm-rdb 446/udp ddm-dfm 447/tcp ddm-dfm 447/udp -ddm-byte 448/tcp -ddm-byte 448/udp +ddm-ssl 448/tcp ddm-byte +ddm-ssl 448/udp ddm-byte as-servermap 449/tcp #AS Server Mapper as-servermap 449/udp #AS Server Mapper tserver 450/tcp @@ -643,8 +768,108 @@ datasurfsrvsec 462/udp alpes 463/tcp alpes 463/udp +# +kpasswd5 464/tcp # Kerberos (v5) +kpasswd5 464/udp # Kerberos (v5) +#PROBLEMS!============================================================== +# IANA has offically assigned these two ports as ``kpasswd'' #kpasswd 464/tcp # Kerberos (v5) #kpasswd 464/udp # Kerberos (v5) +#PROBLEMS!============================================================== +smtps 465/tcp #smtp protocol over TLS/SSL (was ssmtp) +smtps 465/udp #smtp protocol over TLS/SSL (was ssmtp) +digital-vrc 466/tcp +digital-vrc 466/udp +mylex-mapd 467/tcp +mylex-mapd 467/udp +photuris 468/tcp +photuris 468/udp +rcp 469/tcp #Radio Control Protocol +rcp 469/udp #Radio Control Protocol +scx-proxy 470/tcp +scx-proxy 470/udp +mondex 471/tcp +mondex 471/udp +ljk-login 472/tcp +ljk-login 472/udp +hybrid-pop 473/tcp +hybrid-pop 473/udp +tn-tl-w1 474/tcp +tn-tl-w2 474/udp +tcpnethaspsrv 475/tcp +tcpnethaspsrv 475/udp +tn-tl-fd1 476/tcp +tn-tl-fd1 476/udp +ss7ns 477/tcp +ss7ns 477/udp +spsc 478/tcp +spsc 478/udp +iafserver 479/tcp +iafserver 479/udp +iafdbase 480/tcp +iafdbase 480/udp +ph 481/tcp +ph 481/udp +bgs-nsi 482/tcp +bgs-nsi 482/udp +ulpnet 483/tcp +ulpnet 483/udp +integra-sme 484/tcp #Integra Software Management Environment +integra-sme 484/udp #Integra Software Management Environment +powerburst 485/tcp #Air Soft Power Burst +powerburst 485/udp #Air Soft Power Burst +avian 486/tcp +avian 486/udp +saft 487/tcp #saft Simple Asynchronous File Transfer +saft 487/udp #saft Simple Asynchronous File Transfer +gss-http 488/tcp +gss-http 488/udp +nest-protocol 489/tcp +nest-protocol 489/udp +micom-pfs 490/tcp +micom-pfs 490/udp +go-login 491/tcp +go-login 491/udp +ticf-1 492/tcp #Transport Independent Convergence for FNA +ticf-1 492/udp #Transport Independent Convergence for FNA +ticf-2 493/tcp #Transport Independent Convergence for FNA +ticf-2 493/udp #Transport Independent Convergence for FNA +pov-ray 494/tcp +pov-ray 494/udp +intecourier 495/tcp +intecourier 495/udp +pim-rp-disc 496/tcp +pim-rp-disc 496/udp +dantz 497/tcp +dantz 497/udp +siam 498/tcp +siam 498/udp +iso-ill 499/tcp #ISO ILL Protocol +iso-ill 499/udp #ISO ILL Protocol +isakmp 500/tcp +isakmp 500/udp +stmf 501/tcp +stmf 501/udp +asa-appl-proto 502/tcp +asa-appl-proto 5