diff -urN 3.1-RELEASE/etc/defaults/rc.conf 3.2-RELEASE/etc/defaults/rc.conf --- 3.1-RELEASE/etc/defaults/rc.conf Mon Feb 15 19:45:33 1999 +++ 3.2-RELEASE/etc/defaults/rc.conf Tue May 18 12:41:46 1999 @@ -9,7 +9,7 @@ # # All arguments must be in double or single quotes. # -# $Id: rc.conf,v 1.1 1999/02/09 22:15:18 jkh Exp $ +# $Id: rc.conf,v 1.1.2.5 1999/05/11 12:21:22 newton Exp $ ############################################################## ### Important initial Boot-time options ##################### @@ -32,10 +32,12 @@ hostname="myname.my.domain" # Set this! nisdomainname="NO" # Set to NIS domain if using NIS (or NO). firewall_enable="NO" # Set to YES to enable firewall functionality +firewall_script="/etc/rc.firewall" # Which script to run to set up the firewall firewall_type="UNKNOWN" # Firewall type (see /etc/rc.firewall) firewall_quiet="NO" # Set to YES to suppress rule display +natd_program="/sbin/natd" # path to natd, if you want a different one. natd_enable="NO" # Enable natd (if firewall_enable == YES). -natd_interface="fxp0" # Public interface to use with natd. +natd_interface="fxp0" # Public interface or IPaddress to use. natd_flags="" # Additional flags for natd. tcp_extensions="NO" # Disallow RFC1323 extensions (or YES). network_interfaces="lo0" # List of network interfaces (lo0 is loopback). @@ -81,6 +83,7 @@ rpc_lockd_enable="NO" # Run NFS rpc.lockd (*broken!*) if nfs_server. rpc_statd_enable="YES" # Run NFS rpc.statd if nfs_server (or NO). portmap_enable="YES" # Run the portmapper service (or NO). +portmap_program="/usr/sbin/portmap" # path to portmap, if you want a different one. portmap_flags="" # Flags to portmap (if enabled). rpc_ypupdated_enable="NO" # Run if NIS master and SecureRPC (or NO). keyserv_enable="NO" # Run the SecureRPC keyserver (or NO). @@ -178,17 +181,18 @@ cron_enable="YES" # Run the periodic job daemon. lpd_enable="NO" # Run the line printer daemon. +lpd_program="/usr/sbin/lpd" # path to lpd, if you want a different one. lpd_flags="" # Flags to lpd (if enabled). usbd_enable="NO" # Run the usbd daemon. usbd_flags="" # Flags to usbd (if enabled). sendmail_enable="YES" # Run the sendmail daemon (or NO). -sendmail_flags="-bd -q30m" # -bd is pretty mandatory. +sendmail_flags="-bd -q30m" # Flags to sendmail (if enabled) dumpdev="NO" # Device name to crashdump to (if enabled). -check_quotas="NO" # Check quotas (or NO). +enable_quotas="NO" # turn on quotas on startup (or NO). +check_quotas="NO" # Check quotas on startup (or NO). accounting_enable="NO" # Turn on process accounting (or NO). ibcs2_enable="NO" # Ibcs2 (SCO) emulation loaded at startup (or NO). linux_enable="NO" # Linux emulation loaded at startup (or NO). -svr4_enable="NO" # SysVR4 emulation loaded at startup (or NO). rand_irqs="NO" # Stir the entropy pool (like "5 11" or NO). clear_tmp_enable="NO" # Clear /tmp at startup. ldconfig_paths="/usr/lib/compat /usr/X11R6/lib /usr/local/lib" @@ -198,7 +202,9 @@ kern_securelevel_enable="NO" # kernel security level (see init(8)), kern_securelevel="-1" # range: -1..3 ; `-1' is the most insecure update_motd="YES" # update version info in /etc/motd (or NO) +start_vinum="" # set to YES to start vinum vinum_drives="" # put in names of disks containing vinum drives + # to start vinum on only specific disks. ############################################################## ### Allow local configuration override at the very end here ## diff -urN 3.1-RELEASE/etc/ftpusers 3.2-RELEASE/etc/ftpusers --- 3.1-RELEASE/etc/ftpusers Mon Feb 15 19:45:33 1999 +++ 3.2-RELEASE/etc/ftpusers Tue May 18 12:41:45 1999 @@ -1,4 +1,4 @@ -# $Id: ftpusers,v 1.4 1998/09/02 01:34:55 brian Exp $ +# $Id: ftpusers,v 1.4.2.1 1999/05/02 13:07:01 kris Exp $ # # list of users disallowed any ftp access. # read by ftpd(8). @@ -7,9 +7,13 @@ daemon operator bin +tty +kmem games news man +bind uucp xten +pop nobody diff -urN 3.1-RELEASE/etc/hosts.allow 3.2-RELEASE/etc/hosts.allow --- 3.1-RELEASE/etc/hosts.allow Thu Jan 1 09:00:00 1970 +++ 3.2-RELEASE/etc/hosts.allow Tue May 18 12:41:45 1999 @@ -0,0 +1,58 @@ +# +# hosts.allow access control file for "tcp wrapped" apps. +# $Id: hosts.allow,v 1.2.2.2 1999/05/11 01:35:01 obrien Exp $ +# +# NOTE: The hosts.deny file is not longer used. Instead, put both 'allow' +# and 'deny' rules in the hosts.allow file. +# see hosts_options(5) for the format of this file. +# hosts_access(5) no longer fully applies. + +# This is an example! You will need to modify it for your specific +# requirements! + +# Start by allowing everything (this prevents the rest of the file +# from working, so remove it when you need protection). +# The rules here work on a "First match wins" basis. +ALL : ALL : allow + +# Wrapping sshd(8) is not normally a good idea, but if you +# need to do it, here's how +#sshd : .evil.cracker.example.com : deny + +# Prevent those with no reverse DNS from connecting. +ALL : PARANOID : RFC931 20 : deny + +# Allow anything from localhost +ALL : localhost : allow +ALL : my.machine.example.com : allow + +# Sendmail can help protect you against spammers and relay-rapers +sendmail : localhost : allow +sendmail : .nice.guy.example.com : allow +sendmail : .evil.cracker.example.com : deny +sendmail : ALL : allow + +# Portmapper is used for all RPC services; protect your NFS! +portmap : localhost : allow +portmap : .nice.guy.example.com : allow +portmap : .evil.cracker.example.com : deny +portmap : ALL : allow + +# Provide a small amount of protection for ftpd +ftpd : localhost : allow +ftpd : .nice.guy.example.com : allow +ftpd : .evil.cracker.example.com : deny +ftpd : ALL : allow + +# You need to be clever with finger; do _not_ backfinger!! You can easily +# start a "finger war". +fingerd : ALL \ + : spawn (echo Finger. | \ + /usr/bin/mail -s "tcpd\: %u@%h[%a] fingered me!" root) & \ + : deny + +# The rest of the daemons are protected. Backfinger and log by email. +ALL : ALL \ + : severity auth.info : spawn (/usr/bin/finger -l @%h | \ + /usr/bin/mail -s "tcpd\: %u@%h[%a] tried to use %d (denied)" root) & \ + : twist /bin/echo "You are not welcome to use %d from %h." diff -urN 3.1-RELEASE/etc/login.conf 3.2-RELEASE/etc/login.conf --- 3.1-RELEASE/etc/login.conf Mon Feb 15 19:45:33 1999 +++ 3.2-RELEASE/etc/login.conf Tue May 18 12:41:45 1999 @@ -9,7 +9,7 @@ # This file controls resource limits, accounting limits and # default user environment settings. # -# $Id: login.conf,v 1.26.2.1 1999/01/26 07:29:43 dg Exp $ +# $Id: login.conf,v 1.26.2.3 1999/05/11 07:10:03 jkh Exp $ # # Default settings effectively disable resource limits, see the @@ -23,7 +23,7 @@ :copyright=/etc/COPYRIGHT:\ :welcome=/etc/motd:\ :setenv=MAIL=/var/mail/$,BLOCKSIZE=K:\ - :path=~/bin /bin /usr/bin /usr/local/bin:\ + :path=~/bin /bin /usr/bin /usr/local/bin /usr/X11R6/bin:\ :nologin=/var/run/nologin:\ :cputime=unlimited:\ :datasize=unlimited:\ @@ -137,7 +137,7 @@ # :maxproc=32:\ # :priority=0:\ # :requirehome:\ -# :passwordperiod=90d:\ +# :passwordtime=90d:\ # :umask=002:\ # :ignoretime@:\ # :tc=default: @@ -255,7 +255,7 @@ ## #site:\ # :ignoretime:\ -# :passwordperiod@:\ +# :passwordtime@:\ # :refreshtime@:\ # :refreshperiod@:\ # :sessionlimit@:\ diff -urN 3.1-RELEASE/etc/mail/Makefile 3.2-RELEASE/etc/mail/Makefile --- 3.1-RELEASE/etc/mail/Makefile Mon Feb 15 19:45:43 1999 +++ 3.2-RELEASE/etc/mail/Makefile Tue May 18 12:41:59 1999 @@ -1,45 +1,6 @@ -# $Id: Makefile,v 1.5 1998/09/13 23:14:20 brian Exp $ - -default: -.if exists(/etc/mail/ips.txt) - mv -f /etc/mail/ips.txt /etc/mail/ips.txt.0 -.endif - fetch ftp://ftp.gulf.net/pub/docs/ips.txt - sort ips.txt > block_ips.txt - touch allowsorted_ips.txt -.if exists(/etc/mail/allow_ips.txt) - sort allow_ips.txt > allowsorted_ips.txt -.endif - comm -23 block_ips.txt allowsorted_ips.txt | \ - cut -d ' ' -f 1 | \ - sed -e 's/$$/ #blocked. contact postmaster/' > \ - /etc/mail/block_ips.new - rm allowsorted_ips.txt - mv /etc/mail/block_ips.new /etc/mail/block_ips.txt -.if exists(/etc/mail/domains.txt) - mv -f /etc/mail/domains.txt /etc/mail/domains.txt.0 -.endif - fetch ftp://ftp.gulf.net/pub/docs/domains.txt - sort domains.txt > block_domains.txt - touch allowsorted_domains.txt -.if exists(/etc/mail/allow_domains.txt) - sort allow_domains.txt > allowsorted_domains.txt -.endif - comm -23 block_domains.txt allowsorted_domains.txt | \ - cut -d ' ' -f 1 | \ - sed -e 's/$$/ #blocked. contact postmaster/' > \ - /etc/mail/block_domains.new - rm allowsorted_domains.txt - mv /etc/mail/block_domains.new /etc/mail/block_domains.txt +# $Id: Makefile,v 1.5.2.2 1999/05/11 03:20:44 jmb Exp $ install: - /usr/sbin/makemap hash /etc/mail/spamsites < /etc/mail/block_domains.txt -.if exists(/etc/mail/spamsites.local) - /usr/sbin/makemap -o hash /etc/mail/spamsites < /etc/mail/spamsites.local -.endif - /usr/sbin/makemap hash /etc/mail/denyip < /etc/mail/block_ips.txt -.if exists(/etc/mail/denyip.local) - /usr/sbin/makemap -o hash /etc/mail/denyip < /etc/mail/denyip.local -.endif + /usr/sbin/makemap hash /etc/mail/access < /etc/mail/access -all: default install +all: install diff -urN 3.1-RELEASE/etc/mail/README 3.2-RELEASE/etc/mail/README --- 3.1-RELEASE/etc/mail/README Mon Feb 15 19:45:43 1999 +++ 3.2-RELEASE/etc/mail/README Tue May 18 12:41:59 1999 @@ -1,97 +1,17 @@ -# $Id: README,v 1.5 1998/09/02 01:34:57 brian Exp $ +# $Id: README,v 1.5.2.2 1999/05/11 03:20:45 jmb Exp $ Filtering out SPAM from your site + Sendmail now includes excellent tools block spam. These +tools are available as FEATUREs that you can add to your site's +.mc file. Proper use of these FEATUREs will prevent spammer from +using your site as a relay as well as significantly decrease the +amount of spam that arrives at your site. No set of anti-spam +tools will block all spam without blocking some portion of legitimate +mail as well. Therefore, these FEATUREs are designed to prevent +as much spam as possible without blocking legitimate mail. + + These tools are discussed in /usr/src/contrib/sendmail/cf/README. +Read the section entitled "ANTI-SPAM CONFIGURATION CONTROL". Example +usage and additional tools can be found in +/usr/src/contrib/sendmail/cf/cf/knecht.mc. -Introduction: - The FreeBSD Project filters spam, unsolicited commerical -e-mail, from its mailing lists. The filter has two parts: databases -and rulesets. We have rulesets to /etc/sendmail.cf, check_rcpt, -check_relay, check_rbl, check_mail and xlat. (xlat is for testing -only, as explained in /etc/mail/sendmail.cf.additions.) These -rulesets use three databases. The denyip, a list of IP addresses, -spamsites, a list of domains, and fakenames, a list of bogus -usernames (such as investor and success). We do not accept mail -from any machine that matches a entry in either database, or users -in the fakenames database. - - WARNING: We do not maintain the database source files. - Read domain.txt and ips.txt. - (Make will fetch them for you) - Domains that you want to allow, should be added - to the file /etc/mail/allowed_domains.txt. - IP addresses that you want to allow, should be added - to the file /etc/mail/allowed_ips.txt. - -Filtering at your site: - To filter spam at your site you need to: - 1. modify your /etc/sendmail.cf, - 2. retrieve the database source files from the master site, - 3. make the databases and - 4. finally signal sendmail that the configuration file has changed. - -1. Modifying your /etc/sendmail.cf - Add the database declarations and the rulesets contained -in /etc/mail/sendmail.cf.additions to your .mc file. If you do -not use m4 to generate your /etc/sendmail.cf, add the database -declarations to your /etc/sendmail.cf. - -2. Fetching the database source files: - - The database source files are available from Gulf Coast -Internet via anonymous FTP. The Makefile in /etc/mail will retreive -the source files for you: as root, type "cd /etc/mail; make" at -the command line. The previous version of the database source -files is moved to .0. - - Local additions should be kept in separate files. We use -spamsites.local and denyip.local. You may want to diff the new -versions of the files against the previous versions to see what -has changed. - - Local deletions should be kept in separate files. We use -allowed_domain.txt and allowed_ips.txt. (This feature was added -after netcom.com was added to the spam block list.) - -3. Make the databases: - As root, type "cd /etc/mail; make install" will build the -two databases from the retrieved source files and the local additions -files. - -4. Signaling sendmail: - Sendmail will reread its configuration whenever sendmail -receives a HUP signal. As root, type "kill -HUP `cat -/var/run/sendmail.pid`". Check sendmail's log file to be sure that -it has restarted. /var/log/maillog should contain the line: "Oct -15 08:59:16 hub sendmail[6565]: restarting /usr/sbin/sendmail on -signal". Most likely, the date, time, hostname and process id will -be differ. - -Testing the spam filter: - -How can I tell if its working: - The mail log file, /var/log/maillog, will contain a line -for every message filtered. The lines will be similar to one of -these two log entries: - -Check_mail rejects: -Oct 15 02:43:26 hub sendmail[6565]: CAA06565: ruleset=check_mail, -arg1=, relay=xxx.isp.net [###.###.###.###], -reject=521 - -Nov 30 15:56:37 hub sendmail[15058]: PAA15058: ruleset=check_mail, -arg1=, relay=relay.somewhere.com -[###.###.###.###], reject=451 ... Domain -does not resolve - - -Check_relay rejects: -Oct 19 04:45:24 hub sendmail[3503]: NOQUEUE: ruleset=check_relay, -arg1=imsp015.netvigator.com, arg2=205.252.144.206, relay=root@localhost, -reject=521 blocked.contact postmaster@FreeBSD.ORG - -check_rcpt reject: -Nov 30 15:04:08 hub sendmail[12390]: PAA12390: ruleset=check_rcpt, -arg1=investor@100percent.per.year.com, relay=newfed.frb.gov -[198.3.221.5], reject=553 investor@100percent.per.year.com... -521#blocked.contact postmaster -Sun Nov 16 11:40:53 PST 1997 diff -urN 3.1-RELEASE/etc/mail/sendmail.cf.additions 3.2-RELEASE/etc/mail/sendmail.cf.additions --- 3.1-RELEASE/etc/mail/sendmail.cf.additions Mon Feb 15 19:45:43 1999 +++ 3.2-RELEASE/etc/mail/sendmail.cf.additions Thu Jan 1 09:00:00 1970 @@ -1,125 +0,0 @@ -# $Id: sendmail.cf.additions,v 1.10 1998/09/02 01:34:57 brian Exp $ -# -# list of hosts and domains for whom we relay mail. -# all .forward hosts, domains must be listed in this file. -# same for hosts and domains in /etc/aliases -F{LocalIP}-o /etc/mail/Local-IP -F{RelayTo}-o /etc/mail/Relay-Hosts - -# database declarations -Kdenyip hash -o -a.REJECT /etc/mail/denyip.db -Kfakenames hash -o -a.REJECT /etc/mail/fakenames.db -Kspamsites hash -o -a.REJECT /etc/mail/spamsites.db - -# helper rulsesets; useful for debugging sendmail configurations -# -# -Scheck_rbl -# lookup up an ip address in the Realtime Blackhole List. -R$-.$-.$-.$- $: $(host $4.$3.$2.$1.rbl.maps.vix.com $:OK $) - -Sxlat # for sendmail -bt -# sendmail treats "$" and "|" as two distinct tokens -# this rule "pastes" them together into one token -# and then calls check_relay. -R$* $$| $* $: $1 $| $2 -R$* $| $* $@ $>check_relay $1 $| $2 - -Scheck_relay -# called with "hostname.tld $| IP address" of connecting host. -# hostname.tld is the fully-qualified domain name -# IP address is dotted-quad with surrounding "[]" brackets. -# -# each group of rules in this ruleset is independent. -# each accepts and return "hostname.tld $| IP address" -# use the ones that you want comment out the rest -# you may rearrange the groups but not the rules in each group. -# each group is preceded and followed by a comment -# -# host must NOT be in the "spamsites" database--BEGIN -R$* $| $* $: <$1 $| $2> $1 -R<$*> $+.$+.$+ <$1> $3.$4 -R<$*> $+.$+ $: <$1> $(spamsites $2.$3 $) -R<$*> $*.REJECT $#error $: 521 blocked. contact postmaster@$m -R<$*> $* $: $1 -# host must NOT be in the "spamsites" database--END -# ip address must NOT be in the "denyip" database--BEGIN -R$* $| $* $: $1 $| $(denyip $2 $) -R$* $| $*.REJECT $#error $: 521 blocked. contact postmaster@$m -# ip address must NOT be in the "denyip" database--END -R$* $@ OK - -Scheck_mail -# called with envelope sender (everything after ":") in -# "Mail From: xxx", of SMTP conversation -# may or may not have "<" ">" -# the groups of rules in this ruleset ARE NOT independent. -# "remove all RFC-822 comments" must come first -# "Connecting Host" and "Paul Vixie's RBL" must be last -# -# use the ones that you want comment out the rest -# each group is preceded and followed by a comment -# -# remove all RFC-822 comments--BEGIN -# MUST be first rule in check_mail rulseset. -R$* $: $>3 $1 -# remove all RFC-822 comments--END -# mail must come from a DNS resolvable host--BEGIN -R$* < @ $+ . > $: $1 @ $2 -R$* < @ $+ > $#error $@ 4.1.8 $: "451 Domain does not resolve" -# mail must come from a DNS resolvable host--END -# mail must NOT come from a known source of spam--BEGIN -R$+ @$+ $: <$1@$2> $2 -R<$*> $+.$+.$+ <$1> $3.$4 -R<$*> $* $: $(spamsites $2 $: OK $) -R$+.REJECT $#error $@ 5.7.1 $: 550 $1 -R<$*> $* $: $1 -# mail must NOT come from a known source of spam--END -# Connecting Host must resolve--BEGIN -R$* $: $1 $: $(dequote "" $&{client_name} $) -R$* $: $>3 foo@$1 -R<$*> $*<@$*> $#error $@ 4.1.8 $: "451 Domain does not resolve" -# Connecting Host must resolve--END -# ip address must NOT be in Paul Vixie's RBL--BEGIN -R$* $: $1 $: $(dequote "" $&{client_addr} $) -R$* $: $>check_rbl $1 -R$*.com. $#error $@ 5.7.1 $: "550 Mail refused, see http://maps.vix.com/rbl" -# ip address must NOT be in Paul Vixie's RBL--END -R$* $@ OK - -Scheck_rcpt -# called with envelope recipient (everything after ":") in -# "Rcpt To: xxx", of SMTP conversation -# may or may not have "<" ">" and or RFC-822 comments. -# let ruleset 3 clean this up for us. -# -# do NOT reorder these two groups of rules. -# restrict mail relaying to host and domains listed in /etc/sendmail.cR -# -# mail must NOT be addressed "fakenames"--BEGIN -R$* $: <$1> $>3 $1 -R<$*> $+ < @ $+ > $: <$1> $(fakenames $2 $: OK $) -R$+.REJECT $#error $@ 5.2.1 $: 550 $1 -R<$*> $* $: $1 -# mail must NOT be addressed "fakenames"--END -# mail must come from or go to this machine or machines we allow to relay--BEGIN -# from http://www.informatik.uni-kiel.de/%7Eca/email/check.html#check_rcpt -R$+ $: $(dequote "" $&{client_addr} $) $| $1 -R0 $| $* $@ ok -R$={LocalIP}$* $| $* $@ ok -# not local, check rcpt -R$* $| $* $: $>3 $2 -# remove local part, maybe repeatedly -R$+ $:$>removelocal $1 -# still something left? -R$*<@$+>$* $#error $@ 5.7.1 $: 550 we do not relay -# -Sremovelocal -# remove RelayTo part (maybe repeatedly) -# R$*<@$*$={RelayTo}.>$* $>3 $1 $4 -R$*<@$=w.>$* $: $>removelocal $>3 $1 $3 -R$*<@$*>$* $@ $1<@$2>$3 -# dequote local part -R$- $: $>3 $(dequote $1 $) -R$*<@$*>$* $: $>removelocal $1<@$2>$3 -# mail must come from or go to this machine or machines we allow to relay--END diff -urN 3.1-RELEASE/etc/make.conf 3.2-RELEASE/etc/make.conf --- 3.1-RELEASE/etc/make.conf Mon Feb 15 19:45:33 1999 +++ 3.2-RELEASE/etc/make.conf Tue May 18 12:41:45 1999 @@ -1,4 +1,4 @@ -# $Id: make.conf,v 1.73.2.1 1999/02/03 22:26:35 asami Exp $ +# $Id: make.conf,v 1.73.2.2 1999/03/14 19:06:39 billf Exp $ # # This file, if present, will be read by make (see /usr/share/mk/sys.mk). # It allows you to override macro definitions to make without changing @@ -155,6 +155,8 @@ #MASTER_SITE_KDE= ftp://ftp.kde.org/pub/kde/%SUBDIR%/ #MASTER_SITE_COMP_SOURCES= ftp://gatekeeper.dec.com/pub/usenet/comp.sources.%SUBDIR%/ #MASTER_SITE_GNOME= ftp://ftp.gnome.org/pub/GNOME/sources/%SUBDIR%/ +#MASTER_SITE_AFTERSTEP= ftp://ftp.afterstep.org/%SUBDIR%/ +#MASTER_SITE_WINDOWMAKER= ftp://ftp.windowmaker.org/pub/%SUBDIR%/ # # # Kerberos IV diff -urN 3.1-RELEASE/etc/motd 3.2-RELEASE/etc/motd --- 3.1-RELEASE/etc/motd Mon Feb 15 19:45:33 1999 +++ 3.2-RELEASE/etc/motd Tue May 18 12:41:45 1999 @@ -1,10 +1,21 @@ FreeBSD ?.?.? (UNKNOWN) -Welcome to FreeBSD! +Welcome to FreeBSD! You will find security advisories and updated +errata information for all releases at http://www.FreeBSD.ORG/releases/ -If the doc distribution has been loaded on this machine, the FreeBSD -Handbook will be in file:/usr/share/doc/handbook and the FAQ in -file:/usr/share/doc/FAQ +Before asking for technical assistance: + 1. Consult the ERRATA section for your release at the URL above. -Type /stand/sysinstall to re-enter the installation and configuration utility. + 2. Search the Handbook, FAQ, and mail archives at + http://www.FreeBSD.ORG/search.html. If the doc distribution is + installed on this machine, you will also find the formatted FAQ + and Handbook documents in /usr/share/doc/ + + 3. If you still have a question or problem, collect the output of + `uname -a' along with error messages from whatever part of the + system you are having problems with and email it as a question + to the questions@FreeBSD.ORG mailing list. + +You may also use `/stand/sysinstall' to re-enter the installation and +configuration utility. Edit /etc/motd to change this login announcement. diff -urN 3.1-RELEASE/etc/mtree/BSD.root.dist 3.2-RELEASE/etc/mtree/BSD.root.dist --- 3.1-RELEASE/etc/mtree/BSD.root.dist Mon Feb 15 19:45:43 1999 +++ 3.2-RELEASE/etc/mtree/BSD.root.dist Tue May 18 12:41:59 1999 @@ -1,4 +1,4 @@ -# $Id: BSD.root.dist,v 1.37.2.1 1999/02/09 22:35:34 jkh Exp $ +# $Id: BSD.root.dist,v 1.37.2.2 1999/04/25 04:11:48 dcs Exp $ # /set type=dir uname=root gname=wheel mode=0755 @@ -6,6 +6,8 @@ bin .. boot + defaults + .. .. /set type=dir uname=root gname=wheel mode=0555 dev mode=0755 diff -urN 3.1-RELEASE/etc/mtree/BSD.usr.dist 3.2-RELEASE/etc/mtree/BSD.usr.dist --- 3.1-RELEASE/etc/mtree/BSD.usr.dist Mon Feb 15 19:45:43 1999 +++ 3.2-RELEASE/etc/mtree/BSD.usr.dist Tue May 18 12:41:59 1999 @@ -1,4 +1,4 @@ -# $Id: BSD.usr.dist,v 1.146.2.1 1999/02/02 06:05:13 jhay Exp $ +# $Id: BSD.usr.dist,v 1.146.2.3 1999/05/05 13:26:39 markm Exp $ # /set type=dir uname=root gname=wheel mode=0755 @@ -33,7 +33,7 @@ stallion .. perl - 5.00502 + 5.00503 B .. CGI @@ -366,6 +366,8 @@ portal .. ppi + .. + ppp .. printing .. diff -urN 3.1-RELEASE/etc/mtree/BSD.var.dist 3.2-RELEASE/etc/mtree/BSD.var.dist --- 3.1-RELEASE/etc/mtree/BSD.var.dist Mon Feb 15 19:45:43 1999 +++ 3.2-RELEASE/etc/mtree/BSD.var.dist Tue May 18 12:41:59 1999 @@ -1,4 +1,4 @@ -# $Id: BSD.var.dist,v 1.38 1998/12/16 05:50:25 peter Exp $ +# $Id: BSD.var.dist,v 1.38.2.2 1999/03/31 13:39:46 asami Exp $ # /set type=dir uname=root gname=wheel mode=0755 @@ -22,6 +22,8 @@ .. .. db mode=0755 + pkg mode=0755 + .. .. /set type=dir uname=root gname=wheel mode=0755 games gname=games mode=0775 diff -urN 3.1-RELEASE/etc/pccard.conf.sample 3.2-RELEASE/etc/pccard.conf.sample --- 3.1-RELEASE/etc/pccard.conf.sample Mon Feb 15 19:45:33 1999 +++ 3.2-RELEASE/etc/pccard.conf.sample Tue May 18 12:41:45 1999 @@ -8,7 +8,7 @@ # IRQ == 0 means "allocate free IRQ from IRQ pool" # IRQ == 16 means "do not use IRQ (e.g. PIO mode)" # -# $Id: pccard.conf.sample,v 1.24.2.1 1999/02/05 09:42:27 markm Exp $ +# $Id: pccard.conf.sample,v 1.24.2.7 1999/05/04 08:39:49 brian Exp $ # Generally available IO ports io 0x240-0x360 @@ -153,6 +153,12 @@ insert /etc/pccard_ether ed0 remove /sbin/ifconfig ed0 delete +# D-Link DE-660 NE2000 clone +card "D-Link" "DE-660" + config 0x20 "ed0" ? 0x10 + insert /etc/pccard_ether ed0 link0 -link1 + remove /sbin/ifconfig ed0 delete + # AIWA PV-JF288 card "AIWA CO.,LTD." "PV-JF288 " config 0x23 "sio2" 10 @@ -290,6 +296,18 @@ insert echo Xircom CreditCard Modem inserted remove echo Xircom CreditCard Modem removed +# Xircom CreditCard Ethernet 10/100 + modem (modem only) +card "Xircom" "CreditCard Ethernet 10/100 + " + config 0x1f "sio3" 10 + insert echo Xircom CreditCard Modem inserted + remove echo Xircom CreditCard Modem removed + +# Xircom GlobalACCESS modem +card "Xircom" "CreditCard Modem 56 - GlobalA" + config 0x1f "sio2" 11 + insert echo Xircom CreditCard Modem 56 - GlobalACCESS inserted + remove echo Xircom CreditCard Modem 56 - GlobalACCESS removed + # GATEWAY 2000 FAX/Data Modem (14.4K) card "GATEWAY2000" "CC3144" config 0x22 "sio3" 7 @@ -328,6 +346,12 @@ insert echo 3Com PCMCIA 56K Modem inserted remove echo 3Com PCMCIA 56K Modem removed +# 3Com/NoteWorthy 56K modem (bundled with Toshiba notebooks) +card "Toshiba America" "3CXM056-BNW" + config 0x20 "sio1" 3 + insert echo NoteWorthy 56K PCMCIA Modem inserted + remove echo NoteWorthy 56K PCMCIA Modem removed + # BUG Linkboy D64K (ISDN) card "BUG Inc." "Linkboy D64K" config 0x23 "sio2" 3 @@ -403,3 +427,55 @@ # Libretto Floppy disk card "Y-E DATA" "External FDD" config 0x4 "fdc0" 10 + +# Viking V.90/K56Flex modem +card "Viking" "V.90 K56flex" + config 0x23 "sio3" 9 + insert echo Viking 56K Modem inserted + remove echo Viking 56K Modem removed + +# Zoom 56K modem +card "Zoom Telephonics, Inc." "PCMCIA 56K LT DataFax" + config 0x1f "sio2" 10 + insert echo Zoom modem inserted + remove echo Zoom modem removed + +# 3Com Megahertz 3CCE589E* 10 Mbps LAN PC Card +card "3Com" "Megahertz 589E" + config 0x1 "ep0" 10 + insert echo 3Com Megahertz Ethernet card inserted + insert /etc/pccard_ether ep0 + remove echo 3Com Megahertz Ethernet card removed + remove /sbin/ifconfig ep0 delete + +# 3Com/USR/MegaHertz 3CCM156 +card "3COM" "3CCM156" + config 0x23 "sio2" 10 + insert echo 3Com PCMCIA 56K modem inserted + remove echo 3Com PCMCIA 56K modem removed + +#AR-P500 ethernet card +card "IC-CARD" "IC-CARD" + config 0x20 "ed0" 15 + insert echo AR-P500 Ethernet card inserted + insert /etc/pccard_ether ed0 + remove echo AR-P500 Ethernet card removed + remove ifconfig ed0 delete + +#Eiger 33.6 modem +card "AT&T" "V34+ Fax Modem" + config 0x23 "sio1" 10 + insert echo Eiger 33.6K modem inserted + remove echo Eiger 33.6K modem removed + +# Motorola Montana +card "Motorola" "MONTANA 33.6 FAX/MODEM" + config 0x21 "sio1" 10 + +# AmbiCom 10BaseT card +card "AmbiCom Inc" "AMB8002T" + config 0x20 "ed0" 11 + insert echo AmbiCom 8002T inserted + insert /etc/pccard_ether ed0 + remove echo AmbiCom 8002T removed + remove /sbin/ifconfig ed0 delete diff -urN 3.1-RELEASE/etc/pccard_ether 3.2-RELEASE/etc/pccard_ether --- 3.1-RELEASE/etc/pccard_ether Mon Feb 15 19:45:33 1999 +++ 3.2-RELEASE/etc/pccard_ether Tue May 18 12:41:45 1999 @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: pccard_ether,v 1.9.2.1 1999/02/10 18:08:38 jkh Exp $ +# $Id: pccard_ether,v 1.9.2.2 1999/02/22 02:56:08 steve Exp $ # # pccard_ether interfacename [ifconfig option] # @@ -16,12 +16,12 @@ if [ "x$pccard_ifconfig" != "xNO" ] ; then if [ "x$pccard_ifconfig" = "xDHCP" ] ; then - if [ -f /usr/local/sbin/dhclient ] ; then + if [ -f /sbin/dhclient ] ; then if [ -s /var/run/dhclient.pid ] ; then kill `cat /var/run/dhclient.pid` rm /var/run/dhclient.pid fi - /usr/local/sbin/dhclient + /sbin/dhclient elif [ -f /usr/local/sbin/dhcpc ] ; then if [ -s /var/run/dhcpc.pid ] ; then kill `cat /var/run/dhcpc.pid` diff -urN 3.1-RELEASE/etc/periodic/daily/100.clean-disks 3.2-RELEASE/etc/periodic/daily/100.clean-disks --- 3.1-RELEASE/etc/periodic/daily/100.clean-disks Mon Feb 15 19:45:33 1999 +++ 3.2-RELEASE/etc/periodic/daily/100.clean-disks Tue May 18 12:41:46 1999 @@ -1,10 +1,6 @@ #!/bin/sh # -# $Id: 100.clean-disks,v 1.1.1.1 1997/08/16 17:04:00 pst Exp $ -# -# This is a security hole, never use 'find' on a public directory -# with -exec rm -f as root. This can be exploited to delete any file -# on the system. +# $Id: 100.clean-disks,v 1.1.1.1.2.1 1999/03/30 08:58:33 joerg Exp $ # exit 0 # do not run by default @@ -12,4 +8,4 @@ find / \( ! -fstype local -o -fstype rdonly \) -a -prune -o \ \( -name '[#,]*' -o -name '.#*' -o -name a.out -o -name '*.core' \ -o -name '*.CKP' -o -name '.emacs_[0-9]*' \) \ - -a -atime +3 -exec rm -f -- {} \; + -a -atime +3 -delete diff -urN 3.1-RELEASE/etc/periodic/daily/110.clean-tmps 3.2-RELEASE/etc/periodic/daily/110.clean-tmps --- 3.1-RELEASE/etc/periodic/daily/110.clean-tmps Mon Feb 15 19:45:33 1999 +++ 3.2-RELEASE/etc/periodic/daily/110.clean-tmps Tue May 18 12:41:46 1999 @@ -1,10 +1,6 @@ #!/bin/sh # -# $Id: 110.clean-tmps,v 1.3 1997/09/11 15:21:30 ache Exp $ -# -# This is a security hole, never use 'find' on a public directory -# with -exec rm -f as root. This can be exploited to delete any file -# on the system. +# $Id: 110.clean-tmps,v 1.3.2.1 1999/03/30 08:58:33 joerg Exp $ # # Use at your own risk, but for a long-living system, this might come # more useful than the boot-time cleaning of /tmp. If /var/tmp and @@ -16,17 +12,14 @@ if [ -d /tmp ]; then cd /tmp && { - find . -type f -atime +3 -ctime +3 ! -name '.X*-lock' \ - -exec rm -f -- {} \; - find -d . ! -name . -type d -mtime +1 -exec rmdir -- {} \; \ - >/dev/null 2>&1 + find . -type f -atime +3 -ctime +3 ! -name '.X*-lock' -delete + find -d . ! -name . -type d -mtime +1 -delete } fi if [ -d /var/tmp ]; then cd /var/tmp && { - find . ! -name . -atime +7 -ctime +3 -exec rm -f -- {} \; - find -d . ! -name . ! -name vi.recover -type d -mtime +1 -exec rmdir -- {} \; \ - >/dev/null 2>&1 + find . ! -name . -atime +7 -ctime +3 -delete + find -d . ! -name . ! -name vi.recover -type d -mtime +1 -delete } fi diff -urN 3.1-RELEASE/etc/periodic/daily/120.clean-preserve 3.2-RELEASE/etc/periodic/daily/120.clean-preserve --- 3.1-RELEASE/etc/periodic/daily/120.clean-preserve Mon Feb 15 19:45:33 1999 +++ 3.2-RELEASE/etc/periodic/daily/120.clean-preserve Tue May 18 12:41:46 1999 @@ -1,11 +1,11 @@ #!/bin/sh # -# $Id: 120.clean-preserve,v 1.2 1997/08/17 17:55:29 pst Exp $ +# $Id: 120.clean-preserve,v 1.2.2.1 1999/03/30 08:58:33 joerg Exp $ # if [ -d /var/preserve ]; then echo "" echo "Removing stale files from /var/preserve:" - cd /var/preserve && find . ! -name . -mtime +7 -exec rm -f -- {} \; + cd /var/preserve && find . ! -name . -mtime +7 -delete fi diff -urN 3.1-RELEASE/etc/periodic/daily/140.clean-rwho 3.2-RELEASE/etc/periodic/daily/140.clean-rwho --- 3.1-RELEASE/etc/periodic/daily/140.clean-rwho Mon Feb 15 19:45:33 1999 +++ 3.2-RELEASE/etc/periodic/daily/140.clean-rwho Tue May 18 12:41:46 1999 @@ -1,12 +1,12 @@ #!/bin/sh # -# $Id: 140.clean-rwho,v 1.2 1997/08/17 17:55:30 pst Exp $ +# $Id: 140.clean-rwho,v 1.2.2.1 1999/03/30 08:58:33 joerg Exp $ # if [ -d /var/rwho ] ; then echo "" echo "Removing stale files from /var/rwho:" - cd /var/rwho && find . ! -name . -mtime +7 -exec rm -f -- {} \; + cd /var/rwho && find . ! -name . -mtime +7 -delete fi diff -urN 3.1-RELEASE/etc/periodic/weekly/120.clean-kvmdb 3.2-RELEASE/etc/periodic/weekly/120.clean-kvmdb --- 3.1-RELEASE/etc/periodic/weekly/120.clean-kvmdb Mon Feb 15 19:45:33 1999 +++ 3.2-RELEASE/etc/periodic/weekly/120.clean-kvmdb Tue May 18 12:41:46 1999 @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: 120.clean-kvmdb,v 1.2 1998/01/01 09:04:47 bde Exp $ +# $Id: 120.clean-kvmdb,v 1.2.2.1 1999/03/30 08:58:39 joerg Exp $ # if [ -d /var/db ] ; then @@ -11,5 +11,5 @@ kernel=kvm_`basename ${kernel}`.db find /var/db -name "kvm_*.db" -a ! -name ${kernel} -a \ - -atime +7 -exec rm -f -- {} \; + -atime +7 -delete fi diff -urN 3.1-RELEASE/etc/ppp/ppp.conf.sample 3.2-RELEASE/etc/ppp/ppp.conf.sample --- 3.1-RELEASE/etc/ppp/ppp.conf.sample Mon Feb 15 19:45:43 1999 +++ 3.2-RELEASE/etc/ppp/ppp.conf.sample Thu Jan 1 09:00:00 1970 @@ -1,430 +0,0 @@ -################################################################# -# -# PPP Sample Configuration File -# -# Originally written by Toshiharu OHNO -# -# $Id: ppp.conf.sample,v 1.33 1998/10/03 13:12:14 brian Exp $ -# -################################################################# - -# This file is separated into sections. Each section is named with -# a label starting in column 0 and followed directly by a ``:''. The -# section continues until the next section. Blank lines and lines -# beginning with ``#'' are ignored. -# -# Lines beginning with "!include" will ``include'' another file. You -# may want to ``!include ~/.ppp.conf'' for backwards compatibility. -# - -# Default setup. Always executed when PPP is invoked. -# This section is *not* loaded by the ``load'' or ``dial'' commands. -# -# This is the best place to specify your modem device, it's DTR rate, -# and any logging specification. Logging specs should be done first -# so that subsequent commands are logged. -# -default: - set log Phase Chat LCP IPCP CCP tun command - set device /dev/cuaa1 - set speed 115200 - set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \"\" AT OK-AT-OK ATE1Q0 OK \\dATDT\\T TIMEOUT 40 CONNECT" - -# Client side PPP -# -# Although the PPP protocol is a peer to peer protocol, we normally -# consider the side that makes the connection as the client and the -# side that receives the connection as the server. Authentication -# is required by the server either using a unix-style login proceedure -# or by demanding PAP or CHAP authentication from the client. -# - -# An on demand example where we have dynamic IP addresses: -# If the peer assigns us an arbitrary IP (most ISPs do this) and we -# can't predict what their IP will be either, take a wild guess at -# some IPs that you can't currently route to. -# -# The /0 bit in "set ifaddr" says that we insist on 0 bits of the -# specified IP actually being correct, therefore, the other side can assign -# any IP numbers. -# -# The forth arg to "set ifaddr" makes us send "0.0.0.0" as our requested -# IP number, forcing the peer to make the decision. -# -# This entry also works with static IP numbers or when not in -auto mode. -# The ``add'' line adds a `sticky' default route that will be updated if -# and when any of the IP numbers are changed in IPCP negotiations. -# The "set ifaddr" is required in -auto mode. -# -# Finally, the ``enable dns'' bit tells ppp to ask the peer for the -# nameserver addresses that should be used. This isn't always supported -# by the other side, but if it is, /etc/resolv.conf will automatically be -# updated. -# -pmdemand: - set phone 1234567 - set login "ABORT NO\\sCARRIER TIMEOUT 5 ogin:--ogin: ppp word: ppp" - set timeout 120 - set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 - add default HISADDR - enable dns - -# When we want to use PAP or CHAP instead of using a unix-style login -# proceedure, we do the following. Note, the peer suggests whether we -# should send PAP or CHAP. By default, we send whatever we're asked for. -# -PAPorCHAPpmdemand: - set phone 1234567 - set login - set authname MyName - set authkey MyKey - set timeout 120 - set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 - add default HISADDR - enable dns - -# On demand dialup example with static IP addresses: -# Here, the local side uses 192.244.185.226 and the remote side -# uses 192.244.176.44. -# -# # ppp -auto ondemand -# -# With static IP numbers, our setup is similar to dynamic: -# Remember, ppp.linkup is searched for a "192.244.176.44" label, then -# a "ondemand" label, and finally the "MYADDR" label. -# -ondemand: - set phone 1234567 - set login "ABORT NO\\sCARRIER TIMEOUT 5 ogin:--ogin: ppp word: ppp" - set timeout 120 - set ifaddr 192.244.185.226 192.244.176.44 - add default HISADDR - enable dns - -# Example segments -# -# The following lines may be included as part of your configuration -# section and aren't themselves complete. They're provided as examples -# of how to achieve different things. - -examples: -# Multi-phone example. Numbers separated by a : are used sequentially. -# Numbers separated by a | are used if the previous dial or login script -# failed. Usually, you will prefer to use only one of | or :, but both -# are allowed. -# - set phone 12345678|12345679:12345670|12345671 -# -# Ppp can accept control instructions from the ``pppctl'' program. -# First, you must set up your control socket. It's safest to use -# a UNIX domain socket, and watch the permissions: -# - set server /var/tmp/internet MySecretPassword 0177 -# -# Although a TCP port may be used if you want to allow control -# connections from other machines: -# - set server 6670 MySecretpassword -# -# If you don't like ppp's builtin chat, use an external one: -# - set login "\"!chat \\\\-f /etc/ppp/ppp.dev.chat\"" -# -# If we have a ``strange'' modem that must be re-initialized when we -# hangup: -# - set hangup "\"\" AT OK-AT-OK ATZ OK" -# -# To adjust logging withouth blasting the setting in default: -# - set log -command +tcp/ip -# -# To see log messages on the screen in interactive mode: -# - set log local LCP IPCP CCP -# -# If you're seeing a lot of magic number problems and failed connections, -# try this (see the man page): -# - set openmode active 5 -# -# For noisy lines, we may want to reconnect (up to 20 times) after loss -# of carrier, with 3 second delays between each attempt: -# - set reconnect 3 20 -# -# When playing server for M$ clients, tell them who our NetBIOS name -# servers are: -# - set nbns 10.0.0.1 10.0.0.2 -# -# Inform the client if they ask for our DNS IP numbers: -# - enable dns -# -# If you don't want to tell them what's in your /etc/resolf.conf file -# with `enable dns', override the values: -# - set dns 10.0.0.1 10.0.0.2 -# -# If we're using the -alias switch, redirect ftp and http to an internal -# machine: -# - alias port 10.0.0.2:ftp ftp - alias port 10.0.0.2:http http -# -# or don't trust the outside at all -# - alias deny_incoming yes -# -# I trust user brian to run ppp, so this goes in the `default' section: -# - allow user brian -# -# But label `internet' contains passwords that even brian can't have, so -# I empty out the user access list in that section so that only root can -# have access: -# - allow users -# -# I also may wish to set up my ppp login script so that it asks the client -# for the label they wish to use. I may only want user ``dodgy'' to access -# their own label in direct mode: -# -dodgy: - allow user dodgy - allow mode direct -# -# If we don't want ICMP and DNS packets to keep the connection alive: -# - set filter alive 0 deny icmp - set filter alive 1 deny udp src eq 53 - set filter alive 2 deny udp dst eq 53 - set filter alive 3 permit 0 0 -# -# And we don't want ICMPs to cause a dialup: -# - set filter dial 0 deny icmp - set filter dial 1 permit 0 0 -# -# or any TCP SYN or RST packets (badly closed TCP channels): -# - set filter dial 2 deny 0 0 tcp syn finrst -# -# Once the line's up, allow connections for ident (113), telnet (23), -# ftp (20 & 21), DNS (53), my place of work (192.244.191.0/24), -# ICMP (ping) and traceroute (>33433). -# -# Anything else is blocked by default -# - set filter in 0 permit tcp dst eq 113 - set filter out 0 permit tcp src eq 113 - set filter in 1 permit tcp src eq 23 estab - set filter out 1 permit tcp dst eq 23 - set filter in 2 permit tcp src eq 21 estab - set filter out 2 permit tcp dst eq 21 - set filter in 3 permit tcp src eq 20 dst gt 1023 - set filter out 3 permit tcp dst eq 20 - set filter in 4 permit udp src eq 53 - set filter out 4 permit udp dst eq 53 - set filter in 5 permit 192.244.191.0/24 0/0 - set filter out 5 permit 0/0 192.244.191.0/24 - set filter in 6 permit icmp - set filter out 6 permit icmp - set filter in 7 permit udp dst gt 33433 - set filter out 7 permit udp dst gt 33433 - - -# Server side PPP -# If you want the remote system to authenticate itself, you insist -# that the peer uses CHAP (or PAP) with the "enable" keyword. Both CHAP and -# PAP are disabled by default (we usually only "enable" one of them if the -# other side is dialing into our server). -# When the peer authenticates itself, we use ppp.secret for verification. -# -# Ppp is launched with: -# # ppp -direct CHAPserver -# -# Note: We can supply a third field in ppp.secret specifying the IP address -# for that user. We can even specify a forth field to specify the -# ppp.link{up,down} label to use. -# -CHAPserver: - enable chap - enable proxy - set ifaddr 192.244.176.44 292.244.184.31 - accept dns - -# If we wish to act as a server, allowing PAP access according to -# accounts in /etc/passwd, we do this (Without `enable passwdauth', -# you may still enter ``*'' as the users password in ppp.secret and -# ppp will look it up in the passwd database. This is useful if you -# need to assign a special label or IP number or range): -# -PAPServerwithPASSWD: - enable pap - enable passwdauth - enable proxy - set ifaddr 192.244.176.44 292.244.184.31 - accept dns - - -# Example to connect using a null-modem cable: -# The important thing here is to allow the lqr packets on both sides. -# Without them enabled, we can't tell if the line's dropped - there -# should always be carrier on a direct connection. -# Here, the server sends lqr's every 10 seconds and quits if five in a -# row fail. -# -# Make sure you don't have "deny lqr" in your default: on the client ! -# If the peer denies LQR, we still send ECHO LQR packets at the given -# lqrperiod interval (ppp-style-pings). -# -direct-client: - set dial "" - set line /dev/cuaa0 - set sp 115200 - set timeout 900 - set lqrperiod 10 - set log Phase Chat LQM - set login "ABORT NO\\sCARRIER TIMEOUT 5 ogin:--ogin: ppp word: ppp HELLO" - set ifaddr 10.0.4.2 10.0.4.1 - enable lqr - accept lqr - -direct-server: - set timeout 0 - set lqrperiod 10 - set log Phase LQM - set ifaddr 10.0.4.1 10.0.4.2 - enable lqr - accept lqr - - -# Example to connect via compuserve (who insist on 7 bits even parity -# during the chat phase). -# -compuserve: - set phone 1234567 - set parity even - set login "TIMEOUT 10 \"\" \"\" Name: CIS ID: 99999,9999/go:pppconnect \ - word: XXXXXXXX" - set timeout 300 - set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 - delete ALL - add default HISADDR - - -# Example for PPP over TCP. -# We assume that inetd on tcpsrv.mynet has been -# configured to run "ppp -direct tcp-server" when it gets a connection on -# port 1234. Read the man page for further details -# -# Note, we assume we're using a binary-clean connection. If something -# such as `rlogin' is involved, you may need to ``set escape 0xff'' -# -tcp-client: - set device tcpsrv.mynet:1234 - set dial - set login - set ifaddr 10.0.5.1 10.0.4.1 255.255.255.0 - -tcp-server: - set ifaddr 10.0.4.1 10.0.5.1 255.255.255.0 - -# If you want to test ppp, do it through a loopback: -# -# Requires a line in /etc/services: -# ppploop 6671/tcp # loopback ppp daemon -# -# and a line in /etc/inetd.conf: -# ppploop stream tcp nowait root /usr/sbin/ppp ppp -direct loop-in -# -loop: - set timeout 0 - set log phase chat connect lcp ipcp command - set device localhost:ppploop - set dial - set login - set ifaddr 127.0.0.2 127.0.0.3 - set server /var/tmp/loop "" 0177 - -loop-in: - set timeout 0 - set log phase lcp ipcp command - allow mode direct - -# If you're going to create a tunnel through a public network, your VPN -# should be set up something like this: -# -# /etc/ppp/secure (which should be executable) says: -# #! /bin/sh -# exec ssh whatevermachine /usr/sbin/ppp -direct loop-in -# -sloop: - load loop - set device !/etc/ppp/secure - -# If you wish to connect to a server that will dial back *without* using -# the ppp callback facility (rfc1570), take advantage of the fact that -# ppp doesn't look for carrier 'till `set login' is complete: -# -# Here, we expect the server to say DIALBACK then disconnect after -# we've authenticated ourselves. When this has happened, we wait -# 60 seconds for a RING. -# -dialback: - set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \"\" ATZ OK-ATZ-OK \ - ATDT\\T TIMEOUT 60 CONNECT" - set login "TIMEOUT 5 ogin:--ogin: ppp word: ppp TIMEOUT 15 DIALBACK \ - \"\" NO\\sCARRIER \"\" TIMEOUT 60 RING ATA CONNECT" - -# Alternatively, if the peer is using the PPP callback protocol, use -# normal dial and login scripts and add -# - set callback auth cbcp e.164 1234567 - set cbcp 1234567 - -# If we're running a ppp server that wants to only call back microsoft -# clients on numbers configured in /etc/ppp/ppp.secret (the 5th field): -# - set callback cbcp - set cbcp - set log +cbcp - set redial 3 1 - set device /dev/cuaa0 - set speed 115200 - set dial "TIMEOUT 10 \"\" AT OK-AT-OK ATDT\\T CONNECT" - -# Or if we want to allow authenticated clients to specify their own -# callback number, use this ``set cbcp'' line instead: -# - set cbcp * - -# Multilink mode is available (rfc1990). -# To enable multilink capabilities, you must specify a MRRU. 1500 is -# a reasonable value. To create new links, use the ``clone'' command -# to duplicate an existing link. If you already have more than one -# link, you must specify which link you wish to run the command on via -# the ``link'' command. -# -# You can now ``dial'' specific links, or even dial all links at the -# same time. The `dial' command may also be prefixed with a specific -# link that should do the dialing. -# - -mloop: - load loop - set mode interactive - set mrru 1500 - clone 1 2 3 - link deflink remove - # dial - # link 2 dial - # link 3 dial - -mloop-in: - set timeout 0 - set log tun phase - allow mode direct - set mrru 1500 diff -urN 3.1-RELEASE/etc/ppp/ppp.linkdown.sample 3.2-RELEASE/etc/ppp/ppp.linkdown.sample --- 3.1-RELEASE/etc/ppp/ppp.linkdown.sample Mon Feb 15 19:45:43 1999 +++ 3.2-RELEASE/etc/ppp/ppp.linkdown.sample Thu Jan 1 09:00:00 1970 @@ -1,34 +0,0 @@ -######################################################################### -# -# Example of ppp.linkdown file -# -# This file is checked when ppp closes a connection. -# ppp searches the labels in this file as follows: -# -# 1) The label that matches the IP number assigned to our side. -# -# 2) The label specified on the command line to ppp. -# -# 3) If no label has been found, use MYADDR if it exists. -# -# -# $Id: ppp.linkdown.sample,v 1.2 1998/11/05 23:14:19 brian Exp $ -# -######################################################################### - -# We don't really need to do much here. If we have notified a DNS -# of our temporary IP number, we may want to ``un-notify'' them. -# -# If you're into sound effects when the link goes down, you can run -# ``auplay'' (assuming NAS is installed and configured). -# -MYADDR: - !bg /usr/X11R6/bin/auplay /etc/ppp/linkdown.au - -# If you're running ``ppp -auto -alias dynamic-alias-auto'', and are -# assigned a dynamic IP number by the peer, this may be worth while -# to keep the interface aliases to a minimum (see ``enable iface-alias'' -# in the man page): -# -dynamic-alias-auto: - iface clear diff -urN 3.1-RELEASE/etc/ppp/ppp.linkup.sample 3.2-RELEASE/etc/ppp/ppp.linkup.sample --- 3.1-RELEASE/etc/ppp/ppp.linkup.sample Mon Feb 15 19:45:43 1999 +++ 3.2-RELEASE/etc/ppp/ppp.linkup.sample Thu Jan 1 09:00:00 1970 @@ -1,49 +0,0 @@ -######################################################################### -# -# Example of ppp.linkup file -# -# This file is checked when ppp establishes a connection. -# ppp searches the labels in this file as follows: -# -# 1) The label that matches the IP number assigned to our side. -# -# 2) The label specified on the command line to ppp. -# -# 3) If no label has been found, use MYADDR if it exists. -# -# -# $Id: ppp.linkup.sample,v 1.14 1998/05/21 21:45:47 brian Exp $ -# -######################################################################### - -# It is no longer necessary to re-add the default route here as our -# ppp.conf route is `sticky' (see the man page). -# If you're into sound effects when the link comes up, you can run -# ``auplay'' (assuming NAS is installed and configured). -# -MYADDR: - !bg /usr/X11R6/bin/auplay /etc/ppp/linkup.au - -# If we've got 192.244.176.32 as our address, then regard peer as a gateway -# to 192.244.176.0 network. This may also be done in ppp.conf instead. -# -192.244.176.32: - add 192.244.176.0 0 HISADDR - -#You may want to execute a script after connecting. This script can do -# nice things such as kick off "sendmail -q", "popclient my.isp" and -# "slurp -d news". It can be passed MYADDR, HISADDR and INTERFACE -# as arguments too - useful for informing a DNS of your assigned IP. -# -# You may also want some sound effects.... -# -pmdemand: - !bg /etc/ppp/ppp.etherup.pmdemand - ! sh -c "cat /etc/ppp/linkup.au >/dev/audio" - -# If your minimum call charge is 5 minutes, you may as well stay on -# the line for that amount of time. If we want a 60 second subsequent -# timeout, set your timeout to 300 in ppp.conf and then do this: -# -min5minutes: - !bg sh -c "sleep 240; pppctl -p mypassword 3000 set timeout 60" diff -urN 3.1-RELEASE/etc/ppp/ppp.secret.sample 3.2-RELEASE/etc/ppp/ppp.secret.sample --- 3.1-RELEASE/etc/ppp/ppp.secret.sample Mon Feb 15 19:45:43 1999 +++ 3.2-RELEASE/etc/ppp/ppp.secret.sample Thu Jan 1 09:00:00 1970 @@ -1,41 +0,0 @@ -################################################## -# -# Example of ppp.secret file -# -# This file is used to authenticate incoming connections. -# You must ``enable'' either PAP or CHAP in your ppp.conf file. -# The peer may then use any of the Authname/Authkey pairs listed. -# Additionally, if ``passwdauth'' is enabled and an entry isn't -# found in this file, the passwd(5) database is used. -# -# If the password is specified as "*", look it up in passwd(5). -# This doesn't work for CHAP connections as ppp must have access -# to the unencrypted password for CHAP. -# -# If an IP address or address range is given as the third field, it -# will be assigned to the peer. A ``*'' or an empty field may be -# used as a placeholder if you do not wish to override the IP -# address, but wish to specify further fields. -# -# If a label is given as the forth field, it is used when reading -# the ppp.linkup and ppp.linkdown files. A ``*'' or an empty field -# can be used as a placeholder if you do not wish to override the -# label, but wish to specify further fields. -# -# If a phone number or list of phone numbers is given as the fifth -# field, these numbers will be used to call back the client if -# ``auth'' or ``cbcp'' callback is enabled (see ``set callback''). -# A ``*'' specifies that the client must specify the number. -# -# $Id: ppp.secret.sample,v 1.8 1998/08/07 18:44:31 brian Exp $ -# -################################################## - -# Authname Authkey Peer's IP address Label Callback - -oscar OurSecretKey 192.2.18.34 -BigBird X4dWg9327 192.2.18.33/32 -fred * * fred -subnet * 192.2.18.35-192.2.18.70 subnet -admin * * * * -homeworker * * * 1234567 diff -urN 3.1-RELEASE/etc/rc 3.2-RELEASE/etc/rc --- 3.1-RELEASE/etc/rc Mon Feb 15 19:45:33 1999 +++ 3.2-RELEASE/etc/rc Tue May 18 12:41:45 1999 @@ -1,5 +1,5 @@ #!/bin/sh -# $Id: rc,v 1.169.2.5 1999/02/13 05:31:07 jkh Exp $ +# $Id: rc,v 1.169.2.11 1999/05/03 08:13:26 grog Exp $ # From: @(#)rc 5.27 (Berkeley) 6/5/91 # System startup script run by init on autoboot @@ -23,14 +23,12 @@ export PATH # BOOTP diskless boot. We have to run the rc file early in order to -# handle read-only NFS mounts, where the various config files -# in /etc often don't apply. rc.diskless typically sets skip_diskconf=YES -# on return. +# retarget various config files. # -if [ -f /etc/rc.diskless ]; then +if [ -f /etc/rc.diskless1 ]; then dlv=`/sbin/sysctl -n vfs.nfs.diskless_valid 2> /dev/null` if [ ${dlv:=0} != 0 ]; then - . /etc/rc.diskless + . /etc/rc.diskless1 fi fi @@ -43,19 +41,19 @@ fi # Configure ccd devices. -if [ "X$skip_diskconf" != "XYES" -a -f /etc/ccd.conf ]; then +if [ -f /etc/ccd.conf ]; then ccdconfig -C fi -if [ "X$skip_diskconf" != "XYES" -a -n "$vinum_drives" ]; then +if [ X$start_vinum = XYES ]; then + vinum start +elif [ -n "$vinum_drives" ]; then vinum read $vinum_drives fi -if [ "X$skip_diskconf" != "XYES" ]; then - swapon -a -fi +swapon -a -if [ "X$skip_diskconf" != "XYES" -a $1x = autobootx ]; then +if [ $1x = autobootx ]; then echo Automatic reboot in progress... fsck -p case $? in @@ -90,37 +88,43 @@ echo Skipping disk checks ... fi +set -T trap "echo 'Reboot interrupted'; exit 1" 3 # root normally must be read/write, but if this is a BOOTP NFS # diskless boot it does not have to be. # -if [ "X$skip_diskconf" != "XYES" ]; then +if [ "X$root_rw_mount" != "XNO" ]; then mount -u -o rw / +fi - if [ $? != 0 ]; then - echo "Filesystem mount failed, startup aborted" - exit 1 - fi +if [ $? != 0 ]; then + echo "Filesystem mount failed, startup aborted" + exit 1 +fi - umount -a >/dev/null 2>&1 +umount -a >/dev/null 2>&1 +if [ "X$early_nfs_mounts" != "XYES" ]; then mount -a -t nonfs - if [ $? != 0 ]; then - echo "Filesystem mount failed, startup aborted" - exit 1 - fi +else + mount -a +fi +if [ $? != 0 ]; then + echo "Filesystem mount failed, startup aborted" + exit 1 fi # Run custom disk mounting function here # -if [ "X$diskless_mount_func" != "X" ]; then - $diskless_mount_func +if [ "X$diskless_mount" != "X" ]; then + if [ -f $diskless_mount ]; then + sh $diskless_mount + fi fi - adjkerntz -i clean_var() { @@ -171,6 +175,7 @@ # Whack the pty perms back into shape. chmod 666 /dev/tty[pqrsPQRS]* +chown root:wheel /dev/tty[pqrsPQRS]* # clean up left-over files clean_var # If it hasn't already been done @@ -231,12 +236,19 @@ network_pass2 fi -# Check the quotas (must be after ypbind if using NIS) -if [ "X${check_quotas}" = X"YES" ]; then - echo -n 'checking quotas:' - quotacheck -a - echo ' done.' - quotaon -a +# Enable/Check the quotas (must be after ypbind if using NIS) +if [ "X${enable_quotas}" = X"YES" ]; then + + # Only check quotas if they have been previously enabled, and requested + if [ "X${check_quotas}" = X"YES" ]; then + echo -n 'checking quotas:' + quotacheck -a + echo ' done.' + fi + + echo -n 'enabling quotas:' + quotaon -a + echo ' done.' fi if [ -n "$network_pass2_done" ]; then @@ -304,7 +316,7 @@ fi if [ "X${lpd_enable}" = X"YES" ]; then - echo -n ' printer'; lpd ${lpd_flags} + echo -n ' printer'; ${lpd_program} ${lpd_flags} fi if [ "X${sendmail_enable}" = X"YES" -a -r /etc/sendmail.cf ]; then @@ -374,7 +386,7 @@ for dir in ${local_startup}; do [ -d ${dir} ] && for script in ${dir}/*.sh; do [ -x ${script} ] && \ - (trap 'exit 1' 2 ; ${script} start ; echo -n) + (set -T ; trap 'exit 1' 2 ; ${script} start) done done echo . diff -urN 3.1-RELEASE/etc/rc.diskless1 3.2-RELEASE/etc/rc.diskless1 --- 3.1-RELEASE/etc/rc.diskless1 Thu Jan 1 09:00:00 1970 +++ 3.2-RELEASE/etc/rc.diskless1 Tue May 18 12:41:45 1999 @@ -0,0 +1,113 @@ +# +# /etc/rc.diskless - general BOOTP startup +# +# BOOTP has mounted / for us. Assume a read-only mount. We must then +# - figure out where the NFS mount is coming from +# - figure out our IP by querying the interface +# - retarget /conf/ME softlink to proper configuration script directory +# +# It is expected that /etc/fstab and /etc/rc.conf.local will be +# set by the system operator on the server to be softlinks to +# /conf/ME/fstab and /conf/ME/rc.conf.local. The system operator may +# choose to retarget other files as well. The server itself boots +# properly with its default /conf/ME softlink pointing to +# /conf/server.host.name. +# +# During a diskless boot, we retarget the /conf/ME softlink to point +# to /conf/DISKLESS.CLIENT.IP.ADDRESS. Thus, various system config +# files that are softlinks through /conf/ME also get retargeted. +# +# SEE SAMPLE FILES IN /usr/share/examples/diskless. + +# chkerr: +# +# Routine to check for error +# +# checks error code and drops into shell on failure. +# if shell exits, terminates script as well as /etc/rc. + +chkerr() { + if [ $1 != 0 ]; then + echo "$2 failed: dropping into /bin/sh" + /bin/sh + # RESUME + fi +} + +# DEBUGGING +# +# XXX +# set -v + +# Figure out where the root mount is coming from, synthesize a mount +# for /usr and mount it. +# +# e.g. nfs_root might wind up as "A.B.C.D:/" +# +# NOTE! the /usr mount is only temporary so we can access commands necessary +# to retarget /conf/ME. The actual /usr mount should be part of the +# retargeted /etc/fstab. See instructions in /usr/share/examples/diskless. +# +set `/bin/df /` +nfs_root=$8 + +# XXX we should extract the host part from nfs_root, but we don't have +# any good tool for string parsing yet. The ../ is a dirty hack. We +# can add more than one. But this whole section to determine the boot +# ifc etc. needs some cleanup +mount_nfs -o ro ${nfs_root}/../usr /usr + +chkerr $? "mount of /usr" + +# Figure out our interface and IP. +# + +bootp_ifc=`route -n get default | fgrep interface | awk '{ print $2; }'` +bootp_ipa=`ifconfig $bootp_ifc | fgrep inet | head -1 | awk '{ print $2; }'` +bootp_ipbca=`ifconfig $bootp_ifc | fgrep inet | head -1 | awk '{ print $6; }'` + +echo "Interface $bootp_ifc IP-Address $bootp_ipa Broadcast $bootp_ipbca" + +umount /usr + +# Files in /etc are copied to /conf/etc which is writable. Then +# per-machine configs from /conf/ip.address/etc are copied onto this +# directory. First choice is using the client's IP, then the client's +# broadcast address, then a default configuration. +# This way we have some flexibility to handle clusters of machines +# on separate subnets. +# +# WARNING! null mounts cannot handle mmap, and since many programs +# use mmap (such as 'cp'), we have to copy. + +mount_mfs -s 2048 -T qp120at dummy /conf/etc +cp -Rp /etc/* /conf/etc +chkerr $? "MFS mount on /conf/etc" + +if [ -d /conf/$bootp_ipa ] +then + cp -Rp /conf/$bootp_ipa/etc/* /conf/etc +elif [ -d /conf/$bootp_ipbca ] +then + cp -Rp /conf/$bootp_ipbca/etc/* /conf/etc +else + cp -Rp /conf/default/etc/* /conf/etc +fi + +# +# Make the new directory available as /etc +# +mount_null /conf/etc /etc + +# Tell /etc/rc to run the specified script after +# it does its mounts but before it does anything +# else. +# +# This script is responsible for setting up the +# diskless mount environment. This can be +# overriden by /conf/ME/rc.conf.local if, for +# example, you do not want to run the standard +# system /etc/rc.diskless2 + +diskless_mount="/etc/rc.diskless2" + diff -urN 3.1-RELEASE/etc/rc.diskless2 3.2-RELEASE/etc/rc.diskless2 --- 3.1-RELEASE/etc/rc.diskless2 Thu Jan 1 09:00:00 1970 +++ 3.2-RELEASE/etc/rc.diskless2 Tue May 18 12:41:45 1999 @@ -0,0 +1,37 @@ +# rc.diskless2 +# + +# If there is a global system configuration file, suck it in. +# +if [ -f /etc/defaults/rc.conf ]; then + . /etc/defaults/rc.conf +elif [ -f /etc/rc.conf ]; then + . /etc/rc.conf +fi + +mount_mfs -s ${varsize:=65536} -T qp120at dummy /var +var_dirs="run dev db msgs tmp spool spool/mqueue spool/lpd spool/output \ + spool/output/lpd" +for i in $var_dirs +do + mkdir /var/$i +done +chmod 755 /var/run +chmod 755 /var/db +chmod 755 /var/spool +chmod 1777 /var/tmp +chown -R root.daemon /var/spool/output +chgrp daemon /var/spool/lpd +# +# XXX make sure to create one dir for each printer as requested by lpd +# + +if [ ! -h /tmp -a ! -h /var/tmp ]; then + mount_null /var/tmp /tmp +fi + +# extract a list of device entries, then copy them to a writable partition +( cd /; find -x dev | cpio -o -H newc ) > /tmp/dev.tmp +mount_mfs -s 4096 -i 512 -T qp120at dummy /dev +( cd /; cpio -i -H newc -d < /tmp/dev.tmp ) + diff -urN 3.1-RELEASE/etc/rc.network 3.2-RELEASE/etc/rc.network --- 3.1-RELEASE/etc/rc.network Mon Feb 15 19:45:33 1999 +++ 3.2-RELEASE/etc/rc.network Tue May 18 12:41:45 1999 @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: rc.network,v 1.39 1999/01/13 17:32:37 joerg Exp $ +# $Id: rc.network,v 1.39.2.4 1999/04/12 15:29:11 brian Exp $ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 # Note that almost all the user-configurable behavior is no longer in @@ -100,10 +100,24 @@ # Load the filters if required if [ $firewall_in_kernel = 1 ]; then - if [ -n "$firewall_enable" -a -f /etc/rc.firewall -a \ - "x$firewall_enable" = "xYES" ] ; then - . /etc/rc.firewall - echo "Firewall rules loaded." + if [ -z "${firewall_script}" ] ; then + firewall_script="/etc/rc.firewall" + fi + if [ -f ${firewall_script} -a X"$firewall_enable" = X"YES" ]; then + . ${firewall_script} + echo -n 'Firewall rules loaded, starting divert daemons:' + + # Network Address Translation daemon + if [ X"${natd_enable}" = X"YES" -a -n "${natd_interface}" ]; then + if echo ${natd_interface} | \ + grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then + natd_ifarg="-a ${natd_interface}" + else + natd_ifarg="-n ${natd_interface}" + fi + echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg} + fi + echo '.' else IPFW_DEFAULT=`ipfw l 65535` if [ "$IPFW_DEFAULT" = "65535 deny ip from any to any" ]; then @@ -211,7 +225,7 @@ fi if [ "X${portmap_enable}" = X"YES" ]; then - echo -n ' portmap'; portmap ${portmap_flags} + echo -n ' portmap'; ${portmap_program} ${portmap_flags} fi # Start ypserv if we're an NIS server. @@ -311,18 +325,6 @@ unset stash_flag fi - # Network Address Translation daemon - if [ "X${natd_enable}" = X"YES" -a X"${natd_interface}" != X"" \ - -a X"${firewall_enable}" = X"YES" ]; then - if echo ${natd_interface} | \ - grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then - natd_ifarg="-a ${natd_interface}" - else - natd_ifarg="-n ${natd_interface}" - fi - echo -n ' natd'; natd ${natd_flags} ${natd_ifarg} - fi - echo '.' network_pass3_done=YES } diff -urN 3.1-RELEASE/etc/rc.pccard 3.2-RELEASE/etc/rc.pccard --- 3.1-RELEASE/etc/rc.pccard Mon Feb 15 19:45:33 1999 +++ 3.2-RELEASE/etc/rc.pccard Tue May 18 12:41:45 1999 @@ -3,12 +3,17 @@ # PC-card startup script # HOSOKAWA, Tatsumi # -# $Id: rc.pccard,v 1.6.2.1 1999/02/05 09:42:27 markm Exp $ +# $Id: rc.pccard,v 1.6.2.4 1999/03/17 21:57:53 nate Exp $ # if [ "X$pccard_enable" = X"YES" ] ; then - if kldload pcic; then - echo "Kernel pcic module loaded." + builtin=`kldstat -v -i 1 | grep pcic | awk '{print $2}'` + if [ "$builtin" = "pcic" ] ; then + echo "PCIC module compiled in" + else + if kldload pcic; then + echo "Kernel pcic module loaded." + fi fi if [ "x$pccard_mem" != "xDEFAULT" ] ; then pccardc pccardmem $pccard_mem diff -urN 3.1-RELEASE/etc/sendmail.cf 3.2-RELEASE/etc/sendmail.cf --- 3.1-RELEASE/etc/sendmail.cf Mon Feb 15 19:45:34 1999 +++ 3.2-RELEASE/etc/sendmail.cf Tue May 18 12:41:47 1999 @@ -15,7 +15,7 @@ ##### ##### SENDMAIL CONFIGURATION FILE ##### -##### built by root@usw3.freebsd.org on Mon Feb 15 10:13:25 GMT 1999 +##### built by root@cathair on Tue May 18 03:31:45 GMT 1999 ##### in /usr/src/etc/sendmail ##### using /usr/src/etc/sendmail/../../contrib/sendmail/cf/ as configuration include directory ##### @@ -24,7 +24,7 @@ ##### @(#)cfhead.m4 8.23 (Berkeley) 10/6/1998 ##### ##### @(#)cf.m4 8.29 (Berkeley) 5/19/1998 ##### -##### @(#)freebsd.mc $Revision: 1.4 $ ##### +##### @(#)freebsd.mc $Revision: 1.4.2.1 $ ##### ##### @(#)bsd4.4.m4 8.10 (Berkeley) 10/6/1998 ##### @@ -48,7 +48,7 @@ ##### @(#)local_lmtp.m4 8.5 (Berkeley) 5/19/1998 ##### -##### @(#)proto.m4 8.237 (Berkeley) 12/17/1998 ##### +##### @(#)proto.m4 8.243 (Berkeley) 2/2/1999 ##### # level 8 config file format @@ -97,7 +97,7 @@ Kvirtuser hash -o /etc/mail/virtusertable # Access list database (for spam stomping) -Kaccess hash -o /etc/mail/access' +Kaccess hash -o /etc/mail/access # MX map (to allow relaying to hosts that we MX for) Kmxserved bestmx -z: -T @@ -133,7 +133,7 @@ CPREDIRECT # Configuration version number -DZ8.9.2 +DZ8.9.3 ############### @@ -654,7 +654,7 @@ R$* <@ $+ > $* $: < $2 > $1 < @ $2 > $3 extract host name R< $+ . > $* $: < $1 > $2 strip trailing dot R< $+ > $* $: < $(mailertable $1 $) > $2 lookup -R< $~[ : $+ > $* $>95 < $1 : $2 > $3 check -- resolved? +R< $~[ : $* > $* $>95 < $1 : $2 > $3 check -- resolved? R< $+ > $* $: $>90 <$1> $2 try domain # resolve remotely connected UUCP links (if any) @@ -694,7 +694,9 @@ R< > < $+ + $* > $* < > < $1 > + $2 $3 find the user part R< > < $+ > + $* $#local $@ $2 $: @ $1 strip the extra + R< > < $+ > $@ $1 no +detail -R$+ $: $1 $&h add +detail back in +R$+ $: $1 <> $&h add +detail back in +R$+ <> + $* $: $1 + $2 check whether +detail +R$+ <> $* $: $1 else discard R< local : $* > $* $: $>95 < local : $1 > $2 no host extension R< error : $* > $* $: $>95 < error : $1 > $2 no host extension R< $- : $+ > $+ $: $>95 < $1 : $2 > $3 < @ $2 > @@ -706,10 +708,10 @@ S90 R$* <$- . $+ > $* $: $1$2 < $(mailertable .$3 $@ $1$2 $@ $2 $) > $4 -R$* <$~[ : $+ > $* $>95 < $2 : $3 > $4 check -- resolved? +R$* <$~[ : $* > $* $>95 < $2 : $3 > $4 check -- resolved? R$* < . $+ > $* $@ $>90 $1 . <$2> $3 no -- strip & try again R$* < $* > $* $: < $(mailertable . $@ $1$2 $) > $3 try "." -R< $~[ : $+ > $* $>95 < $1 : $2 > $3 "." found? +R< $~[ : $* > $* $>95 < $1 : $2 > $3 "." found? R< $* > $* $@ $2 no mailertable match ################################################################### @@ -730,6 +732,10 @@ ################################################################### SCanonLocal +# strip local host from routed addresses +R< $* > < @ $+ > : $+ $@ $>97 $3 +R< $* > $+ $=O $+ < @ $+ > $@ $>97 $2 $3 $4 + # strip trailing dot from any host name that may appear R< $* > $* < @ $* . > $: < $1 > $2 < @ $3 > diff -urN 3.1-RELEASE/etc/services 3.2-RELEASE/etc/services --- 3.1-RELEASE/etc/services Mon Feb 15 19:45:33 1999 +++ 3.2-RELEASE/etc/services Tue May 18 12:41:45 1999 @@ -7,7 +7,7 @@ # Updated from RFC 1700, ``Assigned Numbers'' (October 1994). All ports # are included. # -# The lastest IANA port assignments can be gotten from +# The latest IANA port assignments can be gotten from # http://www.isi.edu/in-notes/iana/assignments/port-numbers # The Well Known Ports are those from 0 through 1023. # The Registered Ports are those from 1024 through 49151 @@ -16,7 +16,7 @@ # Kerberos services are for Kerberos v4, and are unofficial. Sites running # v5 should uncomment v5 entries and comment v4 entries. # -# $Id: services,v 1.55 1998/09/16 15:42:32 des Exp $ +# $Id: services,v 1.55.2.1 1999/05/04 13:53:19 ghelmer Exp $ # From: @(#)services 5.8 (Berkeley) 5/9/91 # # WELL KNOWN PORT NUMBERS