Kris Kennaway wrote:
Note to [EMAIL PROTECTED]: you are blocking mail from me.
Kris
I'm sorry for that. Use [EMAIL PROTECTED] for personal
messages or cc'd mails, please.
[originally built in May]
[EMAIL PROTECTED] ldd /usr/sbin/ppp
/usr/sbin/ppp:
libcrypt.so.2 => /usr/lib/libcrypt.so.2 (0x280b6000)
libmd.so.2 => /usr/lib/libmd.so.2 (0x280cf000)
libutil.so.3 => /usr/lib/libutil.so.3 (0x280d8000)
libz.so.2 => /usr/lib/libz.so.2 (0x280e1000)
libalias.so.4 => /usr/lib/libalias.so.4 (0x280ee000)
libcrypto.so.3 => /usr/lib/libcrypto.so.3 (0x280fe000)
libradius.so.1 => /usr/lib/libradius.so.1 (0x281f5000)
libnetgraph.so.1 => /usr/lib/libnetgraph.so.1 (0x281fa000)
libc.so.4 => /usr/lib/libc.so.4 (0x281fe000)
I removed libintl from /usr/lib to check if the problem is still there
and it is:
[EMAIL PROTECTED] dmesg -a
<...>
Starting ppp as "root"
/usr/libexec/ld-elf.so.1:
Shared object "libintl.so.6" not found
<...>
OK, but that's not coming from executing /usr/sbin/ppp since you've
shown us that it's not in fact linked to libintl, as expected (you
could also verify this by executing ppp by hand). Can you show us
your /etc/rc.conf? Perhaps it's not running /usr/sbin/ppp but some
other binary.
Indeed, I tried to "# ldconfig -elf /usr/lib /usr/lib/compat" (so
that ld-elf cannot find libintl), but ppp loaded anyways. Attached
is my kernconf and a few rc scripts.
Thanks,
Andrew P.
#!/bin/sh
#
# Copyright (c) 2000 The FreeBSD Project
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
# @(#)rc 5.27 (Berkeley) 6/5/91
# $FreeBSD: src/etc/rc,v 1.212.2.51 2002/10/17 17:25:07 schweikh Exp $
#
# System startup script run by init on autoboot
# or after single-user.
# Output and error are redirected to console by init,
# and the console is the controlling terminal.
# Note that almost all of the user-configurable behavior is no longer in
# this file, but rather in /etc/defaults/rc.conf. Please check that file
# first before contemplating any changes here. If you do need to change
# this file for some reason, we would like to know about it.
stty status '^T'
# Set shell to ignore SIGINT (2), but not children;
# shell catches SIGQUIT (3) and returns to single user after fsck.
#
trap : 2
trap : 3 # shouldn't be needed
bootmode=$1
HOME=/
PATH=/sbin:/bin:/usr/sbin:/usr/bin
export HOME PATH
# BOOTP diskless boot. We have to run the rc file early in order to
# retarget various config files.
# See /usr/share/examples/diskless/clone_root for details on how
# to setup diskless on the client and the server.
#
if [ -r /etc/rc.diskless1 ]; then
dlv=`/sbin/sysctl -n vfs.nfs.diskless_valid 2> /dev/null`
if [ ${dlv:=0} != 0 ]; then
. /etc/rc.diskless1
fi
fi
# If there is a global system configuration file, suck it in.
#
if [ -r /etc/defaults/rc.conf ]; then
. /etc/defaults/rc.conf
source_rc_confs
elif [ -r /etc/rc.conf ]; then
. /etc/rc.conf
fi
chkdepend() {
svc=$1
svc_var=$2
dep=$3
dep_var=$4
eval svc_val=\${$svc_var}
eval dep_val=\${$dep_var}
case ${svc_val} in
[Yy][Ee][Ss])
case ${dep_val} in
[Yy][Ee][Ss])
;;
*)
eval ${dep_var}="YES"
echo "DEPENDENCY NOTE: ${dep} will be enabled" \
"to support ${svc}"
;;
esac
;;
esac
}
chkdepend amd amd_enable portmap portmap_enable
chkdepend amd amd_enable NFS nfs_client_enable
chkdepend NFS nfs_server_enable portmap portmap_enable
chkdepend NIS nis_server_enable portmap portmap_enable
chkdepend NIS nis_client_enable portmap portmap_enable
# Enable dumpdev early so that a crash during the boot process can be caught.
#
case ${dumpdev} in
[Nn][Oo] | '')
dumpdev='NO'
;;
*)
/sbin/dumpon -v ${dumpdev}
;;
esac
# Configure ccd devices.
#
if [ -r /etc/ccd.conf ]; then
ccdconfig -C
fi
case ${start_vinum} in
[Yy][Ee][Ss])
vinum start
;;
esac
swapon -a
# Last chance to do things before potentially waiting for
# operator to do fsck related tasks
if [ -r /etc/rc.early ]; then
. /etc/rc.early
fi
case ${bootmode} in
autoboot)
echo 'Automatic boot in progress...'
fsck -p
case $? in
0)
;;
2)
exit 1
;;
4)
reboot
echo 'Reboot failed... help!'
exit 1
;;
8)
case ${fsck_y_enable} in
[Yy][Ee][Ss])
echo 'File system preen failed, trying fsck -y . . .'
fsck -y
case $? in
0)
;;
*)
echo 'Automatic file system check failed . . . help!'
exit 1
;;
esac
;;
*)
echo 'Automatic file system check failed . . . help!'
exit 1
;;
esac
;;
12)
echo 'Reboot interrupted'
exit 1
;;
130)
# interrupt before catcher installed
exit 1
;;
*)
echo 'Unknown error in reboot'
exit 1
;;
esac
;;
*)
echo 'Skipping disk checks ...'
;;
esac
set -T
trap "echo 'Reboot interrupted'; exit 1" 3
# root normally must be read/write, but if this is a BOOTP NFS
# diskless boot it does not have to be.
#
case ${root_rw_mount} in
[Nn][Oo] | '')
;;
*)
if ! mount -u -o rw /; then
echo 'Mounting root filesystem rw failed, startup aborted'
exit 1
fi
;;
esac
umount -a >/dev/null 2>&1
# If using diskless, run custom disk mounting function here
#
if [ -n "${diskless_mount}" -a -r "${diskless_mount}" ]; then
sh ${diskless_mount}
else
# otherwise mount everything except nfs filesystems.
mount -a -t nonfs
fi
case $? in
0)
;;
*)
echo 'Mounting /etc/fstab filesystems failed, startup aborted'
exit 1
;;
esac
adjkerntz -i
purgedir() {
local dir file
if [ $# -eq 0 ]; then
purgedir .
else
for dir
do
(
cd "$dir" && for file in .* *
do
[ ."$file" = .. -o ."$file" = ... ] && continue
if [ -d "$file" -a ! -L "$file" ]; then
purgedir "$file"
else
rm -f -- "$file"
fi
done
)
done
fi
}
clean_var() {
if [ -d /var/run -a ! -f /var/run/clean_var ]; then
purgedir /var/run
# Keep a copy of the boot messages around
dmesg >/var/run/dmesg.boot
# And an initial utmp file
(cd /var/run && cp /dev/null utmp && chmod 644 utmp;)
>/var/run/clean_var
fi
if [ -d /var/spool/lock -a ! -f /var/spool/lock/clean_var ]; then
purgedir /var/spool/lock
>/var/spool/lock/clean_var
fi
rm -rf /var/spool/uucp/.Temp/*
}
# network_pass1() *may* end up writing stuff to /var - we don't want to
# remove it immediately afterwards - *nor* do we want to fail to clean
# an NFS-mounted /var.
rm -f /var/run/clean_var /var/spool/lock/clean_var
clean_var
# Add additional swapfile, if configured.
#
case ${swapfile} in
[Nn][Oo] | '')
;;
*)
if [ -w "${swapfile}" -a -c /dev/vn0b ]; then
echo "Adding ${swapfile} as additional swap"
vnconfig -e /dev/vn0b ${swapfile} swap
fi
;;
esac
# Early pass to set the variables we can
#
if [ -r /etc/rc.sysctl ]; then
sh /etc/rc.sysctl first
fi
# Configure serial devices
#
if [ -r /etc/rc.serial ]; then
. /etc/rc.serial
fi
# Start up PC-card configuration
#
if [ -r /etc/rc.pccard ]; then
. /etc/rc.pccard
fi
# Start up the initial network configuration.
#
if [ -r /etc/rc.network ]; then
. /etc/rc.network # We only need to do this once.
network_pass1
fi
case ${ipv6_enable} in
[Yy][Ee][Ss])
if [ -r /etc/rc.network6 ]; then
. /etc/rc.network6 # We only need to do this once also.
network6_pass1
fi
;;
esac
# Mount NFS filesystems if present in /etc/fstab
#
case "`mount -d -a -t nfs 2> /dev/null`" in
*mount_nfs*)
echo -n 'Mounting NFS file systems:'
mount -a -t nfs
echo '.'
;;
esac
# If we booted a special kernel remove the record so we will boot
# the default kernel next time
#
rm -f /boot/nextboot.conf
# Whack the pty perms back into shape.
#
if ls /dev/tty[pqrsPQRS]* > /dev/null 2>&1; then
chflags 0 /dev/tty[pqrsPQRS]*
chmod 666 /dev/tty[pqrsPQRS]*
chown root:wheel /dev/tty[pqrsPQRS]*
fi
# Clean up left-over files
#
clean_var # If it hasn't already been done
rm /var/run/clean_var /var/spool/lock/clean_var
# Clearing /tmp at boot-time seems to have a long tradition. It doesn't
# help in any way for long-living systems, and it might accidentally
# clobber files you would rather like to have preserved after a crash
# (if not using mfs /tmp anyway).
#
# See also the example of another cleanup policy in /etc/periodic/daily.
#
case ${clear_tmp_enable} in
[Yy][Ee][Ss])
echo -n 'Clearing /tmp:'
# prune quickly with one rm, then use find to clean up /tmp/[lq]*
# (not needed with mfs /tmp, but doesn't hurt there...)
(cd /tmp && rm -rf [a-km-pr-zA-Z]* &&
find -d . ! -name . ! -name lost+found ! -name quota.user \
! -name quota.group -exec rm -rf -- {} \;)
echo '.'
;;
esac
# Remove X lock files, since they will prevent you from restarting X11
# after a system crash.
#
rm -f /tmp/.X*-lock
rm -fr /tmp/.X11-unix
mkdir -m 1777 /tmp/.X11-unix
# Snapshot any kernel -c changes back to disk here <someday>.
# This has changed with ELF and /kernel.config.
echo -n 'Additional daemons:'
# Start system logging and name service. Named needs to start before syslogd
# if you don't have a /etc/resolv.conf.
#
case ${syslogd_enable} in
[Yy][Ee][Ss])
# Transitional symlink (for the next couple of years :) until all
# binaries have had a chance to move towards /var/run/log.
if [ ! -L /dev/log ]; then
# might complain for r/o root f/s
ln -sf /var/run/log /dev/log
fi
rm -f /var/run/log
echo -n ' syslogd';
${syslogd_program:-/usr/sbin/syslogd} ${syslogd_flags}
;;
esac
echo '.'
# Build devices database
#
dev_mkdb
# $dumpdir should be a directory or a symbolic link
# to the crash directory if core dumps are to be saved.
#
if [ "${dumpdev}" != 'NO' ]; then
case ${dumpdir} in
'')
dumpdir='/var/crash'
;;
[Nn][Oo])
dumpdir='NO'
;;
esac
if [ "${dumpdir}" != 'NO' ]; then
echo -n 'Checking for core dump: '
/sbin/savecore ${savecore_flags} "${dumpdir}"
fi
fi
if [ -n "${network_pass1_done}" ]; then
network_pass2
fi
# Enable/Check the quotas (must be after ypbind if using NIS)
#
case ${enable_quotas} in
[Yy][Ee][Ss])
case ${check_quotas} in
[Yy][Ee][Ss])
echo -n 'Checking quotas:'
quotacheck -a
echo ' done.'
;;
esac
echo -n 'Enabling quotas:'
quotaon -a
echo ' done.'
;;
esac
if [ -n "${network_pass2_done}" ]; then
network_pass3
fi
# Check the password temp/lock file
#
if [ -e /etc/ptmp ]; then
logger -s -p auth.err \
"password file may be incorrect -- /etc/ptmp exists"
fi
case ${accounting_enable} in
[Yy][Ee][Ss])
if [ -d /var/account ]; then
echo 'Turning on accounting:'
if [ ! -e /var/account/acct ]; then
touch /var/account/acct
fi
accton /var/account/acct
fi
;;
esac
# Make shared lib searching a little faster. Leave /usr/lib first if you
# add your own entries or you may come to grief.
#
ldconfig="/sbin/ldconfig"
case ${ldconfig_insecure} in
[Yy][Ee][Ss])
ldconfig="${ldconfig} -i"
;;
esac
if [ -x /sbin/ldconfig ]; then
case `/usr/bin/objformat` in
elf)
_LDC=/usr/lib
for i in ${ldconfig_paths}; do
if [ -d "${i}" ]; then
_LDC="${_LDC} ${i}"
fi
done
echo 'ELF ldconfig path:' ${_LDC}
${ldconfig} -elf ${_LDC}
;;
esac
# Legacy aout support for i386 only
case `sysctl -n hw.machine_arch` in
i386)
# Default the a.out ldconfig path.
: ${ldconfig_paths_aout=${ldconfig_paths}}
_LDC=/usr/lib/aout
for i in ${ldconfig_paths_aout}; do
if [ -d "${i}" ]; then
_LDC="${_LDC} ${i}"
fi
done
echo 'a.out ldconfig path:' ${_LDC}
${ldconfig} -aout ${_LDC}
;;
esac
fi
# Now start up miscellaneous daemons that don't belong anywhere else
#
echo -n 'Starting standard daemons:'
case ${inetd_enable} in
[Nn][Oo])
;;
*)
echo -n ' inetd'; ${inetd_program:-/usr/sbin/inetd} ${inetd_flags}
;;
esac
case ${cron_enable} in
[Nn][Oo])
;;
*)
echo -n ' cron'; ${cron_program:-/usr/sbin/cron} ${cron_flags}
;;
esac
case ${lpd_enable} in
[Yy][Ee][Ss])
echo -n ' printer'; ${lpd_program:-/usr/sbin/lpd} ${lpd_flags}
;;
esac
case ${sshd_enable} in
[Yy][Ee][Ss])
if [ -x ${sshd_program:-/usr/sbin/sshd} ]; then
echo -n ' sshd';
${sshd_program:-/usr/sbin/sshd} ${sshd_flags}
fi
;;
esac
case ${usbd_enable} in
[Yy][Ee][Ss])
echo -n ' usbd'; /usr/sbin/usbd ${usbd_flags}
;;
esac
case ${mta_start_script} in
/*)
if [ -r ${mta_start_script} ]; then
sh ${mta_start_script}
fi
;;
esac
echo '.'
# Recover vi editor files.
find /var/tmp/vi.recover ! -type f -a ! -type d -delete
vibackup=`echo /var/tmp/vi.recover/vi.*`
if [ "${vibackup}" != '/var/tmp/vi.recover/vi.*' ]; then
echo -n 'Recovering vi editor sessions:'
for i in /var/tmp/vi.recover/vi.*; do
# Only test files that are readable.
if [ ! -r "${i}" ]; then
continue
fi
# Unmodified nvi editor backup files either have the
# execute bit set or are zero length. Delete them.
if [ -x "${i}" -o ! -s "${i}" ]; then
rm -f "${i}"
fi
done
# It is possible to get incomplete recovery files, if the editor
# crashes at the right time.
virecovery=`echo /var/tmp/vi.recover/recover.*`
if [ "${virecovery}" != "/var/tmp/vi.recover/recover.*" ]; then
for i in /var/tmp/vi.recover/recover.*; do
# Only test files that are readable.
if [ ! -r "${i}" ]; then
continue
fi
# Delete any recovery files that are zero length,
# corrupted, or that have no corresponding backup file.
# Else send mail to the user.
recfile=`awk '/^X-vi-recover-path:/{print $2}' < "${i}"`
if [ -n "${recfile}" -a -s "${recfile}" ]; then
sendmail -t < "${i}"
else
rm -f "${i}"
fi
done
fi
echo '.'
fi
# Make a bounds file for msgs(1) if there isn't one already
#
if [ -d /var/msgs -a ! -f /var/msgs/bounds -a ! -L /var/msgs/bounds ]; then
echo 0 > /var/msgs/bounds
fi
case ${update_motd} in
[Nn][Oo] | '')
;;
*)
if T=`mktemp /tmp/_motd.XXXXXX`; then
uname -v | sed -e 's,^\([^#]*\) #\(.*
[1-2][0-9][0-9][0-9]\).*/\([^\]*\) $,\1 (\3) #\2,' > ${T}
awk '{if (NR == 1) {if ($1 == "FreeBSD") {next} else {print
"\n"$0}} else {print}}' < /etc/motd >> ${T}
cmp -s ${T} /etc/motd || {
cp ${T} /etc/motd
chmod 644 /etc/motd
}
rm -f ${T}
fi
;;
esac
# Configure implementation specific stuff
#
arch=`uname -p`
if [ -r /etc/rc.${arch} ]; then
. /etc/rc.${arch}
fi
# Configure the system console
#
if [ -r /etc/rc.syscons ]; then
. /etc/rc.syscons
fi
echo -n 'Additional ABI support:'
# Start the Linux binary compatibility if requested.
#
case ${linux_enable} in
[Yy][Ee][Ss])
echo -n ' linux'
if ! kldstat -v | grep -E 'linux(aout|elf)' > /dev/null; then
kldload linux > /dev/null 2>&1
fi
if [ -x /compat/linux/sbin/ldconfig ]; then
/compat/linux/sbin/ldconfig
fi
;;
esac
# Start the SysVR4 binary emulation if requested.
#
case ${svr4_enable} in
[Yy][Ee][Ss])
echo -n ' svr4';
kldload streams > /dev/null 2>&1
kldload svr4 > /dev/null 2>&1
;;
esac
echo '.'
# Do traditional (but rather obsolete) rc.local file if it exists. If you
# use this file and want to make it programmatic, source /etc/defaults/rc.conf
# in /etc/rc.local and add your custom variables to /etc/rc.conf, as
# shown below. Please do not put local extensions into /etc/rc itself.
# Use /etc/rc.local
#
# ---- rc.local ----
# if [ -r /etc/defaults/rc.conf ]; then
# . /etc/defaults/rc.conf
# source_rc_confs
# elif [ -r /etc/rc.conf ]; then
# . /etc/rc.conf
# fi
#
# ... additional startup conditionals ...
# ---- rc.local ----
#
if [ -r /etc/rc.local ]; then
echo -n 'Starting local daemons:'
sh /etc/rc.local
echo '.'
fi
# For each valid dir in $local_startup, search for init scripts matching *.sh
#
case ${local_startup} in
[Nn][Oo] | '')
;;
*)
echo -n 'Local package initialization:'
slist=""
if [ -z "${script_name_sep}" ]; then
script_name_sep=" "
fi
for dir in ${local_startup}; do
if [ -d "${dir}" ]; then
for script in ${dir}/*.sh; do
slist="${slist}${script_name_sep}${script}"
done
fi
done
script_save_sep="$IFS"
IFS="${script_name_sep}"
for script in ${slist}; do
if [ -x "${script}" ]; then
(set -T
trap 'exit 1' 2
${script} start)
elif [ -f "${script}" -o -L "${script}" ]; then
echo -n " (skipping ${script##*/}, not executable)"
fi
done
IFS="${script_save_sep}"
echo '.'
;;
esac
if [ -n "${network_pass3_done}" ]; then
network_pass4
fi
# Late pass to set variables we missed the first time
#
if [ -r /etc/rc.sysctl ]; then
sh /etc/rc.sysctl last
fi
# Raise kernel security level. This should be done only after `fsck' has
# repaired local file systems if you want the securelevel to be greater than 1.
#
case ${kern_securelevel_enable} in
[Yy][Ee][Ss])
if [ "${kern_securelevel}" -ge 0 ]; then
echo 'Raising kernel security level: '
sysctl kern.securelevel=${kern_securelevel}
fi
;;
esac
echo ''
date
exit 0
#!/bin/sh -
#
# Copyright (c) 1993 The FreeBSD Project
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
# $FreeBSD: src/etc/rc.network,v 1.74.2.46 2004/04/07 09:27:30 krion Exp $
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
#
# Note that almost all of the user-configurable behavior is no longer in
# this file, but rather in /etc/defaults/rc.conf. Please check that file
# first before contemplating any changes here. If you do need to change
# this file for some reason, we would like to know about it.
# First pass startup stuff.
#
network_pass1() {
echo -n 'Doing initial network setup:'
# Set the host name if it is not already set
#
if [ -z "`/bin/hostname -s`" ]; then
/bin/hostname ${hostname}
echo -n ' hostname'
fi
# Establish ipfilter ruleset as early as possible (best in
# addition to IPFILTER_DEFAULT_BLOCK in the kernel config file)
# check whether ipfilter and/or ipnat is enabled
ipfilter_active="NO"
case ${ipfilter_enable} in
[Yy][Ee][Ss])
ipfilter_active="YES"
;;
esac
case ${ipnat_enable} in
[Yy][Ee][Ss])
ipfilter_active="YES"
;;
esac
case ${ipfilter_active} in
[Yy][Ee][Ss])
# load ipfilter kernel module if needed
if ! sysctl net.inet.ipf.fr_pass > /dev/null 2>&1; then
if kldload ipl; then
echo 'IP-filter module loaded.'
else
echo 'Warning: IP-filter module failed to load.'
# avoid further errors
ipfilter_active="NO"
ipmon_enable="NO"
ipfilter_enable="NO"
ipnat_enable="NO"
ipfs_enable="NO"
fi
fi
# start ipmon before loading any rules
case "${ipmon_enable}" in
[Yy][Ee][Ss])
echo -n ' ipmon'
${ipmon_program:-/sbin/ipmon} ${ipmon_flags}
;;
esac
case "${ipfilter_enable}" in
[Yy][Ee][Ss])
if [ -r "${ipfilter_rules}" -o \
-r "${ipv6_ipfilter_rules}" ]; then
echo -n ' ipfilter'
${ipfilter_program:-/sbin/ipf} -Fa
if [ -r "${ipfilter_rules}" ]; then
${ipfilter_program:-/sbin/ipf} \
-f "${ipfilter_rules}" \
${ipfilter_flags}
fi
if [ -r "${ipv6_ipfilter_rules}" ]; then
${ipfilter_program:-/sbin/ipf} -6 \
-f "${ipv6_ipfilter_rules}" \
${ipfilter_flags}
fi
else
ipfilter_enable="NO"
echo -n ' NO IPF RULES'
fi
;;
esac
case "${ipnat_enable}" in
[Yy][Ee][Ss])
if [ -r "${ipnat_rules}" ]; then
echo -n ' ipnat'
eval ${ipnat_program:-/sbin/ipnat} -CF -f \
"${ipnat_rules}" ${ipnat_flags}
else
ipnat_enable="NO"
echo -n ' NO IPNAT RULES'
fi
;;
esac
# restore filter/NAT state tables after loading the rules
case "${ipfs_enable}" in
[Yy][Ee][Ss])
if [ -r "/var/db/ipf/ipstate.ipf" ]; then
echo -n ' ipfs'
${ipfs_program:-/sbin/ipfs} -R ${ipfs_flags}
# remove files to avoid reloading old state
# after an ungraceful shutdown
rm -f /var/db/ipf/ipstate.ipf
rm -f /var/db/ipf/ipnat.ipf
fi
;;
esac
;;
esac
# Set the domainname if we're using NIS
#
case ${nisdomainname} in
[Nn][Oo] | '')
;;
*)
domainname ${nisdomainname}
echo -n ' domain'
;;
esac
echo '.'
# Initial ATM interface configuration
#
case ${atm_enable} in
[Yy][Ee][Ss])
if [ -r /etc/rc.atm ]; then
. /etc/rc.atm
atm_pass1
fi
;;
esac
# Attempt to create cloned interfaces.
for ifn in ${cloned_interfaces}; do
ifconfig ${ifn} create
done
# Special options for sppp(4) interfaces go here. These need
# to go _before_ the general ifconfig section, since in the case
# of hardwired (no link1 flag) but required authentication, you
# cannot pass auth parameters down to the already running interface.
#
for ifn in ${sppp_interfaces}; do
eval spppcontrol_args=\$spppconfig_${ifn}
if [ -n "${spppcontrol_args}" ]; then
# The auth secrets might contain spaces; in order
# to retain the quotation, we need to eval them
# here.
eval spppcontrol ${ifn} ${spppcontrol_args}
fi
done
# gifconfig
network_gif_setup
# Set up all the network interfaces, calling startup scripts if needed
#
case ${network_interfaces} in
[Aa][Uu][Tt][Oo])
network_interfaces="`ifconfig -l`"
;;
*)
network_interfaces="${network_interfaces} ${cloned_interfaces}"
;;
esac
dhcp_interfaces=""
for ifn in ${network_interfaces}; do
if [ -r /etc/start_if.${ifn} ]; then
. /etc/start_if.${ifn}
eval showstat_$ifn=1
fi
# Do the primary ifconfig if specified
#
eval ifconfig_args=\$ifconfig_${ifn}
case ${ifconfig_args} in
'')
;;
[Dd][Hh][Cc][Pp])
# DHCP inits are done all in one go below
dhcp_interfaces="$dhcp_interfaces $ifn"
eval showstat_$ifn=1
;;
*)
ifconfig ${ifn} ${ifconfig_args}
eval showstat_$ifn=1
;;
esac
done
if [ ! -z "${dhcp_interfaces}" ]; then
${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${dhcp_interfaces}
fi
for ifn in ${network_interfaces}; do
# Check to see if aliases need to be added
#
alias=0
while : ; do
eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args} alias
eval showstat_$ifn=1
alias=$((${alias} + 1))
else
break;
fi
done
# Do ipx address if specified
#
eval ifconfig_args=\$ifconfig_${ifn}_ipx
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args}
eval showstat_$ifn=1
fi
done
for ifn in ${network_interfaces}; do
eval showstat=\$showstat_${ifn}
if [ ! -z ${showstat} ]; then
ifconfig ${ifn}
fi
done
# ISDN subsystem startup
#
case ${isdn_enable} in
[Yy][Ee][Ss])
if [ -r /etc/rc.isdn ]; then
. /etc/rc.isdn
fi
;;
esac
# Start user ppp if required. This must happen before natd.
#
case ${ppp_enable} in
[Yy][Ee][Ss])
# Establish ppp mode.
#
if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
-a "${ppp_mode}" != "dedicated" \
-a "${ppp_mode}" != "background" ]; then
ppp_mode="auto"
fi
ppp_command="/usr/sbin/ppp -quiet -${ppp_mode}"
# Switch on NAT mode?
#
case ${ppp_nat} in
[Yy][Ee][Ss])
ppp_command="${ppp_command} -nat"
;;
esac
ppp_command="${ppp_command} ${ppp_profile}"
echo "Starting ppp as \"${ppp_user}\""
su -m ${ppp_user} -c "exec ${ppp_command}"
;;
esac
# Re-Sync ipfilter so it picks up any new network interfaces
#
case ${ipfilter_active} in
[Yy][Ee][Ss])
${ipfilter_program:-/sbin/ipf} -y ${ipfilter_flags} >/dev/null
;;
esac
unset ipfilter_active
# Initialize IP filtering using ipfw
#
if /sbin/ipfw -q flush > /dev/null 2>&1; then
firewall_in_kernel=1
else
firewall_in_kernel=0
fi
case ${firewall_enable} in
[Yy][Ee][Ss])
if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then
firewall_in_kernel=1
echo 'Kernel firewall module loaded'
elif [ "${firewall_in_kernel}" -eq 0 ]; then
echo 'Warning: firewall kernel module failed to load'
fi
;;
esac
# Load the filters if required
#
case ${firewall_in_kernel} in
1)
if [ -z "${firewall_script}" ]; then
firewall_script=/etc/rc.firewall
fi
case ${firewall_enable} in
[Yy][Ee][Ss])
if [ -r "${firewall_script}" ]; then
. "${firewall_script}"
echo -n 'Firewall rules loaded, starting divert
daemons:'
# Network Address Translation daemon
#
case ${natd_enable} in
[Yy][Ee][Ss])
if [ -n "${natd_interface}" ]; then
if echo ${natd_interface} | \
grep -q -E
'^[0-9]+(\.[0-9]+){0,3}$'; then
natd_flags="$natd_flags
-a ${natd_interface}"
else
natd_flags="$natd_flags
-n ${natd_interface}"
fi
fi
echo -n ' natd';
${natd_program:-/sbin/natd} ${natd_flags}
;;
esac
echo '.'
elif [ "`ipfw l 65535`" = "65535 deny ip from any to
any" ]; then
echo 'Warning: kernel has firewall
functionality,' \
'but firewall rules are not enabled.'
echo ' All ip services are disabled.'
fi
case ${firewall_logging} in
[Yy][Ee][Ss] | '')
echo 'Firewall logging=YES'
sysctl net.inet.ip.fw.verbose=1 >/dev/null
;;
*)
;;
esac
;;
esac
;;
esac
# Additional ATM interface configuration
#
if [ -n "${atm_pass1_done}" ]; then
atm_pass2
fi
# Configure routing
#
case ${defaultrouter} in
[Nn][Oo] | '')
;;
*)
static_routes="default ${static_routes}"
route_default="default ${defaultrouter}"
;;
esac
# Set up any static routes. This should be done before router
discovery.
#
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
eval route_args=\$route_${i}
route add ${route_args}
done
fi
echo -n 'Additional routing options:'
case ${tcp_extensions} in
[Yy][Ee][Ss] | '')
;;
*)
echo -n ' tcp extensions=NO'
sysctl net.inet.tcp.rfc1323=0 >/dev/null
;;
esac
case ${icmp_bmcastecho} in
[Yy][Ee][Ss])
echo -n ' broadcast ping responses=YES'
sysctl net.inet.icmp.bmcastecho=1 >/dev/null
;;
esac
case ${icmp_drop_redirect} in
[Yy][Ee][Ss])
echo -n ' ignore ICMP redirect=YES'
sysctl net.inet.icmp.drop_redirect=1 >/dev/null
;;
esac
case ${icmp_log_redirect} in
[Yy][Ee][Ss])
echo -n ' log ICMP redirect=YES'
sysctl net.inet.icmp.log_redirect=1 >/dev/null
;;
esac
case ${gateway_enable} in
[Yy][Ee][Ss])
echo -n ' IP gateway=YES'
sysctl net.inet.ip.forwarding=1 >/dev/null
;;
esac
case ${forward_sourceroute} in
[Yy][Ee][Ss])
echo -n ' do source routing=YES'
sysctl net.inet.ip.sourceroute=1 >/dev/null
;;
esac
case ${accept_sourceroute} in
[Yy][Ee][Ss])
echo -n ' accept source routing=YES'
sysctl net.inet.ip.accept_sourceroute=1 >/dev/null
;;
esac
case ${tcp_keepalive} in
[Yy][Ee][Ss])
echo -n ' TCP keepalive=YES'
sysctl net.inet.tcp.always_keepalive=1 >/dev/null
;;
esac
case ${tcp_drop_synfin} in
[Yy][Ee][Ss])
echo -n ' drop SYN+FIN packets=YES'
sysctl net.inet.tcp.drop_synfin=1 >/dev/null
;;
esac
case ${ipxgateway_enable} in
[Yy][Ee][Ss])
echo -n ' IPX gateway=YES'
sysctl net.ipx.ipx.ipxforwarding=1 >/dev/null
;;
esac
case ${arpproxy_all} in
[Yy][Ee][Ss])
echo -n ' ARP proxyall=YES'
sysctl net.link.ether.inet.proxyall=1 >/dev/null
;;
esac
case ${ip_portrange_first} in
[Nn][Oo] | '')
;;
*)
echo -n " ip_portrange_first=$ip_portrange_first"
sysctl net.inet.ip.portrange.first=$ip_portrange_first
>/dev/null
;;
esac
case ${ip_portrange_last} in
[Nn][Oo] | '')
;;
*)
echo -n " ip_portrange_last=$ip_portrange_last"
sysctl net.inet.ip.portrange.last=$ip_portrange_last >/dev/null
;;
esac
echo '.'
case ${ipsec_enable} in
[Yy][Ee][Ss])
if [ -f ${ipsec_file} ]; then
echo ' ipsec: enabled'
setkey -f ${ipsec_file}
else
echo ' ipsec: file not found'
fi
;;
esac
case ${ike_enable} in
[Yy][Ee][Ss])
if [ -x ${ike_program} ]; then
echo ' ike daemon: ' ${ike_program} ${ike_flags}
${ike_program} ${ike_flags}
fi
;;
esac
echo -n 'Routing daemons:'
case ${router_enable} in
[Yy][Ee][Ss])
echo -n " ${router}"; ${router} ${router_flags}
;;
esac
case ${ipxrouted_enable} in
[Yy][Ee][Ss])
echo -n ' IPXrouted'
IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
;;
esac
case ${mrouted_enable} in
[Yy][Ee][Ss])
echo -n ' mrouted'; mrouted ${mrouted_flags}
;;
esac
case ${rarpd_enable} in
[Yy][Ee][Ss])
echo -n ' rarpd'; rarpd ${rarpd_flags}
;;
esac
echo '.'
# Let future generations know we made it.
#
network_pass1_done=YES
}
network_pass2() {
echo -n 'Doing additional network setup:'
case ${named_enable} in
[Yy][Ee][Ss])
echo -n ' named'; ${named_program:-named} ${named_flags}
;;
esac
case ${ntpdate_enable} in
[Yy][Ee][Ss])
echo -n ' ntpdate'
${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1
;;
esac
case ${xntpd_enable} in
[Yy][Ee][Ss])
echo -n ' ntpd'; ${xntpd_program:-ntpd} ${xntpd_flags}
;;
esac
case ${timed_enable} in
[Yy][Ee][Ss])
echo -n ' timed'; timed ${timed_flags}
;;
esac
case ${portmap_enable} in
[Yy][Ee][Ss])
echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap}
${portmap_flags}
;;
esac
# Start ypserv if we're an NIS server.
# Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
#
case ${nis_server_enable} in
[Yy][Ee][Ss])
echo -n ' ypserv'; ypserv ${nis_server_flags}
case ${nis_ypxfrd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.ypxfrd'
rpc.ypxfrd ${nis_ypxfrd_flags}
;;
esac
case ${nis_yppasswdd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.yppasswdd'
rpc.yppasswdd ${nis_yppasswdd_flags}
;;
esac
;;
esac
# Start ypbind if we're an NIS client
#
case ${nis_client_enable} in
[Yy][Ee][Ss])
echo -n ' ypbind'; ypbind ${nis_client_flags}
case ${nis_ypset_enable} in
[Yy][Ee][Ss])
echo -n ' ypset'; ypset ${nis_ypset_flags}
;;
esac
;;
esac
# Start keyserv if we are running Secure RPC
#
case ${keyserv_enable} in
[Yy][Ee][Ss])
echo -n ' keyserv'; keyserv ${keyserv_flags}
;;
esac
# Start ypupdated if we are running Secure RPC and we are NIS master
#
case ${rpc_ypupdated_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.ypupdated'; rpc.ypupdated
;;
esac
# Start ATM daemons
if [ -n "${atm_pass2_done}" ]; then
atm_pass3
fi
echo '.'
network_pass2_done=YES
}
network_pass3() {
echo -n 'Starting final network daemons:'
case ${nfs_server_enable} in
[Yy][Ee][Ss])
if [ -r /etc/exports ]; then
echo -n ' mountd'
case ${weak_mountd_authentication} in
[Yy][Ee][Ss])
mountd_flags="${mountd_flags} -n"
;;
esac
mountd ${mountd_flags}
case ${nfs_reserved_port_only} in
[Yy][Ee][Ss])
echo -n ' NFS on reserved port only=YES'
sysctl vfs.nfs.nfs_privport=1 >/dev/null
;;
esac
echo -n ' nfsd'; nfsd ${nfs_server_flags}
case ${rpc_lockd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.lockd'; rpc.lockd
;;
esac
case ${rpc_statd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.statd'; rpc.statd
;;
esac
fi
;;
*)
case ${single_mountd_enable} in
[Yy][Ee][Ss])
if [ -r /etc/exports ]; then
echo -n ' mountd'
case ${weak_mountd_authentication} in
[Yy][Ee][Ss])
mountd_flags="-n"
;;
esac
mountd ${mountd_flags}
fi
;;
esac
;;
esac
case ${nfs_client_enable} in
[Yy][Ee][Ss])
nfs_in_kernel=0
# Handle absent nfs client support
if sysctl vfs.nfs >/dev/null 2>&1; then
nfs_in_kernel=1
else
kldload nfs && nfs_in_kernel=1
fi
if [ ${nfs_in_kernel} -eq 1 ]
then
echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
if [ -n "${nfs_access_cache}" ]; then
echo -n " NFS access cache
time=${nfs_access_cache}"
sysctl
vfs.nfs.access_cache_timeout=${nfs_access_cache} >/dev/null
fi
if [ -n "${nfs_bufpackets}" ]; then
sysctl vfs.nfs.bufpackets=${nfs_bufpackets} \
> /dev/null
fi
case ${amd_enable} in
[Yy][Ee][Ss])
echo -n ' amd'
case ${amd_map_program} in
[Nn][Oo] | '')
;;
*)
amd_flags="${amd_flags} `eval \
${amd_map_program}`"
;;
esac
case "${amd_flags}" in
'')
if [ -r /etc/amd.conf ]; then
amd &
else
echo ''
echo 'Warning: amd will not load without arguments'
fi
;;
*)
amd -p ${amd_flags} >/var/run/amd.pid \
2>/dev/null &
;;
esac
;;
esac
fi
;;
esac
# If /var/db/mounttab exists, some nfs-server has not been
# sucessfully notified about a previous client shutdown.
# If there is no /var/db/mounttab, we do nothing.
#if [ -f /var/db/mounttab ]; then
# rpc.umntall -k
#fi
case ${rwhod_enable} in
[Yy][Ee][Ss])
echo -n ' rwhod'; rwhod ${rwhod_flags}
;;
esac
# Kerberos servers run ONLY on the Kerberos server machine
case ${kerberos_server_enable} in
[Yy][Ee][Ss])
case ${kerberos_stash} in
[Yy][Ee][Ss])
stash_flag=-n
;;
*)
stash_flag=
;;
esac
echo -n ' kerberosIV'
kerberos ${stash_flag} >> /var/log/kerberos.log &
case ${kadmind_server_enable} in
[Yy][Ee][Ss])
echo -n ' kadmindIV'
(
sleep 20;
kadmind ${stash_flag} >/dev/null 2>&1 &
) &
;;
esac
unset stash_flag
;;
esac
case ${kerberos5_server_enable} in
[Yy][Ee][Ss])
echo -n ' kerberos5'
${kerberos5_server} &
case ${kadmind5_server_enable} in
[Yy][Ee][Ss])
echo -n ' kadmind5'
${kadmind5_server} &
;;
esac
case ${kpasswdd5_server_enable} in
[Yy][Ee][Ss])
echo -n ' kpasswdd5'
${kpasswdd5_server} &
;;
esac
;;
esac
case ${pppoed_enable} in
[Yy][Ee][Ss])
if [ -n "${pppoed_provider}" ]; then
pppoed_flags="${pppoed_flags} -p ${pppoed_provider}"
fi
echo -n ' pppoed';
_opts=$-; set -f
/usr/libexec/pppoed ${pppoed_flags} ${pppoed_interface}
set +f; set -${_opts}
;;
esac
case ${sshd_enable} in
[Yy][Ee][Ss])
if [ -x /usr/bin/ssh-keygen ]; then
if [ ! -f /etc/ssh/ssh_host_key ]; then
echo ' creating ssh1 RSA host key';
/usr/bin/ssh-keygen -t rsa1 -N "" \
-f /etc/ssh/ssh_host_key
fi
if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
echo ' creating ssh2 RSA host key';
/usr/bin/ssh-keygen -t rsa -N "" \
-f /etc/ssh/ssh_host_rsa_key
fi
if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
echo ' creating ssh2 DSA host key';
/usr/bin/ssh-keygen -t dsa -N "" \
-f /etc/ssh/ssh_host_dsa_key
fi
fi
;;
esac
echo '.'
network_pass3_done=YES
}
network_pass4() {
echo -n 'Additional TCP options:'
case ${log_in_vain} in
[Nn][Oo] | '')
log_in_vain=0
;;
[Yy][Ee][Ss])
log_in_vain=1
;;
[0-9]*)
;;
*)
echo " invalid log_in_vain setting: ${log_in_vain}"
log_in_vain=0
;;
esac
if [ "${log_in_vain}" -ne 0 ]; then
echo -n " log_in_vain=${log_in_vain}"
sysctl net.inet.tcp.log_in_vain="${log_in_vain}" >/dev/null
sysctl net.inet.udp.log_in_vain="${log_in_vain}" >/dev/null
fi
echo '.'
network_pass4_done=YES
}
network_gif_setup() {
case ${gif_interfaces} in
[Nn][Oo] | '')
;;
*)
for i in ${gif_interfaces}; do
eval peers=\$gifconfig_$i
case ${peers} in
'')
continue
;;
*)
ifconfig $i create >/dev/null 2>&1
ifconfig $i tunnel ${peers}
ifconfig $i up
;;
esac
done
;;
esac
}
#!/bin/sh
ipfw -f flush
ipfw -f pipe flush
sysctl net.inet.ip.fw.one_pass=0
ipfw pipe 1000 config bw 10Mbit/s
ipfw add 100 allow ip from any to any via lo0
ipfw add 200 deny ip from any to 127.0.0.0/8
ipfw add 300 deny ip from 127.0.0.0/8 to any
ipfw add 1000 allow ip from 192.168.17.70 to 192.168.17.217
ipfw add 1010 allow ip from 192.168.17.217 to 192.168.17.70
ipfw add 2000 pipe 1000 ip from 192.168.17.217 to any
ipfw add 2010 pipe 1000 ip from any to 192.168.17.217
hostname="satsmb.local"
ifconfig_vr0="dhcp"
kern_securelevel_enable="NO"
nfs_reserved_port_only="YES"
nfs_client_enable="NO"
sendmail_enable="NONE"
sshd_enable="YES"
usbd_enable="NO"
inetd_enable="NO"
samba_enable="YES"
ppp_enable="YES"
ppp_mode="ddial"
ppp_nat="NO"
ppp_profile="default"
ntpd_enable="YES"
#SATSMB
machine i386
cpu I686_CPU
ident SMBK
maxusers 64
options INET #InterNETworking
options FFS #Berkeley Fast Filesystem
options FFS_ROOT #FFS usable as root device [keep this!]
options SOFTUPDATES #Enable FFS soft updates support
options UFS_DIRHASH #Improve performance on big directories
options MFS #Memory Filesystem
options NFS #Network Filesystem
options PROCFS #Process filesystem
options COMPAT_43 #Compatible with BSD 4.3 [KEEP THIS!]
options SCSI_DELAY=15000 #Delay (in ms) before probing SCSI
options UCONSOLE #Allow users to grab the console
options USERCONFIG #boot -c editor
options VISUAL_USERCONFIG #visual boot -c editor
options KTRACE #ktrace(1) support
options SYSVSHM #SYSV-style shared memory
options SYSVMSG #SYSV-style message queues
options SYSVSEM #SYSV-style semaphores
options P1003_1B #Posix P1003_1B real-time extensions
options _KPOSIX_PRIORITY_SCHEDULING
options ICMP_BANDLIM #Rate limit bad replies
options KBD_INSTALL_CDEV # install a CDEV entry in /dev
device isa
device pci
# ATA and ATAPI devices
device ata
device atadisk # ATA disk drives
device atapicd # ATAPI CDROM drives
options ATA_STATIC_ID #Static device numbering
# atkbdc0 controls both the keyboard and the PS/2 mouse
device atkbdc0 at isa? port IO_KBD
device atkbd0 at atkbdc? irq 1 flags 0x1
device vga0 at isa?
# syscons is the default console driver, resembling an SCO console
device sc0 at isa? flags 0x100
# Floating point support - do not disable.
device npx0 at nexus? port IO_NPX irq 13
# PCI Ethernet NICs that use the common MII bus controller code.
# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
device miibus # MII bus support
device rl # RealTek 8129/8139
device vr # VIA Rhine, Rhine II
# Pseudo devices - the number indicates how many units to allocate.
pseudo-device loop # Network loopback
pseudo-device ether # Ethernet support
pseudo-device tun 4 # Packet tunnel.
pseudo-device pty # Pseudo-ttys (telnet etc)
pseudo-device md # Memory "disks"
pseudo-device bpf
# Networking options
options IPFIREWALL
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=100
options IPDIVERT
options DUMMYNET
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
