aboutsummaryrefslogtreecommitdiff
path: root/tools/tools
diff options
context:
space:
mode:
Diffstat (limited to 'tools/tools')
-rw-r--r--tools/tools/crypto/cryptocheck.c71
-rw-r--r--tools/tools/nanobsd/rescue/Files/etc/ssh/ssh_config2
-rw-r--r--tools/tools/nanobsd/rescue/Files/etc/ssh/sshd_config2
-rwxr-xr-xtools/tools/portconflicts/port_conflicts_check.lua184
-rw-r--r--tools/tools/tinybsd/CHANGES43
-rw-r--r--tools/tools/tinybsd/README259
-rw-r--r--tools/tools/tinybsd/conf/bridge/TINYBSD155
-rw-r--r--tools/tools/tinybsd/conf/bridge/etc/fstab2
-rw-r--r--tools/tools/tinybsd/conf/bridge/etc/rc.conf17
-rw-r--r--tools/tools/tinybsd/conf/bridge/etc/sysctl.conf5
-rw-r--r--tools/tools/tinybsd/conf/bridge/tinybsd.basefiles236
-rw-r--r--tools/tools/tinybsd/conf/bridge/tinybsd.ports9
-rw-r--r--tools/tools/tinybsd/conf/default/TINYBSD170
-rw-r--r--tools/tools/tinybsd/conf/default/etc/fstab2
-rw-r--r--tools/tools/tinybsd/conf/default/etc/rc.conf12
-rw-r--r--tools/tools/tinybsd/conf/default/tinybsd.basefiles247
-rw-r--r--tools/tools/tinybsd/conf/default/tinybsd.ports9
-rw-r--r--tools/tools/tinybsd/conf/firewall/TINYBSD168
-rw-r--r--tools/tools/tinybsd/conf/firewall/etc/authpf/authpf.rules1
-rw-r--r--tools/tools/tinybsd/conf/firewall/etc/fstab2
-rw-r--r--tools/tools/tinybsd/conf/firewall/etc/natd.conf1
-rw-r--r--tools/tools/tinybsd/conf/firewall/etc/pf.conf78
-rw-r--r--tools/tools/tinybsd/conf/firewall/etc/pf.os549
-rw-r--r--tools/tools/tinybsd/conf/firewall/etc/rc.conf41
-rw-r--r--tools/tools/tinybsd/conf/firewall/etc/rc.firewall302
-rw-r--r--tools/tools/tinybsd/conf/firewall/etc/sysctl.conf5
-rw-r--r--tools/tools/tinybsd/conf/firewall/tinybsd.basefiles240
-rw-r--r--tools/tools/tinybsd/conf/firewall/tinybsd.ports9
-rw-r--r--tools/tools/tinybsd/conf/minimal/TINYBSD77
-rw-r--r--tools/tools/tinybsd/conf/minimal/etc/fstab2
-rw-r--r--tools/tools/tinybsd/conf/minimal/etc/rc.conf12
-rw-r--r--tools/tools/tinybsd/conf/minimal/tinybsd.basefiles167
-rw-r--r--tools/tools/tinybsd/conf/minimal/tinybsd.ports9
-rw-r--r--tools/tools/tinybsd/conf/vpn/TINYBSD153
-rw-r--r--tools/tools/tinybsd/conf/vpn/etc/fstab2
-rw-r--r--tools/tools/tinybsd/conf/vpn/etc/rc.conf22
-rw-r--r--tools/tools/tinybsd/conf/vpn/etc/setkey.conf1
-rw-r--r--tools/tools/tinybsd/conf/vpn/tinybsd.basefiles222
-rw-r--r--tools/tools/tinybsd/conf/vpn/tinybsd.ports9
-rw-r--r--tools/tools/tinybsd/conf/wireless/TINYBSD167
-rw-r--r--tools/tools/tinybsd/conf/wireless/etc/authpf/authpf.rules1
-rw-r--r--tools/tools/tinybsd/conf/wireless/etc/fstab2
-rw-r--r--tools/tools/tinybsd/conf/wireless/etc/natd.conf1
-rw-r--r--tools/tools/tinybsd/conf/wireless/etc/pf.conf78
-rw-r--r--tools/tools/tinybsd/conf/wireless/etc/pf.os549
-rw-r--r--tools/tools/tinybsd/conf/wireless/etc/rc.conf32
-rw-r--r--tools/tools/tinybsd/conf/wireless/etc/rc.firewall302
-rw-r--r--tools/tools/tinybsd/conf/wireless/tinybsd.basefiles232
-rw-r--r--tools/tools/tinybsd/conf/wireless/tinybsd.ports9
-rw-r--r--tools/tools/tinybsd/conf/wrap/TINYBSD138
-rw-r--r--tools/tools/tinybsd/conf/wrap/etc/fstab2
-rw-r--r--tools/tools/tinybsd/conf/wrap/etc/rc.conf12
-rw-r--r--tools/tools/tinybsd/conf/wrap/etc/ttys308
-rw-r--r--tools/tools/tinybsd/conf/wrap/tinybsd.basefiles232
-rw-r--r--tools/tools/tinybsd/conf/wrap/tinybsd.ports9
-rwxr-xr-xtools/tools/tinybsd/tinybsd526
56 files changed, 243 insertions, 5854 deletions
diff --git a/tools/tools/crypto/cryptocheck.c b/tools/tools/crypto/cryptocheck.c
index 05b761a0c87a..bf2bf9e41340 100644
--- a/tools/tools/crypto/cryptocheck.c
+++ b/tools/tools/crypto/cryptocheck.c
@@ -86,6 +86,7 @@
* tests
*
* Hashes:
+ * ripemd160 160-bit RIPEMD
* sha1 SHA-1
* sha224 224-bit SHA-2
* sha256 256-bit SHA-2
@@ -95,35 +96,46 @@
* blake2s Blake2-S
*
* MACs:
+ * ripemd160hmac 160-bit RIPEMD HMAC
* sha1hmac SHA-1 HMAC
* sha224hmac 224-bit SHA-2 HMAC
* sha256hmac 256-bit SHA-2 HMAC
* sha384hmac 384-bit SHA-2 HMAC
* sha512hmac 512-bit SHA-2 HMAC
- * gmac 128-bit GMAC
+ * gmac 128/192/256-bit GMAC
+ * gmac128 128-bit GMAC
* gmac192 192-bit GMAC
* gmac256 256-bit GMAC
* poly1305
*
* Ciphers:
- * aes-cbc 128-bit AES-CBC
+ * aes-cbc 128/192/256-bit AES-CBC
+ * aes-cbc128 128-bit AES-CBC
* aes-cbc192 192-bit AES-CBC
* aes-cbc256 256-bit AES-CBC
- * aes-ctr 128-bit AES-CTR
+ * aes-ctr 128/192/256-bit AES-CTR
+ * aes-ctr128 128-bit AES-CTR
* aes-ctr192 192-bit AES-CTR
* aes-ctr256 256-bit AES-CTR
- * aes-xts 128-bit AES-XTS
+ * aes-xts 128/256-bit AES-XTS
+ * aes-xts128 128-bit AES-XTS
* aes-xts256 256-bit AES-XTS
+ * camellia-cbc 128/192/256-bit Camellia-CBC
+ * camellia-cbc128 128-bit Camellia-CBC
+ * camellia-cbc192 192-bit Camellia-CBC
+ * camellia-cbc256 256-bit Camellia-CBC
* chacha20
*
* Encrypt then Authenticate:
* <cipher>+<mac>
*
* Authenticated Encryption with Associated Data:
- * aes-gcm 128-bit AES-GCM
+ * aes-gcm 128/192/256-bit AES-GCM
+ * aes-gcm128 128-bit AES-GCM
* aes-gcm192 192-bit AES-GCM
* aes-gcm256 256-bit AES-GCM
- * aes-ccm 128-bit AES-CCM
+ * aes-ccm 128/192/256-bit AES-CCM
+ * aes-ccm128 128-bit AES-CCM
* aes-ccm192 192-bit AES-CCM
* aes-ccm256 256-bit AES-CCM
* chacha20-poly1305 Chacha20 with Poly1305 per RFC 8439
@@ -163,6 +175,8 @@ static const struct alg {
const EVP_MD *(*evp_md)(void);
int pkey;
} algs[] = {
+ { .name = "ripemd160", .mac = CRYPTO_RIPEMD160, .type = T_HASH,
+ .evp_md = EVP_ripemd160 },
{ .name = "sha1", .mac = CRYPTO_SHA1, .type = T_HASH,
.evp_md = EVP_sha1 },
{ .name = "sha224", .mac = CRYPTO_SHA2_224, .type = T_HASH,
@@ -173,6 +187,8 @@ static const struct alg {
.evp_md = EVP_sha384 },
{ .name = "sha512", .mac = CRYPTO_SHA2_512, .type = T_HASH,
.evp_md = EVP_sha512 },
+ { .name = "ripemd160hmac", .mac = CRYPTO_RIPEMD160_HMAC, .type = T_HMAC,
+ .evp_md = EVP_ripemd160 },
{ .name = "sha1hmac", .mac = CRYPTO_SHA1_HMAC, .type = T_HMAC,
.evp_md = EVP_sha1 },
{ .name = "sha224hmac", .mac = CRYPTO_SHA2_224_HMAC, .type = T_HMAC,
@@ -187,7 +203,7 @@ static const struct alg {
.evp_md = EVP_blake2b512 },
{ .name = "blake2s", .mac = CRYPTO_BLAKE2S, .type = T_HASH,
.evp_md = EVP_blake2s256 },
- { .name = "gmac", .mac = CRYPTO_AES_NIST_GMAC, .type = T_GMAC,
+ { .name = "gmac128", .mac = CRYPTO_AES_NIST_GMAC, .type = T_GMAC,
.tag_len = AES_GMAC_HASH_LEN, .evp_cipher = EVP_aes_128_gcm },
{ .name = "gmac192", .mac = CRYPTO_AES_NIST_GMAC, .type = T_GMAC,
.tag_len = AES_GMAC_HASH_LEN, .evp_cipher = EVP_aes_192_gcm },
@@ -195,34 +211,40 @@ static const struct alg {
.tag_len = AES_GMAC_HASH_LEN, .evp_cipher = EVP_aes_256_gcm },
{ .name = "poly1305", .mac = CRYPTO_POLY1305, .type = T_DIGEST,
.key_len = POLY1305_KEY_LEN, .pkey = EVP_PKEY_POLY1305 },
- { .name = "aes-cbc", .cipher = CRYPTO_AES_CBC, .type = T_CIPHER,
+ { .name = "aes-cbc128", .cipher = CRYPTO_AES_CBC, .type = T_CIPHER,
.evp_cipher = EVP_aes_128_cbc },
{ .name = "aes-cbc192", .cipher = CRYPTO_AES_CBC, .type = T_CIPHER,
.evp_cipher = EVP_aes_192_cbc },
{ .name = "aes-cbc256", .cipher = CRYPTO_AES_CBC, .type = T_CIPHER,
.evp_cipher = EVP_aes_256_cbc },
- { .name = "aes-ctr", .cipher = CRYPTO_AES_ICM, .type = T_CIPHER,
+ { .name = "aes-ctr128", .cipher = CRYPTO_AES_ICM, .type = T_CIPHER,
.evp_cipher = EVP_aes_128_ctr },
{ .name = "aes-ctr192", .cipher = CRYPTO_AES_ICM, .type = T_CIPHER,
.evp_cipher = EVP_aes_192_ctr },
{ .name = "aes-ctr256", .cipher = CRYPTO_AES_ICM, .type = T_CIPHER,
.evp_cipher = EVP_aes_256_ctr },
- { .name = "aes-xts", .cipher = CRYPTO_AES_XTS, .type = T_CIPHER,
+ { .name = "aes-xts128", .cipher = CRYPTO_AES_XTS, .type = T_CIPHER,
.evp_cipher = EVP_aes_128_xts },
{ .name = "aes-xts256", .cipher = CRYPTO_AES_XTS, .type = T_CIPHER,
.evp_cipher = EVP_aes_256_xts },
+ { .name = "camellia-cbc128", .cipher = CRYPTO_CAMELLIA_CBC,
+ .type = T_CIPHER, .evp_cipher = EVP_camellia_128_cbc },
+ { .name = "camellia-cbc192", .cipher = CRYPTO_CAMELLIA_CBC,
+ .type = T_CIPHER, .evp_cipher = EVP_camellia_192_cbc },
+ { .name = "camellia-cbc256", .cipher = CRYPTO_CAMELLIA_CBC,
+ .type = T_CIPHER, .evp_cipher = EVP_camellia_256_cbc },
{ .name = "chacha20", .cipher = CRYPTO_CHACHA20, .type = T_CIPHER,
.evp_cipher = EVP_chacha20 },
- { .name = "aes-gcm", .cipher = CRYPTO_AES_NIST_GCM_16, .type = T_AEAD,
- .tag_len = AES_GMAC_HASH_LEN, .iv_sizes = { AES_GCM_IV_LEN },
- .evp_cipher = EVP_aes_128_gcm },
+ { .name = "aes-gcm128", .cipher = CRYPTO_AES_NIST_GCM_16,
+ .type = T_AEAD, .tag_len = AES_GMAC_HASH_LEN,
+ .iv_sizes = { AES_GCM_IV_LEN }, .evp_cipher = EVP_aes_128_gcm },
{ .name = "aes-gcm192", .cipher = CRYPTO_AES_NIST_GCM_16,
.type = T_AEAD, .tag_len = AES_GMAC_HASH_LEN,
.iv_sizes = { AES_GCM_IV_LEN }, .evp_cipher = EVP_aes_192_gcm },
{ .name = "aes-gcm256", .cipher = CRYPTO_AES_NIST_GCM_16,
.type = T_AEAD, .tag_len = AES_GMAC_HASH_LEN,
.iv_sizes = { AES_GCM_IV_LEN }, .evp_cipher = EVP_aes_256_gcm },
- { .name = "aes-ccm", .cipher = CRYPTO_AES_CCM_16, .type = T_AEAD,
+ { .name = "aes-ccm128", .cipher = CRYPTO_AES_CCM_16, .type = T_AEAD,
.tag_len = AES_CBC_MAC_HASH_LEN, .iv_sizes = { 12, 7, 8, 9, 10, 11, 13 },
.evp_cipher = EVP_aes_128_ccm },
{ .name = "aes-ccm192", .cipher = CRYPTO_AES_CCM_16, .type = T_AEAD,
@@ -1716,6 +1738,19 @@ run_aead_tests(void)
run_test_sizes(&algs[i]);
}
+static void
+run_prefix_tests(const char *prefix)
+{
+ size_t prefix_len;
+ u_int i;
+
+ prefix_len = strlen(prefix);
+ for (i = 0; i < nitems(algs); i++)
+ if (strlen(algs[i].name) >= prefix_len &&
+ memcmp(algs[i].name, prefix, prefix_len) == 0)
+ run_test_sizes(&algs[i]);
+}
+
int
main(int ac, char **av)
{
@@ -1845,6 +1880,14 @@ main(int ac, char **av)
run_eta_tests();
else if (strcasecmp(algname, "aead") == 0)
run_aead_tests();
+ else if (strcasecmp(algname, "gmac") == 0 ||
+ strcasecmp(algname, "aes-cbc") == 0 ||
+ strcasecmp(algname, "aes-ctr") == 0 ||
+ strcasecmp(algname, "aes-xts") == 0 ||
+ strcasecmp(algname, "camellia-cbc") == 0 ||
+ strcasecmp(algname, "aes-gcm") == 0 ||
+ strcasecmp(algname, "aes-ccm") == 0)
+ run_prefix_tests(algname);
else if (strcasecmp(algname, "all") == 0) {
run_hash_tests();
run_mac_tests();
diff --git a/tools/tools/nanobsd/rescue/Files/etc/ssh/ssh_config b/tools/tools/nanobsd/rescue/Files/etc/ssh/ssh_config
index d2a1db35d42e..3b2ca9aa6d8d 100644
--- a/tools/tools/nanobsd/rescue/Files/etc/ssh/ssh_config
+++ b/tools/tools/nanobsd/rescue/Files/etc/ssh/ssh_config
@@ -46,4 +46,4 @@
# RekeyLimit 1G 1h
# UserKnownHostsFile ~/.ssh/known_hosts.d/%k
# VerifyHostKeyDNS yes
-# VersionAddendum FreeBSD-20210907
+# VersionAddendum FreeBSD-20211221
diff --git a/tools/tools/nanobsd/rescue/Files/etc/ssh/sshd_config b/tools/tools/nanobsd/rescue/Files/etc/ssh/sshd_config
index e3020bbfcacf..81ff5a66d22c 100644
--- a/tools/tools/nanobsd/rescue/Files/etc/ssh/sshd_config
+++ b/tools/tools/nanobsd/rescue/Files/etc/ssh/sshd_config
@@ -105,7 +105,7 @@ AuthorizedKeysFile .ssh/authorized_keys
#PermitTunnel no
#ChrootDirectory none
#UseBlacklist no
-#VersionAddendum FreeBSD-20210907
+#VersionAddendum FreeBSD-20211221
# no default banner path
#Banner none
diff --git a/tools/tools/portconflicts/port_conflicts_check.lua b/tools/tools/portconflicts/port_conflicts_check.lua
new file mode 100755
index 000000000000..ced7cc619f4d
--- /dev/null
+++ b/tools/tools/portconflicts/port_conflicts_check.lua
@@ -0,0 +1,184 @@
+#!/usr/libexec/flua
+
+--[[
+SPDX-License-Identifier: BSD-2-Clause-FreeBSD
+
+Copyright (c) 2022 Stefan Esser <se@FreeBSD.org>
+
+Generate a list of existing and required CONFLICTS_INSTALL lines
+for all ports (limited to ports for which official packages are
+provided).
+
+This script depends on the ports-mgmt/pkg-provides port for the list
+of files installed by all pre-built packages for the architecture
+the script is run on.
+
+The script generates a list of ports by running "pkg provides ." and
+a mapping from package base name to origin via "pkg rquery '%n %o'".
+
+The existing CONFLICTS and CONFLICTS_INSTALL definitions are fetched
+by "make -C $origin -V CONFLICTS -V CONFLICTS_INSTALL". This list is
+only representative for the options configured for each port (i.e.
+if non-default options have been selected and registered, these may
+lead to a non-default list of conflicts).
+
+The script detects files used by more than one port, than lists by
+origin the existing definition and the list of package base names
+that have been detected to cause install conflicts followed by the
+list of duplicate files separated by a hash character "#".
+
+This script uses the "hidden" LUA interpreter in the FreeBSD base
+systems and does not need any port except "pkg-provides" to be run.
+
+The run-time on my system checking the ~32000 packages available
+for -CURRENT on amd64 is 150 seconds.
+--]]
+
+require "lfs"
+
+local index_file = "/usr/ports/INDEX-14"
+
+local function read_index ()
+ local ORIGIN = {}
+
+ local pipe = io.popen("pkg rquery '%n %o'")
+ for line in pipe:lines() do
+ local pkgbase, origin = string.match(line, "(%S+) (%S+)")
+ ORIGIN[pkgbase] = origin
+ end
+ pipe:close()
+ return ORIGIN
+end
+
+local function read_files()
+ local FILES_TABLE = {}
+
+ local pkgbase, version
+ local pipe = io.popen("pkg provides .")
+ for line in pipe:lines() do
+ local label = string.sub(line, 1, 10)
+ if label == "Name : " then
+ name = string.sub(line, 11)
+ pkgbase, version = string.match(name, "(.*)-([^-]*)")
+ elseif label == " " or label == "Filename: " then
+ local file = string.sub(line, 11)
+ if file:sub(1, 10) == "usr/local/" then
+ file = file:sub(11)
+ else
+ file = "/" .. file
+ end
+ local t = FILES_TABLE[file] or {}
+ t[#t + 1] = pkgbase
+ FILES_TABLE[file] = t
+ end
+ end
+ pipe:close()
+ return FILES_TABLE
+end
+
+local PKG_PAIRS = {}
+
+for file, pkgbases in pairs(read_files()) do
+ if #pkgbases > 1 then
+ for i = 1, #pkgbases -1 do
+ local pkg_i = pkgbases[i]
+ for j = i + 1, #pkgbases do
+ local pkg_j = pkgbases[j]
+ if pkg_i ~= pkg_j then
+ p1 = PKG_PAIRS[pkg_i] or {}
+ p2 = p1[pkg_j] or {}
+ p2[#p2 + 1] = file
+ p1[pkg_j] = p2
+ PKG_PAIRS[pkg_i] = p1
+ end
+ end
+ end
+ end
+end
+
+local CONFLICT_PKGS = {}
+local CONFLICT_FILES = {}
+
+for pkg_i, p1 in pairs(PKG_PAIRS) do
+ for pkg_j, p2 in pairs(p1) do
+ CONFLICT_PKGS[pkg_i] = CONFLICT_PKGS[pkg_i] or {}
+ CONFLICT_PKGS[pkg_j] = CONFLICT_PKGS[pkg_j] or {}
+ CONFLICT_FILES[pkg_i] = CONFLICT_FILES[pkg_i] or {}
+ CONFLICT_FILES[pkg_j] = CONFLICT_FILES[pkg_j] or {}
+ table.insert(CONFLICT_PKGS[pkg_i], pkg_j)
+ table.insert(CONFLICT_PKGS[pkg_j], pkg_i)
+ for _, file in ipairs(p2) do
+ table.insert(CONFLICT_FILES[pkg_i], file)
+ table.insert(CONFLICT_FILES[pkg_j], file)
+ end
+ end
+end
+
+local function table_sorted_keys(t)
+ result = {}
+ for k, _ in pairs(t) do
+ result[#result + 1] = k
+ end
+ table.sort(result)
+ return result
+end
+
+local function table_sort_uniq(t)
+ local result = {}
+ local last
+
+ table.sort(t)
+ for _, entry in ipairs(t) do
+ if entry ~= last then
+ last = entry
+ result[#result + 1] = entry
+ end
+ end
+ return result
+end
+
+local ORIGIN = read_index()
+
+local RESULT_PATTERN = {}
+
+for pkg, pkgs in pairs(CONFLICT_PKGS) do
+ local origin = ORIGIN[pkg]
+
+ if origin then
+ table.sort(pkgs)
+ RESULT_PATTERN[origin] = table.concat(pkgs, " ")
+ end
+end
+
+local FILE_LIST = {}
+
+for pkg, files in pairs(CONFLICT_FILES) do
+ local origin = ORIGIN[pkg]
+
+ if origin then
+ FILE_LIST[origin] = table.concat(table_sort_uniq(files), " ")
+ end
+end
+
+for _, origin in ipairs(table_sorted_keys(RESULT_PATTERN)) do
+ local pipe = io.popen("make -C /usr/ports/" .. origin .. " -V CONFLICTS -V CONFLICTS_INSTALL 2>/dev/null")
+ local conflicts_table = {}
+ local seen = {}
+ for line in pipe:lines() do
+ for word in line:gmatch("(%S*)%s?") do
+ if word ~= "" and not seen[word] then
+ table.insert(conflicts_table, word)
+ seen[word] = true
+ end
+ end
+ end
+ pipe:close()
+ table.sort(conflicts_table)
+ conflicts_string = table.concat(conflicts_table, " ")
+ local conflicts_new = RESULT_PATTERN[origin]
+ if conflicts_string ~= conflicts_new then
+ print("< " .. origin, conflicts_string)
+ print("> " .. origin, conflicts_new .. " # " .. FILE_LIST[origin])
+ print()
+ end
+end
diff --git a/tools/tools/tinybsd/CHANGES b/tools/tools/tinybsd/CHANGES
deleted file mode 100644
index b409fd67fbd2..000000000000
--- a/tools/tools/tinybsd/CHANGES
+++ /dev/null
@@ -1,43 +0,0 @@
-# $FreeBSD$
-
-0.9:
-- Added function personal_directories, you can create on conf dir your custom
-personal directories with your custom files inside of them and it will be copied
-to your image.
-Thanks to Marcus Grando <mnag@FreeBSD.org> for the patch.
-
-0.8:
-- Now FreeBSD 6.X is the default configuration on TinyBSD files.
-- TinyBSD no longer use bootmanager, so fstab device was changed to ad0a.
-- Added an example configuration to WRAP motherboards. Just use 'wrap' as argument on build to use it.
-
-0.7:
-- Revision on Makefile to respect non-standard LOCALBASE/X11BASE on FreeBSD.
-Thanks to Florent Thoumie <flz@FreeBSD.org>.
-
-0.6:
-- fix script problem on symlinks creation.
-- added debug information on tinybsd build process with "====>".
-
-0.5:
-- fix script problem when the kernel is not build, it's not should process
-an image without kernel :) Thanks to Marten <info@martenvijn.nl> for the patch.
-
-0.4:
-- added pre configured images to build tinybsd: default, bridge, minimal, vpn,
-firewall and wireless.
-- added etc/ on each image directory to the user copy your custom etc
-configuration.
-
-0.3:
-- fix named directory missing on etc build.
-
-0.2:
-- added "device ath_rate_onoe" on kernel config file to be compiled on
-FreeBSD 6.
-- added on tinybsd script a line to clean up kernel build directory
-- added on tinybsd script a for function to copy correct pam depends.
-
-0.1:
-- TinyBSD released
-
diff --git a/tools/tools/tinybsd/README b/tools/tools/tinybsd/README
deleted file mode 100644
index ff1bf28b3afa..000000000000
--- a/tools/tools/tinybsd/README
+++ /dev/null
@@ -1,259 +0,0 @@
-# $FreeBSD$
-
-- TinyBSD
-
-You must read this to know how to build embedded systems with TinyBSD.
-
-- TinyBSD files
-
-TinyBSD's creation conf files are available under /usr/src/tools/tools/tinybsd/conf
-and the script are available under /usr/src/tools/tools/tinybsd/tinybsd.
-
-The system has been entirely based on the ease of image customization from
-PicoBSD, and the compilation script based on NanoBSD's.
-
-# ls /usr/src/tools/tools/tinybsd/conf
-bridge/ default/ firewall/ minimal/ vpn/ wireless/ wrap/
-
-We have these six pre configured images to build. On each directory we have 3
-main files in there. Let's see what each of them are:
-
-# ls /usr/src/tools/tools/tinybsd/conf/default
-TINYBSD etc/ tinybsd.basefiles
-
-TINYBSD: Just like PicoBSD had its kernel previously compiled, we call ours
-TINYBSD.
-
-# more TINYBSD
-
-machine i386
-cpu I486_CPU
-cpu I586_CPU
-cpu I686_CPU
-ident TINYBSD
-
-#To statically compile in device wiring instead of /boot/device.hints
-#hints "GENERIC.hints" #Default places to look for devices.
-...
-
-As you can see, it's a kernel file identical to your system's, leaving only
-the task of enabling or disabling options, according to your needs.
-
-tinybsd.basefiles: Just like PicoBSD had its crunch.conf file to define which
-files we'd want the new system to have, in this one we'll have all files to be
-put into our embedded system, already having all available files for running
-the system well. Put in or take out the files you need according to your
-needs. Let's see it:
-
-# more tinybsd.basefiles
-# contents of ${WORKDIR}/boot
-boot/boot0
-boot/boot1
-boot/boot2
-boot/defaults/loader.conf
-boot/device.hints
-...
-# contents of ${WORKDIR}/bin
-bin/[:bin/test
-bin/cat
-bin/chflags
-bin/chio
-bin/chmod
-...
-
-And so on. In case you'd want to add the binary "setkey", sitting on
-/usr/sbin, you'd only need to add the following line inside the /usr/sbin part
-of the file, like this:
-
-usr/sbin/pw
-usr/sbin/pwd_mkdb
-usr/sbin/setkey
-
-tinybsd.ports: Here you can add the applications from the FreeBSD Ports Collection
-which you want TinyBSD ports system to install in your embedded system. You whould
-list one application per line, mentioning its category and name, like the examples:
-www/mini_httpd
-net-mgmt/rate
-
-etc/: This is the directory where you can put your custom /etc configuration.
-
-# ls /usr/src/tools/tools/tinybsd/tinybsd
-tinybsd
-
-tinybsd: This is the script that builds the entire system. You'll hardly
-need to modify it at all. The idea is for it to create a temporary work
-directory for it to create the entire system tree. Once done, it'll copy all
-files listed in tinybsd.basefiles to this tree, then it'll compile a new
-kernel using the definitions in the TINYBSD file, and finally copy the library
-dependencies the binaries will have. We'll then populate /etc on that
-temporary tree and put in a few important default configurations inside on
-/usr/src/tools/tools/tinybsd/conf/YOURCHOICE/etc/ like rc.conf, fstab and others.
-
-Finally, we create an empty image, according to your media's specifications,
-passed on to the script on the command line, and copy the entire temporary
-work tree into the image mounted on /mnt.
-
-- Running TinyBSD
-
-Now that we know how it works, it's time for us to build our own image. Let's
-do that step-by-step.
-
-1) Choose what pre-configured image you want.
-
-2) Edit the TINYBSD kernel file and add/remove all options you'll need.
-
-3) Edit the tinybsd.basefiles file and add/remove all binaries you'll need on
-your system.
-
-4) Copy all your /etc configuration which you want to conf/YOURIMAGE/etc/.
-
-5) Gather the right information on your destination media. To do that, plug in
-the device on the system and fetch the information using diskinfo(8):
-
-# diskinfo -v /dev/ad2
-ad2
- 512 # sectorsize
- 20060135424 # mediasize in bytes (19G)
- 39179952 # mediasize in sectors
- 38869 # Cylinders according to firmware.
- 16 # Heads according to firmware.
- 63 # Sectors according to firmware.
-
-To create my image, I'll need to know the media size in sectors, Heads
-according to firmware and Sectors according to firmware. Optionally, you may
-define the name of the generated image's file, but if you don't, it'll be
-named tinybsd.bin. Now that we have gathered these informations through
-diskinfo, all we need to do is run tinybsd. Remember that it has 3
-parameters plus 1 optional, and if you don't pass on the required ones, the
-script will warn you about it:
-
-# /usr/src/tools/tools/tinybsd/tinybsd
-Woops!
- Usage: tinybsd <mediasize in sectors> <heads according to firmware>
- <sectors according to firmware> <conf> [<tinybsd image name>]
-
- Example: tinybsd 62592 4 32
-
- or
-
- /usr/src/tools/tools/tinybsd/tinybsd 62592 4 32 wireless
-
- Run diskinfo(8) -v against your CF device to get correct information
- about your disk.
-
-Passing on the parameters correctly:
-
-# /usr/src/tools/tools/tinybsd/tinybsd 39179952 16 63 wireless
-Creating directory hierarchy...
-./bin missing (created)
-./boot missing (created)
-./boot/defaults missing (created)
-./boot/kernel missing (created)
-./boot/modules missing (created)
-./dev missing (created)
-./etc missing (created)
-...
-
-In the end, we have the generated tinybsd.bin image. Now we have to copy it to
-its final destination:
-
-# dd if=/usr/src/tools/tools/tinybsd/tinybsd.bin of=/dev/ad2
-
-Boot up your new embedded system and log on it. If you're ever going to modify
-it, you must first remount the root slice as read-write, as it operates by
-default on read-only mode, saving disk writes and preventing data-loss in case
-of power failures. To mount it for read-write, use mount:
-
-# mount -u -o rw /
-
-Once you're done, return it to read-only mode:
-
-# mount -u -o ro /
-
-The first thing you need to do after logging for the first time, is to set a
-root password. By default, it's created with no root password.
-
-If you run df(1), you'll see the following partitions:
-
-# df
-Filesystem 1K-blocks Used Avail Capacity Mounted on
-/dev/ad0a 29359 19446 7565 72% /
-devfs 1 1 0 100% /dev
-procfs 4 4 0 100% /proc
-/dev/md0 3694 114 3286 3% /var
-/dev/md1 19566 6 17996 0% /tmp
-
-As you can see, /var and /tmp are mounted on /dev/md0 and /dev/md1
-respectively, using memory disk devices. That's because both /var and /tmp are
-write-intensive, and as our system works mostly on read-only mode, we'd suffer
-with writing problems there, so the memory disk approach works fine. On the
-other hand, whenever you reboot the system, those directories' contents
-(including logs on /var/log) will be lost. If you need to keep the contents of
-those directories, I suggest you to always upload them to another box.
-
-The configuration line that fires up the system script to create /var as a
-memory disk partition is "varmfs="YES"", inside
-/etc/rc.conf. Besides mounting /var as a memory disk device, it also populates
-its tree with the necessary subdirectories. Initially, /var is created on
-memory using only 32MB of space, and that's usually enough. Although, if you
-find it necessary to tweak that configuration, you may edit this line of
-/etc/rc.conf:
-
-varsize="32m"
-
-Change 32m to whatever value you see fit (in MBytes). Take care of not using
-your entire memory for /var.
-
-- Ports and TinyBSD
-
-You can also install ports on the new system via ports. For that, you'll need
-to set the PREFIX environment variable to the image's destination path. Let's
-assume you want to install apache on the newly-created image. For that, I'd do
-this:
-
-# mdconfig -a -t vnode -f /usr/src/tools/tools/tinybsd/tinybsd.bin -u 0
-
-That uses mdconfig to enable the memory disk 0.
-
-# mount /dev/md0a /mnt
-
-Now we've mounted the image on the temporary directory /mnt. Let's then
-install apache via ports:
-
-# cd /usr/ports/www/apache13
-# make install PREFIX=/mnt/usr/local
-===> Vulnerability check disabled
->> apache_1.3.31.tar.gz doesn't seem to exist in /usr/ports/distfiles/.
->> Attempting to fetch from http://www.apache.org/dist/httpd/.
-...
- This port has installed the following startup scripts which may cause
- these network services to be started at boot time.
-/mnt/usr/local/etc/rc.d/apache.sh
-....
-
-Once the install is finished, let's verify that apache has indeed been
-properly installed under our /mnt directory:
-
-# cd /mnt/usr/local/sbin
-# ls -lga httpd
--rwxr-xr-x 1 root wheel 252439 Jul 14 15:31 httpd
-
-Our software has been successfully installed. You must notice that at the end
-of the install, it shows the full path for the PREFIX variable we passed it.
-The problem with that is that at boot-time, your system is going to look for
-it under /mnt instead of /usr. So we need to edit apache's initialization
-script under /usr/local/etc/rc.d (apache.sh) and remove all instances of
-"/mnt" in it.
-
-WARNING: A very important thing to care about are dependencies. Before
-installing anything, check to see if it has any dependencies, and that you'll
-have enough disk space on the destination system for both the application
-you're installing and its dependencies.
-
-- Script download
-
-TinyBSD is still a project under heavy development, both the script itself and
-its documentation.
-
-In case you'd like to try or use the BETA version of the script, feel free to
-download it from the project's official site at http://code.google.com/p/tinybsd/.
diff --git a/tools/tools/tinybsd/conf/bridge/TINYBSD b/tools/tools/tinybsd/conf/bridge/TINYBSD
deleted file mode 100644
index fe6bed93ba6f..000000000000
--- a/tools/tools/tinybsd/conf/bridge/TINYBSD
+++ /dev/null
@@ -1,155 +0,0 @@
-# $FreeBSD$
-
-machine i386
-cpu I486_CPU
-cpu I586_CPU
-cpu I686_CPU
-ident TINYBSD
-
-# To statically compile in device wiring instead of /boot/device.hints
-#hints "GENERIC.hints" # Default places to look for devices.
-
-options SCHED_4BSD # 4BSD scheduler
-options INET # InterNETworking
-options FFS # Berkeley Fast Filesystem
-options SOFTUPDATES # Enable FFS soft updates support
-options UFS_DIRHASH # Improve performance on big directories
-options MD_ROOT # MD is a potential root device
-options PROCFS # Process filesystem (requires PSEUDOFS)
-options PSEUDOFS # Pseudo-filesystem framework
-options GEOM_PART_GPT # GUID Partition Tables.
-options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!]
-options COMPAT_FREEBSD4 # Compatible with FreeBSD4
-options SYSVSHM # SYSV-style shared memory
-options SYSVMSG # SYSV-style message queues
-options SYSVSEM # SYSV-style semaphores
-options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
-options KBD_INSTALL_CDEV # install a CDEV entry in /dev
-options AHC_REG_PRETTY_PRINT # Print register bitfields in debug
- # output. Adds ~128k to driver.
-options AHD_REG_PRETTY_PRINT # Print register bitfields in debug
- # output. Adds ~215k to driver.
-options ADAPTIVE_GIANT # Giant mutex is adaptive.
-
-device apic # I/O APIC
-
-device eisa
-device pci
-
-# Floppy drives
-#device fdc
-
-# ATA and ATAPI devices
-device ata
-device atadisk # ATA disk drives
-options ATA_STATIC_ID # Static device numbering
-
-# atkbdc0 controls both the keyboard and the PS/2 mouse
-device atkbdc # AT keyboard controller
-device atkbd # AT keyboard
-device psm # PS/2 mouse
-
-device vga # VGA video card driver
-
-#device splash # Splash screen and screen saver support
-
-# syscons is the default console driver, resembling an SCO console
-device sc
-
-# Enable this for the pcvt (VT220 compatible) console driver
-#device vt
-#options XSERVER # support for X server on a vt console
-#options FAT_CURSOR # start with block cursor
-
-device agp # support several AGP chipsets
-
-# PCCARD (PCMCIA) support
-# PCMCIA and cardbus bridge support
-device cbb # cardbus (yenta) bridge
-device pccard # PC Card (16-bit) bus
-device cardbus # CardBus (32-bit) bus
-
-# Serial (COM) ports
-device sio # 8250, 16[45]50 based serial ports
-
-# PCI Ethernet NICs.
-device de # DEC/Intel DC21x4x (``Tulip'')
-device em # Intel PRO/1000 adapter Gigabit Ethernet Card
-device txp # 3Com 3cR990 (``Typhoon'')
-device vx # 3Com 3c590, 3c595 (``Vortex'')
-
-# PCI Ethernet NICs that use the common MII bus controller code.
-# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
-device miibus # MII bus support
-device bfe # Broadcom BCM440x 10/100 Ethernet
-device bge # Broadcom BCM570xx Gigabit Ethernet
-device dc # DEC/Intel 21143 and various workalikes
-device fxp # Intel EtherExpress PRO/100B (82557, 82558)
-device lge # Level 1 LXT1001 gigabit ethernet
-device nge # NatSemi DP83820 gigabit ethernet
-device pcn # AMD Am79C97x PCI 10/100 (precedence over 'lnc')
-device re # RealTek 8139C+/8169/8169S/8110S
-device rl # RealTek 8129/8139
-device sf # Adaptec AIC-6915 (``Starfire'')
-device sis # Silicon Integrated Systems SiS 900/SiS 7016
-device sk # SysKonnect SK-984x & SK-982x gigabit Ethernet
-device ste # Sundance ST201 (D-Link DFE-550TX)
-device ti # Alteon Networks Tigon I/II gigabit Ethernet
-device tl # Texas Instruments ThunderLAN
-device tx # SMC EtherPower II (83c170 ``EPIC'')
-device vge # VIA VT612x gigabit ethernet
-device vr # VIA Rhine, Rhine II
-device wb # Winbond W89C840F
-device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'')
-
-# ISA Ethernet NICs. pccard NICs included.
-device cs # Crystal Semiconductor CS89x0 NIC
-# 'device ed' requires 'device miibus'
-device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards
-device ex # Intel EtherExpress Pro/10 and Pro/10+
-device ep # Etherlink III based cards
-device fe # Fujitsu MB8696x based cards
-device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc.
-device sn # SMC's 9000 series of Ethernet chips
-device xe # Xircom pccard Ethernet
-
-# ISA devices that use the old ISA shims
-#device le
-
-# Wireless NIC cards
-device wlan # 802.11 support
-device an # Aironet 4500/4800 802.11 wireless NICs.
-device awi # BayStack 660 and others
-device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs.
-#device wl # Older non 802.11 Wavelan wireless NIC.
-
-# Pseudo devices.
-device loop # Network loopback
-device ether # Ethernet support
-device pty # Pseudo-ttys (telnet etc)
-device md # Memory "disks"
-
-# The `bpf' device enables the Berkeley Packet Filter.
-# Be aware of the administrative consequences of enabling this!
-# Note that 'bpf' is required for DHCP.
-device bpf # Berkeley packet filter
-
-options IPFIREWALL
-options IPFIREWALL_DEFAULT_TO_ACCEPT
-
-device ath
-device ath_hal
-device ath_rate_sample
-
-device if_bridge #Bridge interface
-
-# CLK_USE_I8254_CALIBRATION causes the calibrated frequency of the i8254
-# clock to actually be used.
-options CLK_USE_I8254_CALIBRATION
-
-# CPU_ELAN enables support for AMDs ElanSC520 CPU.
-options CPU_ELAN
-options CPU_SOEKRIS
-options CPU_ELAN_XTAL=32768000
-options CPU_ELAN_PPS
-
diff --git a/tools/tools/tinybsd/conf/bridge/etc/fstab b/tools/tools/tinybsd/conf/bridge/etc/fstab
deleted file mode 100644
index 16ada11d7790..000000000000
--- a/tools/tools/tinybsd/conf/bridge/etc/fstab
+++ /dev/null
@@ -1,2 +0,0 @@
-# $FreeBSD$
-/dev/ad0a / ufs ro 1 1
diff --git a/tools/tools/tinybsd/conf/bridge/etc/rc.conf b/tools/tools/tinybsd/conf/bridge/etc/rc.conf
deleted file mode 100644
index a3e638e5efd5..000000000000
--- a/tools/tools/tinybsd/conf/bridge/etc/rc.conf
+++ /dev/null
@@ -1,17 +0,0 @@
-# $FreeBSD$
-hostname="tinybsd.freebsd.org"
-sendmail_enable="NONE"
-sshd_enable="YES"
-usbd_enable="NO"
-inetd_enable="NO"
-portmap_enable="NO"
-update_motd="NO"
-varmfs="YES"
-populate_var="YES"
-varsize="8192"
-tmpmfs="YES"
-
-# Bridge configuration
-# Replace both ath0 and xl1 by your bridge interfaces
-cloned_interfaces="bridge0"
-ifconfig_bridge0="addm ath0 addm xl1 up"
diff --git a/tools/tools/tinybsd/conf/bridge/etc/sysctl.conf b/tools/tools/tinybsd/conf/bridge/etc/sysctl.conf
deleted file mode 100644
index cb7084679fae..000000000000
--- a/tools/tools/tinybsd/conf/bridge/etc/sysctl.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# $FreeBSD$
-
-# BRIDGE Options
-net.link.bridge.ipfw=1
-net.link.bridge.pfil_onlyip=1
diff --git a/tools/tools/tinybsd/conf/bridge/tinybsd.basefiles b/tools/tools/tinybsd/conf/bridge/tinybsd.basefiles
deleted file mode 100644
index 63a860e5b8f7..000000000000
--- a/tools/tools/tinybsd/conf/bridge/tinybsd.basefiles
+++ /dev/null
@@ -1,236 +0,0 @@
-# $FreeBSD$
-# contents of ${WORKDIR}/boot
-boot/boot0
-boot/boot1
-boot/boot2
-boot/defaults/loader.conf
-boot/device.hints
-boot/loader
-boot/loader.4th
-boot/loader.help
-boot/loader.rc
-boot/mbr
-boot/support.4th
-
-# contents of ${WORKDIR}/libexec
-libexec/ld-elf.so.1:usr/libexec/ld-elf.so.1
-
-# contents of ${WORKDIR}/bin
-bin/[:bin/test
-bin/cat
-bin/chflags
-bin/chio
-bin/chmod
-bin/cp
-bin/csh:bin/tcsh
-bin/date
-bin/dd
-bin/df
-bin/domainname
-bin/echo
-bin/ed:bin/red
-bin/expr
-bin/hostname
-bin/kenv
-bin/kill
-bin/ln:bin/link
-bin/ls
-bin/mkdir
-bin/mv
-bin/pax
-bin/ps
-bin/pwd
-bin/realpath
-bin/rm:bin/unlink
-bin/rmdir
-bin/sh
-bin/sleep
-bin/stty
-bin/sync
-
-# contents of ${WORKDIR}/sbin
-sbin/adjkerntz
-sbin/comcontrol
-sbin/disklabel
-sbin/dmesg
-sbin/fastboot:sbin/reboot
-sbin/fasthalt:sbin/halt
-sbin/fsck
-sbin/fsck_ufs:sbin/fsck_ffs
-sbin/fsck_ufs:sbin/fsck_4.2bsd
-sbin/ifconfig
-sbin/init
-sbin/ipfw
-sbin/kldconfig
-sbin/kldload
-sbin/kldstat
-sbin/kldunload
-sbin/ldconfig
-sbin/md5
-sbin/mdconfig
-sbin/mknod
-sbin/mdmfs
-sbin/mount
-sbin/mount_nfs
-sbin/mount_nullfs
-sbin/mount_unionfs
-sbin/newfs
-sbin/nextboot
-sbin/nologin
-sbin/nos-tun
-sbin/ping
-sbin/rcorder
-sbin/route
-sbin/shutdown
-sbin/slattach
-sbin/swapon
-sbin/sysctl
-sbin/umount
-
-# contents of ${WORKDIR}/usr/sbin
-usr/bin/at:usr/bin/atq
-usr/bin/at:usr/bin/atrm
-usr/bin/at:usr/bin/batch
-usr/bin/awk
-usr/bin/basename
-usr/bin/bunzip2:usr/bin/bzcat
-usr/bin/bunzip2:usr/bin/bzip2
-usr/bin/chat
-usr/bin/chfn:usr/bin/chpass
-usr/bin/chfn:usr/bin/chsh
-usr/bin/chgrp
-usr/bin/cksum
-usr/bin/clear
-usr/bin/cmp
-usr/bin/compress:usr/bin/uncompress
-usr/bin/cpio
-usr/bin/crontab
-usr/bin/cu
-usr/bin/dig
-usr/bin/dirname
-usr/bin/du
-usr/bin/ee
-usr/bin/egrep:usr/bin/fgrep
-usr/bin/egrep:usr/bin/grep
-usr/bin/env
-usr/bin/false
-usr/bin/fetch
-usr/bin/find
-usr/bin/finger
-usr/bin/fstat
-usr/bin/fsync
-usr/bin/ftp
-usr/bin/gunzip:usr/bin/gzcat
-usr/bin/gunzip:usr/bin/gzip
-usr/bin/gzexe
-usr/bin/head
-usr/bin/hexdump
-usr/bin/id:usr/bin/whoami
-usr/bin/ident
-usr/bin/killall
-usr/bin/last
-usr/bin/less:usr/bin/more
-usr/bin/limits
-usr/bin/lock
-usr/bin/lockf
-usr/bin/logger
-usr/bin/login
-usr/bin/logname
-usr/bin/mesg
-usr/bin/minigzip
-usr/bin/mkfifo
-usr/bin/mktemp
-usr/bin/msgs
-usr/bin/netstat
-usr/bin/nfsstat
-usr/bin/nice
-usr/bin/nslookup
-usr/bin/nsupdate
-usr/bin/nohup
-usr/bin/objformat
-usr/bin/openssl
-usr/bin/passwd
-usr/bin/printf
-usr/bin/renice
-usr/bin/reset:usr/sbin/tset
-usr/bin/scp
-usr/bin/script
-usr/bin/sed
-usr/bin/sftp
-usr/bin/shar
-usr/bin/slogin:usr/bin/ssh
-usr/bin/sort
-usr/bin/split
-usr/bin/ssh-keygen
-usr/bin/su
-usr/bin/tail
-usr/bin/tar
-usr/bin/tee
-usr/bin/telnet
-usr/bin/tftp
-usr/bin/time
-usr/bin/top
-usr/bin/touch
-usr/bin/tput
-usr/bin/tr
-usr/bin/true
-usr/bin/tty
-usr/bin/uname
-usr/bin/uptime:usr/bin/w
-usr/bin/users
-usr/bin/uudecode
-usr/bin/uuencode
-usr/bin/vi
-usr/bin/vmstat
-usr/bin/wall
-usr/bin/who
-usr/bin/whois
-usr/bin/write
-usr/bin/yes
-
-# contents of ${WORKDIR}/usr/sbin
-usr/sbin/arp
-usr/sbin/boot0cfg
-usr/sbin/chown
-usr/sbin/chroot
-usr/sbin/cron
-usr/sbin/idprio:usr/sbin/rtprio
-usr/sbin/inetd
-usr/sbin/iostat
-usr/sbin/kbdcontrol
-usr/sbin/lastlogin
-usr/sbin/memcontrol
-usr/sbin/mountd
-usr/sbin/mtree
-usr/sbin/newsyslog
-usr/sbin/ngctl
-usr/sbin/nghook
-usr/sbin/ntpdate
-usr/sbin/pciconf
-usr/sbin/pw
-usr/sbin/pwd_mkdb
-usr/sbin/slstat
-usr/sbin/sshd
-usr/sbin/syslogd
-usr/sbin/tcpdchk
-usr/sbin/tcpdmatch
-usr/sbin/tcpdump
-usr/sbin/traceroute
-usr/sbin/vidcontrol
-usr/sbin/vipw
-usr/sbin/vnconfig
-usr/sbin/watch
-usr/sbin/pccardc
-usr/sbin/pccardd
-
-# contents of ${WORKDIR}/usr/libexec
-usr/libexec/atrun
-usr/libexec/ftpd
-usr/libexec/getty
-usr/libexec/sftp-server
-usr/libexec/telnetd
-usr/libexec/tftpd
-
-# contents of ${WORKDIR}/usr/share
-usr/share/misc/termcap
-
diff --git a/tools/tools/tinybsd/conf/bridge/tinybsd.ports b/tools/tools/tinybsd/conf/bridge/tinybsd.ports
deleted file mode 100644
index 49bb52175241..000000000000
--- a/tools/tools/tinybsd/conf/bridge/tinybsd.ports
+++ /dev/null
@@ -1,9 +0,0 @@
-# $FreeBSD$
-# Here you can add the applications from the FreeBSD Ports Collection which you
-# want TinyBSD ports system to install in your embedded system. You whould list
-# one application per line, mentioning its category and name, like the examples:
-#
-# www/mini_httpd
-# net-mgmt/rate
-#
-# Make sure you have enough space to add it.
diff --git a/tools/tools/tinybsd/conf/default/TINYBSD b/tools/tools/tinybsd/conf/default/TINYBSD
deleted file mode 100644
index 64b8f13a3629..000000000000
--- a/tools/tools/tinybsd/conf/default/TINYBSD
+++ /dev/null
@@ -1,170 +0,0 @@
-# $FreeBSD$
-
-machine i386
-cpu I486_CPU
-cpu I586_CPU
-cpu I686_CPU
-ident TINYBSD
-
-# To statically compile in device wiring instead of /boot/device.hints
-#hints "GENERIC.hints" # Default places to look for devices.
-
-options SCHED_4BSD # 4BSD scheduler
-options INET # InterNETworking
-options FFS # Berkeley Fast Filesystem
-options SOFTUPDATES # Enable FFS soft updates support
-options UFS_ACL # Support for access control lists
-options UFS_DIRHASH # Improve performance on big directories
-options MD_ROOT # MD is a potential root device
-options NFSCLIENT # Network Filesystem Client
-options NFSSERVER # Network Filesystem Server
-options NFS_ROOT # NFS usable as /, requires NFSCLIENT
-options MSDOSFS # MSDOS Filesystem
-options CD9660 # ISO 9660 Filesystem
-options PROCFS # Process filesystem (requires PSEUDOFS)
-options PSEUDOFS # Pseudo-filesystem framework
-options GEOM_PART_GPT # GUID Partition Tables.
-options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!]
-options COMPAT_FREEBSD4 # Compatible with FreeBSD4
-options SYSVSHM # SYSV-style shared memory
-options SYSVMSG # SYSV-style message queues
-options SYSVSEM # SYSV-style semaphores
-options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
-options KBD_INSTALL_CDEV # install a CDEV entry in /dev
-options AHC_REG_PRETTY_PRINT # Print register bitfields in debug
- # output. Adds ~128k to driver.
-options AHD_REG_PRETTY_PRINT # Print register bitfields in debug
- # output. Adds ~215k to driver.
-options ADAPTIVE_GIANT # Giant mutex is adaptive.
-
-device apic # I/O APIC
-
-device eisa
-device pci
-
-# Floppy drives
-#device fdc
-
-# ATA and ATAPI devices
-device ata
-device atadisk # ATA disk drives
-#device ataraid # ATA RAID drives
-#device atapicd # ATAPI CDROM drives
-#device atapifd # ATAPI floppy drives
-device atapist # ATAPI tape drives
-options ATA_STATIC_ID # Static device numbering
-
-# atkbdc0 controls both the keyboard and the PS/2 mouse
-device atkbdc # AT keyboard controller
-device atkbd # AT keyboard
-device psm # PS/2 mouse
-
-device vga # VGA video card driver
-
-#device splash # Splash screen and screen saver support
-
-# syscons is the default console driver, resembling an SCO console
-device sc
-
-# Enable this for the pcvt (VT220 compatible) console driver
-#device vt
-#options XSERVER # support for X server on a vt console
-#options FAT_CURSOR # start with block cursor
-
-device agp # support several AGP chipsets
-
-# PCCARD (PCMCIA) support
-# PCMCIA and cardbus bridge support
-device cbb # cardbus (yenta) bridge
-device pccard # PC Card (16-bit) bus
-device cardbus # CardBus (32-bit) bus
-
-# Serial (COM) ports
-device sio # 8250, 16[45]50 based serial ports
-
-# PCI Ethernet NICs.
-device de # DEC/Intel DC21x4x (``Tulip'')
-device em # Intel PRO/1000 adapter Gigabit Ethernet Card
-device txp # 3Com 3cR990 (``Typhoon'')
-device vx # 3Com 3c590, 3c595 (``Vortex'')
-
-# PCI Ethernet NICs that use the common MII bus controller code.
-# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
-device miibus # MII bus support
-device bfe # Broadcom BCM440x 10/100 Ethernet
-device bge # Broadcom BCM570xx Gigabit Ethernet
-device dc # DEC/Intel 21143 and various workalikes
-device fxp # Intel EtherExpress PRO/100B (82557, 82558)
-device lge # Level 1 LXT1001 gigabit ethernet
-device nge # NatSemi DP83820 gigabit ethernet
-device pcn # AMD Am79C97x PCI 10/100 (precedence over 'lnc')
-device re # RealTek 8139C+/8169/8169S/8110S
-device rl # RealTek 8129/8139
-device sf # Adaptec AIC-6915 (``Starfire'')
-device sis # Silicon Integrated Systems SiS 900/SiS 7016
-device sk # SysKonnect SK-984x & SK-982x gigabit Ethernet
-device ste # Sundance ST201 (D-Link DFE-550TX)
-device ti # Alteon Networks Tigon I/II gigabit Ethernet
-device tl # Texas Instruments ThunderLAN
-device tx # SMC EtherPower II (83c170 ``EPIC'')
-device vge # VIA VT612x gigabit ethernet
-device vr # VIA Rhine, Rhine II
-device wb # Winbond W89C840F
-device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'')
-
-# ISA Ethernet NICs. pccard NICs included.
-device cs # Crystal Semiconductor CS89x0 NIC
-# 'device ed' requires 'device miibus'
-device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards
-device ex # Intel EtherExpress Pro/10 and Pro/10+
-device ep # Etherlink III based cards
-device fe # Fujitsu MB8696x based cards
-device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc.
-device sn # SMC's 9000 series of Ethernet chips
-device xe # Xircom pccard Ethernet
-
-# ISA devices that use the old ISA shims
-#device le
-
-# Wireless NIC cards
-device wlan # 802.11 support
-device an # Aironet 4500/4800 802.11 wireless NICs.
-device awi # BayStack 660 and others
-device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs.
-#device wl # Older non 802.11 Wavelan wireless NIC.
-
-# Pseudo devices.
-device loop # Network loopback
-device ether # Ethernet support
-device ppp # Kernel PPP
-device tun # Packet tunnel.
-device pty # Pseudo-ttys (telnet etc)
-device md # Memory "disks"
-device gif # IPv6 and IPv4 tunneling
-
-# The `bpf' device enables the Berkeley Packet Filter.
-# Be aware of the administrative consequences of enabling this!
-# Note that 'bpf' is required for DHCP.
-device bpf # Berkeley packet filter
-
-options IPFIREWALL
-options IPFIREWALL_DEFAULT_TO_ACCEPT
-options IPDIVERT
-options DUMMYNET
-
-device ath
-device ath_hal
-device ath_rate_sample
-
-device if_bridge #Bridge interface
-
-# CLK_USE_I8254_CALIBRATION causes the calibrated frequency of the i8254
-# clock to actually be used.
-options CLK_USE_I8254_CALIBRATION
-
-# CPU_ELAN enables support for AMDs ElanSC520 CPU.
-options CPU_ELAN
-options CPU_SOEKRIS
-options CPU_ELAN_XTAL=32768000
-options CPU_ELAN_PPS
-
diff --git a/tools/tools/tinybsd/conf/default/etc/fstab b/tools/tools/tinybsd/conf/default/etc/fstab
deleted file mode 100644
index 16ada11d7790..000000000000
--- a/tools/tools/tinybsd/conf/default/etc/fstab
+++ /dev/null
@@ -1,2 +0,0 @@
-# $FreeBSD$
-/dev/ad0a / ufs ro 1 1
diff --git a/tools/tools/tinybsd/conf/default/etc/rc.conf b/tools/tools/tinybsd/conf/default/etc/rc.conf
deleted file mode 100644
index a21476241081..000000000000
--- a/tools/tools/tinybsd/conf/default/etc/rc.conf
+++ /dev/null
@@ -1,12 +0,0 @@
-# $FreeBSD$
-hostname="tinybsd.freebsd.org"
-sendmail_enable="NONE"
-sshd_enable="YES"
-usbd_enable="NO"
-inetd_enable="NO"
-portmap_enable="NO"
-update_motd="NO"
-varmfs="YES"
-populate_var="YES"
-varsize="8192"
-tmpmfs="YES"
diff --git a/tools/tools/tinybsd/conf/default/tinybsd.basefiles b/tools/tools/tinybsd/conf/default/tinybsd.basefiles
deleted file mode 100644
index 4db705f95557..000000000000
--- a/tools/tools/tinybsd/conf/default/tinybsd.basefiles
+++ /dev/null
@@ -1,247 +0,0 @@
-# $FreeBSD$
-# contents of ${WORKDIR}/boot
-boot/boot0
-boot/boot1
-boot/boot2
-boot/defaults/loader.conf
-boot/device.hints
-boot/loader
-boot/loader.4th
-boot/loader.help
-boot/loader.rc
-boot/mbr
-boot/support.4th
-
-# contents of ${WORKDIR}/libexec
-libexec/ld-elf.so.1:usr/libexec/ld-elf.so.1
-
-# contents of ${WORKDIR}/bin
-bin/[:bin/test
-bin/cat
-bin/chflags
-bin/chio
-bin/chmod
-bin/cp
-bin/csh:bin/tcsh
-bin/date
-bin/dd
-bin/df
-bin/domainname
-bin/echo
-bin/ed:bin/red
-bin/expr
-bin/hostname
-bin/kenv
-bin/kill
-bin/ln:bin/link
-bin/ls
-bin/mkdir
-bin/mv
-bin/pax
-bin/ps
-bin/pwd
-bin/realpath
-bin/rm:bin/unlink
-bin/rmdir
-bin/sh
-bin/sleep
-bin/stty
-bin/sync
-
-# contents of ${WORKDIR}/sbin
-sbin/adjkerntz
-sbin/comcontrol
-sbin/dhclient
-sbin/dhclient-script
-sbin/disklabel
-sbin/dmesg
-sbin/fastboot:sbin/reboot
-sbin/fasthalt:sbin/halt
-sbin/fsck
-sbin/fsck_ufs:sbin/fsck_ffs
-sbin/fsck_ufs:sbin/fsck_4.2bsd
-sbin/ifconfig
-sbin/init
-sbin/ipfw
-sbin/kldconfig
-sbin/kldload
-sbin/kldstat
-sbin/kldunload
-sbin/ldconfig
-sbin/md5
-sbin/mdconfig
-sbin/mknod
-sbin/mdmfs
-sbin/mount
-sbin/mount_nfs
-sbin/mount_nullfs
-sbin/mount_unionfs
-sbin/natd
-sbin/nfsiod
-sbin/newfs
-sbin/nextboot
-sbin/nologin
-sbin/nos-tun
-sbin/ping
-sbin/rcorder
-sbin/route
-sbin/shutdown
-sbin/slattach
-sbin/swapon
-sbin/sysctl
-sbin/umount
-
-# contents of ${WORKDIR}/usr/sbin
-usr/bin/at:usr/bin/atq
-usr/bin/at:usr/bin/atrm
-usr/bin/at:usr/bin/batch
-usr/bin/awk
-usr/bin/basename
-usr/bin/bunzip2:usr/bin/bzcat
-usr/bin/bunzip2:usr/bin/bzip2
-usr/bin/chat
-usr/bin/chfn:usr/bin/chpass
-usr/bin/chfn:usr/bin/chsh
-usr/bin/chgrp
-usr/bin/cksum
-usr/bin/clear
-usr/bin/cmp
-usr/bin/compress:usr/bin/uncompress
-usr/bin/cpio
-usr/bin/crontab
-usr/bin/cu
-usr/bin/dig
-usr/bin/dirname
-usr/bin/du
-usr/bin/ee
-usr/bin/egrep:usr/bin/fgrep
-usr/bin/egrep:usr/bin/grep
-usr/bin/env
-usr/bin/false
-usr/bin/fetch
-usr/bin/find
-usr/bin/finger
-usr/bin/fstat
-usr/bin/fsync
-usr/bin/ftp
-usr/bin/gunzip:usr/bin/gzcat
-usr/bin/gunzip:usr/bin/gzip
-usr/bin/gzexe
-usr/bin/head
-usr/bin/hexdump
-usr/bin/id:usr/bin/whoami
-usr/bin/ident
-usr/bin/killall
-usr/bin/last
-usr/bin/less:usr/bin/more
-usr/bin/limits
-usr/bin/lock
-usr/bin/lockf
-usr/bin/logger
-usr/bin/login
-usr/bin/logname
-usr/bin/mesg
-usr/bin/minigzip
-usr/bin/mkfifo
-usr/bin/mktemp
-usr/bin/msgs
-usr/bin/netstat
-usr/bin/nfsstat
-usr/bin/nice
-usr/bin/nslookup
-usr/bin/nsupdate
-usr/bin/nohup
-usr/bin/objformat
-usr/bin/openssl
-usr/bin/passwd
-usr/bin/printf
-usr/bin/renice
-usr/bin/reset:usr/sbin/tset
-usr/bin/scp
-usr/bin/script
-usr/bin/sed
-usr/bin/sftp
-usr/bin/shar
-usr/bin/slogin:usr/bin/ssh
-usr/bin/sort
-usr/bin/split
-usr/bin/ssh-keygen
-usr/bin/su
-usr/bin/tail
-usr/bin/tar
-usr/bin/tee
-usr/bin/telnet
-usr/bin/tftp
-usr/bin/time
-usr/bin/top
-usr/bin/touch
-usr/bin/tput
-usr/bin/tr
-usr/bin/true
-usr/bin/tty
-usr/bin/uname
-usr/bin/uptime:usr/bin/w
-usr/bin/users
-usr/bin/uudecode
-usr/bin/uuencode
-usr/bin/vi
-usr/bin/vmstat
-usr/bin/wall
-usr/bin/who
-usr/bin/whois
-usr/bin/write
-usr/bin/yes
-
-# contents of ${WORKDIR}/usr/sbin
-usr/sbin/arp
-usr/sbin/boot0cfg
-usr/sbin/chown
-usr/sbin/chroot
-usr/sbin/cron
-usr/sbin/idprio:usr/sbin/rtprio
-usr/sbin/inetd
-usr/sbin/iostat
-usr/sbin/kbdcontrol
-usr/sbin/lastlogin
-usr/sbin/memcontrol
-usr/sbin/mountd
-usr/sbin/mtree
-usr/sbin/named
-usr/sbin/named.reload
-usr/sbin/newsyslog
-usr/sbin/nfsd
-usr/sbin/ngctl
-usr/sbin/nghook
-usr/sbin/ntpdate
-usr/sbin/pciconf
-usr/sbin/ppp
-usr/sbin/pppctl
-usr/sbin/pppstats
-usr/sbin/pw
-usr/sbin/pwd_mkdb
-usr/sbin/rpcbind
-usr/sbin/slstat
-usr/sbin/sshd
-usr/sbin/syslogd
-usr/sbin/tcpdchk
-usr/sbin/tcpdmatch
-usr/sbin/tcpdump
-usr/sbin/traceroute
-usr/sbin/vidcontrol
-usr/sbin/vipw
-usr/sbin/vnconfig
-usr/sbin/watch
-usr/sbin/pccardc
-usr/sbin/pccardd
-
-# contents of ${WORKDIR}/usr/libexec
-usr/libexec/atrun
-usr/libexec/ftpd
-usr/libexec/getty
-usr/libexec/sftp-server
-usr/libexec/telnetd
-usr/libexec/tftpd
-
-# contents of ${WORKDIR}/usr/share
-usr/share/misc/termcap
-
diff --git a/tools/tools/tinybsd/conf/default/tinybsd.ports b/tools/tools/tinybsd/conf/default/tinybsd.ports
deleted file mode 100644
index 49bb52175241..000000000000
--- a/tools/tools/tinybsd/conf/default/tinybsd.ports
+++ /dev/null
@@ -1,9 +0,0 @@
-# $FreeBSD$
-# Here you can add the applications from the FreeBSD Ports Collection which you
-# want TinyBSD ports system to install in your embedded system. You whould list
-# one application per line, mentioning its category and name, like the examples:
-#
-# www/mini_httpd
-# net-mgmt/rate
-#
-# Make sure you have enough space to add it.
diff --git a/tools/tools/tinybsd/conf/firewall/TINYBSD b/tools/tools/tinybsd/conf/firewall/TINYBSD
deleted file mode 100644
index a91f1ee22085..000000000000
--- a/tools/tools/tinybsd/conf/firewall/TINYBSD
+++ /dev/null
@@ -1,168 +0,0 @@
-# $FreeBSD$
-machine i386
-cpu I486_CPU
-cpu I586_CPU
-cpu I686_CPU
-ident TINYBSD
-
-# To statically compile in device wiring instead of /boot/device.hints
-#hints "GENERIC.hints" # Default places to look for devices.
-
-options SCHED_4BSD # 4BSD scheduler
-options INET # InterNETworking
-options FFS # Berkeley Fast Filesystem
-options SOFTUPDATES # Enable FFS soft updates support
-options UFS_DIRHASH # Improve performance on big directories
-options MD_ROOT # MD is a potential root device
-options PROCFS # Process filesystem (requires PSEUDOFS)
-options PSEUDOFS # Pseudo-filesystem framework
-options GEOM_PART_GPT # GUID Partition Tables.
-options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!]
-options COMPAT_FREEBSD4 # Compatible with FreeBSD4
-options SYSVSHM # SYSV-style shared memory
-options SYSVMSG # SYSV-style message queues
-options SYSVSEM # SYSV-style semaphores
-options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
-options KBD_INSTALL_CDEV # install a CDEV entry in /dev
-options AHC_REG_PRETTY_PRINT # Print register bitfields in debug
- # output. Adds ~128k to driver.
-options AHD_REG_PRETTY_PRINT # Print register bitfields in debug
- # output. Adds ~215k to driver.
-options ADAPTIVE_GIANT # Giant mutex is adaptive.
-
-device apic # I/O APIC
-
-device eisa
-device pci
-
-# Floppy drives
-#device fdc
-
-# ATA and ATAPI devices
-device ata
-device atadisk # ATA disk drives
-options ATA_STATIC_ID # Static device numbering
-
-# atkbdc0 controls both the keyboard and the PS/2 mouse
-device atkbdc # AT keyboard controller
-device atkbd # AT keyboard
-device psm # PS/2 mouse
-
-device vga # VGA video card driver
-
-#device splash # Splash screen and screen saver support
-
-# syscons is the default console driver, resembling an SCO console
-device sc
-
-# Enable this for the pcvt (VT220 compatible) console driver
-#device vt
-#options XSERVER # support for X server on a vt console
-#options FAT_CURSOR # start with block cursor
-
-device agp # support several AGP chipsets
-
-# PCCARD (PCMCIA) support
-# PCMCIA and cardbus bridge support
-#device cbb # cardbus (yenta) bridge
-#device pccard # PC Card (16-bit) bus
-#device cardbus # CardBus (32-bit) bus
-
-# Serial (COM) ports
-device sio # 8250, 16[45]50 based serial ports
-
-# PCI Ethernet NICs.
-device de # DEC/Intel DC21x4x (``Tulip'')
-device em # Intel PRO/1000 adapter Gigabit Ethernet Card
-device txp # 3Com 3cR990 (``Typhoon'')
-device vx # 3Com 3c590, 3c595 (``Vortex'')
-
-# PCI Ethernet NICs that use the common MII bus controller code.
-# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
-device miibus # MII bus support
-device bfe # Broadcom BCM440x 10/100 Ethernet
-device bge # Broadcom BCM570xx Gigabit Ethernet
-device dc # DEC/Intel 21143 and various workalikes
-device fxp # Intel EtherExpress PRO/100B (82557, 82558)
-device lge # Level 1 LXT1001 gigabit ethernet
-device nge # NatSemi DP83820 gigabit ethernet
-device pcn # AMD Am79C97x PCI 10/100 (precedence over 'lnc')
-device re # RealTek 8139C+/8169/8169S/8110S
-device rl # RealTek 8129/8139
-device sf # Adaptec AIC-6915 (``Starfire'')
-device sis # Silicon Integrated Systems SiS 900/SiS 7016
-device sk # SysKonnect SK-984x & SK-982x gigabit Ethernet
-device ste # Sundance ST201 (D-Link DFE-550TX)
-device ti # Alteon Networks Tigon I/II gigabit Ethernet
-device tl # Texas Instruments ThunderLAN
-device tx # SMC EtherPower II (83c170 ``EPIC'')
-device vge # VIA VT612x gigabit ethernet
-device vr # VIA Rhine, Rhine II
-device wb # Winbond W89C840F
-device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'')
-
-# ISA Ethernet NICs. pccard NICs included.
-device cs # Crystal Semiconductor CS89x0 NIC
-# 'device ed' requires 'device miibus'
-device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards
-device ex # Intel EtherExpress Pro/10 and Pro/10+
-device ep # Etherlink III based cards
-device fe # Fujitsu MB8696x based cards
-device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc.
-device sn # SMC's 9000 series of Ethernet chips
-device xe # Xircom pccard Ethernet
-
-# ISA devices that use the old ISA shims
-#device le
-
-# Wireless NIC cards
-device wlan # 802.11 support
-#device an # Aironet 4500/4800 802.11 wireless NICs.
-#device awi # BayStack 660 and others
-#device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs.
-#device wl # Older non 802.11 Wavelan wireless NIC.
-
-# Pseudo devices.
-device loop # Network loopback
-device ether # Ethernet support
-device pty # Pseudo-ttys (telnet etc)
-device md # Memory "disks"
-
-# The `bpf' device enables the Berkeley Packet Filter.
-# Be aware of the administrative consequences of enabling this!
-# Note that 'bpf' is required for DHCP.
-device bpf # Berkeley packet filter
-
-options IPFIREWALL
-options IPFIREWALL_DEFAULT_TO_ACCEPT
-options IPDIVERT
-options DUMMYNET
-
-device pf #PF OpenBSD packet-filter firewall
-device pflog #logging support interface for PF
-device pfsync #synchronization interface for PF
-device carp #Common Address Redundancy Protocol
-
-options ALTQ
-options ALTQ_CBQ # Class Based Queueing
-options ALTQ_RED # Random Early Detection
-options ALTQ_RIO # RED In/Out
-options ALTQ_HFSC # Hierarchical Packet Scheduler
-options ALTQ_CDNR # Traffic conditioner
-options ALTQ_PRIQ # Priority Queueing
-options ALTQ_NOPCC # Required for SMP build
-
-device ath
-device ath_hal
-device ath_rate_sample
-
-# CLK_USE_I8254_CALIBRATION causes the calibrated frequency of the i8254
-# clock to actually be used.
-options CLK_USE_I8254_CALIBRATION
-
-# CPU_ELAN enables support for AMDs ElanSC520 CPU.
-options CPU_ELAN
-options CPU_SOEKRIS
-options CPU_ELAN_XTAL=32768000
-options CPU_ELAN_PPS
-
diff --git a/tools/tools/tinybsd/conf/firewall/etc/authpf/authpf.rules b/tools/tools/tinybsd/conf/firewall/etc/authpf/authpf.rules
deleted file mode 100644
index e8c0da7a1d7e..000000000000
--- a/tools/tools/tinybsd/conf/firewall/etc/authpf/authpf.rules
+++ /dev/null
@@ -1 +0,0 @@
-# $FreeBSD$
diff --git a/tools/tools/tinybsd/conf/firewall/etc/fstab b/tools/tools/tinybsd/conf/firewall/etc/fstab
deleted file mode 100644
index 16ada11d7790..000000000000
--- a/tools/tools/tinybsd/conf/firewall/etc/fstab
+++ /dev/null
@@ -1,2 +0,0 @@
-# $FreeBSD$
-/dev/ad0a / ufs ro 1 1
diff --git a/tools/tools/tinybsd/conf/firewall/etc/natd.conf b/tools/tools/tinybsd/conf/firewall/etc/natd.conf
deleted file mode 100644
index e8c0da7a1d7e..000000000000
--- a/tools/tools/tinybsd/conf/firewall/etc/natd.conf
+++ /dev/null
@@ -1 +0,0 @@
-# $FreeBSD$
diff --git a/tools/tools/tinybsd/conf/firewall/etc/pf.conf b/tools/tools/tinybsd/conf/firewall/etc/pf.conf
deleted file mode 100644
index 9acf363030a2..000000000000
--- a/tools/tools/tinybsd/conf/firewall/etc/pf.conf
+++ /dev/null
@@ -1,78 +0,0 @@
-# $FreeBSD$
-#
-# See pf.conf(5) and /usr/share/examples/pf for syntax and examples.
-# Required order: options, normalization, queueing, translation, filtering.
-# Macros and tables may be defined and used anywhere.
-# Note that translation rules are first match while filter rules are last match.
-
-# Macros: define common values, so they can be referenced and changed easily.
-#ext_if="ext0" # replace with actual external interface name i.e., dc0
-#int_if="int0" # replace with actual internal interface name i.e., dc1
-#internal_net="10.1.1.1/8"
-#external_addr="192.168.1.1"
-
-# Tables: similar to macros, but more flexible for many addresses.
-#table <foo> { 10.0.0.0/8, !10.1.0.0/16, 192.168.0.0/24, 192.168.1.18 }
-
-# Options: tune the behavior of pf, default values are given.
-#set timeout { interval 10, frag 30 }
-#set timeout { tcp.first 120, tcp.opening 30, tcp.established 86400 }
-#set timeout { tcp.closing 900, tcp.finwait 45, tcp.closed 90 }
-#set timeout { udp.first 60, udp.single 30, udp.multiple 60 }
-#set timeout { icmp.first 20, icmp.error 10 }
-#set timeout { other.first 60, other.single 30, other.multiple 60 }
-#set timeout { adaptive.start 0, adaptive.end 0 }
-#set limit { states 10000, frags 5000 }
-#set loginterface none
-#set optimization normal
-#set block-policy drop
-#set require-order yes
-#set fingerprints "/etc/pf.os"
-
-# Normalization: reassemble fragments and resolve or reduce traffic ambiguities.
-#scrub in all
-
-# Queueing: rule-based bandwidth control.
-#altq on $ext_if bandwidth 2Mb cbq queue { dflt, developers, marketing }
-#queue dflt bandwidth 5% cbq(default)
-#queue developers bandwidth 80%
-#queue marketing bandwidth 15%
-
-# Translation: specify how addresses are to be mapped or redirected.
-# nat: packets going out through $ext_if with source address $internal_net will
-# get translated as coming from the address of $ext_if, a state is created for
-# such packets, and incoming packets will be redirected to the internal address.
-#nat on $ext_if from $internal_net to any -> ($ext_if)
-
-# rdr: packets coming in on $ext_if with destination $external_addr:1234 will
-# be redirected to 10.1.1.1:5678. A state is created for such packets, and
-# outgoing packets will be translated as coming from the external address.
-#rdr on $ext_if proto tcp from any to $external_addr/32 port 1234 -> 10.1.1.1 port 5678
-
-# rdr outgoing FTP requests to the ftp-proxy
-#rdr on $int_if proto tcp from any to any port ftp -> 127.0.0.1 port 8021
-
-# spamd-setup puts addresses to be redirected into table <spamd>.
-#table <spamd> persist
-#no rdr on { lo0, lo1 } from any to any
-#rdr inet proto tcp from <spamd> to any port smtp -> 127.0.0.1 port 8025
-
-# Filtering: the implicit first two rules are
-#pass in all
-#pass out all
-
-# block all incoming packets but allow ssh, pass all outgoing tcp and udp
-# connections and keep state, logging blocked packets.
-#block in log all
-#pass in on $ext_if proto tcp from any to $ext_if port 22 keep state
-#pass out on $ext_if proto { tcp, udp } all keep state
-
-# pass incoming packets destined to the addresses given in table <foo>.
-#pass in on $ext_if proto { tcp, udp } from any to <foo> port 80 keep state
-
-# pass incoming ports for ftp-proxy
-#pass in on $ext_if inet proto tcp from any to $ext_if user proxy keep state
-
-# assign packets to a queue.
-#pass out on $ext_if from 192.168.0.0/24 to any keep state queue developers
-#pass out on $ext_if from 192.168.1.0/24 to any keep state queue marketing
diff --git a/tools/tools/tinybsd/conf/firewall/etc/pf.os b/tools/tools/tinybsd/conf/firewall/etc/pf.os
deleted file mode 100644
index 2a64809bcfa9..000000000000
--- a/tools/tools/tinybsd/conf/firewall/etc/pf.os
+++ /dev/null
@@ -1,549 +0,0 @@
-# $FreeBSD$
-# passive OS fingerprinting
-# -------------------------
-#
-# SYN signatures. Those signatures work for SYN packets only (duh!).
-#
-# (C) Copyright 2000-2003 by Michal Zalewski <lcamtuf@coredump.cx>
-# (C) Copyright 2003 by Mike Frantzen <frantzen@w4g.org>
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-#
-#
-# This fingerprint database is adapted from Michal Zalewski's p0f passive
-# operating system package.
-#
-#
-# Each line in this file specifies a single fingerprint. Please read the
-# information below carefully before attempting to append any signatures
-# reported as UNKNOWN to this file to avoid mistakes.
-#
-# We use the following set metrics for fingerprinting:
-#
-# - Window size (WSS) - a highly OS dependent setting used for TCP/IP
-# performance control (max. amount of data to be sent without ACK).
-# Some systems use a fixed value for initial packets. On other
-# systems, it is a multiple of MSS or MTU (MSS+40). In some rare
-# cases, the value is just arbitrary.
-#
-# NEW SIGNATURE: if p0f reported a special value of 'Snn', the number
-# appears to be a multiple of MSS (MSS*nn); a special value of 'Tnn'
-# means it is a multiple of MTU ((MSS+40)*nn). Unless you notice the
-# value of nn is not fixed (unlikely), just copy the Snn or Tnn token
-# literally. If you know this device has a simple stack and a fixed
-# MTU, you can however multiply S value by MSS, or T value by MSS+40,
-# and put it instead of Snn or Tnn.
-#
-# If WSS otherwise looks like a fixed value (for example a multiple
-# of two), or if you can confirm the value is fixed, please quote
-# it literally. If there's no apparent pattern in WSS chosen, you
-# should consider wildcarding this value.
-#
-# - Overall packet size - a function of all IP and TCP options and bugs.
-#
-# NEW SIGNATURE: Copy this value literally.
-#
-# - Initial TTL - We check the actual TTL of a received packet. It can't
-# be higher than the initial TTL, and also shouldn't be dramatically
-# lower (maximum distance is defined as 40 hops).
-#
-# NEW SIGNATURE: *Never* copy TTL from a p0f-reported signature literally.
-# You need to determine the initial TTL. The best way to do it is to
-# check the documentation for a remote system, or check its settings.
-# A fairly good method is to simply round the observed TTL up to
-# 32, 64, 128, or 255, but it should be noted that some obscure devices
-# might not use round TTLs (in particular, some shoddy appliances use
-# "original" initial TTL settings). If not sure, you can see how many
-# hops you're away from the remote party with traceroute or mtr.
-#
-# - Don't fragment flag (DF) - some modern OSes set this to implement PMTU
-# discovery. Others do not bother.
-#
-# NEW SIGNATURE: Copy this value literally.
-#
-# - Maximum segment size (MSS) - this setting is usually link-dependent. P0f
-# uses it to determine link type of the remote host.
-#
-# NEW SIGNATURE: Always wildcard this value, except for rare cases when
-# you have an appliance with a fixed value, know the system supports only
-# a very limited number of network interface types, or know the system
-# is using a value it pulled out of nowhere. Specific unique MSS
-# can be used to tell Google crawlbots from the rest of the population.
-#
-# - Window scaling (WSCALE) - this feature is used to scale WSS.
-# It extends the size of a TCP/IP window to 32 bits. Some modern
-# systems implement this feature.
-#
-# NEW SIGNATURE: Observe several signatures. Initial WSCALE is often set
-# to zero or other low value. There's usually no need to wildcard this
-# parameter.
-#
-# - Timestamp - some systems that implement timestamps set them to
-# zero in the initial SYN. This case is detected and handled appropriately.
-#
-# - Selective ACK permitted - a flag set by systems that implement
-# selective ACK functionality.
-#
-# - The sequence of TCP all options (MSS, window scaling, selective ACK
-# permitted, timestamp, NOP). Other than the options previously
-# discussed, p0f also checks for timestamp option (a silly
-# extension to broadcast your uptime ;-), NOP options (used for
-# header padding) and sackOK option (selective ACK feature).
-#
-# NEW SIGNATURE: Copy the sequence literally.
-#
-# To wildcard any value (except for initial TTL or TCP options), replace
-# it with '*'. You can also use a modulo operator to match any values
-# that divide by nnn - '%nnn'.
-#
-# Fingerprint entry format:
-#
-# wwww:ttt:D:ss:OOO...:OS:Version:Subtype:Details
-#
-# wwww - window size (can be *, %nnn, Snn or Tnn). The special values
-# "S" and "T" which are a multiple of MSS or a multiple of MTU
-# respectively.
-# ttt - initial TTL
-# D - don't fragment bit (0 - not set, 1 - set)
-# ss - overall SYN packet size
-# OOO - option value and order specification (see below)
-# OS - OS genre (Linux, Solaris, Windows)
-# Version - OS Version (2.0.27 on x86, etc)
-# Subtype - OS subtype or patchlevel (SP3, lo0)
-# details - Generic OS details
-#
-# If OS genre starts with '*', p0f will not show distance, link type
-# and timestamp data. It is useful for userland TCP/IP stacks of
-# network scanners and so on, where many settings are randomized or
-# bogus.
-#
-# If OS genre starts with @, it denotes an approximate hit for a group
-# of operating systems (signature reporting still enabled in this case).
-# Use this feature at the end of this file to catch cases for which
-# you don't have a precise match, but can tell it's Windows or FreeBSD
-# or whatnot by looking at, say, flag layout alone.
-#
-# Option block description is a list of comma or space separated
-# options in the order they appear in the packet:
-#
-# N - NOP option
-# Wnnn - window scaling option, value nnn (or * or %nnn)
-# Mnnn - maximum segment size option, value nnn (or * or %nnn)
-# S - selective ACK OK
-# T - timestamp
-# T0 - timestamp with a zero value
-#
-# To denote no TCP options, use a single '.'.
-#
-# Please report any additions to this file, or any inaccuracies or
-# problems spotted, to the maintainers: lcamtuf@coredump.cx,
-# frantzen@openbsd.org and bugs@openbsd.org with a tcpdump packet
-# capture of the relevant SYN packet(s)
-#
-# WARNING WARNING WARNING
-# -----------------------
-#
-# Do not add a system X as OS Y just because NMAP says so. It is often
-# the case that X is a NAT firewall. While nmap is talking to the
-# device itself, p0f is fingerprinting the guy behind the firewall
-# instead.
-#
-# When in doubt, use common sense, don't add something that looks like
-# a completely different system as Linux or FreeBSD or LinkSys router.
-# Check DNS name, establish a connection to the remote host and look
-# at SYN+ACK - does it look similar?
-#
-# Some users tweak their TCP/IP settings - enable or disable RFC1323
-# functionality, enable or disable timestamps or selective ACK,
-# disable PMTU discovery, change MTU and so on. Always compare a new rule
-# to other fingerprints for this system, and verify the system isn't
-# "customized" before adding it. It is OK to add signature variants
-# caused by a commonly used software (personal firewalls, security
-# packages, etc), but it makes no sense to try to add every single
-# possible /proc/sys/net/ipv4 tweak on Linux or so.
-#
-# KEEP IN MIND: Some packet firewalls configured to normalize outgoing
-# traffic (OpenBSD pf with "scrub" enabled, for example) will, well,
-# normalize packets. Signatures will not correspond to the originating
-# system (and probably not quite to the firewall either).
-#
-# NOTE: Try to keep this file in some reasonable order, from most to
-# least likely systems. This will speed up operation. Also keep most
-# generic and broad rules near the end.
-#
-
-##########################
-# Standard OS signatures #
-##########################
-
-# ----------------- AIX ---------------------
-
-# AIX is first because its signatures are close to NetBSD, MacOS X and
-# Linux 2.0, but it uses a fairly rare MSSes, at least sometimes...
-# This is a shoddy hack, though.
-
-16384:64:0:44:M512: AIX:4.3:2-3:AIX 4.3.2 and earlier
-
-16384:64:0:60:M512,N,W%2,N,N,T: AIX:4.3:3:AIX 4.3.3-5.2
-16384:64:0:60:M512,N,W%2,N,N,T: AIX:5.1-5.2::AIX 4.3.3-5.2
-32768:64:0:60:M512,N,W%2,N,N,T: AIX:4.3:3:AIX 4.3.3-5.2
-32768:64:0:60:M512,N,W%2,N,N,T: AIX:5.1-5.2::AIX 4.3.3-5.2
-65535:64:0:60:M512,N,W%2,N,N,T: AIX:4.3:3:AIX 4.3.3-5.2
-65535:64:0:60:M512,N,W%2,N,N,T: AIX:5.1-5.2::AIX 4.3.3-5.2
-65535:64:0:64:M*,N,W1,N,N,T,N,N,S: AIX:5.3:ML1:AIX 5.3 ML1
-
-# ----------------- Linux -------------------
-
-512:64:0:44:M*: Linux:2.0:3x:Linux 2.0.3x
-16384:64:0:44:M*: Linux:2.0:3x:Linux 2.0.3x
-
-# Endian snafu! Nelson says "ha-ha":
-2:64:0:44:M*: Linux:2.0:3x:Linux 2.0.3x (MkLinux) on Mac
-64:64:0:44:M*: Linux:2.0:3x:Linux 2.0.3x (MkLinux) on Mac
-
-
-S4:64:1:60:M1360,S,T,N,W0: Linux:google::Linux (Google crawlbot)
-
-S2:64:1:60:M*,S,T,N,W0: Linux:2.4::Linux 2.4 (big boy)
-S3:64:1:60:M*,S,T,N,W0: Linux:2.4:18-21:Linux 2.4.18 and newer
-S4:64:1:60:M*,S,T,N,W0: Linux:2.4::Linux 2.4/2.6
-S4:64:1:60:M*,S,T,N,W0: Linux:2.6::Linux 2.4/2.6
-
-S3:64:1:60:M*,S,T,N,W1: Linux:2.5::Linux 2.5
-S4:64:1:60:M*,S,T,N,W1: Linux:2.5-2.6::Linux 2.5/2.6
-
-S20:64:1:60:M*,S,T,N,W0: Linux:2.2:20-25:Linux 2.2.20 and newer
-S22:64:1:60:M*,S,T,N,W0: Linux:2.2::Linux 2.2
-S11:64:1:60:M*,S,T,N,W0: Linux:2.2::Linux 2.2
-
-# Popular cluster config scripts disable timestamps and
-# selective ACK:
-S4:64:1:48:M1460,N,W0: Linux:2.4:cluster:Linux 2.4 in cluster
-
-# This needs to be investigated. On some systems, WSS
-# is selected as a multiple of MTU instead of MSS. I got
-# many submissions for this for many late versions of 2.4:
-T4:64:1:60:M1412,S,T,N,W0: Linux:2.4::Linux 2.4 (late, uncommon)
-
-# This happens only over loopback, but let's make folks happy:
-32767:64:1:60:M16396,S,T,N,W0: Linux:2.4:lo0:Linux 2.4 (local)
-S8:64:1:60:M3884,S,T,N,W0: Linux:2.2:lo0:Linux 2.2 (local)
-
-# Opera visitors:
-16384:64:1:60:M*,S,T,N,W0: Linux:2.2:Opera:Linux 2.2 (Opera?)
-32767:64:1:60:M*,S,T,N,W0: Linux:2.4:Opera:Linux 2.4 (Opera?)
-
-# Some fairly common mods:
-S4:64:1:52:M*,N,N,S,N,W0: Linux:2.4:ts:Linux 2.4 w/o timestamps
-S22:64:1:52:M*,N,N,S,N,W0: Linux:2.2:ts:Linux 2.2 w/o timestamps
-
-
-# ----------------- FreeBSD -----------------
-
-16384:64:1:44:M*: FreeBSD:2.0-2.2::FreeBSD 2.0-4.1
-16384:64:1:44:M*: FreeBSD:3.0-3.5::FreeBSD 2.0-4.1
-16384:64:1:44:M*: FreeBSD:4.0-4.1::FreeBSD 2.0-4.1
-16384:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.4::FreeBSD 4.4
-
-1024:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.4::FreeBSD 4.4
-
-57344:64:1:44:M*: FreeBSD:4.6-4.8:noRFC1323:FreeBSD 4.6-4.8 (no RFC1323)
-57344:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.6-4.8::FreeBSD 4.6-4.8
-
-32768:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.8-4.9::FreeBSD 4.8-5.1 (or MacOS X)
-32768:64:1:60:M*,N,W0,N,N,T: FreeBSD:5.0-5.1::FreeBSD 4.8-5.1 (or MacOS X)
-65535:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.8-4.9::FreeBSD 4.8-5.1 (or MacOS X)
-65535:64:1:60:M*,N,W0,N,N,T: FreeBSD:5.0-5.1::FreeBSD 4.8-5.1 (or MacOS X)
-65535:64:1:60:M*,N,W1,N,N,T: FreeBSD:4.7-4.9::FreeBSD 4.7-5.1
-65535:64:1:60:M*,N,W1,N,N,T: FreeBSD:5.0-5.1::FreeBSD 4.7-5.1
-
-# 16384:64:1:60:M*,N,N,N,N,N,N,T:FreeBSD:4.4:noTS:FreeBSD 4.4 (w/o timestamps)
-
-# ----------------- NetBSD ------------------
-
-65535:64:0:60:M*,N,W0,N,N,T0: NetBSD:1.6:opera:NetBSD 1.6 (Opera)
-16384:64:0:60:M*,N,W0,N,N,T0: NetBSD:1.6::NetBSD 1.6
-16384:64:1:60:M*,N,W0,N,N,T0: NetBSD:1.6:df:NetBSD 1.6 (DF)
-16384:64:0:60:M*,N,W0,N,N,T: NetBSD:1.3::NetBSD 1.3
-65535:64:1:60:M*,N,W1,N,N,T0: NetBSD:1.6::NetBSD 1.6W-current (DF)
-
-# ----------------- OpenBSD -----------------
-
-16384:64:0:60:M*,N,W0,N,N,T: OpenBSD:2.6::NetBSD 1.3 (or OpenBSD 2.6)
-16384:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-3.4::OpenBSD 3.0-3.4
-16384:64:0:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-3.4:no-df:OpenBSD 3.0-3.4 (scrub no-df)
-57344:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.3-3.4::OpenBSD 3.3-3.4
-57344:64:0:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.3-3.4:no-df:OpenBSD 3.3-3.4 (scrub no-df)
-
-65535:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-3.4:opera:OpenBSD 3.0-3.4 (Opera)
-
-# ----------------- Solaris -----------------
-
-S17:64:1:64:N,W3,N,N,T0,N,N,S,M*: Solaris:8:RFC1323:Solaris 8 RFC1323
-S17:64:1:48:N,N,S,M*: Solaris:8::Solaris 8
-S17:255:1:44:M*: Solaris:2.5-2.7::Solaris 2.5 to 7
-
-S6:255:1:44:M*: Solaris:2.6-2.7::Solaris 2.6 to 7
-S23:255:1:44:M*: Solaris:2.5:1:Solaris 2.5.1
-S34:64:1:48:M*,N,N,S: Solaris:2.9::Solaris 9
-S44:255:1:44:M*: Solaris:2.7::Solaris 7
-
-# ----------------- IRIX --------------------
-
-49152:64:0:44:M*: IRIX:6.4::IRIX 6.4
-61440:64:0:44:M*: IRIX:6.2-6.5::IRIX 6.2-6.5
-49152:64:0:52:M*,N,W2,N,N,S: IRIX:6.5:RFC1323:IRIX 6.5 (RFC1323)
-49152:64:0:52:M*,N,W3,N,N,S: IRIX:6.5:RFC1323:IRIX 6.5 (RFC1323)
-
-61440:64:0:48:M*,N,N,S: IRIX:6.5:12-21:IRIX 6.5.12 - 6.5.21
-49152:64:0:48:M*,N,N,S: IRIX:6.5:15-21:IRIX 6.5.15 - 6.5.21
-
-# ----------------- Tru64 -------------------
-
-32768:64:1:48:M*,N,W0: Tru64:4.0::Tru64 4.0
-32768:64:0:48:M*,N,W0: Tru64:5.0::Tru64 5.0
-8192:64:0:44:M1460: Tru64:5.1:noRFC1323:Tru64 6.1 (no RFC1323) (or QNX 6)
-
-# This looks awfully Linuxish :/
-# S22:64:0:60:M*,S,T,N,W0: Tru64:5.0:a:Tru64 5.0a
-
-61440:64:0:48:M*,N,W0: Tru64:5.1a:JP4:Tru64 v5.1a JP4 (or OpenVMS 7.x on Compaq 5.x stack)
-
-
-# ----------------- OpenVMS -----------------
-
-6144:64:1:60:M*,N,W0,N,N,T: OpenVMS:7.2::OpenVMS 7.2 (Multinet 4.4 stack)
-
-# ----------------- MacOS -------------------
-
-16616:255:1:48:M*,W0: MacOS:7.3-7.6:OTTCP:MacOS 7.3-8.6 (OTTCP)
-16616:255:1:48:M*,W0: MacOS:8.0-8.6:OTTCP:MacOS 7.3-8.6 (OTTCP)
-32768:255:1:48:M*,W0,N: MacOS:9.1-9.2::MacOS 9.1/9.2
-32768:64:0:60:M*,N,W0,N,N,T: MacOS:X:10.2:MacOS X 10.2
-
-# ----------------- Windows -----------------
-
-# Windows 95 - need more:
-
-8192:32:1:44:M*: Windows:95::Windows 95 (low TTL)
-
-# Windows 98 - plenty of silly signatures:
-S44:32:1:48:M*,N,N,S: Windows:98::Windows 98 (low TTL)
-8192:32:1:48:M*,N,N,S: Windows:98::Windows 98 (low TTL)
-
-%8192:64:1:48:M*,N,N,S: Windows:98::Windows 98 (or newer XP/2000 with tweaked TTL)
-S4:64:1:48:M*,N,N,S: Windows:98::Windows 98
-S6:64:1:48:M*,N,N,S: Windows:98::Windows 98
-S12:64:1:48:M*,N,N,S: Windows:98::Windows 98
-32767:64:1:48:M*,N,N,S: Windows:98::Windows 98
-37300:64:1:48:M*,N,N,S: Windows:98::Windows 98
-46080:64:1:52:M*,N,W3,N,N,S: Windows:98:RFC1323:Windows 98 (RFC1323)
-65535:64:1:44:M*: Windows:98:noSACK:Windows 98 (no sack)
-
-S16:128:1:48:M*,N,N,S: Windows:98::Windows 98
-S16:128:1:64:M*,N,W0,N,N,T0,N,N,S: Windows:98::Windows 98
-S26:128:1:48:M*,N,N,S: Windows:98::Windows 98
-T30:128:1:48:M*,N,N,S: Windows:98::Windows 98
-32767:128:1:52:M*,N,W0,N,N,S: Windows:98::Windows 98
-60352:128:1:48:M*,N,N,S: Windows:98::Windows 98
-60352:128:1:64:M*,N,W2,N,N,T0,N,N,S: Windows:98::Windows 98
-
-# Windows NT 4.0 - need more:
-
-64512:128:1:44:M1414: Windows:NT:4.0:Windows NT 4.0 SP6a
-8192:128:1:44:M*: Windows:NT:4.0:Windows NT 4.0 (older)
-6144:128:1:52:M*,W0,N,S,N,N: Windows:NT:4.0:Windows NT 4.0 (RFC1323)
-
-# Windows XP and 2000. Most of the signatures that were
-# either dubious or non-specific (no service pack data)
-# were deleted and replaced with generics at the end.
-
-65535:128:1:48:M*,N,N,S: Windows:2000:SP4:Windows 2000 SP4, XP SP1
-%8192:128:1:48:M*,N,N,S: Windows:2000:SP4:Windows 2000 SP4, XP SP1
-S45:128:1:48:M*,N,N,S: Windows:2000:SP4:Windows 2000 SP4
-S6:128:1:48:M*,N,N,S: Windows:2000:SP4:Windows XP SP1, 2000 SP4
-S44:128:1:48:M*,N,N,S: Windows:2000:SP3:Windows XP Pro SP1, 2000 SP3
-
-S6:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows XP SP1, 2000 SP4
-S44:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows XP Pro SP1, 2000 SP3
-64512:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows XP SP1
-32767:128:1:48:M1452,N,N,S: Windows:XP:SP1:Windows XP SP1
-65535:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows 2000 SP4, XP SP1
-%8192:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows 2000 SP4, XP SP1
-
-# Odds, ends, mods:
-
-S52:128:1:48:M1260,N,N,S: Windows:XP:Cisco:Windows XP/2000 via Cisco
-S52:128:1:48:M1260,N,N,S: Windows:2000:Cisco:Windows XP/2000 via Cisco
-
-# HUNT DOWN:
-# *:128:1:48:M*,N,N,S:U:@Windows:XP (leak) (PLEASE REPORT)
-
-# ----------------- HP/UX -------------------
-
-32768:64:1:44:M*: HP-UX:B.10.20::HP-UX B.10.20
-32768:64:0:48:M*,W0,N: HP-UX:11.0::HP-UX 11.0
-32768:64:1:48:M*,W0,N: HP-UX:11.10::HP-UX 11.0 or 11.11
-32768:64:1:48:M*,W0,N: HP-UX:11.11::HP-UX 11.0 or 11.11
-
-# Whoa. Hardcore WSS.
-0:64:0:48:M*,W0,N: HP-UX:B.11.00:A:HP-UX B.11.00 A (RFC1323)
-
-
-# ----------------- RiscOS ------------------
-
-# We don't yet support the ?12 TCP option
-#16384:64:1:68:M1460,N,W0,N,N,T,N,N,?12: RISCOS:3.70-4.36::RISC OS 3.70-4.36
-
-# ----------------- BSD/OS ------------------
-
-# Once again, power of two WSS is also shared by MacOS X with DF set
-8192:64:1:60:M1460,N,W0,N,N,T: BSD/OS:3.1::BSD/OS 3.1-4.3 (or MacOS X 10.2 w/DF)
-8192:64:1:60:M1460,N,W0,N,N,T: BSD/OS:4.0-4.3::BSD/OS 3.1-4.3 (or MacOS X 10.2)
-
-
-# ---------------- NewtonOS -----------------
-
-4096:64:0:44:M1420: NewtonOS:2.1::NewtonOS 2.1
-
-# ---------------- NeXTSTEP -----------------
-
-S8:64:0:44:M512: NeXTSTEP:3.3::NeXTSTEP 3.3
-
-# ------------------ BeOS -------------------
-
-1024:255:0:48:M*,N,W0: BeOS:5.0-5.1::BeOS 5.0-5.1
-12288:255:0:44:M1402: BeOS:5.0::BeOS 5.0.x
-
-# ------------------ OS/400 -----------------
-
-8192:64:1:60:M1440,N,W0,N,N,T: OS/400:VR4::OS/400 VR4/R5
-8192:64:1:60:M1440,N,W0,N,N,T: OS/400:VR5::OS/400 VR4/R5
-4096:64:1:60:M1440,N,W0,N,N,T: OS/400:V4R5:CF67032:OS/400 V4R5 + CF67032
-
-
-# ------------------ ULTRIX -----------------
-
-16384:64:0:40:.: ULTRIX:4.5::ULTRIX 4.5
-
-# ------------------- QNX -------------------
-
-S16:64:0:44:M512: QNX:::QNX demodisk
-
-# ------------------ Novell -----------------
-
-16384:128:1:44:M1460: Novell:NetWare:5.0:Novel Netware 5.0
-6144:128:1:44:M1460: Novell:IntranetWare:4.11:Novell IntranetWare 4.11
-
-# ----------------- SCO ------------------
-S17:64:1:44:M1460: SCO:Unixware:7.0:SCO Unixware 7.0.0 or OpenServer 5.0.4-5.06
-S17:64:1:44:M1460: SCO:OpenServer:5.0:SCO Unixware 7.0.0 or OpenServer 5.0.4-5.06
-S3:64:1:60:M1460,N,W0,N,N,T: SCO:UnixWare:7.1:SCO UnixWare 7.1
-
-# ------------------- DOS -------------------
-
-2048:255:0:44:M536: DOS:WATTCP:1.05:DOS Arachne via WATTCP/1.05
-
-###########################################
-# Appliance / embedded / other signatures #
-###########################################
-
-# ---------- Firewalls / routers ------------
-
-S12:64:1:44:M1460: @Checkpoint:::Checkpoint (unknown 1)
-S12:64:1:48:N,N,S,M1460: @Checkpoint:::Checkpoint (unknown 2)
-4096:32:0:44:M1460: ExtremeWare:4.x::ExtremeWare 4.x
-60352:64:0:52:M1460,N,W2,N,N,S: Clavister:7::Clavister firewall 7.x
-
-# ------- Switches and other stuff ----------
-
-4128:255:0:44:M*: Cisco:::Cisco Catalyst 3500, 7500 etc
-S8:255:0:44:M*: Cisco:12008::Cisco 12008
-60352:128:1:64:M1460,N,W2,N,N,T,N,N,S: Alteon:ACEswitch::Alteon ACEswitch
-64512:128:1:44:M1370: Nortel:Contivity Client::Nortel Conectivity Client
-
-
-# ---------- Caches and whatnots ------------
-
-S4:64:1:52:M1460,N,N,S,N,W0: AOL:web cache::AOL web cache
-
-32850:64:1:64:N,W1,N,N,T,N,N,S,M*: NetApp:5.x::NetApp Data OnTap 5.x
-16384:64:1:64:M1460,N,N,S,N,W0,N: NetApp:5.3:1:NetApp 5.3.1
-65535:64:0:64:M1460,N,N,S,N,W3,N,N,T: NetApp:5.3:1:NetApp 5.3.1
-65535:64:0:60:M1460,N,W0,N,N,T: NetApp:CacheFlow::NetApp CacheFlow
-8192:64:1:64:M1460,N,N,S,N,W0,N,N,T: NetApp:5.2:1:NetApp NetCache 5.2.1
-
-S4:64:0:48:M1460,N,N,S: Cisco:Content Engine::Cisco Content Engine
-
-27085:128:0:40:.: Dell:PowerApp cache::Dell PowerApp (Linux-based)
-
-65535:255:1:48:N,W1,M1460: Inktomi:crawler::Inktomi crawler
-S1:255:1:60:M1460,S,T,N,W0: LookSmart:ZyBorg::LookSmart ZyBorg
-
-
-16384:255:0:40:.: Proxyblocker:::Proxyblocker (what's this?)
-
-# ----------- Embedded systems --------------
-
-S9:255:0:44:M536: PalmOS:Tungsten:C:PalmOS Tungsten C
-S5:255:0:44:M536: PalmOS:3::PalmOS 3/4
-S5:255:0:44:M536: PalmOS:4::PalmOS 3/4
-S4:255:0:44:M536: PalmOS:3:5:PalmOS 3.5
-2948:255:0:44:M536: PalmOS:3:5:PalmOS 3.5.3 (Handera)
-
-S23:64:1:64:N,W1,N,N,T,N,N,S,M1460: SymbianOS:7::SymbianOS 7
-8192:255:0:44:M1460: SymbianOS:6048::SymbianOS 6048 (on Nokia 7650?)
-8192:255:0:44:M536: SymbianOS:::SymbianOS (on Nokia 9210?)
-
-
-# Perhaps S4?
-5840:64:1:60:M1452,S,T,N,W1: Zaurus:3.10::Zaurus 3.10
-
-32768:128:1:64:M1460,N,W0,N,N,T0,N,N,S: PocketPC:2002::PocketPC 2002
-
-S1:255:0:44:M346: Contiki:1.1:rc0:Contiki 1.1-rc0
-
-4096:128:0:44:M1460: Sega:Dreamcast:3.0:Sega Dreamcast Dreamkey 3.0
-
-S12:64:0:44:M1452: AXIS:5600:v5.64:AXIS Printer Server 5600 v5.64
-
-
-
-####################
-# Fancy signatures #
-####################
-
-1024:64:0:40:.: *NMAP:syn scan:1:NMAP syn scan (1)
-2048:64:0:40:.: *NMAP:syn scan:2:NMAP syn scan (2)
-3072:64:0:40:.: *NMAP:syn scan:3:NMAP syn scan (3)
-4096:64:0:40:.: *NMAP:syn scan:4:NMAP syn scan (4)
-
-1024:64:0:60:W10,N,M265,T: *NMAP:OS:1:NMAP OS detection probe (1)
-2048:64:0:60:W10,N,M265,T: *NMAP:OS:2:NMAP OS detection probe (2)
-3072:64:0:60:W10,N,M265,T: *NMAP:OS:3:NMAP OS detection probe (3)
-4096:64:0:60:W10,N,M265,T: *NMAP:OS:4:NMAP OS detection probe (4)
-
-#####################################
-# Generic signatures - just in case #
-#####################################
-
-#*:64:1:60:M*,N,W*,N,N,T: @FreeBSD:4.0-4.9::FreeBSD 4.x/5.x
-#*:64:1:60:M*,N,W*,N,N,T: @FreeBSD:5.0-5.1::FreeBSD 4.x/5.x
-
-*:128:1:52:M*,N,W0,N,N,S: @Windows:XP:RFC1323:Windows XP/2000 (RFC1323 no tstamp)
-*:128:1:52:M*,N,W0,N,N,S: @Windows:2000:RFC1323:Windows XP/2000 (RFC1323 no tstamp)
-*:128:1:64:M*,N,W0,N,N,T0,N,N,S: @Windows:XP:RFC1323:Windows XP/2000 (RFC1323)
-*:128:1:64:M*,N,W0,N,N,T0,N,N,S: @Windows:2000:RFC1323:Windows XP/2000 (RFC1323)
-*:128:1:64:M*,N,W*,N,N,T0,N,N,S: @Windows:XP:RFC1323:Windows XP (RFC1323, w+)
-*:128:1:48:M*,N,N,S: @Windows:XP::Windows XP/2000
-*:128:1:48:M*,N,N,S: @Windows:2000::Windows XP/2000
diff --git a/tools/tools/tinybsd/conf/firewall/etc/rc.conf b/tools/tools/tinybsd/conf/firewall/etc/rc.conf
deleted file mode 100644
index d00fe837797f..000000000000
--- a/tools/tools/tinybsd/conf/firewall/etc/rc.conf
+++ /dev/null
@@ -1,41 +0,0 @@
-# $FreeBSD$
-hostname="tinybsd.freebsd.org"
-sendmail_enable="NONE"
-sshd_enable="YES"
-usbd_enable="NO"
-inetd_enable="NO"
-portmap_enable="NO"
-update_motd="NO"
-varmfs="YES"
-populate_var="YES"
-varsize="8192"
-tmpmfs="YES"
-
-# IPFW
-firewall_enable="YES"
-firewall_script="/etc/rc.firewall"
-firewall_type="closed"
-
-# NAT
-natd_enable="NO"
-natd_interface=""
-natd_flags=""
-
-# PF
-pf_enable="NO"
-pf_rules="/etc/pf.conf"
-pf_program="/sbin/pfctl"
-pf_flags=""
-pflog_enable="NO"
-pflog_logfile="/var/log/pflog"
-pflog_program="/sbin/pflogd"
-pflog_flags=""
-
-# CARP Example
-#cloned_interfaces="carp0"
-#ifconfig_carp0="vhid 1 pass xalala 192.168.1.1/24"
-
-
-
-
-
diff --git a/tools/tools/tinybsd/conf/firewall/etc/rc.firewall b/tools/tools/tinybsd/conf/firewall/etc/rc.firewall
deleted file mode 100644
index bda2ff62a155..000000000000
--- a/tools/tools/tinybsd/conf/firewall/etc/rc.firewall
+++ /dev/null
@@ -1,302 +0,0 @@
-#!/bin/sh -
-# Copyright (c) 1996 Poul-Henning Kamp
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in the
-# documentation and/or other materials provided with the distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
-# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-# SUCH DAMAGE.
-#
-# $FreeBSD$
-#
-
-#
-# Setup system for firewall service.
-#
-
-# Suck in the configuration variables.
-if [ -z "${source_rc_confs_defined}" ]; then
- if [ -r /etc/defaults/rc.conf ]; then
- . /etc/defaults/rc.conf
- source_rc_confs
- elif [ -r /etc/rc.conf ]; then
- . /etc/rc.conf
- fi
-fi
-
-############
-# Define the firewall type in /etc/rc.conf. Valid values are:
-# open - will allow anyone in
-# client - will try to protect just this machine
-# simple - will try to protect a whole network
-# closed - totally disables IP services except via lo0 interface
-# UNKNOWN - disables the loading of firewall rules.
-# filename - will load the rules in the given filename (full path required)
-#
-# For ``client'' and ``simple'' the entries below should be customized
-# appropriately.
-
-############
-#
-# If you don't know enough about packet filtering, we suggest that you
-# take time to read this book:
-#
-# Building Internet Firewalls, 2nd Edition
-# Brent Chapman and Elizabeth Zwicky
-#
-# O'Reilly & Associates, Inc
-# ISBN 1-56592-871-7
-# http://www.ora.com/
-# http://www.oreilly.com/catalog/fire2/
-#
-# For a more advanced treatment of Internet Security read:
-#
-# Firewalls & Internet Security
-# Repelling the wily hacker
-# William R. Cheswick, Steven M. Bellowin
-#
-# Addison-Wesley
-# ISBN 0-201-63357-4
-# http://www.awl.com/
-# http://www.awlonline.com/product/0%2C2627%2C0201633574%2C00.html
-#
-
-setup_loopback () {
- ############
- # Only in rare cases do you want to change these rules
- #
- ${fwcmd} add 100 pass all from any to any via lo0
- ${fwcmd} add 200 deny all from any to 127.0.0.0/8
- ${fwcmd} add 300 deny ip from 127.0.0.0/8 to any
-}
-
-if [ -n "${1}" ]; then
- firewall_type="${1}"
-fi
-
-############
-# Set quiet mode if requested
-#
-case ${firewall_quiet} in
-[Yy][Ee][Ss])
- fwcmd="/sbin/ipfw -q"
- ;;
-*)
- fwcmd="/sbin/ipfw"
- ;;
-esac
-
-############
-# Flush out the list before we begin.
-#
-${fwcmd} -f flush
-
-############
-# Network Address Translation. All packets are passed to natd(8)
-# before they encounter your remaining rules. The firewall rules
-# will then be run again on each packet after translation by natd
-# starting at the rule number following the divert rule.
-#
-# For ``simple'' firewall type the divert rule should be put to a
-# different place to not interfere with address-checking rules.
-#
-case ${firewall_type} in
-[Oo][Pp][Ee][Nn]|[Cc][Ll][Ii][Ee][Nn][Tt])
- case ${natd_enable} in
- [Yy][Ee][Ss])
- if [ -n "${natd_interface}" ]; then
- ${fwcmd} add 50 divert natd all from any to any via ${natd_interface}
- fi
- ;;
- esac
-esac
-
-############
-# If you just configured ipfw in the kernel as a tool to solve network
-# problems or you just want to disallow some particular kinds of traffic
-# then you will want to change the default policy to open. You can also
-# do this as your only action by setting the firewall_type to ``open''.
-#
-# ${fwcmd} add 65000 pass all from any to any
-
-
-# Prototype setups.
-#
-case ${firewall_type} in
-[Oo][Pp][Ee][Nn])
- setup_loopback
- ${fwcmd} add 65000 pass all from any to any
- ;;
-
-[Cc][Ll][Ii][Ee][Nn][Tt])
- ############
- # This is a prototype setup that will protect your system somewhat
- # against people from outside your own network.
- ############
-
- # set these to your network and netmask and ip
- net="192.0.2.0"
- mask="255.255.255.0"
- ip="192.0.2.1"
-
- setup_loopback
-
- # Allow any traffic to or from my own net.
- ${fwcmd} add pass all from ${ip} to ${net}:${mask}
- ${fwcmd} add pass all from ${net}:${mask} to ${ip}
-
- # Allow TCP through if setup succeeded
- ${fwcmd} add pass tcp from any to any established
-
- # Allow IP fragments to pass through
- ${fwcmd} add pass all from any to any frag
-
- # Allow setup of incoming email
- ${fwcmd} add pass tcp from any to ${ip} 25 setup
-
- # Allow setup of outgoing TCP connections only
- ${fwcmd} add pass tcp from ${ip} to any setup
-
- # Disallow setup of all other TCP connections
- ${fwcmd} add deny tcp from any to any setup
-
- # Allow DNS queries out in the world
- ${fwcmd} add pass udp from ${ip} to any 53 keep-state
-
- # Allow NTP queries out in the world
- ${fwcmd} add pass udp from ${ip} to any 123 keep-state
-
- # Everything else is denied by default, unless the
- # IPFIREWALL_DEFAULT_TO_ACCEPT option is set in your kernel
- # config file.
- ;;
-
-[Ss][Ii][Mm][Pp][Ll][Ee])
- ############
- # This is a prototype setup for a simple firewall. Configure this
- # machine as a DNS and NTP server, and point all the machines
- # on the inside at this machine for those services.
- ############
-
- # set these to your outside interface network and netmask and ip
- oif="em0"
- onet="192.0.2.0"
- omask="255.255.255.240"
- oip="192.0.2.1"
-
- # set these to your inside interface network and netmask and ip
- iif="em1"
- inet="192.0.2.16"
- imask="255.255.255.240"
- iip="192.0.2.17"
-
- setup_loopback
-
- # Stop spoofing
- ${fwcmd} add deny all from ${inet}:${imask} to any in via ${oif}
- ${fwcmd} add deny all from ${onet}:${omask} to any in via ${iif}
-
- # Stop RFC1918 nets on the outside interface
- ${fwcmd} add deny all from any to 10.0.0.0/8 via ${oif}
- ${fwcmd} add deny all from any to 172.16.0.0/12 via ${oif}
- ${fwcmd} add deny all from any to 192.168.0.0/16 via ${oif}
-
- # Stop draft-manning-dsua-03.txt (1 May 2000) nets (includes RESERVED-1,
- # DHCP auto-configuration, NET-TEST, MULTICAST (class D), and class E)
- # on the outside interface
- ${fwcmd} add deny all from any to 0.0.0.0/8 via ${oif}
- ${fwcmd} add deny all from any to 169.254.0.0/16 via ${oif}
- ${fwcmd} add deny all from any to 192.0.2.0/24 via ${oif}
- ${fwcmd} add deny all from any to 224.0.0.0/4 via ${oif}
- ${fwcmd} add deny all from any to 240.0.0.0/4 via ${oif}
-
- # Network Address Translation. This rule is placed here deliberately
- # so that it does not interfere with the surrounding address-checking
- # rules. If for example one of your internal LAN machines had its IP
- # address set to 192.0.2.1 then an incoming packet for it after being
- # translated by natd(8) would match the `deny' rule above. Similarly
- # an outgoing packet originated from it before being translated would
- # match the `deny' rule below.
- case ${natd_enable} in
- [Yy][Ee][Ss])
- if [ -n "${natd_interface}" ]; then
- ${fwcmd} add divert natd all from any to any via ${natd_interface}
- fi
- ;;
- esac
-
- # Stop RFC1918 nets on the outside interface
- ${fwcmd} add deny all from 10.0.0.0/8 to any via ${oif}
- ${fwcmd} add deny all from 172.16.0.0/12 to any via ${oif}
- ${fwcmd} add deny all from 192.168.0.0/16 to any via ${oif}
-
- # Stop draft-manning-dsua-03.txt (1 May 2000) nets (includes RESERVED-1,
- # DHCP auto-configuration, NET-TEST, MULTICAST (class D), and class E)
- # on the outside interface
- ${fwcmd} add deny all from 0.0.0.0/8 to any via ${oif}
- ${fwcmd} add deny all from 169.254.0.0/16 to any via ${oif}
- ${fwcmd} add deny all from 192.0.2.0/24 to any via ${oif}
- ${fwcmd} add deny all from 224.0.0.0/4 to any via ${oif}
- ${fwcmd} add deny all from 240.0.0.0/4 to any via ${oif}
-
- # Allow TCP through if setup succeeded
- ${fwcmd} add pass tcp from any to any established
-
- # Allow IP fragments to pass through
- ${fwcmd} add pass all from any to any frag
-
- # Allow setup of incoming email
- ${fwcmd} add pass tcp from any to ${oip} 25 setup
-
- # Allow access to our DNS
- ${fwcmd} add pass tcp from any to ${oip} 53 setup
- ${fwcmd} add pass udp from any to ${oip} 53
- ${fwcmd} add pass udp from ${oip} 53 to any
-
- # Allow access to our WWW
- ${fwcmd} add pass tcp from any to ${oip} 80 setup
-
- # Reject&Log all setup of incoming connections from the outside
- ${fwcmd} add deny log tcp from any to any in via ${oif} setup
-
- # Allow setup of any other TCP connection
- ${fwcmd} add pass tcp from any to any setup
-
- # Allow DNS queries out in the world
- ${fwcmd} add pass udp from ${oip} to any 53 keep-state
-
- # Allow NTP queries out in the world
- ${fwcmd} add pass udp from ${oip} to any 123 keep-state
-
- # Everything else is denied by default, unless the
- # IPFIREWALL_DEFAULT_TO_ACCEPT option is set in your kernel
- # config file.
- ;;
-
-[Cc][Ll][Oo][Ss][Ee][Dd])
- setup_loopback
- ;;
-[Uu][Nn][Kk][Nn][Oo][Ww][Nn])
- ;;
-*)
- if [ -r "${firewall_type}" ]; then
- ${fwcmd} ${firewall_flags} ${firewall_type}
- fi
- ;;
-esac
diff --git a/tools/tools/tinybsd/conf/firewall/etc/sysctl.conf b/tools/tools/tinybsd/conf/firewall/etc/sysctl.conf
deleted file mode 100644
index f9e09ff620d0..000000000000
--- a/tools/tools/tinybsd/conf/firewall/etc/sysctl.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# $FreeBSD$
-# CARP Options
-#net.inet.carp.preempt=1
-#net.inet.carp.arpbalance=1
-
diff --git a/tools/tools/tinybsd/conf/firewall/tinybsd.basefiles b/tools/tools/tinybsd/conf/firewall/tinybsd.basefiles
deleted file mode 100644
index ad76d0b758a3..000000000000
--- a/tools/tools/tinybsd/conf/firewall/tinybsd.basefiles
+++ /dev/null
@@ -1,240 +0,0 @@
-# $FreeBSD$
-# contents of ${WORKDIR}/boot
-boot/boot0
-boot/boot1
-boot/boot2
-boot/defaults/loader.conf
-boot/device.hints
-boot/loader
-boot/loader.4th
-boot/loader.help
-boot/loader.rc
-boot/mbr
-boot/support.4th
-
-# contents of ${WORKDIR}/libexec
-libexec/ld-elf.so.1:usr/libexec/ld-elf.so.1
-
-# contents of ${WORKDIR}/bin
-bin/[:bin/test
-bin/cat
-bin/chflags
-bin/chio
-bin/chmod
-bin/cp
-bin/csh:bin/tcsh
-bin/date
-bin/dd
-bin/df
-bin/domainname
-bin/echo
-bin/ed:bin/red
-bin/expr
-bin/hostname
-bin/kenv
-bin/kill
-bin/ln:bin/link
-bin/ls
-bin/mkdir
-bin/mv
-bin/pax
-bin/ps
-bin/pwd
-bin/realpath
-bin/rm:bin/unlink
-bin/rmdir
-bin/sh
-bin/sleep
-bin/stty
-bin/sync
-
-# contents of ${WORKDIR}/sbin
-sbin/adjkerntz
-sbin/comcontrol
-sbin/disklabel
-sbin/dmesg
-sbin/fastboot:sbin/reboot
-sbin/fasthalt:sbin/halt
-sbin/fsck
-sbin/fsck_ufs:sbin/fsck_ffs
-sbin/fsck_ufs:sbin/fsck_4.2bsd
-sbin/ifconfig
-sbin/init
-sbin/ipfw
-sbin/kldconfig
-sbin/kldload
-sbin/kldstat
-sbin/kldunload
-sbin/ldconfig
-sbin/md5
-sbin/mdconfig
-sbin/mknod
-sbin/mdmfs
-sbin/mount
-sbin/mount_nfs
-sbin/mount_nullfs
-sbin/mount_unionfs
-sbin/natd
-sbin/newfs
-sbin/nextboot
-sbin/nologin
-sbin/nos-tun
-sbin/pfctl
-sbin/pflogd
-sbin/ping
-sbin/rcorder
-sbin/route
-sbin/shutdown
-sbin/slattach
-sbin/swapon
-sbin/sysctl
-sbin/umount
-
-# contents of ${WORKDIR}/usr/sbin
-usr/bin/at:usr/bin/atq
-usr/bin/at:usr/bin/atrm
-usr/bin/at:usr/bin/batch
-usr/bin/awk
-usr/bin/basename
-usr/bin/bunzip2:usr/bin/bzcat
-usr/bin/bunzip2:usr/bin/bzip2
-usr/bin/chat
-usr/bin/chfn:usr/bin/chpass
-usr/bin/chfn:usr/bin/chsh
-usr/bin/chgrp
-usr/bin/cksum
-usr/bin/clear
-usr/bin/cmp
-usr/bin/compress:usr/bin/uncompress
-usr/bin/cpio
-usr/bin/crontab
-usr/bin/cu
-usr/bin/dig
-usr/bin/dirname
-usr/bin/du
-usr/bin/ee
-usr/bin/egrep:usr/bin/fgrep
-usr/bin/egrep:usr/bin/grep
-usr/bin/env
-usr/bin/false
-usr/bin/fetch
-usr/bin/find
-usr/bin/finger
-usr/bin/fstat
-usr/bin/fsync
-usr/bin/ftp
-usr/bin/gunzip:usr/bin/gzcat
-usr/bin/gunzip:usr/bin/gzip
-usr/bin/gzexe
-usr/bin/head
-usr/bin/hexdump
-usr/bin/id:usr/bin/whoami
-usr/bin/ident
-usr/bin/killall
-usr/bin/last
-usr/bin/less:usr/bin/more
-usr/bin/limits
-usr/bin/lock
-usr/bin/lockf
-usr/bin/logger
-usr/bin/login
-usr/bin/logname
-usr/bin/mesg
-usr/bin/minigzip
-usr/bin/mkfifo
-usr/bin/mktemp
-usr/bin/msgs
-usr/bin/netstat
-usr/bin/nfsstat
-usr/bin/nice
-usr/bin/nslookup
-usr/bin/nsupdate
-usr/bin/nohup
-usr/bin/objformat
-usr/bin/openssl
-usr/bin/passwd
-usr/bin/printf
-usr/bin/renice
-usr/bin/reset:usr/sbin/tset
-usr/bin/scp
-usr/bin/script
-usr/bin/sed
-usr/bin/sftp
-usr/bin/shar
-usr/bin/slogin:usr/bin/ssh
-usr/bin/sort
-usr/bin/split
-usr/bin/ssh-keygen
-usr/bin/su
-usr/bin/tail
-usr/bin/tar
-usr/bin/tee
-usr/bin/telnet
-usr/bin/tftp
-usr/bin/time
-usr/bin/top
-usr/bin/touch
-usr/bin/tput
-usr/bin/tr
-usr/bin/true
-usr/bin/tty
-usr/bin/uname
-usr/bin/uptime:usr/bin/w
-usr/bin/users
-usr/bin/uudecode
-usr/bin/uuencode
-usr/bin/vi
-usr/bin/vmstat
-usr/bin/wall
-usr/bin/who
-usr/bin/whois
-usr/bin/write
-usr/bin/yes
-
-# contents of ${WORKDIR}/usr/sbin
-usr/sbin/arp
-usr/sbin/authpf
-usr/sbin/boot0cfg
-usr/sbin/chown
-usr/sbin/chroot
-usr/sbin/cron
-usr/sbin/idprio:usr/sbin/rtprio
-usr/sbin/inetd
-usr/sbin/iostat
-usr/sbin/kbdcontrol
-usr/sbin/lastlogin
-usr/sbin/memcontrol
-usr/sbin/mountd
-usr/sbin/mtree
-usr/sbin/named
-usr/sbin/named.reload
-usr/sbin/newsyslog
-usr/sbin/ngctl
-usr/sbin/nghook
-usr/sbin/ntpdate
-usr/sbin/pciconf
-usr/sbin/pw
-usr/sbin/pwd_mkdb
-usr/sbin/slstat
-usr/sbin/sshd
-usr/sbin/syslogd
-usr/sbin/tcpdchk
-usr/sbin/tcpdmatch
-usr/sbin/tcpdump
-usr/sbin/traceroute
-usr/sbin/vidcontrol
-usr/sbin/vipw
-usr/sbin/vnconfig
-usr/sbin/watch
-
-# contents of ${WORKDIR}/usr/libexec
-usr/libexec/atrun
-usr/libexec/ftpd
-usr/libexec/getty
-usr/libexec/sftp-server
-usr/libexec/telnetd
-usr/libexec/tftpd
-
-# contents of ${WORKDIR}/usr/share
-usr/share/misc/termcap
-
diff --git a/tools/tools/tinybsd/conf/firewall/tinybsd.ports b/tools/tools/tinybsd/conf/firewall/tinybsd.ports
deleted file mode 100644
index 49bb52175241..000000000000
--- a/tools/tools/tinybsd/conf/firewall/tinybsd.ports
+++ /dev/null
@@ -1,9 +0,0 @@
-# $FreeBSD$
-# Here you can add the applications from the FreeBSD Ports Collection which you
-# want TinyBSD ports system to install in your embedded system. You whould list
-# one application per line, mentioning its category and name, like the examples:
-#
-# www/mini_httpd
-# net-mgmt/rate
-#
-# Make sure you have enough space to add it.
diff --git a/tools/tools/tinybsd/conf/minimal/TINYBSD b/tools/tools/tinybsd/conf/minimal/TINYBSD
deleted file mode 100644
index 7052e6a22f58..000000000000
--- a/tools/tools/tinybsd/conf/minimal/TINYBSD
+++ /dev/null
@@ -1,77 +0,0 @@
-# $FreeBSD$
-machine i386
-cpu I486_CPU
-cpu I586_CPU
-cpu I686_CPU
-ident TINYBSD
-
-# To statically compile in device wiring instead of /boot/device.hints
-#hints "GENERIC.hints" # Default places to look for devices.
-
-options SCHED_4BSD # 4BSD scheduler
-options INET # InterNETworking
-options FFS # Berkeley Fast Filesystem
-options SOFTUPDATES # Enable FFS soft updates support
-options UFS_DIRHASH # Improve performance on big directories
-options MD_ROOT # MD is a potential root device
-options PROCFS # Process filesystem (requires PSEUDOFS)
-options PSEUDOFS # Pseudo-filesystem framework
-options GEOM_PART_GPT # GUID Partition Tables.
-options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!]
-options COMPAT_FREEBSD4 # Compatible with FreeBSD4
-options SYSVSHM # SYSV-style shared memory
-options SYSVMSG # SYSV-style message queues
-options SYSVSEM # SYSV-style semaphores
-options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
-options KBD_INSTALL_CDEV # install a CDEV entry in /dev
-options AHC_REG_PRETTY_PRINT # Print register bitfields in debug
- # output. Adds ~128k to driver.
-options AHD_REG_PRETTY_PRINT # Print register bitfields in debug
- # output. Adds ~215k to driver.
-options ADAPTIVE_GIANT # Giant mutex is adaptive.
-
-device apic # I/O APIC
-
-device pci
-
-# ATA and ATAPI devices
-device ata
-device atadisk # ATA disk drives
-options ATA_STATIC_ID # Static device numbering
-
-# atkbdc0 controls both the keyboard and the PS/2 mouse
-device atkbdc # AT keyboard controller
-device atkbd # AT keyboard
-device psm # PS/2 mouse
-
-device vga # VGA video card driver
-
-#device splash # Splash screen and screen saver support
-
-# syscons is the default console driver, resembling an SCO console
-device sc
-
-# Enable this for the pcvt (VT220 compatible) console driver
-#device vt
-#options XSERVER # support for X server on a vt console
-#options FAT_CURSOR # start with block cursor
-
-device agp # support several AGP chipsets
-
-# Pseudo devices.
-device loop # Network loopback
-device ether # Ethernet support
-device pty # Pseudo-ttys (telnet etc)
-device md # Memory "disks"
-
-# CLK_USE_I8254_CALIBRATION causes the calibrated frequency of the i8254
-# clock to actually be used.
-options CLK_USE_I8254_CALIBRATION
-
-# CPU_ELAN enables support for AMDs ElanSC520 CPU.
-options CPU_ELAN
-options CPU_SOEKRIS
-options CPU_ELAN_XTAL=32768000
-options CPU_ELAN_PPS
-
-device bpf
diff --git a/tools/tools/tinybsd/conf/minimal/etc/fstab b/tools/tools/tinybsd/conf/minimal/etc/fstab
deleted file mode 100644
index 16ada11d7790..000000000000
--- a/tools/tools/tinybsd/conf/minimal/etc/fstab
+++ /dev/null
@@ -1,2 +0,0 @@
-# $FreeBSD$
-/dev/ad0a / ufs ro 1 1
diff --git a/tools/tools/tinybsd/conf/minimal/etc/rc.conf b/tools/tools/tinybsd/conf/minimal/etc/rc.conf
deleted file mode 100644
index a21476241081..000000000000
--- a/tools/tools/tinybsd/conf/minimal/etc/rc.conf
+++ /dev/null
@@ -1,12 +0,0 @@
-# $FreeBSD$
-hostname="tinybsd.freebsd.org"
-sendmail_enable="NONE"
-sshd_enable="YES"
-usbd_enable="NO"
-inetd_enable="NO"
-portmap_enable="NO"
-update_motd="NO"
-varmfs="YES"
-populate_var="YES"
-varsize="8192"
-tmpmfs="YES"
diff --git a/tools/tools/tinybsd/conf/minimal/tinybsd.basefiles b/tools/tools/tinybsd/conf/minimal/tinybsd.basefiles
deleted file mode 100644
index 446ef1f2afea..000000000000
--- a/tools/tools/tinybsd/conf/minimal/tinybsd.basefiles
+++ /dev/null
@@ -1,167 +0,0 @@
-# $FreeBSD$
-# contents of ${WORKDIR}/boot
-boot/boot0
-boot/boot1
-boot/boot2
-boot/defaults/loader.conf
-boot/device.hints
-boot/loader
-boot/loader.4th
-boot/loader.help
-boot/loader.rc
-boot/mbr
-boot/support.4th
-
-# contents of ${WORKDIR}/libexec
-libexec/ld-elf.so.1:usr/libexec/ld-elf.so.1
-
-# contents of ${WORKDIR}/bin
-bin/[:bin/test
-bin/cat
-bin/chflags
-bin/chio
-bin/chmod
-bin/cp
-bin/csh:bin/tcsh
-bin/date
-bin/df
-bin/domainname
-bin/echo
-bin/ed:bin/red
-bin/expr
-bin/hostname
-bin/kenv
-bin/kill
-bin/ln:bin/link
-bin/ls
-bin/mkdir
-bin/mv
-bin/pax
-bin/ps
-bin/pwd
-bin/realpath
-bin/rm:bin/unlink
-bin/rmdir
-bin/sh
-bin/sleep
-bin/stty
-bin/sync
-
-# contents of ${WORKDIR}/sbin
-sbin/adjkerntz
-sbin/disklabel
-sbin/dmesg
-sbin/fastboot:sbin/reboot
-sbin/fasthalt:sbin/halt
-sbin/fsck
-sbin/fsck_ufs:sbin/fsck_ffs
-sbin/fsck_ufs:sbin/fsck_4.2bsd
-sbin/ifconfig
-sbin/init
-sbin/kldconfig
-sbin/kldload
-sbin/kldstat
-sbin/kldunload
-sbin/ldconfig
-sbin/mdconfig
-sbin/mknod
-sbin/mdmfs
-sbin/mount
-sbin/mount_nullfs
-sbin/mount_unionfs
-sbin/newfs
-sbin/nextboot
-sbin/nologin
-sbin/rcorder
-sbin/shutdown
-sbin/swapon
-sbin/sysctl
-sbin/umount
-
-# contents of ${WORKDIR}/usr/sbin
-usr/bin/at:usr/bin/atq
-usr/bin/at:usr/bin/atrm
-usr/bin/at:usr/bin/batch
-usr/bin/awk
-usr/bin/basename
-usr/bin/bunzip2:usr/bin/bzcat
-usr/bin/bunzip2:usr/bin/bzip2
-usr/bin/chfn:usr/bin/chpass
-usr/bin/chfn:usr/bin/chsh
-usr/bin/chgrp
-usr/bin/cksum
-usr/bin/clear
-usr/bin/compress:usr/bin/uncompress
-usr/bin/crontab
-usr/bin/ee
-usr/bin/egrep:usr/bin/fgrep
-usr/bin/egrep:usr/bin/grep
-usr/bin/env
-usr/bin/false
-usr/bin/fstat
-usr/bin/fsync
-usr/bin/gunzip:usr/bin/gzcat
-usr/bin/gunzip:usr/bin/gzip
-usr/bin/head
-usr/bin/hexdump
-usr/bin/id:usr/bin/whoami
-usr/bin/killall
-usr/bin/last
-usr/bin/less:usr/bin/more
-usr/bin/logger
-usr/bin/login
-usr/bin/logname
-usr/bin/mesg
-usr/bin/minigzip
-usr/bin/mkfifo
-usr/bin/mktemp
-usr/bin/msgs
-usr/bin/nice
-usr/bin/nohup
-usr/bin/objformat
-usr/bin/passwd
-usr/bin/printf
-usr/bin/reset:usr/sbin/tset
-usr/bin/scp
-usr/bin/sed
-usr/bin/slogin:usr/bin/ssh
-usr/bin/su
-usr/bin/tail
-usr/bin/tar
-usr/bin/tee
-usr/bin/time
-usr/bin/top
-usr/bin/touch
-usr/bin/true
-usr/bin/tty
-usr/bin/uname
-usr/bin/uptime:usr/bin/w
-usr/bin/users
-usr/bin/uudecode
-usr/bin/uuencode
-usr/bin/vmstat
-usr/bin/who
-usr/bin/whois
-
-# contents of ${WORKDIR}/usr/sbin
-usr/sbin/boot0cfg
-usr/sbin/chown
-usr/sbin/cron
-usr/sbin/idprio:usr/sbin/rtprio
-usr/sbin/lastlogin
-usr/sbin/memcontrol
-usr/sbin/mtree
-usr/sbin/newsyslog
-usr/sbin/pw
-usr/sbin/pwd_mkdb
-usr/sbin/syslogd
-usr/sbin/vidcontrol
-usr/sbin/vipw
-
-# contents of ${WORKDIR}/usr/libexec
-usr/libexec/atrun
-usr/libexec/getty
-
-# contents of ${WORKDIR}/usr/share
-usr/share/misc/termcap
-
diff --git a/tools/tools/tinybsd/conf/minimal/tinybsd.ports b/tools/tools/tinybsd/conf/minimal/tinybsd.ports
deleted file mode 100644
index 49bb52175241..000000000000
--- a/tools/tools/tinybsd/conf/minimal/tinybsd.ports
+++ /dev/null
@@ -1,9 +0,0 @@
-# $FreeBSD$
-# Here you can add the applications from the FreeBSD Ports Collection which you
-# want TinyBSD ports system to install in your embedded system. You whould list
-# one application per line, mentioning its category and name, like the examples:
-#
-# www/mini_httpd
-# net-mgmt/rate
-#
-# Make sure you have enough space to add it.
diff --git a/tools/tools/tinybsd/conf/vpn/TINYBSD b/tools/tools/tinybsd/conf/vpn/TINYBSD
deleted file mode 100644
index 25848510f598..000000000000
--- a/tools/tools/tinybsd/conf/vpn/TINYBSD
+++ /dev/null
@@ -1,153 +0,0 @@
-# $FreeBSD$
-machine i386
-cpu I486_CPU
-cpu I586_CPU
-cpu I686_CPU
-ident TINYBSD
-
-# To statically compile in device wiring instead of /boot/device.hints
-#hints "GENERIC.hints" # Default places to look for devices.
-
-options SCHED_4BSD # 4BSD scheduler
-options INET # InterNETworking
-options FFS # Berkeley Fast Filesystem
-options SOFTUPDATES # Enable FFS soft updates support
-options UFS_DIRHASH # Improve performance on big directories
-options MD_ROOT # MD is a potential root device
-options PROCFS # Process filesystem (requires PSEUDOFS)
-options PSEUDOFS # Pseudo-filesystem framework
-options GEOM_PART_GPT # GUID Partition Tables.
-options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!]
-options COMPAT_FREEBSD4 # Compatible with FreeBSD4
-options SYSVSHM # SYSV-style shared memory
-options SYSVMSG # SYSV-style message queues
-options SYSVSEM # SYSV-style semaphores
-options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
-options KBD_INSTALL_CDEV # install a CDEV entry in /dev
-options AHC_REG_PRETTY_PRINT # Print register bitfields in debug
- # output. Adds ~128k to driver.
-options AHD_REG_PRETTY_PRINT # Print register bitfields in debug
- # output. Adds ~215k to driver.
-options ADAPTIVE_GIANT # Giant mutex is adaptive.
-
-device apic # I/O APIC
-
-device eisa
-device pci
-
-# Floppy drives
-#device fdc
-
-# ATA and ATAPI devices
-device ata
-device atadisk # ATA disk drives
-device atapist # ATAPI tape drives
-options ATA_STATIC_ID # Static device numbering
-
-# atkbdc0 controls both the keyboard and the PS/2 mouse
-device atkbdc # AT keyboard controller
-device atkbd # AT keyboard
-device psm # PS/2 mouse
-
-device vga # VGA video card driver
-
-#device splash # Splash screen and screen saver support
-
-# syscons is the default console driver, resembling an SCO console
-device sc
-
-# Enable this for the pcvt (VT220 compatible) console driver
-#device vt
-#options XSERVER # support for X server on a vt console
-#options FAT_CURSOR # start with block cursor
-
-device agp # support several AGP chipsets
-
-# PCCARD (PCMCIA) support
-# PCMCIA and cardbus bridge support
-#device cbb # cardbus (yenta) bridge
-#device pccard # PC Card (16-bit) bus
-#device cardbus # CardBus (32-bit) bus
-
-# Serial (COM) ports
-device sio # 8250, 16[45]50 based serial ports
-
-# PCI Ethernet NICs.
-device de # DEC/Intel DC21x4x (``Tulip'')
-device em # Intel PRO/1000 adapter Gigabit Ethernet Card
-device txp # 3Com 3cR990 (``Typhoon'')
-device vx # 3Com 3c590, 3c595 (``Vortex'')
-
-# PCI Ethernet NICs that use the common MII bus controller code.
-# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
-device miibus # MII bus support
-device bfe # Broadcom BCM440x 10/100 Ethernet
-device bge # Broadcom BCM570xx Gigabit Ethernet
-device dc # DEC/Intel 21143 and various workalikes
-device fxp # Intel EtherExpress PRO/100B (82557, 82558)
-device lge # Level 1 LXT1001 gigabit ethernet
-device nge # NatSemi DP83820 gigabit ethernet
-device pcn # AMD Am79C97x PCI 10/100 (precedence over 'lnc')
-device re # RealTek 8139C+/8169/8169S/8110S
-device rl # RealTek 8129/8139
-device sf # Adaptec AIC-6915 (``Starfire'')
-device sis # Silicon Integrated Systems SiS 900/SiS 7016
-device sk # SysKonnect SK-984x & SK-982x gigabit Ethernet
-device ste # Sundance ST201 (D-Link DFE-550TX)
-device ti # Alteon Networks Tigon I/II gigabit Ethernet
-device tl # Texas Instruments ThunderLAN
-device tx # SMC EtherPower II (83c170 ``EPIC'')
-device vge # VIA VT612x gigabit ethernet
-device vr # VIA Rhine, Rhine II
-device wb # Winbond W89C840F
-device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'')
-
-# ISA Ethernet NICs. pccard NICs included.
-device cs # Crystal Semiconductor CS89x0 NIC
-# 'device ed' requires 'device miibus'
-device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards
-device ex # Intel EtherExpress Pro/10 and Pro/10+
-device ep # Etherlink III based cards
-device fe # Fujitsu MB8696x based cards
-device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc.
-device sn # SMC's 9000 series of Ethernet chips
-device xe # Xircom pccard Ethernet
-
-# ISA devices that use the old ISA shims
-#device le
-
-# Wireless NIC cards
-#device wlan # 802.11 support
-#device an # Aironet 4500/4800 802.11 wireless NICs.
-#device awi # BayStack 660 and others
-#device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs.
-#device wl # Older non 802.11 Wavelan wireless NIC.
-
-# Pseudo devices.
-device loop # Network loopback
-device ether # Ethernet support
-device ppp # Kernel PPP
-device tun # Packet tunnel.
-device pty # Pseudo-ttys (telnet etc)
-device md # Memory "disks"
-device gif # IPv6 and IPv4 tunneling
-
-# The `bpf' device enables the Berkeley Packet Filter.
-# Be aware of the administrative consequences of enabling this!
-# Note that 'bpf' is required for DHCP.
-device bpf # Berkeley packet filter
-
-# CLK_USE_I8254_CALIBRATION causes the calibrated frequency of the i8254
-# clock to actually be used.
-options CLK_USE_I8254_CALIBRATION
-
-# CPU_ELAN enables support for AMDs ElanSC520 CPU.
-options CPU_ELAN
-options CPU_SOEKRIS
-options CPU_ELAN_XTAL=32768000
-options CPU_ELAN_PPS
-
-# IPSEC
-options IPSEC
-options IPSEC_ESP
-
diff --git a/tools/tools/tinybsd/conf/vpn/etc/fstab b/tools/tools/tinybsd/conf/vpn/etc/fstab
deleted file mode 100644
index 16ada11d7790..000000000000
--- a/tools/tools/tinybsd/conf/vpn/etc/fstab
+++ /dev/null
@@ -1,2 +0,0 @@
-# $FreeBSD$
-/dev/ad0a / ufs ro 1 1
diff --git a/tools/tools/tinybsd/conf/vpn/etc/rc.conf b/tools/tools/tinybsd/conf/vpn/etc/rc.conf
deleted file mode 100644
index cb0af9ffa6c8..000000000000
--- a/tools/tools/tinybsd/conf/vpn/etc/rc.conf
+++ /dev/null
@@ -1,22 +0,0 @@
-# $FreeBSD$
-hostname="tinybsd.freebsd.org"
-sendmail_enable="NONE"
-sshd_enable="YES"
-usbd_enable="NO"
-inetd_enable="NO"
-portmap_enable="NO"
-update_motd="NO"
-varmfs="YES"
-populate_var="YES"
-varsize="8192"
-tmpmfs="YES"
-
-# VPN
-ipsec_enable="YES"
-ipsec_file="/etc/ipsec.conf"
-
-# Set here your VPN configuration
-gif_interfaces="gif0"
-ifconfig_gif0="inet 192.168.1.1 192.168.2.1 netmask 0xffffffff"
-static_routes="vpn"
-route_vpn="192.168.2.0 192.168.2.1 netmask 0xffffff00"
diff --git a/tools/tools/tinybsd/conf/vpn/etc/setkey.conf b/tools/tools/tinybsd/conf/vpn/etc/setkey.conf
deleted file mode 100644
index e8c0da7a1d7e..000000000000
--- a/tools/tools/tinybsd/conf/vpn/etc/setkey.conf
+++ /dev/null
@@ -1 +0,0 @@
-# $FreeBSD$
diff --git a/tools/tools/tinybsd/conf/vpn/tinybsd.basefiles b/tools/tools/tinybsd/conf/vpn/tinybsd.basefiles
deleted file mode 100644
index eba1a11493fa..000000000000
--- a/tools/tools/tinybsd/conf/vpn/tinybsd.basefiles
+++ /dev/null
@@ -1,222 +0,0 @@
-# $FreeBSD$
-# contents of ${WORKDIR}/boot
-boot/boot0
-boot/boot1
-boot/boot2
-boot/defaults/loader.conf
-boot/device.hints
-boot/loader
-boot/loader.4th
-boot/loader.help
-boot/loader.rc
-boot/mbr
-boot/support.4th
-
-# contents of ${WORKDIR}/libexec
-libexec/ld-elf.so.1:usr/libexec/ld-elf.so.1
-
-# contents of ${WORKDIR}/bin
-bin/[:bin/test
-bin/cat
-bin/chflags
-bin/chio
-bin/chmod
-bin/cp
-bin/csh:bin/tcsh
-bin/date
-bin/df
-bin/domainname
-bin/echo
-bin/ed:bin/red
-bin/expr
-bin/hostname
-bin/kenv
-bin/kill
-bin/ln:bin/link
-bin/ls
-bin/mkdir
-bin/mv
-bin/pax
-bin/ps
-bin/pwd
-bin/realpath
-bin/rm:bin/unlink
-bin/rmdir
-bin/sh
-bin/sleep
-bin/stty
-bin/sync
-
-# contents of ${WORKDIR}/sbin
-sbin/adjkerntz
-sbin/comcontrol
-sbin/disklabel
-sbin/dmesg
-sbin/fastboot:sbin/reboot
-sbin/fasthalt:sbin/halt
-sbin/fsck
-sbin/fsck_ufs:sbin/fsck_ffs
-sbin/fsck_ufs:sbin/fsck_4.2bsd
-sbin/ifconfig
-sbin/init
-sbin/ipfw
-sbin/kldconfig
-sbin/kldload
-sbin/kldstat
-sbin/kldunload
-sbin/ldconfig
-sbin/md5
-sbin/mdconfig
-sbin/mknod
-sbin/mdmfs
-sbin/mount
-sbin/mount_nullfs
-sbin/mount_unionfs
-sbin/newfs
-sbin/nextboot
-sbin/nologin
-sbin/nos-tun
-sbin/ping
-sbin/rcorder
-sbin/route
-sbin/setkey
-sbin/shutdown
-sbin/slattach
-sbin/swapon
-sbin/sysctl
-sbin/umount
-
-# contents of ${WORKDIR}/usr/sbin
-usr/bin/at:usr/bin/atq
-usr/bin/at:usr/bin/atrm
-usr/bin/at:usr/bin/batch
-usr/bin/awk
-usr/bin/basename
-usr/bin/bunzip2:usr/bin/bzcat
-usr/bin/bunzip2:usr/bin/bzip2
-usr/bin/chat
-usr/bin/chfn:usr/bin/chpass
-usr/bin/chfn:usr/bin/chsh
-usr/bin/chgrp
-usr/bin/cksum
-usr/bin/clear
-usr/bin/cmp
-usr/bin/compress:usr/bin/uncompress
-usr/bin/cpio
-usr/bin/crontab
-usr/bin/cu
-usr/bin/dig
-usr/bin/dirname
-usr/bin/du
-usr/bin/ee
-usr/bin/egrep:usr/bin/fgrep
-usr/bin/egrep:usr/bin/grep
-usr/bin/env
-usr/bin/false
-usr/bin/fetch
-usr/bin/find
-usr/bin/fstat
-usr/bin/fsync
-usr/bin/ftp
-usr/bin/gunzip:usr/bin/gzcat
-usr/bin/gunzip:usr/bin/gzip
-usr/bin/gzexe
-usr/bin/head
-usr/bin/hexdump
-usr/bin/id:usr/bin/whoami
-usr/bin/ident
-usr/bin/killall
-usr/bin/last
-usr/bin/less:usr/bin/more
-usr/bin/limits
-usr/bin/lock
-usr/bin/lockf
-usr/bin/logger
-usr/bin/login
-usr/bin/logname
-usr/bin/mesg
-usr/bin/minigzip
-usr/bin/mkfifo
-usr/bin/mktemp
-usr/bin/msgs
-usr/bin/netstat
-usr/bin/nfsstat
-usr/bin/nice
-usr/bin/nslookup
-usr/bin/nsupdate
-usr/bin/nohup
-usr/bin/objformat
-usr/bin/openssl
-usr/bin/passwd
-usr/bin/printf
-usr/bin/renice
-usr/bin/reset:usr/sbin/tset
-usr/bin/scp
-usr/bin/script
-usr/bin/sed
-usr/bin/sftp
-usr/bin/shar
-usr/bin/slogin:usr/bin/ssh
-usr/bin/sort
-usr/bin/split
-usr/bin/ssh-keygen
-usr/bin/su
-usr/bin/tail
-usr/bin/tar
-usr/bin/tee
-usr/bin/telnet
-usr/bin/time
-usr/bin/top
-usr/bin/touch
-usr/bin/tput
-usr/bin/tr
-usr/bin/true
-usr/bin/tty
-usr/bin/uname
-usr/bin/uptime:usr/bin/w
-usr/bin/users
-usr/bin/uudecode
-usr/bin/uuencode
-usr/bin/vi
-usr/bin/vmstat
-usr/bin/wall
-usr/bin/who
-usr/bin/whois
-usr/bin/write
-usr/bin/yes
-
-# contents of ${WORKDIR}/usr/sbin
-usr/sbin/boot0cfg
-usr/sbin/chown
-usr/sbin/cron
-usr/sbin/idprio:usr/sbin/rtprio
-usr/sbin/iostat
-usr/sbin/kbdcontrol
-usr/sbin/lastlogin
-usr/sbin/memcontrol
-usr/sbin/mtree
-usr/sbin/newsyslog
-usr/sbin/ntpdate
-usr/sbin/pciconf
-usr/sbin/pw
-usr/sbin/pwd_mkdb
-usr/sbin/slstat
-usr/sbin/sshd
-usr/sbin/syslogd
-usr/sbin/tcpdchk
-usr/sbin/tcpdmatch
-usr/sbin/tcpdump
-usr/sbin/traceroute
-usr/sbin/vidcontrol
-usr/sbin/vipw
-usr/sbin/vnconfig
-usr/sbin/watch
-
-# contents of ${WORKDIR}/usr/libexec
-usr/libexec/atrun
-usr/libexec/getty
-usr/libexec/sftp-server
-
-# contents of ${WORKDIR}/usr/share
-usr/share/misc/termcap
-
diff --git a/tools/tools/tinybsd/conf/vpn/tinybsd.ports b/tools/tools/tinybsd/conf/vpn/tinybsd.ports
deleted file mode 100644
index 49bb52175241..000000000000
--- a/tools/tools/tinybsd/conf/vpn/tinybsd.ports
+++ /dev/null
@@ -1,9 +0,0 @@
-# $FreeBSD$
-# Here you can add the applications from the FreeBSD Ports Collection which you
-# want TinyBSD ports system to install in your embedded system. You whould list
-# one application per line, mentioning its category and name, like the examples:
-#
-# www/mini_httpd
-# net-mgmt/rate
-#
-# Make sure you have enough space to add it.
diff --git a/tools/tools/tinybsd/conf/wireless/TINYBSD b/tools/tools/tinybsd/conf/wireless/TINYBSD
deleted file mode 100644
index 9477f08e1dba..000000000000
--- a/tools/tools/tinybsd/conf/wireless/TINYBSD
+++ /dev/null
@@ -1,167 +0,0 @@
-# $FreeBSD$
-machine i386
-cpu I486_CPU
-cpu I586_CPU
-cpu I686_CPU
-ident TINYBSD
-
-# To statically compile in device wiring instead of /boot/device.hints
-#hints "GENERIC.hints" # Default places to look for devices.
-
-options SCHED_4BSD # 4BSD scheduler
-options INET # InterNETworking
-options FFS # Berkeley Fast Filesystem
-options SOFTUPDATES # Enable FFS soft updates support
-options UFS_DIRHASH # Improve performance on big directories
-options MD_ROOT # MD is a potential root device
-options PROCFS # Process filesystem (requires PSEUDOFS)
-options PSEUDOFS # Pseudo-filesystem framework
-options GEOM_PART_GPT # GUID Partition Tables.
-options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!]
-options COMPAT_FREEBSD4 # Compatible with FreeBSD4
-options SYSVSHM # SYSV-style shared memory
-options SYSVMSG # SYSV-style message queues
-options SYSVSEM # SYSV-style semaphores
-options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
-options KBD_INSTALL_CDEV # install a CDEV entry in /dev
-options AHC_REG_PRETTY_PRINT # Print register bitfields in debug
- # output. Adds ~128k to driver.
-options AHD_REG_PRETTY_PRINT # Print register bitfields in debug
- # output. Adds ~215k to driver.
-options ADAPTIVE_GIANT # Giant mutex is adaptive.
-
-device apic # I/O APIC
-
-device eisa
-device pci
-
-# Floppy drives
-#device fdc
-
-# ATA and ATAPI devices
-device ata
-device atadisk # ATA disk drives
-device atapist # ATAPI tape drives
-options ATA_STATIC_ID # Static device numbering
-
-# atkbdc0 controls both the keyboard and the PS/2 mouse
-device atkbdc # AT keyboard controller
-device atkbd # AT keyboard
-device psm # PS/2 mouse
-
-device vga # VGA video card driver
-
-#device splash # Splash screen and screen saver support
-
-# syscons is the default console driver, resembling an SCO console
-device sc
-
-# Enable this for the pcvt (VT220 compatible) console driver
-#device vt
-#options XSERVER # support for X server on a vt console
-#options FAT_CURSOR # start with block cursor
-
-device agp # support several AGP chipsets
-
-# PCCARD (PCMCIA) support
-# PCMCIA and cardbus bridge support
-device cbb # cardbus (yenta) bridge
-device pccard # PC Card (16-bit) bus
-device cardbus # CardBus (32-bit) bus
-
-# Serial (COM) ports
-device sio # 8250, 16[45]50 based serial ports
-
-# PCI Ethernet NICs.
-#device de # DEC/Intel DC21x4x (``Tulip'')
-#device em # Intel PRO/1000 adapter Gigabit Ethernet Card
-#device txp # 3Com 3cR990 (``Typhoon'')
-#device vx # 3Com 3c590, 3c595 (``Vortex'')
-
-# PCI Ethernet NICs that use the common MII bus controller code.
-# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
-#device miibus # MII bus support
-#device bfe # Broadcom BCM440x 10/100 Ethernet
-#device bge # Broadcom BCM570xx Gigabit Ethernet
-#device dc # DEC/Intel 21143 and various workalikes
-#device fxp # Intel EtherExpress PRO/100B (82557, 82558)
-#device lge # Level 1 LXT1001 gigabit ethernet
-#device nge # NatSemi DP83820 gigabit ethernet
-#device pcn # AMD Am79C97x PCI 10/100 (precedence over 'lnc')
-#device re # RealTek 8139C+/8169/8169S/8110S
-#device rl # RealTek 8129/8139
-#device sf # Adaptec AIC-6915 (``Starfire'')
-#device sis # Silicon Integrated Systems SiS 900/SiS 7016
-#device sk # SysKonnect SK-984x & SK-982x gigabit Ethernet
-#device ste # Sundance ST201 (D-Link DFE-550TX)
-#device ti # Alteon Networks Tigon I/II gigabit Ethernet
-#device tl # Texas Instruments ThunderLAN
-#device tx # SMC EtherPower II (83c170 ``EPIC'')
-#device vge # VIA VT612x gigabit ethernet
-#device vr # VIA Rhine, Rhine II
-#device wb # Winbond W89C840F
-#device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'')
-
-# ISA Ethernet NICs. pccard NICs included.
-#device cs # Crystal Semiconductor CS89x0 NIC
-# 'device ed' requires 'device miibus'
-#device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards
-#device ex # Intel EtherExpress Pro/10 and Pro/10+
-#device ep # Etherlink III based cards
-#device fe # Fujitsu MB8696x based cards
-#device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc.
-#device lnc # NE2100, NE32-VL Lance Ethernet cards
-#device sn # SMC's 9000 series of Ethernet chips
-#device xe # Xircom pccard Ethernet
-
-# ISA devices that use the old ISA shims
-#device le
-
-# Wireless NIC cards
-device wlan # 802.11 support
-device wlan_wep #802.11 WEP support
-device wlan_ccmp #802.11 CCMP support
-device wlan_tkip #802.11 TKIP support
-device wlan_xauth #802.11 external authenticator support
-device wlan_acl #802.11 MAC ACL support
-device an # Aironet 4500/4800 802.11 wireless NICs.
-device awi # BayStack 660 and others
-device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs.
-#device wl # Older non 802.11 Wavelan wireless NIC.
-
-# Pseudo devices.
-device loop # Network loopback
-device ether # Ethernet support
-device pty # Pseudo-ttys (telnet etc)
-device md # Memory "disks"
-
-# The `bpf' device enables the Berkeley Packet Filter.
-# Be aware of the administrative consequences of enabling this!
-# Note that 'bpf' is required for DHCP.
-device bpf # Berkeley packet filter
-
-options IPFIREWALL
-options IPFIREWALL_DEFAULT_TO_ACCEPT
-options IPDIVERT
-options DUMMYNET
-
-device pf #PF OpenBSD packet-filter firewall
-device pflog #logging support interface for PF
-device pfsync #synchronization interface for PF
-
-device ath
-device ath_hal
-device ath_rate_sample
-
-device if_bridge
-
-# CLK_USE_I8254_CALIBRATION causes the calibrated frequency of the i8254
-# clock to actually be used.
-options CLK_USE_I8254_CALIBRATION
-
-# CPU_ELAN enables support for AMDs ElanSC520 CPU.
-options CPU_ELAN
-options CPU_SOEKRIS
-options CPU_ELAN_XTAL=32768000
-options CPU_ELAN_PPS
-
diff --git a/tools/tools/tinybsd/conf/wireless/etc/authpf/authpf.rules b/tools/tools/tinybsd/conf/wireless/etc/authpf/authpf.rules
deleted file mode 100644
index e8c0da7a1d7e..000000000000
--- a/tools/tools/tinybsd/conf/wireless/etc/authpf/authpf.rules
+++ /dev/null
@@ -1 +0,0 @@
-# $FreeBSD$
diff --git a/tools/tools/tinybsd/conf/wireless/etc/fstab b/tools/tools/tinybsd/conf/wireless/etc/fstab
deleted file mode 100644
index 16ada11d7790..000000000000
--- a/tools/tools/tinybsd/conf/wireless/etc/fstab
+++ /dev/null
@@ -1,2 +0,0 @@
-# $FreeBSD$
-/dev/ad0a / ufs ro 1 1
diff --git a/tools/tools/tinybsd/conf/wireless/etc/natd.conf b/tools/tools/tinybsd/conf/wireless/etc/natd.conf
deleted file mode 100644
index e8c0da7a1d7e..000000000000
--- a/tools/tools/tinybsd/conf/wireless/etc/natd.conf
+++ /dev/null
@@ -1 +0,0 @@
-# $FreeBSD$
diff --git a/tools/tools/tinybsd/conf/wireless/etc/pf.conf b/tools/tools/tinybsd/conf/wireless/etc/pf.conf
deleted file mode 100644
index 9acf363030a2..000000000000
--- a/tools/tools/tinybsd/conf/wireless/etc/pf.conf
+++ /dev/null
@@ -1,78 +0,0 @@
-# $FreeBSD$
-#
-# See pf.conf(5) and /usr/share/examples/pf for syntax and examples.
-# Required order: options, normalization, queueing, translation, filtering.
-# Macros and tables may be defined and used anywhere.
-# Note that translation rules are first match while filter rules are last match.
-
-# Macros: define common values, so they can be referenced and changed easily.
-#ext_if="ext0" # replace with actual external interface name i.e., dc0
-#int_if="int0" # replace with actual internal interface name i.e., dc1
-#internal_net="10.1.1.1/8"
-#external_addr="192.168.1.1"
-
-# Tables: similar to macros, but more flexible for many addresses.
-#table <foo> { 10.0.0.0/8, !10.1.0.0/16, 192.168.0.0/24, 192.168.1.18 }
-
-# Options: tune the behavior of pf, default values are given.
-#set timeout { interval 10, frag 30 }
-#set timeout { tcp.first 120, tcp.opening 30, tcp.established 86400 }
-#set timeout { tcp.closing 900, tcp.finwait 45, tcp.closed 90 }
-#set timeout { udp.first 60, udp.single 30, udp.multiple 60 }
-#set timeout { icmp.first 20, icmp.error 10 }
-#set timeout { other.first 60, other.single 30, other.multiple 60 }
-#set timeout { adaptive.start 0, adaptive.end 0 }
-#set limit { states 10000, frags 5000 }
-#set loginterface none
-#set optimization normal
-#set block-policy drop
-#set require-order yes
-#set fingerprints "/etc/pf.os"
-
-# Normalization: reassemble fragments and resolve or reduce traffic ambiguities.
-#scrub in all
-
-# Queueing: rule-based bandwidth control.
-#altq on $ext_if bandwidth 2Mb cbq queue { dflt, developers, marketing }
-#queue dflt bandwidth 5% cbq(default)
-#queue developers bandwidth 80%
-#queue marketing bandwidth 15%
-
-# Translation: specify how addresses are to be mapped or redirected.
-# nat: packets going out through $ext_if with source address $internal_net will
-# get translated as coming from the address of $ext_if, a state is created for
-# such packets, and incoming packets will be redirected to the internal address.
-#nat on $ext_if from $internal_net to any -> ($ext_if)
-
-# rdr: packets coming in on $ext_if with destination $external_addr:1234 will
-# be redirected to 10.1.1.1:5678. A state is created for such packets, and
-# outgoing packets will be translated as coming from the external address.
-#rdr on $ext_if proto tcp from any to $external_addr/32 port 1234 -> 10.1.1.1 port 5678
-
-# rdr outgoing FTP requests to the ftp-proxy
-#rdr on $int_if proto tcp from any to any port ftp -> 127.0.0.1 port 8021
-
-# spamd-setup puts addresses to be redirected into table <spamd>.
-#table <spamd> persist
-#no rdr on { lo0, lo1 } from any to any
-#rdr inet proto tcp from <spamd> to any port smtp -> 127.0.0.1 port 8025
-
-# Filtering: the implicit first two rules are
-#pass in all
-#pass out all
-
-# block all incoming packets but allow ssh, pass all outgoing tcp and udp
-# connections and keep state, logging blocked packets.
-#block in log all
-#pass in on $ext_if proto tcp from any to $ext_if port 22 keep state
-#pass out on $ext_if proto { tcp, udp } all keep state
-
-# pass incoming packets destined to the addresses given in table <foo>.
-#pass in on $ext_if proto { tcp, udp } from any to <foo> port 80 keep state
-
-# pass incoming ports for ftp-proxy
-#pass in on $ext_if inet proto tcp from any to $ext_if user proxy keep state
-
-# assign packets to a queue.
-#pass out on $ext_if from 192.168.0.0/24 to any keep state queue developers
-#pass out on $ext_if from 192.168.1.0/24 to any keep state queue marketing
diff --git a/tools/tools/tinybsd/conf/wireless/etc/pf.os b/tools/tools/tinybsd/conf/wireless/etc/pf.os
deleted file mode 100644
index 2a64809bcfa9..000000000000
--- a/tools/tools/tinybsd/conf/wireless/etc/pf.os
+++ /dev/null
@@ -1,549 +0,0 @@
-# $FreeBSD$
-# passive OS fingerprinting
-# -------------------------
-#
-# SYN signatures. Those signatures work for SYN packets only (duh!).
-#
-# (C) Copyright 2000-2003 by Michal Zalewski <lcamtuf@coredump.cx>
-# (C) Copyright 2003 by Mike Frantzen <frantzen@w4g.org>
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-#
-#
-# This fingerprint database is adapted from Michal Zalewski's p0f passive
-# operating system package.
-#
-#
-# Each line in this file specifies a single fingerprint. Please read the
-# information below carefully before attempting to append any signatures
-# reported as UNKNOWN to this file to avoid mistakes.
-#
-# We use the following set metrics for fingerprinting:
-#
-# - Window size (WSS) - a highly OS dependent setting used for TCP/IP
-# performance control (max. amount of data to be sent without ACK).
-# Some systems use a fixed value for initial packets. On other
-# systems, it is a multiple of MSS or MTU (MSS+40). In some rare
-# cases, the value is just arbitrary.
-#
-# NEW SIGNATURE: if p0f reported a special value of 'Snn', the number
-# appears to be a multiple of MSS (MSS*nn); a special value of 'Tnn'
-# means it is a multiple of MTU ((MSS+40)*nn). Unless you notice the
-# value of nn is not fixed (unlikely), just copy the Snn or Tnn token
-# literally. If you know this device has a simple stack and a fixed
-# MTU, you can however multiply S value by MSS, or T value by MSS+40,
-# and put it instead of Snn or Tnn.
-#
-# If WSS otherwise looks like a fixed value (for example a multiple
-# of two), or if you can confirm the value is fixed, please quote
-# it literally. If there's no apparent pattern in WSS chosen, you
-# should consider wildcarding this value.
-#
-# - Overall packet size - a function of all IP and TCP options and bugs.
-#
-# NEW SIGNATURE: Copy this value literally.
-#
-# - Initial TTL - We check the actual TTL of a received packet. It can't
-# be higher than the initial TTL, and also shouldn't be dramatically
-# lower (maximum distance is defined as 40 hops).
-#
-# NEW SIGNATURE: *Never* copy TTL from a p0f-reported signature literally.
-# You need to determine the initial TTL. The best way to do it is to
-# check the documentation for a remote system, or check its settings.
-# A fairly good method is to simply round the observed TTL up to
-# 32, 64, 128, or 255, but it should be noted that some obscure devices
-# might not use round TTLs (in particular, some shoddy appliances use
-# "original" initial TTL settings). If not sure, you can see how many
-# hops you're away from the remote party with traceroute or mtr.
-#
-# - Don't fragment flag (DF) - some modern OSes set this to implement PMTU
-# discovery. Others do not bother.
-#
-# NEW SIGNATURE: Copy this value literally.
-#
-# - Maximum segment size (MSS) - this setting is usually link-dependent. P0f
-# uses it to determine link type of the remote host.
-#
-# NEW SIGNATURE: Always wildcard this value, except for rare cases when
-# you have an appliance with a fixed value, know the system supports only
-# a very limited number of network interface types, or know the system
-# is using a value it pulled out of nowhere. Specific unique MSS
-# can be used to tell Google crawlbots from the rest of the population.
-#
-# - Window scaling (WSCALE) - this feature is used to scale WSS.
-# It extends the size of a TCP/IP window to 32 bits. Some modern
-# systems implement this feature.
-#
-# NEW SIGNATURE: Observe several signatures. Initial WSCALE is often set
-# to zero or other low value. There's usually no need to wildcard this
-# parameter.
-#
-# - Timestamp - some systems that implement timestamps set them to
-# zero in the initial SYN. This case is detected and handled appropriately.
-#
-# - Selective ACK permitted - a flag set by systems that implement
-# selective ACK functionality.
-#
-# - The sequence of TCP all options (MSS, window scaling, selective ACK
-# permitted, timestamp, NOP). Other than the options previously
-# discussed, p0f also checks for timestamp option (a silly
-# extension to broadcast your uptime ;-), NOP options (used for
-# header padding) and sackOK option (selective ACK feature).
-#
-# NEW SIGNATURE: Copy the sequence literally.
-#
-# To wildcard any value (except for initial TTL or TCP options), replace
-# it with '*'. You can also use a modulo operator to match any values
-# that divide by nnn - '%nnn'.
-#
-# Fingerprint entry format:
-#
-# wwww:ttt:D:ss:OOO...:OS:Version:Subtype:Details
-#
-# wwww - window size (can be *, %nnn, Snn or Tnn). The special values
-# "S" and "T" which are a multiple of MSS or a multiple of MTU
-# respectively.
-# ttt - initial TTL
-# D - don't fragment bit (0 - not set, 1 - set)
-# ss - overall SYN packet size
-# OOO - option value and order specification (see below)
-# OS - OS genre (Linux, Solaris, Windows)
-# Version - OS Version (2.0.27 on x86, etc)
-# Subtype - OS subtype or patchlevel (SP3, lo0)
-# details - Generic OS details
-#
-# If OS genre starts with '*', p0f will not show distance, link type
-# and timestamp data. It is useful for userland TCP/IP stacks of
-# network scanners and so on, where many settings are randomized or
-# bogus.
-#
-# If OS genre starts with @, it denotes an approximate hit for a group
-# of operating systems (signature reporting still enabled in this case).
-# Use this feature at the end of this file to catch cases for which
-# you don't have a precise match, but can tell it's Windows or FreeBSD
-# or whatnot by looking at, say, flag layout alone.
-#
-# Option block description is a list of comma or space separated
-# options in the order they appear in the packet:
-#
-# N - NOP option
-# Wnnn - window scaling option, value nnn (or * or %nnn)
-# Mnnn - maximum segment size option, value nnn (or * or %nnn)
-# S - selective ACK OK
-# T - timestamp
-# T0 - timestamp with a zero value
-#
-# To denote no TCP options, use a single '.'.
-#
-# Please report any additions to this file, or any inaccuracies or
-# problems spotted, to the maintainers: lcamtuf@coredump.cx,
-# frantzen@openbsd.org and bugs@openbsd.org with a tcpdump packet
-# capture of the relevant SYN packet(s)
-#
-# WARNING WARNING WARNING
-# -----------------------
-#
-# Do not add a system X as OS Y just because NMAP says so. It is often
-# the case that X is a NAT firewall. While nmap is talking to the
-# device itself, p0f is fingerprinting the guy behind the firewall
-# instead.
-#
-# When in doubt, use common sense, don't add something that looks like
-# a completely different system as Linux or FreeBSD or LinkSys router.
-# Check DNS name, establish a connection to the remote host and look
-# at SYN+ACK - does it look similar?
-#
-# Some users tweak their TCP/IP settings - enable or disable RFC1323
-# functionality, enable or disable timestamps or selective ACK,
-# disable PMTU discovery, change MTU and so on. Always compare a new rule
-# to other fingerprints for this system, and verify the system isn't
-# "customized" before adding it. It is OK to add signature variants
-# caused by a commonly used software (personal firewalls, security
-# packages, etc), but it makes no sense to try to add every single
-# possible /proc/sys/net/ipv4 tweak on Linux or so.
-#
-# KEEP IN MIND: Some packet firewalls configured to normalize outgoing
-# traffic (OpenBSD pf with "scrub" enabled, for example) will, well,
-# normalize packets. Signatures will not correspond to the originating
-# system (and probably not quite to the firewall either).
-#
-# NOTE: Try to keep this file in some reasonable order, from most to
-# least likely systems. This will speed up operation. Also keep most
-# generic and broad rules near the end.
-#
-
-##########################
-# Standard OS signatures #
-##########################
-
-# ----------------- AIX ---------------------
-
-# AIX is first because its signatures are close to NetBSD, MacOS X and
-# Linux 2.0, but it uses a fairly rare MSSes, at least sometimes...
-# This is a shoddy hack, though.
-
-16384:64:0:44:M512: AIX:4.3:2-3:AIX 4.3.2 and earlier
-
-16384:64:0:60:M512,N,W%2,N,N,T: AIX:4.3:3:AIX 4.3.3-5.2
-16384:64:0:60:M512,N,W%2,N,N,T: AIX:5.1-5.2::AIX 4.3.3-5.2
-32768:64:0:60:M512,N,W%2,N,N,T: AIX:4.3:3:AIX 4.3.3-5.2
-32768:64:0:60:M512,N,W%2,N,N,T: AIX:5.1-5.2::AIX 4.3.3-5.2
-65535:64:0:60:M512,N,W%2,N,N,T: AIX:4.3:3:AIX 4.3.3-5.2
-65535:64:0:60:M512,N,W%2,N,N,T: AIX:5.1-5.2::AIX 4.3.3-5.2
-65535:64:0:64:M*,N,W1,N,N,T,N,N,S: AIX:5.3:ML1:AIX 5.3 ML1
-
-# ----------------- Linux -------------------
-
-512:64:0:44:M*: Linux:2.0:3x:Linux 2.0.3x
-16384:64:0:44:M*: Linux:2.0:3x:Linux 2.0.3x
-
-# Endian snafu! Nelson says "ha-ha":
-2:64:0:44:M*: Linux:2.0:3x:Linux 2.0.3x (MkLinux) on Mac
-64:64:0:44:M*: Linux:2.0:3x:Linux 2.0.3x (MkLinux) on Mac
-
-
-S4:64:1:60:M1360,S,T,N,W0: Linux:google::Linux (Google crawlbot)
-
-S2:64:1:60:M*,S,T,N,W0: Linux:2.4::Linux 2.4 (big boy)
-S3:64:1:60:M*,S,T,N,W0: Linux:2.4:18-21:Linux 2.4.18 and newer
-S4:64:1:60:M*,S,T,N,W0: Linux:2.4::Linux 2.4/2.6
-S4:64:1:60:M*,S,T,N,W0: Linux:2.6::Linux 2.4/2.6
-
-S3:64:1:60:M*,S,T,N,W1: Linux:2.5::Linux 2.5
-S4:64:1:60:M*,S,T,N,W1: Linux:2.5-2.6::Linux 2.5/2.6
-
-S20:64:1:60:M*,S,T,N,W0: Linux:2.2:20-25:Linux 2.2.20 and newer
-S22:64:1:60:M*,S,T,N,W0: Linux:2.2::Linux 2.2
-S11:64:1:60:M*,S,T,N,W0: Linux:2.2::Linux 2.2
-
-# Popular cluster config scripts disable timestamps and
-# selective ACK:
-S4:64:1:48:M1460,N,W0: Linux:2.4:cluster:Linux 2.4 in cluster
-
-# This needs to be investigated. On some systems, WSS
-# is selected as a multiple of MTU instead of MSS. I got
-# many submissions for this for many late versions of 2.4:
-T4:64:1:60:M1412,S,T,N,W0: Linux:2.4::Linux 2.4 (late, uncommon)
-
-# This happens only over loopback, but let's make folks happy:
-32767:64:1:60:M16396,S,T,N,W0: Linux:2.4:lo0:Linux 2.4 (local)
-S8:64:1:60:M3884,S,T,N,W0: Linux:2.2:lo0:Linux 2.2 (local)
-
-# Opera visitors:
-16384:64:1:60:M*,S,T,N,W0: Linux:2.2:Opera:Linux 2.2 (Opera?)
-32767:64:1:60:M*,S,T,N,W0: Linux:2.4:Opera:Linux 2.4 (Opera?)
-
-# Some fairly common mods:
-S4:64:1:52:M*,N,N,S,N,W0: Linux:2.4:ts:Linux 2.4 w/o timestamps
-S22:64:1:52:M*,N,N,S,N,W0: Linux:2.2:ts:Linux 2.2 w/o timestamps
-
-
-# ----------------- FreeBSD -----------------
-
-16384:64:1:44:M*: FreeBSD:2.0-2.2::FreeBSD 2.0-4.1
-16384:64:1:44:M*: FreeBSD:3.0-3.5::FreeBSD 2.0-4.1
-16384:64:1:44:M*: FreeBSD:4.0-4.1::FreeBSD 2.0-4.1
-16384:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.4::FreeBSD 4.4
-
-1024:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.4::FreeBSD 4.4
-
-57344:64:1:44:M*: FreeBSD:4.6-4.8:noRFC1323:FreeBSD 4.6-4.8 (no RFC1323)
-57344:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.6-4.8::FreeBSD 4.6-4.8
-
-32768:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.8-4.9::FreeBSD 4.8-5.1 (or MacOS X)
-32768:64:1:60:M*,N,W0,N,N,T: FreeBSD:5.0-5.1::FreeBSD 4.8-5.1 (or MacOS X)
-65535:64:1:60:M*,N,W0,N,N,T: FreeBSD:4.8-4.9::FreeBSD 4.8-5.1 (or MacOS X)
-65535:64:1:60:M*,N,W0,N,N,T: FreeBSD:5.0-5.1::FreeBSD 4.8-5.1 (or MacOS X)
-65535:64:1:60:M*,N,W1,N,N,T: FreeBSD:4.7-4.9::FreeBSD 4.7-5.1
-65535:64:1:60:M*,N,W1,N,N,T: FreeBSD:5.0-5.1::FreeBSD 4.7-5.1
-
-# 16384:64:1:60:M*,N,N,N,N,N,N,T:FreeBSD:4.4:noTS:FreeBSD 4.4 (w/o timestamps)
-
-# ----------------- NetBSD ------------------
-
-65535:64:0:60:M*,N,W0,N,N,T0: NetBSD:1.6:opera:NetBSD 1.6 (Opera)
-16384:64:0:60:M*,N,W0,N,N,T0: NetBSD:1.6::NetBSD 1.6
-16384:64:1:60:M*,N,W0,N,N,T0: NetBSD:1.6:df:NetBSD 1.6 (DF)
-16384:64:0:60:M*,N,W0,N,N,T: NetBSD:1.3::NetBSD 1.3
-65535:64:1:60:M*,N,W1,N,N,T0: NetBSD:1.6::NetBSD 1.6W-current (DF)
-
-# ----------------- OpenBSD -----------------
-
-16384:64:0:60:M*,N,W0,N,N,T: OpenBSD:2.6::NetBSD 1.3 (or OpenBSD 2.6)
-16384:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-3.4::OpenBSD 3.0-3.4
-16384:64:0:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-3.4:no-df:OpenBSD 3.0-3.4 (scrub no-df)
-57344:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.3-3.4::OpenBSD 3.3-3.4
-57344:64:0:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.3-3.4:no-df:OpenBSD 3.3-3.4 (scrub no-df)
-
-65535:64:1:64:M*,N,N,S,N,W0,N,N,T: OpenBSD:3.0-3.4:opera:OpenBSD 3.0-3.4 (Opera)
-
-# ----------------- Solaris -----------------
-
-S17:64:1:64:N,W3,N,N,T0,N,N,S,M*: Solaris:8:RFC1323:Solaris 8 RFC1323
-S17:64:1:48:N,N,S,M*: Solaris:8::Solaris 8
-S17:255:1:44:M*: Solaris:2.5-2.7::Solaris 2.5 to 7
-
-S6:255:1:44:M*: Solaris:2.6-2.7::Solaris 2.6 to 7
-S23:255:1:44:M*: Solaris:2.5:1:Solaris 2.5.1
-S34:64:1:48:M*,N,N,S: Solaris:2.9::Solaris 9
-S44:255:1:44:M*: Solaris:2.7::Solaris 7
-
-# ----------------- IRIX --------------------
-
-49152:64:0:44:M*: IRIX:6.4::IRIX 6.4
-61440:64:0:44:M*: IRIX:6.2-6.5::IRIX 6.2-6.5
-49152:64:0:52:M*,N,W2,N,N,S: IRIX:6.5:RFC1323:IRIX 6.5 (RFC1323)
-49152:64:0:52:M*,N,W3,N,N,S: IRIX:6.5:RFC1323:IRIX 6.5 (RFC1323)
-
-61440:64:0:48:M*,N,N,S: IRIX:6.5:12-21:IRIX 6.5.12 - 6.5.21
-49152:64:0:48:M*,N,N,S: IRIX:6.5:15-21:IRIX 6.5.15 - 6.5.21
-
-# ----------------- Tru64 -------------------
-
-32768:64:1:48:M*,N,W0: Tru64:4.0::Tru64 4.0
-32768:64:0:48:M*,N,W0: Tru64:5.0::Tru64 5.0
-8192:64:0:44:M1460: Tru64:5.1:noRFC1323:Tru64 6.1 (no RFC1323) (or QNX 6)
-
-# This looks awfully Linuxish :/
-# S22:64:0:60:M*,S,T,N,W0: Tru64:5.0:a:Tru64 5.0a
-
-61440:64:0:48:M*,N,W0: Tru64:5.1a:JP4:Tru64 v5.1a JP4 (or OpenVMS 7.x on Compaq 5.x stack)
-
-
-# ----------------- OpenVMS -----------------
-
-6144:64:1:60:M*,N,W0,N,N,T: OpenVMS:7.2::OpenVMS 7.2 (Multinet 4.4 stack)
-
-# ----------------- MacOS -------------------
-
-16616:255:1:48:M*,W0: MacOS:7.3-7.6:OTTCP:MacOS 7.3-8.6 (OTTCP)
-16616:255:1:48:M*,W0: MacOS:8.0-8.6:OTTCP:MacOS 7.3-8.6 (OTTCP)
-32768:255:1:48:M*,W0,N: MacOS:9.1-9.2::MacOS 9.1/9.2
-32768:64:0:60:M*,N,W0,N,N,T: MacOS:X:10.2:MacOS X 10.2
-
-# ----------------- Windows -----------------
-
-# Windows 95 - need more:
-
-8192:32:1:44:M*: Windows:95::Windows 95 (low TTL)
-
-# Windows 98 - plenty of silly signatures:
-S44:32:1:48:M*,N,N,S: Windows:98::Windows 98 (low TTL)
-8192:32:1:48:M*,N,N,S: Windows:98::Windows 98 (low TTL)
-
-%8192:64:1:48:M*,N,N,S: Windows:98::Windows 98 (or newer XP/2000 with tweaked TTL)
-S4:64:1:48:M*,N,N,S: Windows:98::Windows 98
-S6:64:1:48:M*,N,N,S: Windows:98::Windows 98
-S12:64:1:48:M*,N,N,S: Windows:98::Windows 98
-32767:64:1:48:M*,N,N,S: Windows:98::Windows 98
-37300:64:1:48:M*,N,N,S: Windows:98::Windows 98
-46080:64:1:52:M*,N,W3,N,N,S: Windows:98:RFC1323:Windows 98 (RFC1323)
-65535:64:1:44:M*: Windows:98:noSACK:Windows 98 (no sack)
-
-S16:128:1:48:M*,N,N,S: Windows:98::Windows 98
-S16:128:1:64:M*,N,W0,N,N,T0,N,N,S: Windows:98::Windows 98
-S26:128:1:48:M*,N,N,S: Windows:98::Windows 98
-T30:128:1:48:M*,N,N,S: Windows:98::Windows 98
-32767:128:1:52:M*,N,W0,N,N,S: Windows:98::Windows 98
-60352:128:1:48:M*,N,N,S: Windows:98::Windows 98
-60352:128:1:64:M*,N,W2,N,N,T0,N,N,S: Windows:98::Windows 98
-
-# Windows NT 4.0 - need more:
-
-64512:128:1:44:M1414: Windows:NT:4.0:Windows NT 4.0 SP6a
-8192:128:1:44:M*: Windows:NT:4.0:Windows NT 4.0 (older)
-6144:128:1:52:M*,W0,N,S,N,N: Windows:NT:4.0:Windows NT 4.0 (RFC1323)
-
-# Windows XP and 2000. Most of the signatures that were
-# either dubious or non-specific (no service pack data)
-# were deleted and replaced with generics at the end.
-
-65535:128:1:48:M*,N,N,S: Windows:2000:SP4:Windows 2000 SP4, XP SP1
-%8192:128:1:48:M*,N,N,S: Windows:2000:SP4:Windows 2000 SP4, XP SP1
-S45:128:1:48:M*,N,N,S: Windows:2000:SP4:Windows 2000 SP4
-S6:128:1:48:M*,N,N,S: Windows:2000:SP4:Windows XP SP1, 2000 SP4
-S44:128:1:48:M*,N,N,S: Windows:2000:SP3:Windows XP Pro SP1, 2000 SP3
-
-S6:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows XP SP1, 2000 SP4
-S44:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows XP Pro SP1, 2000 SP3
-64512:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows XP SP1
-32767:128:1:48:M1452,N,N,S: Windows:XP:SP1:Windows XP SP1
-65535:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows 2000 SP4, XP SP1
-%8192:128:1:48:M*,N,N,S: Windows:XP:SP1:Windows 2000 SP4, XP SP1
-
-# Odds, ends, mods:
-
-S52:128:1:48:M1260,N,N,S: Windows:XP:Cisco:Windows XP/2000 via Cisco
-S52:128:1:48:M1260,N,N,S: Windows:2000:Cisco:Windows XP/2000 via Cisco
-
-# HUNT DOWN:
-# *:128:1:48:M*,N,N,S:U:@Windows:XP (leak) (PLEASE REPORT)
-
-# ----------------- HP/UX -------------------
-
-32768:64:1:44:M*: HP-UX:B.10.20::HP-UX B.10.20
-32768:64:0:48:M*,W0,N: HP-UX:11.0::HP-UX 11.0
-32768:64:1:48:M*,W0,N: HP-UX:11.10::HP-UX 11.0 or 11.11
-32768:64:1:48:M*,W0,N: HP-UX:11.11::HP-UX 11.0 or 11.11
-
-# Whoa. Hardcore WSS.
-0:64:0:48:M*,W0,N: HP-UX:B.11.00:A:HP-UX B.11.00 A (RFC1323)
-
-
-# ----------------- RiscOS ------------------
-
-# We don't yet support the ?12 TCP option
-#16384:64:1:68:M1460,N,W0,N,N,T,N,N,?12: RISCOS:3.70-4.36::RISC OS 3.70-4.36
-
-# ----------------- BSD/OS ------------------
-
-# Once again, power of two WSS is also shared by MacOS X with DF set
-8192:64:1:60:M1460,N,W0,N,N,T: BSD/OS:3.1::BSD/OS 3.1-4.3 (or MacOS X 10.2 w/DF)
-8192:64:1:60:M1460,N,W0,N,N,T: BSD/OS:4.0-4.3::BSD/OS 3.1-4.3 (or MacOS X 10.2)
-
-
-# ---------------- NewtonOS -----------------
-
-4096:64:0:44:M1420: NewtonOS:2.1::NewtonOS 2.1
-
-# ---------------- NeXTSTEP -----------------
-
-S8:64:0:44:M512: NeXTSTEP:3.3::NeXTSTEP 3.3
-
-# ------------------ BeOS -------------------
-
-1024:255:0:48:M*,N,W0: BeOS:5.0-5.1::BeOS 5.0-5.1
-12288:255:0:44:M1402: BeOS:5.0::BeOS 5.0.x
-
-# ------------------ OS/400 -----------------
-
-8192:64:1:60:M1440,N,W0,N,N,T: OS/400:VR4::OS/400 VR4/R5
-8192:64:1:60:M1440,N,W0,N,N,T: OS/400:VR5::OS/400 VR4/R5
-4096:64:1:60:M1440,N,W0,N,N,T: OS/400:V4R5:CF67032:OS/400 V4R5 + CF67032
-
-
-# ------------------ ULTRIX -----------------
-
-16384:64:0:40:.: ULTRIX:4.5::ULTRIX 4.5
-
-# ------------------- QNX -------------------
-
-S16:64:0:44:M512: QNX:::QNX demodisk
-
-# ------------------ Novell -----------------
-
-16384:128:1:44:M1460: Novell:NetWare:5.0:Novel Netware 5.0
-6144:128:1:44:M1460: Novell:IntranetWare:4.11:Novell IntranetWare 4.11
-
-# ----------------- SCO ------------------
-S17:64:1:44:M1460: SCO:Unixware:7.0:SCO Unixware 7.0.0 or OpenServer 5.0.4-5.06
-S17:64:1:44:M1460: SCO:OpenServer:5.0:SCO Unixware 7.0.0 or OpenServer 5.0.4-5.06
-S3:64:1:60:M1460,N,W0,N,N,T: SCO:UnixWare:7.1:SCO UnixWare 7.1
-
-# ------------------- DOS -------------------
-
-2048:255:0:44:M536: DOS:WATTCP:1.05:DOS Arachne via WATTCP/1.05
-
-###########################################
-# Appliance / embedded / other signatures #
-###########################################
-
-# ---------- Firewalls / routers ------------
-
-S12:64:1:44:M1460: @Checkpoint:::Checkpoint (unknown 1)
-S12:64:1:48:N,N,S,M1460: @Checkpoint:::Checkpoint (unknown 2)
-4096:32:0:44:M1460: ExtremeWare:4.x::ExtremeWare 4.x
-60352:64:0:52:M1460,N,W2,N,N,S: Clavister:7::Clavister firewall 7.x
-
-# ------- Switches and other stuff ----------
-
-4128:255:0:44:M*: Cisco:::Cisco Catalyst 3500, 7500 etc
-S8:255:0:44:M*: Cisco:12008::Cisco 12008
-60352:128:1:64:M1460,N,W2,N,N,T,N,N,S: Alteon:ACEswitch::Alteon ACEswitch
-64512:128:1:44:M1370: Nortel:Contivity Client::Nortel Conectivity Client
-
-
-# ---------- Caches and whatnots ------------
-
-S4:64:1:52:M1460,N,N,S,N,W0: AOL:web cache::AOL web cache
-
-32850:64:1:64:N,W1,N,N,T,N,N,S,M*: NetApp:5.x::NetApp Data OnTap 5.x
-16384:64:1:64:M1460,N,N,S,N,W0,N: NetApp:5.3:1:NetApp 5.3.1
-65535:64:0:64:M1460,N,N,S,N,W3,N,N,T: NetApp:5.3:1:NetApp 5.3.1
-65535:64:0:60:M1460,N,W0,N,N,T: NetApp:CacheFlow::NetApp CacheFlow
-8192:64:1:64:M1460,N,N,S,N,W0,N,N,T: NetApp:5.2:1:NetApp NetCache 5.2.1
-
-S4:64:0:48:M1460,N,N,S: Cisco:Content Engine::Cisco Content Engine
-
-27085:128:0:40:.: Dell:PowerApp cache::Dell PowerApp (Linux-based)
-
-65535:255:1:48:N,W1,M1460: Inktomi:crawler::Inktomi crawler
-S1:255:1:60:M1460,S,T,N,W0: LookSmart:ZyBorg::LookSmart ZyBorg
-
-
-16384:255:0:40:.: Proxyblocker:::Proxyblocker (what's this?)
-
-# ----------- Embedded systems --------------
-
-S9:255:0:44:M536: PalmOS:Tungsten:C:PalmOS Tungsten C
-S5:255:0:44:M536: PalmOS:3::PalmOS 3/4
-S5:255:0:44:M536: PalmOS:4::PalmOS 3/4
-S4:255:0:44:M536: PalmOS:3:5:PalmOS 3.5
-2948:255:0:44:M536: PalmOS:3:5:PalmOS 3.5.3 (Handera)
-
-S23:64:1:64:N,W1,N,N,T,N,N,S,M1460: SymbianOS:7::SymbianOS 7
-8192:255:0:44:M1460: SymbianOS:6048::SymbianOS 6048 (on Nokia 7650?)
-8192:255:0:44:M536: SymbianOS:::SymbianOS (on Nokia 9210?)
-
-
-# Perhaps S4?
-5840:64:1:60:M1452,S,T,N,W1: Zaurus:3.10::Zaurus 3.10
-
-32768:128:1:64:M1460,N,W0,N,N,T0,N,N,S: PocketPC:2002::PocketPC 2002
-
-S1:255:0:44:M346: Contiki:1.1:rc0:Contiki 1.1-rc0
-
-4096:128:0:44:M1460: Sega:Dreamcast:3.0:Sega Dreamcast Dreamkey 3.0
-
-S12:64:0:44:M1452: AXIS:5600:v5.64:AXIS Printer Server 5600 v5.64
-
-
-
-####################
-# Fancy signatures #
-####################
-
-1024:64:0:40:.: *NMAP:syn scan:1:NMAP syn scan (1)
-2048:64:0:40:.: *NMAP:syn scan:2:NMAP syn scan (2)
-3072:64:0:40:.: *NMAP:syn scan:3:NMAP syn scan (3)
-4096:64:0:40:.: *NMAP:syn scan:4:NMAP syn scan (4)
-
-1024:64:0:60:W10,N,M265,T: *NMAP:OS:1:NMAP OS detection probe (1)
-2048:64:0:60:W10,N,M265,T: *NMAP:OS:2:NMAP OS detection probe (2)
-3072:64:0:60:W10,N,M265,T: *NMAP:OS:3:NMAP OS detection probe (3)
-4096:64:0:60:W10,N,M265,T: *NMAP:OS:4:NMAP OS detection probe (4)
-
-#####################################
-# Generic signatures - just in case #
-#####################################
-
-#*:64:1:60:M*,N,W*,N,N,T: @FreeBSD:4.0-4.9::FreeBSD 4.x/5.x
-#*:64:1:60:M*,N,W*,N,N,T: @FreeBSD:5.0-5.1::FreeBSD 4.x/5.x
-
-*:128:1:52:M*,N,W0,N,N,S: @Windows:XP:RFC1323:Windows XP/2000 (RFC1323 no tstamp)
-*:128:1:52:M*,N,W0,N,N,S: @Windows:2000:RFC1323:Windows XP/2000 (RFC1323 no tstamp)
-*:128:1:64:M*,N,W0,N,N,T0,N,N,S: @Windows:XP:RFC1323:Windows XP/2000 (RFC1323)
-*:128:1:64:M*,N,W0,N,N,T0,N,N,S: @Windows:2000:RFC1323:Windows XP/2000 (RFC1323)
-*:128:1:64:M*,N,W*,N,N,T0,N,N,S: @Windows:XP:RFC1323:Windows XP (RFC1323, w+)
-*:128:1:48:M*,N,N,S: @Windows:XP::Windows XP/2000
-*:128:1:48:M*,N,N,S: @Windows:2000::Windows XP/2000
diff --git a/tools/tools/tinybsd/conf/wireless/etc/rc.conf b/tools/tools/tinybsd/conf/wireless/etc/rc.conf
deleted file mode 100644
index 18c3586b38ac..000000000000
--- a/tools/tools/tinybsd/conf/wireless/etc/rc.conf
+++ /dev/null
@@ -1,32 +0,0 @@
-# $FreeBSD$
-hostname="tinybsd.freebsd.org"
-sendmail_enable="NONE"
-sshd_enable="YES"
-usbd_enable="NO"
-inetd_enable="NO"
-portmap_enable="NO"
-update_motd="NO"
-varmfs="YES"
-populate_var="YES"
-varsize="8192"
-tmpmfs="YES"
-
-# IPFW
-firewall_enable="YES"
-firewall_script="/etc/rc.firewall"
-firewall_type="closed"
-
-# NAT
-natd_enable="NO"
-natd_interface=""
-natd_flags=""
-
-# PF
-pf_enable="NO"
-pf_rules="/etc/pf.conf"
-pf_program="/sbin/pfctl"
-pf_flags=""
-pflog_enable="NO"
-pflog_logfile="/var/log/pflog"
-pflog_program="/sbin/pflogd"
-pflog_flags=""
diff --git a/tools/tools/tinybsd/conf/wireless/etc/rc.firewall b/tools/tools/tinybsd/conf/wireless/etc/rc.firewall
deleted file mode 100644
index 05a1a6aaec95..000000000000
--- a/tools/tools/tinybsd/conf/wireless/etc/rc.firewall
+++ /dev/null
@@ -1,302 +0,0 @@
-#!/bin/sh -
-# Copyright (c) 1996 Poul-Henning Kamp
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in the
-# documentation and/or other materials provided with the distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
-# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-# SUCH DAMAGE.
-#
-# $FreeBSD$
-#
-
-#
-# Setup system for firewall service.
-#
-
-# Suck in the configuration variables.
-if [ -z "${source_rc_confs_defined}" ]; then
- if [ -r /etc/defaults/rc.conf ]; then
- . /etc/defaults/rc.conf
- source_rc_confs
- elif [ -r /etc/rc.conf ]; then
- . /etc/rc.conf
- fi
-fi
-
-############
-# Define the firewall type in /etc/rc.conf. Valid values are:
-# open - will allow anyone in
-# client - will try to protect just this machine
-# simple - will try to protect a whole network
-# closed - totally disables IP services except via lo0 interface
-# UNKNOWN - disables the loading of firewall rules.
-# filename - will load the rules in the given filename (full path required)
-#
-# For ``client'' and ``simple'' the entries below should be customized
-# appropriately.
-
-############
-#
-# If you don't know enough about packet filtering, we suggest that you
-# take time to read this book:
-#
-# Building Internet Firewalls, 2nd Edition
-# Brent Chapman and Elizabeth Zwicky
-#
-# O'Reilly & Associates, Inc
-# ISBN 1-56592-871-7
-# http://www.ora.com/
-# http://www.oreilly.com/catalog/fire2/
-#
-# For a more advanced treatment of Internet Security read:
-#
-# Firewalls & Internet Security
-# Repelling the wily hacker
-# William R. Cheswick, Steven M. Bellowin
-#
-# Addison-Wesley
-# ISBN 0-201-63357-4
-# http://www.awl.com/
-# http://www.awlonline.com/product/0%2C2627%2C0201633574%2C00.html
-#
-
-setup_loopback () {
- ############
- # Only in rare cases do you want to change these rules
- #
- ${fwcmd} add 100 pass all from any to any via lo0
- ${fwcmd} add 200 deny all from any to 127.0.0.0/8
- ${fwcmd} add 300 deny ip from 127.0.0.0/8 to any
-}
-
-if [ -n "${1}" ]; then
- firewall_type="${1}"
-fi
-
-############
-# Set quiet mode if requested
-#
-case ${firewall_quiet} in
-[Yy][Ee][Ss])
- fwcmd="/sbin/ipfw -q"
- ;;
-*)
- fwcmd="/sbin/ipfw"
- ;;
-esac
-
-############
-# Flush out the list before we begin.
-#
-${fwcmd} -f flush
-
-############
-# Network Address Translation. All packets are passed to natd(8)
-# before they encounter your remaining rules. The firewall rules
-# will then be run again on each packet after translation by natd
-# starting at the rule number following the divert rule.
-#
-# For ``simple'' firewall type the divert rule should be put to a
-# different place to not interfere with address-checking rules.
-#
-case ${firewall_type} in
-[Oo][Pp][Ee][Nn]|[Cc][Ll][Ii][Ee][Nn][Tt])
- case ${natd_enable} in
- [Yy][Ee][Ss])
- if [ -n "${natd_interface}" ]; then
- ${fwcmd} add 50 divert natd all from any to any via ${natd_interface}
- fi
- ;;
- esac
-esac
-
-############
-# If you just configured ipfw in the kernel as a tool to solve network
-# problems or you just want to disallow some particular kinds of traffic
-# then you will want to change the default policy to open. You can also
-# do this as your only action by setting the firewall_type to ``open''.
-#
-# ${fwcmd} add 65000 pass all from any to any
-
-
-# Prototype setups.
-#
-case ${firewall_type} in
-[Oo][Pp][Ee][Nn])
- setup_loopback
- ${fwcmd} add 65000 pass all from any to any
- ;;
-
-[Cc][Ll][Ii][Ee][Nn][Tt])
- ############
- # This is a prototype setup that will protect your system somewhat
- # against people from outside your own network.
- ############
-
- # set these to your network and netmask and ip
- net="192.0.2.0"
- mask="255.255.255.0"
- ip="192.0.2.1"
-
- setup_loopback
-
- # Allow any traffic to or from my own net.
- ${fwcmd} add pass all from ${ip} to ${net}:${mask}
- ${fwcmd} add pass all from ${net}:${mask} to ${ip}
-
- # Allow TCP through if setup succeeded
- ${fwcmd} add pass tcp from any to any established
-
- # Allow IP fragments to pass through
- ${fwcmd} add pass all from any to any frag
-
- # Allow setup of incoming email
- ${fwcmd} add pass tcp from any to ${ip} 25 setup
-
- # Allow setup of outgoing TCP connections only
- ${fwcmd} add pass tcp from ${ip} to any setup
-
- # Disallow setup of all other TCP connections
- ${fwcmd} add deny tcp from any to any setup
-
- # Allow DNS queries out in the world
- ${fwcmd} add pass udp from ${ip} to any 53 keep-state
-
- # Allow NTP queries out in the world
- ${fwcmd} add pass udp from ${ip} to any 123 keep-state
-
- # Everything else is denied by default, unless the
- # IPFIREWALL_DEFAULT_TO_ACCEPT option is set in your kernel
- # config file.
- ;;
-
-[Ss][Ii][Mm][Pp][Ll][Ee])
- ############
- # This is a prototype setup for a simple firewall. Configure this
- # machine as a DNS and NTP server, and point all the machines
- # on the inside at this machine for those services.
- ############
-
- # set these to your outside interface network and netmask and ip
- oif="ed0"
- onet="192.0.2.0"
- omask="255.255.255.240"
- oip="192.0.2.1"
-
- # set these to your inside interface network and netmask and ip
- iif="ed1"
- inet="192.0.2.16"
- imask="255.255.255.240"
- iip="192.0.2.17"
-
- setup_loopback
-
- # Stop spoofing
- ${fwcmd} add deny all from ${inet}:${imask} to any in via ${oif}
- ${fwcmd} add deny all from ${onet}:${omask} to any in via ${iif}
-
- # Stop RFC1918 nets on the outside interface
- ${fwcmd} add deny all from any to 10.0.0.0/8 via ${oif}
- ${fwcmd} add deny all from any to 172.16.0.0/12 via ${oif}
- ${fwcmd} add deny all from any to 192.168.0.0/16 via ${oif}
-
- # Stop draft-manning-dsua-03.txt (1 May 2000) nets (includes RESERVED-1,
- # DHCP auto-configuration, NET-TEST, MULTICAST (class D), and class E)
- # on the outside interface
- ${fwcmd} add deny all from any to 0.0.0.0/8 via ${oif}
- ${fwcmd} add deny all from any to 169.254.0.0/16 via ${oif}
- ${fwcmd} add deny all from any to 192.0.2.0/24 via ${oif}
- ${fwcmd} add deny all from any to 224.0.0.0/4 via ${oif}
- ${fwcmd} add deny all from any to 240.0.0.0/4 via ${oif}
-
- # Network Address Translation. This rule is placed here deliberately
- # so that it does not interfere with the surrounding address-checking
- # rules. If for example one of your internal LAN machines had its IP
- # address set to 192.0.2.1 then an incoming packet for it after being
- # translated by natd(8) would match the `deny' rule above. Similarly
- # an outgoing packet originated from it before being translated would
- # match the `deny' rule below.
- case ${natd_enable} in
- [Yy][Ee][Ss])
- if [ -n "${natd_interface}" ]; then
- ${fwcmd} add divert natd all from any to any via ${natd_interface}
- fi
- ;;
- esac
-
- # Stop RFC1918 nets on the outside interface
- ${fwcmd} add deny all from 10.0.0.0/8 to any via ${oif}
- ${fwcmd} add deny all from 172.16.0.0/12 to any via ${oif}
- ${fwcmd} add deny all from 192.168.0.0/16 to any via ${oif}
-
- # Stop draft-manning-dsua-03.txt (1 May 2000) nets (includes RESERVED-1,
- # DHCP auto-configuration, NET-TEST, MULTICAST (class D), and class E)
- # on the outside interface
- ${fwcmd} add deny all from 0.0.0.0/8 to any via ${oif}
- ${fwcmd} add deny all from 169.254.0.0/16 to any via ${oif}
- ${fwcmd} add deny all from 192.0.2.0/24 to any via ${oif}
- ${fwcmd} add deny all from 224.0.0.0/4 to any via ${oif}
- ${fwcmd} add deny all from 240.0.0.0/4 to any via ${oif}
-
- # Allow TCP through if setup succeeded
- ${fwcmd} add pass tcp from any to any established
-
- # Allow IP fragments to pass through
- ${fwcmd} add pass all from any to any frag
-
- # Allow setup of incoming email
- ${fwcmd} add pass tcp from any to ${oip} 25 setup
-
- # Allow access to our DNS
- ${fwcmd} add pass tcp from any to ${oip} 53 setup
- ${fwcmd} add pass udp from any to ${oip} 53
- ${fwcmd} add pass udp from ${oip} 53 to any
-
- # Allow access to our WWW
- ${fwcmd} add pass tcp from any to ${oip} 80 setup
-
- # Reject&Log all setup of incoming connections from the outside
- ${fwcmd} add deny log tcp from any to any in via ${oif} setup
-
- # Allow setup of any other TCP connection
- ${fwcmd} add pass tcp from any to any setup
-
- # Allow DNS queries out in the world
- ${fwcmd} add pass udp from ${oip} to any 53 keep-state
-
- # Allow NTP queries out in the world
- ${fwcmd} add pass udp from ${oip} to any 123 keep-state
-
- # Everything else is denied by default, unless the
- # IPFIREWALL_DEFAULT_TO_ACCEPT option is set in your kernel
- # config file.
- ;;
-
-[Cc][Ll][Oo][Ss][Ee][Dd])
- setup_loopback
- ;;
-[Uu][Nn][Kk][Nn][Oo][Ww][Nn])
- ;;
-*)
- if [ -r "${firewall_type}" ]; then
- ${fwcmd} ${firewall_flags} ${firewall_type}
- fi
- ;;
-esac
diff --git a/tools/tools/tinybsd/conf/wireless/tinybsd.basefiles b/tools/tools/tinybsd/conf/wireless/tinybsd.basefiles
deleted file mode 100644
index e37dade3acd3..000000000000
--- a/tools/tools/tinybsd/conf/wireless/tinybsd.basefiles
+++ /dev/null
@@ -1,232 +0,0 @@
-# $FreeBSD$
-# contents of ${WORKDIR}/boot
-boot/boot0
-boot/boot1
-boot/boot2
-boot/defaults/loader.conf
-boot/device.hints
-boot/loader
-boot/loader.4th
-boot/loader.help
-boot/loader.rc
-boot/mbr
-boot/support.4th
-
-# contents of ${WORKDIR}/libexec
-libexec/ld-elf.so.1:usr/libexec/ld-elf.so.1
-
-# contents of ${WORKDIR}/bin
-bin/[:bin/test
-bin/cat
-bin/chflags
-bin/chio
-bin/chmod
-bin/cp
-bin/csh:bin/tcsh
-bin/date
-bin/dd
-bin/df
-bin/domainname
-bin/echo
-bin/ed:bin/red
-bin/expr
-bin/hostname
-bin/kenv
-bin/kill
-bin/ln:bin/link
-bin/ls
-bin/mkdir
-bin/mv
-bin/pax
-bin/ps
-bin/pwd
-bin/realpath
-bin/rm:bin/unlink
-bin/rmdir
-bin/sh
-bin/sleep
-bin/stty
-bin/sync
-
-# contents of ${WORKDIR}/sbin
-sbin/adjkerntz
-sbin/comcontrol
-sbin/disklabel
-sbin/dmesg
-sbin/fastboot:sbin/reboot
-sbin/fasthalt:sbin/halt
-sbin/fsck
-sbin/fsck_ufs:sbin/fsck_ffs
-sbin/fsck_ufs:sbin/fsck_4.2bsd
-sbin/ifconfig
-sbin/init
-sbin/ipfw
-sbin/kldconfig
-sbin/kldload
-sbin/kldstat
-sbin/kldunload
-sbin/ldconfig
-sbin/md5
-sbin/mdconfig
-sbin/mknod
-sbin/mdmfs
-sbin/mount
-sbin/mount_nullfs
-sbin/mount_unionfs
-sbin/natd
-sbin/newfs
-sbin/nextboot
-sbin/nologin
-sbin/nos-tun
-sbin/pfctl
-sbin/pflogd
-sbin/ping
-sbin/rcorder
-sbin/route
-sbin/shutdown
-sbin/slattach
-sbin/swapon
-sbin/sysctl
-sbin/umount
-
-# contents of ${WORKDIR}/usr/sbin
-usr/bin/at:usr/bin/atq
-usr/bin/at:usr/bin/atrm
-usr/bin/at:usr/bin/batch
-usr/bin/awk
-usr/bin/basename
-usr/bin/bunzip2:usr/bin/bzcat
-usr/bin/bunzip2:usr/bin/bzip2
-usr/bin/chat
-usr/bin/chfn:usr/bin/chpass
-usr/bin/chfn:usr/bin/chsh
-usr/bin/chgrp
-usr/bin/cksum
-usr/bin/clear
-usr/bin/cmp
-usr/bin/compress:usr/bin/uncompress
-usr/bin/cpio
-usr/bin/crontab
-usr/bin/cu
-usr/bin/dig
-usr/bin/dirname
-usr/bin/du
-usr/bin/ee
-usr/bin/egrep:usr/bin/fgrep
-usr/bin/egrep:usr/bin/grep
-usr/bin/env
-usr/bin/false
-usr/bin/fetch
-usr/bin/find
-usr/bin/finger
-usr/bin/fstat
-usr/bin/fsync
-usr/bin/ftp
-usr/bin/gunzip:usr/bin/gzcat
-usr/bin/gunzip:usr/bin/gzip
-usr/bin/gzexe
-usr/bin/head
-usr/bin/hexdump
-usr/bin/id:usr/bin/whoami
-usr/bin/ident
-usr/bin/killall
-usr/bin/last
-usr/bin/less:usr/bin/more
-usr/bin/limits
-usr/bin/lock
-usr/bin/lockf
-usr/bin/logger
-usr/bin/login
-usr/bin/logname
-usr/bin/mesg
-usr/bin/minigzip
-usr/bin/mkfifo
-usr/bin/mktemp
-usr/bin/msgs
-usr/bin/netstat
-usr/bin/nfsstat
-usr/bin/nice
-usr/bin/nslookup
-usr/bin/nsupdate
-usr/bin/nohup
-usr/bin/objformat
-usr/bin/openssl
-usr/bin/passwd
-usr/bin/printf
-usr/bin/renice
-usr/bin/reset:usr/sbin/tset
-usr/bin/scp
-usr/bin/script
-usr/bin/sed
-usr/bin/sftp
-usr/bin/shar
-usr/bin/slogin:usr/bin/ssh
-usr/bin/sort
-usr/bin/split
-usr/bin/ssh-keygen
-usr/bin/su
-usr/bin/tail
-usr/bin/tar
-usr/bin/tee
-usr/bin/telnet
-usr/bin/time
-usr/bin/top
-usr/bin/touch
-usr/bin/tput
-usr/bin/tr
-usr/bin/true
-usr/bin/tty
-usr/bin/uname
-usr/bin/uptime:usr/bin/w
-usr/bin/users
-usr/bin/uudecode
-usr/bin/uuencode
-usr/bin/vi
-usr/bin/vmstat
-usr/bin/wall
-usr/bin/who
-usr/bin/whois
-usr/bin/write
-usr/bin/yes
-
-# contents of ${WORKDIR}/usr/sbin
-usr/sbin/arp
-usr/sbin/authpf
-usr/sbin/boot0cfg
-usr/sbin/chown
-usr/sbin/cron
-usr/sbin/idprio:usr/sbin/rtprio
-usr/sbin/inetd
-usr/sbin/iostat
-usr/sbin/kbdcontrol
-usr/sbin/lastlogin
-usr/sbin/memcontrol
-usr/sbin/mtree
-usr/sbin/newsyslog
-usr/sbin/ntpdate
-usr/sbin/pciconf
-usr/sbin/pw
-usr/sbin/pwd_mkdb
-usr/sbin/slstat
-usr/sbin/sshd
-usr/sbin/syslogd
-usr/sbin/tcpdchk
-usr/sbin/tcpdmatch
-usr/sbin/tcpdump
-usr/sbin/traceroute
-usr/sbin/vidcontrol
-usr/sbin/vipw
-usr/sbin/vnconfig
-usr/sbin/watch
-usr/sbin/pccardc
-usr/sbin/pccardd
-
-# contents of ${WORKDIR}/usr/libexec
-usr/libexec/atrun
-usr/libexec/ftpd
-usr/libexec/getty
-usr/libexec/sftp-server
-
-# contents of ${WORKDIR}/usr/share
-usr/share/misc/termcap
-
diff --git a/tools/tools/tinybsd/conf/wireless/tinybsd.ports b/tools/tools/tinybsd/conf/wireless/tinybsd.ports
deleted file mode 100644
index 49bb52175241..000000000000
--- a/tools/tools/tinybsd/conf/wireless/tinybsd.ports
+++ /dev/null
@@ -1,9 +0,0 @@
-# $FreeBSD$
-# Here you can add the applications from the FreeBSD Ports Collection which you
-# want TinyBSD ports system to install in your embedded system. You whould list
-# one application per line, mentioning its category and name, like the examples:
-#
-# www/mini_httpd
-# net-mgmt/rate
-#
-# Make sure you have enough space to add it.
diff --git a/tools/tools/tinybsd/conf/wrap/TINYBSD b/tools/tools/tinybsd/conf/wrap/TINYBSD
deleted file mode 100644
index 2ef7c6742cbd..000000000000
--- a/tools/tools/tinybsd/conf/wrap/TINYBSD
+++ /dev/null
@@ -1,138 +0,0 @@
-# $FreeBSD$
-machine i386
-cpu I586_CPU
-ident TINYBSD
-maxusers 8
-options CPU_GEODE
-
-# To statically compile in device wiring instead of /boot/device.hints
-#hints "GENERIC.hints" # Default places to look for devices.
-options SCHED_4BSD # 4BSD scheduler
-options INET # InterNETworking
-options FFS # Berkeley Fast Filesystem
-options SOFTUPDATES # Enable FFS soft updates support
-options UFS_ACL # Support for access control lists
-options UFS_DIRHASH # Improve performance on big directories
-options MD_ROOT # MD is a potential root device
-options NFSCLIENT # Network Filesystem Client
-options NFSSERVER # Network Filesystem Server
-options NFS_ROOT # NFS usable as /, requires NFSCLIENT
-options PROCFS # Process filesystem (requires PSEUDOFS)
-options PSEUDOFS # Pseudo-filesystem framework
-options GEOM_PART_GPT # GUID Partition Tables.
-options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!]
-options COMPAT_FREEBSD4 # Compatible with FreeBSD4
-options SYSVSHM # SYSV-style shared memory
-options SYSVMSG # SYSV-style message queues
-options SYSVSEM # SYSV-style semaphores
-options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
-options KBD_INSTALL_CDEV # install a CDEV entry in /dev
-options AHC_REG_PRETTY_PRINT # Print register bitfields in debug
- # output. Adds ~128k to driver.
-options AHD_REG_PRETTY_PRINT # Print register bitfields in debug
- # output. Adds ~215k to driver.
-options ADAPTIVE_GIANT # Giant mutex is adaptive.
-
-#device apic # I/O APIC
-
-device pci
-
-# ATA and ATAPI devices
-device ata
-device atadisk # ATA disk drives
-options ATA_STATIC_ID # Static device numbering
-
-# Serial (COM) ports
-device sio # 8250, 16[45]50 based serial ports
-
-# PCI Ethernet NICs.
-device de # DEC/Intel DC21x4x (``Tulip'')
-device em # Intel PRO/1000 adapter Gigabit Ethernet Card
-device txp # 3Com 3cR990 (``Typhoon'')
-device vx # 3Com 3c590, 3c595 (``Vortex'')
-
-# PCI Ethernet NICs that use the common MII bus controller code.
-# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
-device miibus # MII bus support
-device bfe # Broadcom BCM440x 10/100 Ethernet
-device bge # Broadcom BCM570xx Gigabit Ethernet
-device dc # DEC/Intel 21143 and various workalikes
-device fxp # Intel EtherExpress PRO/100B (82557, 82558)
-device lge # Level 1 LXT1001 gigabit ethernet
-device nge # NatSemi DP83820 gigabit ethernet
-device pcn # AMD Am79C97x PCI 10/100 (precedence over 'lnc')
-device re # RealTek 8139C+/8169/8169S/8110S
-device rl # RealTek 8129/8139
-device sf # Adaptec AIC-6915 (``Starfire'')
-device sis # Silicon Integrated Systems SiS 900/SiS 7016
-device sk # SysKonnect SK-984x & SK-982x gigabit Ethernet
-device ste # Sundance ST201 (D-Link DFE-550TX)
-device ti # Alteon Networks Tigon I/II gigabit Ethernet
-device tl # Texas Instruments ThunderLAN
-device tx # SMC EtherPower II (83c170 ``EPIC'')
-device vge # VIA VT612x gigabit ethernet
-device vr # VIA Rhine, Rhine II
-device wb # Winbond W89C840F
-device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'')
-
-# ISA Ethernet NICs. pccard NICs included.
-device cs # Crystal Semiconductor CS89x0 NIC
-# 'device ed' requires 'device miibus'
-device ed # NE[12]000, SMC Ultra, 3c503, DS8390 cards
-device ex # Intel EtherExpress Pro/10 and Pro/10+
-device ep # Etherlink III based cards
-device fe # Fujitsu MB8696x based cards
-device ie # EtherExpress 8/16, 3C507, StarLAN 10 etc.
-device sn # SMC's 9000 series of Ethernet chips
-device xe # Xircom pccard Ethernet
-
-# Wireless NIC cards
-device wlan # 802.11 support
-device wlan_wep #802.11 WEP support
-device wlan_ccmp #802.11 CCMP support
-device wlan_tkip #802.11 TKIP support
-device wlan_xauth #802.11 external authenticator support
-device wlan_acl #802.11 MAC ACL support
-device an # Aironet 4500/4800 802.11 wireless NICs.
-device awi # BayStack 660 and others
-device wi # WaveLAN/Intersil/Symbol 802.11 wireless NICs.
-device ath
-device ath_hal
-device ath_rate_sample
-
-# Pseudo devices.
-device loop # Network loopback
-device ether # Ethernet support
-device ppp # Kernel PPP
-device tun # Packet tunnel.
-device pty # Pseudo-ttys (telnet etc)
-device md # Memory "disks"
-device gif # IPv6 and IPv4 tunneling
-
-# The `bpf' device enables the Berkeley Packet Filter.
-# Be aware of the administrative consequences of enabling this!
-# Note that 'bpf' is required for DHCP.
-device bpf # Berkeley packet filter
-
-options INCLUDE_CONFIG_FILE
-
-options IPFIREWALL
-options IPFIREWALL_DEFAULT_TO_ACCEPT
-options IPDIVERT
-options DUMMYNET
-
-options ALTQ
-options ALTQ_CBQ
-options ALTQ_RED
-options ALTQ_RIO
-options ALTQ_HFSC
-options ALTQ_CDNR
-options ALTQ_PRIQ
-
-device pf
-device pflog
-device pfsync
-device carp
-device if_bridge
-
-options DEVICE_POLLING
diff --git a/tools/tools/tinybsd/conf/wrap/etc/fstab b/tools/tools/tinybsd/conf/wrap/etc/fstab
deleted file mode 100644
index 16ada11d7790..000000000000
--- a/tools/tools/tinybsd/conf/wrap/etc/fstab
+++ /dev/null
@@ -1,2 +0,0 @@
-# $FreeBSD$
-/dev/ad0a / ufs ro 1 1
diff --git a/tools/tools/tinybsd/conf/wrap/etc/rc.conf b/tools/tools/tinybsd/conf/wrap/etc/rc.conf
deleted file mode 100644
index a21476241081..000000000000
--- a/tools/tools/tinybsd/conf/wrap/etc/rc.conf
+++ /dev/null
@@ -1,12 +0,0 @@
-# $FreeBSD$
-hostname="tinybsd.freebsd.org"
-sendmail_enable="NONE"
-sshd_enable="YES"
-usbd_enable="NO"
-inetd_enable="NO"
-portmap_enable="NO"
-update_motd="NO"
-varmfs="YES"
-populate_var="YES"
-varsize="8192"
-tmpmfs="YES"
diff --git a/tools/tools/tinybsd/conf/wrap/etc/ttys b/tools/tools/tinybsd/conf/wrap/etc/ttys
deleted file mode 100644
index 919bceaa3403..000000000000
--- a/tools/tools/tinybsd/conf/wrap/etc/ttys
+++ /dev/null
@@ -1,308 +0,0 @@
-#
-# $FreeBSD$
-#
-# This file specifies various information about terminals on the system.
-# It is used by several different programs. Common entries for the
-# various columns include:
-#
-# name The name of the terminal device.
-#
-# getty The program to start running on the terminal. Typically a
-# getty program, as the name implies. Other common entries
-# include none, when no getty is needed, and xdm, to start the
-# X Window System.
-#
-# type The initial terminal type for this port. For hardwired
-# terminal lines, this will contain the type of terminal used.
-# For virtual consoles, the correct type is typically xterm, but
-# vt220 will work better if you need interoperability with other
-# systems like Solaris or GNU/Linux.
-# Other common values include network for network connections on
-# pseudo-terminals, dialup for incoming modem ports, and unknown
-# when the terminal type cannot be predetermined.
-#
-# status Must be on or off. If on, init will run the getty program on
-# the specified port. If the word "secure" appears, this tty
-# allows root login.
-#
-# name getty type status comments
-#
-# If console is marked "insecure", then init will ask for the root password
-# when going to single-user mode.
-console none unknown off secure
-#
-ttyv0 "/usr/libexec/getty Pc" xterm off secure
-# Virtual terminals
-ttyv1 "/usr/libexec/getty Pc" xterm off secure
-ttyv2 "/usr/libexec/getty Pc" xterm off secure
-ttyv3 "/usr/libexec/getty Pc" xterm off secure
-ttyv4 "/usr/libexec/getty Pc" xterm off secure
-ttyv5 "/usr/libexec/getty Pc" xterm off secure
-ttyv6 "/usr/libexec/getty Pc" xterm off secure
-ttyv7 "/usr/libexec/getty Pc" xterm off secure
-ttyv8 "/usr/local/bin/xdm -nodaemoff" xterm off secure
-# Serial terminals
-# The 'dialup' keyword identifies dialin lines to login, fingerd etc.
-ttyu0 "/usr/libexec/getty std.9600" dialup on secure
-ttyu1 "/usr/libexec/getty std.9600" dialup off secure
-ttyu2 "/usr/libexec/getty std.9600" dialup off secure
-ttyu3 "/usr/libexec/getty std.9600" dialup off secure
-# Dumb console
-dcons "/usr/libexec/getty std.9600" vt100 off secure
-# Pseudo terminals
-ttyp0 none network
-ttyp1 none network
-ttyp2 none network
-ttyp3 none network
-ttyp4 none network
-ttyp5 none network
-ttyp6 none network
-ttyp7 none network
-ttyp8 none network
-ttyp9 none network
-ttypa none network
-ttypb none network
-ttypc none network
-ttypd none network
-ttype none network
-ttypf none network
-ttypg none network
-ttyph none network
-ttypi none network
-ttypj none network
-ttypk none network
-ttypl none network
-ttypm none network
-ttypn none network
-ttypo none network
-ttypp none network
-ttypq none network
-ttypr none network
-ttyps none network
-ttypt none network
-ttypu none network
-ttypv none network
-ttyq0 none network
-ttyq1 none network
-ttyq2 none network
-ttyq3 none network
-ttyq4 none network
-ttyq5 none network
-ttyq6 none network
-ttyq7 none network
-ttyq8 none network
-ttyq9 none network
-ttyqa none network
-ttyqb none network
-ttyqc none network
-ttyqd none network
-ttyqe none network
-ttyqf none network
-ttyqg none network
-ttyqh none network
-ttyqi none network
-ttyqj none network
-ttyqk none network
-ttyql none network
-ttyqm none network
-ttyqn none network
-ttyqo none network
-ttyqp none network
-ttyqq none network
-ttyqr none network
-ttyqs none network
-ttyqt none network
-ttyqu none network
-ttyqv none network
-ttyr0 none network
-ttyr1 none network
-ttyr2 none network
-ttyr3 none network
-ttyr4 none network
-ttyr5 none network
-ttyr6 none network
-ttyr7 none network
-ttyr8 none network
-ttyr9 none network
-ttyra none network
-ttyrb none network
-ttyrc none network
-ttyrd none network
-ttyre none network
-ttyrf none network
-ttyrg none network
-ttyrh none network
-ttyri none network
-ttyrj none network
-ttyrk none network
-ttyrl none network
-ttyrm none network
-ttyrn none network
-ttyro none network
-ttyrp none network
-ttyrq none network
-ttyrr none network
-ttyrs none network
-ttyrt none network
-ttyru none network
-ttyrv none network
-ttys0 none network
-ttys1 none network
-ttys2 none network
-ttys3 none network
-ttys4 none network
-ttys5 none network
-ttys6 none network
-ttys7 none network
-ttys8 none network
-ttys9 none network
-ttysa none network
-ttysb none network
-ttysc none network
-ttysd none network
-ttyse none network
-ttysf none network
-ttysg none network
-ttysh none network
-ttysi none network
-ttysj none network
-ttysk none network
-ttysl none network
-ttysm none network
-ttysn none network
-ttyso none network
-ttysp none network
-ttysq none network
-ttysr none network
-ttyss none network
-ttyst none network
-ttysu none network
-ttysv none network
-ttyP0 none network
-ttyP1 none network
-ttyP2 none network
-ttyP3 none network
-ttyP4 none network
-ttyP5 none network
-ttyP6 none network
-ttyP7 none network
-ttyP8 none network
-ttyP9 none network
-ttyPa none network
-ttyPb none network
-ttyPc none network
-ttyPd none network
-ttyPe none network
-ttyPf none network
-ttyPg none network
-ttyPh none network
-ttyPi none network
-ttyPj none network
-ttyPk none network
-ttyPl none network
-ttyPm none network
-ttyPn none network
-ttyPo none network
-ttyPp none network
-ttyPq none network
-ttyPr none network
-ttyPs none network
-ttyPt none network
-ttyPu none network
-ttyPv none network
-ttyQ0 none network
-ttyQ1 none network
-ttyQ2 none network
-ttyQ3 none network
-ttyQ4 none network
-ttyQ5 none network
-ttyQ6 none network
-ttyQ7 none network
-ttyQ8 none network
-ttyQ9 none network
-ttyQa none network
-ttyQb none network
-ttyQc none network
-ttyQd none network
-ttyQe none network
-ttyQf none network
-ttyQg none network
-ttyQh none network
-ttyQi none network
-ttyQj none network
-ttyQk none network
-ttyQl none network
-ttyQm none network
-ttyQn none network
-ttyQo none network
-ttyQp none network
-ttyQq none network
-ttyQr none network
-ttyQs none network
-ttyQt none network
-ttyQu none network
-ttyQv none network
-ttyR0 none network
-ttyR1 none network
-ttyR2 none network
-ttyR3 none network
-ttyR4 none network
-ttyR5 none network
-ttyR6 none network
-ttyR7 none network
-ttyR8 none network
-ttyR9 none network
-ttyRa none network
-ttyRb none network
-ttyRc none network
-ttyRd none network
-ttyRe none network
-ttyRf none network
-ttyRg none network
-ttyRh none network
-ttyRi none network
-ttyRj none network
-ttyRk none network
-ttyRl none network
-ttyRm none network
-ttyRn none network
-ttyRo none network
-ttyRp none network
-ttyRq none network
-ttyRr none network
-ttyRs none network
-ttyRt none network
-ttyRu none network
-ttyRv none network
-ttyS0 none network
-ttyS1 none network
-ttyS2 none network
-ttyS3 none network
-ttyS4 none network
-ttyS5 none network
-ttyS6 none network
-ttyS7 none network
-ttyS8 none network
-ttyS9 none network
-ttySa none network
-ttySb none network
-ttySc none network
-ttySd none network
-ttySe none network
-ttySf none network
-ttySg none network
-ttySh none network
-ttySi none network
-ttySj none network
-ttySk none network
-ttySl none network
-ttySm none network
-ttySn none network
-ttySo none network
-ttySp none network
-ttySq none network
-ttySr none network
-ttySs none network
-ttySt none network
-ttySu none network
-ttySv none network
diff --git a/tools/tools/tinybsd/conf/wrap/tinybsd.basefiles b/tools/tools/tinybsd/conf/wrap/tinybsd.basefiles
deleted file mode 100644
index e37dade3acd3..000000000000
--- a/tools/tools/tinybsd/conf/wrap/tinybsd.basefiles
+++ /dev/null
@@ -1,232 +0,0 @@
-# $FreeBSD$
-# contents of ${WORKDIR}/boot
-boot/boot0
-boot/boot1
-boot/boot2
-boot/defaults/loader.conf
-boot/device.hints
-boot/loader
-boot/loader.4th
-boot/loader.help
-boot/loader.rc
-boot/mbr
-boot/support.4th
-
-# contents of ${WORKDIR}/libexec
-libexec/ld-elf.so.1:usr/libexec/ld-elf.so.1
-
-# contents of ${WORKDIR}/bin
-bin/[:bin/test
-bin/cat
-bin/chflags
-bin/chio
-bin/chmod
-bin/cp
-bin/csh:bin/tcsh
-bin/date
-bin/dd
-bin/df
-bin/domainname
-bin/echo
-bin/ed:bin/red
-bin/expr
-bin/hostname
-bin/kenv
-bin/kill
-bin/ln:bin/link
-bin/ls
-bin/mkdir
-bin/mv
-bin/pax
-bin/ps
-bin/pwd
-bin/realpath
-bin/rm:bin/unlink
-bin/rmdir
-bin/sh
-bin/sleep
-bin/stty
-bin/sync
-
-# contents of ${WORKDIR}/sbin
-sbin/adjkerntz
-sbin/comcontrol
-sbin/disklabel
-sbin/dmesg
-sbin/fastboot:sbin/reboot
-sbin/fasthalt:sbin/halt
-sbin/fsck
-sbin/fsck_ufs:sbin/fsck_ffs
-sbin/fsck_ufs:sbin/fsck_4.2bsd
-sbin/ifconfig
-sbin/init
-sbin/ipfw
-sbin/kldconfig
-sbin/kldload
-sbin/kldstat
-sbin/kldunload
-sbin/ldconfig
-sbin/md5
-sbin/mdconfig
-sbin/mknod
-sbin/mdmfs
-sbin/mount
-sbin/mount_nullfs
-sbin/mount_unionfs
-sbin/natd
-sbin/newfs
-sbin/nextboot
-sbin/nologin
-sbin/nos-tun
-sbin/pfctl
-sbin/pflogd
-sbin/ping
-sbin/rcorder
-sbin/route
-sbin/shutdown
-sbin/slattach
-sbin/swapon
-sbin/sysctl
-sbin/umount
-
-# contents of ${WORKDIR}/usr/sbin
-usr/bin/at:usr/bin/atq
-usr/bin/at:usr/bin/atrm
-usr/bin/at:usr/bin/batch
-usr/bin/awk
-usr/bin/basename
-usr/bin/bunzip2:usr/bin/bzcat
-usr/bin/bunzip2:usr/bin/bzip2
-usr/bin/chat
-usr/bin/chfn:usr/bin/chpass
-usr/bin/chfn:usr/bin/chsh
-usr/bin/chgrp
-usr/bin/cksum
-usr/bin/clear
-usr/bin/cmp
-usr/bin/compress:usr/bin/uncompress
-usr/bin/cpio
-usr/bin/crontab
-usr/bin/cu
-usr/bin/dig
-usr/bin/dirname
-usr/bin/du
-usr/bin/ee
-usr/bin/egrep:usr/bin/fgrep
-usr/bin/egrep:usr/bin/grep
-usr/bin/env
-usr/bin/false
-usr/bin/fetch
-usr/bin/find
-usr/bin/finger
-usr/bin/fstat
-usr/bin/fsync
-usr/bin/ftp
-usr/bin/gunzip:usr/bin/gzcat
-usr/bin/gunzip:usr/bin/gzip
-usr/bin/gzexe
-usr/bin/head
-usr/bin/hexdump
-usr/bin/id:usr/bin/whoami
-usr/bin/ident
-usr/bin/killall
-usr/bin/last
-usr/bin/less:usr/bin/more
-usr/bin/limits
-usr/bin/lock
-usr/bin/lockf
-usr/bin/logger
-usr/bin/login
-usr/bin/logname
-usr/bin/mesg
-usr/bin/minigzip
-usr/bin/mkfifo
-usr/bin/mktemp
-usr/bin/msgs
-usr/bin/netstat
-usr/bin/nfsstat
-usr/bin/nice
-usr/bin/nslookup
-usr/bin/nsupdate
-usr/bin/nohup
-usr/bin/objformat
-usr/bin/openssl
-usr/bin/passwd
-usr/bin/printf
-usr/bin/renice
-usr/bin/reset:usr/sbin/tset
-usr/bin/scp
-usr/bin/script
-usr/bin/sed
-usr/bin/sftp
-usr/bin/shar
-usr/bin/slogin:usr/bin/ssh
-usr/bin/sort
-usr/bin/split
-usr/bin/ssh-keygen
-usr/bin/su
-usr/bin/tail
-usr/bin/tar
-usr/bin/tee
-usr/bin/telnet
-usr/bin/time
-usr/bin/top
-usr/bin/touch
-usr/bin/tput
-usr/bin/tr
-usr/bin/true
-usr/bin/tty
-usr/bin/uname
-usr/bin/uptime:usr/bin/w
-usr/bin/users
-usr/bin/uudecode
-usr/bin/uuencode
-usr/bin/vi
-usr/bin/vmstat
-usr/bin/wall
-usr/bin/who
-usr/bin/whois
-usr/bin/write
-usr/bin/yes
-
-# contents of ${WORKDIR}/usr/sbin
-usr/sbin/arp
-usr/sbin/authpf
-usr/sbin/boot0cfg
-usr/sbin/chown
-usr/sbin/cron
-usr/sbin/idprio:usr/sbin/rtprio
-usr/sbin/inetd
-usr/sbin/iostat
-usr/sbin/kbdcontrol
-usr/sbin/lastlogin
-usr/sbin/memcontrol
-usr/sbin/mtree
-usr/sbin/newsyslog
-usr/sbin/ntpdate
-usr/sbin/pciconf
-usr/sbin/pw
-usr/sbin/pwd_mkdb
-usr/sbin/slstat
-usr/sbin/sshd
-usr/sbin/syslogd
-usr/sbin/tcpdchk
-usr/sbin/tcpdmatch
-usr/sbin/tcpdump
-usr/sbin/traceroute
-usr/sbin/vidcontrol
-usr/sbin/vipw
-usr/sbin/vnconfig
-usr/sbin/watch
-usr/sbin/pccardc
-usr/sbin/pccardd
-
-# contents of ${WORKDIR}/usr/libexec
-usr/libexec/atrun
-usr/libexec/ftpd
-usr/libexec/getty
-usr/libexec/sftp-server
-
-# contents of ${WORKDIR}/usr/share
-usr/share/misc/termcap
-
diff --git a/tools/tools/tinybsd/conf/wrap/tinybsd.ports b/tools/tools/tinybsd/conf/wrap/tinybsd.ports
deleted file mode 100644
index 49bb52175241..000000000000
--- a/tools/tools/tinybsd/conf/wrap/tinybsd.ports
+++ /dev/null
@@ -1,9 +0,0 @@
-# $FreeBSD$
-# Here you can add the applications from the FreeBSD Ports Collection which you
-# want TinyBSD ports system to install in your embedded system. You whould list
-# one application per line, mentioning its category and name, like the examples:
-#
-# www/mini_httpd
-# net-mgmt/rate
-#
-# Make sure you have enough space to add it.
diff --git a/tools/tools/tinybsd/tinybsd b/tools/tools/tinybsd/tinybsd
deleted file mode 100755
index 1675b09f2a52..000000000000
--- a/tools/tools/tinybsd/tinybsd
+++ /dev/null
@@ -1,526 +0,0 @@
-#!/bin/sh -
-# Copyright (c) 2006 Jean Milanez Melo <jmelo@freebsdbrasil.com.br>
-# <jmelo@FreeBSD.org>
-# Patrick Tracanelli <eksffa@freebsdbrasil.com.br>
-#
-# $FreeBSD$
-#set -xv
-CURRENTDIR=/usr/src/tools/tools/tinybsd
-if [ ! -d $CURRENTDIR ]
-then
- CURRENTDIR=`pwd`
-else
- cd $CURRENTDIR
-fi
-
-WORKDIR=/usr/obj/tinybsdbuild
-KERNCONF=TINYBSD
-BASEFILE="tinybsd.basefiles"
-PORTSFILE="tinybsd.ports"
-PORTSDIR=/usr/ports
-DEFINSTARGS="-o 0 -g 0 -m 555"
-TINYARCH=$(uname -p)
-
-TS="=====>"
-
-splitarg1 () {
- local IFS
- IFS='='
- set $1
- echo $1
-}
-
-splitarg2 () {
- local IFS
- IFS='='
- set $1
- echo $2
-}
-
-getargs () {
- ARGS="$*"
- for arg in $*
- do
- ARG=`splitarg1 $arg`
- VAL=`splitarg2 $arg`
- case $ARG in
- sectors)
- SECTUNIT=$VAL
- ;;
- heads)
- TRACKCYL=$VAL
- ;;
- spt)
- SECTRACK=$VAL
- ;;
- conf)
- CONF=$VAL
- ;;
- mfsroot)
- MFSROOT=$VAL
- ;;
- image)
- IMG=$VAL
- ;;
- batch)
- NO_PROMPTS="YES"
- ;;
- new)
- NO_READ="YES"
- ;;
- *)
- usage
- ;;
- esac
- done
-}
-
-usage () {
- echo "Woops
- Usage: $0 sectors=<size of media> [80000]
- heads=<heads according to firmware> [4]
- spt=<sectors per track according to firmware> [32]
- conf=<configuration name> (see conf/name) [default]
- mfsroot[=<yes|no>] [no]
- image=<tinybsd image name> [tinybsd.bin]
- batch[=<anything>] (do not ask interactively)
- new[=<anything>] (do not read previous values)
-
- Examples:
- $0 sectors=65536 heads=8 spt=16 conf=wireless mfsroot=yes image=myimage.img batch
-
- Default values are set in the program.
- Environment values override defaults.
- Previous values override environment values but can be disabled.
- Command arguments override previous values.
- Interactive values override command arguments but can be disabled.
-
- Run diskinfo(8) -v against your CF device to get correct information
- about your disk. USB keys do not need any specific geometry"
- exit 1
-}
-
-########
-# Load variables from stdin (could be a file)
-# Look for lines that match foo=bar
-# do not run the file.. that is asking for trouble
-########
-loadvars () {
- while :
- do
- OIFS=$IFS
- IFS="="
- if read PART1 PART2
- then
- IFS="$OIFS"
- case "$PART1" in
- \#*)
- ;;
- "")
- ;;
- *)
- set "${PART1}"
- if [ $# = "1" ]
- then
- eval "${PART1}='${PART2}'"
- fi
- ;;
- esac
- else
- IFS="$OIFS"
- return 0
- fi
- done
-}
-
-########
-# get values from the user
-########
-confirm_action(){
- local ANSWER
- local MESSAGE
- ANSWER=$1
- MESSAGE=$2
- if [ "$NO_PROMPTS" != "YES" ]
- then
- echo -n "$MESSAGE [$ANSWER] " > /dev/tty
- read result
- [ "$result" != "" ] && ANSWER=$result
- fi
-
- ANSWER=`eval "echo $ANSWER"`
- echo $ANSWER
-}
-
-########
-# These are only used the VERY first time you run the program (on this machine)
-########
-setdefaults () {
- NO_PROMPTS=${NO_PROMPTS:-NO}
- NO_READ=${NO_READ:-NO}
- SECTUNIT=${SECTUNIT:-80000}; export SECTUNIT
- TRACKCYL=${TRACKCYL:-4}; export TRACKCYL
- SECTRACK=${SECTRACK:-32}; export SECTRACK
- CONF=${CONF:-default}; export CONF
- MFSROOT=${MFSROOT:-NO}; export MFSROOT
- IMG=${IMG:-tinybsd.bin}; export IMG
-
-}
-
-#######
-# get ourselves set up.
-# Partly by reading config files and partly from asking questions.
-#######
-loadconfig () {
- if [ "${NO_READ}" = "YES" ]
- then
- return
- fi
-
- HOSTNAME=`hostname`
- HOSTPART=${HOSTNAME%%.*}
- FILENAME=".tinybsd.${HOSTPART}.${USER}"
- FULLFILENAME=$HOME/$FILENAME
-
- if [ -f ${FULLFILENAME} ]
- then
- loadvars <${FULLFILENAME}
- fi
-
- SECTUNIT=`confirm_action "$SECTUNIT" "512 byte sectors per unit?"`
- TRACKCYL=`confirm_action "$TRACKCYL" "Tracks per cylinder?"`
- SECTRACK=`confirm_action "$SECTRACK" "Sectors per track?"`
- while :
- do
- echo "The following configurations exist:"
- ls -l conf|awk '/^d/{print " ",$9}'|grep -v CVS
- CONF=`confirm_action "$CONF" "Configuration name?"`
- if [ ! -d "${CURRENTDIR}/conf/$CONF" ]
- then
- echo "${TS} Error: Could not find config (${CONF})"
- if [ "$NO_PROMPTS" = "YES" ]
- then
- exit 1
- fi
- else
- break
- fi
- done
- MFSROOT=`confirm_action "$MFSROOT" "Use an MFSROOT? (yes/no)"`
- IMG=`confirm_action "$IMG" "Image file to generate?"`
-
-# example of formatted value (NNN in this case)
-# #condition and format the number
-# if [ -z "${BUILDNUM}" ]
-# then
-# echo "Starting with build 001"
-# BUILDNUM="001"
-# else
-# BUILDNUM=`printf "%03d\n" $(($BUILDNUM))`
-# fi
-
-
-}
-
-saveconfig () {
- HOSTNAME=`hostname`
- HOSTPART=${HOSTNAME%%.*}
- FILENAME=".tinybsd.${HOSTPART}.${USER}"
- FULLFILENAME=$HOME/$FILENAME
- (
- echo "# written by tinybsd" `date`
- echo "SECTUNIT=${SECTUNIT}"
- echo "TRACKCYL=${TRACKCYL}"
- echo "SECTRACK=${SECTRACK}"
- echo "CONF=${CONF}"
- echo "MFSROOT=${MFSROOT:-NO}"
- echo "IMG=${IMG}"
- ) >${FULLFILENAME}
-}
-
-check_alt_imgname() {
- if [ ${IMG} = 'tinybsd.bin' ]
- then
- echo "${TS} Alternative image name not set; defaulting to 'tinybsd.bin'"
- fi
-}
-
-rotate_buidlog() {
- mv -f ${HOME}/tinybsd.log ${HOME}/tinybsd.log.old
-}
-
-remove_workdir() {
- # Before removing check if there is not a mount under $WORKDIR anymore
- MOUNT_CHECK=`mount|egrep "on ${WORKDIR}"`
-
- if [ ! -z "${MOUNT_CHECK}" ]; then
- echo "There are mounts under the workdir (${WORKDIR}). Please umount them before running this script"
- exit 1
- else
- chflags -R noschg ${WORKDIR}
- echo "${TS} Removing "${WORKDIR}
- rm -rf ${WORKDIR}
- echo "${TS} Removing Build Kernel Directory"
- rm -rf /usr/obj/usr/src/sys/${KERNCONF}
- echo "${TS} done."
- fi
-}
-
-
-prework() {
- remove_workdir
- mkdir -p ${WORKDIR}
-}
-
-
-create_tree() {
- echo "${TS} Creating directory hierarchy... "
- mtree -deU -f /etc/mtree/BSD.root.dist -p ${WORKDIR}
- mtree -deU -f /etc/mtree/BIND.chroot.dist -p ${WORKDIR}
- mtree -deU -f /etc/mtree/BSD.usr.dist -p ${WORKDIR}/usr
- mtree -deU -f /etc/mtree/BSD.local.dist -p ${WORKDIR}/usr/local
- mtree -deU -f /etc/mtree/BSD.var.dist -p ${WORKDIR}/var
-}
-
-copy_binaries() {
- cd ${CURRENTDIR}/conf/${CONF}
-
- for file in `cat ${CURRENTDIR}/conf/${CONF}/${BASEFILE} | grep -v "#" | \
- cut -f1 -d":" | sort | uniq` ; do
- echo "${TS} Copying "/${file}" to "${WORKDIR}/${file}
- cp -fp /${file} ${WORKDIR}/${file} ;
- done
-}
-
-install_ports() {
- for portname in `cat ${CURRENTDIR}/conf/${CONF}/${PORTSFILE} | grep -v '#'` ; do
- if [ ! -d "${WORKDIR}/usr/ports" ]; then
- mkdir -p "${WORKDIR}/usr/ports"
- fi
-
- PNAME=`/usr/bin/basename "${portname}"`
- PORT_OPTION_FILE="/var/db/ports/${PNAME}/options"
-
- if [ -f "${PORT_OPTION_FILE}" ]; then
- mkdir -p "${WORKDIR}/var/db/ports/${PNAME}"
- cp "${PORT_OPTION_FILE}" "${WORKDIR}/var/db/ports/${PNAME}/"
- fi
-
- mount_nullfs /lib "${WORKDIR}/lib"
- mount_nullfs /usr/bin "${WORKDIR}/usr/bin"
- mount_nullfs /usr/sbin "${WORKDIR}/usr/sbin"
- mount_nullfs /usr/ports "${WORKDIR}/usr/ports"
- mount_nullfs /usr/share "${WORKDIR}/usr/share"
- mount_nullfs /usr/libexec "${WORKDIR}/usr/libexec"
- mount_nullfs /usr/lib "${WORKDIR}/usr/lib"
- mount_nullfs /usr/include "${WORKDIR}/usr/include"
-
- cd ${PORTSDIR}/${portname}
- make fetch-recursive
- make DESTDIR_ENV_LIST=PATH DESTDIR="${WORKDIR}" install
- make clean
-
- umount "${WORKDIR}/lib"
- umount "${WORKDIR}/usr/ports"
- umount "${WORKDIR}/usr/bin"
- umount "${WORKDIR}/usr/sbin"
- umount "${WORKDIR}/usr/share"
- umount "${WORKDIR}/usr/libexec"
- umount "${WORKDIR}/usr/lib"
- umount "${WORKDIR}/usr/include"
- done
-}
-
-make_kernel() {
- echo "${TS} Building customized tiny beastie kernel... "
- cp -p ${CURRENTDIR}/conf/${CONF}/${KERNCONF} /usr/src/sys/${TINYARCH}/conf
- cd /usr/src
- make buildkernel KERNCONF=${KERNCONF} || exit 1
- gzip -9 /usr/obj/usr/src/sys/${KERNCONF}/kernel
- install ${DEFINSTARGS} /usr/obj/usr/src/sys/${KERNCONF}/kernel.gz ${WORKDIR}/boot/kernel/
- install ${DEFINSTARGS} \
- /usr/obj/usr/src/sys/${KERNCONF}/modules/usr/src/sys/modules/acpi/acpi/acpi.ko \
- ${WORKDIR}/boot/kernel
- install -o 0 -g 0 -m 444 /sys/${TINYARCH}/conf/GENERIC.hints ${WORKDIR}/boot/device.hints
-}
-
-copy_libraries() {
- TDEPFILE="`mktemp -t deps`"
- TDEPFILES="`mktemp -t depsymlnk`"
-
- find "${WORKDIR}" -type f |while read file; do
- ldd -f "%p\n" ${file} >> ${TDEPFILE} ; # don't worry on progs been "not dynamic"
- done
-
- for libdeplib in `cat ${TDEPFILE} | sort | uniq`; do
- ldd -f "%p\n" /${libdeplib} >> ${TDEPFILE} ;
- done
-
- for pamdep in `ls -1 /usr/lib/pam*`; do
- echo $pamdep >> ${TDEPFILE} ;
- ldd -f "%p\n" /${pamdep} >> ${TDEPFILE} ;
- done
-
- for lib in `cat ${TDEPFILE} | sort | uniq`; do
- echo "${TS} Copying "${lib}" to "${WORKDIR}${lib}
- cp -fp ${lib} ${WORKDIR}${lib} ;
- done
-
- for depsymlink in `cat ${TDEPFILE}`; do
- echo "${TS} Checking if ${depsymlink} is a symbolic link"
- /bin/ls -l $depsymlink | grep "\->" | awk '{print $11":"$9}' >> ${TDEPFILES}
- done
-
- for i in `cat ${TDEPFILES}`; do
- SOURCE_FILE=`echo $i | awk -F ":" '{print $1}'`
- TARGET_FILE=`echo $i | awk -F ":" '{print $2}'`
-
- echo "${TS} Unlinking ${WORKDIR}${TARGET_FILE}"
- chroot ${WORKDIR} /bin/chflags 0 ${TARGET_FILE}
- chroot ${WORKDIR} /bin/rm -f ${TARGET_FILE}
-
- echo "${TS} Symlinking ${SOURCE_FILE} to ${TARGET_FILE}"
- chroot ${WORKDIR} /bin/ln -s ${SOURCE_FILE} ${TARGET_FILE}
- done
-
- echo -n "${TS} Unlinking "
- rm -fv ${TDEPFILE} ${TDEPFILES}
-}
-
-create_etc() {
- cd /usr/src/etc/sendmail/
- make freebsd.cf freebsd.submit.cf
-
- cd /usr/src/etc/
- mkdir -p ${WORKDIR}/var/named/etc/namedb
- make distribution DESTDIR=${WORKDIR} || exit 1
-}
-
-create_ssh_keys() {
- echo "Creating ssh keys..."
- ssh-keygen -t rsa1 -b 1024 -f ${WORKDIR}/etc/ssh/ssh_host_key -N ''
- ssh-keygen -t dsa -f ${WORKDIR}/etc/ssh/ssh_host_dsa_key -N ''
- ssh-keygen -t rsa -f ${WORKDIR}/etc/ssh/ssh_host_rsa_key -N ''
-}
-
-personal_conf() {
- echo "${TS} Copying your custom configuration on conf/ ..."
- for custom in `find ${CURRENTDIR}/conf/${CONF}/ -type d -depth 1 \! -name CVS`; do
- cp -Rp ${custom}/* ${WORKDIR}/${custom#${CURRENTDIR}/conf/${CONF}/}/
- done
-
- if [ -f ${CURRENTDIR}/conf/${CONF}/boot.config ]; then
- cp ${CURRENTDIR}/conf/${CONF}/boot.config ${WORKDIR}/boot.config
- fi
-}
-
-symlinks() {
-#set -xv
- for i in `cat ${CURRENTDIR}/conf/${CONF}/${BASEFILE}| grep -v "#" | grep ":"`; do
- SOURCE_FILE=`echo $i | awk -F ":" {'print $1'}`
- TARGET_FILE=`echo $i | awk -F ":" {'print $2'}`
- chroot ${WORKDIR} /bin/ln -vs /${SOURCE_FILE} ${TARGET_FILE}
- done
-#set +xv
-}
-
-
-create_image() {
- VNODEFILE=`mktemp -t tinybsd`
- IMGMNT=`mktemp -d -t tinybsd`
-
- dd if=/dev/zero of=${VNODEFILE} count=${SECTUNIT}
-
- MD=`mdconfig -a -t vnode -f ${VNODEFILE} -x ${SECTRACK} -y ${TRACKCYL}`
-
- diskinfo -v /dev/${MD}
-
- fdisk -I /dev/${MD}
- fdisk /dev/${MD}
-
- cp -p /boot/boot0 ${WORKDIR}/boot/boot0
- bsdlabel -w -B /dev/${MD}
- newfs -O2 -U /dev/${MD}a
-
- mount /dev/${MD}a ${IMGMNT}
-
- if [ ${MFSROOT} = 'yes' ]
- then
- echo "${TS} Creating MFS root..."
- # Update is not done yet
- #mkdir -p ${WORKDIR}/usr/local/bin/
- #cp -p ${CURRENTDIR}/update/update ${WORKDIR}/usr/local/bin/
- rm ${WORKDIR}/etc/fstab
- cd ${WORKDIR} && find . -print | sed '/kernel/ d' | cpio -dump ${IMGMNT} || true
- umount ${IMGMNT}
- dd if=/dev/${MD} of=${CURRENTDIR}/mfsroot.img
- gzip -9 < ${CURRENTDIR}/mfsroot.img > ${CURRENTDIR}/mfsroot.gz
- rm ${CURRENTDIR}/mfsroot.img
- mount /dev/${MD}a ${IMGMNT}
- rm -rf ${IMGMNT}/*
- cp -rp ${WORKDIR}/boot ${IMGMNT}
- rm ${IMGMNT}/boot/device.hints
- ( \
- echo 'set vfs.root.mountfrom="ufs:/dev/md0a"' ; \
- echo 'set bootfile="/boot/kernel/kernel"' ; \
- sed -e '/^#/ d' -e 's/^/set /' < ${WORKDIR}/boot/device.hints ; \
- echo 'load /boot/kernel/kernel' ; \
- echo 'echo Loading mfsroot' ; \
- echo 'load -t mfs_root /mfsroot' ;\
- echo 'boot' ; \
- ) > ${IMGMNT}/boot/loader.rc
- mv ${CURRENTDIR}/mfsroot.gz ${IMGMNT}
- else
- ( cd ${WORKDIR} && find . -print | cpio -dump ${IMGMNT} ) || true
- fi
-
- df ${IMGMNT}
- sleep 1
- umount ${IMGMNT}
-
- dd if=/dev/${MD} of=${CURRENTDIR}/${IMG} bs=64k
-
- rm -vf ${VNODEFILE}
- rm -rvf ${IMGMNT}
- mdconfig -d -u ${MD}
- echo ""
- echo "${TS} Done!"
- echo "${TS} Your configuration options were saved in ${FULLFILENAME}"
- echo "${TS} You can see your build log in ${HOME}/tinybsd.log"
- echo "${TS} Your final image is in ${CURRENTDIR}/${IMG}"
- echo "${TS} Now use dd(1) to write it."
-}
-
-##########################
-# run things
-
-##########################################
-## The actual program
-##########################################
-getargs $*
-setdefaults
-# Load as many of the configuration options as we can
-loadconfig
-saveconfig
-
-# Rotate build log
-rotate_buidlog
-
-# Now start logging.
-(
- # Do the build
- prework
- check_alt_imgname
- create_tree
- copy_binaries
- create_etc
- install_ports
- make_kernel
- copy_libraries
- symlinks
- create_ssh_keys
- personal_conf
- create_image
-#set +xv
-) 2>&1 |tee -a ${HOME}/tinybsd.log
-