6 files changed, 407 insertions, 0 deletions
diff --git a/init.d.FreeBSD/Makefile b/init.d.FreeBSD/Makefile
new file mode 100644
index 00000000..da0be63d
--- /dev/null
+++ b/init.d.FreeBSD/Makefile
@@ -0,0 +1,5 @@
+DIR=	/etc/init.d
+BIN=	${CONTENTS} 
+
+MK=	../mk
+include ${MK}/scripts.mk
diff --git a/init.d.FreeBSD/devd b/init.d.FreeBSD/devd
new file mode 100644
index 00000000..78ce9256
--- /dev/null
+++ b/init.d.FreeBSD/devd
@@ -0,0 +1,42 @@
+#!/sbin/runscript
+# Copyright 2007 Roy Marples
+# All rights reserved
+
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+
+command=/sbin/devd
+command_args=${devd_args}
+name="Device State Change Daemon"
+
+depend() {
+	need localmount
+	after bootmisc
+	before net.lo0
+}
+
+start_pre() {
+    sysctl hw.bus.devctl_disable=0 >/dev/null
+}
+
+stop_post() {
+    sysctl hw.bus.devctl_disable=1 >/dev/null
+}
diff --git a/init.d.FreeBSD/dumpon b/init.d.FreeBSD/dumpon
new file mode 100644
index 00000000..65d901f3
--- /dev/null
+++ b/init.d.FreeBSD/dumpon
@@ -0,0 +1,45 @@
+#!/sbin/runscript
+# Copyright 2007 Roy Marples
+# All rights reserved
+
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+
+description="Configures a specific kernel dump device."
+
+depend() {
+	need swap
+}
+
+start() {
+	# Setup any user requested dump device
+	if [ -n "${dump_device}" ]; then
+		ebegin "Activating kernel core dump device (${dump_device})"
+		dumpon ${dump_device}
+		eend $?
+	fi
+}
+
+stop() {
+	ebegin "Deactiving kernel core dump device"
+	dumpon off
+	eend $?
+}
diff --git a/init.d.FreeBSD/ipfw b/init.d.FreeBSD/ipfw
new file mode 100644
index 00000000..9dca799b
--- /dev/null
+++ b/init.d.FreeBSD/ipfw
@@ -0,0 +1,169 @@
+#!/sbin/runscript
+# Copyright 2007 Roy Marples
+# All rights reserved
+
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+
+# This is based on /etc/rc.firewall and /etc/rc.firewall6 from FreeBSD
+
+ipfw_ip_in=${ipfw_ip_in-any}
+ipfw_ports_in=${ipfw_ports_in-auth ssh}
+ipfw_ports_nolog=${ipfw_ports_nolog-135-139,445 1026,1027 1433,1434}
+
+opts="panic showstatus"
+
+depend() {
+	before net
+	provide firewall
+}
+
+ipfw() {
+	/sbin/ipfw -f -q "$@"
+}
+
+init() {
+	# Load the kernel module
+	if ! sysctl net.inet.ip.fw.enable=1 >/dev/null 2>&1; then
+		if ! kldload ipfw; then
+			eend 1 "Unable to load firewall module"
+			return 1
+		fi
+	fi
+
+	# Now all rules and give a good base
+	ipfw flush
+
+	ipfw add pass all from any to any via lo0
+	ipfw add deny all from any to 127.0.0.0/8
+	ipfw add deny ip from 127.0.0.0/8 to any
+
+	ipfw add pass ip6 from any to any via lo0
+	ipfw add deny ip6 from any to ::1
+	ipfw add deny ip6 from ::1 to any
+	
+	ipfw add pass ip6 from :: to ff02::/16 proto ipv6-icmp
+	ipfw add pass ip6 from fe80::/10 to fe80::/10 proto ipv6-icmp
+	ipfw add pass ip6 from fe80::/10 to ff02::/16 proto ipv6-icmp
+}
+
+start() {
+	local i= p= log=
+	ebegin "Starting firewall rules"
+	if ! init; then
+		eend 1 "Failed to flush firewall ruleset"
+		return 1
+	fi
+
+	# Use a statefull firewall
+	ipfw add check-state
+	ipfw add pass tcp from me to any established
+
+	# Allow any connection out, adding state for each.
+	ipfw add pass tcp  from me  to any setup keep-state
+	ipfw add pass udp  from me  to any       keep-state
+	ipfw add pass icmp from me  to any       keep-state
+
+	ipfw add pass tcp  from me6 to any setup keep-state
+	ipfw add pass udp  from me6 to any       keep-state
+	ipfw add pass icmp from me6 to any       keep-state
+
+	# Allow DHCP.
+	ipfw add pass udp  from 0.0.0.0 68 to 255.255.255.255 67 out
+	ipfw add pass udp  from any 67     to me 68 in
+	ipfw add pass udp  from any 67     to 255.255.255.255 68 in
+	# Some servers will ping the IP while trying to decide if it's 
+	# still in use.
+	ipfw add pass icmp from any to any icmptype 8
+
+	# Allow "mandatory" ICMP in.
+	ipfw add pass icmp from any to any icmptype 3,4,11
+
+	# Allow ICMPv6 destination unreach
+	ipfw add pass ip6 from any to any icmp6types 1 proto ipv6-icmp
+
+	# Allow NS/NA/toobig (don't filter it out)
+	ipfw add pass ip6 from any to any icmp6types 2,135,136 proto ipv6-icmp
+	
+	# Add permits for this workstations published services below
+	# Only IPs and nets in firewall_allowservices is allowed in.
+	for i in ${ipfw_ip_in}; do
+		for p in ${ipfw_ports_in}; do
+	    	ipfw add pass tcp from ${i} to me ${p}
+		done
+	done
+
+	# Allow all connections from trusted IPs.
+	# Playing with the content of firewall_trusted could seriously
+	# degrade the level of protection provided by the firewall.
+	for i in ${ipfw_ip_trust}; do
+		ipfw add pass ip from ${i} to me
+	done
+	
+	ipfw add 65000 count ip from any to any
+
+	# Drop packets to ports where we don't want logging
+	for p in ${ipfw_ports_nolog}; do
+		ipfw add deny { tcp or udp } from any to any ${p} in
+	done
+
+	# Broadcasts and muticasts
+	ipfw add deny ip from any to 255.255.255.255
+	ipfw add deny ip from any to 224.0.0.0/24 
+
+	# Noise from routers
+	ipfw add deny udp from any to any 520 in
+
+	# Noise from webbrowsing.
+	# The statefull filter is a bit agressive, and will cause some
+	# connection teardowns to be logged.
+	ipfw add deny tcp from any 80,443 to any 1024-65535 in
+
+	# Deny and (if wanted) log the rest unconditionally.
+	if yesno ${ipfw_log_deny:-no}; then
+		log="log"
+		sysctl net.inet.ip.fw.verbose=1 >/dev/null
+	fi
+	ipfw add deny ${log} ip from any to any
+
+	eend 0
+}
+
+stop() {
+	ebegin "Stopping firewall rules"
+	# We don't unload the kernel module as that action
+	# can cause memory leaks as of FreeBSD 6.x
+	sysctl net.inet.ip.fw.enable=0 >/dev/null
+	eend $?
+}
+
+panic() {
+	ebegin "Stopping firewall rules - hard"
+	if ! init; then
+		eend 1 "Failed to flush firewall ruleset"
+		return 1
+	fi
+	eend 0
+}
+
+showstatus() {
+	ipfw show
+}
diff --git a/init.d.FreeBSD/nscd b/init.d.FreeBSD/nscd
new file mode 100644
index 00000000..4dbeacc4
--- /dev/null
+++ b/init.d.FreeBSD/nscd
@@ -0,0 +1,43 @@
+#!/sbin/runscript
+# Copyright 2007 Roy Marples
+# All rights reserved
+
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+
+command=/usr/sbin/nscd
+command_args="${nscd_args}"
+pidfile=/var/run/nscd.pid
+name="Name Service Cache Daemon"
+
+extra_started_commands="flush"
+
+depend() {
+	need localmount
+	use net dns ldap ypbind
+	after bootmisc
+}
+
+flush() {
+	ebegin "Flushing ${name}"
+	nscd -I all >/dev/null
+	eend $?
+}
diff --git a/init.d.FreeBSD/syscons b/init.d.FreeBSD/syscons
new file mode 100644
index 00000000..c04ccff1
--- /dev/null
+++ b/init.d.FreeBSD/syscons
@@ -0,0 +1,103 @@
+#!/sbin/runscript
+# Copyright 2007 Roy Marples
+# All rights reserved
+
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+
+depend() {
+	need localmount
+}
+
+start() {
+	if [ -n "${allscreen_flags}" ]; then
+		ebegin "Setting mode to ${allscreen_flags} for all screens"
+		for v in /dev/ttyv*; do
+			vidcontrol ${allscreen_flags} <"${v}"
+		done
+		eend $?
+	fi
+	
+	if [ -n "${keymap}" ]; then
+		ebegin "Setting keymap to ${keymap}"
+		kbdcontrol -l ${keymap} </dev/console
+		eend $?
+	fi
+	
+	if [ -n "${keyrate}" ]; then
+		ebegin "Setting keyrate to ${keyrate}"
+		kbdcontrol -r ${keyrate} </dev/console
+		eend $?
+	fi
+
+	if [ -n "${keychange}" ]; then
+		ebegin "Changing function keys"
+		eval set -- "${keychange}"
+		eindent
+		while [ $# -gt 0 ]; do
+			veinfo "F$1 -> \`$2'"
+			kbdcontrol -f "$1" "$2" </dev/console
+			veend $?
+			shift; shift
+		done
+		eoutdent
+	fi
+	
+	if [ -n "${cursor}" ]; then
+		ebegin "Setting cursor"
+		vidcontrol -c ${cursor}
+		eend $?
+	fi
+
+	local v= f=
+	for v in font8x16 font8x14 font8x8; do
+		f=$(eval \$"${v}")
+		if [ -n "${f}" ]; then
+			ebegin "Setting font ${f}"
+			vidcontrol -f ${v##FONT} ${f}
+			eend $?
+		fi
+	done
+
+	if [ -n "${blanktime}" ]; then
+		ebegin "Setting blanktime"
+		vidcontrol -t ${blanktime}
+		eend $?
+	fi
+
+	if [ -n "${saver}" ]; then
+		local i=
+		for i in $(kldstat | sed -n -e 's/.* \(splash_.*\)/\1/p'); do
+			kldunload "${i}"
+		done
+		kldstat -v | grep -q _saver || kldload ${saver}_saver
+	fi
+
+	if [ -n "${kbdflags}" ]; then
+		ebegin "Setting keyboard flags for all screens"
+		for v in /dev/ttyv*; do
+			kbdcontrol ${kbdflags} <${v}
+		done
+		eend $?
+	fi
+
+	return 0
+}