import from old webserver

noc/README.html

@@ -0,0 +1,13 @@
+<pre>
+
+<b>Config-Daten vom Easterhegg 2005 Router</b>
+
+Router:
+- Debian/Unstable
+- Kleine Fujitsu/Siemens Box mit P4, 512mb RAM, 1xE100, 1xE1000 Interfaces
+- Uplink: Hansenet 5mbit down/500kbit up Leitung per PPPOE
+- Rechner/Router Anbindung: 2 100mbit Etherchannel Ports mit diversen VLANs
+  an einem Cisco 2948G, und dahinter als Raum-Satellites diverse Cisco
+  2950/2900
+- VLANs: Uplink, Management, Kabelnetz, WLAN, Freifunker, Funker+Printer
+</pre>

noc/configs/dhcp3/dhcpd.conf

@@ -0,0 +1,51 @@
+#
+#
+#ddns-update-style none;
+ddns-update-style interim;
+ddns-domainname "easterhegg.de";
+authoritative;
+
+# option definitions common to all supported networks...
+option domain-name "easterhegg.de";
+option domain-name-servers 172.16.0.1;
+min-lease-time 3600;
+default-lease-time 7200;
+max-lease-time 14400;
+ping-check true;
+update-optimization false;
+
+#subnet 204.254.239.0 netmask 255.255.255.224 {
+#  range 204.254.239.10 204.254.239.20;
+#  option broadcast-address 204.254.239.31;
+#  option routers prelude.fugue.com;
+#}
+
+# Kabel
+subnet 172.16.0.0 netmask 255.255.252.0 {
+   range 172.16.2.2 172.16.2.254;
+   range 172.16.3.2 172.16.3.254;
+   option broadcast-address 172.16.3.255;
+   option routers 172.16.0.1;
+}
+
+# WLAN
+subnet 172.16.4.0 netmask 255.255.252.0 {
+   range 172.16.6.2 172.16.6.254;
+   range 172.16.7.2 172.16.7.254;
+   option broadcast-address 172.16.7.255;
+   option routers 172.16.4.1;
+}
+
+# NOC
+subnet 172.16.42.0 netmask 255.255.255.0 {
+   range 172.16.42.128 172.16.42.254;
+   option broadcast-address 172.16.42.255;
+   option routers 172.16.42.1;
+}
+
+# AFU-Druck
+subnet 172.16.25.0 netmask 255.255.255.0 {
+   range 172.16.25.2 172.16.25.199;
+   option broadcast-address 172.16.25.255;
+   option routers 172.16.25.1;
+}

noc/configs/dhcp3/dhcpd.conf.dpkg-dist

@@ -0,0 +1,108 @@
+#
+# Sample configuration file for ISC dhcpd for Debian
+#
+# $Id: dhcpd.conf,v 1.1.1.1 2002/05/21 00:07:44 peloy Exp $
+#
+
+# The ddns-updates-style parameter controls whether or not the server will
+# attempt to do a DNS update when a lease is confirmed. We default to the
+# behavior of the version 2 packages ('none', since DHCP v2 didn't
+# have support for DDNS.)
+ddns-update-style none;
+
+# option definitions common to all supported networks...
+option domain-name "example.org";
+option domain-name-servers ns1.example.org, ns2.example.org;
+
+default-lease-time 600;
+max-lease-time 7200;
+
+# If this DHCP server is the official DHCP server for the local
+# network, the authoritative directive should be uncommented.
+#authoritative;
+
+# Use this to send dhcp log messages to a different log file (you also
+# have to hack syslog.conf to complete the redirection).
+log-facility local7;
+
+# No service will be given on this subnet, but declaring it helps the 
+# DHCP server to understand the network topology.
+
+#subnet 10.152.187.0 netmask 255.255.255.0 {
+#}
+
+# This is a very basic subnet declaration.
+
+#subnet 10.254.239.0 netmask 255.255.255.224 {
+#  range 10.254.239.10 10.254.239.20;
+#  option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
+#}
+
+# This declaration allows BOOTP clients to get dynamic addresses,
+# which we don't really recommend.
+
+#subnet 10.254.239.32 netmask 255.255.255.224 {
+#  range dynamic-bootp 10.254.239.40 10.254.239.60;
+#  option broadcast-address 10.254.239.31;
+#  option routers rtr-239-32-1.example.org;
+#}
+
+# A slightly different configuration for an internal subnet.
+#subnet 10.5.5.0 netmask 255.255.255.224 {
+#  range 10.5.5.26 10.5.5.30;
+#  option domain-name-servers ns1.internal.example.org;
+#  option domain-name "internal.example.org";
+#  option routers 10.5.5.1;
+#  option broadcast-address 10.5.5.31;
+#  default-lease-time 600;
+#  max-lease-time 7200;
+#}
+
+# Hosts which require special configuration options can be listed in
+# host statements.   If no address is specified, the address will be
+# allocated dynamically (if possible), but the host-specific information
+# will still come from the host declaration.
+
+#host passacaglia {
+#  hardware ethernet 0:0:c0:5d:bd:95;
+#  filename "vmunix.passacaglia";
+#  server-name "toccata.fugue.com";
+#}
+
+# Fixed IP addresses can also be specified for hosts.   These addresses
+# should not also be listed as being available for dynamic assignment.
+# Hosts for which fixed IP addresses have been specified can boot using
+# BOOTP or DHCP.   Hosts for which no fixed address is specified can only
+# be booted with DHCP, unless there is an address range on the subnet
+# to which a BOOTP client is connected which has the dynamic-bootp flag
+# set.
+#host fantasia {
+#  hardware ethernet 08:00:07:26:c0:a5;
+#  fixed-address fantasia.fugue.com;
+#}
+
+# You can declare a class of clients and then do address allocation
+# based on that.   The example below shows a case where all clients
+# in a certain class get addresses on the 10.17.224/24 subnet, and all
+# other clients get addresses on the 10.0.29/24 subnet.
+
+#class "foo" {
+#  match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
+#}
+
+#shared-network 224-29 {
+#  subnet 10.17.224.0 netmask 255.255.255.0 {
+#    option routers rtr-224.example.org;
+#  }
+#  subnet 10.0.29.0 netmask 255.255.255.0 {
+#    option routers rtr-29.example.org;
+#  }
+#  pool {
+#    allow members of "foo";
+#    range 10.17.224.10 10.17.224.250;
+#  }
+#  pool {
+#    deny members of "foo";
+#    range 10.0.29.10 10.0.29.230;
+#  }
+#}

noc/configs/group

@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:lp
+mail:x:8:
+news:x:9:
+uucp:x:10:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+postgres:x:32:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+man:*:12:
+sasl:*:45:
+plugdev:*:46:
+crontab:x:101:
+ssh:x:102:
+noc:x:1000:
+bind:x:1001:
+ntp:x:103:

noc/configs/init.d/bind

@@ -0,0 +1,50 @@
+#!/bin/sh
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+
+test -x /usr/sbin/named || exit 0
+
+case "$1" in
+    start)
+	echo -n "Starting domain name service: named"
+	ulimit -n 16384
+	#/usr/sbin/named -4 -t /var/named -u bind
+	/usr/sbin/named -t /var/named -u bind -n 1 -c /etc/namedb/named.conf
+	#/usr/sbin/named -t /var/named -u bind -n 1 -c /etc/namedb/named.conf.bind9.2
+	#/usr/sbin/named -4 -t /var/named -u bind -c /etc/namedb/named.conf.1
+	#/usr/sbin/named -4 -t /var/named -u bind -c /etc/namedb/named.conf.2
+	echo "."	
+    ;;
+
+    stop)
+	echo -n "Stopping domain name service: named"
+	    /usr/bin/killall named
+	echo "."	
+    ;;
+
+    restart)
+	/usr/bin/killall named
+	sleep 2
+	ulimit -n 16384
+	#/usr/sbin/named -4 -t /var/named -u bind -c /etc/namedb/named.conf.1
+	#/usr/sbin/named -4 -t /var/named -u bind -c /etc/namedb/named.conf.2
+	#/usr/sbin/named -t /var/named -u bind -n 2 -n 2
+	/usr/sbin/named -t /var/named -u bind -n 1 -c /etc/namedb/named.conf
+	#/usr/sbin/named -t /var/named -u bind -n 1 -c /etc/namedb/named.conf.bind9.2
+    ;;
+    
+    reload)
+	/usr/bin/killall -HUP named
+    ;;
+
+    force-reload)
+        $0 restart
+    ;;
+
+    *)
+	echo "Usage: /etc/init.d/bind {start|stop|reload|restart|force-reload}" >&2
+	exit 1
+    ;;
+esac
+
+exit 0

noc/configs/init.d/inetd

@@ -0,0 +1,67 @@
+#!/bin/sh
+exit 0
+
+#
+# start/stop inetd super server.
+
+if ! [ -x /usr/sbin/inetd ]; then
+	exit 0
+fi
+
+checkportmap () {
+    if grep -v "^ *#" /etc/inetd.conf | grep 'rpc/' >/dev/null; then
+        if ! [ -x /usr/bin/rpcinfo ]
+        then
+            echo
+            echo "WARNING: rpcinfo not available - RPC services may be unavailable!"
+            echo "         (Commenting out the rpc services in inetd.conf will"
+	    echo "         disable this message)"
+            echo
+        elif ! /usr/bin/rpcinfo -u localhost portmapper >/dev/null 2>/dev/null
+        then
+            echo
+            echo "WARNING: portmapper inactive - RPC services unavailable!"
+            echo "         (Commenting out the rpc services in inetd.conf will"
+	    echo "         disable this message)"
+            echo
+        fi
+    fi
+} 
+
+case "$1" in
+    start)
+        checkportmap
+	echo -n "Starting internet superserver:"
+	echo -n " inetd" ; start-stop-daemon --start --quiet --pidfile /var/run/inetd.pid --exec /usr/sbin/inetd
+	echo "."
+	;;
+    stop)
+	echo -n "Stopping internet superserver:"
+	echo -n " inetd" ; start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/inetd.pid --exec /usr/sbin/inetd
+	echo "."
+	;;
+    reload)
+	echo -n "Reloading internet superserver:"
+	echo -n " inetd"
+	start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/inetd.pid --signal 1
+	echo "."
+	;;
+    force-reload)
+	$0 reload
+	;;
+    restart)
+	echo -n "Restarting internet superserver:"
+	echo -n " inetd"
+	start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/inetd.pid
+	checkportmap
+	start-stop-daemon --start --quiet --pidfile /var/run/inetd.pid --exec /usr/sbin/inetd
+	echo "."
+	;;
+    *)
+	echo "Usage: /etc/init.d/inetd {start|stop|reload|restart}"
+	exit 1
+	;;
+esac
+
+exit 0
+

noc/configs/init.d/olsr

@@ -0,0 +1,92 @@
+#! /bin/sh
+#
+# skeleton	Example initscript
+#		This file should be used to construct scripts to be
+#		placed in /etc/init.d.
+#
+# Author:	Miquel van Smoorenburg <miquels@cistron.nl>.
+#		Ian Murdock <imurdock@gnu.ai.mit.edu>.
+#
+#		Please remove the "Author" lines above and replace them
+#		with your own name if you copy and modify this script.
+#
+# Version:	@(#)skeleton  2.85-23  28-Jul-2004  miquels@cistron.nl
+#
+
+set -e
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DESC="freifunk olsr"
+NAME=""
+
+# Read config file if it is present.
+#if [ -r /etc/default/$NAME ]
+#then
+#	. /etc/default/$NAME
+#fi
+
+#
+#	Function that starts the daemon/service.
+#
+d_start() {
+	screen -d -m -S olsr /usr/sbin/olsrd
+}
+
+#
+#	Function that stops the daemon/service.
+#
+d_stop() {
+	killall olsrd
+}
+
+#
+#	Function that sends a SIGHUP to the daemon/service.
+#
+d_reload() {
+	echo "no reload"
+}
+
+case "$1" in
+  start)
+	echo -n "Starting $DESC: $NAME"
+	d_start
+	echo "."
+	;;
+  stop)
+	echo -n "Stopping $DESC: $NAME"
+	d_stop
+	echo "."
+	;;
+  #reload)
+	#
+	#	If the daemon can reload its configuration without
+	#	restarting (for example, when it is sent a SIGHUP),
+	#	then implement that here.
+	#
+	#	If the daemon responds to changes in its config file
+	#	directly anyway, make this an "exit 0".
+	#
+	# echo -n "Reloading $DESC configuration..."
+	# d_reload
+	# echo "done."
+  #;;
+  restart|force-reload)
+	#
+	#	If the "reload" option is implemented, move the "force-reload"
+	#	option to the "reload" entry above. If not, "force-reload" is
+	#	just the same as "restart".
+	#
+	echo -n "Restarting $DESC: $NAME"
+	d_stop
+	sleep 1
+	d_start
+	echo "."
+	;;
+  *)
+	# echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
+	echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
+	exit 1
+	;;
+esac
+
+exit 0

noc/configs/init.d/pppd-dns

@@ -0,0 +1,10 @@
+#!/bin/sh -e
+exit 0
+
+#
+# Restore /etc/resolv.conf if the system crashed before the ppp link
+# was shut down.
+
+[ -x /etc/ppp/ip-down.d/0000usepeerdns ] \
+	&& exec /etc/ppp/ip-down.d/0000usepeerdns
+

noc/configs/init.d/wshaper

@@ -0,0 +1,159 @@
+#!/bin/bash
+# Wonderous Shaper
+# please read the README before filling out these values 
+#
+# Set the following values to somewhat less than your actual download
+# and uplink speed. In kilobits. Also set the device that is to be shaped.
+
+DOWNLINK=5000
+UPLINK=490
+DEV=ppp0
+
+# low priority OUTGOING traffic - you can leave this blank if you want
+# low priority source netmasks
+NOPRIOHOSTSRC=
+
+# low priority destination netmasks
+NOPRIOHOSTDST=
+
+# low priority source ports
+NOPRIOPORTSRC="80 20 21 4662 4666 4772 4776 2142 4005 6881 6882 6883 6884 6885 6886 6887 6888 6889"
+
+# low priority destination ports
+NOPRIOPORTDST="4662 4666 4772 4776 2142 6881 6882 6883 6884 6885 6886 6887 6888 6889"
+
+
+my_tc() {
+        /sbin/tc "$@" || echo "failed: tc $@"
+}
+        
+# Now remove the following two lines :-)
+
+#echo Please read the documentation in 'README' first
+#exit
+
+if [ "$1" = "status" ]
+then
+	my_tc -s qdisc ls dev $DEV
+	my_tc -s class ls dev $DEV
+	exit
+fi
+
+
+# clean existing down- and uplink qdiscs, hide errors
+my_tc qdisc del dev $DEV root    2> /dev/null > /dev/null
+my_tc qdisc del dev $DEV ingress 2> /dev/null > /dev/null
+
+if [ "$1" = "stop" ] 
+then 
+	exit
+fi
+
+
+###### uplink
+
+# install root HTB, point default traffic to 1:20:
+
+my_tc qdisc add dev $DEV root handle 1: htb default 20 r2q 1
+
+# shape everything at $UPLINK speed - this prevents huge queues in your
+# DSL modem which destroy latency:
+
+my_tc class add dev $DEV parent 1: classid 1:1 htb rate ${UPLINK}kbit burst 2k
+
+# high prio class 1:10:
+
+my_tc class add dev $DEV parent 1:1 classid 1:10 htb rate ${UPLINK}kbit \
+   burst 2k prio 1
+
+# bulk & default class 1:20 - gets slightly less traffic, 
+# and a lower priority:
+
+my_tc class add dev $DEV parent 1:1 classid 1:20 htb rate $[5*$UPLINK/10]kbit \
+   ceil $[9*$UPLINK/10]kbit \
+   burst 2k prio 2
+
+my_tc class add dev $DEV parent 1:1 classid 1:30 htb rate $[1*$UPLINK/10]kbit \
+   ceil $[7*$UPLINK/10]kbit \
+   burst 2k prio 5
+
+# all get Stochastic Fairness:
+my_tc qdisc add dev $DEV parent 1:10 handle 10: sfq perturb 10
+my_tc qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10
+my_tc qdisc add dev $DEV parent 1:30 handle 30: sfq perturb 10
+
+# TOS Minimum Delay (ssh, NOT scp) in 1:10:
+
+my_tc filter add dev $DEV parent 1:0 protocol ip prio 10 u32 \
+      match ip tos 0x10 0xff  flowid 1:10
+
+# ICMP (ip protocol 1) in the interactive class 1:10 so we 
+# can do measurements & impress our friends:
+my_tc filter add dev $DEV parent 1:0 protocol ip prio 10 u32 \
+        match ip protocol 1 0xff flowid 1:10
+
+# To speed up downloads while an upload is going on, put ACK packets in
+# the interactive class:
+
+my_tc filter add dev $DEV parent 1: protocol ip prio 10 u32 \
+   match ip protocol 6 0xff \
+   match u8 0x05 0x0f at 0 \
+   match u16 0x0000 0xffc0 at 2 \
+   match u8 0x10 0xff at 33 \
+   flowid 1:10
+
+# our tunnel to mms is "interactive"
+my_tc filter add dev $DEV parent 1: protocol ip prio 10 u32 \
+	match ip dst 193.103.161.61/32 flowid 1:10
+my_tc filter add dev $DEV parent 1: protocol ip prio 10 u32 \
+	match ip dst 194.97.108.53/32 flowid 1:10
+
+# rest is 'non-interactive' ie 'bulk' and ends up in 1:20
+
+# some traffic however suffers a worse fate
+for a in $NOPRIOPORTDST
+do
+	my_tc filter add dev $DEV parent 1: protocol ip prio 14 u32 \
+	   match ip dport $a 0xffff flowid 1:30
+done
+
+for a in $NOPRIOPORTSRC
+do
+ 	my_tc filter add dev $DEV parent 1: protocol ip prio 15 u32 \
+	   match ip sport $a 0xffff flowid 1:30
+done
+
+for a in $NOPRIOHOSTSRC
+do
+ 	my_tc filter add dev $DEV parent 1: protocol ip prio 16 u32 \
+	   match ip src $a flowid 1:30
+done
+
+for a in $NOPRIOHOSTDST
+do
+ 	my_tc filter add dev $DEV parent 1: protocol ip prio 17 u32 \
+	   match ip dst $a flowid 1:30
+done
+
+# rest is 'non-interactive' ie 'bulk' and ends up in 1:20
+
+my_tc filter add dev $DEV parent 1: protocol ip prio 18 u32 \
+   match ip dst 0.0.0.0/0 flowid 1:20
+
+
+########## downlink #############
+# slow downloads down to somewhat less than the real speed  to prevent 
+# queuing at our ISP. Tune to see how high you can set it.
+# ISPs tend to have *huge* queues to make sure big downloads are fast
+#
+# attach ingress policer:
+
+my_tc qdisc add dev $DEV handle ffff: ingress
+
+# filter *everything* to it (0.0.0.0/0), drop everything that's
+# coming in too fast:
+
+my_tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip src \
+   0.0.0.0/0 police rate ${DOWNLINK}kbit burst 10k drop flowid :1
+
+

noc/configs/inittab

@@ -0,0 +1,70 @@
+# /etc/inittab: init(8) configuration.
+# $Id: inittab,v 1.91 2002/01/25 13:35:21 miquels Exp $
+
+# The default runlevel.
+id:2:initdefault:
+
+# Boot-time system configuration/initialization script.
+# This is run first except when booting in emergency (-b) mode.
+si::sysinit:/etc/init.d/rcS
+
+# What to do in single-user mode.
+~~:S:wait:/sbin/sulogin
+
+# /etc/init.d executes the S and K scripts upon change
+# of runlevel.
+#
+# Runlevel 0 is halt.
+# Runlevel 1 is single-user.
+# Runlevels 2-5 are multi-user.
+# Runlevel 6 is reboot.
+
+l0:0:wait:/etc/init.d/rc 0
+l1:1:wait:/etc/init.d/rc 1
+l2:2:wait:/etc/init.d/rc 2
+l3:3:wait:/etc/init.d/rc 3
+l4:4:wait:/etc/init.d/rc 4
+l5:5:wait:/etc/init.d/rc 5
+l6:6:wait:/etc/init.d/rc 6
+# Normally not reached, but fallthrough in case of emergency.
+z6:6:respawn:/sbin/sulogin
+
+# What to do when CTRL-ALT-DEL is pressed.
+ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
+
+# Action on special keypress (ALT-UpArrow).
+#kb::kbrequest:/bin/echo "Keyboard Request--edit /etc/inittab to let this work."
+
+# What to do when the power fails/returns.
+pf::powerwait:/etc/init.d/powerfail start
+pn::powerfailnow:/etc/init.d/powerfail now
+po::powerokwait:/etc/init.d/powerfail stop
+
+# /sbin/getty invocations for the runlevels.
+#
+# The "id" field MUST be the same as the last
+# characters of the device (after "tty").
+#
+# Format:
+#  <id>:<runlevels>:<action>:<process>
+#
+# Note that on most Debian systems tty7 is used by the X Window System,
+# so if you want to add more getty's go ahead but skip tty7 if you run X.
+#
+1:2345:respawn:/sbin/getty 38400 tty1
+2:23:respawn:/sbin/getty 38400 tty2
+3:23:respawn:/sbin/getty 38400 tty3
+4:23:respawn:/sbin/getty 38400 tty4
+5:23:respawn:/sbin/getty 38400 tty5
+6:23:respawn:/sbin/getty 38400 tty6
+
+# Example how to put a getty on a serial line (for a terminal)
+#
+T0:23:respawn:/sbin/getty -L ttyS0 9600 vt100
+#T1:23:respawn:/sbin/getty -L ttyS1 9600 vt100
+
+# Example how to put a getty on a modem line.
+#
+#T3:23:respawn:/sbin/mgetty -x0 -s 57600 ttyS3
+
+s:23:respawn:/usr/bin/tail -F /var/log/squid/access.log /var/log/syslog >/dev/tty1 2>&1

noc/configs/modules

@@ -0,0 +1,9 @@
+# /etc/modules: kernel modules to load at boot time.
+#
+# This file should contain the names of kernel modules that are
+# to be loaded at boot time, one per line.  Comments begin with
+# a "#", and everything on the line after them are ignored.
+ipv6
+capability
+e100
+e1000

noc/configs/network/if-down.d/openvpn

@@ -0,0 +1,11 @@
+#!/bin/sh
+
+OPENVPN=/etc/init.d/openvpn
+
+if [ ! -x $OPENVPN ]; then
+  exit 0
+fi
+
+if [ -n "$IF_OPENVPN" ]; then
+  $OPENVPN stop $IF_OPENVPN
+fi

noc/configs/network/if-post-down.d/vlan

@@ -0,0 +1,27 @@
+#!/bin/sh
+
+# If IFACE is an automagic vlan interface (without the vlan-raw-device
+# parameter) then let's try to discover the magic here..  Another way would be
+# to just probe for the right device name in /proc/net/vlan
+
+case "$IFACE" in
+	eth*.0*)
+		IF_VLAN_RAW_DEVICE=`echo $IFACE|sed "s/\(eth[0-9][0-9]*\)\..*/\1/"`
+		;;
+	eth*.*)
+		IF_VLAN_RAW_DEVICE=`echo $IFACE|sed "s/\(eth[0-9][0-9]*\)\..*/\1/"`
+		;;
+	*)	exit 0
+		;;
+esac
+
+if [ -z "$IF_VLAN_RAW_DEVICE" ]
+then
+	exit 0
+fi
+if [ ! -x /sbin/vconfig ]
+then
+  exit 0
+fi
+
+vconfig rem $IFACE

noc/configs/network/if-pre-up.d/vlan

@@ -0,0 +1,47 @@
+#!/bin/sh
+
+# Most of this stuff is to enable vlans
+
+case "$IFACE" in
+	vlan0*)
+		vconfig set_name_type VLAN_PLUS_VID
+		VLANID=`echo $IFACE|sed "s/vlan0*//"`
+		;;
+	vlan*)
+		vconfig set_name_type VLAN_PLUS_VID_NO_PAD
+		VLANID=`echo $IFACE|sed "s/vlan0*//"`
+		;;
+	eth*.0*)
+		vconfig set_name_type DEV_PLUS_VID
+		VLANID=`echo $IFACE|sed "s/eth[0-9][0-9]*\.0*//g"`
+		IF_VLAN_RAW_DEVICE=`echo $IFACE|sed "s/\(eth[0-9][0-9]*\)\..*/\1/"`
+		;;
+	eth*.*)
+		vconfig set_name_type DEV_PLUS_VID_NO_PAD
+		VLANID=`echo $IFACE|sed "s/eth[0-9][0-9]*\.0*//g"`
+		IF_VLAN_RAW_DEVICE=`echo $IFACE|sed "s/\(eth[0-9][0-9]*\)\..*/\1/"`
+		;;
+	*)	exit 0
+		;;
+esac
+
+if [ -n "$IF_VLAN_RAW_DEVICE" ]
+then
+	if [ ! -x /sbin/vconfig ]
+	then
+	  exit 0
+	fi
+	if ! ip link show dev "$IF_VLAN_RAW_DEVICE" > /dev/null
+	then
+		echo "$IF_VLAN_RAW_DEVICE does not exist, unable to create $IFACE"
+		exit 1
+	fi
+	ip link set up dev $IF_VLAN_RAW_DEVICE
+	vconfig add $IF_VLAN_RAW_DEVICE $VLANID
+fi
+
+# This is not vlan specific, and should actually go somewhere else.
+if [ -n "$IF_HW_MAC_ADDRESS" ]
+then
+	ip link set $IFACE address $IF_HW_MAC_ADDRESS
+fi

noc/configs/network/if-up.d/ip

@@ -0,0 +1,18 @@
+#!/bin/sh
+# This should probably go into ifupdown
+# But usually only those with lots of interfaces (vlans) need these
+if [ -d /proc/sys/net/ipv4/conf/$IFACE ]
+then
+	if [ -n "$IF_IP_PROXY_ARP" ] && [ "$IF_IP_PROXY_ARP" -eq "1" ]
+	then
+		echo 1 > /proc/sys/net/ipv4/conf/$IFACE/proxy_arp
+	else
+		echo 0 > /proc/sys/net/ipv4/conf/$IFACE/proxy_arp
+	fi
+	if [ -n "$IF_IP_RP_FILTER" ] && [ "$IF_IP_RP_FILTER" -eq "0" ]
+	then
+		echo 0 > /proc/sys/net/ipv4/conf/$IFACE/rp_filter
+	else
+		echo 1 > /proc/sys/net/ipv4/conf/$IFACE/rp_filter
+	fi
+fi

noc/configs/network/if-up.d/ntp-server

@@ -0,0 +1,10 @@
+#!/bin/sh
+
+# remove (or comment out) the next line if your network addresses change
+exit 0
+
+case $IFACE in
+	eth*)
+		/etc/init.d/ntp-server restart
+		;;
+esac

noc/configs/network/if-up.d/openvpn

@@ -0,0 +1,11 @@
+#!/bin/sh
+
+OPENVPN=/etc/init.d/openvpn
+
+if [ ! -x $OPENVPN ]; then
+  exit 0
+fi
+
+if [ -n "$IF_OPENVPN" ]; then
+  $OPENVPN start $IF_OPENVPN
+fi

noc/configs/network/ifstate

@@ -0,0 +1,7 @@
+lo=lo
+bond0=bond0
+vlan24=vlan24
+vlan22=vlan22
+vlan25=vlan25
+vlan42=vlan42
+vlan23=vlan23

noc/configs/network/interfaces

@@ -0,0 +1,88 @@
+#/etc/network/interfaces -- configuration file for ifup(8), ifdown(8)
+
+# The loopback interface
+auto lo
+iface lo inet loopback
+
+# The first network card - this entry was created during the Debian installation
+# (network, broadcast and gateway are optional)
+#auto eth1
+#iface eth1 inet static
+#	address 192.168.178.2
+#	netmask 255.255.255.0
+#	network 192.168.178.0
+#	broadcast 192.168.178.255
+#	gateway 192.168.178.1
+
+
+auto bond0
+iface bond0 inet static
+	pre-up /sbin/modprobe bonding mode=802.3ad
+	up /sbin/ifenslave bond0 eth0
+	up /sbin/ifenslave bond0 eth1
+	address 172.16.0.1
+	broadcast 172.16.3.255
+	netmask 255.255.252.0
+
+iface bond0 inet6 static
+	address 2001:748:306::1
+	netmask 64
+
+# WLAN
+auto vlan24
+iface vlan24 inet static
+	vlan_raw_device bond0
+	address 172.16.4.1
+	broadcast 172.16.8.255
+	netmask 255.255.252.0
+
+iface vlan24 inet6 static
+	address 2001:748:306:24::1
+	netmask 64
+
+# pptp
+auto vlan22
+iface vlan22 inet static
+	vlan_raw_device bond0
+	address 192.168.178.2
+	netmask 255.255.255.0
+
+iface vlan22 inet6 static
+	address 2001:748:306:22::1
+	netmask 64
+
+# freifunk
+auto vlan23
+iface vlan23 inet static
+	vlan_raw_device bond0
+	address 10.112.23.1
+	netmask 255.255.255.255
+
+iface vlan23 inet6 static
+	address 2001:748:306:23::1
+	netmask 64
+
+# NOC
+auto vlan42
+iface vlan42 inet static
+	vlan_raw_device bond0
+	address 172.16.42.1
+	broadcast 172.16.42.255
+	netmask 255.255.255.0
+	up /usr/local/bin/network-foo
+
+iface vlan42 inet6 static
+	address 2001:748:306:42::1
+	netmask 64
+
+# AFU Druck
+auto vlan25
+iface vlan25 inet static
+	vlan_raw_device bond0
+	address 172.16.25.1
+	broadcast 172.16.25.255
+	netmask 255.255.255.0
+
+iface vlan25 inet6 static
+	address 2001:748:306:25::1
+	netmask 64

noc/configs/network/options

@@ -0,0 +1,3 @@
+ip_forward=yes
+spoofprotect=yes
+syncookies=no

noc/configs/olsrd.conf

@@ -0,0 +1,272 @@
+#
+# olsr.org OLSR daemon config file
+#
+# Lines starting with a # are discarded
+#
+# This file was shipped with olsrd 0.X.X
+#
+
+# Debug level(0-9)
+# If set to 0 the daemon runs in the background
+
+DebugLevel	2
+
+# IP version to use (4 or 6)
+
+IpVersion	4
+
+# HNA IPv4 routes
+# syntax: netaddr netmask
+# Example Internet gateway:
+# 0.0.0.0 0.0.0.0
+
+Hna4
+{
+#   Internet gateway:
+   0.0.0.0      0.0.0.0
+   172.16.0.0	255.255.252.0
+   172.16.4.0	255.255.252.0
+   172.16.25.0	255.255.255.0
+   172.16.42.0	255.255.255.0
+#   more entries can be added:
+#   192.168.1.0  255.255.255.0
+}
+
+# HNA IPv6 routes
+# syntax: netaddr prefix
+# Example Internet gateway:
+Hna6
+{
+#   Internet gateway:
+#   ::              0
+#   more entries can be added:
+#   fec0:2200:106:: 48
+}
+
+
+# Should olsrd keep on running even if there are
+# no interfaces available? This is a good idea
+# for a PCMCIA/USB hotswap environment.
+# "yes" OR "no"
+
+AllowNoInt	yes
+
+# TOS(type of service) value for
+# the IP header of control traffic.
+# If not set it will default to 16
+
+#TosValue	16
+
+# The fixed willingness to use(0-7)
+# If not set willingness will be calculated
+# dynamically based on battery/power status
+# if such information is available
+
+#Willingness    	4
+
+# Allow processes like the GUI front-end
+# to connect to the daemon.
+
+IpcConnect
+{
+     # Determines how many simultaneously
+     # IPC connections that will be allowed
+     # Setting this to 0 disables IPC
+
+     MaxConnections  8
+
+     # By default only 127.0.0.1 is allowed
+     # to connect. Here allowed hosts can
+     # be added
+
+     #Host            127.0.0.1
+     #Host            10.0.0.5
+
+     # You can also specify entire net-ranges 
+     # that are allowed to connect. Multiple
+     # entries are allowed
+
+     #Net             192.168.1.0 255.255.255.0     
+     Net 172.16.42.0 255.255.255.0
+}
+
+# Wether to use hysteresis or not
+# Hysteresis adds more robustness to the
+# link sensing but delays neighbor registration.
+# Used by default. 'yes' or 'no'
+
+UseHysteresis	no
+
+# Hysteresis parameters
+# Do not alter these unless you know 
+# what you are doing!
+# Set to auto by default. Allowed
+# values are floating point values
+# in the interval 0,1
+# THR_LOW must always be lower than
+# THR_HIGH.
+
+#HystScaling	0.50
+#HystThrHigh	0.80
+#HystThrLow	0.30
+
+
+# Link quality level
+# 0 = do not use link quality
+# 1 = use link quality for MPR selection
+# 2 = use link quality for MPR selection and routing
+# Defaults to 0
+
+LinkQualityLevel	2
+
+# Link quality window size
+# Defaults to 10
+
+#LinkQualityWinSize	10
+
+# Polling rate in seconds(float). 
+# Default value 0.05 sec
+
+Pollrate	0.05
+
+
+# TC redundancy
+# Specifies how much neighbor info should
+# be sent in TC messages
+# Possible values are:
+# 0 - only send MPR selectors
+# 1 - send MPR selectors and MPRs
+# 2 - send all neighbors
+#
+# defaults to 0
+
+TcRedundancy	2
+
+
+#
+# MPR coverage
+# Specifies how many MPRs a node should
+# try select to reach every 2 hop neighbor
+#
+# Can be set to any integer >0
+#
+# defaults to 1
+
+#MprCoverage	1
+
+
+# Olsrd plugins to load
+# This must be the absolute path to the file
+# or the loader will use the following scheme:
+# - Try the paths in the LD_LIBRARY_PATH 
+#   environment variable.
+# - The list of libraries cached in /etc/ld.so.cache
+# - /lib, followed by /usr/lib
+
+# Example plugin entry with parameters:
+
+LoadPlugin "olsrd_dyn_gw.so.0.3"
+{
+    # Here parameters are set to be sent to the
+    # plugin. Theese are on the form "key" "value".
+    # Parameters ofcause, differs from plugin to plugin.
+    # Consult the documentation of your plugin for details.
+
+    # Example: dyn_gw params
+
+    # how often to check for Internet connectivity
+    # defaults to 5 secs
+    PlParam     "Interval"   "5"
+    
+    # if one or more IPv4 addresses are given, do a ping on these in
+    # descending order to validate that there is not only an entry in
+    # routing table, but also a real internet connection. If any of
+    # these addresses could be pinged successfully, the test was
+    # succesful, i.e. if the ping on the 1st address was successful,the
+    # 2nd won't be pinged
+    PlParam	"Ping"       "212.12.48.122"
+    PlParam     "Ping"       "141.1.1.1"
+    PlParam     "Ping"       "194.25.2.129"
+}
+
+LoadPlugin "olsrd_dot_draw.so.0.3"
+{
+}
+
+
+# Interfaces and their rules
+# Omitted options will be set to the
+# default values. Multiple interfaces
+# can be specified in the same block
+# and multiple blocks can be set.
+
+# !!CHANGE THE INTERFACE LABEL(s) TO MATCH YOUR INTERFACE(s)!!
+# (eg. wlan0 or eth1):
+
+Interface "vlan23"
+{
+
+    # IPv4 broadcast address to use. The
+    # one usefull example would be 255.255.255.255
+    # If not defined the broadcastaddress
+    # every card is configured with is used
+
+    Ip4Broadcast		255.255.255.255
+
+    # IPv6 address scope to use.
+    # Must be 'site-local' or 'global'
+
+    # Ip6AddrType		site-local
+
+    # IPv6 multicast address to use when
+    # using site-local addresses.
+    # If not defined, ff05::15 is used
+
+    # Ip6MulticastSite		ff05::11
+
+    # IPv6 multicast address to use when
+    # using global addresses
+    # If not defined, ff0e::1 is used
+
+    # Ip6MulticastGlobal	ff0e::1
+
+
+    # Emission intervals.
+    # If not defined, RFC proposed values will
+    # be used in most cases.
+
+    # Hello interval in seconds(float)
+    # HelloInterval    2.0
+
+    # HELLO validity time
+    # HelloValidityTime	6.0
+
+    # TC interval in seconds(float)
+    # TcInterval        5.0
+
+    # TC validity time
+    # TcValidityTime	15.0
+
+    # MID interval in seconds(float)
+    # MidInterval	5.0
+
+    # MID validity time
+    # MidValidityTime	15.0
+
+    # HNA interval in seconds(float)
+    # HnaInterval	5.0
+
+    # HNA validity time
+    # HnaValidityTime 	15.0
+
+    # When multiple links exist between hosts
+    # the weight of interface is used to determine
+    # the link to use. Normally the weight is
+    # automatically calculated by olsrd based
+    # on the characteristics of the interface,
+    # but here you can specify a fixed value.
+    # Olsrd will choose links with the lowest value.
+
+    # Weight 0
+}
+

noc/configs/passwd

@@ -0,0 +1,25 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+postgres:x:31:32:postgres:/var/lib/postgres:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+operator:x:37:37:Operator:/var:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+sshd:x:100:65534::/var/run/sshd:/bin/false
+noc:x:1000:1000:,,,:/home/noc:/bin/bash
+bind:x:1001:1001:bind user:/var/named:/bin/bash
+ntp:x:103:103::/home/ntp:/bin/false
+radvd:x:101:65534::/var/run/radvd:/bin/false

noc/configs/radvd.conf

@@ -0,0 +1,51 @@
+interface bond0
+{
+   AdvSendAdvert on;
+   prefix 2001:748:306::1/64
+   {
+   };
+};   
+
+interface vlan22
+{
+   AdvSendAdvert on;
+   prefix 2001:748:306:22::1/64
+   {
+   };
+};   
+
+
+interface vlan23
+{
+   AdvSendAdvert on;
+   prefix 2001:748:306:23::1/64
+   {
+   };
+};   
+
+
+interface vlan24
+{
+   AdvSendAdvert on;
+   prefix 2001:748:306:24::1/64
+   {
+   };
+};
+
+
+interface vlan42
+{
+   AdvSendAdvert on;
+   prefix 2001:748:306:42::1/64
+   {
+   };
+};   
+
+
+interface vlan25
+{
+   AdvSendAdvert on;
+   prefix 2001:748:306:25::1/64
+   {
+   };
+};   

noc/configs/resolv.conf

@@ -0,0 +1,4 @@
+search easterhegg.de
+nameserver 127.0.0.1
+nameserver 172.16.0.1
+

noc/configs/shadow

@@ -0,0 +1,24 @@
+root:sxYXG0nuLEgFg:12862:0:99999:7:::
+daemon:*:12862:0:99999:7:::
+bin:*:12862:0:99999:7:::
+sys:*:12862:0:99999:7:::
+sync:*:12862:0:99999:7:::
+games:*:12862:0:99999:7:::
+man:*:12862:0:99999:7:::
+lp:*:12862:0:99999:7:::
+mail:*:12862:0:99999:7:::
+news:*:12862:0:99999:7:::
+uucp:*:12862:0:99999:7:::
+proxy:*:12862:0:99999:7:::
+postgres:*:12862:0:99999:7:::
+www-data:*:12862:0:99999:7:::
+backup:*:12862:0:99999:7:::
+operator:*:12862:0:99999:7:::
+list:*:12862:0:99999:7:::
+irc:*:12862:0:99999:7:::
+gnats:*:12862:0:99999:7:::
+nobody:*:12862:0:99999:7:::
+sshd:!:12862:0:99999:7:::
+noc:$1$zxg9hnVF$t.6zKVVLji4/u/JoKm6dW1:12865:0:99999:7:::
+ntp:!:12868:0:99999:7:::
+radvd:!:12868:0:99999:7:::

noc/configs/sudoers

@@ -0,0 +1,16 @@
+# /etc/sudoers
+#
+# This file MUST be edited with the 'visudo' command as root.
+#
+# See the man page for details on how to write a sudoers file.
+#
+
+# Host alias specification
+
+# User alias specification
+
+# Cmnd alias specification
+
+# User privilege specification
+root	ALL=(ALL) ALL
+noc	ALL=(ALL) ALL

noc/configs/sysctl.conf

@@ -0,0 +1,26 @@
+#
+# /etc/sysctl.conf - Configuration file for setting system variables
+# See sysctl.conf (5) for information.
+#
+# Be warned that /etc/init.d/procps is executed to set the following
+# variables.  However, after that, /etc/init.d/networking sets some
+# network options with builtin values.  These values may be overridden
+# using /etc/network/options.
+
+#kernel.domainname = example.com
+#net/ipv4/icmp_echo_ignore_broadcasts=1
+/proc/sys/net/ipv6/conf/all/forwarding=1
+/proc/sys/net/ipv6/conf/default/forwarding=1
+vm.swappiness = 0
+net.ipv4.tcp_rmem=4096 87380 174760
+net.ipv4.tcp_wmem=4096 16384 131072
+net.core.somaxconn=1024
+net.ipv4.tcp_max_syn_backlog=1024
+net.ipv4.tcp_moderate_rcvbuf=1
+vm.vfs_cache_pressure=100
+vm.overcommit_ratio=0
+vm.dirty_background_ratio=2
+vm.dirty_ratio=6
+vm.dirty_writeback_centisecs=250
+vm.dirty_expire_centisecs=1000
+vm.min_free_kbytes=16384

noc/configs/syslog.conf

@@ -0,0 +1,73 @@
+#  /etc/syslog.conf	Configuration file for syslogd.
+#
+#			For more information see syslog.conf(5)
+#			manpage.
+
+#
+# First some standard logfiles.  Log by facility.
+#
+
+auth,authpriv.*			/var/log/auth.log
+#*.*;auth,authpriv.none		-/var/log/syslog
+*.*				-/var/log/syslog
+#cron.*				/var/log/cron.log
+daemon.*			-/var/log/daemon.log
+kern.*				-/var/log/kern.log
+lpr.*				-/var/log/lpr.log
+mail.*				-/var/log/mail.log
+user.*				-/var/log/user.log
+uucp.*				/var/log/uucp.log
+
+#
+# Logging for the mail system.  Split it up so that
+# it is easy to write scripts to parse these files.
+#
+mail.info			-/var/log/mail.info
+mail.warn			-/var/log/mail.warn
+mail.err			/var/log/mail.err
+
+# Logging for INN news system
+#
+news.crit			/var/log/news/news.crit
+news.err			/var/log/news/news.err
+news.notice			-/var/log/news/news.notice
+
+#
+# Some `catch-all' logfiles.
+#
+*.=debug;\
+	auth,authpriv.none;\
+	news.none;mail.none	-/var/log/debug
+*.=info;*.=notice;*.=warn;\
+	auth,authpriv.none;\
+	cron,daemon.none;\
+	mail,news.none		-/var/log/messages
+
+#
+# Emergencies are sent to everybody logged in.
+#
+*.emerg				*
+
+#
+# I like to have messages displayed on the console, but only on a virtual
+# console I usually leave idle.
+#
+#daemon,mail.*;\
+#	news.=crit;news.=err;news.=notice;\
+#	*.=debug;*.=info;\
+#	*.=notice;*.=warn	/dev/tty8
+
+# The named pipe /dev/xconsole is for the `xconsole' utility.  To use it,
+# you must invoke `xconsole' with the `-file' option:
+# 
+#    $ xconsole -file /dev/xconsole [...]
+#
+# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
+#      busy site..
+#
+daemon.*;mail.*;\
+	news.crit;news.err;news.notice;\
+	*.=debug;*.=info;\
+	*.=notice;*.=warn	|/dev/xconsole
+
+#*.*		/dev/tty1

noc/configs/tinc/chaos.first/rsa_key.priv

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCfFAeEtiohbBCOuH3yuJHBtPN2OHM+uJZJSqAdYAO9tFSPsJ7I
+lCQFxRIL673GbhqkkzzOWiljDEZZay4wX9GzTaTuuvxrjfhdDvabfEOPTRfOu7jV
+/ihzbhZtXaY7oH9wyKb825lhN4t1gGFN8nfc9ywQNSLmdtat9VmrqfjDzQIDAQAB
+AoGAJ2KsId2APNoml09yT4AHBnCovqJnViYZf3fsgJlfE77sGM9f4MVczdjnCPCL
+AfAMxKZ3rZeBG7bUTBtPSkbPAjPJ//zT4kNWFLZC93HdzSeeEmSCF+vE7L6xjzku
+fwpx/8J9LMLlp96BLtlfPXk4gDA+q858EW0Q1prQBQV7GEECQQDODY9qaVcU3cv2
+/wNeTuWve8wARDKiC2ucFE2RzvDnpcuR+Am5dkfUTTlJTf/Ffdc2M4E7YfwAa1J9
+IAcilM3lAkEAxaN+IVb7vy4xWjx7W5/sVKLz1FgjSHkpNfeuWMxm8sR4HWTHBPFb
+hd+E+HhkWeD6Sa6gP8ZIEPfXnBexYRz/yQJBAKU7xofklUpMWiVldgQIbLN+KKcG
+CTxcwBxXQ6TrN8/q6gXRy6qHqS4cBxY7kCGEujHit30xI+4KIgnoxw/6F+kCQGh2
+kiRtJYNXlx5q+YjkbrYNq3OBYqTb5bxwveaRo5iN4C8pJUinigiorE/o0qHvGFv5
+wRn0ZAMT/RK0Mz1xZoECQBwOMieJcswrcI2OgY3Ejw+nLf5u4ZbahRFrnHWT0FoN
+hBW4Dff5jso/K+weYETZUpdwWb9jv8+4ULGt1wiJ8sc=
+-----END RSA PRIVATE KEY-----

noc/configs/tinc/chaos.first/rsa_key.pub

@@ -0,0 +1,5 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAJ8UB4S2KiFsEI64ffK4kcG083Y4cz64lklKoB1gA720VI+wnsiUJAXF
+EgvrvcZuGqSTPM5aKWMMRllrLjBf0bNNpO66/GuN+F0O9pt8Q49NF867uNX+KHNu
+Fm1dpjugf3DIpvzbmWE3i3WAYU3yd9z3LBA1IuZ21q31Waup+MPNAgMBAAE=
+-----END RSA PUBLIC KEY-----

noc/configs/tinc/chaos.old/hosts/alioshome

@@ -0,0 +1,14 @@
+Address=alios.dyndns.org
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.8.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAL6nQVPgKAXdt+sFsXR2b/f+DFLJDT7ENuB6fpBdosAI06UIlIov47AT
+0hIwhStixzBg1PlKi2QhqRQvGvX6rxWBb2rPU3lsHCOrG4jR+LaPs/fRLMd3nh/K
+jiH/QmbM0jn7Foms/Rladp8PJx4ZOFP1ACxnWslE/15BxqynxVeZAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/ccchh

@@ -0,0 +1,16 @@
+Address=fwhh.hamburg.ccc.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=4200
+Subnet=192.168.16.0/23
+Subnet=192.168.20.0/23
+Subnet=192.168.0.64/26
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAKH0hS1wybu+D8DF5kOy6dirIlzhdlL0Z26G/S9JPJ4H3keDOdH3tEE/
+81D9S1IiHEkGgLFdJt6PS/mnBPaKInnV4OIS59l9eCZAVg432bb77JMSY0IWibcD
+mBZLQFrWTX4Tc8bd0C1UrIslr9PbO5gxEtKSaWsujsah2QOtVaN3AgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/dew

@@ -0,0 +1,14 @@
+Address=home.ainex.net
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.13.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBALNiHGhNitniabwXpVRkSkULd5+qS3oLLung9kSD/cwIPgmJEaCLrmdF
+iVKcTKYRB7OIc7zv2Ss0eIhUHoD7FzwVYTO1hi/8hqrrUzTC6nN2HU3Rj7+M2724
+ZpE3Q3/my5W2rk6E9MWooWKIMSI5l1Uf6TF3XVhKym3wyk6bg8PXAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/eh2005

@@ -0,0 +1,17 @@
+Address=does.not.exist.example
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=172.16.0.0/22
+Subnet=172.16.4.0/22
+Subnet=172.16.42.0/24
+Subnet=10.112.0.0/12
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAJ8UB4S2KiFsEI64ffK4kcG083Y4cz64lklKoB1gA720VI+wnsiUJAXF
+EgvrvcZuGqSTPM5aKWMMRllrLjBf0bNNpO66/GuN+F0O9pt8Q49NF867uNX+KHNu
+Fm1dpjugf3DIpvzbmWE3i3WAYU3yd9z3LBA1IuZ21q31Waup+MPNAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/haegarhome

@@ -0,0 +1,14 @@
+Address=gate.sdinet.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.18.0/23
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAMEEsKaNa8fq6+Z31Iy4pNwJub1Ncu1y/+Ngnldh6eC5TlgTsMa1qRfZ
+8i+vuNlC8UlXT43vGAdNuP/AJTQgjQWnSt2qlDRQyVE0RkdOnQPecTJckwzcceOv
+C76sLaA199ZtPlJl+W7Ft6SMs5UFCBhDpnUUD9GkrLuywHgZ6bpJAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/haegarwork

@@ -0,0 +1,14 @@
+Address=mercury.sdinet.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.0.99/32
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAJ3k2XMp+ryAsyDlRpTgffZGjSTE4kp2haX3Ax55CN/e7q+IG1yHvK2R
+M2v0WHh8e59Hb7IX86J7U6ZOO/7GQ8bkUZD9ntmyRjeIZ4XuF4X8Q5t7zZ6TEm8G
+lkh+IiZ3NlFRWdzVNLybQIluJsPIr/7rA3xet9IPUpm8sBgTcbwXAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/lardass

@@ -0,0 +1,15 @@
+Address=lardass.arles-electrique.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=10.6.65.0/24
+Subnet=10.6.66.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAMxqMzKqWX4e7mtiRVHnOWTkV7nxwsdgMZVkzx9ATG/9ew1CF6kOHjrq
+C4RsWpeuHMiQLUG3xF0Prajh5MXsqS7sP7Zn/6z3t3f1mqDLfBtx2e+6LqBs9j1W
+VkNcGI29ibDLYHcdjNejQfwPA+4JKfrq2T0Dzf3xWpMIHrcrLEOXAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/packbarthome

@@ -0,0 +1,22 @@
+Address=gw23.formularfetischisten.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=10.42.0.0/16
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIICCgKCAgEA7hNnj1THT0JCUPM2gEcF5Mrwj6onlBixFYZnbhNMssNAIhlP5Tvb
+7dNWhwnvBtCFCqEW8jnf9sD4+gJcp8vsiWmM8EQMGWuPkqqc+0TCyQKGb7ylbrNM
+4n7tzdJX18LEm5TnxQieBinnkYPTkNy8xzgQPe+SwyMwg6ECDIyBwJ5GaeyIjqME
+ZuVbvB81GJej2WGqSMlfZPGpGvriDrU0271S7NmAtfbzeuCGzFd877hcDx52YvzT
+SDqdFwtO+lEhbfaKzrPS96M3Jj+FyH2NC19NL93Kln4ZDdKZWSzvRwv1loFWDuZ0
+lrZC/Zk/sUSkxM1qQlXAi2wRVnQzl21j0saismra80eKEnv8f0rIbYfJFg4l5PUs
+eN7x5AriCR2wSyvuI6SkB7N3QxCSG2OWlTR8jqVd0iCgWum8+jQwvV9jCJBZYgEB
+xU85IjfH7yptd39LYJRsQcm58RTco3oO2VTBJ7uQZuIINVPjmp4cIeiF0r4O2WYf
+cA8FMX8IbUQAqwAte3J9AtfYcB8nXOsf2uBR+QoEnFf1n2R2vtzSuSTlEeTOD4MJ
+qv+4aFqbRMwR/cYTK4krYxJPSk8ZD/boFXcMPc6jud6MjA7PGEw1DKV4lhJ7pPRJ
+rgX/xUxmGNhwQEynunP6SWscg/7UFFDqanC/Pv6X7AR2VfmiLpJ66/cCAwEAAQ==
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/pescoheim

@@ -0,0 +1,14 @@
+Address=pesco.dyndns.org
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.9.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAOGdQo3wBi8pDtMe8IstjmWx5kKOKheTOjdPoLX4Qkr9bOhJb7NxalPV
+5Ub5BFR51kDafnSPaXtQGMkKgSD6NAXK4LF1Tvsnbr2/za38Zv9YCsoD+HiM9Vz8
+6eO6UpGkvHjXcKHsJbEa9jUnvOOFf7U23UijYgjbrkggckHojTxdAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/redbaron

@@ -0,0 +1,14 @@
+Address=redcastle.mine.nu
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=10.47.11.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBALzcRKUSeEX/qHAJIqDnC+MfYD7F78ftdvOGDvYyzvHpNAlRyMZTea6V
+hnxgD3aJSM/MB80XZcdTOHLShYmAehZhfLph82oT0W8bAh+58RUgorYeYit5qvC5
+tNXV/zI8OFCfc08ttmK2Zb0Mqeh13OXzk2Un3gqgWeWauep6wBp1AgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/turing

@@ -0,0 +1,14 @@
+Address=turing.hamburg.ccc.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=4200
+Subnet=192.168.0.98/32
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAMeWu6JQGmHwalirbG6rSP+wLRNb+9H0wR89PM0s6OulzmRwZYESZXdU
+AXiY02+Y9YdkhHZ9b8UGfoL7g6jr3YC1aB5rGU7oOojGUGLO85K4nnd+FxzccY8K
+LyCdqkcLudLEP4SmgbKZgsBebR+46CKbnavXZ+l8KLYzQgWfA0kXAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/znet

@@ -0,0 +1,14 @@
+Address=prometheus.datenknoten.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.23.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAMHRsCzBgOvkCokphctbdX11P6MtwWIhaTHmI8BHhDN73Ch384KTFdqA
+gGsDkp2QoH2PvFRolOi1NjFuSSJfcGJdvEGa4R/bMhUF2LWTO2VIr3JIA0VsRS+8
+LXe+GpXURFgb9/cenjdzKWYLeksT1g/Y6MAgsl1MAdGFmOtNFc+zAgMBAAE=
+-----END RSA PUBLIC KEY-----  
+

noc/configs/tinc/chaos.old/rsa_key.priv

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCfFAeEtiohbBCOuH3yuJHBtPN2OHM+uJZJSqAdYAO9tFSPsJ7I
+lCQFxRIL673GbhqkkzzOWiljDEZZay4wX9GzTaTuuvxrjfhdDvabfEOPTRfOu7jV
+/ihzbhZtXaY7oH9wyKb825lhN4t1gGFN8nfc9ywQNSLmdtat9VmrqfjDzQIDAQAB
+AoGAJ2KsId2APNoml09yT4AHBnCovqJnViYZf3fsgJlfE77sGM9f4MVczdjnCPCL
+AfAMxKZ3rZeBG7bUTBtPSkbPAjPJ//zT4kNWFLZC93HdzSeeEmSCF+vE7L6xjzku
+fwpx/8J9LMLlp96BLtlfPXk4gDA+q858EW0Q1prQBQV7GEECQQDODY9qaVcU3cv2
+/wNeTuWve8wARDKiC2ucFE2RzvDnpcuR+Am5dkfUTTlJTf/Ffdc2M4E7YfwAa1J9
+IAcilM3lAkEAxaN+IVb7vy4xWjx7W5/sVKLz1FgjSHkpNfeuWMxm8sR4HWTHBPFb
+hd+E+HhkWeD6Sa6gP8ZIEPfXnBexYRz/yQJBAKU7xofklUpMWiVldgQIbLN+KKcG
+CTxcwBxXQ6TrN8/q6gXRy6qHqS4cBxY7kCGEujHit30xI+4KIgnoxw/6F+kCQGh2
+kiRtJYNXlx5q+YjkbrYNq3OBYqTb5bxwveaRo5iN4C8pJUinigiorE/o0qHvGFv5
+wRn0ZAMT/RK0Mz1xZoECQBwOMieJcswrcI2OgY3Ejw+nLf5u4ZbahRFrnHWT0FoN
+hBW4Dff5jso/K+weYETZUpdwWb9jv8+4ULGt1wiJ8sc=
+-----END RSA PRIVATE KEY-----

noc/configs/tinc/chaos.old/rsa_key.pub

@@ -0,0 +1,5 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAJ8UB4S2KiFsEI64ffK4kcG083Y4cz64lklKoB1gA720VI+wnsiUJAXF
+EgvrvcZuGqSTPM5aKWMMRllrLjBf0bNNpO66/GuN+F0O9pt8Q49NF867uNX+KHNu
+Fm1dpjugf3DIpvzbmWE3i3WAYU3yd9z3LBA1IuZ21q31Waup+MPNAgMBAAE=
+-----END RSA PUBLIC KEY-----

noc/configs/tinc/chaos.old/tinc-up

@@ -0,0 +1,16 @@
+#!/bin/sh
+/sbin/ifconfig $INTERFACE 172.16.0.1 netmask 255.255.255.255
+/sbin/ip -4 route add 192.168.23.0/24 dev $INTERFACE
+/sbin/ip -4 route add 192.168.8.0/24 dev $INTERFACE
+/sbin/ip -4 route add 192.168.13.0/24 dev $INTERFACE
+/sbin/ip -4 route add 192.168.0.99/32 dev $INTERFACE
+/sbin/ip -4 route add 192.168.9.0/24 dev $INTERFACE
+/sbin/ip -4 route add 10.6.65.0/24 dev $INTERFACE
+/sbin/ip -4 route add 10.6.66.0/24 dev $INTERFACE
+/sbin/ip -4 route add 192.168.16.0/23 dev $INTERFACE
+/sbin/ip -4 route add 192.168.20.0/23 dev $INTERFACE
+/sbin/ip -4 route add 192.168.0.64/26 dev $INTERFACE
+/sbin/ip -4 route add 192.168.18.0/23 dev $INTERFACE
+/sbin/ip -4 route add 10.42.0.0/16 dev $INTERFACE
+/sbin/ip -4 route add 192.168.0.98/32 dev $INTERFACE
+/sbin/ip -4 route add 10.47.11.0/24 dev $INTERFACE

noc/configs/tinc/chaos.old/tinc.conf

@@ -0,0 +1,17 @@
+AddressFamily=ipv4
+Device=/dev/net/tun
+Interface=chaos_vpn
+Mode=router
+Name=eh2005
+Hostnames=yes
+ConnectTo=znet
+ConnectTo=alioshome
+ConnectTo=dew
+ConnectTo=haegarwork
+ConnectTo=pescoheim
+ConnectTo=lardass
+ConnectTo=ccchh
+ConnectTo=haegarhome
+ConnectTo=packbarthome
+ConnectTo=turing
+ConnectTo=redbaron

noc/configs/tinc/chaos/hosts/alioshome

@@ -0,0 +1,14 @@
+Address=alios.dyndns.org
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.8.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAL6nQVPgKAXdt+sFsXR2b/f+DFLJDT7ENuB6fpBdosAI06UIlIov47AT
+0hIwhStixzBg1PlKi2QhqRQvGvX6rxWBb2rPU3lsHCOrG4jR+LaPs/fRLMd3nh/K
+jiH/QmbM0jn7Foms/Rladp8PJx4ZOFP1ACxnWslE/15BxqynxVeZAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/ccchh

@@ -0,0 +1,16 @@
+Address=fwhh.hamburg.ccc.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=4200
+Subnet=192.168.16.0/23
+Subnet=192.168.20.0/23
+Subnet=192.168.0.64/26
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAKH0hS1wybu+D8DF5kOy6dirIlzhdlL0Z26G/S9JPJ4H3keDOdH3tEE/
+81D9S1IiHEkGgLFdJt6PS/mnBPaKInnV4OIS59l9eCZAVg432bb77JMSY0IWibcD
+mBZLQFrWTX4Tc8bd0C1UrIslr9PbO5gxEtKSaWsujsah2QOtVaN3AgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/dew

@@ -0,0 +1,14 @@
+Address=home.ainex.net
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.13.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBALNiHGhNitniabwXpVRkSkULd5+qS3oLLung9kSD/cwIPgmJEaCLrmdF
+iVKcTKYRB7OIc7zv2Ss0eIhUHoD7FzwVYTO1hi/8hqrrUzTC6nN2HU3Rj7+M2724
+ZpE3Q3/my5W2rk6E9MWooWKIMSI5l1Uf6TF3XVhKym3wyk6bg8PXAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/eh2005

@@ -0,0 +1,17 @@
+Address=does.not.exist.example
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=172.16.0.0/22
+Subnet=172.16.4.0/22
+Subnet=172.16.42.0/24
+Subnet=10.112.0.0/12
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAJ8UB4S2KiFsEI64ffK4kcG083Y4cz64lklKoB1gA720VI+wnsiUJAXF
+EgvrvcZuGqSTPM5aKWMMRllrLjBf0bNNpO66/GuN+F0O9pt8Q49NF867uNX+KHNu
+Fm1dpjugf3DIpvzbmWE3i3WAYU3yd9z3LBA1IuZ21q31Waup+MPNAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/haegarhome

@@ -0,0 +1,14 @@
+Address=gate.sdinet.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.18.0/23
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAMEEsKaNa8fq6+Z31Iy4pNwJub1Ncu1y/+Ngnldh6eC5TlgTsMa1qRfZ
+8i+vuNlC8UlXT43vGAdNuP/AJTQgjQWnSt2qlDRQyVE0RkdOnQPecTJckwzcceOv
+C76sLaA199ZtPlJl+W7Ft6SMs5UFCBhDpnUUD9GkrLuywHgZ6bpJAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/haegarwork

@@ -0,0 +1,14 @@
+Address=mercury.sdinet.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.0.99/32
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAJ3k2XMp+ryAsyDlRpTgffZGjSTE4kp2haX3Ax55CN/e7q+IG1yHvK2R
+M2v0WHh8e59Hb7IX86J7U6ZOO/7GQ8bkUZD9ntmyRjeIZ4XuF4X8Q5t7zZ6TEm8G
+lkh+IiZ3NlFRWdzVNLybQIluJsPIr/7rA3xet9IPUpm8sBgTcbwXAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/lardass

@@ -0,0 +1,15 @@
+Address=lardass.arles-electrique.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=10.6.65.0/24
+Subnet=10.6.66.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAMxqMzKqWX4e7mtiRVHnOWTkV7nxwsdgMZVkzx9ATG/9ew1CF6kOHjrq
+C4RsWpeuHMiQLUG3xF0Prajh5MXsqS7sP7Zn/6z3t3f1mqDLfBtx2e+6LqBs9j1W
+VkNcGI29ibDLYHcdjNejQfwPA+4JKfrq2T0Dzf3xWpMIHrcrLEOXAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/packbarthome

@@ -0,0 +1,22 @@
+Address=gw23.formularfetischisten.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=10.42.0.0/16
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIICCgKCAgEA7hNnj1THT0JCUPM2gEcF5Mrwj6onlBixFYZnbhNMssNAIhlP5Tvb
+7dNWhwnvBtCFCqEW8jnf9sD4+gJcp8vsiWmM8EQMGWuPkqqc+0TCyQKGb7ylbrNM
+4n7tzdJX18LEm5TnxQieBinnkYPTkNy8xzgQPe+SwyMwg6ECDIyBwJ5GaeyIjqME
+ZuVbvB81GJej2WGqSMlfZPGpGvriDrU0271S7NmAtfbzeuCGzFd877hcDx52YvzT
+SDqdFwtO+lEhbfaKzrPS96M3Jj+FyH2NC19NL93Kln4ZDdKZWSzvRwv1loFWDuZ0
+lrZC/Zk/sUSkxM1qQlXAi2wRVnQzl21j0saismra80eKEnv8f0rIbYfJFg4l5PUs
+eN7x5AriCR2wSyvuI6SkB7N3QxCSG2OWlTR8jqVd0iCgWum8+jQwvV9jCJBZYgEB
+xU85IjfH7yptd39LYJRsQcm58RTco3oO2VTBJ7uQZuIINVPjmp4cIeiF0r4O2WYf
+cA8FMX8IbUQAqwAte3J9AtfYcB8nXOsf2uBR+QoEnFf1n2R2vtzSuSTlEeTOD4MJ
+qv+4aFqbRMwR/cYTK4krYxJPSk8ZD/boFXcMPc6jud6MjA7PGEw1DKV4lhJ7pPRJ
+rgX/xUxmGNhwQEynunP6SWscg/7UFFDqanC/Pv6X7AR2VfmiLpJ66/cCAwEAAQ==
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/pescoheim

@@ -0,0 +1,14 @@
+Address=pesco.dyndns.org
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.9.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAOGdQo3wBi8pDtMe8IstjmWx5kKOKheTOjdPoLX4Qkr9bOhJb7NxalPV
+5Ub5BFR51kDafnSPaXtQGMkKgSD6NAXK4LF1Tvsnbr2/za38Zv9YCsoD+HiM9Vz8
+6eO6UpGkvHjXcKHsJbEa9jUnvOOFf7U23UijYgjbrkggckHojTxdAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/redbaron

@@ -0,0 +1,14 @@
+Address=redcastle.mine.nu
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=10.47.11.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBALzcRKUSeEX/qHAJIqDnC+MfYD7F78ftdvOGDvYyzvHpNAlRyMZTea6V
+hnxgD3aJSM/MB80XZcdTOHLShYmAehZhfLph82oT0W8bAh+58RUgorYeYit5qvC5
+tNXV/zI8OFCfc08ttmK2Zb0Mqeh13OXzk2Un3gqgWeWauep6wBp1AgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/turing

@@ -0,0 +1,14 @@
+Address=turing.hamburg.ccc.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=4200
+Subnet=192.168.0.98/32
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAMeWu6JQGmHwalirbG6rSP+wLRNb+9H0wR89PM0s6OulzmRwZYESZXdU
+AXiY02+Y9YdkhHZ9b8UGfoL7g6jr3YC1aB5rGU7oOojGUGLO85K4nnd+FxzccY8K
+LyCdqkcLudLEP4SmgbKZgsBebR+46CKbnavXZ+l8KLYzQgWfA0kXAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/znet

@@ -0,0 +1,14 @@
+Address=prometheus.datenknoten.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.23.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAMHRsCzBgOvkCokphctbdX11P6MtwWIhaTHmI8BHhDN73Ch384KTFdqA
+gGsDkp2QoH2PvFRolOi1NjFuSSJfcGJdvEGa4R/bMhUF2LWTO2VIr3JIA0VsRS+8
+LXe+GpXURFgb9/cenjdzKWYLeksT1g/Y6MAgsl1MAdGFmOtNFc+zAgMBAAE=
+-----END RSA PUBLIC KEY-----  
+

noc/configs/tinc/chaos/rsa_key.priv

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCfFAeEtiohbBCOuH3yuJHBtPN2OHM+uJZJSqAdYAO9tFSPsJ7I
+lCQFxRIL673GbhqkkzzOWiljDEZZay4wX9GzTaTuuvxrjfhdDvabfEOPTRfOu7jV
+/ihzbhZtXaY7oH9wyKb825lhN4t1gGFN8nfc9ywQNSLmdtat9VmrqfjDzQIDAQAB
+AoGAJ2KsId2APNoml09yT4AHBnCovqJnViYZf3fsgJlfE77sGM9f4MVczdjnCPCL
+AfAMxKZ3rZeBG7bUTBtPSkbPAjPJ//zT4kNWFLZC93HdzSeeEmSCF+vE7L6xjzku
+fwpx/8J9LMLlp96BLtlfPXk4gDA+q858EW0Q1prQBQV7GEECQQDODY9qaVcU3cv2
+/wNeTuWve8wARDKiC2ucFE2RzvDnpcuR+Am5dkfUTTlJTf/Ffdc2M4E7YfwAa1J9
+IAcilM3lAkEAxaN+IVb7vy4xWjx7W5/sVKLz1FgjSHkpNfeuWMxm8sR4HWTHBPFb
+hd+E+HhkWeD6Sa6gP8ZIEPfXnBexYRz/yQJBAKU7xofklUpMWiVldgQIbLN+KKcG
+CTxcwBxXQ6TrN8/q6gXRy6qHqS4cBxY7kCGEujHit30xI+4KIgnoxw/6F+kCQGh2
+kiRtJYNXlx5q+YjkbrYNq3OBYqTb5bxwveaRo5iN4C8pJUinigiorE/o0qHvGFv5
+wRn0ZAMT/RK0Mz1xZoECQBwOMieJcswrcI2OgY3Ejw+nLf5u4ZbahRFrnHWT0FoN
+hBW4Dff5jso/K+weYETZUpdwWb9jv8+4ULGt1wiJ8sc=
+-----END RSA PRIVATE KEY-----

noc/configs/tinc/chaos/rsa_key.pub

@@ -0,0 +1,5 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAJ8UB4S2KiFsEI64ffK4kcG083Y4cz64lklKoB1gA720VI+wnsiUJAXF
+EgvrvcZuGqSTPM5aKWMMRllrLjBf0bNNpO66/GuN+F0O9pt8Q49NF867uNX+KHNu
+Fm1dpjugf3DIpvzbmWE3i3WAYU3yd9z3LBA1IuZ21q31Waup+MPNAgMBAAE=
+-----END RSA PUBLIC KEY-----

noc/configs/tinc/chaos/tinc-up

@@ -0,0 +1,16 @@
+#!/bin/sh
+/sbin/ifconfig $INTERFACE 172.16.0.1 netmask 255.255.255.255
+/sbin/ip -4 route add 192.168.23.0/24 dev $INTERFACE
+/sbin/ip -4 route add 192.168.8.0/24 dev $INTERFACE
+/sbin/ip -4 route add 192.168.13.0/24 dev $INTERFACE
+/sbin/ip -4 route add 192.168.0.99/32 dev $INTERFACE
+/sbin/ip -4 route add 192.168.9.0/24 dev $INTERFACE
+/sbin/ip -4 route add 10.6.65.0/24 dev $INTERFACE
+/sbin/ip -4 route add 10.6.66.0/24 dev $INTERFACE
+/sbin/ip -4 route add 192.168.16.0/23 dev $INTERFACE
+/sbin/ip -4 route add 192.168.20.0/23 dev $INTERFACE
+/sbin/ip -4 route add 192.168.0.64/26 dev $INTERFACE
+/sbin/ip -4 route add 192.168.18.0/23 dev $INTERFACE
+/sbin/ip -4 route add 10.42.0.0/16 dev $INTERFACE
+/sbin/ip -4 route add 192.168.0.98/32 dev $INTERFACE
+/sbin/ip -4 route add 10.47.11.0/24 dev $INTERFACE

noc/configs/tinc/chaos/tinc.conf

@@ -0,0 +1,17 @@
+AddressFamily=ipv4
+Device=/dev/net/tun
+Interface=chaos_vpn
+Mode=router
+Name=eh2005
+Hostnames=yes
+ConnectTo=znet
+ConnectTo=alioshome
+ConnectTo=dew
+ConnectTo=haegarwork
+ConnectTo=pescoheim
+ConnectTo=lardass
+ConnectTo=ccchh
+ConnectTo=haegarhome
+ConnectTo=packbarthome
+ConnectTo=turing
+ConnectTo=redbaron

noc/configs/tinc/chaosvpn.conf

@@ -0,0 +1,41 @@
+# achtung: dies configfile ist perl ;)
+
+
+# name dieses rechners:
+$my_peerid		= "eh2005";
+
+# lokale ips dieses rechners/gateways
+# eins von beidem kann auch leergelassen werden, wenn man nur
+# ipv4 oder nur ipv6 sprechen moechte
+# (angaben ohne netmask, das hier sind die adressen die das 
+# chaos_vpn-device bekommt, netmask /32 bzw /128)
+$my_vpn_ip		= "172.16.0.1";
+$my_vpn_ip6		= "";
+
+$my_password		= "foo"; # unused
+$my_ip			= "127.0.0.1"; # unused for now
+$my_external_ip		= "193.103.161.30"; # unused
+
+# ueber diese einstellung koennen gewisse gegenstellen
+# bei chaosvpn-links ignoriert werden (sie werden vom eigenen rechner
+# behandelt als waehren sie nicht teil des chaosvpns)
+# dies ist z.b. nuetzlich wenn zu diesen gegenstellen schon eine
+# anderweitige vpn-verbindung besteht
+# im normalfall einfach ()
+@exclude		= (); # links zu gewissen peer-ids nicht aufbauen
+
+
+# ============================================================================
+# you should'nt need to change anything below, 
+# at least not for linux and chaosvpn
+
+$networkname		= "chaos";
+$tincd_bin		= "/usr/sbin/tincd";
+$ip_bin			= "/sbin/ip";
+$ifconfig		= "/sbin/ifconfig \$INTERFACE $my_vpn_ip netmask $my_vpn_netmask";
+$ifconfig6		= "$ip_bin addr add $my_vpn_ip6/128 dev \$INTERFACE";
+
+$master_url		= "https://www.vpn.hamburg.ccc.de/tinc-chaosvpn.txt";
+$base			= "/etc/tinc/$networkname";
+$pidfile		= "/var/run/tinc.$networkname.pid";
+$tincd_debuglevel	= 3;

noc/configs/tinc/nets.boot

@@ -0,0 +1 @@
+## This file contains all names of the networks to be started on system startup.

noc/monitor.easterhegg.de/README.html

@@ -0,0 +1,7 @@
+<pre>
+
+<b>Config Daten von monitor.easterhegg.de</b>
+
+Drecks-Thinkpad R40e mit Debian/Unstable Webserver und 
+Netzwerk-Monitor-Krams
+</pre>

noc/monitor.easterhegg.de/apache2/README

@@ -0,0 +1,82 @@
+Apache2 Configuration under Debian GNU/Linux
+============================================
+
+Debian's default Apache2 installation attempts to make adding and
+removing modules, virtual hosts, and extra configuration directives as
+flexible is possible, in order to make automating the changes and
+administering the server as easy as possible.
+
+Files and Directories in /etc/apache2:
+-------------------------------------
+
+apache2.conf
+
+	This is the main configuration file.
+
+conf.d/
+
+	Files in this directory are included by this line in
+	apache2.conf:
+
+	# Include generic snippets of statements
+	Include /etc/apache2/conf.d
+
+	This is a good place to add additional configuration
+	directives.
+
+httpd.conf
+
+	Empty file.
+
+magic
+
+	Magic data for mod_mime_magic Apache module, documented in
+	htdocs/manual/mod/mod_mime_magic.html.  You probably don't
+	need to touch this.
+
+mods-available/
+
+	This directory contains a series of .load and .conf files.
+	The .load files contain the Apache configuration directive
+	necessary to load the module in question.  The respective
+	.conf files contain configuration directives necessary to
+	utilize the module in question.
+
+mods-enabled/
+
+	To actually enable a module for Apache2, it is necessary to
+	create a symlink in this directory to the .load (and .conf, if
+	it exists) files associated with the module in
+	mods-available/.  For example:
+
+	cgi.load -> /etc/apache2/mods-available/cgi.load
+
+ports.conf
+
+	Configuration directives for which ports and IP addresses to
+	listen to.
+
+sites-available/
+
+	Like mods-available/, except it contains configuration
+	directives for different virtual hosts that might be used with
+	apache2.  Note that the hostname doesn't have to correspond
+	exactly with the filename.  'default' is the default host.
+
+sites-enabled/
+
+	Similar in functionality to mods-enabled/, sites-enabled
+	contains symlinks to sites in sites-available/ that the
+	admnistrator wishes to enable.
+
+	Example:
+	dedasys -> /etc/apache2/sites-available/dedasys
+
+Tools
+-----
+
+Currently, a2enmod and a2dismod are available for enabling and
+disabling modules utilizing the above configuration system.
+
+a2ensite and a2dissite have been added, which do essentially the
+same thing as the above tools, but for sites rather than modules.

noc/monitor.easterhegg.de/apache2/apache2.conf

@@ -0,0 +1,397 @@
+# Based upon the NCSA server configuration files originally by Rob McCool.
+# Changed extensively for the Debian package by Daniel Stone <daniel@sfarc.net>
+# and also by Thom May <thom@debian.org>.
+
+# ServerRoot: The top of the directory tree under which the server's
+# configuration, error, and log files are kept.
+#
+# NOTE!  If you intend to place this on an NFS (or otherwise network)
+# mounted filesystem then please read the LockFile documentation
+# (available at <URL:http://www.apache.org/docs/mod/core.html#lockfile>);
+# you will save yourself a lot of trouble.
+
+ServerRoot "/etc/apache2"
+
+# The LockFile directive sets the path to the lockfile used when Apache
+# is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or
+# USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at
+# its default value. The main reason for changing it is if the logs
+# directory is NFS mounted, since the lockfile MUST BE STORED ON A LOCAL
+# DISK. The PID of the main server process is automatically appended to
+# the filename. 
+
+LockFile /var/lock/apache2/accept.lock
+
+# PidFile: The file in which the server should record its process
+# identification number when it starts.
+
+PidFile /var/run/apache2.pid
+
+# Timeout: The number of seconds before receives and sends time out.
+
+Timeout 300
+
+# KeepAlive: Whether or not to allow persistent connections (more than
+# one request per connection). Set to "Off" to deactivate.
+
+KeepAlive On
+
+# MaxKeepAliveRequests: The maximum number of requests to allow
+# during a persistent connection. Set to 0 to allow an unlimited amount.
+# We recommend you leave this number high, for maximum performance.
+
+MaxKeepAliveRequests 100
+
+# KeepAliveTimeout: Number of seconds to wait for the next request from the
+# same client on the same connection.
+
+KeepAliveTimeout 15
+
+##
+## Server-Pool Size Regulation (MPM specific)
+## 
+
+# prefork MPM
+# StartServers ......... number of server processes to start
+# MinSpareServers ...... minimum number of server processes which are kept spare
+# MaxSpareServers ...... maximum number of server processes which are kept spare
+# MaxClients ........... maximum number of server processes allowed to start
+# MaxRequestsPerChild .. maximum number of requests a server process serves
+<IfModule prefork.c>
+StartServers         5
+MinSpareServers      5
+MaxSpareServers     10
+MaxClients          20
+MaxRequestsPerChild  0
+</IfModule>
+
+# pthread MPM
+# StartServers ......... initial  number of server processes to start
+# MaxClients ........... maximum  number of server processes allowed to start
+# MinSpareThreads ...... minimum  number of worker threads which are kept spare
+# MaxSpareThreads ...... maximum  number of worker threads which are kept spare
+# ThreadsPerChild ...... constant number of worker threads in each server process
+# MaxRequestsPerChild .. maximum  number of requests a server process serves
+<IfModule worker.c>
+StartServers         2
+MaxClients         150 
+MinSpareThreads     25
+MaxSpareThreads     75
+ThreadsPerChild     25
+MaxRequestsPerChild  0
+</IfModule>
+
+# perchild MPM
+# NumServers ........... constant number of server processes
+# StartThreads ......... initial  number of worker threads in each server process
+# MinSpareThreads ...... minimum  number of worker threads which are kept spare
+# MaxSpareThreads ...... maximum  number of worker threads which are kept spare
+# MaxThreadsPerChild ... maximum  number of worker threads in each server process
+# MaxRequestsPerChild .. maximum  number of connections per server process (then it dies)
+<IfModule perchild.c>
+NumServers           5
+StartThreads         5
+MinSpareThreads      5
+MaxSpareThreads     10
+MaxThreadsPerChild  20
+MaxRequestsPerChild  0
+AcceptMutex fcntl
+</IfModule>
+
+User www-data
+Group www-data
+
+# The following directives define some format nicknames for use with
+# a CustomLog directive (see below).
+LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%h %l %u %t \"%r\" %>s %b" common
+LogFormat "%{Referer}i -> %U" referer
+LogFormat "%{User-agent}i" agent
+
+
+# Global error log.
+ErrorLog /var/log/apache2/error.log
+
+# Include module configuration:
+Include /etc/apache2/mods-enabled/*.load
+Include /etc/apache2/mods-enabled/*.conf
+
+# Include all the user configurations:
+Include /etc/apache2/httpd.conf
+
+# Include ports listing
+Include /etc/apache2/ports.conf
+
+# Include generic snippets of statements
+Include /etc/apache2/conf.d/[^.#]*
+
+#Let's have some Icons, shall we?
+Alias /icons/ "/usr/share/apache2/icons/"
+<Directory "/usr/share/apache2/icons">
+    Options Indexes MultiViews
+    AllowOverride None
+    Order allow,deny
+    Allow from all
+</Directory>
+
+# Set up the default error docs.
+#
+# Customizable error responses come in three flavors:
+# 1) plain text 2) local redirects 3) external redirects
+#
+# Some examples:
+#ErrorDocument 500 "The server made a boo boo."
+#ErrorDocument 404 /missing.html
+#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
+#ErrorDocument 402 http://www.example.com/subscription_info.html
+#
+
+#
+# Putting this all together, we can Internationalize error responses.
+#
+# We use Alias to redirect any /error/HTTP_<error>.html.var response to
+# our collection of by-error message multi-language collections.  We use 
+# includes to substitute the appropriate text.
+#
+# You can modify the messages' appearance without changing any of the
+# default HTTP_<error>.html.var files by adding the line;
+#
+#   Alias /error/include/ "/your/include/path/"
+#
+# which allows you to create your own set of files by starting with the
+# /usr/local/apache2/error/include/ files and
+# copying them to /your/include/path/, even on a per-VirtualHost basis.
+#
+
+<IfModule mod_negotiation.c>
+<IfModule mod_include.c>
+    Alias /error/ "/usr/share/apache2/error/"
+
+    <Directory "/usr/share/apache2/error">
+        AllowOverride None
+        Options IncludesNoExec
+        AddOutputFilter Includes html
+        AddHandler type-map var
+        Order allow,deny
+        Allow from all
+        LanguagePriority en es de fr
+        ForceLanguagePriority Prefer Fallback
+    </Directory>
+
+    ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
+    ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
+    ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
+    ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
+    ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
+    ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
+    ErrorDocument 410 /error/HTTP_GONE.html.var
+    ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
+    ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
+    ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
+    ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
+    ErrorDocument 415 /error/HTTP_SERVICE_UNAVAILABLE.html.var
+    ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
+    ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
+    ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
+    ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
+    ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
+
+</IfModule>
+</IfModule>
+
+DirectoryIndex index.shtml index.html index.cgi index.pl index.php index.xhtml
+
+# UserDir is now a module
+#UserDir public_html
+#UserDir disabled root
+
+#<Directory /home/*/public_html>
+#	AllowOverride FileInfo AuthConfig Limit
+#	Options Indexes SymLinksIfOwnerMatch IncludesNoExec
+#</Directory>
+
+AccessFileName .htaccess
+
+<Files ~ "^\.ht">
+    Order allow,deny
+    Deny from all
+</Files>
+
+UseCanonicalName Off
+
+TypesConfig /etc/mime.types
+DefaultType text/plain
+
+HostnameLookups Off
+
+IndexOptions FancyIndexing VersionSort
+
+AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
+
+AddIconByType (TXT,/icons/text.gif) text/*
+AddIconByType (IMG,/icons/image2.gif) image/*
+AddIconByType (SND,/icons/sound2.gif) audio/*
+AddIconByType (VID,/icons/movie.gif) video/*
+
+# This really should be .jpg.
+
+AddIcon /icons/binary.gif .bin .exe
+AddIcon /icons/binhex.gif .hqx
+AddIcon /icons/tar.gif .tar
+AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
+AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
+AddIcon /icons/a.gif .ps .ai .eps
+AddIcon /icons/layout.gif .html .shtml .htm .pdf
+AddIcon /icons/text.gif .txt
+AddIcon /icons/c.gif .c
+AddIcon /icons/p.gif .pl .py
+AddIcon /icons/f.gif .for
+AddIcon /icons/dvi.gif .dvi
+AddIcon /icons/uuencoded.gif .uu
+AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
+AddIcon /icons/tex.gif .tex
+AddIcon /icons/bomb.gif core
+
+AddIcon /icons/back.gif ..
+AddIcon /icons/hand.right.gif README
+AddIcon /icons/folder.gif ^^DIRECTORY^^
+AddIcon /icons/blank.gif ^^BLANKICON^^
+
+
+# This is from Matty J's patch. Anyone want to make the icons?
+#AddIcon /icons/dirsymlink.jpg ^^SYMDIR^^
+#AddIcon /icons/symlink.jpg ^^SYMLINK^^
+
+DefaultIcon /icons/unknown.gif
+
+ReadmeName README.html
+HeaderName HEADER.html
+
+IndexIgnore .??* *~ *# HEADER* RCS CVS *,t
+
+AddEncoding x-compress Z
+AddEncoding x-gzip gz tgz
+
+AddLanguage da .dk
+AddLanguage nl .nl
+AddLanguage en .en
+AddLanguage et .et
+AddLanguage fr .fr
+AddLanguage de .de
+AddLanguage el .el
+AddLanguage it .it
+AddLanguage ja .ja
+AddLanguage pl .po
+AddLanguage ko .ko
+AddLanguage pt .pt
+AddLanguage no .no
+AddLanguage pt-br .pt-br
+AddLanguage ltz .ltz
+AddLanguage ca .ca
+AddLanguage es .es
+AddLanguage sv .se
+AddLanguage cz .cz
+AddLanguage ru .ru
+AddLanguage tw .tw
+AddLanguage zh-tw .tw
+
+LanguagePriority en da nl et fr de el it ja ko no pl pt pt-br ltz ca es sv tw
+
+
+#AddDefaultCharset	ISO-8859-1
+
+AddCharset ISO-8859-1  .iso8859-1  .latin1
+AddCharset ISO-8859-2  .iso8859-2  .latin2 .cen
+AddCharset ISO-8859-3  .iso8859-3  .latin3
+AddCharset ISO-8859-4  .iso8859-4  .latin4
+AddCharset ISO-8859-5  .iso8859-5  .latin5 .cyr .iso-ru
+AddCharset ISO-8859-6  .iso8859-6  .latin6 .arb
+AddCharset ISO-8859-7  .iso8859-7  .latin7 .grk
+AddCharset ISO-8859-8  .iso8859-8  .latin8 .heb	
+AddCharset ISO-8859-9  .iso8859-9  .latin9 .trk
+AddCharset ISO-2022-JP .iso2022-jp .jis
+AddCharset ISO-2022-KR .iso2022-kr .kis
+AddCharset ISO-2022-CN .iso2022-cn .cis
+AddCharset Big5        .Big5       .big5
+# For russian, more than one charset is used (depends on client, mostly):
+AddCharset WINDOWS-1251 .cp-1251   .win-1251
+AddCharset CP866       .cp866
+AddCharset KOI8-r      .koi8-r .koi8-ru
+AddCharset KOI8-ru     .koi8-uk .ua
+AddCharset ISO-10646-UCS-2 .ucs2
+AddCharset ISO-10646-UCS-4 .ucs4
+AddCharset UTF-8       .utf8
+
+AddCharset GB2312      .gb2312 .gb 
+AddCharset utf-7       .utf7
+AddCharset utf-8       .utf8
+AddCharset big5	       .big5 .b5
+AddCharset EUC-TW      .euc-tw	
+AddCharset EUC-JP      .euc-jp
+AddCharset EUC-KR      .euc-kr
+AddCharset shift_jis   .sjis
+
+AddType application/x-httpd-php .php
+AddType application/x-httpd-php-source .phps
+
+AddType application/x-tar .tgz
+
+# To use CGI scripts outside /cgi-bin/:
+#
+#AddHandler cgi-script .cgi
+
+# To use server-parsed HTML files
+#
+AddType text/html .shtml
+<FilesMatch "\.shtml(\..+)?$">
+    SetOutputFilter INCLUDES
+</FilesMatch>
+
+
+# If you wish to use server-parsed imagemap files, use
+#
+#AddHandler imap-file map
+
+BrowserMatch "Mozilla/2" nokeepalive
+BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
+BrowserMatch "RealPlayer 4\.0" force-response-1.0
+BrowserMatch "Java/1\.0" force-response-1.0
+BrowserMatch "JDK/1\.0" force-response-1.0
+
+#
+# The following directive disables redirects on non-GET requests for
+# a directory that does not include the trailing slash.  This fixes a 
+# problem with Microsoft WebFolders which does not appropriately handle 
+# redirects for folders with DAV methods.
+#
+
+BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
+BrowserMatch "^WebDrive" redirect-carefully
+BrowserMatch "^gnome-vfs" redirect-carefully 
+BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
+
+# Allow server status reports, with the URL of http://servername/server-status
+# Change the ".your_domain.com" to match your domain to enable.
+#
+#<Location /server-status>
+#    SetHandler server-status
+#    Order deny,allow
+#    Deny from all
+#    Allow from .your_domain.com
+#</Location>
+
+# Allow remote server configuration reports, with the URL of
+#  http://servername/server-info (requires that mod_info.c be loaded).
+# Change the ".your_domain.com" to match your domain to enable.
+#
+#<Location /server-info>
+#    SetHandler server-info
+#    Order deny,allow
+#    Deny from all
+#    Allow from .your_domain.com
+#</Location>
+
+# Include the virtual host configurations:
+Include /etc/apache2/sites-enabled/[^.#]*
+
+Include /etc/cacti/apache.conf

noc/monitor.easterhegg.de/apache2/envvars

@@ -0,0 +1,21 @@
+# Copyright 2001-2005 The Apache Software Foundation or its licensors, as
+# applicable.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#
+# envvars-std - default environment variables for apachectl
+#
+# This file is generated from envvars-std.in
+#
+

noc/monitor.easterhegg.de/apache2/httpd.conf

@@ -0,0 +1,5 @@
+# This is here for backwards compatability reasons and to support
+#  installing 3rd party modules directly via apxs2, rather than
+#  through the /etc/apache2/mods-{available,enabled} mechanism.
+#
+#LoadModule mod_placeholder /usr/lib/apache2/modules/mod_placeholder.so

noc/monitor.easterhegg.de/apache2/magic

@@ -0,0 +1,371 @@
+# Magic data for mod_mime_magic Apache module (originally for file(1) command)
+# The module is described in htdocs/manual/mod/mod_mime_magic.html
+#
+# The format is 4-5 columns:
+#    Column #1: byte number to begin checking from, ">" indicates continuation
+#    Column #2: type of data to match
+#    Column #3: contents of data to match
+#    Column #4: MIME type of result
+#    Column #5: MIME encoding of result (optional)
+
+#------------------------------------------------------------------------------
+# Localstuff:  file(1) magic for locally observed files
+# Add any locally observed files here.
+
+#------------------------------------------------------------------------------
+# end local stuff
+#------------------------------------------------------------------------------
+
+#------------------------------------------------------------------------------
+# Java
+
+0	short		0xcafe
+>2	short		0xbabe		application/java
+
+#------------------------------------------------------------------------------
+# audio:  file(1) magic for sound formats
+#
+# from Jan Nicolai Langfeldt <janl@ifi.uio.no>,
+#
+
+# Sun/NeXT audio data
+0	string		.snd
+>12	belong		1		audio/basic
+>12	belong		2		audio/basic
+>12	belong		3		audio/basic
+>12	belong		4		audio/basic
+>12	belong		5		audio/basic
+>12	belong		6		audio/basic
+>12	belong		7		audio/basic
+
+>12	belong		23		audio/x-adpcm
+
+# DEC systems (e.g. DECstation 5000) use a variant of the Sun/NeXT format
+# that uses little-endian encoding and has a different magic number
+# (0x0064732E in little-endian encoding).
+0	lelong		0x0064732E	
+>12	lelong		1		audio/x-dec-basic
+>12	lelong		2		audio/x-dec-basic
+>12	lelong		3		audio/x-dec-basic
+>12	lelong		4		audio/x-dec-basic
+>12	lelong		5		audio/x-dec-basic
+>12	lelong		6		audio/x-dec-basic
+>12	lelong		7		audio/x-dec-basic
+#                                       compressed (G.721 ADPCM)
+>12	lelong		23		audio/x-dec-adpcm
+
+# Bytes 0-3 of AIFF, AIFF-C, & 8SVX audio files are "FORM"
+#					AIFF audio data
+8	string		AIFF		audio/x-aiff	
+#					AIFF-C audio data
+8	string		AIFC		audio/x-aiff	
+#					IFF/8SVX audio data
+8	string		8SVX		audio/x-aiff	
+
+# Creative Labs AUDIO stuff
+#					Standard MIDI data
+0	string	MThd			audio/unknown	
+#>9 	byte	>0			(format %d)
+#>11	byte	>1			using %d channels
+#					Creative Music (CMF) data
+0	string	CTMF			audio/unknown	
+#					SoundBlaster instrument data
+0	string	SBI			audio/unknown	
+#					Creative Labs voice data
+0	string	Creative\ Voice\ File	audio/unknown	
+## is this next line right?  it came this way...
+#>19	byte	0x1A
+#>23	byte	>0			- version %d
+#>22	byte	>0			\b.%d
+
+# [GRR 950115:  is this also Creative Labs?  Guessing that first line
+#  should be string instead of unknown-endian long...]
+#0	long		0x4e54524b	MultiTrack sound data
+#0	string		NTRK		MultiTrack sound data
+#>4	long		x		- version %ld
+
+# Microsoft WAVE format (*.wav)
+# [GRR 950115:  probably all of the shorts and longs should be leshort/lelong]
+#					Microsoft RIFF
+0	string		RIFF		audio/unknown	
+#					- WAVE format
+>8	string		WAVE		audio/x-wav	
+
+#------------------------------------------------------------------------------
+# c-lang:  file(1) magic for C programs or various scripts
+#
+
+# XPM icons (Greg Roelofs, newt@uchicago.edu)
+# ideally should go into "images", but entries below would tag XPM as C source
+0	string		/*\ XPM		image/x-xbm	7bit
+
+# this first will upset you if you're a PL/1 shop... (are there any left?)
+# in which case rm it; ascmagic will catch real C programs
+#					C or REXX program text
+0	string		/*		text/plain
+#					C++ program text
+0	string		//		text/plain
+
+#------------------------------------------------------------------------------
+# compress:  file(1) magic for pure-compression formats (no archives)
+#
+# compress, gzip, pack, compact, huf, squeeze, crunch, freeze, yabba, whap, etc.
+#
+# Formats for various forms of compressed data
+# Formats for "compress" proper have been moved into "compress.c",
+# because it tries to uncompress it to figure out what's inside.
+
+# standard unix compress
+0	string		\037\235	application/octet-stream	x-compress
+
+# gzip (GNU zip, not to be confused with [Info-ZIP/PKWARE] zip archiver)
+0       string          \037\213        application/octet-stream	x-gzip
+
+# According to gzip.h, this is the correct byte order for packed data.
+0	string		\037\036	application/octet-stream
+#
+# This magic number is byte-order-independent.
+#
+0	short		017437		application/octet-stream
+
+# XXX - why *two* entries for "compacted data", one of which is
+# byte-order independent, and one of which is byte-order dependent?
+#
+# compacted data
+0	short		0x1fff		application/octet-stream
+0	string		\377\037	application/octet-stream
+# huf output
+0	short		0145405		application/octet-stream
+
+# Squeeze and Crunch...
+# These numbers were gleaned from the Unix versions of the programs to
+# handle these formats.  Note that I can only uncrunch, not crunch, and
+# I didn't have a crunched file handy, so the crunch number is untested.
+#				Keith Waclena <keith@cerberus.uchicago.edu>
+#0	leshort		0x76FF		squeezed data (CP/M, DOS)
+#0	leshort		0x76FE		crunched data (CP/M, DOS)
+
+# Freeze
+#0	string		\037\237	Frozen file 2.1
+#0	string		\037\236	Frozen file 1.0 (or gzip 0.5)
+
+# lzh?
+#0	string		\037\240	LZH compressed data
+
+#------------------------------------------------------------------------------
+# frame:  file(1) magic for FrameMaker files
+#
+# This stuff came on a FrameMaker demo tape, most of which is
+# copyright, but this file is "published" as witness the following:
+#
+0	string		\<MakerFile	application/x-frame
+0	string		\<MIFFile	application/x-frame
+0	string		\<MakerDictionary	application/x-frame
+0	string		\<MakerScreenFon	application/x-frame
+0	string		\<MML		application/x-frame
+0	string		\<Book		application/x-frame
+0	string		\<Maker		application/x-frame
+
+#------------------------------------------------------------------------------
+# html:  file(1) magic for HTML (HyperText Markup Language) docs
+#
+# from Daniel Quinlan <quinlan@yggdrasil.com>
+# and Anna Shergold <anna@inext.co.uk>
+#
+0	string		\<!DOCTYPE\ HTML	text/html
+0	string		\<!doctype\ html	text/html
+0	string		\<HEAD		text/html
+0	string		\<head		text/html
+0	string		\<TITLE		text/html
+0	string		\<title		text/html
+0       string          \<html          text/html
+0       string          \<HTML          text/html
+0	string		\<!--		text/html
+0	string		\<h1		text/html
+0	string		\<H1		text/html
+
+#------------------------------------------------------------------------------
+# images:  file(1) magic for image formats (see also "c-lang" for XPM bitmaps)
+#
+# originally from jef@helios.ee.lbl.gov (Jef Poskanzer),
+# additions by janl@ifi.uio.no as well as others. Jan also suggested
+# merging several one- and two-line files into here.
+#
+# XXX - byte order for GIF and TIFF fields?
+# [GRR:  TIFF allows both byte orders; GIF is probably little-endian]
+#
+
+# [GRR:  what the hell is this doing in here?]
+#0	string		xbtoa		btoa'd file
+
+# PBMPLUS
+#					PBM file
+0	string		P1		image/x-portable-bitmap	7bit
+#					PGM file
+0	string		P2		image/x-portable-greymap	7bit
+#					PPM file
+0	string		P3		image/x-portable-pixmap	7bit
+#					PBM "rawbits" file
+0	string		P4		image/x-portable-bitmap
+#					PGM "rawbits" file
+0	string		P5		image/x-portable-greymap
+#					PPM "rawbits" file
+0	string		P6		image/x-portable-pixmap
+
+# NIFF (Navy Interchange File Format, a modification of TIFF)
+# [GRR:  this *must* go before TIFF]
+0	string		IIN1		image/x-niff
+
+# TIFF and friends
+#					TIFF file, big-endian
+0	string		MM		image/tiff
+#					TIFF file, little-endian
+0	string		II		image/tiff
+
+# possible GIF replacements; none yet released!
+# (Greg Roelofs, newt@uchicago.edu)
+#
+# GRR 950115:  this was mine ("Zip GIF"):
+#					ZIF image (GIF+deflate alpha)
+0	string		GIF94z		image/unknown
+#
+# GRR 950115:  this is Jeremy Wohl's Free Graphics Format (better):
+#					FGF image (GIF+deflate beta)
+0	string		FGF95a		image/unknown
+#
+# GRR 950115:  this is Thomas Boutell's Portable Bitmap Format proposal
+# (best; not yet implemented):
+#					PBF image (deflate compression)
+0	string		PBF		image/unknown
+
+# GIF
+0	string		GIF		image/gif
+
+# JPEG images
+0	beshort		0xffd8		image/jpeg
+
+# PC bitmaps (OS/2, Windoze BMP files)  (Greg Roelofs, newt@uchicago.edu)
+0	string		BM		image/bmp
+#>14	byte		12		(OS/2 1.x format)
+#>14	byte		64		(OS/2 2.x format)
+#>14	byte		40		(Windows 3.x format)
+#0	string		IC		icon
+#0	string		PI		pointer
+#0	string		CI		color icon
+#0	string		CP		color pointer
+#0	string		BA		bitmap array
+
+
+#------------------------------------------------------------------------------
+# lisp:  file(1) magic for lisp programs
+#
+# various lisp types, from Daniel Quinlan (quinlan@yggdrasil.com)
+0	string	;;			text/plain	8bit
+# Emacs 18 - this is always correct, but not very magical.
+0	string	\012(			application/x-elc
+# Emacs 19
+0	string	;ELC\023\000\000\000	application/x-elc
+
+#------------------------------------------------------------------------------
+# mail.news:  file(1) magic for mail and news
+#
+# There are tests to ascmagic.c to cope with mail and news.
+0	string		Relay-Version: 	message/rfc822	7bit
+0	string		#!\ rnews	message/rfc822	7bit
+0	string		N#!\ rnews	message/rfc822	7bit
+0	string		Forward\ to 	message/rfc822	7bit
+0	string		Pipe\ to 	message/rfc822	7bit
+0	string		Return-Path:	message/rfc822	7bit
+0	string		Path:		message/news	8bit
+0	string		Xref:		message/news	8bit
+0	string		From:		message/rfc822	7bit
+0	string		Article 	message/news	8bit
+#------------------------------------------------------------------------------
+# msword: file(1) magic for MS Word files
+#
+# Contributor claims:
+# Reversed-engineered MS Word magic numbers
+#
+
+0	string		\376\067\0\043			application/msword
+0	string		\333\245-\0\0\0			application/msword
+
+# disable this one because it applies also to other
+# Office/OLE documents for which msword is not correct. See PR#2608.
+#0	string		\320\317\021\340\241\261	application/msword
+
+
+
+#------------------------------------------------------------------------------
+# printer:  file(1) magic for printer-formatted files
+#
+
+# PostScript
+0	string		%!		application/postscript
+0	string		\004%!		application/postscript
+
+# Acrobat
+# (due to clamen@cs.cmu.edu)
+0	string		%PDF-		application/pdf
+
+#------------------------------------------------------------------------------
+# sc:  file(1) magic for "sc" spreadsheet
+#
+38	string		Spreadsheet	application/x-sc
+
+#------------------------------------------------------------------------------
+# tex:  file(1) magic for TeX files
+#
+# XXX - needs byte-endian stuff (big-endian and little-endian DVI?)
+#
+# From <conklin@talisman.kaleida.com>
+
+# Although we may know the offset of certain text fields in TeX DVI
+# and font files, we can't use them reliably because they are not
+# zero terminated. [but we do anyway, christos]
+0	string		\367\002	application/x-dvi
+#0	string		\367\203	TeX generic font data
+#0	string		\367\131	TeX packed font data
+#0	string		\367\312	TeX virtual font data
+#0	string		This\ is\ TeX,	TeX transcript text	
+#0	string		This\ is\ METAFONT,	METAFONT transcript text
+
+# There is no way to detect TeX Font Metric (*.tfm) files without
+# breaking them apart and reading the data.  The following patterns
+# match most *.tfm files generated by METAFONT or afm2tfm.
+#2	string		\000\021	TeX font metric data
+#2	string		\000\022	TeX font metric data
+#>34	string		>\0		(%s)
+
+# Texinfo and GNU Info, from Daniel Quinlan (quinlan@yggdrasil.com)
+#0	string		\\input\ texinfo	Texinfo source text
+#0	string		This\ is\ Info\ file	GNU Info text
+
+# correct TeX magic for Linux (and maybe more)
+# from Peter Tobias (tobias@server.et-inf.fho-emden.de)
+#
+0	leshort		0x02f7		application/x-dvi
+
+# RTF - Rich Text Format
+0	string		{\\rtf		application/rtf
+
+#------------------------------------------------------------------------------
+# animation:  file(1) magic for animation/movie formats
+#
+# animation formats, originally from vax@ccwf.cc.utexas.edu (VaX#n8)
+#						MPEG file
+0	string		\000\000\001\263	video/mpeg
+#
+# The contributor claims:
+#   I couldn't find a real magic number for these, however, this
+#   -appears- to work.  Note that it might catch other files, too,
+#   so BE CAREFUL!
+#
+# Note that title and author appear in the two 20-byte chunks
+# at decimal offsets 2 and 22, respectively, but they are XOR'ed with
+# 255 (hex FF)! DL format SUCKS BIG ROCKS.
+#
+#						DL file version 1 , medium format (160x100, 4 images/screen)
+0	byte		1			video/unknown
+0	byte		2			video/unknown
+

noc/monitor.easterhegg.de/apache2/mods-available/actions.load

@@ -0,0 +1 @@
+LoadModule actions_module /usr/lib/apache2/modules/mod_actions.so

noc/monitor.easterhegg.de/apache2/mods-available/asis.load

@@ -0,0 +1 @@
+LoadModule asis_module /usr/lib/apache2/modules/mod_asis.so

noc/monitor.easterhegg.de/apache2/mods-available/auth_anon.load

@@ -0,0 +1 @@
+LoadModule auth_anon_module /usr/lib/apache2/modules/mod_auth_anon.so

noc/monitor.easterhegg.de/apache2/mods-available/auth_dbm.load

@@ -0,0 +1 @@
+LoadModule auth_dbm_module /usr/lib/apache2/modules/mod_auth_dbm.so

noc/monitor.easterhegg.de/apache2/mods-available/auth_digest.load

@@ -0,0 +1 @@
+LoadModule auth_digest_module /usr/lib/apache2/modules/mod_auth_digest.so

noc/monitor.easterhegg.de/apache2/mods-available/auth_ldap.load

@@ -0,0 +1,2 @@
+LoadModule ldap_module /usr/lib/apache2/modules/mod_ldap.so
+LoadModule auth_ldap_module /usr/lib/apache2/modules/mod_auth_ldap.so

noc/monitor.easterhegg.de/apache2/mods-available/cache.load

@@ -0,0 +1 @@
+LoadModule cache_module /usr/lib/apache2/modules/mod_cache.so

noc/monitor.easterhegg.de/apache2/mods-available/cern_meta.load

@@ -0,0 +1 @@
+LoadModule cern_meta_module /usr/lib/apache2/modules/mod_cern_meta.so

noc/monitor.easterhegg.de/apache2/mods-available/cgi.load

@@ -0,0 +1 @@
+LoadModule cgi_module /usr/lib/apache2/modules/mod_cgi.so

noc/monitor.easterhegg.de/apache2/mods-available/cgid.conf

@@ -0,0 +1,2 @@
+# Socket thingy for CGI.
+ScriptSock /var/run/apache2/cgisock

noc/monitor.easterhegg.de/apache2/mods-available/cgid.load

@@ -0,0 +1 @@
+LoadModule cgid_module /usr/lib/apache2/modules/mod_cgid.so

noc/monitor.easterhegg.de/apache2/mods-available/dav.load

@@ -0,0 +1 @@
+LoadModule dav_module /usr/lib/apache2/modules/mod_dav.so

noc/monitor.easterhegg.de/apache2/mods-available/dav_fs.conf

@@ -0,0 +1,2 @@
+DAVLockDB /var/lock/apache2/DAVLock
+

noc/monitor.easterhegg.de/apache2/mods-available/dav_fs.load

@@ -0,0 +1 @@
+LoadModule dav_fs_module /usr/lib/apache2/modules/mod_dav_fs.so

noc/monitor.easterhegg.de/apache2/mods-available/deflate.load

@@ -0,0 +1 @@
+LoadModule deflate_module /usr/lib/apache2/modules/mod_deflate.so

noc/monitor.easterhegg.de/apache2/mods-available/disk_cache.load

@@ -0,0 +1 @@
+LoadModule disk_cache_module /usr/lib/apache2/modules/mod_disk_cache.so

noc/monitor.easterhegg.de/apache2/mods-available/expires.load

@@ -0,0 +1 @@
+LoadModule expires_module /usr/lib/apache2/modules/mod_expires.so

noc/monitor.easterhegg.de/apache2/mods-available/ext_filter.load

@@ -0,0 +1 @@
+LoadModule ext_filter_module /usr/lib/apache2/modules/mod_ext_filter.so

noc/monitor.easterhegg.de/apache2/mods-available/file_cache.load

@@ -0,0 +1 @@
+LoadModule file_cache_module /usr/lib/apache2/modules/mod_file_cache.so

noc/monitor.easterhegg.de/apache2/mods-available/headers.load

@@ -0,0 +1 @@
+LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so

noc/monitor.easterhegg.de/apache2/mods-available/imap.load

@@ -0,0 +1 @@
+LoadModule imap_module /usr/lib/apache2/modules/mod_imap.so

noc/monitor.easterhegg.de/apache2/mods-available/include.load

@@ -0,0 +1 @@
+LoadModule include_module /usr/lib/apache2/modules/mod_include.so

noc/monitor.easterhegg.de/apache2/mods-available/info.load

@@ -0,0 +1 @@
+LoadModule info_module /usr/lib/apache2/modules/mod_info.so

noc/monitor.easterhegg.de/apache2/mods-available/ldap.load

@@ -0,0 +1 @@
+LoadModule ldap_module /usr/lib/apache2/modules/mod_ldap.so

noc/monitor.easterhegg.de/apache2/mods-available/mem_cache.load

@@ -0,0 +1 @@
+LoadModule mem_cache_module /usr/lib/apache2/modules/mod_mem_cache.so

noc/monitor.easterhegg.de/apache2/mods-available/mime_magic.conf

@@ -0,0 +1,3 @@
+<IfModule mod_mime_magic.c>
+    MIMEMagicFile /usr/share/misc/file/magic.mime
+</IfModule>

noc/monitor.easterhegg.de/apache2/mods-available/mime_magic.load

@@ -0,0 +1 @@
+LoadModule mime_magic_module /usr/lib/apache2/modules/mod_mime_magic.so