import from old webserver

noc/configs/dhcp3/dhcpd.conf

@@ -0,0 +1,51 @@
+#
+#
+#ddns-update-style none;
+ddns-update-style interim;
+ddns-domainname "easterhegg.de";
+authoritative;
+
+# option definitions common to all supported networks...
+option domain-name "easterhegg.de";
+option domain-name-servers 172.16.0.1;
+min-lease-time 3600;
+default-lease-time 7200;
+max-lease-time 14400;
+ping-check true;
+update-optimization false;
+
+#subnet 204.254.239.0 netmask 255.255.255.224 {
+#  range 204.254.239.10 204.254.239.20;
+#  option broadcast-address 204.254.239.31;
+#  option routers prelude.fugue.com;
+#}
+
+# Kabel
+subnet 172.16.0.0 netmask 255.255.252.0 {
+   range 172.16.2.2 172.16.2.254;
+   range 172.16.3.2 172.16.3.254;
+   option broadcast-address 172.16.3.255;
+   option routers 172.16.0.1;
+}
+
+# WLAN
+subnet 172.16.4.0 netmask 255.255.252.0 {
+   range 172.16.6.2 172.16.6.254;
+   range 172.16.7.2 172.16.7.254;
+   option broadcast-address 172.16.7.255;
+   option routers 172.16.4.1;
+}
+
+# NOC
+subnet 172.16.42.0 netmask 255.255.255.0 {
+   range 172.16.42.128 172.16.42.254;
+   option broadcast-address 172.16.42.255;
+   option routers 172.16.42.1;
+}
+
+# AFU-Druck
+subnet 172.16.25.0 netmask 255.255.255.0 {
+   range 172.16.25.2 172.16.25.199;
+   option broadcast-address 172.16.25.255;
+   option routers 172.16.25.1;
+}

noc/configs/dhcp3/dhcpd.conf.dpkg-dist

@@ -0,0 +1,108 @@
+#
+# Sample configuration file for ISC dhcpd for Debian
+#
+# $Id: dhcpd.conf,v 1.1.1.1 2002/05/21 00:07:44 peloy Exp $
+#
+
+# The ddns-updates-style parameter controls whether or not the server will
+# attempt to do a DNS update when a lease is confirmed. We default to the
+# behavior of the version 2 packages ('none', since DHCP v2 didn't
+# have support for DDNS.)
+ddns-update-style none;
+
+# option definitions common to all supported networks...
+option domain-name "example.org";
+option domain-name-servers ns1.example.org, ns2.example.org;
+
+default-lease-time 600;
+max-lease-time 7200;
+
+# If this DHCP server is the official DHCP server for the local
+# network, the authoritative directive should be uncommented.
+#authoritative;
+
+# Use this to send dhcp log messages to a different log file (you also
+# have to hack syslog.conf to complete the redirection).
+log-facility local7;
+
+# No service will be given on this subnet, but declaring it helps the 
+# DHCP server to understand the network topology.
+
+#subnet 10.152.187.0 netmask 255.255.255.0 {
+#}
+
+# This is a very basic subnet declaration.
+
+#subnet 10.254.239.0 netmask 255.255.255.224 {
+#  range 10.254.239.10 10.254.239.20;
+#  option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
+#}
+
+# This declaration allows BOOTP clients to get dynamic addresses,
+# which we don't really recommend.
+
+#subnet 10.254.239.32 netmask 255.255.255.224 {
+#  range dynamic-bootp 10.254.239.40 10.254.239.60;
+#  option broadcast-address 10.254.239.31;
+#  option routers rtr-239-32-1.example.org;
+#}
+
+# A slightly different configuration for an internal subnet.
+#subnet 10.5.5.0 netmask 255.255.255.224 {
+#  range 10.5.5.26 10.5.5.30;
+#  option domain-name-servers ns1.internal.example.org;
+#  option domain-name "internal.example.org";
+#  option routers 10.5.5.1;
+#  option broadcast-address 10.5.5.31;
+#  default-lease-time 600;
+#  max-lease-time 7200;
+#}
+
+# Hosts which require special configuration options can be listed in
+# host statements.   If no address is specified, the address will be
+# allocated dynamically (if possible), but the host-specific information
+# will still come from the host declaration.
+
+#host passacaglia {
+#  hardware ethernet 0:0:c0:5d:bd:95;
+#  filename "vmunix.passacaglia";
+#  server-name "toccata.fugue.com";
+#}
+
+# Fixed IP addresses can also be specified for hosts.   These addresses
+# should not also be listed as being available for dynamic assignment.
+# Hosts for which fixed IP addresses have been specified can boot using
+# BOOTP or DHCP.   Hosts for which no fixed address is specified can only
+# be booted with DHCP, unless there is an address range on the subnet
+# to which a BOOTP client is connected which has the dynamic-bootp flag
+# set.
+#host fantasia {
+#  hardware ethernet 08:00:07:26:c0:a5;
+#  fixed-address fantasia.fugue.com;
+#}
+
+# You can declare a class of clients and then do address allocation
+# based on that.   The example below shows a case where all clients
+# in a certain class get addresses on the 10.17.224/24 subnet, and all
+# other clients get addresses on the 10.0.29/24 subnet.
+
+#class "foo" {
+#  match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
+#}
+
+#shared-network 224-29 {
+#  subnet 10.17.224.0 netmask 255.255.255.0 {
+#    option routers rtr-224.example.org;
+#  }
+#  subnet 10.0.29.0 netmask 255.255.255.0 {
+#    option routers rtr-29.example.org;
+#  }
+#  pool {
+#    allow members of "foo";
+#    range 10.17.224.10 10.17.224.250;
+#  }
+#  pool {
+#    deny members of "foo";
+#    range 10.0.29.10 10.0.29.230;
+#  }
+#}

noc/configs/group

@@ -0,0 +1,45 @@
+root:x:0:
+daemon:x:1:
+bin:x:2:
+sys:x:3:
+adm:x:4:
+tty:x:5:
+disk:x:6:
+lp:x:7:lp
+mail:x:8:
+news:x:9:
+uucp:x:10:
+proxy:x:13:
+kmem:x:15:
+dialout:x:20:
+fax:x:21:
+voice:x:22:
+cdrom:x:24:
+floppy:x:25:
+tape:x:26:
+sudo:x:27:
+audio:x:29:
+dip:x:30:
+postgres:x:32:
+www-data:x:33:
+backup:x:34:
+operator:x:37:
+list:x:38:
+irc:x:39:
+src:x:40:
+gnats:x:41:
+shadow:x:42:
+utmp:x:43:
+video:x:44:
+staff:x:50:
+games:x:60:
+users:x:100:
+nogroup:x:65534:
+man:*:12:
+sasl:*:45:
+plugdev:*:46:
+crontab:x:101:
+ssh:x:102:
+noc:x:1000:
+bind:x:1001:
+ntp:x:103:

noc/configs/init.d/bind

@@ -0,0 +1,50 @@
+#!/bin/sh
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+
+test -x /usr/sbin/named || exit 0
+
+case "$1" in
+    start)
+	echo -n "Starting domain name service: named"
+	ulimit -n 16384
+	#/usr/sbin/named -4 -t /var/named -u bind
+	/usr/sbin/named -t /var/named -u bind -n 1 -c /etc/namedb/named.conf
+	#/usr/sbin/named -t /var/named -u bind -n 1 -c /etc/namedb/named.conf.bind9.2
+	#/usr/sbin/named -4 -t /var/named -u bind -c /etc/namedb/named.conf.1
+	#/usr/sbin/named -4 -t /var/named -u bind -c /etc/namedb/named.conf.2
+	echo "."	
+    ;;
+
+    stop)
+	echo -n "Stopping domain name service: named"
+	    /usr/bin/killall named
+	echo "."	
+    ;;
+
+    restart)
+	/usr/bin/killall named
+	sleep 2
+	ulimit -n 16384
+	#/usr/sbin/named -4 -t /var/named -u bind -c /etc/namedb/named.conf.1
+	#/usr/sbin/named -4 -t /var/named -u bind -c /etc/namedb/named.conf.2
+	#/usr/sbin/named -t /var/named -u bind -n 2 -n 2
+	/usr/sbin/named -t /var/named -u bind -n 1 -c /etc/namedb/named.conf
+	#/usr/sbin/named -t /var/named -u bind -n 1 -c /etc/namedb/named.conf.bind9.2
+    ;;
+    
+    reload)
+	/usr/bin/killall -HUP named
+    ;;
+
+    force-reload)
+        $0 restart
+    ;;
+
+    *)
+	echo "Usage: /etc/init.d/bind {start|stop|reload|restart|force-reload}" >&2
+	exit 1
+    ;;
+esac
+
+exit 0

noc/configs/init.d/inetd

@@ -0,0 +1,67 @@
+#!/bin/sh
+exit 0
+
+#
+# start/stop inetd super server.
+
+if ! [ -x /usr/sbin/inetd ]; then
+	exit 0
+fi
+
+checkportmap () {
+    if grep -v "^ *#" /etc/inetd.conf | grep 'rpc/' >/dev/null; then
+        if ! [ -x /usr/bin/rpcinfo ]
+        then
+            echo
+            echo "WARNING: rpcinfo not available - RPC services may be unavailable!"
+            echo "         (Commenting out the rpc services in inetd.conf will"
+	    echo "         disable this message)"
+            echo
+        elif ! /usr/bin/rpcinfo -u localhost portmapper >/dev/null 2>/dev/null
+        then
+            echo
+            echo "WARNING: portmapper inactive - RPC services unavailable!"
+            echo "         (Commenting out the rpc services in inetd.conf will"
+	    echo "         disable this message)"
+            echo
+        fi
+    fi
+} 
+
+case "$1" in
+    start)
+        checkportmap
+	echo -n "Starting internet superserver:"
+	echo -n " inetd" ; start-stop-daemon --start --quiet --pidfile /var/run/inetd.pid --exec /usr/sbin/inetd
+	echo "."
+	;;
+    stop)
+	echo -n "Stopping internet superserver:"
+	echo -n " inetd" ; start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/inetd.pid --exec /usr/sbin/inetd
+	echo "."
+	;;
+    reload)
+	echo -n "Reloading internet superserver:"
+	echo -n " inetd"
+	start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/inetd.pid --signal 1
+	echo "."
+	;;
+    force-reload)
+	$0 reload
+	;;
+    restart)
+	echo -n "Restarting internet superserver:"
+	echo -n " inetd"
+	start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/inetd.pid
+	checkportmap
+	start-stop-daemon --start --quiet --pidfile /var/run/inetd.pid --exec /usr/sbin/inetd
+	echo "."
+	;;
+    *)
+	echo "Usage: /etc/init.d/inetd {start|stop|reload|restart}"
+	exit 1
+	;;
+esac
+
+exit 0
+

noc/configs/init.d/olsr

@@ -0,0 +1,92 @@
+#! /bin/sh
+#
+# skeleton	Example initscript
+#		This file should be used to construct scripts to be
+#		placed in /etc/init.d.
+#
+# Author:	Miquel van Smoorenburg <miquels@cistron.nl>.
+#		Ian Murdock <imurdock@gnu.ai.mit.edu>.
+#
+#		Please remove the "Author" lines above and replace them
+#		with your own name if you copy and modify this script.
+#
+# Version:	@(#)skeleton  2.85-23  28-Jul-2004  miquels@cistron.nl
+#
+
+set -e
+
+PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
+DESC="freifunk olsr"
+NAME=""
+
+# Read config file if it is present.
+#if [ -r /etc/default/$NAME ]
+#then
+#	. /etc/default/$NAME
+#fi
+
+#
+#	Function that starts the daemon/service.
+#
+d_start() {
+	screen -d -m -S olsr /usr/sbin/olsrd
+}
+
+#
+#	Function that stops the daemon/service.
+#
+d_stop() {
+	killall olsrd
+}
+
+#
+#	Function that sends a SIGHUP to the daemon/service.
+#
+d_reload() {
+	echo "no reload"
+}
+
+case "$1" in
+  start)
+	echo -n "Starting $DESC: $NAME"
+	d_start
+	echo "."
+	;;
+  stop)
+	echo -n "Stopping $DESC: $NAME"
+	d_stop
+	echo "."
+	;;
+  #reload)
+	#
+	#	If the daemon can reload its configuration without
+	#	restarting (for example, when it is sent a SIGHUP),
+	#	then implement that here.
+	#
+	#	If the daemon responds to changes in its config file
+	#	directly anyway, make this an "exit 0".
+	#
+	# echo -n "Reloading $DESC configuration..."
+	# d_reload
+	# echo "done."
+  #;;
+  restart|force-reload)
+	#
+	#	If the "reload" option is implemented, move the "force-reload"
+	#	option to the "reload" entry above. If not, "force-reload" is
+	#	just the same as "restart".
+	#
+	echo -n "Restarting $DESC: $NAME"
+	d_stop
+	sleep 1
+	d_start
+	echo "."
+	;;
+  *)
+	# echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
+	echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
+	exit 1
+	;;
+esac
+
+exit 0

noc/configs/init.d/pppd-dns

@@ -0,0 +1,10 @@
+#!/bin/sh -e
+exit 0
+
+#
+# Restore /etc/resolv.conf if the system crashed before the ppp link
+# was shut down.
+
+[ -x /etc/ppp/ip-down.d/0000usepeerdns ] \
+	&& exec /etc/ppp/ip-down.d/0000usepeerdns
+

noc/configs/init.d/wshaper

@@ -0,0 +1,159 @@
+#!/bin/bash
+# Wonderous Shaper
+# please read the README before filling out these values 
+#
+# Set the following values to somewhat less than your actual download
+# and uplink speed. In kilobits. Also set the device that is to be shaped.
+
+DOWNLINK=5000
+UPLINK=490
+DEV=ppp0
+
+# low priority OUTGOING traffic - you can leave this blank if you want
+# low priority source netmasks
+NOPRIOHOSTSRC=
+
+# low priority destination netmasks
+NOPRIOHOSTDST=
+
+# low priority source ports
+NOPRIOPORTSRC="80 20 21 4662 4666 4772 4776 2142 4005 6881 6882 6883 6884 6885 6886 6887 6888 6889"
+
+# low priority destination ports
+NOPRIOPORTDST="4662 4666 4772 4776 2142 6881 6882 6883 6884 6885 6886 6887 6888 6889"
+
+
+my_tc() {
+        /sbin/tc "$@" || echo "failed: tc $@"
+}
+        
+# Now remove the following two lines :-)
+
+#echo Please read the documentation in 'README' first
+#exit
+
+if [ "$1" = "status" ]
+then
+	my_tc -s qdisc ls dev $DEV
+	my_tc -s class ls dev $DEV
+	exit
+fi
+
+
+# clean existing down- and uplink qdiscs, hide errors
+my_tc qdisc del dev $DEV root    2> /dev/null > /dev/null
+my_tc qdisc del dev $DEV ingress 2> /dev/null > /dev/null
+
+if [ "$1" = "stop" ] 
+then 
+	exit
+fi
+
+
+###### uplink
+
+# install root HTB, point default traffic to 1:20:
+
+my_tc qdisc add dev $DEV root handle 1: htb default 20 r2q 1
+
+# shape everything at $UPLINK speed - this prevents huge queues in your
+# DSL modem which destroy latency:
+
+my_tc class add dev $DEV parent 1: classid 1:1 htb rate ${UPLINK}kbit burst 2k
+
+# high prio class 1:10:
+
+my_tc class add dev $DEV parent 1:1 classid 1:10 htb rate ${UPLINK}kbit \
+   burst 2k prio 1
+
+# bulk & default class 1:20 - gets slightly less traffic, 
+# and a lower priority:
+
+my_tc class add dev $DEV parent 1:1 classid 1:20 htb rate $[5*$UPLINK/10]kbit \
+   ceil $[9*$UPLINK/10]kbit \
+   burst 2k prio 2
+
+my_tc class add dev $DEV parent 1:1 classid 1:30 htb rate $[1*$UPLINK/10]kbit \
+   ceil $[7*$UPLINK/10]kbit \
+   burst 2k prio 5
+
+# all get Stochastic Fairness:
+my_tc qdisc add dev $DEV parent 1:10 handle 10: sfq perturb 10
+my_tc qdisc add dev $DEV parent 1:20 handle 20: sfq perturb 10
+my_tc qdisc add dev $DEV parent 1:30 handle 30: sfq perturb 10
+
+# TOS Minimum Delay (ssh, NOT scp) in 1:10:
+
+my_tc filter add dev $DEV parent 1:0 protocol ip prio 10 u32 \
+      match ip tos 0x10 0xff  flowid 1:10
+
+# ICMP (ip protocol 1) in the interactive class 1:10 so we 
+# can do measurements & impress our friends:
+my_tc filter add dev $DEV parent 1:0 protocol ip prio 10 u32 \
+        match ip protocol 1 0xff flowid 1:10
+
+# To speed up downloads while an upload is going on, put ACK packets in
+# the interactive class:
+
+my_tc filter add dev $DEV parent 1: protocol ip prio 10 u32 \
+   match ip protocol 6 0xff \
+   match u8 0x05 0x0f at 0 \
+   match u16 0x0000 0xffc0 at 2 \
+   match u8 0x10 0xff at 33 \
+   flowid 1:10
+
+# our tunnel to mms is "interactive"
+my_tc filter add dev $DEV parent 1: protocol ip prio 10 u32 \
+	match ip dst 193.103.161.61/32 flowid 1:10
+my_tc filter add dev $DEV parent 1: protocol ip prio 10 u32 \
+	match ip dst 194.97.108.53/32 flowid 1:10
+
+# rest is 'non-interactive' ie 'bulk' and ends up in 1:20
+
+# some traffic however suffers a worse fate
+for a in $NOPRIOPORTDST
+do
+	my_tc filter add dev $DEV parent 1: protocol ip prio 14 u32 \
+	   match ip dport $a 0xffff flowid 1:30
+done
+
+for a in $NOPRIOPORTSRC
+do
+ 	my_tc filter add dev $DEV parent 1: protocol ip prio 15 u32 \
+	   match ip sport $a 0xffff flowid 1:30
+done
+
+for a in $NOPRIOHOSTSRC
+do
+ 	my_tc filter add dev $DEV parent 1: protocol ip prio 16 u32 \
+	   match ip src $a flowid 1:30
+done
+
+for a in $NOPRIOHOSTDST
+do
+ 	my_tc filter add dev $DEV parent 1: protocol ip prio 17 u32 \
+	   match ip dst $a flowid 1:30
+done
+
+# rest is 'non-interactive' ie 'bulk' and ends up in 1:20
+
+my_tc filter add dev $DEV parent 1: protocol ip prio 18 u32 \
+   match ip dst 0.0.0.0/0 flowid 1:20
+
+
+########## downlink #############
+# slow downloads down to somewhat less than the real speed  to prevent 
+# queuing at our ISP. Tune to see how high you can set it.
+# ISPs tend to have *huge* queues to make sure big downloads are fast
+#
+# attach ingress policer:
+
+my_tc qdisc add dev $DEV handle ffff: ingress
+
+# filter *everything* to it (0.0.0.0/0), drop everything that's
+# coming in too fast:
+
+my_tc filter add dev $DEV parent ffff: protocol ip prio 50 u32 match ip src \
+   0.0.0.0/0 police rate ${DOWNLINK}kbit burst 10k drop flowid :1
+
+

noc/configs/inittab

@@ -0,0 +1,70 @@
+# /etc/inittab: init(8) configuration.
+# $Id: inittab,v 1.91 2002/01/25 13:35:21 miquels Exp $
+
+# The default runlevel.
+id:2:initdefault:
+
+# Boot-time system configuration/initialization script.
+# This is run first except when booting in emergency (-b) mode.
+si::sysinit:/etc/init.d/rcS
+
+# What to do in single-user mode.
+~~:S:wait:/sbin/sulogin
+
+# /etc/init.d executes the S and K scripts upon change
+# of runlevel.
+#
+# Runlevel 0 is halt.
+# Runlevel 1 is single-user.
+# Runlevels 2-5 are multi-user.
+# Runlevel 6 is reboot.
+
+l0:0:wait:/etc/init.d/rc 0
+l1:1:wait:/etc/init.d/rc 1
+l2:2:wait:/etc/init.d/rc 2
+l3:3:wait:/etc/init.d/rc 3
+l4:4:wait:/etc/init.d/rc 4
+l5:5:wait:/etc/init.d/rc 5
+l6:6:wait:/etc/init.d/rc 6
+# Normally not reached, but fallthrough in case of emergency.
+z6:6:respawn:/sbin/sulogin
+
+# What to do when CTRL-ALT-DEL is pressed.
+ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
+
+# Action on special keypress (ALT-UpArrow).
+#kb::kbrequest:/bin/echo "Keyboard Request--edit /etc/inittab to let this work."
+
+# What to do when the power fails/returns.
+pf::powerwait:/etc/init.d/powerfail start
+pn::powerfailnow:/etc/init.d/powerfail now
+po::powerokwait:/etc/init.d/powerfail stop
+
+# /sbin/getty invocations for the runlevels.
+#
+# The "id" field MUST be the same as the last
+# characters of the device (after "tty").
+#
+# Format:
+#  <id>:<runlevels>:<action>:<process>
+#
+# Note that on most Debian systems tty7 is used by the X Window System,
+# so if you want to add more getty's go ahead but skip tty7 if you run X.
+#
+1:2345:respawn:/sbin/getty 38400 tty1
+2:23:respawn:/sbin/getty 38400 tty2
+3:23:respawn:/sbin/getty 38400 tty3
+4:23:respawn:/sbin/getty 38400 tty4
+5:23:respawn:/sbin/getty 38400 tty5
+6:23:respawn:/sbin/getty 38400 tty6
+
+# Example how to put a getty on a serial line (for a terminal)
+#
+T0:23:respawn:/sbin/getty -L ttyS0 9600 vt100
+#T1:23:respawn:/sbin/getty -L ttyS1 9600 vt100
+
+# Example how to put a getty on a modem line.
+#
+#T3:23:respawn:/sbin/mgetty -x0 -s 57600 ttyS3
+
+s:23:respawn:/usr/bin/tail -F /var/log/squid/access.log /var/log/syslog >/dev/tty1 2>&1

noc/configs/modules

@@ -0,0 +1,9 @@
+# /etc/modules: kernel modules to load at boot time.
+#
+# This file should contain the names of kernel modules that are
+# to be loaded at boot time, one per line.  Comments begin with
+# a "#", and everything on the line after them are ignored.
+ipv6
+capability
+e100
+e1000

noc/configs/network/if-down.d/openvpn

@@ -0,0 +1,11 @@
+#!/bin/sh
+
+OPENVPN=/etc/init.d/openvpn
+
+if [ ! -x $OPENVPN ]; then
+  exit 0
+fi
+
+if [ -n "$IF_OPENVPN" ]; then
+  $OPENVPN stop $IF_OPENVPN
+fi

noc/configs/network/if-post-down.d/vlan

@@ -0,0 +1,27 @@
+#!/bin/sh
+
+# If IFACE is an automagic vlan interface (without the vlan-raw-device
+# parameter) then let's try to discover the magic here..  Another way would be
+# to just probe for the right device name in /proc/net/vlan
+
+case "$IFACE" in
+	eth*.0*)
+		IF_VLAN_RAW_DEVICE=`echo $IFACE|sed "s/\(eth[0-9][0-9]*\)\..*/\1/"`
+		;;
+	eth*.*)
+		IF_VLAN_RAW_DEVICE=`echo $IFACE|sed "s/\(eth[0-9][0-9]*\)\..*/\1/"`
+		;;
+	*)	exit 0
+		;;
+esac
+
+if [ -z "$IF_VLAN_RAW_DEVICE" ]
+then
+	exit 0
+fi
+if [ ! -x /sbin/vconfig ]
+then
+  exit 0
+fi
+
+vconfig rem $IFACE

noc/configs/network/if-pre-up.d/vlan

@@ -0,0 +1,47 @@
+#!/bin/sh
+
+# Most of this stuff is to enable vlans
+
+case "$IFACE" in
+	vlan0*)
+		vconfig set_name_type VLAN_PLUS_VID
+		VLANID=`echo $IFACE|sed "s/vlan0*//"`
+		;;
+	vlan*)
+		vconfig set_name_type VLAN_PLUS_VID_NO_PAD
+		VLANID=`echo $IFACE|sed "s/vlan0*//"`
+		;;
+	eth*.0*)
+		vconfig set_name_type DEV_PLUS_VID
+		VLANID=`echo $IFACE|sed "s/eth[0-9][0-9]*\.0*//g"`
+		IF_VLAN_RAW_DEVICE=`echo $IFACE|sed "s/\(eth[0-9][0-9]*\)\..*/\1/"`
+		;;
+	eth*.*)
+		vconfig set_name_type DEV_PLUS_VID_NO_PAD
+		VLANID=`echo $IFACE|sed "s/eth[0-9][0-9]*\.0*//g"`
+		IF_VLAN_RAW_DEVICE=`echo $IFACE|sed "s/\(eth[0-9][0-9]*\)\..*/\1/"`
+		;;
+	*)	exit 0
+		;;
+esac
+
+if [ -n "$IF_VLAN_RAW_DEVICE" ]
+then
+	if [ ! -x /sbin/vconfig ]
+	then
+	  exit 0
+	fi
+	if ! ip link show dev "$IF_VLAN_RAW_DEVICE" > /dev/null
+	then
+		echo "$IF_VLAN_RAW_DEVICE does not exist, unable to create $IFACE"
+		exit 1
+	fi
+	ip link set up dev $IF_VLAN_RAW_DEVICE
+	vconfig add $IF_VLAN_RAW_DEVICE $VLANID
+fi
+
+# This is not vlan specific, and should actually go somewhere else.
+if [ -n "$IF_HW_MAC_ADDRESS" ]
+then
+	ip link set $IFACE address $IF_HW_MAC_ADDRESS
+fi

noc/configs/network/if-up.d/ip

@@ -0,0 +1,18 @@
+#!/bin/sh
+# This should probably go into ifupdown
+# But usually only those with lots of interfaces (vlans) need these
+if [ -d /proc/sys/net/ipv4/conf/$IFACE ]
+then
+	if [ -n "$IF_IP_PROXY_ARP" ] && [ "$IF_IP_PROXY_ARP" -eq "1" ]
+	then
+		echo 1 > /proc/sys/net/ipv4/conf/$IFACE/proxy_arp
+	else
+		echo 0 > /proc/sys/net/ipv4/conf/$IFACE/proxy_arp
+	fi
+	if [ -n "$IF_IP_RP_FILTER" ] && [ "$IF_IP_RP_FILTER" -eq "0" ]
+	then
+		echo 0 > /proc/sys/net/ipv4/conf/$IFACE/rp_filter
+	else
+		echo 1 > /proc/sys/net/ipv4/conf/$IFACE/rp_filter
+	fi
+fi

noc/configs/network/if-up.d/ntp-server

@@ -0,0 +1,10 @@
+#!/bin/sh
+
+# remove (or comment out) the next line if your network addresses change
+exit 0
+
+case $IFACE in
+	eth*)
+		/etc/init.d/ntp-server restart
+		;;
+esac

noc/configs/network/if-up.d/openvpn

@@ -0,0 +1,11 @@
+#!/bin/sh
+
+OPENVPN=/etc/init.d/openvpn
+
+if [ ! -x $OPENVPN ]; then
+  exit 0
+fi
+
+if [ -n "$IF_OPENVPN" ]; then
+  $OPENVPN start $IF_OPENVPN
+fi

noc/configs/network/ifstate

@@ -0,0 +1,7 @@
+lo=lo
+bond0=bond0
+vlan24=vlan24
+vlan22=vlan22
+vlan25=vlan25
+vlan42=vlan42
+vlan23=vlan23

noc/configs/network/interfaces

@@ -0,0 +1,88 @@
+#/etc/network/interfaces -- configuration file for ifup(8), ifdown(8)
+
+# The loopback interface
+auto lo
+iface lo inet loopback
+
+# The first network card - this entry was created during the Debian installation
+# (network, broadcast and gateway are optional)
+#auto eth1
+#iface eth1 inet static
+#	address 192.168.178.2
+#	netmask 255.255.255.0
+#	network 192.168.178.0
+#	broadcast 192.168.178.255
+#	gateway 192.168.178.1
+
+
+auto bond0
+iface bond0 inet static
+	pre-up /sbin/modprobe bonding mode=802.3ad
+	up /sbin/ifenslave bond0 eth0
+	up /sbin/ifenslave bond0 eth1
+	address 172.16.0.1
+	broadcast 172.16.3.255
+	netmask 255.255.252.0
+
+iface bond0 inet6 static
+	address 2001:748:306::1
+	netmask 64
+
+# WLAN
+auto vlan24
+iface vlan24 inet static
+	vlan_raw_device bond0
+	address 172.16.4.1
+	broadcast 172.16.8.255
+	netmask 255.255.252.0
+
+iface vlan24 inet6 static
+	address 2001:748:306:24::1
+	netmask 64
+
+# pptp
+auto vlan22
+iface vlan22 inet static
+	vlan_raw_device bond0
+	address 192.168.178.2
+	netmask 255.255.255.0
+
+iface vlan22 inet6 static
+	address 2001:748:306:22::1
+	netmask 64
+
+# freifunk
+auto vlan23
+iface vlan23 inet static
+	vlan_raw_device bond0
+	address 10.112.23.1
+	netmask 255.255.255.255
+
+iface vlan23 inet6 static
+	address 2001:748:306:23::1
+	netmask 64
+
+# NOC
+auto vlan42
+iface vlan42 inet static
+	vlan_raw_device bond0
+	address 172.16.42.1
+	broadcast 172.16.42.255
+	netmask 255.255.255.0
+	up /usr/local/bin/network-foo
+
+iface vlan42 inet6 static
+	address 2001:748:306:42::1
+	netmask 64
+
+# AFU Druck
+auto vlan25
+iface vlan25 inet static
+	vlan_raw_device bond0
+	address 172.16.25.1
+	broadcast 172.16.25.255
+	netmask 255.255.255.0
+
+iface vlan25 inet6 static
+	address 2001:748:306:25::1
+	netmask 64

noc/configs/network/options

@@ -0,0 +1,3 @@
+ip_forward=yes
+spoofprotect=yes
+syncookies=no

noc/configs/olsrd.conf

@@ -0,0 +1,272 @@
+#
+# olsr.org OLSR daemon config file
+#
+# Lines starting with a # are discarded
+#
+# This file was shipped with olsrd 0.X.X
+#
+
+# Debug level(0-9)
+# If set to 0 the daemon runs in the background
+
+DebugLevel	2
+
+# IP version to use (4 or 6)
+
+IpVersion	4
+
+# HNA IPv4 routes
+# syntax: netaddr netmask
+# Example Internet gateway:
+# 0.0.0.0 0.0.0.0
+
+Hna4
+{
+#   Internet gateway:
+   0.0.0.0      0.0.0.0
+   172.16.0.0	255.255.252.0
+   172.16.4.0	255.255.252.0
+   172.16.25.0	255.255.255.0
+   172.16.42.0	255.255.255.0
+#   more entries can be added:
+#   192.168.1.0  255.255.255.0
+}
+
+# HNA IPv6 routes
+# syntax: netaddr prefix
+# Example Internet gateway:
+Hna6
+{
+#   Internet gateway:
+#   ::              0
+#   more entries can be added:
+#   fec0:2200:106:: 48
+}
+
+
+# Should olsrd keep on running even if there are
+# no interfaces available? This is a good idea
+# for a PCMCIA/USB hotswap environment.
+# "yes" OR "no"
+
+AllowNoInt	yes
+
+# TOS(type of service) value for
+# the IP header of control traffic.
+# If not set it will default to 16
+
+#TosValue	16
+
+# The fixed willingness to use(0-7)
+# If not set willingness will be calculated
+# dynamically based on battery/power status
+# if such information is available
+
+#Willingness    	4
+
+# Allow processes like the GUI front-end
+# to connect to the daemon.
+
+IpcConnect
+{
+     # Determines how many simultaneously
+     # IPC connections that will be allowed
+     # Setting this to 0 disables IPC
+
+     MaxConnections  8
+
+     # By default only 127.0.0.1 is allowed
+     # to connect. Here allowed hosts can
+     # be added
+
+     #Host            127.0.0.1
+     #Host            10.0.0.5
+
+     # You can also specify entire net-ranges 
+     # that are allowed to connect. Multiple
+     # entries are allowed
+
+     #Net             192.168.1.0 255.255.255.0     
+     Net 172.16.42.0 255.255.255.0
+}
+
+# Wether to use hysteresis or not
+# Hysteresis adds more robustness to the
+# link sensing but delays neighbor registration.
+# Used by default. 'yes' or 'no'
+
+UseHysteresis	no
+
+# Hysteresis parameters
+# Do not alter these unless you know 
+# what you are doing!
+# Set to auto by default. Allowed
+# values are floating point values
+# in the interval 0,1
+# THR_LOW must always be lower than
+# THR_HIGH.
+
+#HystScaling	0.50
+#HystThrHigh	0.80
+#HystThrLow	0.30
+
+
+# Link quality level
+# 0 = do not use link quality
+# 1 = use link quality for MPR selection
+# 2 = use link quality for MPR selection and routing
+# Defaults to 0
+
+LinkQualityLevel	2
+
+# Link quality window size
+# Defaults to 10
+
+#LinkQualityWinSize	10
+
+# Polling rate in seconds(float). 
+# Default value 0.05 sec
+
+Pollrate	0.05
+
+
+# TC redundancy
+# Specifies how much neighbor info should
+# be sent in TC messages
+# Possible values are:
+# 0 - only send MPR selectors
+# 1 - send MPR selectors and MPRs
+# 2 - send all neighbors
+#
+# defaults to 0
+
+TcRedundancy	2
+
+
+#
+# MPR coverage
+# Specifies how many MPRs a node should
+# try select to reach every 2 hop neighbor
+#
+# Can be set to any integer >0
+#
+# defaults to 1
+
+#MprCoverage	1
+
+
+# Olsrd plugins to load
+# This must be the absolute path to the file
+# or the loader will use the following scheme:
+# - Try the paths in the LD_LIBRARY_PATH 
+#   environment variable.
+# - The list of libraries cached in /etc/ld.so.cache
+# - /lib, followed by /usr/lib
+
+# Example plugin entry with parameters:
+
+LoadPlugin "olsrd_dyn_gw.so.0.3"
+{
+    # Here parameters are set to be sent to the
+    # plugin. Theese are on the form "key" "value".
+    # Parameters ofcause, differs from plugin to plugin.
+    # Consult the documentation of your plugin for details.
+
+    # Example: dyn_gw params
+
+    # how often to check for Internet connectivity
+    # defaults to 5 secs
+    PlParam     "Interval"   "5"
+    
+    # if one or more IPv4 addresses are given, do a ping on these in
+    # descending order to validate that there is not only an entry in
+    # routing table, but also a real internet connection. If any of
+    # these addresses could be pinged successfully, the test was
+    # succesful, i.e. if the ping on the 1st address was successful,the
+    # 2nd won't be pinged
+    PlParam	"Ping"       "212.12.48.122"
+    PlParam     "Ping"       "141.1.1.1"
+    PlParam     "Ping"       "194.25.2.129"
+}
+
+LoadPlugin "olsrd_dot_draw.so.0.3"
+{
+}
+
+
+# Interfaces and their rules
+# Omitted options will be set to the
+# default values. Multiple interfaces
+# can be specified in the same block
+# and multiple blocks can be set.
+
+# !!CHANGE THE INTERFACE LABEL(s) TO MATCH YOUR INTERFACE(s)!!
+# (eg. wlan0 or eth1):
+
+Interface "vlan23"
+{
+
+    # IPv4 broadcast address to use. The
+    # one usefull example would be 255.255.255.255
+    # If not defined the broadcastaddress
+    # every card is configured with is used
+
+    Ip4Broadcast		255.255.255.255
+
+    # IPv6 address scope to use.
+    # Must be 'site-local' or 'global'
+
+    # Ip6AddrType		site-local
+
+    # IPv6 multicast address to use when
+    # using site-local addresses.
+    # If not defined, ff05::15 is used
+
+    # Ip6MulticastSite		ff05::11
+
+    # IPv6 multicast address to use when
+    # using global addresses
+    # If not defined, ff0e::1 is used
+
+    # Ip6MulticastGlobal	ff0e::1
+
+
+    # Emission intervals.
+    # If not defined, RFC proposed values will
+    # be used in most cases.
+
+    # Hello interval in seconds(float)
+    # HelloInterval    2.0
+
+    # HELLO validity time
+    # HelloValidityTime	6.0
+
+    # TC interval in seconds(float)
+    # TcInterval        5.0
+
+    # TC validity time
+    # TcValidityTime	15.0
+
+    # MID interval in seconds(float)
+    # MidInterval	5.0
+
+    # MID validity time
+    # MidValidityTime	15.0
+
+    # HNA interval in seconds(float)
+    # HnaInterval	5.0
+
+    # HNA validity time
+    # HnaValidityTime 	15.0
+
+    # When multiple links exist between hosts
+    # the weight of interface is used to determine
+    # the link to use. Normally the weight is
+    # automatically calculated by olsrd based
+    # on the characteristics of the interface,
+    # but here you can specify a fixed value.
+    # Olsrd will choose links with the lowest value.
+
+    # Weight 0
+}
+

noc/configs/passwd

@@ -0,0 +1,25 @@
+root:x:0:0:root:/root:/bin/bash
+daemon:x:1:1:daemon:/usr/sbin:/bin/sh
+bin:x:2:2:bin:/bin:/bin/sh
+sys:x:3:3:sys:/dev:/bin/sh
+sync:x:4:65534:sync:/bin:/bin/sync
+games:x:5:60:games:/usr/games:/bin/sh
+man:x:6:12:man:/var/cache/man:/bin/sh
+lp:x:7:7:lp:/var/spool/lpd:/bin/sh
+mail:x:8:8:mail:/var/mail:/bin/sh
+news:x:9:9:news:/var/spool/news:/bin/sh
+uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
+proxy:x:13:13:proxy:/bin:/bin/sh
+postgres:x:31:32:postgres:/var/lib/postgres:/bin/sh
+www-data:x:33:33:www-data:/var/www:/bin/sh
+backup:x:34:34:backup:/var/backups:/bin/sh
+operator:x:37:37:Operator:/var:/bin/sh
+list:x:38:38:Mailing List Manager:/var/list:/bin/sh
+irc:x:39:39:ircd:/var/run/ircd:/bin/sh
+gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
+sshd:x:100:65534::/var/run/sshd:/bin/false
+noc:x:1000:1000:,,,:/home/noc:/bin/bash
+bind:x:1001:1001:bind user:/var/named:/bin/bash
+ntp:x:103:103::/home/ntp:/bin/false
+radvd:x:101:65534::/var/run/radvd:/bin/false

noc/configs/radvd.conf

@@ -0,0 +1,51 @@
+interface bond0
+{
+   AdvSendAdvert on;
+   prefix 2001:748:306::1/64
+   {
+   };
+};   
+
+interface vlan22
+{
+   AdvSendAdvert on;
+   prefix 2001:748:306:22::1/64
+   {
+   };
+};   
+
+
+interface vlan23
+{
+   AdvSendAdvert on;
+   prefix 2001:748:306:23::1/64
+   {
+   };
+};   
+
+
+interface vlan24
+{
+   AdvSendAdvert on;
+   prefix 2001:748:306:24::1/64
+   {
+   };
+};
+
+
+interface vlan42
+{
+   AdvSendAdvert on;
+   prefix 2001:748:306:42::1/64
+   {
+   };
+};   
+
+
+interface vlan25
+{
+   AdvSendAdvert on;
+   prefix 2001:748:306:25::1/64
+   {
+   };
+};   

noc/configs/resolv.conf

@@ -0,0 +1,4 @@
+search easterhegg.de
+nameserver 127.0.0.1
+nameserver 172.16.0.1
+

noc/configs/shadow

@@ -0,0 +1,24 @@
+root:sxYXG0nuLEgFg:12862:0:99999:7:::
+daemon:*:12862:0:99999:7:::
+bin:*:12862:0:99999:7:::
+sys:*:12862:0:99999:7:::
+sync:*:12862:0:99999:7:::
+games:*:12862:0:99999:7:::
+man:*:12862:0:99999:7:::
+lp:*:12862:0:99999:7:::
+mail:*:12862:0:99999:7:::
+news:*:12862:0:99999:7:::
+uucp:*:12862:0:99999:7:::
+proxy:*:12862:0:99999:7:::
+postgres:*:12862:0:99999:7:::
+www-data:*:12862:0:99999:7:::
+backup:*:12862:0:99999:7:::
+operator:*:12862:0:99999:7:::
+list:*:12862:0:99999:7:::
+irc:*:12862:0:99999:7:::
+gnats:*:12862:0:99999:7:::
+nobody:*:12862:0:99999:7:::
+sshd:!:12862:0:99999:7:::
+noc:$1$zxg9hnVF$t.6zKVVLji4/u/JoKm6dW1:12865:0:99999:7:::
+ntp:!:12868:0:99999:7:::
+radvd:!:12868:0:99999:7:::

noc/configs/sudoers

@@ -0,0 +1,16 @@
+# /etc/sudoers
+#
+# This file MUST be edited with the 'visudo' command as root.
+#
+# See the man page for details on how to write a sudoers file.
+#
+
+# Host alias specification
+
+# User alias specification
+
+# Cmnd alias specification
+
+# User privilege specification
+root	ALL=(ALL) ALL
+noc	ALL=(ALL) ALL

noc/configs/sysctl.conf

@@ -0,0 +1,26 @@
+#
+# /etc/sysctl.conf - Configuration file for setting system variables
+# See sysctl.conf (5) for information.
+#
+# Be warned that /etc/init.d/procps is executed to set the following
+# variables.  However, after that, /etc/init.d/networking sets some
+# network options with builtin values.  These values may be overridden
+# using /etc/network/options.
+
+#kernel.domainname = example.com
+#net/ipv4/icmp_echo_ignore_broadcasts=1
+/proc/sys/net/ipv6/conf/all/forwarding=1
+/proc/sys/net/ipv6/conf/default/forwarding=1
+vm.swappiness = 0
+net.ipv4.tcp_rmem=4096 87380 174760
+net.ipv4.tcp_wmem=4096 16384 131072
+net.core.somaxconn=1024
+net.ipv4.tcp_max_syn_backlog=1024
+net.ipv4.tcp_moderate_rcvbuf=1
+vm.vfs_cache_pressure=100
+vm.overcommit_ratio=0
+vm.dirty_background_ratio=2
+vm.dirty_ratio=6
+vm.dirty_writeback_centisecs=250
+vm.dirty_expire_centisecs=1000
+vm.min_free_kbytes=16384

noc/configs/syslog.conf

@@ -0,0 +1,73 @@
+#  /etc/syslog.conf	Configuration file for syslogd.
+#
+#			For more information see syslog.conf(5)
+#			manpage.
+
+#
+# First some standard logfiles.  Log by facility.
+#
+
+auth,authpriv.*			/var/log/auth.log
+#*.*;auth,authpriv.none		-/var/log/syslog
+*.*				-/var/log/syslog
+#cron.*				/var/log/cron.log
+daemon.*			-/var/log/daemon.log
+kern.*				-/var/log/kern.log
+lpr.*				-/var/log/lpr.log
+mail.*				-/var/log/mail.log
+user.*				-/var/log/user.log
+uucp.*				/var/log/uucp.log
+
+#
+# Logging for the mail system.  Split it up so that
+# it is easy to write scripts to parse these files.
+#
+mail.info			-/var/log/mail.info
+mail.warn			-/var/log/mail.warn
+mail.err			/var/log/mail.err
+
+# Logging for INN news system
+#
+news.crit			/var/log/news/news.crit
+news.err			/var/log/news/news.err
+news.notice			-/var/log/news/news.notice
+
+#
+# Some `catch-all' logfiles.
+#
+*.=debug;\
+	auth,authpriv.none;\
+	news.none;mail.none	-/var/log/debug
+*.=info;*.=notice;*.=warn;\
+	auth,authpriv.none;\
+	cron,daemon.none;\
+	mail,news.none		-/var/log/messages
+
+#
+# Emergencies are sent to everybody logged in.
+#
+*.emerg				*
+
+#
+# I like to have messages displayed on the console, but only on a virtual
+# console I usually leave idle.
+#
+#daemon,mail.*;\
+#	news.=crit;news.=err;news.=notice;\
+#	*.=debug;*.=info;\
+#	*.=notice;*.=warn	/dev/tty8
+
+# The named pipe /dev/xconsole is for the `xconsole' utility.  To use it,
+# you must invoke `xconsole' with the `-file' option:
+# 
+#    $ xconsole -file /dev/xconsole [...]
+#
+# NOTE: adjust the list below, or you'll go crazy if you have a reasonably
+#      busy site..
+#
+daemon.*;mail.*;\
+	news.crit;news.err;news.notice;\
+	*.=debug;*.=info;\
+	*.=notice;*.=warn	|/dev/xconsole
+
+#*.*		/dev/tty1

noc/configs/tinc/chaos.first/rsa_key.priv

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCfFAeEtiohbBCOuH3yuJHBtPN2OHM+uJZJSqAdYAO9tFSPsJ7I
+lCQFxRIL673GbhqkkzzOWiljDEZZay4wX9GzTaTuuvxrjfhdDvabfEOPTRfOu7jV
+/ihzbhZtXaY7oH9wyKb825lhN4t1gGFN8nfc9ywQNSLmdtat9VmrqfjDzQIDAQAB
+AoGAJ2KsId2APNoml09yT4AHBnCovqJnViYZf3fsgJlfE77sGM9f4MVczdjnCPCL
+AfAMxKZ3rZeBG7bUTBtPSkbPAjPJ//zT4kNWFLZC93HdzSeeEmSCF+vE7L6xjzku
+fwpx/8J9LMLlp96BLtlfPXk4gDA+q858EW0Q1prQBQV7GEECQQDODY9qaVcU3cv2
+/wNeTuWve8wARDKiC2ucFE2RzvDnpcuR+Am5dkfUTTlJTf/Ffdc2M4E7YfwAa1J9
+IAcilM3lAkEAxaN+IVb7vy4xWjx7W5/sVKLz1FgjSHkpNfeuWMxm8sR4HWTHBPFb
+hd+E+HhkWeD6Sa6gP8ZIEPfXnBexYRz/yQJBAKU7xofklUpMWiVldgQIbLN+KKcG
+CTxcwBxXQ6TrN8/q6gXRy6qHqS4cBxY7kCGEujHit30xI+4KIgnoxw/6F+kCQGh2
+kiRtJYNXlx5q+YjkbrYNq3OBYqTb5bxwveaRo5iN4C8pJUinigiorE/o0qHvGFv5
+wRn0ZAMT/RK0Mz1xZoECQBwOMieJcswrcI2OgY3Ejw+nLf5u4ZbahRFrnHWT0FoN
+hBW4Dff5jso/K+weYETZUpdwWb9jv8+4ULGt1wiJ8sc=
+-----END RSA PRIVATE KEY-----

noc/configs/tinc/chaos.first/rsa_key.pub

@@ -0,0 +1,5 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAJ8UB4S2KiFsEI64ffK4kcG083Y4cz64lklKoB1gA720VI+wnsiUJAXF
+EgvrvcZuGqSTPM5aKWMMRllrLjBf0bNNpO66/GuN+F0O9pt8Q49NF867uNX+KHNu
+Fm1dpjugf3DIpvzbmWE3i3WAYU3yd9z3LBA1IuZ21q31Waup+MPNAgMBAAE=
+-----END RSA PUBLIC KEY-----

noc/configs/tinc/chaos.old/hosts/alioshome

@@ -0,0 +1,14 @@
+Address=alios.dyndns.org
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.8.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAL6nQVPgKAXdt+sFsXR2b/f+DFLJDT7ENuB6fpBdosAI06UIlIov47AT
+0hIwhStixzBg1PlKi2QhqRQvGvX6rxWBb2rPU3lsHCOrG4jR+LaPs/fRLMd3nh/K
+jiH/QmbM0jn7Foms/Rladp8PJx4ZOFP1ACxnWslE/15BxqynxVeZAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/ccchh

@@ -0,0 +1,16 @@
+Address=fwhh.hamburg.ccc.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=4200
+Subnet=192.168.16.0/23
+Subnet=192.168.20.0/23
+Subnet=192.168.0.64/26
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAKH0hS1wybu+D8DF5kOy6dirIlzhdlL0Z26G/S9JPJ4H3keDOdH3tEE/
+81D9S1IiHEkGgLFdJt6PS/mnBPaKInnV4OIS59l9eCZAVg432bb77JMSY0IWibcD
+mBZLQFrWTX4Tc8bd0C1UrIslr9PbO5gxEtKSaWsujsah2QOtVaN3AgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/dew

@@ -0,0 +1,14 @@
+Address=home.ainex.net
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.13.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBALNiHGhNitniabwXpVRkSkULd5+qS3oLLung9kSD/cwIPgmJEaCLrmdF
+iVKcTKYRB7OIc7zv2Ss0eIhUHoD7FzwVYTO1hi/8hqrrUzTC6nN2HU3Rj7+M2724
+ZpE3Q3/my5W2rk6E9MWooWKIMSI5l1Uf6TF3XVhKym3wyk6bg8PXAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/eh2005

@@ -0,0 +1,17 @@
+Address=does.not.exist.example
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=172.16.0.0/22
+Subnet=172.16.4.0/22
+Subnet=172.16.42.0/24
+Subnet=10.112.0.0/12
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAJ8UB4S2KiFsEI64ffK4kcG083Y4cz64lklKoB1gA720VI+wnsiUJAXF
+EgvrvcZuGqSTPM5aKWMMRllrLjBf0bNNpO66/GuN+F0O9pt8Q49NF867uNX+KHNu
+Fm1dpjugf3DIpvzbmWE3i3WAYU3yd9z3LBA1IuZ21q31Waup+MPNAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/haegarhome

@@ -0,0 +1,14 @@
+Address=gate.sdinet.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.18.0/23
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAMEEsKaNa8fq6+Z31Iy4pNwJub1Ncu1y/+Ngnldh6eC5TlgTsMa1qRfZ
+8i+vuNlC8UlXT43vGAdNuP/AJTQgjQWnSt2qlDRQyVE0RkdOnQPecTJckwzcceOv
+C76sLaA199ZtPlJl+W7Ft6SMs5UFCBhDpnUUD9GkrLuywHgZ6bpJAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/haegarwork

@@ -0,0 +1,14 @@
+Address=mercury.sdinet.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.0.99/32
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAJ3k2XMp+ryAsyDlRpTgffZGjSTE4kp2haX3Ax55CN/e7q+IG1yHvK2R
+M2v0WHh8e59Hb7IX86J7U6ZOO/7GQ8bkUZD9ntmyRjeIZ4XuF4X8Q5t7zZ6TEm8G
+lkh+IiZ3NlFRWdzVNLybQIluJsPIr/7rA3xet9IPUpm8sBgTcbwXAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/lardass

@@ -0,0 +1,15 @@
+Address=lardass.arles-electrique.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=10.6.65.0/24
+Subnet=10.6.66.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAMxqMzKqWX4e7mtiRVHnOWTkV7nxwsdgMZVkzx9ATG/9ew1CF6kOHjrq
+C4RsWpeuHMiQLUG3xF0Prajh5MXsqS7sP7Zn/6z3t3f1mqDLfBtx2e+6LqBs9j1W
+VkNcGI29ibDLYHcdjNejQfwPA+4JKfrq2T0Dzf3xWpMIHrcrLEOXAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/packbarthome

@@ -0,0 +1,22 @@
+Address=gw23.formularfetischisten.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=10.42.0.0/16
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIICCgKCAgEA7hNnj1THT0JCUPM2gEcF5Mrwj6onlBixFYZnbhNMssNAIhlP5Tvb
+7dNWhwnvBtCFCqEW8jnf9sD4+gJcp8vsiWmM8EQMGWuPkqqc+0TCyQKGb7ylbrNM
+4n7tzdJX18LEm5TnxQieBinnkYPTkNy8xzgQPe+SwyMwg6ECDIyBwJ5GaeyIjqME
+ZuVbvB81GJej2WGqSMlfZPGpGvriDrU0271S7NmAtfbzeuCGzFd877hcDx52YvzT
+SDqdFwtO+lEhbfaKzrPS96M3Jj+FyH2NC19NL93Kln4ZDdKZWSzvRwv1loFWDuZ0
+lrZC/Zk/sUSkxM1qQlXAi2wRVnQzl21j0saismra80eKEnv8f0rIbYfJFg4l5PUs
+eN7x5AriCR2wSyvuI6SkB7N3QxCSG2OWlTR8jqVd0iCgWum8+jQwvV9jCJBZYgEB
+xU85IjfH7yptd39LYJRsQcm58RTco3oO2VTBJ7uQZuIINVPjmp4cIeiF0r4O2WYf
+cA8FMX8IbUQAqwAte3J9AtfYcB8nXOsf2uBR+QoEnFf1n2R2vtzSuSTlEeTOD4MJ
+qv+4aFqbRMwR/cYTK4krYxJPSk8ZD/boFXcMPc6jud6MjA7PGEw1DKV4lhJ7pPRJ
+rgX/xUxmGNhwQEynunP6SWscg/7UFFDqanC/Pv6X7AR2VfmiLpJ66/cCAwEAAQ==
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/pescoheim

@@ -0,0 +1,14 @@
+Address=pesco.dyndns.org
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.9.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAOGdQo3wBi8pDtMe8IstjmWx5kKOKheTOjdPoLX4Qkr9bOhJb7NxalPV
+5Ub5BFR51kDafnSPaXtQGMkKgSD6NAXK4LF1Tvsnbr2/za38Zv9YCsoD+HiM9Vz8
+6eO6UpGkvHjXcKHsJbEa9jUnvOOFf7U23UijYgjbrkggckHojTxdAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/redbaron

@@ -0,0 +1,14 @@
+Address=redcastle.mine.nu
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=10.47.11.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBALzcRKUSeEX/qHAJIqDnC+MfYD7F78ftdvOGDvYyzvHpNAlRyMZTea6V
+hnxgD3aJSM/MB80XZcdTOHLShYmAehZhfLph82oT0W8bAh+58RUgorYeYit5qvC5
+tNXV/zI8OFCfc08ttmK2Zb0Mqeh13OXzk2Un3gqgWeWauep6wBp1AgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/turing

@@ -0,0 +1,14 @@
+Address=turing.hamburg.ccc.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=4200
+Subnet=192.168.0.98/32
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAMeWu6JQGmHwalirbG6rSP+wLRNb+9H0wR89PM0s6OulzmRwZYESZXdU
+AXiY02+Y9YdkhHZ9b8UGfoL7g6jr3YC1aB5rGU7oOojGUGLO85K4nnd+FxzccY8K
+LyCdqkcLudLEP4SmgbKZgsBebR+46CKbnavXZ+l8KLYzQgWfA0kXAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos.old/hosts/znet

@@ -0,0 +1,14 @@
+Address=prometheus.datenknoten.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.23.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAMHRsCzBgOvkCokphctbdX11P6MtwWIhaTHmI8BHhDN73Ch384KTFdqA
+gGsDkp2QoH2PvFRolOi1NjFuSSJfcGJdvEGa4R/bMhUF2LWTO2VIr3JIA0VsRS+8
+LXe+GpXURFgb9/cenjdzKWYLeksT1g/Y6MAgsl1MAdGFmOtNFc+zAgMBAAE=
+-----END RSA PUBLIC KEY-----  
+

noc/configs/tinc/chaos.old/rsa_key.priv

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCfFAeEtiohbBCOuH3yuJHBtPN2OHM+uJZJSqAdYAO9tFSPsJ7I
+lCQFxRIL673GbhqkkzzOWiljDEZZay4wX9GzTaTuuvxrjfhdDvabfEOPTRfOu7jV
+/ihzbhZtXaY7oH9wyKb825lhN4t1gGFN8nfc9ywQNSLmdtat9VmrqfjDzQIDAQAB
+AoGAJ2KsId2APNoml09yT4AHBnCovqJnViYZf3fsgJlfE77sGM9f4MVczdjnCPCL
+AfAMxKZ3rZeBG7bUTBtPSkbPAjPJ//zT4kNWFLZC93HdzSeeEmSCF+vE7L6xjzku
+fwpx/8J9LMLlp96BLtlfPXk4gDA+q858EW0Q1prQBQV7GEECQQDODY9qaVcU3cv2
+/wNeTuWve8wARDKiC2ucFE2RzvDnpcuR+Am5dkfUTTlJTf/Ffdc2M4E7YfwAa1J9
+IAcilM3lAkEAxaN+IVb7vy4xWjx7W5/sVKLz1FgjSHkpNfeuWMxm8sR4HWTHBPFb
+hd+E+HhkWeD6Sa6gP8ZIEPfXnBexYRz/yQJBAKU7xofklUpMWiVldgQIbLN+KKcG
+CTxcwBxXQ6TrN8/q6gXRy6qHqS4cBxY7kCGEujHit30xI+4KIgnoxw/6F+kCQGh2
+kiRtJYNXlx5q+YjkbrYNq3OBYqTb5bxwveaRo5iN4C8pJUinigiorE/o0qHvGFv5
+wRn0ZAMT/RK0Mz1xZoECQBwOMieJcswrcI2OgY3Ejw+nLf5u4ZbahRFrnHWT0FoN
+hBW4Dff5jso/K+weYETZUpdwWb9jv8+4ULGt1wiJ8sc=
+-----END RSA PRIVATE KEY-----

noc/configs/tinc/chaos.old/rsa_key.pub

@@ -0,0 +1,5 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAJ8UB4S2KiFsEI64ffK4kcG083Y4cz64lklKoB1gA720VI+wnsiUJAXF
+EgvrvcZuGqSTPM5aKWMMRllrLjBf0bNNpO66/GuN+F0O9pt8Q49NF867uNX+KHNu
+Fm1dpjugf3DIpvzbmWE3i3WAYU3yd9z3LBA1IuZ21q31Waup+MPNAgMBAAE=
+-----END RSA PUBLIC KEY-----

noc/configs/tinc/chaos.old/tinc-up

@@ -0,0 +1,16 @@
+#!/bin/sh
+/sbin/ifconfig $INTERFACE 172.16.0.1 netmask 255.255.255.255
+/sbin/ip -4 route add 192.168.23.0/24 dev $INTERFACE
+/sbin/ip -4 route add 192.168.8.0/24 dev $INTERFACE
+/sbin/ip -4 route add 192.168.13.0/24 dev $INTERFACE
+/sbin/ip -4 route add 192.168.0.99/32 dev $INTERFACE
+/sbin/ip -4 route add 192.168.9.0/24 dev $INTERFACE
+/sbin/ip -4 route add 10.6.65.0/24 dev $INTERFACE
+/sbin/ip -4 route add 10.6.66.0/24 dev $INTERFACE
+/sbin/ip -4 route add 192.168.16.0/23 dev $INTERFACE
+/sbin/ip -4 route add 192.168.20.0/23 dev $INTERFACE
+/sbin/ip -4 route add 192.168.0.64/26 dev $INTERFACE
+/sbin/ip -4 route add 192.168.18.0/23 dev $INTERFACE
+/sbin/ip -4 route add 10.42.0.0/16 dev $INTERFACE
+/sbin/ip -4 route add 192.168.0.98/32 dev $INTERFACE
+/sbin/ip -4 route add 10.47.11.0/24 dev $INTERFACE

noc/configs/tinc/chaos.old/tinc.conf

@@ -0,0 +1,17 @@
+AddressFamily=ipv4
+Device=/dev/net/tun
+Interface=chaos_vpn
+Mode=router
+Name=eh2005
+Hostnames=yes
+ConnectTo=znet
+ConnectTo=alioshome
+ConnectTo=dew
+ConnectTo=haegarwork
+ConnectTo=pescoheim
+ConnectTo=lardass
+ConnectTo=ccchh
+ConnectTo=haegarhome
+ConnectTo=packbarthome
+ConnectTo=turing
+ConnectTo=redbaron

noc/configs/tinc/chaos/hosts/alioshome

@@ -0,0 +1,14 @@
+Address=alios.dyndns.org
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.8.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAL6nQVPgKAXdt+sFsXR2b/f+DFLJDT7ENuB6fpBdosAI06UIlIov47AT
+0hIwhStixzBg1PlKi2QhqRQvGvX6rxWBb2rPU3lsHCOrG4jR+LaPs/fRLMd3nh/K
+jiH/QmbM0jn7Foms/Rladp8PJx4ZOFP1ACxnWslE/15BxqynxVeZAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/ccchh

@@ -0,0 +1,16 @@
+Address=fwhh.hamburg.ccc.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=4200
+Subnet=192.168.16.0/23
+Subnet=192.168.20.0/23
+Subnet=192.168.0.64/26
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAKH0hS1wybu+D8DF5kOy6dirIlzhdlL0Z26G/S9JPJ4H3keDOdH3tEE/
+81D9S1IiHEkGgLFdJt6PS/mnBPaKInnV4OIS59l9eCZAVg432bb77JMSY0IWibcD
+mBZLQFrWTX4Tc8bd0C1UrIslr9PbO5gxEtKSaWsujsah2QOtVaN3AgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/dew

@@ -0,0 +1,14 @@
+Address=home.ainex.net
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.13.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBALNiHGhNitniabwXpVRkSkULd5+qS3oLLung9kSD/cwIPgmJEaCLrmdF
+iVKcTKYRB7OIc7zv2Ss0eIhUHoD7FzwVYTO1hi/8hqrrUzTC6nN2HU3Rj7+M2724
+ZpE3Q3/my5W2rk6E9MWooWKIMSI5l1Uf6TF3XVhKym3wyk6bg8PXAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/eh2005

@@ -0,0 +1,17 @@
+Address=does.not.exist.example
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=172.16.0.0/22
+Subnet=172.16.4.0/22
+Subnet=172.16.42.0/24
+Subnet=10.112.0.0/12
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAJ8UB4S2KiFsEI64ffK4kcG083Y4cz64lklKoB1gA720VI+wnsiUJAXF
+EgvrvcZuGqSTPM5aKWMMRllrLjBf0bNNpO66/GuN+F0O9pt8Q49NF867uNX+KHNu
+Fm1dpjugf3DIpvzbmWE3i3WAYU3yd9z3LBA1IuZ21q31Waup+MPNAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/haegarhome

@@ -0,0 +1,14 @@
+Address=gate.sdinet.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.18.0/23
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAMEEsKaNa8fq6+Z31Iy4pNwJub1Ncu1y/+Ngnldh6eC5TlgTsMa1qRfZ
+8i+vuNlC8UlXT43vGAdNuP/AJTQgjQWnSt2qlDRQyVE0RkdOnQPecTJckwzcceOv
+C76sLaA199ZtPlJl+W7Ft6SMs5UFCBhDpnUUD9GkrLuywHgZ6bpJAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/haegarwork

@@ -0,0 +1,14 @@
+Address=mercury.sdinet.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.0.99/32
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAJ3k2XMp+ryAsyDlRpTgffZGjSTE4kp2haX3Ax55CN/e7q+IG1yHvK2R
+M2v0WHh8e59Hb7IX86J7U6ZOO/7GQ8bkUZD9ntmyRjeIZ4XuF4X8Q5t7zZ6TEm8G
+lkh+IiZ3NlFRWdzVNLybQIluJsPIr/7rA3xet9IPUpm8sBgTcbwXAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/lardass

@@ -0,0 +1,15 @@
+Address=lardass.arles-electrique.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=10.6.65.0/24
+Subnet=10.6.66.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAMxqMzKqWX4e7mtiRVHnOWTkV7nxwsdgMZVkzx9ATG/9ew1CF6kOHjrq
+C4RsWpeuHMiQLUG3xF0Prajh5MXsqS7sP7Zn/6z3t3f1mqDLfBtx2e+6LqBs9j1W
+VkNcGI29ibDLYHcdjNejQfwPA+4JKfrq2T0Dzf3xWpMIHrcrLEOXAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/packbarthome

@@ -0,0 +1,22 @@
+Address=gw23.formularfetischisten.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=10.42.0.0/16
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIICCgKCAgEA7hNnj1THT0JCUPM2gEcF5Mrwj6onlBixFYZnbhNMssNAIhlP5Tvb
+7dNWhwnvBtCFCqEW8jnf9sD4+gJcp8vsiWmM8EQMGWuPkqqc+0TCyQKGb7ylbrNM
+4n7tzdJX18LEm5TnxQieBinnkYPTkNy8xzgQPe+SwyMwg6ECDIyBwJ5GaeyIjqME
+ZuVbvB81GJej2WGqSMlfZPGpGvriDrU0271S7NmAtfbzeuCGzFd877hcDx52YvzT
+SDqdFwtO+lEhbfaKzrPS96M3Jj+FyH2NC19NL93Kln4ZDdKZWSzvRwv1loFWDuZ0
+lrZC/Zk/sUSkxM1qQlXAi2wRVnQzl21j0saismra80eKEnv8f0rIbYfJFg4l5PUs
+eN7x5AriCR2wSyvuI6SkB7N3QxCSG2OWlTR8jqVd0iCgWum8+jQwvV9jCJBZYgEB
+xU85IjfH7yptd39LYJRsQcm58RTco3oO2VTBJ7uQZuIINVPjmp4cIeiF0r4O2WYf
+cA8FMX8IbUQAqwAte3J9AtfYcB8nXOsf2uBR+QoEnFf1n2R2vtzSuSTlEeTOD4MJ
+qv+4aFqbRMwR/cYTK4krYxJPSk8ZD/boFXcMPc6jud6MjA7PGEw1DKV4lhJ7pPRJ
+rgX/xUxmGNhwQEynunP6SWscg/7UFFDqanC/Pv6X7AR2VfmiLpJ66/cCAwEAAQ==
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/pescoheim

@@ -0,0 +1,14 @@
+Address=pesco.dyndns.org
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.9.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAOGdQo3wBi8pDtMe8IstjmWx5kKOKheTOjdPoLX4Qkr9bOhJb7NxalPV
+5Ub5BFR51kDafnSPaXtQGMkKgSD6NAXK4LF1Tvsnbr2/za38Zv9YCsoD+HiM9Vz8
+6eO6UpGkvHjXcKHsJbEa9jUnvOOFf7U23UijYgjbrkggckHojTxdAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/redbaron

@@ -0,0 +1,14 @@
+Address=redcastle.mine.nu
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=10.47.11.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBALzcRKUSeEX/qHAJIqDnC+MfYD7F78ftdvOGDvYyzvHpNAlRyMZTea6V
+hnxgD3aJSM/MB80XZcdTOHLShYmAehZhfLph82oT0W8bAh+58RUgorYeYit5qvC5
+tNXV/zI8OFCfc08ttmK2Zb0Mqeh13OXzk2Un3gqgWeWauep6wBp1AgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/turing

@@ -0,0 +1,14 @@
+Address=turing.hamburg.ccc.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=4200
+Subnet=192.168.0.98/32
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAMeWu6JQGmHwalirbG6rSP+wLRNb+9H0wR89PM0s6OulzmRwZYESZXdU
+AXiY02+Y9YdkhHZ9b8UGfoL7g6jr3YC1aB5rGU7oOojGUGLO85K4nnd+FxzccY8K
+LyCdqkcLudLEP4SmgbKZgsBebR+46CKbnavXZ+l8KLYzQgWfA0kXAgMBAAE=
+-----END RSA PUBLIC KEY-----
+

noc/configs/tinc/chaos/hosts/znet

@@ -0,0 +1,14 @@
+Address=prometheus.datenknoten.de
+Cipher=blowfish
+Compression=0
+Digest=sha1
+IndirectData=yes
+Port=655
+Subnet=192.168.23.0/24
+TCPonly=no
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAMHRsCzBgOvkCokphctbdX11P6MtwWIhaTHmI8BHhDN73Ch384KTFdqA
+gGsDkp2QoH2PvFRolOi1NjFuSSJfcGJdvEGa4R/bMhUF2LWTO2VIr3JIA0VsRS+8
+LXe+GpXURFgb9/cenjdzKWYLeksT1g/Y6MAgsl1MAdGFmOtNFc+zAgMBAAE=
+-----END RSA PUBLIC KEY-----  
+

noc/configs/tinc/chaos/rsa_key.priv

@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCfFAeEtiohbBCOuH3yuJHBtPN2OHM+uJZJSqAdYAO9tFSPsJ7I
+lCQFxRIL673GbhqkkzzOWiljDEZZay4wX9GzTaTuuvxrjfhdDvabfEOPTRfOu7jV
+/ihzbhZtXaY7oH9wyKb825lhN4t1gGFN8nfc9ywQNSLmdtat9VmrqfjDzQIDAQAB
+AoGAJ2KsId2APNoml09yT4AHBnCovqJnViYZf3fsgJlfE77sGM9f4MVczdjnCPCL
+AfAMxKZ3rZeBG7bUTBtPSkbPAjPJ//zT4kNWFLZC93HdzSeeEmSCF+vE7L6xjzku
+fwpx/8J9LMLlp96BLtlfPXk4gDA+q858EW0Q1prQBQV7GEECQQDODY9qaVcU3cv2
+/wNeTuWve8wARDKiC2ucFE2RzvDnpcuR+Am5dkfUTTlJTf/Ffdc2M4E7YfwAa1J9
+IAcilM3lAkEAxaN+IVb7vy4xWjx7W5/sVKLz1FgjSHkpNfeuWMxm8sR4HWTHBPFb
+hd+E+HhkWeD6Sa6gP8ZIEPfXnBexYRz/yQJBAKU7xofklUpMWiVldgQIbLN+KKcG
+CTxcwBxXQ6TrN8/q6gXRy6qHqS4cBxY7kCGEujHit30xI+4KIgnoxw/6F+kCQGh2
+kiRtJYNXlx5q+YjkbrYNq3OBYqTb5bxwveaRo5iN4C8pJUinigiorE/o0qHvGFv5
+wRn0ZAMT/RK0Mz1xZoECQBwOMieJcswrcI2OgY3Ejw+nLf5u4ZbahRFrnHWT0FoN
+hBW4Dff5jso/K+weYETZUpdwWb9jv8+4ULGt1wiJ8sc=
+-----END RSA PRIVATE KEY-----

noc/configs/tinc/chaos/rsa_key.pub

@@ -0,0 +1,5 @@
+-----BEGIN RSA PUBLIC KEY-----
+MIGJAoGBAJ8UB4S2KiFsEI64ffK4kcG083Y4cz64lklKoB1gA720VI+wnsiUJAXF
+EgvrvcZuGqSTPM5aKWMMRllrLjBf0bNNpO66/GuN+F0O9pt8Q49NF867uNX+KHNu
+Fm1dpjugf3DIpvzbmWE3i3WAYU3yd9z3LBA1IuZ21q31Waup+MPNAgMBAAE=
+-----END RSA PUBLIC KEY-----

noc/configs/tinc/chaos/tinc-up

@@ -0,0 +1,16 @@
+#!/bin/sh
+/sbin/ifconfig $INTERFACE 172.16.0.1 netmask 255.255.255.255
+/sbin/ip -4 route add 192.168.23.0/24 dev $INTERFACE
+/sbin/ip -4 route add 192.168.8.0/24 dev $INTERFACE
+/sbin/ip -4 route add 192.168.13.0/24 dev $INTERFACE
+/sbin/ip -4 route add 192.168.0.99/32 dev $INTERFACE
+/sbin/ip -4 route add 192.168.9.0/24 dev $INTERFACE
+/sbin/ip -4 route add 10.6.65.0/24 dev $INTERFACE
+/sbin/ip -4 route add 10.6.66.0/24 dev $INTERFACE
+/sbin/ip -4 route add 192.168.16.0/23 dev $INTERFACE
+/sbin/ip -4 route add 192.168.20.0/23 dev $INTERFACE
+/sbin/ip -4 route add 192.168.0.64/26 dev $INTERFACE
+/sbin/ip -4 route add 192.168.18.0/23 dev $INTERFACE
+/sbin/ip -4 route add 10.42.0.0/16 dev $INTERFACE
+/sbin/ip -4 route add 192.168.0.98/32 dev $INTERFACE
+/sbin/ip -4 route add 10.47.11.0/24 dev $INTERFACE

noc/configs/tinc/chaos/tinc.conf

@@ -0,0 +1,17 @@
+AddressFamily=ipv4
+Device=/dev/net/tun
+Interface=chaos_vpn
+Mode=router
+Name=eh2005
+Hostnames=yes
+ConnectTo=znet
+ConnectTo=alioshome
+ConnectTo=dew
+ConnectTo=haegarwork
+ConnectTo=pescoheim
+ConnectTo=lardass
+ConnectTo=ccchh
+ConnectTo=haegarhome
+ConnectTo=packbarthome
+ConnectTo=turing
+ConnectTo=redbaron

noc/configs/tinc/chaosvpn.conf

@@ -0,0 +1,41 @@
+# achtung: dies configfile ist perl ;)
+
+
+# name dieses rechners:
+$my_peerid		= "eh2005";
+
+# lokale ips dieses rechners/gateways
+# eins von beidem kann auch leergelassen werden, wenn man nur
+# ipv4 oder nur ipv6 sprechen moechte
+# (angaben ohne netmask, das hier sind die adressen die das 
+# chaos_vpn-device bekommt, netmask /32 bzw /128)
+$my_vpn_ip		= "172.16.0.1";
+$my_vpn_ip6		= "";
+
+$my_password		= "foo"; # unused
+$my_ip			= "127.0.0.1"; # unused for now
+$my_external_ip		= "193.103.161.30"; # unused
+
+# ueber diese einstellung koennen gewisse gegenstellen
+# bei chaosvpn-links ignoriert werden (sie werden vom eigenen rechner
+# behandelt als waehren sie nicht teil des chaosvpns)
+# dies ist z.b. nuetzlich wenn zu diesen gegenstellen schon eine
+# anderweitige vpn-verbindung besteht
+# im normalfall einfach ()
+@exclude		= (); # links zu gewissen peer-ids nicht aufbauen
+
+
+# ============================================================================
+# you should'nt need to change anything below, 
+# at least not for linux and chaosvpn
+
+$networkname		= "chaos";
+$tincd_bin		= "/usr/sbin/tincd";
+$ip_bin			= "/sbin/ip";
+$ifconfig		= "/sbin/ifconfig \$INTERFACE $my_vpn_ip netmask $my_vpn_netmask";
+$ifconfig6		= "$ip_bin addr add $my_vpn_ip6/128 dev \$INTERFACE";
+
+$master_url		= "https://www.vpn.hamburg.ccc.de/tinc-chaosvpn.txt";
+$base			= "/etc/tinc/$networkname";
+$pidfile		= "/var/run/tinc.$networkname.pid";
+$tincd_debuglevel	= 3;

noc/configs/tinc/nets.boot

@@ -0,0 +1 @@
+## This file contains all names of the networks to be started on system startup.