Install NetBSD/i386 7.1 by CD. Kernel (GENERIC) YES Kernel modules YES Base YES Configulation files (/etc) YES Compiler tools YES Games NO Manual pages YES Miscellaneous YES Test programs NO Text processiong tools YES X11 sets X11 base and clients YES X11 programming YES X11 configuration NO X11 fonts NO X11 servers NO Enable sshd YES Run ntpdate at boot YES Enable cgd NO Enable raidframe NO rm -rf /usr/share/man/cat?/* cd /etc cp -p hosts hosts.org cp -p printcap printcap.org cp -p inetd.conf inetd.conf.org cp -p rc.conf rc.conf.org cp -p shells shells.org cp -p group group.org cp -p sysctl.conf sysctl.conf.org mkdir /usr/home ln -s /usr/home /home useradd -m -s /bin/csh -d /home/USERNAME -c USERNAME USERNAME #Add USERNAME to wheel in /etc/group. passwd root passwd USERNAME cd mkdir .org mv .* .org cat<.cshrc set path=(/{usr/pkg/,,usr/}{,s}bin /usr/games) set filec set prompt='%m{!} %~ %# ' setenv CFLAGS '-O2 -pipe' setenv PAGER less EOF #perl /usr/share/examples/ipf/mkfilters>/etc/ipf.conf cat<>/etc/ipf.conf block in log quick from any to any with ipopts block in log quick proto tcp from any to any with short block in log quick from xxx.xxx.xxx.xxx/32 to any pass out all keep state block in log all pass in from 192.168.0.0/24 to any keep state pass in proto tcp from any to any port=ssh keep state pass in proto tcp from any to any port=http keep state pass in proto tcp from any to any port=https keep state pass in proto tcp from any to any port=smtp keep state pass in proto tcp from any to any port=smtps keep state pass in proto tcp from any to any port=submission keep state pass in proto tcp from any to any port=pop3 keep state pass in proto tcp from any to any port=pop3s keep state pass in proto tcp from any to any port=imap keep state pass in proto tcp from any to any port=imaps keep state EOF cat</etc/exports /usr -alldirs -network 192.168.0.0/24 EOF cat<>/etc/hosts 192.168.0.1 HOSTNAME.DOMAINNAME HOSTNAME EOF cat</etc/resolv.conf nameserver 220.220.248.2 EOF cat<>/etc/rc.conf hostname=HOSTNAME.DOMAINNAME defaultroute=123.45.67.89 rpcbind=YES mountd=YES nfs_server=YES apmd=YES postfix=NO ipfilter=YES ipmon=YES EOF postsuper -d ALL shutdown -r now #ipf -D #ipf -E #ipf -Fa #ipf -f /etc/ipf.conf #ipfstat -io #ipmon #ipmon -n cd /usr cat pkgsrc-2017Q4.tar.bz2|gzip -d|tar -xf- cat</etc/mk.conf PKG_DEFAULT_OPTIONS+=-inet6 EOF cd /usr/pkgsrc/shells/tcsh make install package|&tee mk01.log #vi /etc/shells #pkg_add tcsh|&tee tcsh.log #chsh USERNAME cd /usr/pkgsrc/security/openssl make install package|&tee mk01.log #pkg_add openssl|&tee openssl.log cd /usr/pkgsrc/lang/tcl-expect make install package|&tee mk01.log #pkg_add tcl-expect|&tee tcl-expect.log cd /usr/pkgsrc/meta-pkgs/courier make install package|&tee mk01.log #pkg_add courier|&tee courier.log cd /usr/pkgsrc/database/php-pgsql make install package|&tee mk01.log #pkg_add php56-pgsql|&tee php56-pgsql.log cd /usr/pkgsrc/database/postgresql95 make install package|&tee mk01.log #pkg_add postgresql95|&tee postgresql95.log cd /usr/pkgsrc/www/ap-php make install package|&tee mk01.log #pkg_add ap24-php56|&tee ap24-php56.log cd /usr/pkgsrc/net/samba make install package|&tee mk01.log #pkg_add samba|&tee samba.log cd /usr/pkgsrc/www/p5-CGI make install package|&tee mk01.log #pkg_add p5-CGI|&tee p5-CGI.log cd /usr/pkgsrc/net/p5-Socket6 make install package|&tee mk01.log #pkg_add p5-Socket6|&tee p5-Socket6.log cd /usr/pkgsrc/security/p5-Net-SSLeay make install package|&tee mk01.log #pkg_add p5-Net-SSLeay|&tee p5-Net-SSLeay.log #pkg_info cp /usr/pkg/share/examples/rc.d/* /etc/rc.d cat<>/etc/rc.conf authdaemond=YES webmlm=YES courierfilter=YES courieresmtps=YES courieresmtpmsa=YES courieresmtp=YES courierd=YES courier=YES courierpops=YES courierpop=YES courierimaps=YES courierimap=YES sqwebmail=YES pgsql=YES #pgsql_flags="-l" apache=YES winbindd=YES smbd=YES samba=YES nmbd=YES EOF crontab -e 0 * * * * /usr/pkg/etc/courier/sharedindexupdate 0 * * * * /usr/pkg/etc/courier/cleancache.pl cp /usr/pkg/libexec/courier/webmail/* /usr/pkg/libexec/cgi-bin echo PASSWORD>/usr/pkg/etc/courier/webadmin/password chown courier:mail /usr/pkg/etc/courier/webadmin/password chmod 0400 /usr/pkg/etc/courier/webadmin/password ln -s /usr/pkg/sbin/webmaild.rc /usr/pkg/sbin/webmaild cd /usr/sbin mv sendmail sendmail.org ln -s /usr/pkg/bin/sendmail sendmail vi /usr/pkg/etc/courier/esmtpd.cnf mkesmtpdcert vi /usr/pkg/etc/courier/pop3d.cnf mkpop3dcert vi /usr/pkg/etc/courier/imapd.cnf mkimapdcert vi /usr/pkg/share/courier/imapd.rc #Change "ulimit -v" to "ulimit -d" vi /usr/pkg/share/courier/imapd-ssl.rc #Change "ulimit -v" to "ulimit -d" cat<>/usr/pkg/etc/httpd/httpd.conf LoadModule socache_shmcb_module lib/httpd/mod_socache_shmcb.so LoadModule ssl_module lib/httpd/mod_ssl.so #LoadModule mpm_event_module lib/httpd/mod_mpm_event.so LoadModule mpm_prefork_module lib/httpd/mod_mpm_prefork.so LoadModule cgid_module lib/httpd/mod_cgid.so LoadModule userdir_module lib/httpd/mod_userdir.so LoadModule php5_module lib/httpd/mod_php5.so ServerAdmin you@example.com ServerName www.example.com:80 Options FollowSymLinks AllowOverride None Require all granted Alias /sqwebmail/ "/usr/pkg/share/courier/sqwebmail/images/" SetHandler application/x-httpd-php #SetEnv SQWEBMAIL_MAXATTSIZE 16777216 #SetEnv SQWEBMAIL_MAXARGSIZE 16777216 Include etc/httpd/httpd-userdir.conf Include etc/httpd/httpd-ssl.conf EOF cat<>/usr/pkg/etc/httpd/httpd-userdir.conf Options ExecCGI SetHandler cgi-script EOF cat<>/usr/pkg/etc/httpd/httpd-ssl.conf ServerName www.example.com:443 ServerAdmin you@example.com EOF vi /usr/pkg/etc/php.ini #Add "date.timezone = Asia/Tokyo". #maybe no need "extension=pgsql.so" #php --ini #php -i cd /usr/pkg/etc/httpd openssl genrsa -out server.key 1024 openssl req -new -key server.key -out server.csr openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 365 chmod go-rwx server.* cat<>/etc/inetd.conf swat stream tcp nowait.400 root /usr/pkg/sbin/swat swat EOF chmod o+rx /usr/pkg/libexec/courier/modules/dsn/* chmod o+rx /usr/pkg/libexec/courier/modules/esmtp/* chmod u+s /usr/pkg/libexec/courier/modules/esmtp/courieresmtpd courier-maildirmake ~/Maildir shutdown -r now http://localhost/ https://localhost/ https://localhost/cgi-bin/webadmin #Server name:mune.plala.jp #Default domain:mune.plala.jp #Aliases:root->mune,postmaster->mune,webmaster->mune #Whitelist, allow relaying iPhone(49.239 & 210.130 & 210.138 & 210.149) #Default smarthost:mmr.plala.or.jp #Install new configuration echo 0>/usr/pkg/etc/courier/sizelimit https://localhost/cgi-bin/webmail /etc/rc.d/sqwebmail restart http://localhost:901 #Add user USERNAME, change passwd. #Change max protocol from NT1 to SMB2. cat</etc/ntpdate #!/bin/sh host=`hostname` echo "To: ${MAILTO:-root}" echo "Subject: $host ntpdate" echo "" echo "/usr/sbin/ntpdate ntp1.plala.or.jp" echo "" /usr/sbin/ntpdate ntp1.plala.or.jp EOF crontab -e 45 3 * * 1 /bin/sh /etc/ntpdate 2>&1 | tee /var/log/ntpdate.out | sendmail -t cd / cat syssrc.tgz|gzip -d|tar -xf- cd /usr/src/sys/arch/i386/conf cp GENERIC_LAPTOP HOSTNAME vi HOSTNAME config HOSTNAME cd ../compile/HOSTNAME make clean depend all|&tee mk01.log mv /netbsd /netbsd.org mv netbsd / shutdown -r now #PPPoE and NAT and winny :p cat<>/etc/sysctl.conf # Obey interface MTUs when calculating MSS net.inet.tcp.mss_ifmtu=1 EOF touch /etc/ipf.conf #perl /usr/share/examples/ipg/mkfilters>/etc/ipf.conf cat</etc/ipnat.conf map pppoe0 192.168.0.0/24 -> 0/32 portmap tcp/udp 44000:49999 mssclamp 1408 map pppoe0 192.168.0.0/24 -> 0/32 mssclamp 1408 rdr pppoe0 0/0 port WINNYPORT -> 192.168.0.1 port WINNYPORT tcp EOF cat</etc/ifconfig.pppoe0 create ! /sbin/ifconfig NIC up ! /sbin/pppoectl -e NIC $int ! /sbin/pppoectl $int myauthproto=pap myauthname=000XX0000@PROVIDER.or.jp myauthsecret=PASSWORD inet 0.0.0.0 0.0.0.1 netmask 0xffffffff #! /sbin/route add default -iface 0.0.0.1 up EOF chmod go-rwx /etc/ifconfig.pppoe0 cat<>/etc/rc.conf ifwatchd=YES ipfilter=YES ipnat=YES EOF mkdir /etc/ppp cat</etc/ppp/ip-up #! /bin/sh /sbin/route add default $5 EOF cat</etc/ppp/ip-down #! /bin/sh /sbin/route delete default $5 EOF chmod a+x /etc/ppp/ip-up /etc/ppp/ip-down #ipnat -l #ipnat -C #ipnat -f /etc/ipnat.conf