Add GA-Schloss. Renew WF.

WF/README.txt

@@ -1,5 +1,8 @@
 
+-------
 Notice:
+-------
+
    You have to change some configuration files becaus the because
    the configuration of network interfaces must not be equal.
 
@@ -21,5 +24,5 @@ Notice:
       interfaces.WF: see above
       default_isc-dhcp-server.WF
       ipt-firewall.WF: LAN device (mostly ) = eth1
-                                second LAN WLAN or what ever (if present) = eth0
+      second LAN WLAN or what ever (if present) = eth0
          

WF/aiccu.WF

@@ -0,0 +1,11 @@
+# This is a configuration file for /etc/init.d/aiccu; it allows you to
+# perform common modifications to the behavior of the aiccu daemon
+# startup without editing the init script (and thus getting prompted
+# by dpkg on upgrades).  We all love dpkg prompts.
+
+# Arguments to pass to aiccu daemon.
+DAEMON_ARGS=""
+
+# Run aiccu at startup ?
+AICCU_ENABLED=Yes
+

WF/aiccu.conf.WF

@@ -0,0 +1,79 @@
+# Under control from debconf, please use 'dpkg-reconfigure aiccu' to reconfigure
+# AICCU Configuration
+
+# Login information (defaults: none)
+username CKM11-SIXXS
+password zLkJIZF0
+
+# Protocol and server to use for setting up the tunnel (defaults: none)
+protocol tic
+server tic.sixxs.net
+
+# Interface names to use (default: aiccu)
+# ipv6_interface is the name of the interface that will be used as a tunnel interface.
+# On *BSD the ipv6_interface should be set to gifX (eg gif0) for proto-41 tunnels
+# or tunX (eg tun0) for AYIYA tunnels.
+ipv6_interface sixxs
+
+# The tunnel_id to use (default: none)
+# (only required when there are multiple tunnels in the list)
+tunnel_id T129038
+
+# Be verbose? (default: false)
+#verbose false
+
+# Daemonize? (default: true)
+# Set to false if you want to see any output
+# When true output goes to syslog
+#
+# WARNING: never run AICCU from DaemonTools or a similar automated
+# 'restart' tool/script. When AICCU does not start, it has a reason
+# not to start which it gives on either the stdout or in the (sys)log
+# file. The TIC server *will* automatically disable accounts which
+# are detected to run in this mode.
+#
+daemonize true
+
+# Automatic Login and Tunnel activation?
+automatic true
+
+# Require TLS?
+# When set to true, if TLS is not supported on the server
+# the TIC transaction will fail.
+# When set to false, it will try a starttls, when that is
+# not supported it will continue.
+# In any case if AICCU is build with TLS support it will
+# try to do a 'starttls' to the TIC server to see if that
+# is supported.
+requiretls false
+
+# PID File
+#pidfile /var/run/aiccu.pid
+
+# Add a default route (default: true)
+#defaultroute true
+
+# Script to run after setting up the interfaces (default: none)
+#setupscript /usr/local/etc/aiccu-subnets.sh
+
+# Make heartbeats (default true)
+# In general you don't want to turn this off
+# Of course only applies to AYIYA and heartbeat tunnels not to static ones
+#makebeats true
+
+# Don't configure anything (default: false)
+#noconfigure true
+
+# Behind NAT (default: false)
+# Notify the user that a NAT-kind network is detected
+#behindnat true
+
+# Local IPv4 Override (default: none)
+# Overrides the IPv4 parameter received from TIC
+# This allows one to configure a NAT into "DMZ" mode and then
+# forwarding the proto-41 packets to an internal host.
+# 
+# This is only needed for static proto-41 tunnels!
+# AYIYA and heartbeat tunnels don't require this.
+#local_ipv4_override
+

WF/cron_root.WF

@@ -22,11 +22,10 @@
 # 
 # For more information see the manual pages of crontab(5) and cron(8)
 # 
+# m h  dom mon dow   command
 PATH=/root/bin/admin-stuff:/root/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
 
 
-# m h  dom mon dow   command
-
 # check forwarding ( /proc/sys/net/ipv4/ip_forward contains "1" )
 # if not set this entry to "1"
 #

WF/ddclient.conf.WF

@@ -0,0 +1,11 @@
+# Configuration file for ddclient generated by debconf
+#
+# /etc/ddclient.conf
+
+protocol=dyndns2
+use=if, if=ppp0
+server=members.dyndns.org
+login=ckubu
+password='ckubu100'
+mail=argus@oopen.de
+ckubu.homelinux.org

WF/default_isc-dhcp-server.WF

@@ -1,14 +1,21 @@
-# Defaults for dhcp initscript
-# sourced by /etc/init.d/dhcp
+# Defaults for isc-dhcp-server initscript
+# sourced by /etc/init.d/isc-dhcp-server
 # installed at /etc/default/isc-dhcp-server by the maintainer scripts
 
 #
 # This is a POSIX shell fragment
 #
 
+# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf).
+#DHCPD_CONF=/etc/dhcp/dhcpd.conf
+
+# Path to dhcpd's PID file (default: /var/run/dhcpd.pid).
+#DHCPD_PID=/var/run/dhcpd.pid
+
+# Additional options to start dhcpd with.
+#	Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead
+#OPTIONS=""
+
 # On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
 #	Separate multiple interfaces with spaces, e.g. "eth0 eth1".
-#INTERFACES=""
-INTERFACESv4="eth1 eth2"
-INTERFACESv6=""
-
+INTERFACESv4="eth1 eth0"

WF/generic.WF

@@ -0,0 +1,3 @@
+root@gw-replacement.local.netz      root_gw-replacement@oopen.de
+cron@gw-replacement.local.netz      cron_gw-replacement@oopen.de
+@gw-replacement.local.netz          other_gw-replacement@oopen.de

WF/hostapd.conf.WF

@@ -0,0 +1,138 @@
+# if you want to bridge the onboard eth0 and the 
+# wireless (USB) adapter's wlan0, this should work
+interface=wlan0
+bridge=br0
+
+# this is the driver that must be used for ath9k 
+# and other similar chipset devices
+driver=nl80211
+
+# Operation mode (a = IEEE 802.11a, b = IEEE 802.11b, g = IEEE 802.11g,
+# Default: IEEE 802.11b
+# !! Note:
+#    the n-speeds get layered on top of 802.11g, so
+#    use hw_mode=g also for 802.11n
+hw_mode=g
+#hw_mode=a
+
+# ieee80211n: Whether IEEE 802.11n (HT) is enabled
+# 0 = disabled (default)
+# 1 = enabled
+# !! Note: 
+#    You will also need to enable WMM for full HT functionality.
+ieee80211n=1
+wmm_enabled=1
+
+# Channel number (IEEE 802.11)
+# (default: 0, i.e., not set)
+# Please note that some drivers do not use this value from hostapd and the
+# channel will need to be configured separately with iwconfig.
+## - 2.4 Ghz : hw_mode=g (ht_capab=[HT40+].. channel 1-9) 
+## -                     (ht_capab=[HT40-].. channel 5-11(13) )
+## -   5 Ghz : hw_mode=a (ht_capab=[HT40+].. channel 36,44 ) 
+## -                     (ht_capab=[HT40-].. channel 40)
+channel=7
+#channel=44
+
+# these have to be set in agreement w/ channel and 
+# some other values... read hostapd.conf docs
+#
+## - D-LINK DWA-552 (2.4 Ghz)
+## - MicroTIK RouterBOARD R52n-M (Dualband: 2.4 / 5 Ghz)
+## - MicroTIK RouterBOARD R52Hn (Dualband: 2.4 / 5 Ghz)
+## -
+ht_capab=[HT40-][SHORT-GI-40][TX-STBC][RX-STBC1][DSSS_CCK-40]
+## -
+## - SR71-E Hi-Power (802.11a/b/g/n miniPCI-E Module)
+## -
+## -    5 Ghz -->channel 36
+## -
+#ht_capab=[HT40+][SHORT-GI-40][TX-STBC][RX-STBC1][DSSS_CCK-40]
+#ht_capab=[SHORT-GI-40][TX-STBC][RX-STBC1][DSSS_CCK-40]
+## -
+## - D-LINK DWA-556 (PCIe) (2,4 / 5  Ghz)
+## -
+#ht_capab=[HT40+][SHORT-GI-40][DSSS_CCK-40]
+## -
+## - Linksys WMP600N (Dualband: 2.4 / 5 Ghz)
+## -
+#ht_capab=[HT40+][SHORT-GI-20][SHORT-GI-40][TX-STBC][RX-STBC12]
+
+
+#   adjust to fit your location
+country_code=DE
+
+
+# SSID to be used in IEEE 802.11 management frames
+ssid=WLAN-OOPEN
+
+# makes the SSID visible and broadcasted
+ignore_broadcast_ssid=0
+
+# IEEE 802.11 specifies two authentication algorithms. hostapd can be
+# configured to allow both of these or only one. Open system authentication
+# should be used with IEEE 802.1X.
+# Bit fields of allowed authentication algorithms:
+# bit 0 = Open System Authentication
+# bit 1 = Shared Key Authentication (requires WEP)
+#auth_algs=3
+auth_algs=1
+
+# bit0 = WPA
+# bit1 = IEEE 802.11i/RSN (WPA2) (dot11RSNAEnabled)
+wpa=3
+
+# Set of accepted key management algorithms (WPA-PSK, WPA-EAP, or both). The
+# entries are separated with a space. WPA-PSK-SHA256 and WPA-EAP-SHA256 can be
+# added to enable SHA256-based stronger algorithms.
+# (dot11RSNAConfigAuthenticationSuitesTable)
+wpa_key_mgmt=WPA-PSK
+
+# WPA pre-shared keys for WPA-PSK.
+wpa_passphrase=WoAuchImmer
+
+# Set of accepted cipher suites (encryption algorithms) for pairwise keys
+# (unicast packets). This is a space separated list of algorithms:
+# CCMP = AES in Counter mode with CBC-MAC [RFC 3610, IEEE 802.11i/D7.0]
+# TKIP = Temporal Key Integrity Protocol [IEEE 802.11i/D7.0]
+# Group cipher suite (encryption algorithm for broadcast and multicast frames)
+# is automatically selected based on this configuration. If only CCMP is
+# allowed as the pairwise cipher, group cipher will also be CCMP. Otherwise,
+# TKIP will be used as the group cipher.
+# (dot11RSNAConfigPairwiseCiphersTable)
+# Pairwise cipher for WPA (v1) (default: TKIP)
+wpa_pairwise=TKIP CCMP
+
+# Pairwise cipher for RSN/WPA2 (default: use wpa_pairwise value)
+rsn_pairwise=CCMP
+
+# Time interval for rekeying GTK (broadcast/multicast encryption keys) in
+# seconds. (dot11RSNAConfigGroupRekeyTime)
+wpa_group_rekey=600
+
+# Station MAC address -based authentication
+# Please note that this kind of access control requires a driver that uses
+# hostapd to take care of management frame processing and as such, this can be
+# used with driver=hostap or driver=nl80211, but not with driver=madwifi.
+# 0 = accept unless in deny list
+# 1 = deny unless in accept list
+# 2 = use external RADIUS server (accept/deny lists are searched first)
+macaddr_acl=0
+
+# Interface for separate control program. If this is specified, hostapd
+# will create this directory and a UNIX domain socket for listening to requests
+# from external programs (CLI/GUI, etc.) for status information and
+# configuration. The socket file will be named based on the interface name, so
+# multiple hostapd processes/interfaces can be run at the same time if more
+# than one interface is used.
+# /var/run/hostapd is the recommended directory for sockets and by default,
+# hostapd_cli will use it when trying to connect with hostapd.
+ctrl_interface=/var/run/hostapd
+
+
+#  debugging output - uncomment them to activate; issue  hostapd -d /etc/hostapd/hostapd.conf
+#  to get debugging info in visible/real-time form
+#logger_syslog=-1
+#logger_syslog_level=2
+#logger_stdout=-1
+#logger_stdout_level=2

WF/igmpproxy.conf.WF

@@ -0,0 +1,75 @@
+########################################################
+#
+#   Example configuration file for the IgmpProxy
+#   --------------------------------------------
+#
+#   The configuration file must define one upstream
+#   interface, and one or more downstream interfaces.
+#
+#   If multicast traffic originates outside the
+#   upstream subnet, the "altnet" option can be
+#   used in order to define legal multicast sources.
+#   (Se example...)
+#
+#   The "quickleave" should be used to avoid saturation
+#   of the upstream link. The option should only
+#   be used if it's absolutely nessecary to
+#   accurately imitate just one Client.
+#
+########################################################
+
+##------------------------------------------------------
+## Enable Quickleave mode (Sends Leave instantly)
+##------------------------------------------------------
+quickleave
+
+
+##------------------------------------------------------
+## Configuration for eth0 (Upstream Interface)
+##------------------------------------------------------
+#phyint eth0 upstream  ratelimit 0  threshold 1
+#        altnet 10.0.0.0/8 
+#        altnet 192.168.0.0/24
+##------------------------------------------------------
+## Configuration for ppp0 (Upstream Interface)
+##------------------------------------------------------
+#phyint ppp0 upstream  ratelimit 0  threshold 1
+phyint eth2.8 upstream  ratelimit 0  threshold 1
+        altnet 217.0.119.194/24
+        altnet 193.158.35.0/24;
+        altnet 239.35.100.6/24;
+        altnet 93.230.64.0/19;
+        altnet 192.168.63.0/24;
+        #
+        #altnet 192.168.63.5/32;
+        #altnet 192.168.63.40/32;
+
+
+##------------------------------------------------------
+## Configuration for eth1 (Downstream Interface)
+##------------------------------------------------------
+#phyint br0 downstream  ratelimit 0  threshold 1
+phyint eth1 downstream  ratelimit 0  threshold 1
+        # IP der TV-Box
+        altnet 192.168.63.0/24;
+        #altnet 192.168.63.5/32;
+        #altnet 192.168.63.40/32;
+
+
+##------------------------------------------------------
+## Configuration for eth2 (Disabled Interface)
+##------------------------------------------------------
+#phyint eth2 disabled
+##------------------------------------------------------
+## Configuration for eth2 (Disabled Interface)
+##------------------------------------------------------
+phyint eth0 disabled
+phyint eth2 disabled
+phyint eth2.7 disabled
+phyint eth1:0 disabled
+phyint eth1:wf disabled
+phyint ppp0 disabled
+phyint tun0 disabled
+phyint lo disabled
+
+

WF/interfaces.WF

@@ -7,22 +7,22 @@ iface lo inet loopback
 
 
 #-----------------------------
-# eth0 - WAN
+# eth2 - WAN
 #-----------------------------
 
-auto eth0
-iface eth0 inet static
+auto eth2
+iface eth2 inet static
    address 192.168.16.254
    network 192.168.16.0
    netmask 255.255.255.0
    broadcast 192.168.16.255
    # VDSL needs vlan
-   post-up vconfig add eth0 7
-   post-down vconfig rem eth0.7
+   post-up vconfig add eth2 7
+   post-down vconfig rem eth2.7
 
 auto dsl-provider
 iface dsl-provider inet ppp
-   pre-up /sbin/ifconfig eth0.7 up # line maintained by pppoeconf
+   pre-up /sbin/ifconfig eth2.7 up # line maintained by pppoeconf
    provider dsl-provider
 
 
@@ -54,13 +54,21 @@ iface eth1:1 inet static
 
 
 #-----------------------------
-# eth2 - WLAN
+# eth0 - WLAN
 #-----------------------------
 
-auto eth2
-iface eth2 inet static
+auto eth0
+iface eth0 inet static
    address 192.168.42.254
    network 192.168.42.0
    netmask 255.255.255.0
    broadcast 192.168.42.255
 
+
+
+auto eth1:rescue
+iface eth1:rescue inet static
+   address 172.16.1.1
+   network 172.16.1.0
+   netmask 255.255.255.0
+   broadcast 172.16.1.255

WF/ipt-firewall/interfaces_ipv4.conf

@@ -15,7 +15,7 @@ ext_ifs_dsl="$ext_if_dsl_1 $ext_if_dsl_2 $ext_if_dsl_3 $ext_if_dsl_4"
 
 # - Extern Interfaces Static Lines
 # -    (blank separated list)
-ext_if_static_1="eth0"
+ext_if_static_1="eth2"
 ext_if_static_2=""
 ext_if_static_3=""
 
@@ -26,8 +26,8 @@ ext_ifs_static="$ext_if_static_1 $ext_if_static_2 $ext_if_static_3"
 vpn_ifs="tun+"
 
 # - Local Interfaces
-local_if_1="eth1"
-local_if_2="eth2"
+local_if_1="eth0"
+local_if_2="eth1"
 local_if_3=""
 local_if_4=""
 local_if_5=""

WF/ipt-firewall/main_ipv4.conf

@@ -250,9 +250,14 @@ allow_local_net_to_local_net=""
 # -   allow_local_if_to_local_ip="${local_if_1}:192.168.10.1
 # -                               ${local_if_2}:192.168.10.13"
 # -
+# - 192.168.43.10    Nasrechner (incl Cloud)
+# -
 # - Blank separated list
 # -
-allow_local_if_to_local_ip=""
+allow_local_if_to_local_ip="
+   ${local_if_1}:192.168.43.10
+   ${local_if_2}:192.168.43.10
+"
 
 
 
@@ -1044,8 +1049,10 @@ masquerade_tcp_cons=""
 # -    portforward_tcp="$ext_if_dsl_1:9997:192.168.52.25:22
 # -                     $ext_if_dsl_1:9998:192.168.53.24:22"
 # -
-# - 192.168.52.24:9080  Etherpad
-# - 192.168.52.24:9443  Etherpad
+# - 192.168.52.24:9080  HTTP  Etherpad
+# - 192.168.52.24:9443  HTTPS Etherpad
+# - 192.168.43.10:443   HTTPS Nextcloud
+# - 192.168.52.25:22    SSH   Repository
 # -
 # - Blank separated list
 # -
@@ -1053,6 +1060,7 @@ portforward_tcp="
    $ext_if_dsl_1:9080:192.168.52.24:9080
    $ext_if_dsl_1:9443:192.168.52.24:9443
    $ext_if_dsl_1:8443:192.168.43.10:443
+   $ext_if_dsl_1:9998:192.168.52.25:22
 "
 
 

WF/isc-dhcp6-server.WF

@@ -0,0 +1,116 @@
+#!/bin/sh
+#
+#
+
+### BEGIN INIT INFO
+# Provides:          isc-dhcp6-server
+# Required-Start:    $remote_fs $network $syslog
+# Required-Stop:     $remote_fs $network $syslog
+# Should-Start:      $local_fs slapd $named
+# Should-Stop:       $local_fs slapd
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: DHCPv6 server
+# Description:       Dynamic Host Configuration Protocol Server
+### END INIT INFO
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+OPTIONS="-6"
+
+test -f /usr/sbin/dhcpd || exit 0
+
+DHCPD_DEFAULT="${DHCPD_DEFAULT:-/etc/default/isc-dhcp6-server}"
+
+# It is not safe to start if we don't have a default configuration...
+if [ ! -f "$DHCPD_DEFAULT" ]; then
+	echo "$DHCPD_DEFAULT does not exist! - Aborting..."
+	if [ "$DHCPD_DEFAULT" = "/etc/default/isc-dhcp-server" ]; then
+		echo "Run 'dpkg-reconfigure isc-dhcp-server' to fix the problem."
+	fi
+	exit 0
+fi
+
+. /lib/lsb/init-functions
+
+# Read init script configuration
+[ -f "$DHCPD_DEFAULT" ] && . "$DHCPD_DEFAULT"
+
+NAME=dhcpd6
+DESC="ISC DHCPv6 server"
+# fallback to default config file
+DHCPD_CONF=${DHCPD_CONF:-/etc/dhcp/dhcpd6.conf}
+# try to read pid file name from config file, with fallback to /var/run/dhcpd.pid
+if [ -z "$DHCPD_PID" ]; then
+	DHCPD_PID=$(sed -n -e 's/^[ \t]*pid-file-name[ \t]*"(.*)"[ \t]*;.*$/\1/p' < "$DHCPD_CONF" 2>/dev/null | head -n 1)
+fi
+DHCPD_PID="${DHCPD_PID:-/var/run/dhcpd6.pid}"
+
+test_config()
+{
+	if ! /usr/sbin/dhcpd -t $OPTIONS -q -cf "$DHCPD_CONF" > /dev/null 2>&1; then
+		echo "dhcpd self-test failed. Please fix $DHCPD_CONF."
+		echo "The error was: "
+		/usr/sbin/dhcpd -t $OPTIONS -cf "$DHCPD_CONF"
+		exit 1
+	fi
+}
+
+# single arg is -v for messages, -q for none
+check_status()
+{
+    if [ ! -r "$DHCPD_PID" ]; then
+	test "$1" != -v || echo "$NAME is not running."
+	return 3
+    fi
+    if read pid < "$DHCPD_PID" && ps -p "$pid" > /dev/null 2>&1; then
+	test "$1" != -v || echo "$NAME is running."
+	return 0
+    else
+	test "$1" != -v || echo "$NAME is not running but $DHCPD_PID exists."
+	return 1
+    fi
+}
+
+case "$1" in
+	start)
+		test_config
+		log_daemon_msg "Starting $DESC" "$NAME"
+		start-stop-daemon --start --quiet --pidfile "$DHCPD_PID" \
+			--exec /usr/sbin/dhcpd -- \
+			-q $OPTIONS -cf "$DHCPD_CONF" -pf "$DHCPD_PID" $INTERFACES
+		sleep 2
+
+		if check_status -q; then
+			log_end_msg 0
+		else
+			log_failure_msg "check syslog for diagnostics."
+			log_end_msg 1
+			exit 1
+		fi
+		;;
+	stop)
+		log_daemon_msg "Stopping $DESC" "$NAME"
+		start-stop-daemon --stop --quiet --pidfile "$DHCPD_PID"
+		log_end_msg $?
+		rm -f "$DHCPD_PID"
+		;;
+	restart | force-reload)
+		test_config
+		$0 stop
+		sleep 2
+		$0 start
+		if [ "$?" != "0" ]; then
+			exit 1
+		fi
+		;;
+	status)
+		echo -n "Status of $DESC: "
+		check_status -v
+		exit "$?"
+		;;
+	*)
+		echo "Usage: $0 {start|stop|restart|force-reload|status}"
+		exit 1 
+esac
+
+exit 0

WF/peers/dsl-provider

@@ -20,7 +20,7 @@ mtu 1456
 #persist
 #maxfail 0
 #holdoff 20
-plugin rp-pppoe.so eth0.7
+plugin rp-pppoe.so eth2.7
 ##user "0025591824365511139967620001@t-online.de"
 #user "feste-ip4/7TB02K2HZ4Q3@t-online-com.de"
 user "0029713004945511268028220001@t-online.de"

WF/radvd.conf.WF

@@ -0,0 +1,29 @@
+interface eth1
+{
+   AdvManagedFlag on;
+   AdvSendAdvert on;
+   AdvLinkMTU 1280;
+   #AdvOtherConfigFlag on;
+
+   #prefix 2001:6f8:107e:63::/64
+   #{
+   #   AdvOnLink on;
+   #   AdvAutonomous on;
+   #   AdvRouterAddr on;
+   #};
+};
+
+interface br0
+{
+   AdvManagedFlag on;
+   AdvSendAdvert on;
+   AdvLinkMTU 1280;
+   #AdvOtherConfigFlag on;
+
+   #prefix 2001:6f8:107e:64::/64
+   #{
+   #   AdvOnLink on;
+   #   AdvAutonomous on;
+   #   AdvRouterAddr on;
+   #};
+};

WF/sbin/disk-action

@@ -0,0 +1,55 @@
+#!/bin/bash
+
+export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+
+BASENAME="${0##*/}"
+ACTION="$1"
+MOUNT_POINT="$2"
+
+transmission_try_start() {
+    . /etc/default/transmission-daemon
+    if [ $(expr "${BASE_DIR}/" : "${MOUNT_POINT}/") -gt 0 ]; then
+	sed -r 's/^ENABLE_DAEMON=.*$/ENABLE_DAEMON=1/' < /etc/default/transmission-daemon > /tmp/.transmission-daemon.$$
+	cat /tmp/.transmission-daemon.$$ > /etc/default/transmission-daemon
+	rm  /tmp/.transmission-daemon.$$
+	if [ "$(pidof transmission-daemon)" != "" ]; then
+	    killall -9 transmission-daemon 2>&1 >/dev/null
+	    sleep 1
+	fi
+	xMASK=$(umask); umask 0000
+	[ ! -d "${BASE_DIR}"     ] && mkdir -p "${BASE_DIR}"
+	[ ! -d "${CONFIG_DIR}"   ] && mkdir -p "${CONFIG_DIR}"
+	[ ! -d "${DOWNLOAD_DIR}" ] && mkdir -p "${DOWNLOAD_DIR}"
+	[ ! -d "${WATCH_DIR}"    ] && mkdir -p "${WATCH_DIR}"
+	[ ! -f "${CONFIG_DIR}/settings.json" ] && cp "/var/lib/transmission/settings.json.template" "${CONFIG_DIR}/settings.json" 
+	umask ${xMASK}
+	/etc/init.d/transmission-daemon start 2>&1 >/dev/null
+    fi
+}
+
+transmission_try_stop() {
+    . /etc/default/transmission-daemon
+    if [ $(expr "${BASE_DIR}/" : "${MOUNT_POINT}/") -gt 0 ]; then
+	sed -r 's/^ENABLE_DAEMON=.*$/ENABLE_DAEMON=0/' < /etc/default/transmission-daemon > /tmp/.transmission-daemon.$$
+	cat /tmp/.transmission-daemon.$$ > /etc/default/transmission-daemon
+	rm  /tmp/.transmission-daemon.$$
+	if [ "$(pidof transmission-daemon)" != "" ]; then
+	    killall -9 transmission-daemon 2>&1 >/dev/null
+	fi
+    fi
+}
+
+logger -t $BASENAME "$@ --> BEGIN"
+
+case "$1" in
+    add)
+	transmission_try_start
+    ;;
+    remove)
+	transmission_try_stop
+    ;;
+    *)
+	echo "Use: $0 (add|remove) /mount/point"
+esac
+
+logger -t $BASENAME "$@ --> END"

WF/sbin/rebind

@@ -0,0 +1,20 @@
+#!/bin/bash
+
+case "$1" in
+	on)
+		set -x
+		mount --bind /proc    /ro/proc
+		mount --bind /sys     /ro/sys
+		mount --bind /dev     /ro/dev
+		mount --bind /dev/pts /ro/dev/pts
+	;;
+	off)
+		set -x
+		umount /ro/dev/pts
+		umount /ro/dev
+		umount /ro/sys
+		umount /ro/proc
+	;;
+	*)
+		echo "Use: $0 (on|off)"
+esac

WF/sbin/synctime

@@ -0,0 +1,23 @@
+#!/bin/bash
+
+export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+
+NOW=$(date +%s)
+INTERVAL=$[ 8 * 60 * 60 ]  # 8 hs
+CONTROL=/tmp/.lastSyncTime
+
+sync_time() {
+    ntpdate-debian -s  || exit 1
+    hwclock --systohc  || exit 1
+    touch ${CONTROL}
+}
+
+[ ! -f ${CONTROL} ] && sync_time && exit 0
+
+SYNCRONIZED=$(stat -c %Y ${CONTROL})
+SECONDS=$[ ${NOW} - ${SYNCRONIZED} ]
+
+[ ${SECONDS} -gt ${INTERVAL} ] && sync_time && exit 0
+[ ${SECONDS} -lt 0           ] && sync_time && exit 0
+
+exit 0

WF/sbin/tmpsize

@@ -0,0 +1,8 @@
+#!/bin/bash
+
+export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+
+mount -t tmpfs | cut -d' ' -f3 | \
+while read MOUNT_POINT; do
+    mount -o remount,size=30M ${MOUNT_POINT}
+done

WF/sbin/usb-leds-on-off

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+[ -e "/sys/class/leds/alix:${2}/brightness"  ] && {
+	/bin/echo ${1} > "/sys/class/leds/alix:${2}/brightness"
+}

WF/src/APC/PowerChute/Linux_x64/silentInstall.sample

@@ -1,181 +0,0 @@
-# APC PowerChute Network Shutdown (PCNS) Silent Installer
-# 
-# This file contains parameters used by the PCNS silent
-# install option to support mass installation.
-#
-# Do not enclose values in quotes
-#
-# -------------------------------------------------------------------
-# Accept the EULA.
-#
-# This must be changed to YES to accept the EULA.  This is not case
-# sensitive.
-
-ACCEPT_EULA=NO
-#ACCEPT_EULA=YES
-
-# -------------------------------------------------------------------
-# The directory in which to install PCNS:
-# The default value /opt/APC is used if commented out or specified 
-# null value as "INSTALL_DIR="
-#
-# Values specified here are case sensitive.
-# -------------------------------------------------------------------
-
-INSTALL_DIR=/opt/APC
-
-# -------------------------------------------------------------------
-# The directory in which java is installed:
-# A PowerChute only private Java Runtime is used if commented out or
-# specified null value as "JAVA_DIR="
-#
-# PowerChute only private Java Runtime is NOT available on some 
-# Operating Systems.  See PowerChute Documentation for more details.
-#
-# This directory must specify a Java Runtime version 1.7.0 or later.
-#
-# Values specified here are case sensitive. 
-# -------------------------------------------------------------------
-
-JAVA_DIR=/usr/java/latest
-
-# -------------------------------------------------------------------
-# The silent install can register this host's IP address with the 
-# management card. If you are installing PCNS on more than 50 hosts
-# for one management card, consult the PCNS Installation Guide. Valid
-# values for this parameter are "no" or "yes".
-#
-# Values specified here are not case sensitive.
-# -------------------------------------------------------------------
-
-REGISTER_WITH_NMC=YES
-
-# -------------------------------------------------------------------
-# Uncomment and edit the following to specify the installation 
-# configuration.  The installation mode can have one of the 
-# following values:
-#
-# 'single': Register with a single NMC card.
-# 'redundant': Register with several NMC cards in a redundant  
-#	configuration.
-# 'parallel': Register with several NMC cards in a parallel 
-#	configuration.
-#
-# Values specified here are not case sensitive.
-# -------------------------------------------------------------------
-
-# MODE=single
-
-# -------------------------------------------------------------------
-# Fill in the below fields with the correct network configuration. Ensure
-# all the NMCs and servers are in the same network configuration.
-#
-# Valid values for NETWORKCONFIG are 'IPv4' and 'IPv6'
-#
-# Valid values for IPV6NETWORKCONFIG are 'Unicast' and 'Multicast'. This
-# parameter need not specified if the network configuration is IPv4
-# -------------------------------------------------------------------
-
-NETWORKCONFIG=IPv4
-#IPV6NETWORKCONFIG= 
-
-# -------------------------------------------------------------------
-# Uncomment and edit the following to specify the UPS Network 
-# Management cards to register with.
-# -------------------------------------------------------------------
-
-# IP_1=000.000.000.000
-# IP_2=000.000.000.000
-# IP_3=000.000.000.000
-# IP_4=000.000.000.000
-# IP_5=000.000.000.000
-# IP_6=000.000.000.000
-# IP_7=000.000.000.000
-# IP_8=000.000.000.000
-# IP_9=000.000.000.000
-
-# -------------------------------------------------------------------
-# Uncomment and edit the following to specify the UPS Outlet Group 
-# for each UPS NMC.  The value given is the outlet number.
-# -------------------------------------------------------------------
-
-# IP_1_Outlet=0
-# IP_2_Outlet=0
-# IP_3_Outlet=0
-# IP_4_Outlet=0
-# IP_5_Outlet=0
-# IP_6_Outlet=0
-# IP_7_Outlet=0
-# IP_8_Outlet=0
-# IP_9_Outlet=0
-
-# -------------------------------------------------------------------
-# This value specifies the UPS Network Management Port to use for
-# registration.  Valid values are 80, 443, and 5000 to 32768.
-# -------------------------------------------------------------------
-
-PORT=80
-
-# -------------------------------------------------------------------
-# This value specifies the protocol to use when registering with the
-# UPS Network Management Card.  Valid values are 'http' or 'https'.
-#
-# Values specified here are not case sensitive.
-# -------------------------------------------------------------------
-
-PROTOCOL=http
-
-# -------------------------------------------------------------------
-# When using the https protocol, SSL certificates are used to secure the 
-# connection.  By default the NMC uses a self signed certificate, 
-# which needs to be accepted.
-#
-# ACCEPTCERTS=YES 
-# Certificates which are self signed, or have some other issue, will
-# be automatically accepted (Recommended)
-#
-# ACCEPTCERTS=NO
-# Connection will only be established if the NMC has been configured
-# with a valid certificate.
-#
-# Values specified here are not case sensitive.
-# -------------------------------------------------------------------
-
-#ACCEPTCERTS=YES
-
-# -------------------------------------------------------------------
-# Fill in the below fields with the correct security information.
-# The Administrator User Name and Authentication Phrase must match
-# the settings of the Management Card in your UPS.
-#
-# Values specified here are case sensitive.
-# -------------------------------------------------------------------
-
-USERNAME=
-PASSWORD=
-AUTHENTICATION_PHRASE=
-
-# -------------------------------------------------------------------
-# Uncomment and edit the following only if you have more than one
-# network card installed locally. The below fields should specify
-# which local IP address to register with the UPS Network Management
-# Card. 
-# 
-# This field will be read if the network configuration is IPv4
-# -------------------------------------------------------------------
-
-#LOCAL_IP_ADDRESS=000.000.000.000
-
-# -------------------------------------------------------------------
-# The below fields should specify unicast/multicast address to register 
-# with the UPS Network Management Card. 
-# 
-# This field will be read if the network configuration is IPv6.
-#
-# Both Unicast and Multicast address are required if the IPV6NETWORKCONFIG
-# is 'Multicast'. If IPV6NETWORKCONFIG is 'Unicast' only Unicast address
-# is required.
-# -------------------------------------------------------------------
-
-#UNICAST_ADDRESS=
-#MULTICAST_ADDRESS=