remove obsolete /usr/share/pf, agreed by many

10 files changed, 0 insertions, 386 deletions

diff --git a/share/pf/Makefile b/share/pf/Makefile
deleted file mode 100644
index 2af1d039416..00000000000
--- a/share/pf/Makefile
+++ /dev/null
@@ -1,13 +0,0 @@
-#
-#	$OpenBSD: Makefile,v 1.6 2003/08/22 15:25:50 henning Exp $
-#
-FILES=	queue1 queue2 queue3 ackpri faq-example1 faq-example2 faq-example3
-FILES+= spamd
-NOOBJ=	noobj
-
-all clean cleandir depend lint tags:
-
-install:
-	install -c -m 0444 ${FILES} ${DESTDIR}${BINDIR}/pf/
-
-.include <bsd.prog.mk>
diff --git a/share/pf/ackpri b/share/pf/ackpri
deleted file mode 100644
index 2dd42b9bb3b..00000000000
--- a/share/pf/ackpri
+++ /dev/null
@@ -1,30 +0,0 @@
-# $OpenBSD: ackpri,v 1.3 2006/10/07 04:48:01 mcbride Exp $
-
-# Use a simple priority queue to prioritize empty (no payload) TCP ACKs,
-# which dramatically improves throughput on (asymmetric) links when the
-# reverse direction is saturated. The empty ACKs use an insignificant
-# part of the bandwidth, but if they get delayed, downloads suffer
-# badly, so prioritize them.
-
-# Example: 512/128 kbps ADSL. Download is 50 kB/s. When a concurrent
-# upload saturates the uplink, download drops to 7 kB/s. With the
-# priority queue below, download drops only to 48 kB/s.
-
-# Replace lo0 with your real external interface
-
-ext_if="lo0"
-
-# For a 512/128 kbps ADSL with PPPoE link, using "bandwidth 100Kb"
-# is optimal. Some experimentation might be needed to find the best
-# value. If it's set too high, the priority queue is not effective, and
-# if it's set too low, the available bandwidth is not fully used.
-# A good starting point would be real_uplink_bandwidth * 90 / 100.
-
-altq on $ext_if priq bandwidth 100Kb queue { q_pri, q_def }
-queue q_pri priority 7
-queue q_def priority 1 priq(default)
-
-pass out on $ext_if proto tcp from $ext_if to any queue (q_def, q_pri)
-
-pass in  on $ext_if proto tcp from any to $ext_if queue (q_def, q_pri)
-
diff --git a/share/pf/faq-example1 b/share/pf/faq-example1
deleted file mode 100644
index ee69e15ae2e..00000000000
--- a/share/pf/faq-example1
+++ /dev/null
@@ -1,50 +0,0 @@
-# $OpenBSD: faq-example1,v 1.5 2006/10/07 04:48:01 mcbride Exp $
-
-#
-# Firewall for Home or Small Office
-# http://www.openbsd.org/faq/pf/example1.html
-#
-
-
-# macros
-ext_if="fxp0"
-int_if="xl0"
-
-tcp_services="{ 22, 113 }"
-icmp_types="echoreq"
-
-comp3="192.168.0.3"
-
-# options
-set block-policy return
-set loginterface $ext_if
-
-set skip on lo
-
-# scrub
-scrub in
-
-# nat/rdr
-nat on $ext_if from !($ext_if) -> ($ext_if:0)
-nat-anchor "ftp-proxy/*"
-rdr-anchor "ftp-proxy/*"
-
-rdr pass on $int_if proto tcp to port ftp -> 127.0.0.1 port 8021
-rdr on $ext_if proto tcp from any to any port 80 -> $comp3
-
-# filter rules
-block in
-
-pass out
-
-anchor "ftp-proxy/*"
-antispoof quick for { lo $int_if }
-
-pass in on $ext_if inet proto tcp from any to ($ext_if) port $tcp_services
-
-pass in on $ext_if inet proto tcp from any to $comp3 port 80 \
-    synproxy state
-
-pass in inet proto icmp all icmp-type $icmp_types
-
-pass quick on $int_if no state
diff --git a/share/pf/faq-example2 b/share/pf/faq-example2
deleted file mode 100644
index e3dea440e83..00000000000
--- a/share/pf/faq-example2
+++ /dev/null
@@ -1,88 +0,0 @@
-# $OpenBSD: faq-example2,v 1.4 2006/10/07 04:48:01 mcbride Exp $
-
-#
-# Small, Home Network
-# http://www.openbsd.org/faq/pf/queueing.html#example1
-#
-
-
-# enable queueing on the external interface to control traffic going to
-# the Internet. use the priq scheduler to control only priorities. set
-# the bandwidth to 610Kbps to get the best performance out of the TCP
-# ACK queue.
-
-altq on fxp0 priq bandwidth 610Kb queue { std_out, ssh_im_out, dns_out, \
-        tcp_ack_out }
-
-# define the parameters for the child queues.
-# std_out      - the standard queue. any filter rule below that does not
-#                explicitly specify a queue will have its traffic added
-#                to this queue.
-# ssh_im_out   - interactive SSH and various instant message traffic.
-# dns_out      - DNS queries.
-# tcp_ack_out  - TCP ACK packets with no data payload.
-
-queue std_out     priq(default)
-queue ssh_im_out  priority 4 priq(red)
-queue dns_out     priority 5
-queue tcp_ack_out priority 6
-
-# enable queueing on the internal interface to control traffic coming in
-# from the Internet. use the cbq scheduler to control bandwidth. max
-# bandwidth is 2Mbps.
-
-altq on dc0 cbq bandwidth 2Mb queue { std_in, ssh_im_in, dns_in, bob_in }
-
-# define the parameters for the child queues.
-# std_in      - the standard queue. any filter rule below that does not
-#               explicitly specify a queue will have its traffic added
-#               to this queue.
-# ssh_im_in   - interactive SSH and various instant message traffic.
-# dns_in      - DNS replies.
-# bob_in      - bandwidth reserved for Bob's workstation. allow him to
-#               borrow.
-
-queue std_in    bandwidth 1.6Mb cbq(default)
-queue ssh_im_in bandwidth 200Kb priority 4
-queue dns_in    bandwidth 120Kb priority 5
-queue bob_in    bandwidth 80Kb cbq(borrow)
-
-
-# ... in the filtering section of pf.conf ...
-
-alice         = "192.168.0.2"
-bob           = "192.168.0.3"
-charlie       = "192.168.0.4"
-local_net     = "192.168.0.0/24"
-ssh_ports     = "{ 22 2022 }"
-im_ports      = "{ 1863 5190 5222 }"
-
-# filter rules for fxp0 inbound
-block in on fxp0 all
-
-# filter rules for fxp0 outbound
-block out on fxp0 all
-pass  out on fxp0 inet proto tcp from (fxp0) to any \
-        queue(std_out, tcp_ack_out)
-pass  out on fxp0 inet proto { udp icmp } from (fxp0) to any
-pass  out on fxp0 inet proto { tcp udp } from (fxp0) to any port domain \
-        queue dns_out
-pass  out on fxp0 inet proto tcp from (fxp0) to any port $ssh_ports \
-        queue(std_out, ssh_im_out)
-pass  out on fxp0 inet proto tcp from (fxp0) to any port $im_ports \
-        queue(ssh_im_out, tcp_ack_out)
-
-# filter rules for dc0 inbound
-block in on dc0 all
-pass  in on dc0 from $local_net
-
-# filter rules for dc0 outbound
-block out on dc0 all
-pass  out on dc0 from any to $local_net
-pass  out on dc0 proto { tcp udp } from any port domain to $local_net \
-        queue dns_in
-pass  out on dc0 proto tcp from any port $ssh_ports to $local_net \
-        queue(std_in, ssh_im_in)
-pass  out on dc0 proto tcp from any port $im_ports to $local_net \
-        queue ssh_im_in
-pass  out on dc0 from any to $bob queue bob_in
diff --git a/share/pf/faq-example3 b/share/pf/faq-example3
deleted file mode 100644
index b4793110842..00000000000
--- a/share/pf/faq-example3
+++ /dev/null
@@ -1,116 +0,0 @@
-# $OpenBSD: faq-example3,v 1.4 2006/10/07 04:48:01 mcbride Exp $
-
-#
-# Company Network
-# http://www.openbsd.org/faq/pf/queueing.html#example2
-#
-
-
-# enable queueing on the external interface to queue packets going out
-# to the Internet. use the cbq scheduler so that the bandwidth use of
-# each queue can be controlled. the max outgoing bandwidth is 1.5Mbps.
-
-altq on fxp0 cbq bandwidth 1.5Mb queue { std_ext, www_ext, boss_ext }
-
-# define the parameters for the child queues.
-# std_ext        - the standard queue. also the default queue for
-#                  outgoing traffic on fxp0.
-# www_ext        - container queue for WWW server queues. limit to
-#                  500Kbps.
-#   www_ext_http - http traffic from the WWW server; higher priority.
-#   www_ext_misc - all non-http traffic from the WWW server.
-# boss_ext       - traffic coming from the boss's computer.
-
-queue std_ext        bandwidth 500Kb cbq(default borrow)
-queue www_ext        bandwidth 500Kb { www_ext_http, www_ext_misc }
-  queue www_ext_http bandwidth 50% priority 3 cbq(red borrow)
-  queue www_ext_misc bandwidth 50% priority 1 cbq(borrow)
-queue boss_ext       bandwidth 500Kb priority 3 cbq(borrow)
-
-# enable queueing on the internal interface to control traffic coming
-# from the Internet or the DMZ. use the cbq scheduler to control the
-# bandwidth of each queue. bandwidth on this interface is set to the
-# maximum. traffic coming from the DMZ will be able to use all of this
-# bandwidth while traffic coming from the Internet will be limited to
-# 1.0Mbps (because 0.5Mbps (500Kbps) is being allocated to fxp1).
-
-altq on dc0 cbq bandwidth 100% queue { net_int, www_int }
-
-# define the parameters for the child queues.
-# net_int    - container queue for traffic from the Internet. bandwidth
-#              is 1.0Mbps.
-#   std_int  - the standard queue. also the default queue for outgoing
-#              traffic on dc0.
-#   it_int   - traffic to the IT Dept network; reserve them 500Kbps.
-#   boss_int - traffic to the boss's PC; assign a higher priority.
-# www_int    - traffic from the WWW server in the DMZ; full speed.
-
-queue net_int    bandwidth 1.0Mb { std_int, it_int, boss_int }
-  queue std_int  bandwidth 250Kb cbq(default borrow)
-  queue it_int   bandwidth 500Kb cbq(borrow)
-  queue boss_int bandwidth 250Kb priority 3 cbq(borrow)
-queue www_int    bandwidth 99Mb cbq(red borrow)
-
-# enable queueing on the DMZ interface to control traffic destined for
-# the WWW server. cbq will be used on this interface since detailed
-# control of bandwidth is necessary. bandwidth on this interface is set
-# to the maximum. traffic from the internal network will be able to use
-# all of this bandwidth while traffic from the Internet will be limited
-# to 500Kbps.
-
-altq on fxp1 cbq bandwidth 100% queue { internal_dmz, net_dmz }
-
-# define the parameters for the child queues.
-# internal_dmz   - traffic from the internal network.
-# net_dmz        - container queue for traffic from the Internet.
-#   net_dmz_http - http traffic; higher priority.
-#   net_dmz_misc - all non-http traffic. this is also the default queue.
-
-queue internal_dmz   bandwidth 99Mb cbq(borrow)
-queue net_dmz        bandwidth 500Kb { net_dmz_http, net_dmz_misc }
-  queue net_dmz_http bandwidth 50% priority 3 cbq(red borrow)
-  queue net_dmz_misc bandwidth 50% priority 1 cbq(default borrow)
-
-
-# ... in the filtering section of pf.conf ...
-
-main_net  = "192.168.0.0/24"
-it_net    = "192.168.1.0/24"
-int_nets  = "{ 192.168.0.0/24, 192.168.1.0/24 }"
-dmz_net   = "10.0.0.0/24"
-
-boss      = "192.168.0.200"
-wwwserv   = "10.0.0.100"
-
-# default deny
-block on { fxp0, fxp1, dc0 } all
-
-# filter rules for fxp0 inbound
-pass in on fxp0 proto tcp from any to $wwwserv port { 21, \
-        > 49151 } queue www_ext_misc
-pass in on fxp0 proto tcp from any to $wwwserv port 80 \
-        queue www_ext_http
-
-# filter rules for fxp0 outbound
-pass out on fxp0 from $int_nets to any
-pass out on fxp0 from $boss to any queue boss_ext
-
-# filter rules for dc0 inbound
-pass in on dc0 from $int_nets to any
-pass in on dc0 from $it_net to any queue it_int
-pass in on dc0 from $boss to any queue boss_int
-pass in on dc0 proto tcp from $int_nets to $wwwserv port { 21, 80, \
-        > 49151 } queue www_int
-
-# filter rules for dc0 outbound
-pass out on dc0 from dc0 to $int_nets
-
-# filter rules for fxp1 inbound
-pass in on fxp1 proto { tcp, udp } from $wwwserv to any port 53
-
-# filter rules for fxp1 outbound
-pass out on fxp1 proto tcp from any to $wwwserv port { 21, \
-        > 49151 } queue net_dmz_misc
-pass out on fxp1 proto tcp from any to $wwwserv port 80 queue net_dmz_http
-pass out on fxp1 proto tcp from $int_nets to $wwwserv port { 80, \
-        21, > 49151 } queue internal_dmz
diff --git a/share/pf/queue1 b/share/pf/queue1
deleted file mode 100644
index 38824f38ee3..00000000000
--- a/share/pf/queue1
+++ /dev/null
@@ -1,20 +0,0 @@
-# $OpenBSD: queue1,v 1.4 2006/10/07 04:48:01 mcbride Exp $
-
-ext_if = "dc0"
-
-altq on $ext_if cbq bandwidth 10Mb \
-    queue { deflt, http, ssh, mail, rsets }
-queue	deflt bandwidth 10% priority 0 cbq(default ecn)
-queue	http bandwidth 1.5Mb priority 3 { http_vhosts, http_cust1 }
-queue	 http_vhosts bandwidth 40% cbq(borrow red)
-queue	 http_cust1 bandwidth 0.5Mb
-queue	mail bandwidth 10% priority 1
-queue	ssh bandwidth 100Kb priority 7 cbq(borrow)
-queue	rsets bandwidth 7500b priority 0 cbq(red)
-
-block return in on $ext_if inet all queue rsets
-pass in on $ext_if inet proto tcp from any to any port 80 queue http
-pass out on $ext_if inet proto tcp from any to any port 22 queue ssh
-pass in  on $ext_if inet proto tcp from any to any port 22 queue ssh
-pass out on $ext_if inet proto tcp from any to any port 25 queue mail
-pass out on $ext_if inet all
diff --git a/share/pf/queue2 b/share/pf/queue2
deleted file mode 100644
index 1968d8f3e8a..00000000000
--- a/share/pf/queue2
+++ /dev/null
@@ -1,28 +0,0 @@
-# $OpenBSD: queue2,v 1.4 2006/10/07 04:48:01 mcbride Exp $
-# advanced queue example.
-# give interactive ssh traffic priority over ssh bulk transfers (scp, sftp)
-
-ext_if="dc0"
-developerhosts="192.168.2.0/24"
-employeehosts="192.168.0.0/23"
-
-altq on $ext_if cbq bandwidth 5Mb queue { std, http, mail, ssh }
-
-queue std bandwidth 10% cbq(default)
-queue http bandwidth 60% priority 2 cbq(borrow red) { employees, developers }
-queue  developers bandwidth 75% cbq(borrow)
-queue  employees bandwidth 15%
-queue mail bandwidth 10% priority 0 cbq(borrow ecn)
-queue ssh bandwidth 20% cbq(borrow) { ssh_interactive, ssh_bulk }
-queue  ssh_interactive bandwidth 25% priority 7
-queue  ssh_bulk bandwidth 75% priority 0
-
-block return out on $ext_if inet all queue std
-pass out on $ext_if inet proto tcp from $developerhosts to any port 80 \
-    queue developers
-pass out on $ext_if inet proto tcp from $employeehosts to any port 80 \
-    queue employees
-pass out on $ext_if inet proto tcp from any to any port 22 \
-    queue(ssh_bulk, ssh_interactive)
-pass out on $ext_if inet proto tcp from any to any port 25 \
-    queue mail
diff --git a/share/pf/queue3 b/share/pf/queue3
deleted file mode 100644
index b33e7b8f204..00000000000
--- a/share/pf/queue3
+++ /dev/null
@@ -1,15 +0,0 @@
-# $OpenBSD: queue3,v 1.3 2006/10/07 04:48:01 mcbride Exp $
-# simple PRIQ example
-
-ext_if="lo0"
-
-altq on $ext_if priq bandwidth 10Mb queue { pri-low pri-med pri-high }
-queue pri-low priority 0
-queue pri-med priority 1 priq(default)
-queue pri-high priority 2
-
-pass out on $ext_if proto tcp from any to any port 22 \
-    queue(pri-med, pri-high)
-pass out on $ext_if proto tcp from any to any port 80 queue pri-med
-pass in  on $ext_if proto tcp from any to any port 80 queue pri-low
-
diff --git a/share/pf/queue4 b/share/pf/queue4
deleted file mode 100644
index e42299cff37..00000000000
--- a/share/pf/queue4
+++ /dev/null
@@ -1,19 +0,0 @@
-# $OpenBSD: queue4,v 1.2 2003/08/22 21:50:34 david Exp $
-#
-# Hierarchical queueing for a university.
-# Three faculties; engineering, law and art are defined.
-# Departments under the engineering faculty are defined as child queues.
-# The total bandwidth for engineering faculty is shared between three
-# departments. CS department gets the half of the bandwidth, EE and IE
-# departments get the thirty percent and twenty percent of bandwidth
-# respectively. These sibling departments can use more than their linkshare
-# whenever there is no backlogged sibling queue but when a queue gets
-# backlogged, it is guaranteed that the queue gets its linkshare.
-
-altq on dc0 bandwidth 16Mb hfsc queue { eng law art }
-queue eng bandwidth 10Mb { cs ee ie }
-queue  cs hfsc( default linkshare 50% ) 
-queue  ee hfsc( linkshare 30% ) 
-queue  ie hfsc( linkshare 20% )
-queue law bandwidth 3Mb
-queue art bandwidth 3Mb
diff --git a/share/pf/spamd b/share/pf/spamd
deleted file mode 100644
index 31b24adc3f5..00000000000
--- a/share/pf/spamd
+++ /dev/null
@@ -1,7 +0,0 @@
-# $OpenBSD: spamd,v 1.2 2005/08/06 19:52:37 jmc Exp $
-
-# spamd-setup puts addresses to be redirected into table <spamd>.
-
-table <spamd> persist
-no rdr on { lo0, lo1 } from any to any
-rdr inet proto tcp from <spamd> to any port smtp -> 127.0.0.1 port spamd