From a29ccb9b28072493e6874f1315e0b8bc9f7b0518 Mon Sep 17 00:00:00 2001
From: Neale Pickett <neale@lanl.gov>
Date: Wed, 20 Jul 2011 08:36:02 -0600
Subject: [PATCH 1/4] Fixes at LLNL interns event

---
 packages/bletchley/300/index.mdwn | 4 ++--
 packages/sequence/400/key         | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/packages/bletchley/300/index.mdwn b/packages/bletchley/300/index.mdwn
index e6bca1d..8f3a383 100644
--- a/packages/bletchley/300/index.mdwn
+++ b/packages/bletchley/300/index.mdwn
@@ -10,10 +10,10 @@ zasięgu 250 m) z racji zakończenia wojny nie opuścił desek
 kreślarskich nigdy nie wchodząc nawet w fazę prototypową.
 
     (61, 4)
-    (47, 8)
+    (47, 7)
     (19, 4)
     (37, 1)
-    (51, 3)
+    (51, 2)
     (67, 5)
     (9, 2)
     (26, 1)
diff --git a/packages/sequence/400/key b/packages/sequence/400/key
index 664a3f3..86e6881 100644
--- a/packages/sequence/400/key
+++ b/packages/sequence/400/key
@@ -1,3 +1,3 @@
-A9 8C
-a9 8c
+08 A9
+08 a9
 

From e07f81113c1b1f6ca3f9b11e4e6bcf884b42cf46 Mon Sep 17 00:00:00 2001
From: Neale Pickett <neale@lanl.gov>
Date: Thu, 28 Jul 2011 18:07:55 -0600
Subject: [PATCH 2/4] Configure router package for 172.16.0.0/12

---
 packages/router/service/dnsmasq/dnsmasq.conf | 99 ++++++++++----------
 packages/router/service/router/run           | 15 ++-
 2 files changed, 60 insertions(+), 54 deletions(-)

diff --git a/packages/router/service/dnsmasq/dnsmasq.conf b/packages/router/service/dnsmasq/dnsmasq.conf
index eefc1a1..d10fa39 100644
--- a/packages/router/service/dnsmasq/dnsmasq.conf
+++ b/packages/router/service/dnsmasq/dnsmasq.conf
@@ -3,53 +3,52 @@ local=/ctf/
 no-hosts
 domain=ctf
 dhcp-authoritative
-dhcp-range=10.0.1.10,10.0.1.254
-dhcp-range=10.1.1.10,10.1.1.254
-dhcp-range=10.2.1.10,10.2.1.254
-dhcp-range=10.3.1.10,10.3.1.254
-dhcp-range=10.4.1.10,10.4.1.254
-dhcp-range=10.5.1.10,10.5.1.254
-dhcp-range=10.6.1.10,10.6.1.254
-dhcp-range=10.7.1.10,10.7.1.254
-dhcp-range=10.8.1.10,10.8.1.254
-dhcp-range=10.9.1.10,10.9.1.254
-dhcp-range=10.10.1.10,10.10.1.254
-dhcp-range=10.11.1.10,10.11.1.254
-dhcp-range=10.12.1.10,10.12.1.254
-dhcp-range=10.13.1.10,10.13.1.254
-dhcp-range=10.14.1.10,10.14.1.254
-dhcp-range=10.15.1.10,10.15.1.254
-dhcp-range=10.16.1.10,10.16.1.254
-dhcp-range=10.17.1.10,10.17.1.254
-dhcp-range=10.18.1.10,10.18.1.254
-dhcp-range=10.19.1.10,10.19.1.254
-dhcp-range=10.20.1.10,10.20.1.254
-dhcp-range=10.21.1.10,10.21.1.254
-dhcp-range=10.22.1.10,10.22.1.254
-dhcp-range=10.23.1.10,10.23.1.254
-dhcp-range=10.24.1.10,10.24.1.254
-dhcp-range=10.25.1.10,10.25.1.254
-dhcp-range=10.26.1.10,10.26.1.254
-dhcp-range=10.27.1.10,10.27.1.254
-dhcp-range=10.28.1.10,10.28.1.254
-dhcp-range=10.29.1.10,10.29.1.254
-dhcp-range=10.30.1.10,10.30.1.254
-dhcp-range=10.31.1.10,10.31.1.254
-dhcp-range=10.32.1.10,10.32.1.254
-dhcp-range=10.33.1.10,10.33.1.254
-dhcp-range=10.34.1.10,10.34.1.254
-dhcp-range=10.35.1.10,10.35.1.254
-dhcp-range=10.36.1.10,10.36.1.254
-dhcp-range=10.37.1.10,10.37.1.254
-dhcp-range=10.38.1.10,10.38.1.254
-dhcp-range=10.39.1.10,10.39.1.254
-dhcp-range=10.40.1.10,10.40.1.254
-dhcp-range=10.41.1.10,10.41.1.254
-dhcp-range=10.42.1.10,10.42.1.254
-dhcp-range=10.43.1.10,10.43.1.254
-dhcp-range=10.44.1.10,10.44.1.254
-dhcp-range=10.45.1.10,10.45.1.254
-dhcp-range=10.46.1.10,10.46.1.254
-dhcp-range=10.47.1.10,10.47.1.254
-dhcp-range=10.48.1.10,10.48.1.254
-dhcp-range=10.254.1.10,10.254.1.254
+dhcp-range=vlan1,172.16.1.10,172.16.1.254
+dhcp-option=vlan1,121,172.16.0.0/12,172.16.1.1
+dhcp-range=vlan2,172.16.2.10,172.16.2.254
+dhcp-option=vlan2,121,172.16.0.0/12,172.16.2.1
+dhcp-range=vlan3,172.16.3.10,172.16.3.254
+dhcp-option=vlan3,121,172.16.0.0/12,172.16.3.1
+dhcp-range=vlan4,172.16.4.10,172.16.4.254
+dhcp-option=vlan4,121,172.16.0.0/12,172.16.4.1
+dhcp-range=vlan5,172.16.5.10,172.16.5.254
+dhcp-option=vlan5,121,172.16.0.0/12,172.16.5.1
+dhcp-range=vlan6,172.16.6.10,172.16.6.254
+dhcp-option=vlan6,121,172.16.0.0/12,172.16.6.1
+dhcp-range=vlan7,172.16.7.10,172.16.7.254
+dhcp-option=vlan7,121,172.16.0.0/12,172.16.7.1
+dhcp-range=vlan8,172.16.8.10,172.16.8.254
+dhcp-option=vlan8,121,172.16.0.0/12,172.16.8.1
+dhcp-range=vlan9,172.16.9.10,172.16.9.254
+dhcp-option=vlan9,121,172.16.0.0/12,172.16.9.1
+dhcp-range=vlan10,172.16.10.10,172.16.10.254
+dhcp-option=vlan10,121,172.16.0.0/12,172.16.10.1
+dhcp-range=vlan11,172.16.11.10,172.16.11.254
+dhcp-option=vlan11,121,172.16.0.0/12,172.16.11.1
+dhcp-range=vlan12,172.16.12.10,172.16.12.254
+dhcp-option=vlan12,121,172.16.0.0/12,172.16.12.1
+dhcp-range=vlan13,172.16.13.10,172.16.13.254
+dhcp-option=vlan13,121,172.16.0.0/12,172.16.13.1
+dhcp-range=vlan14,172.16.14.10,172.16.14.254
+dhcp-option=vlan14,121,172.16.0.0/12,172.16.14.1
+dhcp-range=vlan15,172.16.15.10,172.16.15.254
+dhcp-option=vlan15,121,172.16.0.0/12,172.16.15.1
+dhcp-range=vlan16,172.16.16.10,172.16.16.254
+dhcp-option=vlan16,121,172.16.0.0/12,172.16.16.1
+dhcp-range=vlan17,172.16.17.10,172.16.17.254
+dhcp-option=vlan17,121,172.16.0.0/12,172.16.17.1
+dhcp-range=vlan18,172.16.18.10,172.16.18.254
+dhcp-option=vlan18,121,172.16.0.0/12,172.16.18.1
+dhcp-range=vlan19,172.16.19.10,172.16.19.254
+dhcp-option=vlan19,121,172.16.0.0/12,172.16.19.1
+dhcp-range=vlan20,172.16.20.10,172.16.20.254
+dhcp-option=vlan20,121,172.16.0.0/12,172.16.20.1
+dhcp-range=vlan21,172.16.21.10,172.16.21.254
+dhcp-option=vlan21,121,172.16.0.0/12,172.16.21.1
+dhcp-range=vlan22,172.16.22.10,172.16.22.254
+dhcp-option=vlan22,121,172.16.0.0/12,172.16.22.1
+dhcp-range=vlan23,172.16.23.10,172.16.23.254
+dhcp-option=vlan23,121,172.16.0.0/12,172.16.23.1
+dhcp-range=vlan24,172.16.24.10,172.16.24.254
+dhcp-option=vlan24,121,172.16.0.0/12,172.16.24.1
+dhcp-option=3
diff --git a/packages/router/service/router/run b/packages/router/service/router/run
index 8dee3ba..dd1631f 100755
--- a/packages/router/service/router/run
+++ b/packages/router/service/router/run
@@ -18,13 +18,20 @@ echo 0 > /proc/sys/net/ipv4/tcp_timestamps
 echo 1 > /proc/sys/net/ipv4/icmp_errors_use_inbound_ifaddr
 echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
 
+
+# Make a huge arp table, because this is a router
+# and people like to run nmap
+
+echo 8192 > /proc/sys/net/ipv4/neigh/default/gc_thresh3
+echo 4096 > /proc/sys/net/ipv4/neigh/default/gc_thresh2
+
 # No label: dnsmasq can't cope
-ip addr add 10.0.0.1/16 dev eth0
+ip addr add 172.16.0.1/24 dev eth0
 ip link set eth0 up
 
-for i in $(seq 48); do
+for i in $(seq 24); do
   ip link add link eth0 name eth0.$i type vlan id $i
-  ip addr add 10.$i.0.1/16 dev eth0.$i
+  ip addr add 172.16.$i.0/24 dev eth0.$i
   ip link set eth0.$i up
 done
 
@@ -35,7 +42,7 @@ iptables -P FORWARD ACCEPT
 iptables -A INPUT -p udp --dport 53 -j ACCEPT
 iptables -A INPUT -p udp --dport 67:68 -j ACCEPT
 iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
-iptables -A INPUT -s 10.0.0.0/16 -j ACCEPT
+iptables -A INPUT -s 172.16.0.0/16 -j ACCEPT
 iptables -A INPUT -j REJECT
 
 sleep 8100d

From e871b3082c862cff0cbcd297499db83ccbc8b60f Mon Sep 17 00:00:00 2001
From: Neale Pickett <neale@lanl.gov>
Date: Fri, 29 Jul 2011 20:19:13 -0600
Subject: [PATCH 3/4] add fish forwarder

---
 packages/router/service/fish-forward/run | 3 +++
 packages/router/service/router/run       | 8 ++++----
 2 files changed, 7 insertions(+), 4 deletions(-)
 create mode 100755 packages/router/service/fish-forward/run

diff --git a/packages/router/service/fish-forward/run b/packages/router/service/fish-forward/run
new file mode 100755
index 0000000..413c81d
--- /dev/null
+++ b/packages/router/service/fish-forward/run
@@ -0,0 +1,3 @@
+#! /bin/sh
+
+exec socat -u udp-listen:27844 udp-datagram:172.16.24.255:27844,broadcast
diff --git a/packages/router/service/router/run b/packages/router/service/router/run
index dd1631f..ae41920 100755
--- a/packages/router/service/router/run
+++ b/packages/router/service/router/run
@@ -27,22 +27,22 @@ echo 4096 > /proc/sys/net/ipv4/neigh/default/gc_thresh2
 
 # No label: dnsmasq can't cope
 ip addr add 172.16.0.1/24 dev eth0
+ip addr add 172.30.73.1/24 dev eth0
 ip link set eth0 up
 
 for i in $(seq 24); do
   ip link add link eth0 name eth0.$i type vlan id $i
-  ip addr add 172.16.$i.0/24 dev eth0.$i
+  ip addr add 172.16.$i.1/24 dev eth0.$i
   ip link set eth0.$i up
 done
 
-iptables -P INPUT ACCEPT
 iptables -P OUTPUT ACCEPT
 iptables -P FORWARD ACCEPT
 
 iptables -A INPUT -p udp --dport 53 -j ACCEPT
 iptables -A INPUT -p udp --dport 67:68 -j ACCEPT
 iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
-iptables -A INPUT -s 172.16.0.0/16 -j ACCEPT
-iptables -A INPUT -j REJECT
+iptables -A INPUT -s 172.16.0.0/12 -j ACCEPT
+iptables -P INPUT DROP
 
 sleep 8100d

From cabe55e4860409b677208420e4f704934d280a6e Mon Sep 17 00:00:00 2001
From: Neale Pickett <neale@lanl.gov>
Date: Tue, 16 Aug 2011 16:23:18 -0600
Subject: [PATCH 4/4] Macintosh can't handle non-default routes

---
 packages/router/service/dnsmasq/dnsmasq.conf | 25 --------------------
 1 file changed, 25 deletions(-)

diff --git a/packages/router/service/dnsmasq/dnsmasq.conf b/packages/router/service/dnsmasq/dnsmasq.conf
index d10fa39..a047ccc 100644
--- a/packages/router/service/dnsmasq/dnsmasq.conf
+++ b/packages/router/service/dnsmasq/dnsmasq.conf
@@ -4,51 +4,26 @@ no-hosts
 domain=ctf
 dhcp-authoritative
 dhcp-range=vlan1,172.16.1.10,172.16.1.254
-dhcp-option=vlan1,121,172.16.0.0/12,172.16.1.1
 dhcp-range=vlan2,172.16.2.10,172.16.2.254
-dhcp-option=vlan2,121,172.16.0.0/12,172.16.2.1
 dhcp-range=vlan3,172.16.3.10,172.16.3.254
-dhcp-option=vlan3,121,172.16.0.0/12,172.16.3.1
 dhcp-range=vlan4,172.16.4.10,172.16.4.254
-dhcp-option=vlan4,121,172.16.0.0/12,172.16.4.1
 dhcp-range=vlan5,172.16.5.10,172.16.5.254
-dhcp-option=vlan5,121,172.16.0.0/12,172.16.5.1
 dhcp-range=vlan6,172.16.6.10,172.16.6.254
-dhcp-option=vlan6,121,172.16.0.0/12,172.16.6.1
 dhcp-range=vlan7,172.16.7.10,172.16.7.254
-dhcp-option=vlan7,121,172.16.0.0/12,172.16.7.1
 dhcp-range=vlan8,172.16.8.10,172.16.8.254
-dhcp-option=vlan8,121,172.16.0.0/12,172.16.8.1
 dhcp-range=vlan9,172.16.9.10,172.16.9.254
-dhcp-option=vlan9,121,172.16.0.0/12,172.16.9.1
 dhcp-range=vlan10,172.16.10.10,172.16.10.254
-dhcp-option=vlan10,121,172.16.0.0/12,172.16.10.1
 dhcp-range=vlan11,172.16.11.10,172.16.11.254
-dhcp-option=vlan11,121,172.16.0.0/12,172.16.11.1
 dhcp-range=vlan12,172.16.12.10,172.16.12.254
-dhcp-option=vlan12,121,172.16.0.0/12,172.16.12.1
 dhcp-range=vlan13,172.16.13.10,172.16.13.254
-dhcp-option=vlan13,121,172.16.0.0/12,172.16.13.1
 dhcp-range=vlan14,172.16.14.10,172.16.14.254
-dhcp-option=vlan14,121,172.16.0.0/12,172.16.14.1
 dhcp-range=vlan15,172.16.15.10,172.16.15.254
-dhcp-option=vlan15,121,172.16.0.0/12,172.16.15.1
 dhcp-range=vlan16,172.16.16.10,172.16.16.254
-dhcp-option=vlan16,121,172.16.0.0/12,172.16.16.1
 dhcp-range=vlan17,172.16.17.10,172.16.17.254
-dhcp-option=vlan17,121,172.16.0.0/12,172.16.17.1
 dhcp-range=vlan18,172.16.18.10,172.16.18.254
-dhcp-option=vlan18,121,172.16.0.0/12,172.16.18.1
 dhcp-range=vlan19,172.16.19.10,172.16.19.254
-dhcp-option=vlan19,121,172.16.0.0/12,172.16.19.1
 dhcp-range=vlan20,172.16.20.10,172.16.20.254
-dhcp-option=vlan20,121,172.16.0.0/12,172.16.20.1
 dhcp-range=vlan21,172.16.21.10,172.16.21.254
-dhcp-option=vlan21,121,172.16.0.0/12,172.16.21.1
 dhcp-range=vlan22,172.16.22.10,172.16.22.254
-dhcp-option=vlan22,121,172.16.0.0/12,172.16.22.1
 dhcp-range=vlan23,172.16.23.10,172.16.23.254
-dhcp-option=vlan23,121,172.16.0.0/12,172.16.23.1
 dhcp-range=vlan24,172.16.24.10,172.16.24.254
-dhcp-option=vlan24,121,172.16.0.0/12,172.16.24.1
-dhcp-option=3