updated for FreeBSD 12.2

jails/config/jump/enable-routing.sh

@@ -0,0 +1,7 @@
+sysctl net.inet.ip.forwarding=1
+route add 10.1.2.0/24 192.168.55.105
+# on remote -
+#sudo sysctl net.ipv4.ip_forward=1
+#ip route add 192.168.0.0/24 via 192.168.55.1
+#OR
+#ip route add 192.168.0.0/24 dev tun0

jails/config/jump/guacamole-client/add-ldap.sh

@@ -0,0 +1 @@
+ldapadd -H ldaps://ldap.ahlawat.com -f $1 -D cn=admin,dc=infra -W

jails/config/jump/guacamole-client/guacamole.properties

@@ -0,0 +1,16 @@
+###
+### guacamole.properties.sample
+###
+
+
+### The Host the Guacamole proxy daemon (guacd) is listening on.
+#
+guacd-host: localhost
+guacd-port: 4822
+guacd-ssl: false
+ldap-hostname: ldap.ahlawat.com
+ldap-port: 636
+ldap-encryption-method: ssl
+ldap-user-base-dn: ou=people,dc=infra
+ldap-username-attribute: cn
+ldap-config-base-dn: ou=hosts,dc=infra

jails/config/jump/guacamole-client/logback.xml

@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Guacamole logs all messages to console by default. Servlet containers
+  like Tomcat will automattically redirect these messages to a log file,
+  catalina.out in the case of Tomcat. Valid levels= error, warn, info,  
+   debug -->
+<configuration>
+
+    <!-- Appender for debugging -->
+    <appender name="GUAC-DEBUG" class="ch.qos.logback.core.ConsoleAppender">
+        <encoder>
+            <pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n</pattern>
+        </encoder>
+    </appender>
+
+    <!-- Log at DEBUG level -->
+    <root level="info">
+        <appender-ref ref="GUAC-DEBUG"/>
+    </root>
+
+</configuration>

jails/config/jump/guacamole-client/rdp-windows.ldif

@@ -0,0 +1,14 @@
+dn: cn=rdp-windows,ou=hosts,dc=infra
+objectClass: guacConfigGroup
+objectClass: groupOfNames
+cn: Windows rdp
+guacConfigProtocol: rdp
+guacConfigParameter: hostname=192.168.0.81
+guacConfigParameter: port=3389
+guacConfigParameter: username=v
+guacConfigParameter: password=v
+guacConfigParameter: security=nla
+guacConfigParameter: ignore-cert=true
+member: cn=sharad,ou=people,dc=infra
+member: cn=diyit,ou=people,dc=infra
+# seeAlso: cn=ahlawat.com,ou=groups,dc=infra

jails/config/jump/guacamole-client/ssh-nas.ldif

@@ -0,0 +1,10 @@
+dn: cn=ssh-nas,ou=hosts,dc=infra
+objectClass: guacConfigGroup
+objectClass: groupOfNames
+cn: NAS ssh
+guacConfigProtocol: ssh
+guacConfigParameter: hostname=192.168.0.10
+guacConfigParameter: port=22
+member: cn=sharad,ou=people,dc=infra
+member: cn=diyit,ou=people,dc=infra
+# seeAlso: cn=ahlawat.com,ou=groups,dc=infra

jails/config/jump/guacamole-client/user-mapping.xml

@@ -0,0 +1,74 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Guacamole's default authentication module is a simple xml file.
+  Each user is specified with a corresponding <authorized> tag. This
+  tag contains all authorized connections for that user each denoted
+  with a <connections> tag. Each <connection> tag contains a
+  protocol and set of protocol-specific parameters, specified with
+  the <protocol> and <param> tags respectively. For more information
+  visit http://guac-dev.org/doc/gug/configuring-guacamole.html -->
+
+
+<user-mapping>
+	
+    <!-- Per-user authentication and config information md5 -s "Npasswd" -->
+    <authorize username="admin" password="4ee438b74bd65c9f8402e7e48fa64fb7" encoding="md5">
+	<connection name="vnc-hub">
+		<protocol>vnc</protocol>
+		<param name="hostname">192.168.0.50</param>
+		<param name="port">5901</param>
+		<param name="password">vncpass</param>
+		<param name="color-depth">24</param>
+	</connection>
+	<connection name="rdp-windows">
+		<protocol>rdp</protocol>
+		<param name="hostname">192.168.0.81</param>
+		<param name="port">3389</param>
+		<param name="security">nla</param>
+		<param name="ignore-cert">true</param>
+		<param name="username">v</param>
+		<param name="password">v</param>
+	</connection>
+	<connection name="ssh-nas">
+        	<protocol>ssh</protocol>
+        	<param name="hostname">192.168.0.10</param>
+        	<param name="port">22</param>
+		<param name="font-name">monospace</param>
+	</connection>
+	<connection name="vnc-rpi3">
+		<protocol>vnc</protocol>
+		<param name="hostname">192.168.200.192</param>
+		<param name="port">5901</param>
+		<param name="password">vncpass</param>
+		<param name="color-depth">24</param>
+	</connection>
+	<connection name="ssh-rpi3">
+        	<protocol>ssh</protocol>
+        	<param name="hostname">192.168.200.192</param>
+        	<param name="port">22</param>
+		<param name="font-name">monospace</param>
+	</connection>
+	<connection name="ssh-dev">
+        	<protocol>ssh</protocol>
+        	<param name="hostname">192.168.55.105</param>
+        	<param name="port">22</param>
+		<param name="font-name">monospace</param>
+	</connection>
+    </authorize>
+
+    <authorize username="inseego" password="7cc6a3864acc736437f606146083abad" encoding="md5">
+	<connection name="vnc">
+		<protocol>vnc</protocol>
+		<param name="hostname">192.168.200.212</param>
+		<param name="port">5901</param>
+		<param name="password">vncpass</param>
+		<param name="color-depth">24</param>
+	</connection>
+	<connection name="ssh">
+        	<protocol>ssh</protocol>
+        	<param name="hostname">192.168.200.212</param>
+        	<param name="port">22</param>
+		<param name="font-name">monospace</param>
+	</connection>
+    </authorize>
+
+</user-mapping>

jails/config/jump/guacamole-client/vnc-hub.ldif

@@ -0,0 +1,12 @@
+dn: cn=vnc-hub,ou=hosts,dc=infra
+objectClass: guacConfigGroup
+objectClass: groupOfNames
+cn: HUB vnc
+guacConfigProtocol: vnc
+guacConfigParameter: hostname=192.168.0.50
+guacConfigParameter: port=5901
+guacConfigParameter: password=vncpass
+guacConfigParameter: color-depth=24
+member: cn=sharad,ou=people,dc=infra
+member: cn=diyit,ou=people,dc=infra
+# seeAlso: cn=ahlawat.com,ou=groups,dc=infra

jails/config/jump/guacamole-server/guacd.conf

@@ -0,0 +1,17 @@
+#
+# guacd.conf example
+#
+
+[daemon]
+# Possible log_level variables are:
+# trace, debug, info, warning, and error
+# Default is info
+log_level = info
+
+[server]
+bind_host = localhost
+bind_port = 4822
+
+[ssl]
+#server_certificate = /mnt/certs/fullchain.pem
+#server_key = /mnt/certs/privkeyr.pem

jails/config/jump/schema/guacConfigGroup.ldif

@@ -0,0 +1,28 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+dn: cn=guacConfigGroup,cn=schema,cn=config
+objectClass: olcSchemaConfig
+cn: guacConfigGroup
+olcAttributeTypes: {0}( 1.3.6.1.4.1.38971.1.1.1 NAME 'guacConfigProtocol' SYNTAX 1.3.6.1.4.1.1466
+ .115.121.1.15 )
+olcAttributeTypes: {1}( 1.3.6.1.4.1.38971.1.1.2 NAME 'guacConfigParameter' SYNTAX 1.3.6.1.4.1.146
+ 6.115.121.1.15 )
+olcObjectClasses: {0}( 1.3.6.1.4.1.38971.1.2.1 NAME 'guacConfigGroup' DESC 'Guacamole config
+ uration group' SUP groupOfNames MUST guacConfigProtocol MAY guacConfigParameter )

jails/config/jump/schema/guacConfigGroup.schema

@@ -0,0 +1,31 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+attributetype ( 1.3.6.1.4.1.38971.1.1.1 NAME 'guacConfigProtocol'
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype ( 1.3.6.1.4.1.38971.1.1.2 NAME 'guacConfigParameter'
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+objectClass ( 1.3.6.1.4.1.38971.1.2.1 NAME 'guacConfigGroup'
+    DESC 'Guacamole configuration group'
+    SUP groupOfNames
+    MUST guacConfigProtocol
+    MAY guacConfigParameter )
+

jails/config/jump/setup_jail.sh

@@ -0,0 +1,2 @@
+# requrired to run other configured scripts
+/bin/sh /etc/rc