[squid-users] msgsnd and diskd

From: Mohammed Berzig <mberzig@dont-contact.us>
Date: Wed, 24 Apr 2002 12:02:39 +0100 (CET)

Hello All,
I am working on FreeBSD 4.5, my server is bi-processor 1GH RAM 512 MO , I
install squid-2.4STABLE6. I modifier all parameter in kernel config like
discribe in FAQ, squid config enabled diskd wccp ..
When I started squid I have this messages in cache log:

2000/04/24 11:28:05| storeDiskdSend OPEN: (35) Resource temporarily
unavailable
2000/04/24 11:28:05| storeDiskdSend: msgsnd: (35) Resource temporarily
unavailab
le
2000/04/24 11:28:05| storeDiskdSend OPEN: (35) Resource temporarily
unavailable
2000/04/24 11:28:05| storeDiskdSend: msgsnd: (35) Resource temporarily
unavailab
le

I attache in this mail all of my configuration, please where is my error?

----------------------

cache# cat /usr/local/etc/squid/squid.conf

# WELCOME TO SQUID 2
# ------------------
#
# This is the default Squid configuration file. You may wish
# to look at the Squid home page (http://www.squid-cache.org/)
# for the FAQ and other documentation.
#
# The default Squid config file shows what the defaults for
# various options happen to be. If you don't need to change the
# default, you shouldn't uncomment the line. Doing so may cause
# run-time problems. In some cases "none" refers to no default
# setting at all, while in other cases it refers to a valid
# option - the comments for that keyword indicate if this is the
# case.
#

# NETWORK OPTIONS
# --------------------------------------------------------------------------

---
#  TAG: http_port
#       Usage:  port
#               hostname:port
#               1.2.3.4:port
#
#       The socket addresses where Squid will listen for HTTP client
#       requests.  You may specify multiple socket addresses.
#       There are three forms: port alone, hostname with port, and
#       IP address with port.  If you specify a hostname or IP
#       address, then Squid binds the socket to that specific
#       address.  This replaces the old 'tcp_incoming_address'
#       option.  Most likely, you do not need to bind to a specific
#       address, so you can use the port number alone.
#
#       The default port number is 3128.
#
#       If you are running Squid in accelerator mode, then you
#       probably want to listen on port 80 also, or instead.
#
#       The -a command line option will override the *first* port
#       number listed here.   That option will NOT override an IP
#       address, however.
#
#       You may specify multiple socket addresses on multiple lines.
#
#Default:
http_port 8080
#  TAG: icp_port
#       The port number where Squid sends and receives ICP queries to
#       and from neighbor caches.  Default is 3130.  To disable use
#       "0".  May be overridden with -u on the command line.
#
#Default:
# icp_port 3130
#  TAG: htcp_port
# Note: This option is only available if Squid is rebuilt with the
#       --enable-htcp option
#
#       The port number where Squid sends and receives HTCP queries to
#       and from neighbor caches.  Default is 4827.  To disable use
#       "0".
#
#       To enable this option, you must use --enable-htcp with the
#       configure script.
#
#Default:
# htcp_port 4827
#  TAG: mcast_groups
#       This tag specifies a list of multicast groups which your server
#       should join to receive multicasted ICP queries.
#
#       NOTE!  Be very careful what you put here!  Be sure you
#       understand the difference between an ICP _query_ and an ICP
#       _reply_.  This option is to be set only if you want to RECEIVE
#       multicast queries.  Do NOT set this option to SEND multicast
#       ICP (use cache_peer for that).  ICP replies are always sent via
#       unicast, so this option does not affect whether or not you will
#       receive replies from multicast group members.
#
#       You must be very careful to NOT use a multicast address which
#       is already in use by another group of caches.
#
#       If you are unsure about multicast, please read the Multicast
#       chapter in the Squid FAQ (http://www.squid-cache.org/FAQ/).
#
#       Usage: mcast_groups 239.128.16.128 224.0.1.20
#
#       By default, Squid doesn't listen on any multicast groups.
#
#Default:
# none
#  TAG: tcp_outgoing_address
#  TAG: udp_incoming_address
#  TAG: udp_outgoing_address
#       Usage: tcp_incoming_address 10.20.30.40
#              udp_outgoing_address fully.qualified.domain.name
#
#       tcp_outgoing_address    is used for connections made to remote
#                               servers and other caches.
#       udp_incoming_address    is used for the ICP socket receiving packets
#                               from other caches.
#       udp_outgoing_address    is used for ICP packets sent out to other
#                               caches.
#
#       The default behavior is to not bind to any specific address.
#
#       A *_incoming_address value of 0.0.0.0 indicates that Squid should
#       listen on all available interfaces.
#
#       If udp_outgoing_address is set to 255.255.255.255 (the default)
#       then it will use the same socket as udp_incoming_address. Only
#       change this if you want to have ICP queries sent using another
#       address than where this Squid listens for ICP queries from other
#       caches.
#
#       NOTE, udp_incoming_address and udp_outgoing_address can not
#       have the same value since they both use port 3130.
#
#       NOTE, tcp_incoming_address has been removed.  You can now
#       specify IP addresses on the 'http_port' line.
#
#Default:
# tcp_outgoing_address 255.255.255.255
# udp_incoming_address 0.0.0.0
# udp_outgoing_address 255.255.255.255
# OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM
# --------------------------------------------------------------------------
---
#  TAG: cache_peer
#       To specify other caches in a hierarchy, use the format:
#
#               cache_peer hostname type http_port icp_port
#
#       For example,
#
#       #                                        proxy  icp
#       #          hostname             type     port   port  options
#       #          -------------------- -------- ----- -----  -----------
#       cache_peer parent.foo.net       parent    3128  3130  [proxy-only]
#       cache_peer sib1.foo.net         sibling   3128  3130  [proxy-only]
#       cache_peer sib2.foo.net         sibling   3128  3130  [proxy-only]
#
#             type:  either 'parent', 'sibling', or 'multicast'.
#
#       proxy_port:  The port number where the cache listens for proxy
#                    requests.
#
#         icp_port:  Used for querying neighbor caches about
#                    objects.  To have a non-ICP neighbor
#                    specify '7' for the ICP port and make sure the
#                    neighbor machine has the UDP echo port
#                    enabled in its /etc/inetd.conf file.
#
#           options: proxy-only
#                    weight=n
#                    ttl=n
#                    no-query
#                    default
#                    round-robin
#                    multicast-responder
#                    closest-only
#                    no-digest
#                    no-netdb-exchange
#                    no-delay
#                    login=user:password
#                    connect-timeout=nn
#                    digest-url=url
#                    allow-miss
#
#                    use 'proxy-only' to specify that objects fetched
#                    from this cache should not be saved locally.
#
#                    use 'weight=n' to specify a weighted parent.
#                    The weight must be an integer.  The default weight
#                    is 1, larger weights are favored more.
#
#                    use 'ttl=n' to specify a IP multicast TTL to use
#                    when sending an ICP queries to this address.
#                    Only useful when sending to a multicast group.
#                    Because we don't accept ICP replies from random
#                    hosts, you must configure other group members as
#                    peers with the 'multicast-responder' option below.
#
#                    use 'no-query' to NOT send ICP queries to this
#                    neighbor.
#
#                    use 'default' if this is a parent cache which can
#                    be used as a "last-resort." You should probably
#                    only use 'default' in situations where you cannot
#                    use ICP with your parent cache(s).
#
#                    use 'round-robin' to define a set of parents which
#                    should be used in a round-robin fashion in the
#                    absence of any ICP queries.
#
#                    'multicast-responder' indicates that the named peer
#                    is a member of a multicast group.  ICP queries will
#                    not be sent directly to the peer, but ICP replies
#                    will be accepted from it.
#
#                    'closest-only' indicates that, for ICP_OP_MISS
#                    replies, we'll only forward CLOSEST_PARENT_MISSes
#                    and never FIRST_PARENT_MISSes.
#
#                    use 'no-digest' to NOT request cache digests from
#                    this neighbor.
#
#                    'no-netdb-exchange' disables requesting ICMP
#                    RTT database (NetDB) from the neighbor.
#
#                    use 'no-delay' to prevent access to this neighbor
#                    from influencing the delay pools.
#
#                    use 'login=user:password' if this is a
personal/workgroup
#                    proxy and your parent requires proxy authentication.
#
#                    use 'connect-timeout=nn' to specify a peer
#                    specific connect timeout (also see the
#                    peer_connect_timeout directive)
#
#                    use 'digest-url=url' to tell Squid to fetch the cache
#                    digest (if digests are enabled) for this host from
#                    the specified URL rather than the Squid default
#                    location.
#
#                    use 'allow-miss' to disable Squid's use of only-if-
cached
#                    when forwarding requests to siblings. This is primarily
#                    useful when icp_hit_stale is used by the sibling. To
#                    extensive use of this option may result in forwarding
#                    loops, and you should avoid having two-way peerings
#                    with this option. (for example to deny peer usage on
#                    requests from peer by denying cache_peer_access if the
#                    source is a peer)
#
#       NOTE: non-ICP neighbors must be specified as 'parent'.
#
#Default:
# none
#  TAG: cache_peer_domain
#       Use to limit the domains for which a neighbor cache will be
#       queried.  Usage:
#
#       cache_peer_domain cache-host domain [domain ...]
#       cache_peer_domain cache-host !domain
#
#       For example, specifying
#
#               cache_peer_domain parent.foo.net        .edu
#
#       has the effect such that UDP query packets are sent to
#       'bigserver' only when the requested object exists on a
#       server in the .edu domain.  Prefixing the domainname
#       with '!' means that the cache will be queried for objects
#       NOT in that domain.
#
#       NOTE:   * Any number of domains may be given for a cache-host,
#                 either on the same or separate lines.
#               * When multiple domains are given for a particular
#                 cache-host, the first matched domain is applied.
#               * Cache hosts with no domain restrictions are queried
#                 for all requests.
#               * There are no defaults.
#               * There is also a 'cache_peer_access' tag in the ACL
#                 section.
#
#Default:
# none
#  TAG: neighbor_type_domain
#       usage: neighbor_type_domain parent|sibling domain domain ...
#
#       Modifying the neighbor type for specific domains is now
#       possible.  You can treat some domains differently than the the
#       default neighbor type specified on the 'cache_peer' line.
#       Normally it should only be necessary to list domains which
#       should be treated differently because the default neighbor type
#       applies for hostnames which do not match domains listed here.
#
#EXAMPLE:
#       cache_peer  parent cache.fo.org 3128 3130
#       neighbor_type_domain cache.foo.org sibling .com .net
#       neighbor_type_domain cache.foo.org sibling .au .de
#
#Default:
# none
#  TAG: icp_query_timeout       (msec)
#       Normally Squid will automatically determine an optimal ICP
#       query timeout value based on the round-trip-time of recent ICP
#       queries.  If you want to override the value determined by
#       Squid, set this 'icp_query_timeout' to a non-zero value.  This
#       value is specified in MILLISECONDS, so, to use a 2-second
#       timeout (the old default), you would write:
#
#               icp_query_timeout 2000
#
#Default:
# icp_query_timeout 0
#  TAG: maximum_icp_query_timeout       (msec)
#       Normally the ICP query timeout is determined dynamically.  But
#       sometimes it can lead to very large values (say 5 seconds).
#       Use this option to put an upper limit on the dynamic timeout
#       value.  Do NOT use this option to always use a fixed (instead
#       of a dynamic) timeout value. To set a fixed timeout see the
#       'icp_query_timeout' directive.
#
#Default:
# maximum_icp_query_timeout 2000
#  TAG: mcast_icp_query_timeout (msec)
#       For Multicast peers, Squid regularly sends out ICP "probes" to
#       count how many other peers are listening on the given multicast
#       address.  This value specifies how long Squid should wait to
#       count all the replies.  The default is 2000 msec, or 2
#       seconds.
#
#Default:
# mcast_icp_query_timeout 2000
#  TAG: dead_peer_timeout       (seconds)
#       This controls how long Squid waits to declare a peer cache
#       as "dead."  If there are no ICP replies received in this
#       amount of time, Squid will declare the peer dead and not
#       expect to receive any further ICP replies.  However, it
#       continues to send ICP queries, and will mark the peer as
#       alive upon receipt of the first subsequent ICP reply.
#
#       This timeout also affects when Squid expects to receive ICP
#       replies from peers.  If more than 'dead_peer' seconds have
#       passed since the last ICP reply was received, Squid will not
#       expect to receive an ICP reply on the next query.  Thus, if
#       your time between requests is greater than this timeout, you
#       will see a lot of requests sent DIRECT to origin servers
#       instead of to your parents.
#
#Default:
# dead_peer_timeout 10 seconds
#  TAG: hierarchy_stoplist
#       A list of words which, if found in a URL, cause the object to
#       be handled directly by this cache.  In other words, use this
#       to not query neighbor caches for certain objects.  You may
#       list this option multiple times.
#
#We recommend you to use at least the following line.
hierarchy_stoplist cgi-bin ?
#  TAG: no_cache
#       A list of ACL elements which, if matched, cause the reply to
#       immediately removed from the cache.  In other words, use this
#       to force certain objects to never be cached.
#
#       You must use the word 'DENY' to indicate the ACL names which should
#       NOT be cached.
#
#We recommend you to use the following two lines.
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
# OPTIONS WHICH AFFECT THE CACHE SIZE
# --------------------------------------------------------------------------
---
#  TAG: cache_mem       (bytes)
#       NOTE: THIS PARAMETER DOES NOT SPECIFY THE MAXIMUM PROCESS
#       SIZE.  IT PLACES A LIMIT ON ONE ASPECT OF SQUID'S MEMORY
#       USAGE.  SQUID USES MEMORY FOR OTHER THINGS AS WELL.
#       YOUR PROCESS WILL PROBABLY BECOME TWICE OR THREE TIMES
#       BIGGER THAN THE VALUE YOU PUT HERE
#
#       'cache_mem' specifies the ideal amount of memory to be used
#       for:
#               * In-Transit objects
#               * Hot Objects
#               * Negative-Cached objects
#
#       Data for these objects are stored in 4 KB blocks.  This
#       parameter specifies the ideal upper limit on the total size of
#       4 KB blocks allocated.  In-Transit objects take the highest
#       priority.
#
#       In-transit objects have priority over the others.  When
#       additional space is needed for incoming data, negative-cached
#       and hot objects will be released.  In other words, the
#       negative-cached and hot objects will fill up any unused space
#       not needed for in-transit objects.
#
#       If circumstances require, this limit will be exceeded.
#       Specifically, if your incoming request rate requires more than
#       'cache_mem' of memory to hold in-transit objects, Squid will
#       exceed this limit to satisfy the new requests.  When the load
#       decreases, blocks will be freed until the high-water mark is
#       reached.  Thereafter, blocks will be used to store hot
#       objects.
#
#Default:
cache_mem 256 MB
#  TAG: cache_swap_low  (percent, 0-100)
#  TAG: cache_swap_high (percent, 0-100)
#
#       The low- and high-water marks for cache object replacement.
#       Replacement begins when the swap (disk) usage is above the
#       low-water mark and attempts to maintain utilization near the
#       low-water mark.  As swap utilization gets close to high-water
#       mark object eviction becomes more aggressive.  If utilization is
#       close to the low-water mark less replacement is done each time.
#
#       Defaults are 90% and 95%. If you have a large cache, 5% could be
#       hundreds of MB. If this is the case you may wish to set these
#       numbers closer together.
#
#Default:
# cache_swap_low 90
# cache_swap_high 95
#  TAG: maximum_object_size     (bytes)
#       Objects larger than this size will NOT be saved on disk.  The
#       value is specified in kilobytes, and the default is 4MB.  If
#       you wish to get a high BYTES hit ratio, you should probably
#       increase this (one 32 MB object hit counts for 3200 10KB
#       hits).  If you wish to increase speed more than your want to
#       save bandwidth you should leave this low.
#
#       NOTE: if using the LFUDA replacement policy you should increase
#       this value to maximize the byte hit rate improvement of LFUDA!
#       See replacement_policy below for a discussion of this policy.
#
#Default:
# maximum_object_size 4096 KB
#  TAG: minimum_object_size     (bytes)
#       Objects smaller than this size will NOT be saved on disk.  The
#       value is specified in kilobytes, and the default is 0 KB, which
#       means there is no minimum.
#
#Default:
# minimum_object_size 0 KB
#  TAG: maximum_object_size_in_memory   (bytes)
#        Objects greater than this size will not be attempted to kept in
#        the memory cache. This should be set high enough to keep objects
#        accessed frequently in memory to improve performance whilst low
#        enough to keep larger objects from hoarding cache_mem .
#
#Default:
# maximum_object_size_in_memory 8 KB
#  TAG: ipcache_size    (number of entries)
#  TAG: ipcache_low     (percent)
#  TAG: ipcache_high    (percent)
#       The size, low-, and high-water marks for the IP cache.
#
#Default:
# ipcache_size 1024
# ipcache_low 90
# ipcache_high 95
#  TAG: fqdncache_size  (number of entries)
#       Maximum number of FQDN cache entries.
#
#Default:
# fqdncache_size 1024
#  TAG: cache_replacement_policy
#       The cache replacement policy parameter determines which
#       objects are evicted (replaced) when disk space is needed.
#
#           lru       : Squid's original list based LRU policy
#           heap GDSF : Greedy-Dual Size Frequency
#           heap LFUDA: Least Frequently Used with Dynamic Aging
#           heap LRU  : LRU policy implemented using a heap
#
#       Applies to any cache_dir lines listed below this.
#
#       The LRU policies keeps recently referenced objects.
#
#       The heap GDSF policy optimizes object hit rate by keeping smaller
#       popular objects in cache so it has a better chance of getting a
#       hit.  It achieves a lower byte hit rate than LFUDA though since
#       it evicts larger (possibly popular) objects.
#
#       The heap LFUDA policy keeps popular objects in cache regardless of
#       their size and thus optimizes byte hit rate at the expense of
#       hit rate since one large, popular object will prevent many
#       smaller, slightly less popular objects from being cached.
#
#       Both policies utilize a dynamic aging mechanism that prevents
#       cache pollution that can otherwise occur with frequency-based
#       replacement policies.
#
#       NOTE: if using the LFUDA replacement policy you should increase
#       the value of maximum_object_size above its default of 4096 KB to
#       to maximize the potential byte hit rate improvement of LFUDA.
#
#       For more information about the GDSF and LFUDA cache replacement
#       policies see http://www.hpl.hp.com/techreports/1999/HPL-1999-69.html
#       and http://fog.hpl.external.hp.com/techreports/98/HPL-98-173.html.
#
#Default:
# cache_replacement_policy lru
#  TAG: memory_replacement_policy
#       The memory replacement policy parameter determines which
#       objects are purged from memory when memory space is needed.
#
#       See cache_replacement_policy for details.
#
#Default:
# memory_replacement_policy lru
# LOGFILE PATHNAMES AND CACHE DIRECTORIES
# --------------------------------------------------------------------------
---
#  TAG: cache_dir
#       Usage:
#
#       cache_dir Type Directory-Name Fs-specific-data [options]
#
#       You can specify multiple cache_dir lines to spread the
#       cache among different disk partitions.
#
#       Type specifies the kind of storage system to use.  Most
#       everyone will want to use "ufs" as the type.  If you are using
#       Async I/O (--enable async-io) on Linux or Solaris, then you may
#       want to try "aufs" as the type.  Async IO support may be
#       buggy, however, so beware.
#
#       'Directory' is a top-level directory where cache swap
#       files will be stored.  If you want to use an entire disk
#       for caching, then this can be the mount-point directory.
#       The directory must exist and be writable by the Squid
#       process.  Squid will NOT create this directory for you.
#
#       The ufs store type:
#
#       "ufs" is the old well-known Squid storage format that has always
#       been there.
#
#       cache_dir ufs Directory-Name Mbytes L1 L2 [options]
#
#       'Mbytes' is the amount of disk space (MB) to use under this
#       directory.  The default is 100 MB.  Change this to suit your
#       configuration.
#
#       'Level-1' is the number of first-level subdirectories which
#       will be created under the 'Directory'.  The default is 16.
#
#       'Level-2' is the number of second-level subdirectories which
#       will be created under each first-level directory.  The default
#       is 256.
#
#       The aufs store type:
#
#       "aufs" uses the same storage format as "ufs", utilizing
#       POSIX-threads to avoid blocking the main Squid process on
#       disk-I/O. This was formerly known in Squid as async-io.
#
#       cache_dir aufs Directory-Name Mbytes L1 L2 [options]
#
#       see argument descriptions under ufs above
#
#       The diskd store type:
#
#       "diskd" uses the same storage format as "ufs", utilizing a
#       separate process to avoid blocking the main Squid process on
#       disk-I/O.
#
#       cache_dir diskd Directory-Name Mbytes L1 L2 [options] [Q1=n] [Q2=n]
#
#       see argument descriptions under ufs above
#
#       Q1 specifies the number of unacknowledged I/O requests when Squid
#       stops opening new files. If this many messages are in the queues,
#       Squid won't open new files. Default is 64
#
#       Q2 specifies the number of unacknowledged messages when Squid
#       starts blocking.  If this many messages are in the queues,
#       Squid blocks until it recevies some replies. Default is 72
#
#       Common options:
#
#       read-only, this cache_dir is read only.
#
#       max-size=n, refers to the max object size this storedir supports.
#       It is used to initially choose the storedir to dump the object.
#       Note: To make optimal use of the max-size limits you should order
#       the cache_dir lines with the smallest max-size value first and the
#       ones with no max-size specification last.
#
#Default:
cache_dir diskd /usr/local/squid/cache1 4096 16 256 Q1=72 Q2=64
cache_dir ufs /usr/local/squid/cache 20000 64 256
#  TAG: cache_access_log
#       Logs the client request activity.  Contains an entry for
#       every HTTP and ICP queries received.
#
#Default:
cache_access_log /dev/null
#  TAG: cache_log
#       Cache logging file. This is where general information about
#       your cache's behavior goes. You can increase the amount of data
#       logged to this file with the "debug_options" tag below.
#
#Default:
# cache_log /usr/local/squid/logs/cache.log
#  TAG: cache_store_log
#       Logs the activities of the storage manager.  Shows which
#       objects are ejected from the cache, and which objects are
#       saved and for how long.  To disable, enter "none". There are
#       not really utilities to analyze this data, so you can safely
#       disable it.
#
#Default:
cache_store_log none
#  TAG: cache_swap_log
#       Location for the cache "swap.log."  This log file holds the
#       metadata of objects saved on disk.  It is used to rebuild the
#       cache during startup.  Normally this file resides in each
#       'cache_dir' directory, but you may specify an alternate
#       pathname here.  Note you must give a full filename, not just
#       a directory. Since this is the index for the whole object
#       list you CANNOT periodically rotate it!
#
#       If %s can be used in the file name then it will be replaced with a
#       a representation of the cache_dir name where each / is replaced
#       with '.'. This is needed to allow adding/removing cache_dir
#       lines when cache_swap_log is being used.
#
#       If have more than one 'cache_dir', and %s is not used in the name
#       then these swap logs will have names such as:
#
#               cache_swap_log.00
#               cache_swap_log.01
#               cache_swap_log.02
#
#       The numbered extension (which is added automatically)
#       corresponds to the order of the 'cache_dir' lines in this
#       configuration file.  If you change the order of the 'cache_dir'
#       lines in this file, then these log files will NOT correspond to
#       the correct 'cache_dir' entry (unless you manually rename
#       them).  We recommend that you do NOT use this option.  It is
#       better to keep these log files in each 'cache_dir' directory.
#
#Default:
# none
#  TAG: emulate_httpd_log       on|off
#       The Cache can emulate the log file format which many 'httpd'
#       programs use.  To disable/enable this emulation, set
#       emulate_httpd_log to 'off' or 'on'.  The default
#       is to use the native log format since it includes useful
#       information that Squid-specific log analyzers use.
#
#Default:
# emulate_httpd_log off
#  TAG: log_ip_on_direct        on|off
#       Log the destination IP address in the hierarchy log tag when going
#       direct. Earlier Squid versions logged the hostname here. If you
#       prefer the old way set this to off.
#
#Default:
# log_ip_on_direct on
#  TAG: mime_table
#       Pathname to Squid's MIME table. You shouldn't need to change
#       this, but the default file contains examples and formatting
#       information if you do.
#
#Default:
# mime_table /usr/local/etc/squid/mime.conf
#  TAG: log_mime_hdrs   on|off
#       The Cache can record both the request and the response MIME
#       headers for each HTTP transaction.  The headers are encoded
#       safely and will appear as two bracketed fields at the end of
#       the access log (for either the native or httpd-emulated log
#       formats).  To enable this logging set log_mime_hdrs to 'on'.
#
#Default:
# log_mime_hdrs off
#  TAG: useragent_log
# Note: This option is only available if Squid is rebuilt with the
#       --enable-useragent-log option
#
#       Squid will write the User-Agent field from HTTP requests
#       to the filename specified here.  By default useragent_log
#       is disabled.
#
#Default:
# none
#  TAG: referer_log
# Note: This option is only available if Squid is rebuilt with the
#       --enable-referer-log option
#
#       Squid will write the Referer field from HTTP requests to the
#       filename specified here.  By default referer_log is disabled.
#
#Default:
# none
#  TAG: pid_filename
#       A filename to write the process-id to.  To disable, enter "none".
#
#Default:
# pid_filename /usr/local/squid/logs/squid.pid
#  TAG: debug_options
#       Logging options are set as section,level where each source file
#       is assigned a unique section.  Lower levels result in less
#       output,  Full debugging (level 9) can result in a very large
#       log file, so be careful.  The magic word "ALL" sets debugging
#       levels for all sections.  We recommend normally running with
#       "ALL,1".
#
#Default:
# debug_options ALL,1
#  TAG: log_fqdn        on|off
#       Turn this on if you wish to log fully qualified domain names
#       in the access.log. To do this Squid does a DNS lookup of all
#       IP's connecting to it. This can (in some situations) increase
#       latency, which makes your cache seem slower for interactive
#       browsing.
#
#Default:
# log_fqdn off
#  TAG: client_netmask
#       A netmask for client addresses in logfiles and cachemgr output.
#       Change this to protect the privacy of your cache clients.
#       A netmask of 255.255.255.0 will log all IP's in that range with
#       the last digit set to '0'.
#
#Default:
# client_netmask 255.255.255.255
# OPTIONS FOR EXTERNAL SUPPORT PROGRAMS
# --------------------------------------------------------------------------
---
#  TAG: ftp_user
#       If you want the anonymous login password to be more informative
#       (and enable the use of picky ftp servers), set this to something
#       reasonable for your domain, like wwwuser@somewhere.net
#
#       The reason why this is domainless by default is that the
#       request can be made on the behalf of a user in any domain,
#       depending on how the cache is used.
#       Some ftp server also validate that the email address is valid
#       (for example perl.com).
#
#Default:
# ftp_user Squid@
#  TAG: ftp_list_width
#       Sets the width of ftp listings. This should be set to fit in
#       the width of a standard browser. Setting this too small
#       can cut off long filenames when browsing ftp sites.
#
#Default:
# ftp_list_width 32
#  TAG: ftp_passive
#       If your firewall does not allow Squid to use passive
#       connections, then turn off this option.
#
#Default:
# ftp_passive on
#  TAG: cache_dns_program
# Note: This option is only available if Squid is rebuilt with the
#       --disable-internal-dns option
#
#       Specify the location of the executable for dnslookup process.
#
#Default:
# cache_dns_program /usr/local/libexec/
#  TAG: dns_children
# Note: This option is only available if Squid is rebuilt with the
#       --disable-internal-dns option
#
#       The number of processes spawn to service DNS name lookups.
#       For heavily loaded caches on large servers, you should
#       probably increase this value to at least 10.  The maximum
#       is 32.  The default is 5.
#
#       You must have at least one dnsserver process.
#
#Default:
# dns_children 5
#  TAG: dns_retransmit_interval
#       Initial retransmit interval for DNS queries. The interval is
#       doubled each time all configured DNS servers have been tried.
#
#
#Default:
# dns_retransmit_interval 5 seconds
#  TAG: dns_timeout
#       DNS Query timeout. If no response is received to a DNS query
#       within this time then all DNS servers for the queried domain
#       is assumed to be unavailable.
#
#Default:
# dns_timeout 5 minutes
#  TAG: dns_defnames    on|off
# Note: This option is only available if Squid is rebuilt with the
#       --disable-internal-dns option
#
#       Normally the 'dnsserver' disables the RES_DEFNAMES resolver
#       option (see res_init(3)).  This prevents caches in a hierarchy
#       from interpreting single-component hostnames locally.  To allow
#       dnsserver to handle single-component names, enable this
#       option.
#
#Default:
# dns_defnames off
#  TAG: dns_nameservers
#       Use this if you want to specify a list of DNS name servers
#       (IP addresses) to use instead of those given in your
#       /etc/resolv.conf file.
#
#       Example: dns_nameservers 10.0.0.1 192.172.0.4
#
#Default:
# none
#  TAG: diskd_program
#       Specify the location of the diskd executable.
#       Note that this is only useful if you have compiled in
#       diskd as one of the store io modules.
#
#Default:
# diskd_program /usr/local/libexec/diskd
#  TAG: unlinkd_program
#       Specify the location of the executable for file deletion process.
#
#Default:
# unlinkd_program /usr/local/libexec/unlinkd
#  TAG: pinger_program
# Note: This option is only available if Squid is rebuilt with the
#       --enable-icmp option
#
#       Specify the location of the executable for the pinger process.
#       This is only useful if you configured Squid (during compilation)
#       with the '--enable-icmp' option.
#
#Default:
# pinger_program /usr/local/libexec/
#  TAG: redirect_program
#       Specify the location of the executable for the URL redirector.
#       Since they can perform almost any function there isn't one included.
#       See the Release-Notes for information on how to write one.
#       By default, a redirector is not used.
#
#Default:
# none
#  TAG: redirect_children
#       The number of redirector processes to spawn. If you start
#       too few Squid will have to wait for them to process a backlog of
#       URLs, slowing it down. If you start too many they will use RAM
#       and other system resources.
#
#Default:
# redirect_children 5
#  TAG: redirect_rewrites_host_header
#       By default Squid rewrites any Host: header in redirected
#       requests.  If you are running a accelerator then this may
#       not be a wanted effect of a redirector.
#
#Default:
# redirect_rewrites_host_header on
#  TAG: redirector_access
#       If defined, this access list specifies which requests are
#       sent to the redirector processes.  By default all requests
#       are sent.
#
#Default:
# none
#  TAG: authenticate_program
#       Specify the command for the external authenticator.  Such a
#       program reads a line containing "username password" and replies
#       "OK" or "ERR" in an endless loop.  If you use an authenticator,
#       make sure you have 1 acl of type proxy_auth.  By default, the
#       authenticator_program is not used.
#
#       If you want to use the traditional proxy authentication,
#       jump over to the ../auth_modules/NCSA directory and
#       type:
#               % make
#               % make install
#
#       Then, set this line to something like
#
#       authenticate_program /usr/local/bin/ncsa_auth /usr/local/etc/passwd
#
#Default:
# none
#  TAG: authenticate_children
#       The number of authenticator processes to spawn (default 5). If you
#       start too few Squid will have to wait for them to process a backlog
#       of usercode/password verifications, slowing it down. When password
#       verifications are done via a (slow) network you are likely to need
#       lots of authenticator processes.
#
#Default:
# authenticate_children 5
#  TAG: authenticate_ttl
#       The time a checked username/password combination remains cached.
#       If a wrong password is given for a cached user, the user gets
#       removed from the username/password cache forcing a revalidation.
#
#Default:
# authenticate_ttl 1 hour
#  TAG: authenticate_ip_ttl
#       With this option you control how long a proxy authentication
#       will be bound to a specific IP address. If a request using
#       the same user name is received during this time then access
#       will be denied and both users are required to reauthenticate
#       them selves.  The idea behind this is to make it annoying
#       for people to share their password to their friends, but
#       yet allow a dialup user to reconnect on a different dialup
#       port.
#
#       The default is 0 to disable the check. Recommended value
#       if you have dialup users are no more than 60 seconds to allow
#       the user to redial without hassle. If all your users are
#       stationary then higher values may be used.
#
#       See also authenticate_ip_ttl_is_strict
#
#Default:
# authenticate_ip_ttl 0 seconds
#  TAG: authenticate_ip_ttl_is_strict
#       This option makes authenticate_ip_ttl a bit stricted. With this
#       enabled authenticate_ip_ttl will deny all access from other IP
#       addresses until the TTL has expired, and the IP address "owning"
#       the userid will not be forced to reauthenticate.
#
#Default:
# authenticate_ip_ttl_is_strict on
# OPTIONS FOR TUNING THE CACHE
# --------------------------------------------------------------------------
---
#  TAG: wais_relay_host
#  TAG: wais_relay_port
#       Relay WAIS request to host (1st arg) at port (2 arg).
#
#Default:
# wais_relay_port 0
#  TAG: request_header_max_size (KB)
#       This specifies the maximum size for HTTP headers in a request.
#       Request headers are usually relatively small (about 512 bytes).
#       Placing a limit on the request header size will catch certain
#       bugs (for example with persistent connections) and possibly
#       buffer-overflow or denial-of-service attacks.
#
#Default:
# request_header_max_size 10 KB
#  TAG: request_body_max_size   (KB)
#       This specifies the maximum size for an HTTP request body.
#       In other words, the maximum size of a PUT/POST request.
#       A user who attempts to send a request with a body larger
#       than this limit receives an "Invalid Request" error message.
#       If you set this parameter to a zero, there will be no limit
#       imposed.
#
#Default:
# request_body_max_size 1 MB
#  TAG: reply_body_max_size     (KB)
#       This option specifies the maximum size of a reply body.  It
#       can be used to prevent users from downloading very large files,
#       such as MP3's and movies.   The reply size is checked twice.
#       First when we get the reply headers, we check the
#       content-length value.  If the content length value exists and
#       is larger than this parameter, the request is denied and the
#       user receives an error message that says "the request or reply
#       is too large." If there is no content-length, and the reply
#       size exceeds this limit, the client's connection is just closed
#       and they will receive a partial reply.
#
#       NOTE: downstream caches probably can not detect a partial reply
#       if there is no content-length header, so they will cache
#       partial responses and give them out as hits.  You should NOT
#       use this option if you have downstream caches.
#
#       If you set this parameter to zero (the default), there will be
#       no limit imposed.
#
#Default:
# reply_body_max_size 0
#  TAG: refresh_pattern
#       usage: refresh_pattern [-i] regex min percent max [options]
#
#       By default, regular expressions are CASE-SENSITIVE.  To make
#       them case-insensitive, use the -i option.
#
#       'Min' is the time (in minutes) an object without an explicit
#       expiry time should be considered fresh. The recommended
#       value is 0, any higher values may cause dynamic applications
#       to be erroneously cached unless the application designer
#       has taken the appropriate actions.
#
#       'Percent' is a percentage of the objects age (time since last
#       modification age) an object without explicit expiry time
#       will be considered fresh.
#
#       'Max' is an upper limit on how long objects without an explicit
#       expiry time will be considered fresh.
#
#       options: overrsde-expire
#                override-lastmod
#                reload-into-ims
#                ignore-reload
#
#               override-expire enforces min age even if the server
#               sent a Expires: header. Doing this VIOLATES the HTTP
#               standard.  Enabling this feature could make you liable
#               for problems which it causes.
#
#               override-lastmod enforces min age even on objects
#               that was modified recently.
#
#               reload-into-ims changes client no-cache or ``reload''
#               to If-Modified-Since requests. Doing this VIOLATES the
#               HTTP standard. Enabling this feature could make you
#               liable for problems which it causes.
#
#               ignore-reload ignores a client no-cache or ``reload''
#               header. Doing this VIOLATES the HTTP standard. Enabling
#               this feature could make you liable for problems which
#               it causes.
#
#       Please see the file doc/Release-Notes-1.1.txt for a full
#       description of Squid's refresh algorithm.  Basically a
#       cached object is: (the order is changed from 1.1.X)
#
#               FRESH if expires < now, else STALE
#               STALE if age > max
#               FRESH if lm-factor < percent, else STALE
#               FRESH if age < min
#               else STALE
#
#       The refresh_pattern lines are checked in the order listed here.
#       The first entry which matches is used.  If none of the entries
#       match, then the default will be used.
#
#       Note, you must uncomment all the default lines if you want
#       to change one. The default setting is only active if none is
#       used.
#
#Default:
# refresh_pattern ^ftp:         1440    20%     10080
# refresh_pattern ^gopher:      1440    0%      1440
# refresh_pattern .             0       20%     4320
#  TAG: reference_age
#       As a part of normal operation, Squid performs Least Recently
#       Used removal of cached objects.  The LRU age for removal is
#       computed dynamically, based on the amount of disk space in
#       use.  The dynamic value can be seen in the Cache Manager 'info'
#       output.
#
#       The 'reference_age' parameter defines the maximum LRU age.  For
#       example, setting reference_age to '1 week' will cause objects
#       to be removed if they have not been accessed for a week or
#       more.  The default value is one year.
#
#       Specify a number here, followed by units of time.  For example:
#               1 week
#               3.5 days
#               4 months
#               2.2 hours
#
#       NOTE: this parameter is not used when using the enhanced
#       replacement policies, GDSH or LFUDA.
#
#Default:
# reference_age 1 year
#  TAG: quick_abort_min (KB)
#  TAG: quick_abort_max (KB)
#  TAG: quick_abort_pct (percent)
#       The cache can be configured to continue downloading aborted
#       requests.  This may be undesirable on slow (e.g. SLIP) links
#       and/or very busy caches.  Impatient users may tie up file
#       descriptors and bandwidth by repeatedly requesting and
#       immediately aborting downloads.
#
#       When the user aborts a request, Squid will check the
#       quick_abort values to the amount of data transfered until
#       then.
#
#       If the transfer has less than 'quick_abort_min' KB remaining,
#       it will finish the retrieval.  Setting 'quick_abort_min' to -1
#       will disable the quick_abort feature.
#
#       If the transfer has more than 'quick_abort_max' KB remaining,
#       it will abort the retrieval.
#
#       If more than 'quick_abort_pct' of the transfer has completed,
#       it will finish the retrieval.
#
#Default:
# quick_abort_min 16 KB
# quick_abort_max 16 KB
# quick_abort_pct 95
#  TAG: negative_ttl    time-units
#       Time-to-Live (TTL) for failed requests.  Certain types of
#       failures (such as "connection refused" and "404 Not Found") are
#       negatively-cached for a configurable amount of time.  The
#       default is 5 minutes.  Note that this is different from
#       negative caching of DNS lookups.
#
#Default:
# negative_ttl 5 minutes
#  TAG: positive_dns_ttl        time-units
#       Time-to-Live (TTL) for positive caching of successful DNS lookups.
#       Default is 6 hours (360 minutes).  If you want to minimize the
#       use of Squid's ipcache, set this to 1, not 0.
#
#Default:
# positive_dns_ttl 6 hours
#  TAG: negative_dns_ttl        time-units
#       Time-to-Live (TTL) for negative caching of failed DNS lookups.
#
#Default:
# negative_dns_ttl 5 minutes
#  TAG: range_offset_limit      (bytes)
#       Sets a upper limit on how far into the the file a Range request
#       may be to cause Squid to prefetch the whole file. If beyond this
#       limit then Squid forwards the Range request as it is and the result
#       is NOT cached.
#
#       This is to stop a far ahead range request (lets say start at 17MB)
#       from making Squid fetch the whole object up to that point before
#       sending anything to the client.
#
#       A value of -1 causes Squid to always fetch the object from the
#       beginning so that it may cache the result. (2.0 style)
#
#       A value of 0 causes Squid to never fetch more than the
#       client requested. (default)
#
#Default:
# range_offset_limit 0 KB
# TIMEOUTS
# --------------------------------------------------------------------------
---
#  TAG: connect_timeout time-units
#       Some systems (notably Linux) can not be relied upon to properly
#       time out connect(2) requests.  Therefore the Squid process
#       enforces its own timeout on server connections.  This parameter
#       specifies how long to wait for the connect to complete.  The
#       default is two minutes (120 seconds).
#
#Default:
# connect_timeout 2 minutes
#  TAG: peer_connect_timeout    time-units
#       This parameter specifies how long to wait for a pending TCP
#       connection to a peer cache.  The default is 30 seconds.   You
#       may also set different timeout values for individual neighbors
#       with the 'connect-timeout' option on a 'cache_peer' line.
#
#Default:
# peer_connect_timeout 30 seconds
#  TAG: siteselect_timeout      time-units
#       For URN to multiple URL's URL selection
#
#Default:
# siteselect_timeout 4 seconds
#  TAG: read_timeout    time-units
#       The read_timeout is applied on server-side connections.  After
#       each successful read(), the timeout will be extended by this
#       amount.  If no data is read again after this amount of time,
#       the request is aborted and logged with ERR_READ_TIMEOUT.  The
#       default is 15 minutes.
#
#Default:
# read_timeout 15 minutes
#  TAG: request_timeout
#       How long to wait for an HTTP request after connection
#       establishment.  For persistent connections, wait this long
#       after the previous request completes.
#
#Default:
# request_timeout 30 seconds
#  TAG: client_lifetime time-units
#       The maximum amount of time that a client (browser) is allowed to
#       remain connected to the cache process.  This protects the Cache
#       from having a lot of sockets (and hence file descriptors) tied up
#       in a CLOSE_WAIT state from remote clients that go away without
#       properly shutting down (either because of a network failure or
#       because of a poor client implementation).  The default is one
#       day, 1440 minutes.
#
#       NOTE:  The default value is intended to be much larger than any
#       client would ever need to be connected to your cache.  You
#       should probably change client_lifetime only as a last resort.
#       If you seem to have many client connections tying up
#       filedescriptors, we recommend first tuning the read_timeout,
#       request_timeout, pconn_timeout and quick_abort values.
#
#Default:
# client_lifetime 1 day
#  TAG: half_closed_clients
#       Some clients may shutdown the sending side of their TCP
#       connections, while leaving their receiving sides open.  Sometimes,
#       Squid can not tell the difference between a half-closed and a
#       fully-closed TCP connection.  By default, half-closed client
#       connections are kept open until a read(2) or write(2) on the
#       socket returns an error.  Change this option to 'off' and Squid
#       will immediately close client connections when read(2) returns
#       "no more data to read."
#
#Default:
half_closed_clients off
#  TAG: pconn_timeout
#       Timeout for idle persistent connections to servers and other
#       proxies.
#
#Default:
# pconn_timeout 120 seconds
#  TAG: ident_timeout
#       Maximum time to wait for IDENT requests.  If this is too high,
#       and you enabled 'ident_lookup', then you might be susceptible
#       to denial-of-service by having many ident requests going at
#       once.
#
#       Only src type ACL checks are fully supported.  A src_domain
#       ACL might work at times, but it will not always provide
#       the correct result.
#
#       This option may be disabled by using --disable-ident with
#       the configure script.
#
#Default:
# ident_timeout 10 seconds
#  TAG: shutdown_lifetime       time-units
#       When SIGTERM or SIGHUP is received, the cache is put into
#       "shutdown pending" mode until all active sockets are closed.
#       This value is the lifetime to set for all open descriptors
#       during shutdown mode.  Any active clients after this many
#       seconds will receive a 'timeout' message.
#
#Default:
# shutdown_lifetime 30 seconds
# ACCESS CONTROLS
# --------------------------------------------------------------------------
---
#  TAG: acl
#       Defining an Access List
#
#       acl aclname acltype string1 ...
#       acl aclname acltype "file" ...
#
#       when using "file", the file should contain one item per line
#
#       acltype is one of src dst srcdomain dstdomain url_pattern
#               urlpath_pattern time port proto method browser user
#
#       By default, regular expressions are CASE-SENSITIVE.  To make
#       them case-insensitive, use the -i option.
#
#       acl aclname src      ip-address/netmask ... (clients IP address)
#       acl aclname src      addr1-addr2/netmask ... (range of addresses)
#       acl aclname dst      ip-address/netmask ... (URL host's IP address)
#       acl aclname myip     ip-address/netmask ... (local socket IP
address)
#
#       acl aclname srcdomain   .foo.com ...    # reverse lookup, client IP
#       acl aclname dstdomain   .foo.com ...    # Destination server from
URL
#       acl aclname srcdom_regex [-i] xxx ...   # regex matching client name
#       acl aclname dstdom_regex [-i] xxx ...   # regex matching server
#         # For dstdomain and dstdom_regex  a reverse lookup is tried if a
IP
#         # based URL is used. The name "none" is used if the reverse lookup
#         # fails.
#
#       acl aclname time     [day-abbrevs]  [h1:m1-h2:m2]
#           day-abbrevs:
#               S - Sunday
#               M - Monday
#               T - Tuesday
#               W - Wednesday
#               H - Thursday
#               F - Friday
#               A - Saturday
#           h1:m1 must be less than h2:m2
#       acl aclname url_regex [-i] ^http:// ... # regex matching on whole
URL
#       acl aclname urlpath_regex [-i] \.gif$ ...       # regex matching on
URL
path
#       acl aclname port     80 70 21 ...
#       acl aclname port     0-1024 ...         # ranges allowed
#       acl aclname myport   3128 ...           # (local socket TCP port)
#       acl aclname proto    HTTP FTP ...
#       acl aclname method   GET POST ...
#       acl aclname browser  [-i] regexp
#         # pattern match on User-Agent header
#       acl aclname ident    username ...
#       acl aclname ident_regex [-i] pattern ...
#         # string match on ident output.
#         # use REQUIRED to accept any non-null ident.
#       acl aclname src_as   number ...
#       acl aclname dst_as   number ...
#         # Except for access control, AS numbers can be used for
#         # routing of requests to specific caches. Here's an
#         # example for routing all requests for AS#1241 and only
#         # those to mycache.mydomain.net:
#         # acl asexample dst_as 1241
#         # cache_peer_access mycache.mydomain.net allow asexample
#         # cache_peer_access mycache_mydomain.net deny all
#
#       acl aclname proxy_auth username ...
#       acl aclname proxy_auth_regex [-i] pattern ...
#         # list of valid usernames
#         # use REQUIRED to accept any valid username.
#         #
#         # NOTE: when a Proxy-Authentication header is sent but it is not
#         # needed during ACL checking the username is NOT logged
#         # in access.log.
#         #
#         # NOTE: proxy_auth requires a EXTERNAL authentication program
#         # to check username/password combinations (see
#         # authenticate_program).
#         #
#         # WARNING: proxy_auth can't be used in a transparent proxy. It
#         # collides with any authentication done by origin servers. It may
#         # seem like it works at first, but it doesn't.
#
#       acl aclname snmp_community string ...
#         # A community string to limit access to your SNMP Agent
#         # Example:
#         #
#         #     acl snmppublic snmp_community public
#
#       acl aclname maxconn number
#         # This will be matched when the client's IP address has
#         # more than <number> HTTP connections established.
#
#       acl req_mime_type mime-type1 ...
#         # regex match agains the mime type of the request generated
#         # by the client. Can be used to detect file upload or some
#         # types HTTP tunelling requests.
#         # NOTE: This does NOT match the reply. You cannot use this
#         # to match the returned file type.
#
#Examples:
#acl myexample dst_as 1241
#acl password proxy_auth REQUIRED
#acl fileupload req_mime_type -i ^multipart/form-data$
#
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443 563     # https, snews
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT
#  TAG: http_access
#       Allowing or Denying access based on defined access lists
#
#       Access to the HTTP port:
#       http_access allow|deny [!]aclname ...
#
#       NOTE on default values:
#
#       If there are no "access" lines present, the default is to deny
#       the request.
#
#       If none of the "access" lines cause a match, the default is the
#       opposite of the last line in the list.  If the last line was
#       deny, then the default is allow.  Conversely, if the last line
#       is allow, the default will be deny.  For these reasons, it is a
#       good idea to have an "deny all" or "allow all" entry at the end
#       of your access lists to avoid potential confusion.
#
#Default:
# http_access deny all
#
#Recommended minimum configuration:
#
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
# And finally deny all other access to this proxy
http_access allow all
#  TAG: icp_access
#       Allowing or Denying access to the ICP port based on defined
#       access lists
#
#       icp_access  allow|deny [!]aclname ...
#
#       See http_access for details
#
#Default:
# icp_access deny all
#
#Allow ICP queries from eveyone
icp_access allow all
#  TAG: miss_access
#       Use to force your neighbors to use you as a sibling instead of
#       a parent.  For example:
#
#               acl localclients src 172.16.0.0/16
#               miss_access allow localclients
#               miss_access deny  !localclients
#
#       This means that only your local clients are allowed to fetch
#       MISSES and all other clients can only fetch HITS.
#
#       By default, allow all clients who passed the http_access rules
#       to fetch MISSES from us.
#
#Default setting:
# miss_access allow all
#  TAG: cache_peer_access
#       Similar to 'cache_peer_domain' but provides more flexibility by
#       using ACL elements.
#
#       cache_peer_access cache-host allow|deny [!]aclname ...
#
#       The syntax is identical to 'http_access' and the other lists of
#       ACL elements.  See the comments for 'http_access' below, or
#       the Squid FAQ (http://www.squid-cache.org/FAQ/FAQ-10.html).
#
#Default:
# none
#  TAG: proxy_auth_realm
#       Specifies the realm name which is to be reported to the client for
#       proxy authentication (part of the text the user will see when
#       prompted their username and password).
#
#Default:
# proxy_auth_realm Squid proxy-caching web server
#  TAG: ident_lookup_access
#       A list of ACL elements which, if matched, cause an ident
#       (RFC 931) lookup to be performed for this request.  For
#       example, you might choose to always perform ident lookups
#       for your main multi-user Unix boxes, but not for your Macs
#       and PCs.  By default, ident lookups are not performed for
#       any requests.
#
#       To enable ident lookups for specific client addresses, you
#       can follow this example:
#
#       acl ident_aware_hosts src 198.168.1.0/255.255.255.0
#       ident_lookup_access allow ident_aware_hosts
#       ident_lookup_access deny all
#
#       This option may be disabled by using --disable-ident with
#       the configure script.
#
#Default:
# ident_lookup_access deny all
# ADMINISTRATIVE PARAMETERS
# --------------------------------------------------------------------------
---
#  TAG: cache_mgr
#       Email-address of local cache manager who will receive
#       mail if the cache dies.  The default is "webmaster."
#
#Default:
# cache_mgr webmaster
#  TAG: cache_effective_user
#  TAG: cache_effective_group
#
#       If the cache is run as root, it will change its effective/real
#       UID/GID to the UID/GID specified below.  The default is to
#       change to UID to nobody and GID to nogroup.
#
#       If Squid is not started as root, the default is to keep the
#       current UID/GID.  Note that if Squid is not started as root then
#       you cannot set http_port to a value lower than 1024.
#
#Default:
cache_effective_user nobody
cache_effective_group nogroup
#  TAG: visible_hostname
#       If you want to present a special hostname in error messages, etc,
#       then define this.  Otherwise, the return value of gethostname()
#       will be used. If you have multiple caches in a cluster and
#       get errors about IP-forwarding you must set them to have individual
#       names with this setting.
#
#Default:
# none
#  TAG: unique_hostname
#       If you want to have multiple machines with the same
#       'visible_hostname' then you must give each machine a different
#       'unique_hostname' so that forwarding loops can be detected.
#
#Default:
# none
#  TAG: hostname_aliases
#       A list of other DNS names that your cache has.
#
#Default:
# none
# OPTIONS FOR THE CACHE REGISTRATION SERVICE
# --------------------------------------------------------------------------
---
#
#       This section contains parameters for the (optional) cache
#       announcement service.  This service is provided to help
#       cache administrators locate one another in order to join or
#       create cache hierarchies.
#
#       An 'announcement' message is sent (via UDP) to the registration
#       service by Squid.  By default, the announcement message is NOT
#       SENT unless you enable it with 'announce_period' below.
#
#       The announcement message includes your hostname, plus the
#       following information from this configuration file:
#
#               http_port
#               icp_port
#               cache_mgr
#
#       All current information is processed regularly and made
#       available on the Web at http://www.ircache.net/Cache/Tracker/.
#  TAG: announce_period
#       This is how frequently to send cache announcements.  The
#       default is `0' which disables sending the announcement
#       messages.
#
#       To enable announcing your cache, just uncomment the line
#       below.
#
#Default:
# announce_period 0
#
#To enable announcing your cache, just uncomment the line below.
#announce_period 1 day
#  TAG: announce_host
#  TAG: announce_file
#  TAG: announce_port
#       announce_host and announce_port set the hostname and port
#       number where the registration message will be sent.
#
#       Hostname will default to 'tracker.ircache.net' and port will
#       default default to 3131.  If the 'filename' argument is given,
#       the contents of that file will be included in the announce
#       message.
#
#Default:
# announce_host tracker.ircache.net
# announce_port 3131
# HTTPD-ACCELERATOR OPTIONS
# --------------------------------------------------------------------------
---
#  TAG: httpd_accel_host
#  TAG: httpd_accel_port
#       If you want to run Squid as an httpd accelerator, define the
#       host name and port number where the real HTTP server is.
#
#       If you want virtual host support then specify the hostname
#       as "virtual".
#
#       If you want virtual port support then specify the port as "0".
#
#       NOTE: enabling httpd_accel_host disables proxy-caching and
#       ICP.  If you want these features enabled also, then set
#       the 'httpd_accel_with_proxy' option.
#
#Default:
httpd_accel_host virtual
httpd_accel_port 80
#  TAG: httpd_accel_single_host on|off
#       If you are running Squid as a accelerator and have a single backend
#       server then set this to on. This causes Squid to forward the request
#       to this server irregardles of what any redirectors or Host headers
#       says.
#
#       Leave this at off if you have multiple backend servers, and use a
#       redirector (or host table or private DNS) to map the requests to the
#       appropriate backend servers. Note that the mapping needs to be a
#       1-1 mapping between requested and backend (from redirector) domain
#       names or caching will fail, as cacing is performed using the
#       URL returned from the redirector.
#
#       See also redirect_rewrites_host_header.
#
#Default:
httpd_accel_single_host off
#  TAG: httpd_accel_with_proxy  on|off
#       If you want to use Squid as both a local httpd accelerator
#       and as a proxy, change this to 'on'. Note however that your
#       proxy users may have trouble to reach the accelerated domains
#       unless their browsers are configured not to use this proxy for
#       those domains (for example via the no_proxy browser configuration
#       setting)
#
#Default:
httpd_accel_with_proxy on
#  TAG: httpd_accel_uses_host_header    on|off
#       HTTP/1.1 requests include a Host: header which is basically the
#       hostname from the URL.  Squid can be an accelerator for
#       different HTTP servers by looking at this header.  However,
#       Squid does NOT check the value of the Host header, so it opens
#       a big security hole.  We recommend that this option remain
#       disabled unless you are sure of what you are doing.
#
#       However, you will need to enable this option if you run Squid
#       as a transparent proxy.  Otherwise, virtual servers which
#       require the Host: header will not be properly cached.
#
#Default:
httpd_accel_uses_host_header on
# MISCELLANEOUS
# --------------------------------------------------------------------------
---
#  TAG: dns_testnames
#       The DNS tests exit as soon as the first site is successfully looked
up
#
#       This test can be disabled with the -D command line option.
#
#Default:
# dns_testnames netscape.com internic.net nlanr.net microsoft.com
#  TAG: logfile_rotate
#       Specifies the number of logfile rotations to make when you
#       type 'squid -k rotate'.  The default is 10, which will rotate
#       with extensions 0 through 9.  Setting logfile_rotate to 0 will
#       disable the rotation, but the logfiles are still closed and
#       re-opened.  This will enable you to rename the logfiles
#       yourself just before sending the rotate signal.
#
#       Note, the 'squid -k rotate' command normally sends a USR1
#       signal to the running squid process.  In certain situations
#       (e.g. on Linux with Async I/O), USR1 is used for other
#       purposes, so -k rotate uses another signal.  It is best to get
#       in the habit of using 'squid -k rotate' instead of 'kill -USR1
#       <pid>'.
#
#Default:
# logfile_rotate 10
#  TAG: append_domain
#       Appends local domain name to hostnames without any dots in
#       them.  append_domain must begin with a period.
#
#Example:
# append_domain .yourdomain.com
#
#Default:
# none
#  TAG: tcp_recv_bufsize        (bytes)
#       Size of receive buffer to set for TCP sockets.  Probably just
#       as easy to change your kernel's default.  Set to zero to use
#       the default buffer size.
#
#Default:
# tcp_recv_bufsize 0 bytes
#  TAG: err_html_text
#       HTML text to include in error messages.  Make this a "mailto"
#       URL to your admin address, or maybe just a link to your
#       organizations Web page.
#
#       To include this in your error messages, you must rewrite
#       the error template files (found in the "errors" directory).
#       Wherever you want the 'err_html_text' line to appear,
#       insert a %L tag in the error template file.
#
#Default:
# none
#  TAG: deny_info
#       Usage:   deny_info err_page_name acl
#       Example: deny_info ERR_CUSTOM_ACCESS_DENIED bad_guys
#
#       This can be used to return a ERR_ page for requests which
#       do not pass the 'http_access' rules.  A single ACL will cause
#       the http_access check to fail.  If a 'deny_info' line exists
#       for that ACL then Squid returns a corresponding error page.
#
#       You may use ERR_ pages that come with Squid or create your own pages
#       and put them into the configured errors/ directory.
#
#Default:
# none
#  TAG: memory_pools    on|off
#       If set, Squid will keep pools of allocated (but unused) memory
#       available for future use.  If memory is a premium on your
#       system and you believe your malloc library outperforms Squid
#       routines, disable this.
#
#Default:
memory_pools off
#  TAG: memory_pools_limit      (bytes)
#       Used only with memory_pools on:
#       memory_pools_limit 50 MB
#
#       If set to a non-zero value, Squid will keep at most the specified
#       limit of allocated (but unused) memory in memory pools. All free()
#       requests that exceed this limit will be handled by your malloc
#       library. Squid does not pre-allocate any memory, just safe-keeps
#       objects that otherwise would be free()d. Thus, it is safe to set
#       memory_pools_limit to a reasonably high value even if your
#       configuration will use less memory.
#
#       If not set (default) or set to zero, Squid will keep all memory it
#       can. That is, there will be no limit on the total amount of memory
#       used for safe-keeping.
#
#       To disable memory allocation optimization, do not set
#       memory_pools_limit to 0. Set memory_pools to "off" instead.
#
#       An overhead for maintaining memory pools is not taken into account
#       when the limit is checked. This overhead is close to four bytes per
#       object kept. However, pools may actually _save_ memory because of
#       reduced memory thrashing in your malloc library.
#
#Default:
# none
#  TAG: forwarded_for   on|off
#       If set, Squid will include your system's IP address or name
#       in the HTTP requests it forwards.  By default it looks like
#       this:
#
#               X-Forwarded-For: 192.1.2.3
#
#       If you disable this, it will appear as
#
#               X-Forwarded-For: unknown
#
#Default:
# forwarded_for on
#  TAG: log_icp_queries on|off
#       If set, ICP queries are logged to access.log. You may wish
#       do disable this if your ICP load is VERY high to speed things
#       up or to simplify log analysis.
#
#Default:
# log_icp_queries on
#  TAG: icp_hit_stale   on|off
#       If you want to return ICP_HIT for stale cache objects, set this
#       option to 'on'.  If you have sibling relationships with caches
#       in other administrative domains, this should be 'off'.  If you only
#       have sibling relationships with caches under your control, then
#       it is probably okay to set this to 'on'.
#
#Default:
# icp_hit_stale off
#  TAG: minimum_direct_hops
#       If using the ICMP pinging stuff, do direct fetches for sites
#       which are no more than this many hops away.
#
#Default:
# minimum_direct_hops 4
#  TAG: minimum_direct_rtt
#       If using the ICMP pinging stuff, do direct fetches for sites
#       which are no more than this many rtt milliseconds away.
#
#Default:
# minimum_direct_rtt 400
#  TAG: cachemgr_passwd
#       Specify passwords for cachemgr operations.
#
#       Usage: cachemgr_passwd password action action ...
#
#       Some valid actions are (see cache manager menu for a full list):
#               5min
#               60min
#               asndb
#               authenticator
#               cbdata
#               client_list
#               comm_incoming
#               config *
#               counters
#               delay
#               digest_stats
#               dns
#               events
#               filedescriptors
#               fqdncache
#               histograms
#               http_headers
#               info
#               io
#               ipcache
#               mem
#               menu
#               netdb
#               non_peers
#               objects
#               pconn
#               peer_select
#               redirector
#               refresh
#               server_list
#               shutdown *
#               store_digest
#               storedir
#               utilization
#               via_headers
#               vm_objects
#
#       * Indicates actions which will not be performed without a
#         valid password, others can be performed if not listed here.
#
#       To disable an action, set the password to "disable".
#       To allow performing an action without a password, set the
#       password to "none".
#
#       Use the keyword "all" to set the same password for all actions.
#
#Example:
# cachemgr_passwd secret shutdown
# cachemgr_passwd lesssssssecret info stats/objects
# cachemgr_passwd disable all
#
#Default:
# none
#  TAG: store_avg_object_size   (kbytes)
#       Average object size, used to estimate number of objects your
#       cache can hold.  See doc/Release-Notes-1.1.txt.  The default is
#       13 KB.
#
#Default:
# store_avg_object_size 13 KB
#  TAG: store_objects_per_bucket
#       Target number of objects per bucket in the store hash table.
#       Lowering this value increases the total number of buckets and
#       also the storage maintenance rate.  The default is 50.
#
#Default:
# store_objects_per_bucket 20
#  TAG: client_db       on|off
#       If you want to disable collecting per-client statistics, then
#       turn off client_db here.
#
#Default:
# client_db on
#  TAG: netdb_low
#  TAG: netdb_high
#       The low and high water marks for the ICMP measurement
#       database.  These are counts, not percents.  The defaults are
#       900 and 1000.  When the high water mark is reached, database
#       entries will be deleted until the low mark is reached.
#
#Default:
# netdb_low 900
# netdb_high 1000
#  TAG: netdb_ping_period
#       The minimum period for measuring a site.  There will be at
#       least this much delay between successive pings to the same
#       network.  The default is five minutes.
#
#Default:
# netdb_ping_period 5 minutes
#  TAG: query_icmp      on|off
#       If you want to ask your peers to include ICMP data in their ICP
#       replies, enable this option.
#
#       If your peer has configured Squid (during compilation) with
#       '--enable-icmp' then that peer will send ICMP pings to origin server
#       sites of the URLs it receives.  If you enable this option then the
#       ICP replies from that peer will include the ICMP data (if
available).
#       Then, when choosing a parent cache, Squid will choose the parent
with
#       the minimal RTT to the origin server.  When this happens, the
#       hierarchy field of the access.log will be
#       "CLOSEST_PARENT_MISS".  This option is off by default.
#
#Default:
# query_icmp off
#  TAG: test_reachability       on|off
#       When this is 'on', ICP MISS replies will be ICP_MISS_NOFETCH
#       instead of ICP_MISS if the target host is NOT in the ICMP
#       database, or has a zero RTT.
#
#Default:
# test_reachability off
#  TAG: buffered_logs   on|off
#       Some log files (cache.log, useragent.log) are written with
#       stdio functions, and as such they can be buffered or
#       unbuffered.  By default they will be unbuffered. Buffering them
#       can speed up the writing slightly (though you are unlikely to
#       need to worry).
#
#Default:
# buffered_logs off
#  TAG: reload_into_ims on|off
#       When you enable this option, client no-cache or ``reload''
#       requests will be changed to If-Modified-Since requests.
#       Doing this VIOLATES the HTTP standard.  Enabling this
#       feature could make you liable for problems which it
#       causes.
#
#       see also refresh_pattern for a more selective approach.
#
#       This option may be disabled by using --disable-http-violations
#       with the configure script.
#
#Default:
# reload_into_ims off
#  TAG: always_direct
#       Usage: always_direct allow|deny [!]aclname ...
#
#       Here you can use ACL elements to specify requests which should
#       ALWAYS be forwarded directly to origin servers.  For example,
#       to always directly forward requests for local servers use
#       something like:
#
#               acl local-servers dstdomain my.domain.net
#               always_direct allow local-servers
#
#       To always forward FTP requests directly, use
#
#               acl FTP proto FTP
#               always_direct allow FTP
#
#       NOTE: There is a similar, but opposite option named
#       'never_direct'.  You need to be aware that "always_direct deny
#       foo" is NOT the same thing as "never_direct allow foo".  You
#       may need to use a deny rule to exclude a more-specific case of
#       some other rule.  Example:
#
#               acl local-external dstdomain external.foo.net
#               acl local-servers dstdomain  foo.net
#               always_direct deny local-external
#               always_direct allow local-servers
#
#       This option replaces some v1.1 options such as local_domain
#       and local_ip.
#
#Default:
# none
#  TAG: never_direct
#       Usage: never_direct allow|deny [!]aclname ...
#
#       never_direct is the opposite of always_direct.  Please read
#       the description for always_direct if you have not already.
#
#       With 'never_direct' you can use ACL elements to specify
#       requests which should NEVER be forwarded directly to origin
#       servers.  For example, to force the use of a proxy for all
#       requests, except those in your local domain use something like:
#
#               acl local-servers dstdomain foo.net
#               acl all src 0.0.0.0/0.0.0.0
#               never_direct deny local-servers
#               never_direct allow all
#
#       or if squid is inside a firewall and there is local intranet
#       servers inside the firewall then use something like:
#
#               acl local-intranet dstdomain foo.net
#               acl local-external dstdomain external.foo.net
#               always_direct deny local-external
#               always_direct allow local-intranet
#               never_direct allow all
#
#       This option replaces some v1.1 options such as inside_firewall
#       and firewall_ip.
#
#Default:
# none
#  TAG: anonymize_headers
#       Usage: anonymize_headers allow|deny header_name ...
#
#       This option replaces the old 'http_anonymizer' option with
#       something that is much more configurable.  You may now
#       specify exactly which headers are to be allowed, or which
#       are to be removed from outgoing requests.
#
#       There are two methods of using this option.  You may either
#       allow specific headers (thus denying all others), or you
#       may deny specific headers (thus allowing all others).
#
#       For example, to achieve the same behavior as the old
#       'http_anonymizer standard' option, you should use:
#
#               anonymize_headers deny From Referer Server
#               anonymize_headers deny User-Agent WWW-Authenticate Link
#
#       Or, to reproduce the old 'http_anonymizer paranoid' feature
#       you should use:
#
#               anonymize_headers allow Allow Authorization Cache-Control
#               anonymize_headers allow Content-Encoding Content-Length
#               anonymize_headers allow Content-Type Date Expires Host
#               anonymize_headers allow If-Modified-Since Last-Modified
#               anonymize_headers allow Location Pragma Accept
#               anonymize_headers allow Accept-Encoding Accept-Language
#               anonymize_headers allow Content-Language Mime-Version
#               anonymize_headers allow Retry-After Title Connection
#               anonymize_headers allow Proxy-Connection
#
#       NOTE: You can not mix "allow" and "deny".  All 'anonymize_headers'
#       lines must have the same second argument.
#
#       By default, all headers are allowed (no anonymizing is
#       performed).
#
#Default:
# none
#  TAG: fake_user_agent
#       If you filter the User-Agent header with 'anonymize_headers' it
#       may cause some Web servers to refuse your request.  Use this to
#       fake one up.  For example:
#
#       fake_user_agent Nutscrape/1.0 (CP/M; 8-bit)
#       (credit to Paul Southworth pauls@etext.org for this one!)
#
#Default:
# none
#  TAG: icon_directory
#       Where the icons are stored. These are normally kept in
#       /usr/local/etc/squid/icons
#
#Default:
# icon_directory /usr/local/etc/squid/icons
#  TAG: error_directory
#       If you wish to create your own versions of the default
#       (English) error files, either to customize them to suit your
#       language or company copy the template English files to another
#       directory and point this tag at them.
#
#Default:
# error_directory /usr/local/etc/squid/errors
#  TAG: minimum_retry_timeout   (seconds)
#       This specifies the minimum connect timeout, for when the
#       connect timeout is reduced to compensate for the availability
#       of multiple IP addresses.
#
#       When a connection to a host is initiated, and that host has
#       several IP addresses, the default connection timeout is reduced
#       by dividing it by the number of addresses.  So, a site with 15
#       addresses would then have a timeout of 8 seconds for each
#       address attempted.  To avoid having the timeout reduced to the
#       point where even a working host would not have a chance to
#       respond, this setting is provided.  The default, and the
#       minimum value, is five seconds, and the maximum value is sixty
#       seconds, or half of connect_timeout, whichever is greater and
#       less than connect_timeout.
#
#Default:
# minimum_retry_timeout 5 seconds
#  TAG: maximum_single_addr_tries
#       This sets the maximum number of connection attempts for a
#       host that only has one address (for multiple-address hosts,
#       each address is tried once).
#
#       The default value is three tries, the (not recommended)
#       maximum is 255 tries.  A warning message will be generated
#       if it is set to a value greater than ten.
#
#Default:
# maximum_single_addr_tries 3
#  TAG: snmp_port
# Note: This option is only available if Squid is rebuilt with the
#       --enable-snmp option
#
#       Squid can now serve statistics and status information via SNMP.
#       By default it listens to port 3401 on the machine. If you don't
#       wish to use SNMP, set this to "0".
#
#       NOTE: SNMP support requires use the --enable-snmp configure
#       command line option.
#
#Default:
# snmp_port 3401
#  TAG: snmp_access
# Note: This option is only available if Squid is rebuilt with the
#       --enable-snmp option
#
#       Allowing or denying access to the SNMP port.
#
#       All access to the agent is denied by default.
#       usage:
#
#       snmp_access allow|deny [!]aclname ...
#
#Example:
# snmp_access allow snmppublic localhost
# snmp_access deny all
#
#Default:
# snmp_access deny all
#  TAG: snmp_incoming_address
# Note: This option is only available if Squid is rebuilt with the
#       --enable-snmp option
#
#  TAG: snmp_outgoing_address
# Note: This option is only available if Squid is rebuilt with the
#       --enable-snmp option
#
#       Just like 'udp_incoming_address' above, but for the SNMP port.
#
#       snmp_incoming_address   is used for the SNMP socket receiving
#                               messages from SNMP agents.
#       snmp_outgoing_address   is used for SNMP packets returned to SNMP
#                               agents.
#
#       The default snmp_incoming_address (0.0.0.0) is to listen on all
#       available network interfaces.
#
#       If snmp_outgoing_address is set to 255.255.255.255 (the default)
#       then it will use the same socket as snmp_incoming_address. Only
#       change this if you want to have SNMP replies sent using another
#       address than where this Squid listens for SNMP queries.
#
#       NOTE, snmp_incoming_address and snmp_outgoing_address can not have
#       the same value since they both use port 3401.
#
#Default:
# snmp_incoming_address 0.0.0.0
# snmp_outgoing_address 255.255.255.255
#  TAG: as_whois_server
#       WHOIS server to query for AS numbers.  NOTE: AS numbers are
#       queried only when Squid starts up, not for every request.
#
#Default:
# as_whois_server whois.ra.net
# as_whois_server whois.ra.net
#  TAG: wccp_router
#       Use this option to define your WCCP ``home'' router for
#       Squid.   Setting the 'wccp_router' to 0.0.0.0 (the default)
#       disables WCCP.
#
#Default:
wccp_router ip.of.my.router
#  TAG: wccp_version
#       According to some users, Cisco IOS 11.2 only supports WCCP
#       version 3.  If you're using that version of IOS, change
#       this value to 3.
#
#Default:
wccp_version 4
#  TAG: wccp_incoming_address
#  TAG: wccp_outgoing_address
#        wccp_incoming_address   Use this option if you require WCCP
#                               messages to be received on only one
#                               interface.  Do NOT use this option if
#                               you're unsure how many interfaces you
#                               have, or if you know you have only one
#                               interface.
#
#       wccp_outgoing_address   Use this option if you require WCCP
#                               messages to be sent out on only one
#                               interface.  Do NOT use this option if
#                               you're unsure how many interfaces you
#                               have, or if you know you have only one
#                               interface.
#
#        The default behavior is to not bind to any specific address.
#
#        NOTE, wccp_incoming_address and wccp_outgoing_address can not have
#        the same value since they both use port 2048.
#
#Default:
#wccp_incoming_address 213.181.52.37
#wccp_outgoing_address 213.181.52.38
# DELAY POOL PARAMETERS (all require DELAY_POOLS compilation option)
# --------------------------------------------------------------------------
---
#  TAG: delay_pools
# Note: This option is only available if Squid is rebuilt with the
#       --enable-delay-pools option
#
#       This represents the number of delay pools to be used.  For example,
#       if you have one class 2 delay pool and one class 3 delays pool, you
#       have a total of 2 delay pools.
#
#       To enable this option, you must use --enable-delay-pools with the
#       configure script.
#
#Default:
# delay_pools 0
#  TAG: delay_class
# Note: This option is only available if Squid is rebuilt with the
#       --enable-delay-pools option
#
#       This defines the class of each delay pool.  There must be exactly
one
#       delay_class line for each delay pool.  For example, to define two
#       delay pools, one of class 2 and one of class 3, the settings above
#       and here would be:
#
#Example:
# delay_pools 2      # 2 delay pools
# delay_class 1 2    # pool 1 is a class 2 pool
# delay_class 2 3    # pool 2 is a class 3 pool
#
#       The delay pool classes are:
#
#               class 1         Everything is limited by a single aggregate
#                               bucket.
#
#               class 2         Everything is limited by a single aggregate
#                               bucket as well as an "individual" bucket
chosen
#                               from bits 25 through 32 of the IP address.
#
#               class 3         Everything is limited by a single aggregate
#                               bucket as well as a "network" bucket chosen
#                               from bits 17 through 24 of the IP address
and a
#                               "individual" bucket chosen from bits 17
through
#                               32 of the IP address.
#
#       NOTE: If an IP address is a.b.c.d
#               -> bits 25 through 32 are "d"
#               -> bits 17 through 24 are "c"
#               -> bits 17 through 32 are "c * 256 + d"
#
#Default:
# none
#  TAG: delay_access
# Note: This option is only available if Squid is rebuilt with the
#       --enable-delay-pools option
#
#       This is used to determine which delay pool a request falls into.
#       The first matched delay pool is always used, i.e., if a request
falls
#       into delay pool number one, no more delay are checked, otherwise the
#       rest are checked in order of their delay pool number until they have
#       all been checked.  For example, if you want some_big_clients in
delay
#       pool 1 and lotsa_little_clients in delay pool 2:
#
#Example:
# delay_access 1 allow some_big_clients
# delay_access 1 deny all
# delay_access 2 allow lotsa_little_clients
# delay_access 2 deny all
#
#Default:
# none
#  TAG: delay_parameters
# Note: This option is only available if Squid is rebuilt with the
#       --enable-delay-pools option
#
#       This defines the parameters for a delay pool.  Each delay pool has
#       a number of "buckets" associated with it, as explained in the
#       description of delay_class.  For a class 1 delay pool, the syntax
is:
#
#delay_parameters pool aggregate
#
#       For a class 2 delay pool:
#
#delay_parameters pool aggregate individual
#
#       For a class 3 delay pool:
#
#delay_parameters pool aggregate network individual
#
#       The variables here are:
#
#               pool            a pool number - ie, a number between 1 and
the
#                               number specified in delay_pools as used in
#                               delay_class lines.
#
#               aggregate       the "delay parameters" for the aggregate
bucket
#                               (class 1, 2, 3).
#
#               individual      the "delay parameters" for the individual
#                               buckets (class 2, 3).
#
#               network         the "delay parameters" for the network
buckets
#                               (class 3).
#
#       A pair of delay parameters is written restore/maximum, where
restore is
#       the number of bytes (not bits - modem and network speeds are usually
#       quoted in bits) per second placed into the bucket, and maximum is
the
#       maximum number of bytes which can be in the bucket at any time.
#
#       For example, if delay pool number 1 is a class 2 delay pool as in
the
#       above example, and is being used to strictly limit each host to
64kbps
#       (plus overheads), with no overall limit, the line is:
#
#delay_parameters 1 -1/-1 8000/8000
#
#       Note that the figure -1 is used to represent "unlimited".
#
#       And, if delay pool number 2 is a class 3 delay pool as in the above
#       example, and you want to limit it to a total of 256kbps (strict
limit)
#       with each 8-bit network permitted 64kbps (strict limit) and each
#       individual host permitted 4800bps with a bucket maximum size of 64kb
#       to permit a decent web page to be downloaded at a decent speed
#       (if the network is not being limited due to overuse) but slow down
#       large downloads more significantly:
#
#delay_parameters 2 32000/32000 8000/8000 600/64000
#
#       There must be one delay_parameters line for each delay pool.
#
#Default:
# none
#  TAG: delay_initial_bucket_level      (percent, 0-100)
# Note: This option is only available if Squid is rebuilt with the
#       --enable-delay-pools option
#
#       The initial bucket percentage is used to determine how much is put
#       in each bucket when squid starts, is reconfigured, or first notices
#       a host accessing it (in class 2 and class 3, individual hosts and
#       networks only have buckets associated with them once they have been
#       "seen" by squid).
#
#Default:
# delay_initial_bucket_level 50
#  TAG: incoming_icp_average
#  TAG: incoming_http_average
#  TAG: incoming_dns_average
#  TAG: min_icp_poll_cnt
#  TAG: min_dns_poll_cnt
#  TAG: min_http_poll_cnt
#       Heavy voodoo here.  I can't even believe you are reading this.
#       Are you crazy?  Don't even think about adjusting these unless
#       you understand the algorithms in comm_select.c first!
#
#Default:
# incoming_icp_average 6
# incoming_http_average 4
# incoming_dns_average 4
# min_icp_poll_cnt 8
# min_dns_poll_cnt 8
# min_http_poll_cnt 8
#  TAG: max_open_disk_fds
#       To avoid having disk as the I/O bottleneck Squid can optionally
#       bypass the on-disk cache if more than this amount of disk file
#       descriptors are open.
#
#       A value of 0 indicates no limit.
#
#Default:
# max_open_disk_fds 0
#  TAG: offline_mode
#       Enable this option and Squid will never try to validate cached
#       objects.
#
#Default:
# offline_mode off
#  TAG: uri_whitespace
#       What to do with requests that have whitespace characters in the
#       URI.  Options:
#
#       strip:  The whitespace characters are stripped out of the URL.
#               This is the behavior recommended by RFC2616.
#       deny:   The request is denied.  The user receives an "Invalid
#               Request" message.
#       allow:  The request is allowed and the URI is not changed.  The
#               whitespace characters remain in the URI.  Note the
#               whitespace is passed to redirector processes if they
#               are in use.
#       encode: The request is allowed and the whitespace characters are
#               encoded according to RFC1738.  This could be considered
#               a violation of the HTTP/1.1
#               RFC because proxies are not allowed to rewrite URI's.
#       chop:   The request is allowed and the URI is chopped at the
#               first whitespace.  This might also be considered a
#               violation.
#
#Default:
# uri_whitespace strip
#  TAG: broken_posts
#       A list of ACL elements which, if matched, causes Squid to send
#       a extra CRLF pair after the body of a PUT/POST request.
#
#       Some HTTP servers has broken implementations of PUT/POST,
#       and rely on a extra CRLF pair sent by some WWW clients.
#
#       Quote from RFC 2068 section 4.1 on this matter:
#
#         Note: certain buggy HTTP/1.0 client implementations generate an
#         extra CRLF's after a POST request. To restate what is explicitly
#         forbidden by the BNF, an HTTP/1.1 client must not preface or
follow
#         a request with an extra CRLF.
#
#Example:
# acl buggy_server url_regex ^http://....
# broken_posts allow buggy_server
#
#Default:
# none
#  TAG: mcast_miss_addr
# Note: This option is only available if Squid is rebuilt with the
#       -DMULTICAST_MISS_STREAM option
#
#       If you enable this option, every "cache miss" URL will
#       be sent out on the specified multicast address.
#
#       Do not enable this option unless you are are absolutely
#       certain you understand what you are doing.
#
#Default:
# mcast_miss_addr 255.255.255.255
#  TAG: mcast_miss_ttl
# Note: This option is only available if Squid is rebuilt with the
#       -DMULTICAST_MISS_TTL option
#
#       This is the time-to-live value for packets multicasted
#       when multicasting off cache miss URLs is enabled.  By
#       default this is set to 'site scope', i.e. 16.
#
#Default:
# mcast_miss_ttl 16
#  TAG: mcast_miss_port
# Note: This option is only available if Squid is rebuilt with the
#       -DMULTICAST_MISS_STREAM option
#
#       This is the port number to be used in conjunction with
#       'mcast_miss_addr'.
#
#Default:
# mcast_miss_port 3135
#  TAG: mcast_miss_encode_key
# Note: This option is only available if Squid is rebuilt with the
#       -DMULTICAST_MISS_STREAM option
#
#       The URLs that are sent in the multicast miss stream are
#       encrypted.  This is the encryption key.
#
#Default:
# mcast_miss_encode_key XXXXXXXXXXXXXXXX
#  TAG: nonhierarchical_direct
#       By default, Squid will send any non-hierarchical requests
#       (matching hierarchy_stoplist or not cachable request type) direct
#       to origin servers.
#
#       If you set this to off, then Squid will prefer to send these
#       requests to parents.
#
#       Note that in most configurations, by turning this off you will only
#       add latency to these request without any improvement in global hit
#       ratio.
#
#       If you are inside an firewall then see never_direct instead of
#       this directive.
#
#Default:
# nonhierarchical_direct on
#  TAG: prefer_direct
#       Normally Squid tries to use parents for most requests. If you by
some
#       reason like it to first try going direct and only use a parent if
#       going direct fails then set this to off.
#
#       By combining nonhierarchical_direct off and prefer_direct on you
#       can set up Squid to use a parent as a backup path if going direct
#       fails.
#
#Default:
# prefer_direct off
#  TAG: strip_query_terms
#       By default, Squid strips query terms from requested URLs before
#       logging.  This protects your user's privacy.
#
#Default:
# strip_query_terms on
#  TAG: coredump_dir
#       By default Squid leaves core files in the first cache_dir
#       directory.  If you set 'coredump_dir' to a directory
#       that exists, Squid will chdir() to that directory at startup
#       and coredump files will be left there.
#
#Default:
# none
#  TAG: redirector_bypass
#       When this is 'on', a request will not go through the
#       redirector if all redirectors are busy.  If this is 'off'
#       and the redirector queue grows too large, Squid will exit
#       with a FATAL error and ask you to increase the number of
#       redirectors.  You should only enable this if the redirectors
#       are not critical to your caching system.  If you use
#       redirectors for access control, and you enable this option,
#       then users may have access to pages that they should not
#       be allowed to request.
#
#Default:
# redirector_bypass off
#  TAG: ignore_unknown_nameservers
#       By default Squid checks that DNS responses are received
#       from the same IP addresses that they are sent to.  If they
#       don't match, Squid ignores the response and writes a warning
#       message to cache.log.  You can allow responses from unknown
#       nameservers by setting this option to 'off'.
#
#Default:
# ignore_unknown_nameservers on
#  TAG: digest_generation
# Note: This option is only available if Squid is rebuilt with the
#       --enable-cache-digests option
#
#       This controls whether the server will generate a Cache Digest
#       of its contents.  By default, Cache Digest generation is
#       enabled if Squid is compiled with USE_CACHE_DIGESTS defined.
#
#Default:
# digest_generation on
#  TAG: digest_bits_per_entry
# Note: This option is only available if Squid is rebuilt with the
#       --enable-cache-digests option
#
#       This is the number of bits of the server's Cache Digest which
#       will be associated with the Digest entry for a given HTTP
#       Method and URL (public key) combination.  The default is 5.
#
#Default:
# digest_bits_per_entry 5
#  TAG: digest_rebuild_period   (seconds)
# Note: This option is only available if Squid is rebuilt with the
#       --enable-cache-digests option
#
#       This is the number of seconds between Cache Digest rebuilds.
#
#Default:
# digest_rebuild_period 1 hour
#  TAG: digest_rewrite_period   (seconds)
# Note: This option is only available if Squid is rebuilt with the
#       --enable-cache-digests option
#
#       This is the number of seconds between Cache Digest writes to
#       disk.
#
#Default:
# digest_rewrite_period 1 hour
#  TAG: digest_swapout_chunk_size       (bytes)
# Note: This option is only available if Squid is rebuilt with the
#       --enable-cache-digests option
#
#       This is the number of bytes of the Cache Digest to write to
#       disk at a time.  It defaults to 4096 bytes (4KB), the Squid
#       default swap page.
#
#Default:
# digest_swapout_chunk_size 4096 bytes
#  TAG: digest_rebuild_chunk_percentage (percent, 0-100)
# Note: This option is only available if Squid is rebuilt with the
#       --enable-cache-digests option
#
#       This is the percentage of the Cache Digest to be scanned at a
#       time.  By default it is set to 10% of the Cache Digest.
#
#Default:
# digest_rebuild_chunk_percentage 10
#  TAG: chroot
#       Use this to have Squid do a chroot() while initializing.  This
#       also causes Squid to fully drop root privileges after
#       initializing.  This means, for example, that if you use a HTTP
#       port less than 1024 and try to reconfigure, you will get an
#       error.
#
#Default:
# none
#  TAG: client_persistent_connections
#  TAG: server_persistent_connections
#       Persistent connection support for clients and servers.  By
#       default, Squid uses persistent connections (when allowed)
#       with its clients and servers.  You can use these options to
#       disable persistent connections with clients and/or servers.
#
#Default:
# client_persistent_connections on
# server_persistent_connections on
#  TAG: pipeline_prefetch
#       To boost the performance of pipelined requests to closer
#       match that of a non-proxied environment Squid tries to fetch
#       up to two requests in parallell from a pipeline.
#
#Default:
# pipeline_prefetch on
#  TAG: extension_methods
#       Squid only knows about standardized HTTP request methods.
#       You can add up to 20 additional "extension" methods here.
#
#Default:
# none
#  TAG: high_response_time_warning      (msec)
#       If the one-minute median response time exceeds this value,
#       Squid prints a WARNING with debug level 0 to get the
#       administrators attention.  The value is in milliseconds.
#
#Default:
# high_response_time_warning 0
#  TAG: high_page_fault_warning
#       If the one-minute average page fault rate exceeds this
#       value, Squid prints a WARNING with debug level 0 to get
#       the administrators attention.  The value is in page faults
#       per second.
#
#Default:
# high_page_fault_warning 0
#  TAG: high_memory_warning
#       If the memory usage (as determined by mallinfo) exceeds
#       value, Squid prints a WARNING with debug level 0 to get
#       the administrators attention.
#
#Default:
# high_memory_warning 0
#  TAG: store_dir_select_algorithm
#       Set this to 'round-robin' as an alternative.
#
#Default:
# store_dir_select_algorithm least-load
#  TAG: forward_log
# Note: This option is only available if Squid is rebuilt with the
#       -DWIP_FWD_LOG option
#
#       Logs the server-side requests.
#
#       This is currently work in progress.
#
#Default:
# none
#  TAG: ie_refresh      on|off
#       Microsoft Internet Explorer up until version 5.5 Service
#       Pack 1 has an issue with transparent proxies, wherein it
#       is impossible to force a refresh.  Turning this on provides
#       a partial fix to the problem, by causing all IMS-REFRESH
#       requests from older IE versions to check the origin server
#       for fresh content.  This reduces hit ratio by some amount
#       (~10% in my experience), but allows users to actually get
#       fresh content when they want it.  Note that because Squid
#       cannot tell if the user is using 5.5 or 5.5SP1, the behavior
#       of 5.5 is unchanged from old versions of Squid (i.e. a
#       forced refresh is impossible).  Newer versions of IE will,
#       hopefully, continue to have the new behavior and will be
#       handled based on that assumption.  This option defaults to
#       the old Squid behavior, which is better for hit ratios but
#       worse for clients using IE, if they need to be able to
#       force fresh content.
#
#Default:
# ie_refresh off
 ---------------------------------------------------------------------------
cache# cat /usr/src/sys/i386/conf/CACHE
#
# GENERIC -- Generic kernel configuration file for FreeBSD/i386
#
# For more information on this file, please read the handbook section on
# Kernel Configuration Files:
#
#    http://www.FreeBSD.org/handbook/kernelconfig-config.html
#
# The handbook is also available locally in /usr/share/doc/handbook
# if you've installed the doc distribution, otherwise always see the
# FreeBSD World Wide Web server (http://www.FreeBSD.org/) for the
# latest information.
#
# An exhaustive list of options and more detailed explanations of the
# device lines is also present in the ./LINT configuration file. If you are
# in doubt as to the purpose or necessity of a line, check first in LINT.
#
# $FreeBSD: src/sys/i386/conf/GENERIC,v 1.246.2.38 2002/01/25 17:41:40
murray Ex
p $
machine         i386
#cpu            I386_CPU
#cpu            I486_CPU
cpu             I586_CPU
cpu             I686_CPU
ident           CACHE
maxusers        512
#options         SMP                     # Symmetric MultiProcessor Kernel
#options         APIC_IO                 # Symmetric (APIC) I/O
#options         SMP_INVLTLB             # TLB shootdowns (ONLY with
APIC_IO)
#options         NCPU=2                  # number of CPUs
#options         NBUS=4                  # number of busses
#options         NAPIC=1                 # number of IO APICs
#options         NINTR=24                # number of INTs
#options         SMP_PRIVPAGES           # BROKEN, DO NOT use!
#options         SMP_AUTOSTART           # BROKEN, DO NOT use!
#options         SERIAL_DEBUG            # com port debug output
#makeoptions    DEBUG=-g                #Build kernel with gdb(1) debug
symbols
options         MATH_EMULATE            #Support for x87 emulation
options         INET                    #InterNETworking
options         INET6                   #IPv6 communications protocols
options         FFS                     #Berkeley Fast Filesystem
options         FFS_ROOT                #FFS usable as root device [keep
this!]
options         SOFTUPDATES             #Enable FFS soft updates support
options         UFS_DIRHASH             #Improve performance on big
directories
options         MFS                     #Memory Filesystem
options         MD_ROOT                 #MD is a potential root device
options         NFS                     #Network Filesystem
options         NFS_ROOT                #NFS usable as root device, NFS
required
options         MSDOSFS                 #MSDOS Filesystem
options         CD9660                  #ISO 9660 Filesystem
options         CD9660_ROOT             #CD-ROM usable as root, CD9660
required
options         PROCFS                  #Process filesystem
options         COMPAT_43               #Compatible with BSD 4.3 [KEEP
THIS!]
options         SCSI_DELAY=15000        #Delay (in ms) before probing SCSI
options         UCONSOLE                #Allow users to grab the console
options         USERCONFIG              #boot -c editor
options         VISUAL_USERCONFIG       #visual boot -c editor
options         KTRACE                  #ktrace(1) support
options         SYSVSHM                 #SYSV-style shared memory
options         SYSVMSG                 #SYSV-style message queues
options         SYSVSEM                 #SYSV-style semaphores
options         P1003_1B                #Posix P1003_1B real-time extensions
options         _KPOSIX_PRIORITY_SCHEDULING
options         ICMP_BANDLIM            #Rate limit bad replies
options         KBD_INSTALL_CDEV        # install a CDEV entry in /dev
options         GRE
#OPTION         GRE
# To make an SMP kernel, the next two are needed
options         SMP                     # Symmetric MultiProcessor Kernel
options         APIC_IO                 # Symmetric (APIC) I/O
device          isa
device          eisa
device          pci
# Floppy drives
device          fdc0    at isa? port IO_FD1 irq 6 drq 2
device          fd0     at fdc0 drive 0
device          fd1     at fdc0 drive 1
#
# If you have a Toshiba Libretto with its Y-E Data PCMCIA floppy,
# don't use the above line for fdc0 but the following one:
#device         fdc0
# ATA and ATAPI devices
device          ata0    at isa? port IO_WD1 irq 14
device          ata1    at isa? port IO_WD2 irq 15
device          ata
device          atadisk                 # ATA disk drives
device          atapicd                 # ATAPI CDROM drives
device          atapifd                 # ATAPI floppy drives
device          atapist                 # ATAPI tape drives
options         ATA_STATIC_ID           #Static device numbering
# SCSI Controllers
device          ahb             # EISA AHA1742 family
device          ahc             # AHA2940 and onboard AIC7xxx devices
device          amd             # AMD 53C974 (Tekram DC-390(T))
device          isp             # Qlogic family
device          ncr             # NCR/Symbios Logic
device          sym             # NCR/Symbios Logic (newer chipsets)
options         SYM_SETUP_LP_PROBE_MAP=0x40
                                # Allow ncr to attach legacy NCR devices
when
                                # both sym and ncr are configured
device          adv0    at isa?
device          adw
device          bt0     at isa?
device          aha0    at isa?
device          aic0    at isa?
device          ncv             # NCR 53C500
device          nsp             # Workbit Ninja SCSI-3
device          stg             # TMC 18C30/18C50
# SCSI peripherals
device          scbus           # SCSI bus (required)
device          da              # Direct Access (disks)
device          sa              # Sequential Access (tape etc)
device          cd              # CD
device          pass            # Passthrough device (direct SCSI access)
# RAID controllers interfaced to the SCSI subsystem
device          asr             # DPT SmartRAID V, VI and Adaptec SCSI RAID
device          dpt             # DPT Smartcache - See LINT for options!
device          mly             # Mylex AcceleRAID/eXtremeRAID
# RAID controllers
device          aac             # Adaptec FSA RAID, Dell PERC2/PERC3
device          ida             # Compaq Smart RAID
device          amr             # AMI MegaRAID
device          mlx             # Mylex DAC960 family
device          twe             # 3ware Escalade
# atkbdc0 controls both the keyboard and the PS/2 mouse
device          atkbdc0 at isa? port IO_KBD
device          atkbd0  at atkbdc? irq 1 flags 0x1
device          psm0    at atkbdc? irq 12
device          vga0    at isa?
# splash screen/screen saver
pseudo-device   splash
# syscons is the default console driver, resembling an SCO console
device          sc0     at isa? flags 0x100
# Enable this and PCVT_FREEBSD for pcvt vt220 compatible console driver
#device         vt0     at isa?
#options        XSERVER                 # support for X server on a vt
console
#options        FAT_CURSOR              # start with block cursor
# If you have a ThinkPAD, uncomment this along with the rest of the PCVT
lines
#options        PCVT_SCANSET=2          # IBM keyboards are non-std
# Floating point support - do not disable.
device          npx0    at nexus? port IO_NPX irq 13
# Power management support (see LINT for more options)
device          apm0    at nexus? disable flags 0x20 # Advanced Power
Management
# PCCARD (PCMCIA) support
device          card
device          pcic0   at isa? irq 0 port 0x3e0 iomem 0xd0000
device          pcic1   at isa? irq 0 port 0x3e2 iomem 0xd4000 disable
# Serial (COM) ports
device          sio0    at isa? port IO_COM1 flags 0x10 irq 4
device          sio1    at isa? port IO_COM2 irq 3
device          sio2    at isa? disable port IO_COM3 irq 5
device          sio3    at isa? disable port IO_COM4 irq 9
# Parallel port
device          ppc0    at isa? irq 7
device          ppbus           # Parallel port bus (required)
device          lpt             # Printer
device          plip            # TCP/IP over parallel
device          ppi             # Parallel port interface device
#device         vpo             # Requires scbus and da
# PCI Ethernet NICs.
device          de              # DEC/Intel DC21x4x (``Tulip'')
device          txp             # 3Com 3cR990 (``Typhoon'')
device          vx              # 3Com 3c590, 3c595 (``Vortex'')
# PCI Ethernet NICs that use the common MII bus controller code.
# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
device          miibus          # MII bus support
device          dc              # DEC/Intel 21143 and various workalikes
device          fxp             # Intel EtherExpress PRO/100B (82557, 82558)
device          pcn             # AMD Am79C97x PCI 10/100 NICs
device          rl              # RealTek 8129/8139
device          sf              # Adaptec AIC-6915 (``Starfire'')
device          sis             # Silicon Integrated Systems SiS 900/SiS
7016
device          ste             # Sundance ST201 (D-Link DFE-550TX)
device          tl              # Texas Instruments ThunderLAN
device          tx              # SMC EtherPower II (83c170 ``EPIC'')
device          vr              # VIA Rhine, Rhine II
device          wb              # Winbond W89C840F
device          wx              # Intel Gigabit Ethernet Card (``Wiseman'')
device          xl              # 3Com 3c90x (``Boomerang'', ``Cyclone'')
device          bge             # Broadcom BCM570x (``Tigon III'')
# ISA Ethernet NICs.
# 'device ed' requires 'device miibus'
device          ed0     at isa? port 0x280 irq 10 iomem 0xd8000
device          ex
device          ep
device          fe0     at isa? port 0x300
# Xircom Ethernet
device          xe
# PRISM I IEEE 802.11b wireless NIC.
device          awi
# WaveLAN/IEEE 802.11 wireless NICs. Note: the WaveLAN/IEEE really
# exists only as a PCMCIA device, so there is no ISA attachment needed
# and resources will always be dynamically assigned by the pccard code.
device          wi
# Aironet 4500/4800 802.11 wireless NICs. Note: the declaration below will
# work for PCMCIA and PCI cards, as well as ISA cards set to ISA PnP
# mode (the factory default). If you set the switches on your ISA
# card for a manually chosen I/O address and IRQ, you must specify
# those parameters here.
device          an
# The probe order of these is presently determined by i386/isa/isa_compat.c.
device          ie0     at isa? port 0x300 irq 10 iomem 0xd0000
#device         le0     at isa? port 0x300 irq 5 iomem 0xd0000
device          lnc0    at isa? port 0x280 irq 10 drq 0
device          cs0     at isa? port 0x300
device          sn0     at isa? port 0x300 irq 10
# Pseudo devices - the number indicates how many units to allocate.
pseudo-device   loop            # Network loopback
pseudo-device   ether           # Ethernet support
pseudo-device   sl      1       # Kernel SLIP
pseudo-device   ppp     1       # Kernel PPP
pseudo-device   tun             # Packet tunnel.
pseudo-device   pty             # Pseudo-ttys (telnet etc)
pseudo-device   md              # Memory "disks"
pseudo-device   gif             # IPv6 and IPv4 tunneling
pseudo-device   faith   1       # IPv6-to-IPv4 relaying (translation)
# The `bpf' pseudo-device enables the Berkeley Packet Filter.
# Be aware of the administrative consequences of enabling this!
pseudo-device   bpf             #Berkeley packet filter
# USB support
device          uhci            # UHCI PCI->USB interface
device          ohci            # OHCI PCI->USB interface
device          usb             # USB Bus (required)
device          ugen            # Generic
device          uhid            # "Human Interface Devices"
device          ukbd            # Keyboard
device          ulpt            # Printer
device          umass           # Disks/Mass storage - Requires scbus and da
device          ums             # Mouse
device          uscanner        # Scanners
device          urio            # Diamond Rio MP3 Player
# USB Ethernet, requires mii
device          aue             # ADMtek USB ethernet
device          cue             # CATC USB ethernet
device          kue             # Kawasaki LSI USB ethernet
----------------------------------------------------------------------------
----
cache# cat /usr/src/sys/i386/conf/LINT
#
# LINT -- config file for checking all the sources, tries to pull in
#       as much of the source tree as it can.
#
# $FreeBSD: src/sys/i386/conf/LINT,v 1.749.2.96 2001/12/23 08:17:37 pirzyk
Exp $
#
# NB: You probably don't want to try running a kernel built from this
# file.  Instead, you should start from GENERIC, and add options from
# this file as required.
#
#
# This directive is mandatory; it defines the architecture to be
# configured for; in this case, the 386 family based IBM-PC and
# compatibles.
#
machine         i386
#
# This is the ``identification'' of the kernel.  Usually this should
# be the same as the name of your kernel.
#
ident           LINT
#
# The `maxusers' parameter controls the static sizing of a number of
# internal system tables by a formula defined in subr_param.c.  Setting
# maxusers to 0 will cause the system to auto-size based on physical
# memory.
#
maxusers        512
#
# The `makeoptions' parameter allows variables to be passed to the
# generated Makefile in the build area.
#
# CONF_CFLAGS gives some extra compiler flags that are added to ${CFLAGS}
# after most other flags.  Here we use it to inhibit use of non-optimal
# gcc builtin functions (e.g., memcmp).
#
# DEBUG happens to be magic.
# The following is equivalent to 'config -g KERNELNAME' and creates
# 'kernel.debug' compiled with -g debugging as well as a normal
# 'kernel'.  Use 'make install.debug' to install the debug kernel
# but that isn't normally necessary as the debug symbols are not loaded
# by the kernel and are not useful there anyway.
#
# KERNEL can be overridden so that you can change the default name of your
# kernel.
#
# MODULES_OVERRIDE can be used to limit modules built to a specific list.
#
makeoptions     CONF_CFLAGS=-fno-builtin  #Don't allow use of memcmp, etc.
#makeoptions    DEBUG=-g                #Build kernel with gdb(1) debug
symbols
#makeoptions    KERNEL=foo              #Build kernel "foo" and
install "/foo"
# Only build Linux API modules and plus those parts of the sound system I
need.
#makeop######################################
# COMPATIBILITY OPTIONS
#
# Implement system calls compatible with 4.3BSD and older versions of
# FreeBSD.  You probably do NOT want to remove this as much current code
# still relies on the 4.3 emulation.
#
options         COMPAT_43
#
# Allow applications running in user space to control the Local Descriptor
# Table (LDT).  This is required by some ports.  Future versions of FreeBSD
# may require this option for some programs in the base system.
#
options         USER_LDT                #allow user-level control of i386
ldt
#
# These three options provide support for System V Interface
# Definition-style interprocess communication, in the form of shared
# memory, semaphores, and message queues, respectively.
#
# System V shared memory and tunable parameters
options         SYSVSHM         # include support for shared memory
options         SHMMAXPGS=4194304 # max amount of shared memory pages (4k
on i38
6)
options         SHMALL=67108864 # max amount of shared memory (bytes)
#options        SHMMAX="(SHMMAXPGS*PAGE_SIZE+1)"
                                # max shared memory segment size (bytes)
options         SHMMAX=536870912
options         SHMMIN=2        # min shared memory segment size (bytes)
options         SHMMNI=33000       # max number of shared memory identifiers
options         SHMSEG=9000        # max shared memory segments per process
# System V semaphores and tunable parameters
options         SYSVSEM         # include support for semaphores
options         SEMMAP=31       # amount of entries in semaphore map
options         SEMMNI=11       # number of semaphore identifiers in the
system
options         SEMMNS=61       # number of semaphores in the system
options         SEMMNU=31       # number of undo structures in the system
options         SEMMSL=61000    # max number of semaphores per id
options         SEMOPM=101000   # max number of operations per semop call
options         SEMUME=11000    # max number of undo entries per process
# System V message queues and tunable parameters
options         SYSVMSG         # include support for message queues
options         MSGMNB=4294967296 # max characters per message queue
options         MSGMNI=40000       # max number of message queue identifiers
options         MSGSEG=134217728 # max number of message segments in the
system
options         MSGSSZ=64       # size of a message segment MUST be power
of 2
options         MSGTQL=134217728 # max amount of messages in the system

#####################################################################
# DEBUGGING OPTIONS
#
# Enable the kernel debugger.
#
options         DDB
#
# Don't drop into DDB for a panic. Intended for unattended operation
# where you may want to drop to DDB from the console, but still want
# the machine to recover from a panic
#
options         DDB_UNATTENDED
#
# If using GDB remote mode to debug the kernel, there's a non-standard
# extension to the remote protocol that can be used to use the serial
# port as both the debugging port and the system console.  It's non-
# standard and you're on your own if you enable it.  See also the
# "remotechat" variables in the FreeBSD specific version of gdb.
#
options         GDB_REMOTE_CHAT
#
# KTRACE enables the system-call tracing facility ktrace(2).
#
options         KTRACE                  #kernel tracing
#
# The INVARIANTS option is used in a number of source files to enable
# extra sanity checking of internal structures.  This support is not
# enabled by default because of the extra time it would take to check
# for these conditions, which can only occur as a result of
# programming errors.
#
options         INVARIANTS
#
# The INVARIANT_SUPPORT option makes us compile in support for
# verifying some of the internal structures.  It is a prerequisite for
# 'INVARIANTS', as enabling 'INVARIANTS' will make these functions be
# called.  The intent is that you can set 'INVARIANTS' for single
# source files (by changing the source file or specifying it on the
# command line) if you have 'INVARIANT_SUPPORT' enabled.
#
options         INVARIANT_SUPPORT
#
# The DIAGNOSTIC option is used to enable extra debugging information
# from some parts of the kernel.  As this makes everything more noisy,
# it is disabled by default.
#
options         DIAGNOSTIC
#
# PERFMON causes the driver for Pentium/Pentium Pro performance counters
# to be compiled.  See perfmon(4) for more information.
#
options         PERFMON
#
# This option let some drivers co-exist that can't co-exist in a running
# system.  This is used to be able to compile all kernel code in one go for
# quality assurance purposes (like this file, which the option takes it name
# from.)
#
options         COMPILING_LINT
# XXX - this doesn't belong here.
# Allow ordinary users to take the console - this is useful for X.
options         UCONSOLE
# XXX - this doesn't belong here either
options         USERCONFIG              #boot -c editor
options         INTRO_USERCONFIG        #imply -c and show intro screen
options         VISUAL_USERCONFIG       #visual boot -c editor

#####################################################################
# NETWORKING OPTIONS
#
# Protocol families:
#  Only the INET (Internet) family is officially supported in FreeBSD.
#  Source code for the NS (Xerox Network Service) is provided for amusement
#  value.
#
options         INET                    #Internet communications protocols
options         INET6                   #IPv6 communications protocols
options         IPSEC                   #IP security
options         IPSEC_ESP               #IP security (crypto; define w/
IPSEC)
options         IPSEC_DEBUG             #debug for IP security
options         IPX                     #IPX/SPX communications protocols
options         IPXIP                   #IPX in IP encapsulation (not
available)
options         IPTUNNEL                #IP in IPX encapsulation (not
available)
options         NCP                     #NetWare Core protocol
options         NETATALK                #Appletalk communications protocols
# These are currently broken but are shipped due to interest.
#options        NS                      #Xerox NS protocols
#options        NSIP                    #XNS over IP
#
# SMB/CIFS requester
# NETSMB enables support for SMB protocol, it requires LIBMCHAIN and
LIBICONV
# options.
# NETSMBCRYPTO enables support for encrypted passwords.
options         NETSMB                  #SMB/CIFS requester
options         NETSMBCRYPTO            #encrypted password support for SMB
# mchain library. It can be either loaded as KLD or compiled into kernel
options         LIBMCHAIN               #mbuf management library
# netgraph(4). Enable the base netgraph code with the NETGRAPH option.
# Individual node types can be enabled with the corresponding option
# listed below; however, this is not strictly necessary as netgraph
# will automatically load the corresponding KLD module if the node type
# is not already compiled into the kernel. Each type below has a
# corresponding man page, e.g., ng_async(8).
options         NETGRAPH                #netgraph(4) system
options         NETGRAPH_ASYNC
options         NETGRAPH_BPF
options         NETGRAPH_CISCO
options         NETGRAPH_ECHO
options         NETGRAPH_ETHER
options         NETGRAPH_FRAME_RELAY
options         NETGRAPH_HOLE
options         NETGRAPH_IFACE
options         NETGRAPH_KSOCKET
options         NETGRAPH_LMI
# MPPC compression requires proprietary files (not included)
#options        NETGRAPH_MPPC_COMPRESSION
options         NETGRAPH_MPPC_ENCRYPTION
options         NETGRAPH_ONE2MANY
options         NETGRAPH_PPP
options         NETGRAPH_PPPOE
options         NETGRAPH_PPTPGRE
options         NETGRAPH_RFC1490
options         NETGRAPH_SOCKET
options         NETGRAPH_TEE
options         NETGRAPH_TTY
options         NETGRAPH_UI
options         NETGRAPH_VJC
#options                GRE
#OPTION         GRE
device          mn      # Munich32x/Falc54 Nx64kbit/sec cards.
#
# Network interfaces:
#  The `loop' pseudo-device is MANDATORY when networking is enabled.
#  The `ether' pseudo-device provides generic code to handle
#  Ethernets; it is MANDATORY when a Ethernet device driver is
#  configured or token-ring is enabled.
#  The 'fddi' pseudo-device provides generic code to support FDDI.
#  The `sppp' pseudo-device serves a similar role for certain types
#  of synchronous PPP links (like `cx', `ar').
#  The `sl' pseudo-device implements the Serial Line IP (SLIP) service.
#  The `ppp' pseudo-device implements the Point-to-Point Protocol.
#  The `bpf' pseudo-device enables the Berkeley Packet Filter.  Be
#  aware of the legal and administrative consequences of enabling this
#  option.  The number of devices determines the maximum number of
#  simultaneous BPF clients programs runnable.
#  The `disc' pseudo-device implements a minimal network interface,
#  which throws away all packets sent and never receives any.  It is
#  included for testing purposes.  This shows up as the 'ds' interface.
#  The `tun' pseudo-device implements (user-)ppp and nos-tun
#  The `gif' pseudo-device implements IPv6 over IP4 tunneling,
#  IPv4 over IPv6 tunneling, IPv4 over IPv4 tunneling and
#  IPv6 over IPv6 tunneling.
#  The `faith' pseudo-device captures packets sent to it and diverts them
#  to the IPv4/IPv6 translation daemon.
#  The `stf' device implements 6to4 encapsulation.
#  The `ef' pseudo-device provides support for multiple ethernet frame types
#  specified via ETHER_* options. See ef(4) for details.
#
# The PPP_BSDCOMP option enables support for compress(1) style entire
# packet compression, the PPP_DEFLATE is for zlib/gzip style compression.
# PPP_FILTER enables code for filtering the ppp data stream and selecting
# events for resetting the demand dial activity timer - requires bpf.
# See pppd(8) for more details.
#
pseudo-device   ether                   #Generic Ethernet
pseudo-device   vlan    1               #VLAN support
pseudo-device   token                   #Generic TokenRing
pseudo-device   fddi                    #Generic FDDI
pseudo-device   sppp                    #Generic Synchronous PPP
pseudo-device   loop                    #Network loopback device
pseudo-device   bpf                     #Berkeley packet filter
pseudo-device   disc                    #Discard device (ds0, ds1, etc)
pseudo-device   tun                     #Tunnel driver (ppp(8), nos-tun(8))
pseudo-device   sl      2               #Serial Line IP
pseudo-device   ppp     2               #Point-to-point protocol
options         PPP_BSDCOMP             #PPP BSD-compress support
options         PPP_DEFLATE             #PPP zlib/deflate/gzip support
options         PPP_FILTER              #enable bpf filtering (needs bpf)
pseudo-device   ef                      # Multiple ethernet frames support
options         ETHER_II                # enable Ethernet_II frame
options         ETHER_8023              # enable Ethernet_802.3 (Novell)
frame
options         ETHER_8022              # enable Ethernet_802.2 frame
options         ETHER_SNAP              # enable Ethernet_802.2/SNAP frame
# for IPv6
pseudo-device   gif                     #IPv6 and IPv4 tunneling
pseudo-device   faith   1               #for IPv6 and IPv4 translation
pseudo-device   stf                     #6to4 IPv6 over IPv4 encapsulation
#
# Internet family options:
#
# MROUTING enables the kernel multicast packet forwarder, which works
# with mrouted(8).
#
# IPFIREWALL enables support for IP firewall construction, in
# conjunction with the `ipfw' program.  IPFIREWALL_VERBOSE sends
# logged packets to the system logger.  IPFIREWALL_VERBOSE_LIMIT
# limits the number of times a matching entry can be logged.
#
# WARNING:  IPFIREWALL defaults to a policy of "deny ip from any to any"
# and if you do not add other rules during startup to allow access,
# YOU WILL LOCK YOURSELF OUT.  It is suggested that you set
firewall_type=open
# in /etc/rc.conf when first enabling this feature, then refining the
# firewall rules in /etc/rc.firewall after you've tested that the new kernel
# feature works properly.
#
# IPFIREWALL_DEFAULT_TO_ACCEPT causes the default rule (at boot) to
# allow everything.  Use with care, if a cracker can crash your
# firewall machine, they can get to your protected machines.  However,
# if you are using it as an as-needed filter for specific problems as
# they arise, then this may be for you.  Changing the default to 'allow'
# means that you won't get stuck if the kernel and /sbin/ipfw binary get
# out of sync.
#
# IPDIVERT enables the divert IP sockets, used by ``ipfw divert''
#
# IPSTEALTH enables code to support stealth forwarding (i.e., forwarding
# packets without touching the ttl).  This can be useful to hide firewalls
# from traceroute and similar tools.
#
# TCPDEBUG is undocumented.
#
options         MROUTING                # Multicast routing
options         IPFIREWALL              #firewall
options         IPFIREWALL_VERBOSE      #enable logging to syslogd(8)
options         IPFIREWALL_FORWARD      #enable transparent proxy support
options         IPFIREWALL_VERBOSE_LIMIT=100    #limit verbosity
options         IPFIREWALL_DEFAULT_TO_ACCEPT    #allow everything by default
options         IPV6FIREWALL            #firewall for IPv6
options         IPV6FIREWALL_VERBOSE
options         IPV6FIREWALL_VERBOSE_LIMIT=100
options         IPV6FIREWALL_DEFAULT_TO_ACCEPT
options         IPDIVERT                #divert sockets
options         IPFILTER                #ipfilter support
options         IPFILTER_LOG            #ipfilter logging
options         IPFILTER_DEFAULT_BLOCK  #block all packets by default
options         IPSTEALTH               #support for stealth forwarding
options         TCPDEBUG
# RANDOM_IP_ID causes the ID field in IP packets to be randomized
# instead of incremented by 1 with each packet generated.  This
# option closes a minor information leak which allows remote
# observers to determine the rate of packet generation on the
# machine by watching the counter.
options         RANDOM_IP_ID
# Statically Link in accept filters
options                ACCEPT_FILTER_DATA
options                ACCEPT_FILTER_HTTP
#
# TCP_DROP_SYNFIN adds support for ignoring TCP packets with SYN+FIN. This
# prevents nmap et al. from identifying the TCP/IP stack, but breaks support
# for RFC1644 extensions and is not recommended for web servers.
#
options         TCP_DROP_SYNFIN         #drop TCP packets with SYN+FIN
# ICMP_BANDLIM enables icmp error response bandwidth limiting.   You
# typically want this option as it will help protect the machine from
# D.O.S. packet attacks.
#
options         ICMP_BANDLIM
# DUMMYNET enables the "dummynet" bandwidth limiter. You need
# IPFIREWALL as well. See the dummynet(4) manpage for more info.
# BRIDGE enables bridging between ethernet cards -- see bridge(4).
# You can use IPFIREWALL and dummynet together with bridging.
options         DUMMYNET
options         BRIDGE
#
# ATM (HARP version) options
#
# ATM_CORE includes the base ATM functionality code.  This must be included
#       for ATM support.
#
# ATM_IP includes support for running IP over ATM.
#
# At least one (and usually only one) of the following signalling managers
# must be included (note that all signalling managers include PVC support):
# ATM_SIGPVC includes support for the PVC-only signalling manager `sigpvc'.
# ATM_SPANS includes support for the `spans' signalling manager, which runs
#       the FORE Systems's proprietary SPANS signalling protocol.
# ATM_UNI includes support for the `uni30' and `uni31' signalling managers,
#       which run the ATM Forum UNI 3.x signalling protocols.
#
# The `hea' driver provides support for the Efficient Networks, Inc.
# ENI-155p ATM PCI Adapter.
#
# The `hfa' driver provides support for the FORE Systems, Inc.
# PCA-200E ATM PCI Adapter.
#
options         ATM_CORE                #core ATM protocol family
options         ATM_IP                  #IP over ATM support
options         ATM_SIGPVC              #SIGPVC signalling manager
options         ATM_SPANS               #SPANS signalling manager
options         ATM_UNI                 #UNI signalling manager
device          hea                     #Efficient ENI-155p ATM PCI
device          hfa                     #FORE PCA-200E ATM PCI

#####################################################################
# FILESYSTEM OPTIONS
#
# Only the root, /usr, and /tmp filesystems need be statically
# compiled; everything else will be automatically loaded at mount
# time.  (Exception: the UFS family---FFS, and MFS --- cannot
# currently be demand-loaded.)  Some people still prefer to statically
# compile other filesystems as well.
#
# NB: The NULL, PORTAL, UMAP and UNION filesystems are known to be
# buggy, and WILL panic your system if you attempt to do anything with
# them.  They are included here as an incentive for some enterprising
# soul to sit down and fix them.
#
# One of these is mandatory:
options         FFS                     #Fast filesystem
options         MFS                     #Memory File System
options         NFS                     #Network File System
# The rest are optional:
#options        NFS_NOSERVER            #Disable the NFS-server code.
options         CD9660                  #ISO 9660 filesystem
options         FDESC                   #File descriptor filesystem
options         KERNFS                  #Kernel filesystem
options         MSDOSFS                 #MS DOS File System
options         NTFS                    #NT File System
options         NULLFS                  #NULL filesystem
options         NWFS                    #NetWare filesystem
options         PORTAL                  #Portal filesystem
options         PROCFS                  #Process filesystem
options         SMBFS                   #SMB/CIFS filesystem
options         UMAPFS                  #UID map filesystem
options         UNION                   #Union filesystem
# The xFS_ROOT options REQUIRE the associated ``options xFS''
options         CD9660_ROOT             #CD-ROM usable as root device
options         FFS_ROOT                #FFS usable as root device
options         NFS_ROOT                #NFS usable as root device
# Soft updates is technique for improving file system speed and
# making abrupt shutdown less risky.
options         SOFTUPDATES
# Directory hashing improves the speed of operations on very large
# directories at the expense of some memory.
options         UFS_DIRHASH
# Make space in the kernel for a root filesystem on a md device.
# Define to the number of kilobytes to reserve for the filesystem.
options         MD_ROOT_SIZE=10
# Make the md device a potential root device, either with preloaded
# images of type mfs_root or md_root.
options         MD_ROOT
# Specify double the default maximum size for malloc(9)-backed md devices.
options         MD_NSECT=40000
# Allow this many swap-devices.
#
# In order to manage swap, the system must reserve bitmap space that
# scales with the largest mounted swap device multiplied by NSWAPDEV,
# irregardless of whether other swap devices exist or not.  So it
# is not a good idea to make this value too large.
options         NSWAPDEV=5
# Disk quotas are supported when this option is enabled.
options         QUOTA                   #enable disk quotas
# If you are running a machine just as a fileserver for PC and MAC
# users, using SAMBA or Netatalk, you may consider setting this option
# and keeping all those users' directories on a filesystem that is
# mounted with the suiddir option. This gives new files the same
# ownership as the directory (similar to group). It's a security hole
# if you let these users run programs, so confine it to file-servers
# (but it'll save you lots of headaches in those cases). Root owned
# directories are exempt and X bits are cleared. The suid bit must be
# set on the directory as well; see chmod(1) PC owners can't see/set
# ownerships so they keep getting their toes trodden on. This saves
# you all the support calls as the filesystem it's used on will act as
# they expect: "It's my dir so it must be my file".
#
options         SUIDDIR
# NFS options:
options         NFS_MINATTRTIMO=3       # VREG attrib cache timeout in sec
options         NFS_MAXATTRTIMO=60
options         NFS_MINDIRATTRTIMO=30   # VDIR attrib cache timeout in sec
options         NFS_MAXDIRATTRTIMO=60
options         NFS_GATHERDELAY=10      # Default write gather delay (msec)
options         NFS_UIDHASHSIZ=29       # Tune the size of nfssvc_sock with
this
options         NFS_WDELAYHASHSIZ=16    # and with this
options         NFS_MUIDHASHSIZ=63      # Tune the size of nfsmount with
this
options         NFS_DEBUG               # Enable NFS Debugging
# Coda stuff:
options         CODA                    #CODA filesystem.
pseudo-device   vcoda   4               #coda minicache <-> venus comm.
#
# Add support for the EXT2FS filesystem of Linux fame.  Be a bit
# careful with this - the ext2fs code has a tendency to lag behind
# changes and not be exercised very much, so mounting read/write could
# be dangerous (and even mounting read only could result in panics.)
#
options         EXT2FS
# Use real implementations of the aio_* system calls.  There are numerous
# stability and security issues in the current aio code that make it
# unsuitable for inclusion on machines with untrusted local users.
options         VFS_AIO

#####################################################################
# POSIX P1003.1B
# Real time extensions added in the 1993 Posix
# P1003_1B: Infrastructure
# _KPOSIX_PRIORITY_SCHEDULING: Build in _POSIX_PRIORITY_SCHEDULING
# _KPOSIX_VERSION:             Version kernel is built for
options         P1003_1B
options         _KPOSIX_PRIORITY_SCHEDULING
options         _KPOSIX_VERSION=199309L

#####################################################################
# CLOCK OPTIONS
# The granularity of operation is controlled by the kernel option HZ whose
# default value (100) means a granularity of 10ms.  For an accurate
simulation
# of high data rates it might be necessary to reduce the timer granularity
to
# 1ms or less.  Consider, however, that some interfaces using programmed I/O
# may require a considerable time to output packets.  So, reducing the
# granularity too much might actually cause ticks to be missed thus reducing
# the accuracy of operation.
options         HZ=100
# Other clock options
options         CLK_CALIBRATION_LOOP
options         CLK_USE_I8254_CALIBRATION
options         CLK_USE_TSC_CALIBRATION

#####################################################################
# SCSI DEVICES
# SCSI DEVICE CONFIGURATION
# The SCSI subsystem consists of the `base' SCSI code, a number of
# high-level SCSI device `type' drivers, and the low-level host-adapter
# device drivers.  The host adapters are listed in the ISA and PCI
# device configuration sections below.
#
# Beginning with FreeBSD 2.0.5 you can wire down your SCSI devices so
# that a given bus, target, and LUN always come on line as the same
# device unit.  In earlier versions the unit numbers were assigned
# in the order that the devices were probed on the SCSI bus.  This
# means that if you removed a disk drive, you may have had to rewrite
# your /etc/fstab file, and also that you had to be careful when adding
# a new disk as it may have been probed earlier and moved your device
# configuration around.
# This old behavior is maintained as the default behavior.  The unit
# assignment begins with the first non-wired down unit for a device
# type.  For example, if you wire a disk as "da3" then the first
# non-wired disk will be assigned da4.
# The syntax for wiring down devices is:
# device        scbus0 at ahc0          # Single bus device
# device        scbus1 at ahc1 bus 0    # Single bus device
# device        scbus3 at ahc2 bus 0    # Twin bus device
# device        scbus2 at ahc2 bus 1    # Twin bus device
# device        da0 at scbus0 target 0 unit 0
# device        da1 at scbus3 target 1
# device        da2 at scbus2 target 3
# device        sa1 at scbus1 target 6
# device        cd
# "units" (SCSI logical unit number) that are not specified are
# treated as if specified as LUN 0.
# All SCSI devices allocate as many units as are required.
# The "unknown" device (uk? in pre-2.0.5) is now part of the base SCSI
# configuration and doesn't have to be explicitly configured.
device          scbus                   #base SCSI code
device          ch                      #SCSI media changers
device          da                      #SCSI direct access devices (aka
disks)
device          sa                      #SCSI tapes
device          cd                      #SCSI CD-ROMs
device          pass                    #CAM passthrough driver
device          pt                      #SCSI processor type
device          ses                     #SCSI SES/SAF-TE driver
# CAM OPTIONS:
# debugging options:
# -- NOTE --  If you specify one of the bus/target/lun options, you must
#             specify them all!
# CAMDEBUG: When defined enables debugging macros
# CAM_DEBUG_BUS:  Debug the given bus.  Use -1 to debug all busses.
# CAM_DEBUG_TARGET:  Debug the given target.  Use -1 to debug all targets.
# CAM_DEBUG_LUN:  Debug the given lun.  Use -1 to debug all luns.
# CAM_DEBUG_FLAGS:  OR together CAM_DEBUG_INFO, CAM_DEBUG_TRACE,
#                   CAM_DEBUG_SUBTRACE, and CAM_DEBUG_CDB
#
# CAM_MAX_HIGHPOWER: Maximum number of concurrent high power (start unit)
cmds
# SCSI_NO_SENSE_STRINGS: When defined disables sense descriptions
# SCSI_NO_OP_STRINGS: When defined disables opcode descriptions
# SCSI_DELAY: The number of MILLISECONDS to freeze the SIM (scsi adapter)
#             queue after a bus reset, and the number of milliseconds to
#             freeze the device queue after a bus device reset.
options         CAMDEBUG
options         CAM_DEBUG_BUS=-1
options         CAM_DEBUG_TARGET=-1
options         CAM_DEBUG_LUN=-1
options
CAM_DEBUG_FLAGS="CAM_DEBUG_INFO|CAM_DEBUG_TRACE|CAM_DEBUG_CDB"
options         CAM_MAX_HIGHPOWER=4
options         SCSI_NO_SENSE_STRINGS
options         SCSI_NO_OP_STRINGS
options         SCSI_DELAY=8000 # Be pessimistic about Joe SCSI device
# Options for the CAM CDROM driver:
# CHANGER_MIN_BUSY_SECONDS: Guaranteed minimum time quantum for a changer
LUN
# CHANGER_MAX_BUSY_SECONDS: Maximum time quantum per changer LUN, only
#                           enforced if there is I/O waiting for another LUN
# The compiled in defaults for these variables are 2 and 10 seconds,
# respectively.
#
# These can also be changed on the fly with the following sysctl variables:
# kern.cam.cd.changer.min_busy_seconds
# kern.cam.cd.changer.max_busy_seconds
#
options         CHANGER_MIN_BUSY_SECONDS=2
options         CHANGER_MAX_BUSY_SECONDS=10
# Options for the CAM sequential access driver:
# SA_IO_TIMEOUT: Timeout for read/write/wfm  operations, in minutes
# SA_SPACE_TIMEOUT: Timeout for space operations, in minutes
# SA_REWIND_TIMEOUT: Timeout for rewind operations, in minutes
# SA_ERASE_TIMEOUT: Timeout for erase operations, in minutes
# SA_1FM_AT_EOD: Default to model which only has a default one filemark at
EOT.
options         SA_IO_TIMEOUT="(4)"
options         SA_SPACE_TIMEOUT="(60)"
options         SA_REWIND_TIMEOUT="(2*60)"
options         SA_ERASE_TIMEOUT="(4*60)"
options         SA_1FM_AT_EOD
# Optional timeout for the CAM processor target (pt) device
# This is specified in seconds.  The default is 60 seconds.
options         SCSI_PT_DEFAULT_TIMEOUT="60"
# Optional enable of doing SES passthrough on other devices (e.g., disks)
#
# Normally disabled because a lot of newer SCSI disks report themselves
# as having SES capabilities, but this can then clot up attempts to build
# build a topology with the SES device that's on the box these drives
# are in....
options         SES_ENABLE_PASSTHROUGH

#####################################################################
# MISCELLANEOUS DEVICES AND OPTIONS
# The `pty' device usually turns out to be ``effectively mandatory'',
# as it is required for `telnetd', `rlogind', `screen', `emacs', and
# `xterm', among others.
pseudo-device   pty             #Pseudo ttys
pseudo-device   speaker         #Play IBM BASIC-style noises out your
speaker
pseudo-device   gzip            #Exec gzipped a.out's
pseudo-device   vn              #Vnode driver (turns a file into a device)
pseudo-device   md              #Memory/malloc disk
pseudo-device   snp     3       #Snoop device - to look at pty/vty/etc..
pseudo-device   ccd     4       #Concatenated disk driver
# Configuring Vinum into the kernel is not necessary, since the kld
# module gets started automatically when vinum(8) starts.  This
# device is also untested.  Use at your own risk.
#
# The option VINUMDEBUG must match the value set in CFLAGS
# in src/sbin/vinum/Makefile.  Failure to do so will result in
# the following message from vinum(8):
#
# Can't get vinum config: Invalid argument
#
# see vinum(4) for more reasons not to use these options.
pseudo-device   vinum           #Vinum concat/mirror/raid driver
options         VINUMDEBUG      #enable Vinum debugging hooks
# Kernel side iconv library
options         LIBICONV
# Size of the kernel message buffer.  Should be N * pagesize.
options         MSGBUF_SIZE=40960

#####################################################################
# HARDWARE DEVICE CONFIGURATION
# ISA and EISA devices:
# EISA support is available for some device, so they can be auto-probed.
# MicroChannel (MCA) support is available for some devices.
#
# Mandatory ISA devices: isa, npx
#
device          isa
#
# Options for `isa':
#
# AUTO_EOI_1 enables the `automatic EOI' feature for the master 8259A
# interrupt controller.  This saves about 0.7-1.25 usec for each interrupt.
# This option breaks suspend/resume on some portables.
#
# AUTO_EOI_2 enables the `automatic EOI' feature for the slave 8259A
# interrupt controller.  This saves about 0.7-1.25 usec for each interrupt.
# Automatic EOI is documented not to work for for the slave with the
# original i8259A, but it works for some clones and some integrated
# versions.
#
# MAXMEM specifies the amount of RAM on the machine; if this is not
# specified, FreeBSD will first read the amount of memory from the CMOS
# RAM, so the amount of memory will initially be limited to 64MB or 16MB
# depending on the BIOS.  If the BIOS reports 64MB, a memory probe will
# then attempt to detect the installed amount of RAM.  If this probe
# fails to detect >64MB RAM you will have to use the MAXMEM option.
# The amount is in kilobytes, so for a machine with 128MB of RAM, it would
# be 131072 (128 * 1024).
#
# BROKEN_KEYBOARD_RESET disables the use of the keyboard controller to
# reset the CPU for reboot.  This is needed on some systems with broken
# keyboard controllers.
#
# PAS_JOYSTICK_ENABLE enables the gameport on the ProAudio Spectrum
options         AUTO_EOI_1
#options        AUTO_EOI_2
options         MAXMEM="(128*1024)"
#options        BROKEN_KEYBOARD_RESET
#options        PAS_JOYSTICK_ENABLE
# Enable support for the kernel PLL to use an external PPS signal,
# under supervision of [x]ntpd(8)
# More info in ntpd documentation: http://www.eecis.udel.edu/~ntp
options         PPS_SYNC
# If you see the "calcru: negative time of %ld usec for pid %d (%s)\n"
# message you probably have some broken sw/hw which disables interrupts
# for too long.  You can make the system more resistant to this by
# choosing a high value for NTIMECOUNTER.  The default is 5, there
# is no upper limit but more than a couple of hundred are not productive.
# A better strategy may be to sysctl -w kern.timecounter.method=1
options         NTIMECOUNTER=20
# The keyboard controller; it controls the keyboard and the PS/2 mouse.
device          atkbdc0 at isa? port IO_KBD
# The AT keyboard
device          atkbd0  at atkbdc? irq 1
# Options for atkbd:
options         ATKBD_DFLT_KEYMAP       # specify the built-in keymap
makeoptions     ATKBD_DFLT_KEYMAP="jp.106"
# These options are valid for other keyboard drivers as well.
options         KBD_DISABLE_KEYMAP_LOAD # refuse to load a keymap
options         KBD_INSTALL_CDEV        # install a CDEV entry in /dev
# `flags' for atkbd:
#       0x01    Force detection of keyboard, else we always assume a
keyboard
#       0x02    Don't reset keyboard, useful for some newer ThinkPads
#       0x03    Force detection and avoid reset, might help with certain
#               dockingstations
#       0x04    Old-style (XT) keyboard support, useful for older ThinkPads
# PS/2 mouse
device          psm0    at atkbdc? irq 12
# Options for psm:
options         PSM_HOOKRESUME          #hook the system resume event,
useful
                                        #for some laptops
options         PSM_RESETAFTERSUSPEND   #reset the device at the resume
event
# The video card driver.
device          vga0    at isa?
# Options for vga:
# Try the following option if the mouse pointer is not drawn correctly
# or font does not seem to be loaded properly.  May cause flicker on
# some systems.
options         VGA_ALT_SEQACCESS
# If you can dispense with some vga driver features, you may want to
# use the following options to save some memory.
options         VGA_NO_FONT_LOADING     # don't save/load font
options         VGA_NO_MODE_CHANGE      # don't change video modes
# Older video cards may require this option for proper operation.
options         VGA_SLOW_IOACCESS       # do byte-wide i/o's to TS and GDC
regs
# The following option probably won't work with the LCD displays.
options         VGA_WIDTH90             # support 90 column modes
# To include support for VESA video modes
options         VESA
# Splash screen at start up!  Screen savers require this too.
pseudo-device   splash
# The pcvt console driver (vt220 compatible).
device          vt0     at isa?
options         XSERVER                 # support for running an X server
on vt
options         FAT_CURSOR              # start with block cursor
# This PCVT option is for keyboards such as those used on IBM ThinkPad
laptops
options         PCVT_SCANSET=2          # IBM keyboards are non-std
# Other PCVT options are documented in pcvt(4).
options         PCVT_24LINESDEF
options         PCVT_CTRL_ALT_DEL
options         PCVT_EMU_MOUSE
options         PCVT_FREEBSD=211
options         PCVT_META_ESC
options         PCVT_NSCREENS=9
options         PCVT_PRETTYSCRNS
options         PCVT_SCREENSAVER
options         PCVT_USEKBDSEC
options         PCVT_VT220KEYB
# The syscons console driver (sco color console compatible).
device          sc0     at isa?
options         MAXCONS=16              # number of virtual consoles
options         SC_ALT_MOUSE_IMAGE      # simplified mouse cursor in text
mode
options         SC_DFLT_FONT            # compile font in
makeoptions     SC_DFLT_FONT=cp850
options         SC_DISABLE_DDBKEY       # disable `debug' key
options         SC_DISABLE_REBOOT       # disable reboot key sequence
options         SC_HISTORY_SIZE=200     # number of history buffer lines
options         SC_MOUSE_CHAR=0x3       # char code for text mode mouse
cursor
options         SC_PIXEL_MODE           # add support for the raster text
mode
# The following options will let you change the default colors of syscons.
options         SC_NORM_ATTR="(FG_GREEN|BG_BLACK)"
options         SC_NORM_REV_ATTR="(FG_YELLOW|BG_GREEN)"
options         SC_KERNEL_CONS_ATTR="(FG_RED|BG_BLACK)"
options         SC_KERNEL_CONS_REV_ATTR="(FG_BLACK|BG_RED)"
# If you have a two button mouse, you may want to add the following option
# to use the right button of the mouse to paste text.
options         SC_TWOBUTTON_MOUSE
# You can selectively disable features in syscons.
options         SC_NO_CUTPASTE
options         SC_NO_FONT_LOADING
options         SC_NO_HISTORY
options         SC_NO_SYSMOUSE
#
# The Numeric Processing eXtension driver.  In addition to this, you
# may configure a math emulator (see above).  If your machine has a
# hardware FPU and the kernel configuration includes the npx device
# *and* a math emulator compiled into the kernel, the hardware FPU
# will be used, unless it is found to be broken or unless "flags" to
# npx0 includes "0x08", which requests preference for the emulator.
device          npx0    at nexus? port IO_NPX flags 0x0 irq 13
#
# `flags' for npx0:
#       0x01    don't use the npx registers to optimize bcopy.
#       0x02    don't use the npx registers to optimize bzero.
#       0x04    don't use the npx registers to optimize copyin or copyout.
#       0x08    use emulator even if hardware FPU is available.
# The npx registers are normally used to optimize copying and zeroing when
# all of the following conditions are satisfied:
#       I586_CPU is an option
#       the cpu is an i586 (perhaps not a Pentium)
#       the probe for npx0 succeeds
#       INT 16 exception handling works.
# Then copying and zeroing using the npx registers is normally 30-100%
faster.
# The flags can be used to control cases where it doesn't work or is slower.
# Setting them at boot time using userconfig works right (the optimizations
# are not used until later in the bootstrap when npx0 is attached).
# Flag 0x08 automatically disables the i586 optimized routines.
#
#
# Optional ISA and EISA devices:
#
#
# SCSI host adapters: `aha', `aic', `bt'
#
# adv: All Narrow SCSI bus AdvanSys controllers.
# adw: Second Generation AdvanSys controllers including the ADV940UW.
# aha: Adaptec 154x
# ahc: Adaptec 274x/284x/294x
# aic: Adaptec 152x
# bt: Most Buslogic controllers
# ncv: NCR 53C500 based SCSI host adapters.
# nsp: Workbit Ninja SCSI-3 based PC Card SCSI host adapters.
# stg: TMC 18C30, 18C50 based ISA/PC Card SCSI host adapters.
#
# Note that the order is important in order for Buslogic cards to be
# probed correctly.
#
device          bt0     at isa? port IO_BT0
device          adv0    at isa?
device          adw
device          aha0    at isa?
device          aic0    at isa?
device          ncv
device          nsp
device          stg0    at isa? port 0x140 irq 11
#
# Adaptec FSA RAID controllers, including integrated DELL controller,
# the Dell PERC 2/QC and the HP NetRAID-4M
#
# AAC_COMPAT_LINUX      Include code to support Linux-binary management
#                       utilities (requires Linux compatibility
#                       support).
#
device          aac
#
# Compaq Smart RAID, Mylex DAC960 and AMI MegaRAID controllers.  Only
# one entry is needed; the code will find and configure all supported
# controllers.
#
device          ida             # Compaq Smart RAID
device          mlx             # Mylex DAC960
device          amr             # AMI MegaRAID
#
# 3ware ATA RAID
#
device          twe             # 3ware ATA RAID
#
# The 'ATA' driver supports all ATA and ATAPI devices.
# It can reuse the majors of wd.c for booting purposes.
# You only need one "device ata" for it to find all
# PCI ATA/ATAPI devices on modern machines.
device          ata
device          atadisk         # ATA disk drives
device          atapicd         # ATAPI CDROM drives
device          atapifd         # ATAPI floppy drives
device          atapist         # ATAPI tape drives
#The following options are valid on the ATA driver:
#
# ATA_STATIC_ID:        controller numbering is static (like the old driver)
#                       else the device numbers are dynamically allocated.
options         ATA_STATIC_ID
#
# For older non-PCI systems, these are the lines to use:
#device         ata0    at isa? port IO_WD1 irq 14
#device         ata1    at isa? port IO_WD2 irq 15
#
# ST-506, ESDI, and IDE hard disks: `wdc' and `wd'
#
# The flags fields are used to enable the multi-sector I/O and
# the 32BIT I/O modes.  The flags may be used in either the controller
# definition or in the individual disk definitions.  The controller
# definition is supported for the boot configuration stuff.
#
# Each drive has a 16 bit flags value defined:
#       The low 8 bits are the maximum value for the multi-sector I/O,
#       where 0xff defaults to the maximum that the drive can handle.
#       The high bit of the 16 bit flags (0x8000) allows probing for
#       32 bit transfers.  Bit 14 (0x4000) enables a hack to wake
#       up powered-down laptop drives.  Bit 13 (0x2000) allows
#       probing for PCI IDE DMA controllers, such as Intel's PIIX
#       south bridges. Bit 12 (0x1000) sets LBA mode instead of the
#       default CHS mode for accessing the drive. See the wd.4 man page.
#
# The flags field for the drives can be specified in the controller
# specification with the low 16 bits for drive 0, and the high 16 bits
# for drive 1.
# e.g.:
#device         wdc0    at isa? port IO_WD1 irq 14 flags 0x00ff8004
#
# specifies that drive 0 will be allowed to probe for 32 bit transfers and
# a maximum multi-sector transfer of 4 sectors, and drive 1 will not be
# allowed to probe for 32 bit transfers, but will allow multi-sector
# transfers up to the maximum that the drive supports.
#
# If you are using a PCI controller that is not running in compatibility
# mode (for example, it is a 2nd IDE PCI interface), then use config line(s)
# such as:
#
#device         wdc2    at isa? port 0 flags 0xa0ffa0ff
#device         wd4     at wdc2 drive 0
#device         wd5     at wdc2 drive 1
#
#device         wdc3    at isa? port 0 flags 0xa0ffa0ff
#device         wd6     at wdc3 drive 0
#device         wd7     at wdc3 drive 1
#
# Note that the above config would be useful for a Promise card, when used
# on a MB that already has a PIIX controller.  Note the bogus irq and port
# entries.  These are automatically filled in by the IDE/PCI support.
#
# This driver must be commented out because it is mutually exclusive with
# the ata(4) driver.
#
device          wdc0    at isa? port IO_WD1 irq 14
device          wd0     at wdc0 drive 0
device          wd1     at wdc0 drive 1
device          wdc1    at isa? port IO_WD2 irq 15
device          wd2     at wdc1 drive 0
device          wd3     at wdc1 drive 1
#
# This option allow you to override the default probe time for IDE
# devices, to get a faster probe.  Setting this below 10000 violate
# the IDE specs, but may still work for you (it will work for most
# people).
#
options         IDE_DELAY=8000  # Be optimistic about Joe IDE device
# IDE CD-ROM & CD-R/RW  driver - requires wdc controller
device          wcd
# IDE floppy driver - requires wdc controller
device          wfd
# IDE tape driver - requires wdc controller
device          wst
#
# Standard floppy disk controllers: `fdc' and `fd'
#
device          fdc0    at isa? port IO_FD1 irq 6 drq 2
#
# FDC_DEBUG enables floppy debugging.  Since the debug output is huge, you
# gotta turn it actually on by setting the variable fd_debug with DDB,
# however.
options         FDC_DEBUG
device          fd0     at fdc0 drive 0
device          fd1     at fdc0 drive 1
# M-systems DiskOnchip products see src/sys/contrib/dev/fla/README
device          fla0    at isa?
#
# Other standard PC hardware: `mse', `sio', etc.
#
# mse: Logitech and ATI InPort bus mouse ports
# sio: serial ports (see sio(4))
device          mse0    at isa? port 0x23c irq 5
device          sio0    at isa? port IO_COM1 flags 0x10 irq 4
#
# `flags' for serial drivers that support consoles (only for sio now):
#       0x10    enable console support for this unit.  The other console
flags
#               are ignored unless this is set.  Enabling console support
does
#               not make the unit the preferred console - boot with -h or
set
#               the 0x20 flag for that.  Currently, at most one unit can
have
#               console support; the first one (in config file order) with
#               this flag set is preferred.  Setting this flag for sio0
gives
#               the old behaviour.
#       0x20    force this unit to be the console (unless there is another
#               higher priority console).  This replaces the COMCONSOLE
option.
#       0x40    reserve this unit for low level console operations.  Do not
#               access the device in any normal way.
#       0x80    use this port for serial line gdb support in ddb.
#
# PnP `flags' (set via userconfig using pnp x flags y)
#       0x1     disable probing of this device.  Used to prevent your modem
#               from being attached as a PnP modem.
#
# Options for serial drivers that support consoles (only for sio now):
options         BREAK_TO_DEBUGGER       #a BREAK on a comconsole goes to
                                        #DDB, if available.
options         CONSPEED=115200         # speed for serial console
                                        # (default 9600)
# Solaris implements a new BREAK which is initiated by a character
# sequence CR ~ ^b which is similar to a familiar pattern used on
# Sun servers by the Remote Console.
options         ALT_BREAK_TO_DEBUGGER
# Options for sio:
options         COM_ESP                 #code for Hayes ESP
options         COM_MULTIPORT           #code for some cards with shared
IRQs
# Other flags for sio that aren't documented in the man page.
#       0x20000 enable hardware RTS/CTS and larger FIFOs.  Only works for
#               ST16650A-compatible UARTs.
#
# Network interfaces: `cx', `ed', `el', `ep', `ie', `is', `le', `lnc'
#
# ar: Arnet SYNC/570i hdlc sync 2/4 port V.35/X.21 serial driver (requires
sppp)
# cs: IBM Etherjet and other Crystal Semi CS89x0-based adapters
# cx: Cronyx/Sigma multiport sync/async (with Cisco or PPP framing)
# ed: Western Digital and SMC 80xx; Novell NE1000 and NE2000; 3Com 3C503
# el: 3Com 3C501 (slow!)
# ep: 3Com 3C509
# ex: Intel EtherExpress Pro/10 and other i82595-based adapters
# fe: Fujitsu MB86960A/MB86965A Ethernet
# ie: AT&T StarLAN 10 and EN100; 3Com 3C507; unknown NI5210; Intel
EtherExpress
# le: Digital Equipment EtherWorks 2 and EtherWorks 3 (DEPCA, DE100,
#     DE101, DE200, DE201, DE202, DE203, DE204, DE205, DE422)
# lnc: Lance/PCnet cards (Isolan, Novell NE2100, NE32-VL, AMD Am7990 &
Am79C960)
# rdp: RealTek RTL 8002-based pocket ethernet adapters
# sbni: Granch SBNI12-xx adapters
# sr: RISCom/N2 hdlc sync 1/2 port V.35/X.21 serial driver (requires sppp)
# wl: Lucent Wavelan (ISA card only).
# awi: IEEE 802.11b PRISM I cards.
# wi: Lucent WaveLAN/IEEE 802.11 PCMCIA adapters. Note: this supports both
#     the PCMCIA and ISA cards: the ISA card is really a PCMCIA to ISA
#     bridge with a PCMCIA adapter plugged into it.
# an: Aironet 4500/4800 802.11 wireless adapters. Supports the PCMCIA,
#     PCI and ISA varieties.
# xe: Xircom/Intel EtherExpress Pro100/16 PC Card ethernet controller.
# ray: Raytheon Raylink 802.11 wireless NICs, OEM as Webgear Aviator 2.4GHz
# oltr: Olicom ISA token-ring adapters OC-3115, OC-3117, OC-3118 and OC-3133
#       (no options needed)
#
device ar0 at isa? port 0x300 irq 10 iomem 0xd0000
device cs0 at isa? port 0x300
device cx0 at isa? port 0x240 irq 15 drq 7
device ed0 at isa? port 0x280 irq 5 iomem 0xd8000
device el0 at isa? port 0x300 irq 9
device ep
device ex
device fe0 at isa? port 0x300
device ie0 at isa? port 0x300 irq 5 iomem 0xd0000
device ie1 at isa? port 0x360 irq 7 iomem 0xd0000
device le0 at isa? port 0x300 irq 5 iomem 0xd0000
device lnc0 at isa? port 0x280 irq 10 drq 0
device rdp0 at isa? port 0x378 irq 7 flags 2
device sbni0 at isa? port 0x210 irq 5 flags 0xefdead
device sr0 at isa? port 0x300 irq 5 iomem 0xd0000
device sn0 at isa? port 0x300 irq 10
device awi
device wi
device an
options         WLCACHE         # enables the signal-strength cache
options         WLDEBUG         # enables verbose debugging output
device wl0 at isa? port 0x300
device xe
device ray
device oltr0 at isa?
#
# ATM related options
#
# The `en' device provides support for Efficient Networks (ENI)
# ENI-155 PCI midway cards, and the Adaptec 155Mbps PCI ATM cards (ANA-
59x0).
#
# atm pseudo-device provides generic atm functions and is required for
# atm devices.
# NATM enables the netnatm protocol family that can be used to
# bypass TCP/IP.
#
# the current driver supports only PVC operations (no atm-arp, no
multicast).
# for more details, please read the original documents at
# http://www.ccrc.wustl.edu/pub/chuck/tech/bsdatm/bsdatm.html
#
pseudo-device   atm
device          en
options         NATM                    #native ATM
#
# Audio drivers: `snd', `sb', `pas', `gus', `pca'
#
# snd: Voxware sound support code
# sb: SoundBlaster PCM - SoundBlaster, SB Pro, SB16, ProAudioSpectrum
# sbxvi: SoundBlaster 16
# sbmidi: SoundBlaster 16 MIDI interface
# pas: ProAudioSpectrum PCM and MIDI
# gus: Gravis Ultrasound - Ultrasound, Ultrasound 16, Ultrasound MAX
# gusxvi: Gravis Ultrasound 16-bit PCM  (do not use)
# mss: Microsoft Sound System
# css: Crystal Sound System (CSS 423x PnP)
# sscape: Ensoniq Soundscape MIDI interface
# sscape_mss: Ensoniq Soundscape PCM (requires sscape)
# opl: Yamaha OPL-2 and OPL-3 FM - SB, SB Pro, SB 16, ProAudioSpectrum
# uart: stand-alone 6850 UART for MIDI
# mpu: Roland MPU-401 stand-alone card
#
# Note: It has been reported that ISA DMA with the SoundBlaster will
# lock up the machine (PR docs/5358).  If this happens to you,
# turning off USWC write posting in your machine's BIOS may fix
# the problem.
#
# Beware!  The addresses specified below are also hard-coded in
# src/sys/i386/isa/sound/sound_config.h.  If you change the values here, you
# must also change the values in the include file.
#
# pcm: PCM audio through various sound cards.
#
# This has support for a large number of new audio cards, based on
# CS423x, OPTi931, Yamaha OPL-SAx, and also for SB16, GusPnP.
# For more information about this driver and supported cards,
# see the pcm.4 man page.
#
# The flags of the device tells the device a bit more info about the
# device that normally is obtained through the PnP interface.
#       bit  2..0   secondary DMA channel;
#       bit  4      set if the board uses two dma channels;
#       bit 15..8   board type, overrides autodetection; leave it
#                   zero if don't know what to put in (and you don't,
#                   since this is unsupported at the moment...).
#
# This driver will use the new PnP code if it's available.
#
# pca: PCM audio through your PC speaker
#
# If you have a GUS-MAX card and want to use the CS4231 codec on the
# card the drqs for the gus max must be 8 bit (1, 2, or 3).
#
# If you would like to use the full duplex option on the gus, then define
# flags to be the ``read dma channel''.
#
# options BROKEN_BUS_CLOCK      #PAS-16 isn't working and OPTI chipset
# options SYMPHONY_PAS          #PAS-16 isn't working and SYMPHONY chipset
# options EXCLUDE_SBPRO         #PAS-16
# options SBC_IRQ=5             #PAS-16. Must match irq on sb0 line.
# PAS16: The order of the pas0/sb0/opl0 is important since the
#       sb emulation is enabled in the pas-16 attach.
#
# To override the GUS defaults use:
# options GUS_DMA2
# options GUS_DMA
# options GUS_IRQ
#
# The src/sys/i386/isa/sound/sound.doc has more information.
# Controls all "VOXWARE" driver sound devices.  See Luigi's driver
# below for an alternate which may work better for some cards.
#
#device         snd
#device pas0    at isa? port 0x388 irq 10 drq 6
#device sb0     at isa? port 0x220 irq 5 drq 1
#device sbxvi0  at isa? drq 5
#device sbmidi0 at isa? port 0x330
#device awe0    at isa? port 0x620
#device gus0    at isa? port 0x220 irq 12 drq 1
##device gus0   at isa? port 0x220 irq 12 drq 1 flags 0x3
#device mss0    at isa? port 0x530 irq 10 drq 1
#device css0    at isa? port 0x534 irq 5 drq 1 flags 0x08
#device sscape0 at isa? port 0x330 irq 9 drq 0
#device trix0   at isa? port 0x330 irq 6 drq 0
#device sscape_mss0 at isa? port 0x534 irq 5 drq 1
#device opl0    at isa? port 0x388
#device mpu0    at isa? port 0x330 irq 6 drq 0
#device uart0   at isa? port 0x330 irq 5
# The newpcm driver (use INSTEAD of snd0 and all VOXWARE drivers!).
# Note that motherboard sound devices may require options PNPBIOS.
#
# Supported cards include:
# Creative SoundBlaster ISA PnP/non-PnP
# Supports ESS and Avance ISA chips as well.
# Gravis UltraSound ISA PnP/non-PnP
# Crystal Semiconductor CS461x/428x PCI
# Neomagic 256AV (ac97)
# Most of the more common ISA/PnP sb/mss/ess compatable cards.
# For non-pnp sound cards with no bridge drivers only:
device          pcm0 at isa? irq 10 drq 1 flags 0x0
#
# For PnP/PCI sound cards
device          pcm
# The bridge drivers for sound cards.  These can be seperately configured
# for providing services to the likes of new-midi (not in the tree yet).
# When used with 'device pcm' they also provide pcm sound services.
#
# sbc:  Creative SoundBlaster ISA PnP/non-PnP
#       Supports ESS and Avance ISA chips as well.
# gusc: Gravis UltraSound ISA PnP/non-PnP
# csa:  Crystal Semiconductor CS461x/428x PCI
# For non-PnP cards:
device          sbc0    at isa? port 0x220 irq 5 drq 1 flags 0x15
device          gusc0   at isa? port 0x220 irq 5 drq 1 flags 0x13
# Not controlled by `snd'
device          pca0 at isa? port IO_TIMER1
#
# Miscellaneous hardware:
#
# mcd: Mitsumi CD-ROM using proprietary (non-ATAPI) interface
# scd: Sony CD-ROM using proprietary (non-ATAPI) interface
# matcd: Matsushita/Panasonic CD-ROM using proprietary (non-ATAPI) interface
# wt: Wangtek and Archive QIC-02/QIC-36 tape drives
# ctx: Cortex-I frame grabber
# apm: Laptop Advanced Power Management (experimental)
# spigot: The Creative Labs Video Spigot video-acquisition board
# meteor: Matrox Meteor video capture board
# bktr: Brooktree bt848/848a/849a/878/879 video capture and TV Tuner board
# cy: Cyclades serial driver
# dgb: Digiboard PC/Xi and PC/Xe series driver (ALPHA QUALITY!)
# dgm: Digiboard PC/Xem driver
# gp:  National Instruments AT-GPIB and AT-GPIB/TNT board
# asc: GI1904-based hand scanners, e.g. the Trust Amiscan Grey
# gsc: Genius GS-4500 hand scanner.
# joy: joystick
# labpc: National Instrument's Lab-PC and Lab-PC+
# rc: RISCom/8 multiport card
# rp: Comtrol Rocketport(ISA) - single card
# tw: TW-523 power line interface for use with X-10 home control products
# si: Specialix SI/XIO 4-32 port terminal multiplexor
# stl: Stallion EasyIO and EasyConnection 8/32 (ISA and PCI),
EasyConnection 8/6
4 PCI
# stli: Stallion EasyConnection 8/64 ISA/EISA, ONboard, Brumby (intelligent)
# nmdm: nullmodem terminal driver (see nmdm(4))
# Notes on APM
#  The flags takes the following meaning for apm0:
#    0x0020  Statclock is broken.
#  If apm is omitted, some systems require sysctl -w
kern.timecounter.method=1
#  for correct timekeeping.
# Notes on the spigot:
#  The video spigot is at 0xad6.  This port address can not be changed.
#  The irq values may only be 10, 11, or 15
#  I/O memory is an 8kb region.  Possible values are:
#    0a0000, 0a2000, ..., 0fffff, f00000, f02000, ..., ffffff
#    The start address must be on an even boundary.
#  Add the following option if you want to allow non-root users to be able
#  to access the spigot.  This option is not secure because it allows users
#  direct access to the I/O page.
#       options SPIGOT_UNSECURE
# Notes on the Comtrol Rocketport driver:
#
# The exact values used for rp0 depend on how many boards you have
# in the system.  The manufacturer's sample configs are listed as:
#
#   Comtrol Rocketport ISA single card
#               device  rp0     at isa? port 0x280
#
#   If instead you have two ISA cards, one installed at 0x100 and the
#   second installed at 0x180, then you should add the following to
#   your kernel configuration file:
#
#               device  rp0     at isa? port 0x100
#               device  rp1     at isa? port 0x180
#
#   For 4 ISA cards, it might be something like this:
#
#               device  rp0     at isa? port 0x180
#               device  rp1     at isa? port 0x100
#               device  rp2     at isa? port 0x340
#               device  rp3     at isa? port 0x240
#
#   And for PCI cards, you only need say:
#
#               device rp
# Notes on the Digiboard driver:
#
# The following flag values have special meanings:
#       0x01 - alternate layout of pins (dgb & dgm)
#       0x02 - use the windowed PC/Xe in 64K mode (dgb only)
# Notes on the Specialix SI/XIO driver:
#  **This is NOT a Specialix supported Driver!**
#  The host card is memory, not IO mapped.
#  The Rev 1 host cards use a 64K chunk, on a 32K boundary.
#  The Rev 2 host cards use a 32K chunk, on a 32K boundary.
#  The cards can use an IRQ of 11, 12 or 15.
# Notes on the Stallion stl and stli drivers:
#  See src/i386/isa/README.stl for complete instructions.
#  This is version 2.0.0, unsupported by Stallion.
#  The stl driver has a secondary IO port hard coded at 0x280.  You need
#     to change src/i386/isa/stallion.c if you reconfigure this on the
boards.
#  The "flags" and "iosiz" settings on the stli driver depend on the board:
#       EasyConnection 8/64 ISA:     flags 23         iosiz 0x1000
#       EasyConnection 8/64 EISA:    flags 24         iosiz 0x10000
#       EasyConnection 8/64 MCA:     flags 25         iosiz 0x1000
#       ONboard ISA:                 flags 4          iosiz 0x10000
#       ONboard EISA:                flags 7          iosiz 0x10000
#       ONboard MCA:                 flags 3          iosiz 0x10000
#       Brumby:                      flags 2          iosiz 0x4000
#       Stallion:                    flags 1          iosiz 0x10000
#  For the PCI cards, "device stl" will suffice.
device          mcd0    at isa? port 0x300 irq 10
# for the Sony CDU31/33A CDROM
device          scd0    at isa? port 0x230
# for the SoundBlaster 16 multicd - up to 4 devices
device          matcd0  at isa? port 0x230
device          wt0     at isa? port 0x300 irq 5 drq 1
device          ctx0    at isa? port 0x230 iomem 0xd0000
device          spigot0 at isa? port 0xad6 irq 15 iomem 0xee000
device          apm0
device          gp0     at isa? port 0x2c0
device          gsc0    at isa? port IO_GSC1 drq 3
device          joy0    at isa? port IO_GAME
device          cy0     at isa? irq 10 iomem 0xd4000 iosiz 0x2000
options         CY_PCI_FASTINTR         # Use with cy_pci unless irq is
shared
device          dgb0    at isa? port 0x220 iomem 0xfc000
options         NDGBPORTS=16            # Defaults to 16*NDGB
device          dgm0    at isa? port 0x104 iomem 0xd0000
device          labpc0  at isa? port 0x260 irq 5
device          rc0     at isa? port 0x220 irq 12
device          rp0     at isa? port 0x280
# the port and irq for tw0 are fictitious
device          tw0     at isa? port 0x380 irq 11
device          si0     at isa? iomem 0xd0000 irq 12
device          asc0    at isa? port IO_ASC1 drq 3 irq 10
device          stl0    at isa? port 0x2a0 irq 10
device          stli0   at isa? port 0x2a0 iomem 0xcc000 flags 23 iosiz
0x1000
# You are unlikely to have the hardware for loran0 <phk@FreeBSD.org>
device          loran0  at isa? irq 5
# HOT1 Xilinx 6200 card (http://www.vcc.com/)
device          xrpu
# nullmodem terminal driver
device          nmdm
#
# MCA devices:
#
# The MCA bus device is `mca'.  It provides auto-detection and
# configuration support for all devices on the MCA bus.
#
# The 'aha' device provides support for the Adaptec 1640
#
# The 'bt' device provides support for various Buslogic/Bustek
# and Storage Dimensions SCSI adapters.
#
# The 'ep' device provides support for the 3Com 3C529 ethernet card.
#
device          mca
#
# EISA devices:
#
# The EISA bus device is `eisa'.  It provides auto-detection and
# configuration support for all devices on the EISA bus.
#
# The `ahb' device provides support for the Adaptec 174X adapter.
#
# The `ahc' device provides support for the Adaptec 274X and 284X
# adapters.  The 284X, although a VLB card, responds to EISA probes.
#
# fea: DEC DEFEA EISA FDDI adapter
#
device          eisa
device          ahb
device          ahc
device          fea
# The aic7xxx driver will attempt to use memory mapped I/O for all PCI
# controllers that have it configured only if this option is set.
Unfortunately,
# this doesn't work on some motherboards, which prevents it from being the
# default.
options         AHC_ALLOW_MEMIO
# The adw driver will attempt to use memory mapped I/O for all PCI
# controllers that have it configured only if this option is set.
options         ADW_ALLOW_MEMIO
# By default, only 10 EISA slots are probed, since the slot numbers
# above clash with the configuration address space of the PCI subsystem,
# and the EISA probe is not very smart about this.  This is sufficient
# for most machines, but in particular the HP NetServer LC series comes
# with an onboard AIC7770 dual-channel SCSI controller on EISA slot #11,
# thus you need to bump this figure to 12 for them.
options         EISA_SLOTS=12
#
# PCI devices & PCI options:
#
# The main PCI bus device is `pci'.  It provides auto-detection and
# configuration support for all devices on the PCI bus, using either
# configuration mode defined in the PCI specification.
device          pci
# PCI options
#
#options        PCI_QUIET       #quiets PCI code on chipset settings
# The `ahc' device provides support for the Adaptec 29/3940(U)(W)
# and motherboard based AIC7870/AIC7880 adapters.
#
# The `amd' device provides support for the AMD 53C974 SCSI host
# adapter chip as found on devices such as the Tekram DC-390(T).
#
# The `bge' device provides support for gigabit ethernet adapters
# based on the Broadcom BCM570x familiy of controllers, including the
# 3Com 3c996-T, the SysKonnect SK-9D21 and SK-9D41, and the embedded
# gigE NICs on Dell PowerEdge 2550 servers.
#
# The `ncr' device provides support for the NCR 53C810 and 53C825
# self-contained SCSI host adapters.
#
# The `isp' device provides support for the Qlogic ISP 1020, 1040
# nd 1040B PCI SCSI host adapters, ISP 1240 Dual Ultra SCSI,
# ISP 1080 and 1280 (Dual) Ultra2, ISP 12160 Ultra3 SCSI, as well as
# the Qlogic ISP 2100 and ISP 2200 Fibre Channel Host Adapters.
#
# The `dc' device provides support for PCI fast ethernet adapters
# based on the DEC/Intel 21143 and various workalikes including:
# the ADMtek AL981 Comet and AN985 Centaur, the ASIX Electronics
# AX88140A and AX88141, the Davicom DM9100 and DM9102, the Lite-On
# 82c168 and 82c169 PNIC, the Lite-On/Macronix LC82C115 PNIC II
# and the Macronix 98713/98713A/98715/98715A/98725 PMAC. This driver
# replaces the old al, ax, dm, pn and mx drivers.  List of brands:
# Digital DE500-BA, Kingston KNE100TX, D-Link DFE-570TX, SOHOware SFA110,
# SVEC PN102-TX, CNet Pro110B, 120A, and 120B, Compex RL100-TX,
# LinkSys LNE100TX, LNE100TX V2.0, Jaton XpressNet, Alfa Inc GFC2204,
# KNE110TX.
#
# The `de' device provides support for the Digital Equipment DC21040
# self-contained Ethernet adapter.
#
# The `fxp' device provides support for the Intel EtherExpress Pro/100B
# PCI Fast Ethernet adapters.
#
# The `gx' device provides support for the Intel Pro/1000 Gigabit Ethernet
# PCI adapters (82542, 82543-F, 82543-T).
#
# The 'lge' device provides support for PCI gigabit ethernet adapters
# based on the Level 1 LXT1001 NetCellerator chipset. This includes the
# D-Link DGE-500SX, SMC TigerCard 1000 (SMC9462SX), and some Addtron cards.
#
# The 'nge' device provides support for PCI gigabit ethernet adapters
# based on the National Semiconductor DP83820 and DP83821 chipset. This
# includes the SMC EZ Card 1000 (SMC9462TX), D-Link DGE-500T, Asante
# FriendlyNet GigaNIX 1000TA and 1000TPC, the Addtron AEG320T, the
# LinkSys EG1032 and EG1064, the Surecom EP-320G-TX and the Netgear GA622T.
#
# The 'pcn' device provides support for PCI fast ethernet adapters based
# on the AMD Am79c97x chipsets, including the PCnet/FAST, PCnet/FAST+,
# PCnet/PRO and PCnet/Home. These were previously handled by the lnc
# driver (and still will be if you leave this driver out of the kernel).
#
# The 'rl' device provides support for PCI fast ethernet adapters based
# on the RealTek 8129/8139 chipset. Note that the RealTek driver defaults
# to using programmed I/O to do register accesses because memory mapped
# mode seems to cause severe lockups on SMP hardware. This driver also
# supports the Accton EN1207D `Cheetah' adapter, which uses a chip called
# the MPX 5030/5038, which is either a RealTek in disguise or a RealTek
# workalike.  Note that the D-Link DFE-530TX+ uses the RealTek chipset
# and is supported by this driver, not the 'vr' driver.
#
# The 'sf' device provides support for Adaptec Duralink PCI fast
# ethernet adapters based on the Adaptec AIC-6915 "starfire" controller.
# This includes dual and quad port cards, as well as one 100baseFX card.
# Most of these are 64-bit PCI devices, except for one single port
# card which is 32-bit.
#
# The 'ste' device provides support for adapters based on the Sundance
# Technologies ST201 PCI fast ethernet controller. This includes the
# D-Link DFE-550TX.
#
# The 'sis' device provides support for adapters based on the Silicon
# Integrated Systems SiS 900 and SiS 7016 PCI fast ethernet controller
# chips.
#
# The 'sk' device provides support for the SysKonnect SK-984x series
# PCI gigabit ethernet NICs. This includes the SK-9841 and SK-9842
# single port cards (single mode and multimode fiber) and the
# SK-9843 and SK-9844 dual port cards (also single mode and multimode).
# The driver will autodetect the number of ports on the card and
# attach each one as a separate network interface.
#
# The 'ti' device provides support for PCI gigabit ethernet NICs based
# on the Alteon Networks Tigon 1 and Tigon 2 chipsets. This includes the
# Alteon AceNIC, the 3Com 3c985, the Netgear GA620 and various others.
# Note that you will probably want to bump up NMBCLUSTERS a lot to use
# this driver.
#
# The 'tl' device provides support for the Texas Instruments TNETE100
# series 'ThunderLAN' cards and integrated ethernet controllers. This
# includes several Compaq Netelligent 10/100 cards and the built-in
# ethernet controllers in several Compaq Prosignia, Proliant and
# Deskpro systems. It also supports several Olicom 10Mbps and 10/100
# boards.
#
# The `tx' device provides support for the SMC 9432 TX, BTX and FTX cards.
#
# The `txp' device provides support for the 3Com 3cR990 "Typhoon"
# 10/100 adapters.
#
# The `vr' device provides support for various fast ethernet adapters
# based on the VIA Technologies VT3043 `Rhine I' and VT86C100A `Rhine II'
# chips, including the D-Link DFE530TX (see 'rl' for DFE530TX+), the Hawking
# Technologies PN102TX, and the AOpen/Acer ALN-320.
#
# The `vx' device provides support for the 3Com 3C590 and 3C595
# early support
#
# The `wb' device provides support for various fast ethernet adapters
# based on the Winbond W89C840F chip. Note: this is not the same as
# the Winbond W89C940F, which is an NE2000 clone.
#
# The `wx' device provides support for the Intel Gigabit Ethernet
# PCI card (`Wiseman').
#
# The `xl' device provides support for the 3Com 3c900, 3c905 and
# 3c905B (Fast) Etherlink XL cards and integrated controllers. This
# includes the integrated 3c905B-TX chips in certain Dell Optiplex and
# Dell Precision desktop machines and the integrated 3c905-TX chips
# in Dell Latitude laptop docking stations.
#
# The `fpa' device provides support for the Digital DEFPA PCI FDDI
# adapter. pseudo-device fddi is also needed.
#
# The `meteor' device is a PCI video capture board. It can also have the
# following options:
#   options METEOR_ALLOC_PAGES=xxx      preallocate kernel pages for data
entry
#       figure (ROWS*COLUMN*BYTES_PER_PIXEL*FRAME+PAGE_SIZE-1)/PAGE_SIZE
#   options METEOR_DEALLOC_PAGES        remove all allocated pages on close
(2)
#   options METEOR_DEALLOC_ABOVE=xxx    remove all allocated pages above the
#       specified amount. If this value is below the allocated amount no
action
#       taken
#   options METEOR_SYSTEM_DEFAULT={METEOR_PAL|METEOR_NTSC|METEOR_SECAM},
used
#       for initialization of fps routine when a signal is not present.
#
# The 'bktr' device is a PCI video capture device using the Brooktree
# bt848/bt848a/bt849a/bt878/bt879 chipset. When used with a TV Tuner it
forms a
# TV card, eg Miro PC/TV, Hauppauge WinCast/TV WinTV, VideoLogic Captivator,
# Intel Smart Video III, AverMedia, IMS Turbo, FlyVideo.
#
# options       OVERRIDE_CARD=xxx
# options       OVERRIDE_TUNER=xxx
# options       OVERRIDE_MSP=1
# options       OVERRIDE_DBX=1
# These options can be used to override the auto detection
# The current values for xxx are found in src/sys/dev/bktr/bktr_card.h
# Using sysctl(8) run-time overrides on a per-card basis can be made
#
# options       BROOKTREE_SYSTEM_DEFAULT=BROOKTREE_PAL
# or
# options       BROOKTREE_SYSTEM_DEFAULT=BROOKTREE_NTSC
# Specifes the default video capture mode.
# This is required for Dual Crystal (28&35Mhz) boards where PAL is used
# to prevent hangs during initialisation.  eg VideoLogic Captivator PCI.
#
# options       BKTR_USE_PLL
# PAL or SECAM users who have a 28Mhz crystal (and no 35Mhz crystal)
# must enable PLL mode with this option. eg some new Bt878 cards.
#
# options       BKTR_GPIO_ACCESS
# This enable IOCTLs which give user level access to the GPIO port.
#
# options       BKTR_NO_MSP_RESET
# Prevents the MSP34xx reset. Good if you initialise the MSP in another OS
first
#
# options       BKTR_430_FX_MODE
# Switch Bt878/879 cards into Intel 430FX chipset compatibility mode.
#
# options       BKTR_SIS_VIA_MODE
# Switch Bt878/879 cards into SIS/VIA chipset compatibility mode which is
# needed for some old SiS and VIA chipset motherboards.
# This also allows Bt878/879 chips to work on old OPTi (<1997) chipset
# motherboards and motherboards with bad or incomplete PCI 2.1 support.
# As a rough guess, old = before 1998
#
#
# The oltr driver supports the following Olicom PCI token-ring adapters
# OC-3136, OC-3137, OC-3139, OC-3140, OC-3141, OC-3540, OC-3250
#
device          ahc             # AHA2940 and onboard AIC7xxx devices
device          amd             # AMD 53C974 (Teckram DC-390(T))
device          isp             # Qlogic family
device          ispfw           # Firmware for QLogic HBAs
device          ncr             # NCR/Symbios Logic
device          sym             # NCR/Symbios Logic (newer chipsets)
#
# Options for ISP
#
#       ISP_TARGET_MODE         -       enable target mode operation
#options        ISP_TARGET_MODE=1
# Options used in dev/sym/ (Symbios SCSI driver).
#options        SYM_SETUP_LP_PROBE_MAP  #-Low Priority Probe Map (bits)
                                        # Allows the ncr to take precedence
                                        # 1 (1<<0) -> 810a, 860
                                        # 2 (1<<1) -> 825a, 875, 885, 895
                                        # 4 (1<<2) -> 895a, 896, 1510d
#options        SYM_SETUP_SCSI_DIFF     #-HVD support for 825a, 875, 885
                                        # disabled:0 (default), enabled:1
#options        SYM_SETUP_PCI_PARITY    #-PCI parity checking
                                        # disabled:0, enabled:1 (default)
#options        SYM_SETUP_MAX_LUN       #-Number of LUNs supported
                                        # default:8, range:[1..64]
# MII bus support is required for some PCI 10/100 ethernet NICs,
# namely those which use MII-compliant transceivers or implement
# tranceiver control interfaces that operate like an MII. Adding
# "device miibus0" to the kernel config pulls in support for
# the generic miibus API and all of the PHY drivers, including a
# generic one for PHYs that aren't specifically handled by an
# individual driver.
device          miibus
# PCI Ethernet NICs that use the common MII bus controller code.
device          dc              # DEC/Intel 21143 and various workalikes
device          fxp             # Intel EtherExpress PRO/100B (82557, 82558)
device          pcn             # AMD Am79C97x PCI 10/100 NICs
device          rl              # RealTek 8129/8139
device          sf              # Adaptec AIC-6915 (``Starfire'')
device          sis             # Silicon Integrated Systems SiS 900/SiS
7016
device          ste             # Sundance ST201 (D-Link DFE-550TX)
device          tl              # Texas Instruments ThunderLAN
device          tx              # SMC EtherPower II (83c17x ``EPIC'')
device          vr              # VIA Rhine, Rhine II
device          wb              # Winbond W89C840F
device          xl              # 3Com 3c90x (``Boomerang'', ``Cyclone'')
# PCI Ethernet NICs.
device          de              # DEC/Intel DC21x4x (``Tulip'')
device          txp             # 3Com 3cR990 (``Typhoon'')
device          vx              # 3Com 3c590, 3c595 (``Vortex'')
# Gigabit Ethernet NICs.
device          bge             # Broadcom BCM570x (``Tigon III'')
device          gx              # Intel Pro/1000 (82542, 82543)
device          lge             # Level 1 LXT1001 (``Mercury'')
device          nge             # NatSemi DP83820 and DP83821
device          sk              # SysKonnect GEnesis
device          ti              # Alteon (``Tigon I'', ``Tigon II'')
device          wx
device          fpa
device          meteor
#The oltr driver in the ISA section will also find PCI cards.
#device         oltr0
# Brooktree driver has been ported to the new I2C framework. Thus,
# you'll need to have the following 3 lines in the kernel config.
#     device smbus
#     device iicbus
#     device iicbb
# The iic and smb devices are only needed if you want to control other
# I2C slaves connected to the external connector of some cards.
#
device          bktr
#
# PCCARD/PCMCIA
#
# card: pccard slots
# pcic: isa/pccard bridge
device          pcic0 at isa?
device          pcic1 at isa?
device          card
# You may need to reset all pccards after resuming
options         PCIC_RESUME_RESET       # reset after resume
#
# Laptop/Notebook options:
#
# See also:
#  apm under `Miscellaneous hardware'
# above.
# For older notebooks that signal a powerfail condition (external
# power supply dropped, or battery state low) by issuing an NMI:
options         POWERFAIL_NMI   # make it beep instead of panicing
#
# SMB bus
#
# System Management Bus support is provided by the 'smbus' device.
# Access to the SMBus device is via the 'smb' device (/dev/smb*),
# which is a child of the 'smbus' device.
#
# Supported devices:
# smb           standard io through /dev/smb*
#
# Supported SMB interfaces:
# iicsmb        I2C to SMB bridge with any iicbus interface
# bktr          brooktree848 I2C hardware interface
# intpm         Intel PIIX4 (82371AB, 82443MX) Power Management Unit
# alpm          Acer Aladdin-IV/V/Pro2 Power Management Unit
# ichsmb        Intel ICH SMBus controller chips (82801AA, 82801AB, 82801BA)
#
device          smbus           # Bus support, required for smb below.
device          intpm
device          alpm
device          ichsmb
device          smb
#
# I2C Bus
#
# Philips i2c bus support is provided by the `iicbus' device.
#
# Supported devices:
# ic    i2c network interface
# iic   i2c standard io
# iicsmb i2c to smb bridge. Allow i2c i/o with smb commands.
#
# Supported interfaces:
# pcf   Philips PCF8584 ISA-bus controller
# bktr  brooktree848 I2C software interface
#
# Other:
# iicbb generic I2C bit-banging code (needed by lpbb, bktr)
#
device          iicbus          # Bus support, required for ic/iic/iicsmb
below.
device          iicbb
device          ic
device          iic
device          iicsmb          # smb over i2c bridge
device          pcf0    at isa? port 0x320 irq 5
#---------------------------------------------------------------------------
# ISDN4BSD
#
# See /usr/share/examples/isdn/ROADMAP for an introduction to isdn4bsd.
#
# i4b passive ISDN cards support contains the following hardware drivers:
#
#       isic  - Siemens/Infineon ISDN ISAC/HSCX/IPAC chipset driver
#       iwic  - Winbond W6692 PCI bus ISDN S/T interface controller
#       ifpi  - AVM Fritz!Card PCI driver
#       ihfc  - Cologne Chip HFC ISA/ISA-PnP chipset driver
#       ifpnp - AVM Fritz!Card PnP driver
#       itjc  - Siemens ISAC / TJNet Tiger300/320 chipset
#
# i4b active ISDN cards support contains the following hardware drivers:
#
#       iavc  - AVM B1 PCI, AVM B1 ISA, AVM T1
#
# Note that the ``options'' (if given) and ``device'' lines must BOTH
# be uncommented to enable support for a given card !
#
# In addition to a hardware driver (and probably an option) the mandatory
# ISDN protocol stack devices and the mandatory support device must be
# enabled as well as one or more devices from the optional devices section.
#
#---------------------------------------------------------------------------
# isic driver (Siemens/Infineon chipsets)
#---------------------------------------------------------------------------
#
# ISA bus non-PnP Cards:
# ----------------------
#
# Teles S0/8 or Niccy 1008
options         TEL_S0_8
device          isic0   at isa? iomem 0xd0000 irq 5 flags 1
#
# Teles S0/16 or Creatix ISDN-S0 or Niccy 1016
options         TEL_S0_16
#device         isic0   at isa? port 0xd80 iomem 0xd0000 irq 5 flags 2
#
# Teles S0/16.3
options         TEL_S0_16_3
#device         isic0   at isa? port 0xd80 irq 5 flags 3
#
# AVM A1 or AVM Fritz!Card
options         AVM_A1
#device         isic0   at isa? port 0x340 irq 5 flags 4
#
# USRobotics Sportster ISDN TA intern
options         USR_STI
#device         isic0   at isa? port 0x268 irq 5 flags 7
#
# ITK ix1 Micro ( < V.3, non-PnP version )
options         ITKIX1
#device         isic0   at isa? port 0x398 irq 10 flags 18
#
# ELSA PCC-16
options         ELSA_PCC16
#device         isic0   at isa? port 0x360 irq 10 flags 20
#
# ISA bus PnP Cards:
# ------------------
#
# Teles S0/16.3 PnP
options         TEL_S0_16_3_P
#device         isic
#
# Creatix ISDN-S0 P&P
options         CRTX_S0_P
#device         isic
#
# Dr. Neuhaus Niccy Go@
options         DRN_NGO
#device         isic
#
# Sedlbauer Win Speed
options         SEDLBAUER
#device         isic
#
# Dynalink IS64PH
options         DYNALINK
#device         isic
#
# ELSA QuickStep 1000pro ISA
options         ELSA_QS1ISA
#device         isic
#
# ITK ix1 Micro ( V.3, PnP version )
options         ITKIX1
#device         isic
#
# Siemens I-Surf 2.0
options         SIEMENS_ISURF2
#device         isic
#
# Asuscom ISDNlink 128K ISAC
options         ASUSCOM_IPAC
#device         isic
#
# Eicon Diehl DIVA 2.0 and 2.02
options       EICON_DIVA
#device         isic
#
# PCI bus Cards:
# --------------
#
# ELSA MicroLink ISDN/PCI (same as ELSA QuickStep 1000pro PCI)
options         ELSA_QS1PCI
#device         isic
#
#---------------------------------------------------------------------------
#       ifpnp driver for AVM Fritz!Card ISA PnP
#---------------------------------------------------------------------------
#
# AVM Fritz!Card ISA PnP
device ifpnp
#
#---------------------------------------------------------------------------
#       ihfc driver for Cologne Chip ISA chipsets (experimental!)
#---------------------------------------------------------------------------
#
# Teles 16.3c ISA PnP
# AcerISDN P10 ISA PnP
# TELEINT ISDN SPEED No.1
device ihfc
#
#---------------------------------------------------------------------------
#       ifpi driver for AVM Fritz!Card PCI 1.0 (2.0 unsupported!)
#---------------------------------------------------------------------------
#
# AVM Fritz!Card PCI 1.0
device  ifpi
#
#---------------------------------------------------------------------------
#       iwic driver for Winbond W6692 chipset
#---------------------------------------------------------------------------
#
# ASUSCOM P-IN100-ST-D (and other Winbond W6692 based cards)
device  iwic
#
#---------------------------------------------------------------------------
#       itjc driver for Simens ISAC / TJNet Tiger300/320 chipset
#---------------------------------------------------------------------------
#
# Traverse Technologies NETjet-S
# Teles PCI-TJ
device  itjc
#
#---------------------------------------------------------------------------
#       iavc driver (AVM active cards, needs i4bcapi driver!)
#---------------------------------------------------------------------------
#
pseudo-device   "i4bcapi"       2
#
# AVM B1 PCI
device          iavc0
#
# AVM B1 ISA bus (PnP mode not supported!)
#device  iavc0 at isa? port 0x150 irq 5
#
#
# ISDN Protocol Stack (mandatory)
# -------------------------------
#
# Q.921 / layer 2 - i4b passive cards D channel handling
pseudo-device   "i4bq921"
#
# Q.931 / layer 3 - i4b passive cards D channel handling
pseudo-device   "i4bq931"
#
# layer 4 - i4b common passive and active card handling
pseudo-device   "i4b"
#
# ISDN devices
# ------------
#
# userland driver to do ISDN tracing (for passive cards only)
pseudo-device   "i4btrc"        4
#
# userland driver to control the whole thing (mandatory)
pseudo-device   "i4bctl"
#
# userland driver for access to raw B channel
pseudo-device   "i4brbch"       4
#
# userland driver for telephony
pseudo-device   "i4btel"        2
#
# network driver for IP over raw HDLC ISDN
pseudo-device   "i4bipr"        4
# enable VJ header compression detection for ipr i/f
options         IPR_VJ
# enable logging of the first n IP packets to isdnd (n=32 here)
#options        IPR_LOG=32
#
# network driver for sync PPP over ISDN
pseudo-device   "i4bisppp"      4
# Parallel-Port Bus
#
# Parallel port bus support is provided by the `ppbus' device.
# Multiple devices may be attached to the parallel port, devices
# are automatically probed and attached when found.
#
# Supported devices:
# vpo   Iomega Zip Drive
#       Requires SCSI disk support ('scbus' and 'da'), best
#       performance is achieved with ports in EPP 1.9 mode.
# lpt   Parallel Printer
# plip  Parallel network interface
# ppi   General-purpose I/O ("Geek Port") + IEEE1284 I/O
# pps   Pulse per second Timing Interface
# lpbb  Philips official parallel port I2C bit-banging interface
#
# Supported interfaces:
# ppc   ISA-bus parallel port interfaces.
#
options         PPC_PROBE_CHIPSET # Enable chipset specific detection
                                  # (see flags in ppc(4))
options         DEBUG_1284      # IEEE1284 signaling protocol debug
options         PERIPH_1284     # Makes your computer act as a IEEE1284
                                # compliant peripheral
options         DONTPROBE_1284  # Avoid boot detection of PnP parallel
devices
options         VP0_DEBUG       # ZIP/ZIP+ debug
options         LPT_DEBUG       # Printer driver debug
options         PPC_DEBUG       # Parallel chipset level debug
options         PLIP_DEBUG      # Parallel network IP interface debug
options         PCFCLOCK_VERBOSE         # Verbose pcfclock driver
options         PCFCLOCK_MAX_RETRIES=5   # Maximum read tries (default 10)
device          ppc0    at isa? irq 7
device          ppbus
device          vpo
device          lpt
device          plip
device          ppi
device          pps
device          lpbb
device          pcfclock
# Kernel BOOTP support
options         BOOTP           # Use BOOTP to obtain IP address/hostname
options         BOOTP_NFSROOT   # NFS mount root filesystem using BOOTP info
options         BOOTP_NFSV3     # Use NFS v3 to NFS mount root
options         BOOTP_COMPAT    # Workaround for broken bootp daemons.
options         BOOTP_WIRED_TO=fxp0 # Use interface fxp0 for BOOTP
#
# Add tie-ins for a hardware watchdog.  This only enable the hooks;
# the user must still supply the actual driver.
#
options         HW_WDOG
#
# Set the number of PV entries per process.  Increasing this can
# stop panics related to heavy use of shared memory. However, that can
# (combined with large amounts of physical memory) cause panics at
# boot time due the kernel running out of VM space.
#
# If you're tweaking this, you might also want to increase the sysctls
# "vm.v_free_min", "vm.v_free_reserved", and "vm.v_free_target".
#
# The value below is the one more than the default.
#
options         PMAP_SHPGPERPROC=201
#
# Change the size of the kernel virtual address space.  Due to
# constraints in loader(8) on i386, this must be a multiple of 4.
# 256 = 1 GB of kernel address space.  Increasing this also causes
# a reduction of the address space in user processes.  512 splits
# the 4GB cpu address space in half (2GB user, 2GB kernel).
#
options         KVA_PAGES=260
#
# Disable swapping. This option removes all code which actually performs
# swapping, so it's not possible to turn it back on at run-time.
#
# This is sometimes usable for systems which don't have any swap space
# (see also sysctls "vm.defer_swapspace_pageouts" and
# "vm.disable_swapspace_pageouts")
#
#options        NO_SWAPPING
# Set the number of sf_bufs to allocate. sf_bufs are virtual buffers
# for sendfile(2) that are used to map file VM pages, and normally
# default to a quantity that is roughly 16*MAXUSERS+512. You would
# typically want about 4 of these for each simultaneous file send.
#
options         NSFBUFS=8704
# Set the size of the buffer cache KVM reservation, in buffers.  This is
# scaled by approximately 16384 bytes.  The system will auto-size the buffer
# cache if this option is not specified or set to 0.
#
options         NBUF=5120
# Set the size of the mbuf KVM reservation, in clusters.  This is scaled
# by approximately 2048 bytes.  The system will auto-size the mbuf area
# if this options is not specified or set to 0.
#
options         NMBCLUSTERS=32768
# Tune the kernel malloc area parameters.  VM_KMEM_SIZE represents the
# minimum, in bytes, and is typically (12*1024*1024) (12MB).
# VM_KMEM_SIZE_MAX represents the maximum, typically 200 megabytes.
# VM_KMEM_SIZE_SCALE can be set to adjust the auto-tuning factor, which
# typically defaults to 4 (kernel malloc area size is physical memory
# divided by the scale factor).
#
options         VM_KMEM_SIZE="(10*1024*1024)"
options         VM_KMEM_SIZE_MAX="(100*1024*1024)"
options         VM_KMEM_SIZE_SCALE="4"
# Tune the buffer cache maximum KVA reservation, in bytes.  The maximum is
# usually capped at 200 MB, effecting machines with > 1GB of ram.  Note
# that the buffer cache only really governs write buffering and disk block
# translations.  The VM page cache is our primary disk cache and is not
# effected by the size of the buffer cache.
#
options         VM_BCACHE_SIZE_MAX="(100*1024*1024)"
# Tune the swap zone KVA reservation, in bytes.  The default is typically
# 70 MB, giving the system the ability to manage a maximum of 28GB worth
# of swapped out data.
#
options         VM_SWZONE_SIZE_MAX="(50*1024*1024)"
#
# Enable extra debugging code for locks.  This stores the filename and
# line of whatever acquired the lock in the lock itself, and change a
# number of function calls to pass around the relevant data.  This is
# not at all useful unless you are debugging lock code.  Also note
# that it is likely to break e.g. fstat(1) unless you recompile your
# userland with -DDEBUG_LOCKS as well.
#
options         DEBUG_LOCKS
# Set the amount of time (in seconds) the system will wait before
# rebooting automatically when a kernel panic occurs.  If set to (-1),
# the system will wait indefinitely until a key is pressed on the
# console.
options         PANIC_REBOOT_WAIT_TIME=16
#
# SysVR4 ABI emulation
#
# The svr4 ABI emulator can be statically compiled into the kernel or
loaded as
# a KLD module.
# The STREAMS network emulation code can also be compiled statically or as a
# module.  If loaded as a module, it must be loaded before the svr4 module
# (the /usr/sbin/svr4 script does this for you).  If compiling statically,
# the `streams' pseudo-device must be configured into any kernel which also
# specifies COMPAT_SVR4.  It is possible to have a statically-configured
# STREAMS device and a dynamically loadable svr4 emulator;
the /usr/sbin/svr4
# script understands that it doesn't need to load the `streams' module under
# those circumstances.
# Caveat:  At this time, `options KTRACE' is required for the svr4 emulator
# (whether static or dynamic).
#
options         COMPAT_SVR4     # build emulator statically
options         DEBUG_SVR4      # enable verbose debugging
pseudo-device   streams         # STREAMS network driver (required for
svr4).
# The 'asr' driver provides support for current DPT/Adaptec SCSI RAID
# controllers (SmartRAID V and VI and later).
# These controllers require the CAM infrastructure.
#
device          asr
# The 'dpt' driver provides support for DPT controllers
(http://www.dpt.com/).
# These have hardware RAID-{0,1,5} support, and do multi-initiator I/O.
# The DPT controllers are commonly re-licensed under other brand-names -
# some controllers by Olivetti, Dec, HP, AT&T, SNI, AST, Alphatronic, NEC
and
# Compaq are actually DPT controllers.
#
# See src/sys/dev/dpt for debugging and other subtle options.
#   DPT_MEASURE_PERFORMANCE Enables a set of (semi)invasive metrics. Various
#                           instruments are enabled.  The tools in
#                           /usr/sbin/dpt_* assume these to be enabled.
#   DPT_HANDLE_TIMEOUTS     Normally device timeouts are handled by the DPT.
#                           If you ant the driver to handle timeouts, enable
#                           this option.  If your system is very busy, this
#                           option will create more trouble than solve.
#   DPT_TIMEOUT_FACTOR      Used to compute the excessive amount of time to
#                           wait when timing out with the above option.
#  DPT_DEBUG_xxxx           These are controllable from sys/dev/dpt/dpt.h
#  DPT_LOST_IRQ             When enabled, will try, once per second, to
catch
#                           any interrupt that got lost.  Seems to help in
some
#                           DPT-firmware/Motherboard combinations.  Minimal
#                           cost, great benefit.
#  DPT_RESET_HBA            Make "reset" actually reset the controller
#                           instead of fudging it.  Only enable this if you
#                           are 100% certain you need it.
device          dpt
# DPT options
#!CAM# options  DPT_MEASURE_PERFORMANCE
#!CAM# options  DPT_HANDLE_TIMEOUTS
options         DPT_TIMEOUT_FACTOR=4
options         DPT_LOST_IRQ
options         DPT_RESET_HBA
options         DPT_ALLOW_MEMIO
#
# Compaq "CISS" RAID controllers (SmartRAID 5* series)
# These controllers have a SCSI-like interface, and require the
# CAM infrastructure.
#
device          ciss
#
# Mylex AcceleRAID and eXtremeRAID controllers with v6 and later
# firmware.  These controllers have a SCSI-like interface, and require
# the CAM infrastructure.
#
device          mly
# USB support
# UHCI controller
device          uhci
# OHCI controller
device          ohci
# General USB code (mandatory for USB)
device          usb
#
# Generic USB device driver
device          ugen
# Human Interface Device (anything with buttons and dials)
device          uhid
# USB keyboard
device          ukbd
# USB printer
device          ulpt
# USB Iomega Zip 100 Drive (Requires scbus and da)
device          umass
# USB modem support
device          umodem
# USB mouse
device          ums
# USB Rio (MP3 Player)
device          urio
# USB scanners
device          uscanner
#
# ADMtek USB ethernet. Supports the LinkSys USB100TX,
# the Billionton USB100, the Melco LU-ATX, the D-Link DSB-650TX
# and the SMC 2202USB. Also works with the ADMtek AN986 Pegasus
# eval board.
device          aue
#
# CATC USB-EL1201A USB ethernet. Supports the CATC Netmate
# and Netmate II, and the Belkin F5U111.
device          cue
#
# Kawasaki LSI ethernet. Supports the LinkSys USB10T,
# Entrega USB-NET-E45, Peracom Ethernet Adapter, the
# 3Com 3c19250, the ADS Technologies USB-10BT, the ATen UC10T,
# the Netgear EA101, the D-Link DSB-650, the SMC 2102USB
# and 2104USB, and the Corega USB-T.
device          kue
# debugging options for the USB subsystem
#
options         UHCI_DEBUG
options         OHCI_DEBUG
options         USB_DEBUG
options         UGEN_DEBUG
options         UHID_DEBUG
options         UHUB_DEBUG
options         UKBD_DEBUG
options         ULPT_DEBUG
options         UMASS_DEBUG
options         UMS_DEBUG
# options for ukbd:
options         UKBD_DFLT_KEYMAP        # specify the built-in keymap
makeoptions     UKBD_DFLT_KEYMAP=it.iso
#
# Embedded system options:
#
# An embedded system might want to run something other than init.
options         INIT_PATH="/sbin/init:/stand/sysinstall"
# Debug options
options         BUS_DEBUG       # enable newbus debugging
options         DEBUG_VFS_LOCKS # enable vfs lock debugging
options         NPX_DEBUG       # enable npx debugging (FPU/math emu)
# More undocumented options for linting.
# Note that documenting these are not considered an affront.
options         AHC_DUMP_EEPROM
options         AHC_TMODE_ENABLE
options         CAM_DEBUG_DELAY
options         CLUSTERDEBUG
options         COMPAT_LINUX
options         CPU_UPGRADE_HW_CACHE
options         DEBUG
options         DEBUG_LINUX
#options        DISABLE_PSE
options         ENABLE_ALART
options         ENABLE_VFS_IOOPT
options         FB_DEBUG
options         FB_INSTALL_CDEV
options         FE_8BIT_SUPPORT
options         I4B_SMP_WORKAROUND
options         I586_PMC_GUPROF=0x70000
options         IBCS2
options         KBDIO_DEBUG=2
options         KBD_MAXRETRY=4
options         KBD_MAXWAIT=6
options         KBD_RESETDELAY=201
options         KEY
options         LOCKF_DEBUG
options         LOUTB
options         NETATALKDEBUG
#options        OLTR_NO_BULLSEYE_MAC
#options        OLTR_NO_HAWKEYE_MAC
#options        OLTR_NO_TMS_MAC
options         PNPBIOS
options         PSM_DEBUG=1
options         SCSI_NCR_DEBUG
options         SCSI_NCR_MAX_SYNC=10000
options         SCSI_NCR_MAX_WIDE=1
options         SCSI_NCR_MYADDR=7
options         SC_DEBUG_LEVEL
options         SC_RENDER_DEBUG
options         SHOW_BUSYBUFS   # List buffers that prevent root unmount
options         SIMPLELOCK_DEBUG
options         SI_DEBUG
options         SLIP_IFF_OPTS
options         SPX_HACK
options         TIMER_FREQ="((14318182+6)/12)"
options         VFS_BIO_DEBUG
options         XBONEHACK
------------------------------------------------------------
cache# ipcs -a
Message Queues:
T     ID     KEY        MODE       OWNER    GROUP  CREATOR   CGROUP CBYTES
QNUM
 QBYTES LSPID LRPID   STIME    RTIME    CTIME
Shared Memory:
T     ID     KEY        MODE       OWNER    GROUP  CREATOR   CGROUP NATTCH
SEGS
Z  CPID  LPID   ATIME    DTIME    CTIME
Semaphores:
T     ID     KEY        MODE       OWNER    GROUP  CREATOR   CGROUP NSEMS
OTIM
E    CTIME
-----------------------------------------
ICOSNET votre provider.
   "Webmail client!"
http://www.aloline.com/
Received on Wed Apr 24 2002 - 05:46:22 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:40 MST