Hello All,
I am working on FreeBSD 4.5, my server is bi-processor 1GH RAM 512 MO , I
install squid-2.4STABLE6. I modifier all parameter in kernel config like
discribe in FAQ, squid config enabled diskd wccp ..
When I started squid I have this messages in cache log:
2000/04/24 11:28:05| storeDiskdSend OPEN: (35) Resource temporarily
unavailable
2000/04/24 11:28:05| storeDiskdSend: msgsnd: (35) Resource temporarily
unavailab
le
2000/04/24 11:28:05| storeDiskdSend OPEN: (35) Resource temporarily
unavailable
2000/04/24 11:28:05| storeDiskdSend: msgsnd: (35) Resource temporarily
unavailab
le
I attache in this mail all of my configuration, please where is my error?
----------------------
cache# cat /usr/local/etc/squid/squid.conf
# WELCOME TO SQUID 2
# ------------------
#
# This is the default Squid configuration file. You may wish
# to look at the Squid home page (http://www.squid-cache.org/)
# for the FAQ and other documentation.
#
# The default Squid config file shows what the defaults for
# various options happen to be. If you don't need to change the
# default, you shouldn't uncomment the line. Doing so may cause
# run-time problems. In some cases "none" refers to no default
# setting at all, while in other cases it refers to a valid
# option - the comments for that keyword indicate if this is the
# case.
#
# NETWORK OPTIONS
# --------------------------------------------------------------------------
--- # TAG: http_port # Usage: port # hostname:port # 1.2.3.4:port # # The socket addresses where Squid will listen for HTTP client # requests. You may specify multiple socket addresses. # There are three forms: port alone, hostname with port, and # IP address with port. If you specify a hostname or IP # address, then Squid binds the socket to that specific # address. This replaces the old 'tcp_incoming_address' # option. Most likely, you do not need to bind to a specific # address, so you can use the port number alone. # # The default port number is 3128. # # If you are running Squid in accelerator mode, then you # probably want to listen on port 80 also, or instead. # # The -a command line option will override the *first* port # number listed here. That option will NOT override an IP # address, however. # # You may specify multiple socket addresses on multiple lines. # #Default: http_port 8080 # TAG: icp_port # The port number where Squid sends and receives ICP queries to # and from neighbor caches. Default is 3130. To disable use # "0". May be overridden with -u on the command line. # #Default: # icp_port 3130 # TAG: htcp_port # Note: This option is only available if Squid is rebuilt with the # --enable-htcp option # # The port number where Squid sends and receives HTCP queries to # and from neighbor caches. Default is 4827. To disable use # "0". # # To enable this option, you must use --enable-htcp with the # configure script. # #Default: # htcp_port 4827 # TAG: mcast_groups # This tag specifies a list of multicast groups which your server # should join to receive multicasted ICP queries. # # NOTE! Be very careful what you put here! Be sure you # understand the difference between an ICP _query_ and an ICP # _reply_. This option is to be set only if you want to RECEIVE # multicast queries. Do NOT set this option to SEND multicast # ICP (use cache_peer for that). ICP replies are always sent via # unicast, so this option does not affect whether or not you will # receive replies from multicast group members. # # You must be very careful to NOT use a multicast address which # is already in use by another group of caches. # # If you are unsure about multicast, please read the Multicast # chapter in the Squid FAQ (http://www.squid-cache.org/FAQ/). # # Usage: mcast_groups 239.128.16.128 224.0.1.20 # # By default, Squid doesn't listen on any multicast groups. # #Default: # none # TAG: tcp_outgoing_address # TAG: udp_incoming_address # TAG: udp_outgoing_address # Usage: tcp_incoming_address 10.20.30.40 # udp_outgoing_address fully.qualified.domain.name # # tcp_outgoing_address is used for connections made to remote # servers and other caches. # udp_incoming_address is used for the ICP socket receiving packets # from other caches. # udp_outgoing_address is used for ICP packets sent out to other # caches. # # The default behavior is to not bind to any specific address. # # A *_incoming_address value of 0.0.0.0 indicates that Squid should # listen on all available interfaces. # # If udp_outgoing_address is set to 255.255.255.255 (the default) # then it will use the same socket as udp_incoming_address. Only # change this if you want to have ICP queries sent using another # address than where this Squid listens for ICP queries from other # caches. # # NOTE, udp_incoming_address and udp_outgoing_address can not # have the same value since they both use port 3130. # # NOTE, tcp_incoming_address has been removed. You can now # specify IP addresses on the 'http_port' line. # #Default: # tcp_outgoing_address 255.255.255.255 # udp_incoming_address 0.0.0.0 # udp_outgoing_address 255.255.255.255 # OPTIONS WHICH AFFECT THE NEIGHBOR SELECTION ALGORITHM # -------------------------------------------------------------------------- --- # TAG: cache_peer # To specify other caches in a hierarchy, use the format: # # cache_peer hostname type http_port icp_port # # For example, # # # proxy icp # # hostname type port port options # # -------------------- -------- ----- ----- ----------- # cache_peer parent.foo.net parent 3128 3130 [proxy-only] # cache_peer sib1.foo.net sibling 3128 3130 [proxy-only] # cache_peer sib2.foo.net sibling 3128 3130 [proxy-only] # # type: either 'parent', 'sibling', or 'multicast'. # # proxy_port: The port number where the cache listens for proxy # requests. # # icp_port: Used for querying neighbor caches about # objects. To have a non-ICP neighbor # specify '7' for the ICP port and make sure the # neighbor machine has the UDP echo port # enabled in its /etc/inetd.conf file. # # options: proxy-only # weight=n # ttl=n # no-query # default # round-robin # multicast-responder # closest-only # no-digest # no-netdb-exchange # no-delay # login=user:password # connect-timeout=nn # digest-url=url # allow-miss # # use 'proxy-only' to specify that objects fetched # from this cache should not be saved locally. # # use 'weight=n' to specify a weighted parent. # The weight must be an integer. The default weight # is 1, larger weights are favored more. # # use 'ttl=n' to specify a IP multicast TTL to use # when sending an ICP queries to this address. # Only useful when sending to a multicast group. # Because we don't accept ICP replies from random # hosts, you must configure other group members as # peers with the 'multicast-responder' option below. # # use 'no-query' to NOT send ICP queries to this # neighbor. # # use 'default' if this is a parent cache which can # be used as a "last-resort." You should probably # only use 'default' in situations where you cannot # use ICP with your parent cache(s). # # use 'round-robin' to define a set of parents which # should be used in a round-robin fashion in the # absence of any ICP queries. # # 'multicast-responder' indicates that the named peer # is a member of a multicast group. ICP queries will # not be sent directly to the peer, but ICP replies # will be accepted from it. # # 'closest-only' indicates that, for ICP_OP_MISS # replies, we'll only forward CLOSEST_PARENT_MISSes # and never FIRST_PARENT_MISSes. # # use 'no-digest' to NOT request cache digests from # this neighbor. # # 'no-netdb-exchange' disables requesting ICMP # RTT database (NetDB) from the neighbor. # # use 'no-delay' to prevent access to this neighbor # from influencing the delay pools. # # use 'login=user:password' if this is a personal/workgroup # proxy and your parent requires proxy authentication. # # use 'connect-timeout=nn' to specify a peer # specific connect timeout (also see the # peer_connect_timeout directive) # # use 'digest-url=url' to tell Squid to fetch the cache # digest (if digests are enabled) for this host from # the specified URL rather than the Squid default # location. # # use 'allow-miss' to disable Squid's use of only-if- cached # when forwarding requests to siblings. This is primarily # useful when icp_hit_stale is used by the sibling. To # extensive use of this option may result in forwarding # loops, and you should avoid having two-way peerings # with this option. (for example to deny peer usage on # requests from peer by denying cache_peer_access if the # source is a peer) # # NOTE: non-ICP neighbors must be specified as 'parent'. # #Default: # none # TAG: cache_peer_domain # Use to limit the domains for which a neighbor cache will be # queried. Usage: # # cache_peer_domain cache-host domain [domain ...] # cache_peer_domain cache-host !domain # # For example, specifying # # cache_peer_domain parent.foo.net .edu # # has the effect such that UDP query packets are sent to # 'bigserver' only when the requested object exists on a # server in the .edu domain. Prefixing the domainname # with '!' means that the cache will be queried for objects # NOT in that domain. # # NOTE: * Any number of domains may be given for a cache-host, # either on the same or separate lines. # * When multiple domains are given for a particular # cache-host, the first matched domain is applied. # * Cache hosts with no domain restrictions are queried # for all requests. # * There are no defaults. # * There is also a 'cache_peer_access' tag in the ACL # section. # #Default: # none # TAG: neighbor_type_domain # usage: neighbor_type_domain parent|sibling domain domain ... # # Modifying the neighbor type for specific domains is now # possible. You can treat some domains differently than the the # default neighbor type specified on the 'cache_peer' line. # Normally it should only be necessary to list domains which # should be treated differently because the default neighbor type # applies for hostnames which do not match domains listed here. # #EXAMPLE: # cache_peer parent cache.fo.org 3128 3130 # neighbor_type_domain cache.foo.org sibling .com .net # neighbor_type_domain cache.foo.org sibling .au .de # #Default: # none # TAG: icp_query_timeout (msec) # Normally Squid will automatically determine an optimal ICP # query timeout value based on the round-trip-time of recent ICP # queries. If you want to override the value determined by # Squid, set this 'icp_query_timeout' to a non-zero value. This # value is specified in MILLISECONDS, so, to use a 2-second # timeout (the old default), you would write: # # icp_query_timeout 2000 # #Default: # icp_query_timeout 0 # TAG: maximum_icp_query_timeout (msec) # Normally the ICP query timeout is determined dynamically. But # sometimes it can lead to very large values (say 5 seconds). # Use this option to put an upper limit on the dynamic timeout # value. Do NOT use this option to always use a fixed (instead # of a dynamic) timeout value. To set a fixed timeout see the # 'icp_query_timeout' directive. # #Default: # maximum_icp_query_timeout 2000 # TAG: mcast_icp_query_timeout (msec) # For Multicast peers, Squid regularly sends out ICP "probes" to # count how many other peers are listening on the given multicast # address. This value specifies how long Squid should wait to # count all the replies. The default is 2000 msec, or 2 # seconds. # #Default: # mcast_icp_query_timeout 2000 # TAG: dead_peer_timeout (seconds) # This controls how long Squid waits to declare a peer cache # as "dead." If there are no ICP replies received in this # amount of time, Squid will declare the peer dead and not # expect to receive any further ICP replies. However, it # continues to send ICP queries, and will mark the peer as # alive upon receipt of the first subsequent ICP reply. # # This timeout also affects when Squid expects to receive ICP # replies from peers. If more than 'dead_peer' seconds have # passed since the last ICP reply was received, Squid will not # expect to receive an ICP reply on the next query. Thus, if # your time between requests is greater than this timeout, you # will see a lot of requests sent DIRECT to origin servers # instead of to your parents. # #Default: # dead_peer_timeout 10 seconds # TAG: hierarchy_stoplist # A list of words which, if found in a URL, cause the object to # be handled directly by this cache. In other words, use this # to not query neighbor caches for certain objects. You may # list this option multiple times. # #We recommend you to use at least the following line. hierarchy_stoplist cgi-bin ? # TAG: no_cache # A list of ACL elements which, if matched, cause the reply to # immediately removed from the cache. In other words, use this # to force certain objects to never be cached. # # You must use the word 'DENY' to indicate the ACL names which should # NOT be cached. # #We recommend you to use the following two lines. acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY # OPTIONS WHICH AFFECT THE CACHE SIZE # -------------------------------------------------------------------------- --- # TAG: cache_mem (bytes) # NOTE: THIS PARAMETER DOES NOT SPECIFY THE MAXIMUM PROCESS # SIZE. IT PLACES A LIMIT ON ONE ASPECT OF SQUID'S MEMORY # USAGE. SQUID USES MEMORY FOR OTHER THINGS AS WELL. # YOUR PROCESS WILL PROBABLY BECOME TWICE OR THREE TIMES # BIGGER THAN THE VALUE YOU PUT HERE # # 'cache_mem' specifies the ideal amount of memory to be used # for: # * In-Transit objects # * Hot Objects # * Negative-Cached objects # # Data for these objects are stored in 4 KB blocks. This # parameter specifies the ideal upper limit on the total size of # 4 KB blocks allocated. In-Transit objects take the highest # priority. # # In-transit objects have priority over the others. When # additional space is needed for incoming data, negative-cached # and hot objects will be released. In other words, the # negative-cached and hot objects will fill up any unused space # not needed for in-transit objects. # # If circumstances require, this limit will be exceeded. # Specifically, if your incoming request rate requires more than # 'cache_mem' of memory to hold in-transit objects, Squid will # exceed this limit to satisfy the new requests. When the load # decreases, blocks will be freed until the high-water mark is # reached. Thereafter, blocks will be used to store hot # objects. # #Default: cache_mem 256 MB # TAG: cache_swap_low (percent, 0-100) # TAG: cache_swap_high (percent, 0-100) # # The low- and high-water marks for cache object replacement. # Replacement begins when the swap (disk) usage is above the # low-water mark and attempts to maintain utilization near the # low-water mark. As swap utilization gets close to high-water # mark object eviction becomes more aggressive. If utilization is # close to the low-water mark less replacement is done each time. # # Defaults are 90% and 95%. If you have a large cache, 5% could be # hundreds of MB. If this is the case you may wish to set these # numbers closer together. # #Default: # cache_swap_low 90 # cache_swap_high 95 # TAG: maximum_object_size (bytes) # Objects larger than this size will NOT be saved on disk. The # value is specified in kilobytes, and the default is 4MB. If # you wish to get a high BYTES hit ratio, you should probably # increase this (one 32 MB object hit counts for 3200 10KB # hits). If you wish to increase speed more than your want to # save bandwidth you should leave this low. # # NOTE: if using the LFUDA replacement policy you should increase # this value to maximize the byte hit rate improvement of LFUDA! # See replacement_policy below for a discussion of this policy. # #Default: # maximum_object_size 4096 KB # TAG: minimum_object_size (bytes) # Objects smaller than this size will NOT be saved on disk. The # value is specified in kilobytes, and the default is 0 KB, which # means there is no minimum. # #Default: # minimum_object_size 0 KB # TAG: maximum_object_size_in_memory (bytes) # Objects greater than this size will not be attempted to kept in # the memory cache. This should be set high enough to keep objects # accessed frequently in memory to improve performance whilst low # enough to keep larger objects from hoarding cache_mem . # #Default: # maximum_object_size_in_memory 8 KB # TAG: ipcache_size (number of entries) # TAG: ipcache_low (percent) # TAG: ipcache_high (percent) # The size, low-, and high-water marks for the IP cache. # #Default: # ipcache_size 1024 # ipcache_low 90 # ipcache_high 95 # TAG: fqdncache_size (number of entries) # Maximum number of FQDN cache entries. # #Default: # fqdncache_size 1024 # TAG: cache_replacement_policy # The cache replacement policy parameter determines which # objects are evicted (replaced) when disk space is needed. # # lru : Squid's original list based LRU policy # heap GDSF : Greedy-Dual Size Frequency # heap LFUDA: Least Frequently Used with Dynamic Aging # heap LRU : LRU policy implemented using a heap # # Applies to any cache_dir lines listed below this. # # The LRU policies keeps recently referenced objects. # # The heap GDSF policy optimizes object hit rate by keeping smaller # popular objects in cache so it has a better chance of getting a # hit. It achieves a lower byte hit rate than LFUDA though since # it evicts larger (possibly popular) objects. # # The heap LFUDA policy keeps popular objects in cache regardless of # their size and thus optimizes byte hit rate at the expense of # hit rate since one large, popular object will prevent many # smaller, slightly less popular objects from being cached. # # Both policies utilize a dynamic aging mechanism that prevents # cache pollution that can otherwise occur with frequency-based # replacement policies. # # NOTE: if using the LFUDA replacement policy you should increase # the value of maximum_object_size above its default of 4096 KB to # to maximize the potential byte hit rate improvement of LFUDA. # # For more information about the GDSF and LFUDA cache replacement # policies see http://www.hpl.hp.com/techreports/1999/HPL-1999-69.html # and http://fog.hpl.external.hp.com/techreports/98/HPL-98-173.html. # #Default: # cache_replacement_policy lru # TAG: memory_replacement_policy # The memory replacement policy parameter determines which # objects are purged from memory when memory space is needed. # # See cache_replacement_policy for details. # #Default: # memory_replacement_policy lru # LOGFILE PATHNAMES AND CACHE DIRECTORIES # -------------------------------------------------------------------------- --- # TAG: cache_dir # Usage: # # cache_dir Type Directory-Name Fs-specific-data [options] # # You can specify multiple cache_dir lines to spread the # cache among different disk partitions. # # Type specifies the kind of storage system to use. Most # everyone will want to use "ufs" as the type. If you are using # Async I/O (--enable async-io) on Linux or Solaris, then you may # want to try "aufs" as the type. Async IO support may be # buggy, however, so beware. # # 'Directory' is a top-level directory where cache swap # files will be stored. If you want to use an entire disk # for caching, then this can be the mount-point directory. # The directory must exist and be writable by the Squid # process. Squid will NOT create this directory for you. # # The ufs store type: # # "ufs" is the old well-known Squid storage format that has always # been there. # # cache_dir ufs Directory-Name Mbytes L1 L2 [options] # # 'Mbytes' is the amount of disk space (MB) to use under this # directory. The default is 100 MB. Change this to suit your # configuration. # # 'Level-1' is the number of first-level subdirectories which # will be created under the 'Directory'. The default is 16. # # 'Level-2' is the number of second-level subdirectories which # will be created under each first-level directory. The default # is 256. # # The aufs store type: # # "aufs" uses the same storage format as "ufs", utilizing # POSIX-threads to avoid blocking the main Squid process on # disk-I/O. This was formerly known in Squid as async-io. # # cache_dir aufs Directory-Name Mbytes L1 L2 [options] # # see argument descriptions under ufs above # # The diskd store type: # # "diskd" uses the same storage format as "ufs", utilizing a # separate process to avoid blocking the main Squid process on # disk-I/O. # # cache_dir diskd Directory-Name Mbytes L1 L2 [options] [Q1=n] [Q2=n] # # see argument descriptions under ufs above # # Q1 specifies the number of unacknowledged I/O requests when Squid # stops opening new files. If this many messages are in the queues, # Squid won't open new files. Default is 64 # # Q2 specifies the number of unacknowledged messages when Squid # starts blocking. If this many messages are in the queues, # Squid blocks until it recevies some replies. Default is 72 # # Common options: # # read-only, this cache_dir is read only. # # max-size=n, refers to the max object size this storedir supports. # It is used to initially choose the storedir to dump the object. # Note: To make optimal use of the max-size limits you should order # the cache_dir lines with the smallest max-size value first and the # ones with no max-size specification last. # #Default: cache_dir diskd /usr/local/squid/cache1 4096 16 256 Q1=72 Q2=64 cache_dir ufs /usr/local/squid/cache 20000 64 256 # TAG: cache_access_log # Logs the client request activity. Contains an entry for # every HTTP and ICP queries received. # #Default: cache_access_log /dev/null # TAG: cache_log # Cache logging file. This is where general information about # your cache's behavior goes. You can increase the amount of data # logged to this file with the "debug_options" tag below. # #Default: # cache_log /usr/local/squid/logs/cache.log # TAG: cache_store_log # Logs the activities of the storage manager. Shows which # objects are ejected from the cache, and which objects are # saved and for how long. To disable, enter "none". There are # not really utilities to analyze this data, so you can safely # disable it. # #Default: cache_store_log none # TAG: cache_swap_log # Location for the cache "swap.log." This log file holds the # metadata of objects saved on disk. It is used to rebuild the # cache during startup. Normally this file resides in each # 'cache_dir' directory, but you may specify an alternate # pathname here. Note you must give a full filename, not just # a directory. Since this is the index for the whole object # list you CANNOT periodically rotate it! # # If %s can be used in the file name then it will be replaced with a # a representation of the cache_dir name where each / is replaced # with '.'. This is needed to allow adding/removing cache_dir # lines when cache_swap_log is being used. # # If have more than one 'cache_dir', and %s is not used in the name # then these swap logs will have names such as: # # cache_swap_log.00 # cache_swap_log.01 # cache_swap_log.02 # # The numbered extension (which is added automatically) # corresponds to the order of the 'cache_dir' lines in this # configuration file. If you change the order of the 'cache_dir' # lines in this file, then these log files will NOT correspond to # the correct 'cache_dir' entry (unless you manually rename # them). We recommend that you do NOT use this option. It is # better to keep these log files in each 'cache_dir' directory. # #Default: # none # TAG: emulate_httpd_log on|off # The Cache can emulate the log file format which many 'httpd' # programs use. To disable/enable this emulation, set # emulate_httpd_log to 'off' or 'on'. The default # is to use the native log format since it includes useful # information that Squid-specific log analyzers use. # #Default: # emulate_httpd_log off # TAG: log_ip_on_direct on|off # Log the destination IP address in the hierarchy log tag when going # direct. Earlier Squid versions logged the hostname here. If you # prefer the old way set this to off. # #Default: # log_ip_on_direct on # TAG: mime_table # Pathname to Squid's MIME table. You shouldn't need to change # this, but the default file contains examples and formatting # information if you do. # #Default: # mime_table /usr/local/etc/squid/mime.conf # TAG: log_mime_hdrs on|off # The Cache can record both the request and the response MIME # headers for each HTTP transaction. The headers are encoded # safely and will appear as two bracketed fields at the end of # the access log (for either the native or httpd-emulated log # formats). To enable this logging set log_mime_hdrs to 'on'. # #Default: # log_mime_hdrs off # TAG: useragent_log # Note: This option is only available if Squid is rebuilt with the # --enable-useragent-log option # # Squid will write the User-Agent field from HTTP requests # to the filename specified here. By default useragent_log # is disabled. # #Default: # none # TAG: referer_log # Note: This option is only available if Squid is rebuilt with the # --enable-referer-log option # # Squid will write the Referer field from HTTP requests to the # filename specified here. By default referer_log is disabled. # #Default: # none # TAG: pid_filename # A filename to write the process-id to. To disable, enter "none". # #Default: # pid_filename /usr/local/squid/logs/squid.pid # TAG: debug_options # Logging options are set as section,level where each source file # is assigned a unique section. Lower levels result in less # output, Full debugging (level 9) can result in a very large # log file, so be careful. The magic word "ALL" sets debugging # levels for all sections. We recommend normally running with # "ALL,1". # #Default: # debug_options ALL,1 # TAG: log_fqdn on|off # Turn this on if you wish to log fully qualified domain names # in the access.log. To do this Squid does a DNS lookup of all # IP's connecting to it. This can (in some situations) increase # latency, which makes your cache seem slower for interactive # browsing. # #Default: # log_fqdn off # TAG: client_netmask # A netmask for client addresses in logfiles and cachemgr output. # Change this to protect the privacy of your cache clients. # A netmask of 255.255.255.0 will log all IP's in that range with # the last digit set to '0'. # #Default: # client_netmask 255.255.255.255 # OPTIONS FOR EXTERNAL SUPPORT PROGRAMS # -------------------------------------------------------------------------- --- # TAG: ftp_user # If you want the anonymous login password to be more informative # (and enable the use of picky ftp servers), set this to something # reasonable for your domain, like wwwuser@somewhere.net # # The reason why this is domainless by default is that the # request can be made on the behalf of a user in any domain, # depending on how the cache is used. # Some ftp server also validate that the email address is valid # (for example perl.com). # #Default: # ftp_user Squid@ # TAG: ftp_list_width # Sets the width of ftp listings. This should be set to fit in # the width of a standard browser. Setting this too small # can cut off long filenames when browsing ftp sites. # #Default: # ftp_list_width 32 # TAG: ftp_passive # If your firewall does not allow Squid to use passive # connections, then turn off this option. # #Default: # ftp_passive on # TAG: cache_dns_program # Note: This option is only available if Squid is rebuilt with the # --disable-internal-dns option # # Specify the location of the executable for dnslookup process. # #Default: # cache_dns_program /usr/local/libexec/ # TAG: dns_children # Note: This option is only available if Squid is rebuilt with the # --disable-internal-dns option # # The number of processes spawn to service DNS name lookups. # For heavily loaded caches on large servers, you should # probably increase this value to at least 10. The maximum # is 32. The default is 5. # # You must have at least one dnsserver process. # #Default: # dns_children 5 # TAG: dns_retransmit_interval # Initial retransmit interval for DNS queries. The interval is # doubled each time all configured DNS servers have been tried. # # #Default: # dns_retransmit_interval 5 seconds # TAG: dns_timeout # DNS Query timeout. If no response is received to a DNS query # within this time then all DNS servers for the queried domain # is assumed to be unavailable. # #Default: # dns_timeout 5 minutes # TAG: dns_defnames on|off # Note: This option is only available if Squid is rebuilt with the # --disable-internal-dns option # # Normally the 'dnsserver' disables the RES_DEFNAMES resolver # option (see res_init(3)). This prevents caches in a hierarchy # from interpreting single-component hostnames locally. To allow # dnsserver to handle single-component names, enable this # option. # #Default: # dns_defnames off # TAG: dns_nameservers # Use this if you want to specify a list of DNS name servers # (IP addresses) to use instead of those given in your # /etc/resolv.conf file. # # Example: dns_nameservers 10.0.0.1 192.172.0.4 # #Default: # none # TAG: diskd_program # Specify the location of the diskd executable. # Note that this is only useful if you have compiled in # diskd as one of the store io modules. # #Default: # diskd_program /usr/local/libexec/diskd # TAG: unlinkd_program # Specify the location of the executable for file deletion process. # #Default: # unlinkd_program /usr/local/libexec/unlinkd # TAG: pinger_program # Note: This option is only available if Squid is rebuilt with the # --enable-icmp option # # Specify the location of the executable for the pinger process. # This is only useful if you configured Squid (during compilation) # with the '--enable-icmp' option. # #Default: # pinger_program /usr/local/libexec/ # TAG: redirect_program # Specify the location of the executable for the URL redirector. # Since they can perform almost any function there isn't one included. # See the Release-Notes for information on how to write one. # By default, a redirector is not used. # #Default: # none # TAG: redirect_children # The number of redirector processes to spawn. If you start # too few Squid will have to wait for them to process a backlog of # URLs, slowing it down. If you start too many they will use RAM # and other system resources. # #Default: # redirect_children 5 # TAG: redirect_rewrites_host_header # By default Squid rewrites any Host: header in redirected # requests. If you are running a accelerator then this may # not be a wanted effect of a redirector. # #Default: # redirect_rewrites_host_header on # TAG: redirector_access # If defined, this access list specifies which requests are # sent to the redirector processes. By default all requests # are sent. # #Default: # none # TAG: authenticate_program # Specify the command for the external authenticator. Such a # program reads a line containing "username password" and replies # "OK" or "ERR" in an endless loop. If you use an authenticator, # make sure you have 1 acl of type proxy_auth. By default, the # authenticator_program is not used. # # If you want to use the traditional proxy authentication, # jump over to the ../auth_modules/NCSA directory and # type: # % make # % make install # # Then, set this line to something like # # authenticate_program /usr/local/bin/ncsa_auth /usr/local/etc/passwd # #Default: # none # TAG: authenticate_children # The number of authenticator processes to spawn (default 5). If you # start too few Squid will have to wait for them to process a backlog # of usercode/password verifications, slowing it down. When password # verifications are done via a (slow) network you are likely to need # lots of authenticator processes. # #Default: # authenticate_children 5 # TAG: authenticate_ttl # The time a checked username/password combination remains cached. # If a wrong password is given for a cached user, the user gets # removed from the username/password cache forcing a revalidation. # #Default: # authenticate_ttl 1 hour # TAG: authenticate_ip_ttl # With this option you control how long a proxy authentication # will be bound to a specific IP address. If a request using # the same user name is received during this time then access # will be denied and both users are required to reauthenticate # them selves. The idea behind this is to make it annoying # for people to share their password to their friends, but # yet allow a dialup user to reconnect on a different dialup # port. # # The default is 0 to disable the check. Recommended value # if you have dialup users are no more than 60 seconds to allow # the user to redial without hassle. If all your users are # stationary then higher values may be used. # # See also authenticate_ip_ttl_is_strict # #Default: # authenticate_ip_ttl 0 seconds # TAG: authenticate_ip_ttl_is_strict # This option makes authenticate_ip_ttl a bit stricted. With this # enabled authenticate_ip_ttl will deny all access from other IP # addresses until the TTL has expired, and the IP address "owning" # the userid will not be forced to reauthenticate. # #Default: # authenticate_ip_ttl_is_strict on # OPTIONS FOR TUNING THE CACHE # -------------------------------------------------------------------------- --- # TAG: wais_relay_host # TAG: wais_relay_port # Relay WAIS request to host (1st arg) at port (2 arg). # #Default: # wais_relay_port 0 # TAG: request_header_max_size (KB) # This specifies the maximum size for HTTP headers in a request. # Request headers are usually relatively small (about 512 bytes). # Placing a limit on the request header size will catch certain # bugs (for example with persistent connections) and possibly # buffer-overflow or denial-of-service attacks. # #Default: # request_header_max_size 10 KB # TAG: request_body_max_size (KB) # This specifies the maximum size for an HTTP request body. # In other words, the maximum size of a PUT/POST request. # A user who attempts to send a request with a body larger # than this limit receives an "Invalid Request" error message. # If you set this parameter to a zero, there will be no limit # imposed. # #Default: # request_body_max_size 1 MB # TAG: reply_body_max_size (KB) # This option specifies the maximum size of a reply body. It # can be used to prevent users from downloading very large files, # such as MP3's and movies. The reply size is checked twice. # First when we get the reply headers, we check the # content-length value. If the content length value exists and # is larger than this parameter, the request is denied and the # user receives an error message that says "the request or reply # is too large." If there is no content-length, and the reply # size exceeds this limit, the client's connection is just closed # and they will receive a partial reply. # # NOTE: downstream caches probably can not detect a partial reply # if there is no content-length header, so they will cache # partial responses and give them out as hits. You should NOT # use this option if you have downstream caches. # # If you set this parameter to zero (the default), there will be # no limit imposed. # #Default: # reply_body_max_size 0 # TAG: refresh_pattern # usage: refresh_pattern [-i] regex min percent max [options] # # By default, regular expressions are CASE-SENSITIVE. To make # them case-insensitive, use the -i option. # # 'Min' is the time (in minutes) an object without an explicit # expiry time should be considered fresh. The recommended # value is 0, any higher values may cause dynamic applications # to be erroneously cached unless the application designer # has taken the appropriate actions. # # 'Percent' is a percentage of the objects age (time since last # modification age) an object without explicit expiry time # will be considered fresh. # # 'Max' is an upper limit on how long objects without an explicit # expiry time will be considered fresh. # # options: overrsde-expire # override-lastmod # reload-into-ims # ignore-reload # # override-expire enforces min age even if the server # sent a Expires: header. Doing this VIOLATES the HTTP # standard. Enabling this feature could make you liable # for problems which it causes. # # override-lastmod enforces min age even on objects # that was modified recently. # # reload-into-ims changes client no-cache or ``reload'' # to If-Modified-Since requests. Doing this VIOLATES the # HTTP standard. Enabling this feature could make you # liable for problems which it causes. # # ignore-reload ignores a client no-cache or ``reload'' # header. Doing this VIOLATES the HTTP standard. Enabling # this feature could make you liable for problems which # it causes. # # Please see the file doc/Release-Notes-1.1.txt for a full # description of Squid's refresh algorithm. Basically a # cached object is: (the order is changed from 1.1.X) # # FRESH if expires < now, else STALE # STALE if age > max # FRESH if lm-factor < percent, else STALE # FRESH if age < min # else STALE # # The refresh_pattern lines are checked in the order listed here. # The first entry which matches is used. If none of the entries # match, then the default will be used. # # Note, you must uncomment all the default lines if you want # to change one. The default setting is only active if none is # used. # #Default: # refresh_pattern ^ftp: 1440 20% 10080 # refresh_pattern ^gopher: 1440 0% 1440 # refresh_pattern . 0 20% 4320 # TAG: reference_age # As a part of normal operation, Squid performs Least Recently # Used removal of cached objects. The LRU age for removal is # computed dynamically, based on the amount of disk space in # use. The dynamic value can be seen in the Cache Manager 'info' # output. # # The 'reference_age' parameter defines the maximum LRU age. For # example, setting reference_age to '1 week' will cause objects # to be removed if they have not been accessed for a week or # more. The default value is one year. # # Specify a number here, followed by units of time. For example: # 1 week # 3.5 days # 4 months # 2.2 hours # # NOTE: this parameter is not used when using the enhanced # replacement policies, GDSH or LFUDA. # #Default: # reference_age 1 year # TAG: quick_abort_min (KB) # TAG: quick_abort_max (KB) # TAG: quick_abort_pct (percent) # The cache can be configured to continue downloading aborted # requests. This may be undesirable on slow (e.g. SLIP) links # and/or very busy caches. Impatient users may tie up file # descriptors and bandwidth by repeatedly requesting and # immediately aborting downloads. # # When the user aborts a request, Squid will check the # quick_abort values to the amount of data transfered until # then. # # If the transfer has less than 'quick_abort_min' KB remaining, # it will finish the retrieval. Setting 'quick_abort_min' to -1 # will disable the quick_abort feature. # # If the transfer has more than 'quick_abort_max' KB remaining, # it will abort the retrieval. # # If more than 'quick_abort_pct' of the transfer has completed, # it will finish the retrieval. # #Default: # quick_abort_min 16 KB # quick_abort_max 16 KB # quick_abort_pct 95 # TAG: negative_ttl time-units # Time-to-Live (TTL) for failed requests. Certain types of # failures (such as "connection refused" and "404 Not Found") are # negatively-cached for a configurable amount of time. The # default is 5 minutes. Note that this is different from # negative caching of DNS lookups. # #Default: # negative_ttl 5 minutes # TAG: positive_dns_ttl time-units # Time-to-Live (TTL) for positive caching of successful DNS lookups. # Default is 6 hours (360 minutes). If you want to minimize the # use of Squid's ipcache, set this to 1, not 0. # #Default: # positive_dns_ttl 6 hours # TAG: negative_dns_ttl time-units # Time-to-Live (TTL) for negative caching of failed DNS lookups. # #Default: # negative_dns_ttl 5 minutes # TAG: range_offset_limit (bytes) # Sets a upper limit on how far into the the file a Range request # may be to cause Squid to prefetch the whole file. If beyond this # limit then Squid forwards the Range request as it is and the result # is NOT cached. # # This is to stop a far ahead range request (lets say start at 17MB) # from making Squid fetch the whole object up to that point before # sending anything to the client. # # A value of -1 causes Squid to always fetch the object from the # beginning so that it may cache the result. (2.0 style) # # A value of 0 causes Squid to never fetch more than the # client requested. (default) # #Default: # range_offset_limit 0 KB # TIMEOUTS # -------------------------------------------------------------------------- --- # TAG: connect_timeout time-units # Some systems (notably Linux) can not be relied upon to properly # time out connect(2) requests. Therefore the Squid process # enforces its own timeout on server connections. This parameter # specifies how long to wait for the connect to complete. The # default is two minutes (120 seconds). # #Default: # connect_timeout 2 minutes # TAG: peer_connect_timeout time-units # This parameter specifies how long to wait for a pending TCP # connection to a peer cache. The default is 30 seconds. You # may also set different timeout values for individual neighbors # with the 'connect-timeout' option on a 'cache_peer' line. # #Default: # peer_connect_timeout 30 seconds # TAG: siteselect_timeout time-units # For URN to multiple URL's URL selection # #Default: # siteselect_timeout 4 seconds # TAG: read_timeout time-units # The read_timeout is applied on server-side connections. After # each successful read(), the timeout will be extended by this # amount. If no data is read again after this amount of time, # the request is aborted and logged with ERR_READ_TIMEOUT. The # default is 15 minutes. # #Default: # read_timeout 15 minutes # TAG: request_timeout # How long to wait for an HTTP request after connection # establishment. For persistent connections, wait this long # after the previous request completes. # #Default: # request_timeout 30 seconds # TAG: client_lifetime time-units # The maximum amount of time that a client (browser) is allowed to # remain connected to the cache process. This protects the Cache # from having a lot of sockets (and hence file descriptors) tied up # in a CLOSE_WAIT state from remote clients that go away without # properly shutting down (either because of a network failure or # because of a poor client implementation). The default is one # day, 1440 minutes. # # NOTE: The default value is intended to be much larger than any # client would ever need to be connected to your cache. You # should probably change client_lifetime only as a last resort. # If you seem to have many client connections tying up # filedescriptors, we recommend first tuning the read_timeout, # request_timeout, pconn_timeout and quick_abort values. # #Default: # client_lifetime 1 day # TAG: half_closed_clients # Some clients may shutdown the sending side of their TCP # connections, while leaving their receiving sides open. Sometimes, # Squid can not tell the difference between a half-closed and a # fully-closed TCP connection. By default, half-closed client # connections are kept open until a read(2) or write(2) on the # socket returns an error. Change this option to 'off' and Squid # will immediately close client connections when read(2) returns # "no more data to read." # #Default: half_closed_clients off # TAG: pconn_timeout # Timeout for idle persistent connections to servers and other # proxies. # #Default: # pconn_timeout 120 seconds # TAG: ident_timeout # Maximum time to wait for IDENT requests. If this is too high, # and you enabled 'ident_lookup', then you might be susceptible # to denial-of-service by having many ident requests going at # once. # # Only src type ACL checks are fully supported. A src_domain # ACL might work at times, but it will not always provide # the correct result. # # This option may be disabled by using --disable-ident with # the configure script. # #Default: # ident_timeout 10 seconds # TAG: shutdown_lifetime time-units # When SIGTERM or SIGHUP is received, the cache is put into # "shutdown pending" mode until all active sockets are closed. # This value is the lifetime to set for all open descriptors # during shutdown mode. Any active clients after this many # seconds will receive a 'timeout' message. # #Default: # shutdown_lifetime 30 seconds # ACCESS CONTROLS # -------------------------------------------------------------------------- --- # TAG: acl # Defining an Access List # # acl aclname acltype string1 ... # acl aclname acltype "file" ... # # when using "file", the file should contain one item per line # # acltype is one of src dst srcdomain dstdomain url_pattern # urlpath_pattern time port proto method browser user # # By default, regular expressions are CASE-SENSITIVE. To make # them case-insensitive, use the -i option. # # acl aclname src ip-address/netmask ... (clients IP address) # acl aclname src addr1-addr2/netmask ... (range of addresses) # acl aclname dst ip-address/netmask ... (URL host's IP address) # acl aclname myip ip-address/netmask ... (local socket IP address) # # acl aclname srcdomain .foo.com ... # reverse lookup, client IP # acl aclname dstdomain .foo.com ... # Destination server from URL # acl aclname srcdom_regex [-i] xxx ... # regex matching client name # acl aclname dstdom_regex [-i] xxx ... # regex matching server # # For dstdomain and dstdom_regex a reverse lookup is tried if a IP # # based URL is used. The name "none" is used if the reverse lookup # # fails. # # acl aclname time [day-abbrevs] [h1:m1-h2:m2] # day-abbrevs: # S - Sunday # M - Monday # T - Tuesday # W - Wednesday # H - Thursday # F - Friday # A - Saturday # h1:m1 must be less than h2:m2 # acl aclname url_regex [-i] ^http:// ... # regex matching on whole URL # acl aclname urlpath_regex [-i] \.gif$ ... # regex matching on URL path # acl aclname port 80 70 21 ... # acl aclname port 0-1024 ... # ranges allowed # acl aclname myport 3128 ... # (local socket TCP port) # acl aclname proto HTTP FTP ... # acl aclname method GET POST ... # acl aclname browser [-i] regexp # # pattern match on User-Agent header # acl aclname ident username ... # acl aclname ident_regex [-i] pattern ... # # string match on ident output. # # use REQUIRED to accept any non-null ident. # acl aclname src_as number ... # acl aclname dst_as number ... # # Except for access control, AS numbers can be used for # # routing of requests to specific caches. Here's an # # example for routing all requests for AS#1241 and only # # those to mycache.mydomain.net: # # acl asexample dst_as 1241 # # cache_peer_access mycache.mydomain.net allow asexample # # cache_peer_access mycache_mydomain.net deny all # # acl aclname proxy_auth username ... # acl aclname proxy_auth_regex [-i] pattern ... # # list of valid usernames # # use REQUIRED to accept any valid username. # # # # NOTE: when a Proxy-Authentication header is sent but it is not # # needed during ACL checking the username is NOT logged # # in access.log. # # # # NOTE: proxy_auth requires a EXTERNAL authentication program # # to check username/password combinations (see # # authenticate_program). # # # # WARNING: proxy_auth can't be used in a transparent proxy. It # # collides with any authentication done by origin servers. It may # # seem like it works at first, but it doesn't. # # acl aclname snmp_community string ... # # A community string to limit access to your SNMP Agent # # Example: # # # # acl snmppublic snmp_community public # # acl aclname maxconn number # # This will be matched when the client's IP address has # # more than <number> HTTP connections established. # # acl req_mime_type mime-type1 ... # # regex match agains the mime type of the request generated # # by the client. Can be used to detect file upload or some # # types HTTP tunelling requests. # # NOTE: This does NOT match the reply. You cannot use this # # to match the returned file type. # #Examples: #acl myexample dst_as 1241 #acl password proxy_auth REQUIRED #acl fileupload req_mime_type -i ^multipart/form-data$ # #Recommended minimum configuration: acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT # TAG: http_access # Allowing or Denying access based on defined access lists # # Access to the HTTP port: # http_access allow|deny [!]aclname ... # # NOTE on default values: # # If there are no "access" lines present, the default is to deny # the request. # # If none of the "access" lines cause a match, the default is the # opposite of the last line in the list. If the last line was # deny, then the default is allow. Conversely, if the last line # is allow, the default will be deny. For these reasons, it is a # good idea to have an "deny all" or "allow all" entry at the end # of your access lists to avoid potential confusion. # #Default: # http_access deny all # #Recommended minimum configuration: # # Only allow cachemgr access from localhost http_access allow manager localhost http_access deny manager # Deny requests to unknown ports http_access deny !Safe_ports # Deny CONNECT to other than SSL ports http_access deny CONNECT !SSL_ports # # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS # # And finally deny all other access to this proxy http_access allow all # TAG: icp_access # Allowing or Denying access to the ICP port based on defined # access lists # # icp_access allow|deny [!]aclname ... # # See http_access for details # #Default: # icp_access deny all # #Allow ICP queries from eveyone icp_access allow all # TAG: miss_access # Use to force your neighbors to use you as a sibling instead of # a parent. For example: # # acl localclients src 172.16.0.0/16 # miss_access allow localclients # miss_access deny !localclients # # This means that only your local clients are allowed to fetch # MISSES and all other clients can only fetch HITS. # # By default, allow all clients who passed the http_access rules # to fetch MISSES from us. # #Default setting: # miss_access allow all # TAG: cache_peer_access # Similar to 'cache_peer_domain' but provides more flexibility by # using ACL elements. # # cache_peer_access cache-host allow|deny [!]aclname ... # # The syntax is identical to 'http_access' and the other lists of # ACL elements. See the comments for 'http_access' below, or # the Squid FAQ (http://www.squid-cache.org/FAQ/FAQ-10.html). # #Default: # none # TAG: proxy_auth_realm # Specifies the realm name which is to be reported to the client for # proxy authentication (part of the text the user will see when # prompted their username and password). # #Default: # proxy_auth_realm Squid proxy-caching web server # TAG: ident_lookup_access # A list of ACL elements which, if matched, cause an ident # (RFC 931) lookup to be performed for this request. For # example, you might choose to always perform ident lookups # for your main multi-user Unix boxes, but not for your Macs # and PCs. By default, ident lookups are not performed for # any requests. # # To enable ident lookups for specific client addresses, you # can follow this example: # # acl ident_aware_hosts src 198.168.1.0/255.255.255.0 # ident_lookup_access allow ident_aware_hosts # ident_lookup_access deny all # # This option may be disabled by using --disable-ident with # the configure script. # #Default: # ident_lookup_access deny all # ADMINISTRATIVE PARAMETERS # -------------------------------------------------------------------------- --- # TAG: cache_mgr # Email-address of local cache manager who will receive # mail if the cache dies. The default is "webmaster." # #Default: # cache_mgr webmaster # TAG: cache_effective_user # TAG: cache_effective_group # # If the cache is run as root, it will change its effective/real # UID/GID to the UID/GID specified below. The default is to # change to UID to nobody and GID to nogroup. # # If Squid is not started as root, the default is to keep the # current UID/GID. Note that if Squid is not started as root then # you cannot set http_port to a value lower than 1024. # #Default: cache_effective_user nobody cache_effective_group nogroup # TAG: visible_hostname # If you want to present a special hostname in error messages, etc, # then define this. Otherwise, the return value of gethostname() # will be used. If you have multiple caches in a cluster and # get errors about IP-forwarding you must set them to have individual # names with this setting. # #Default: # none # TAG: unique_hostname # If you want to have multiple machines with the same # 'visible_hostname' then you must give each machine a different # 'unique_hostname' so that forwarding loops can be detected. # #Default: # none # TAG: hostname_aliases # A list of other DNS names that your cache has. # #Default: # none # OPTIONS FOR THE CACHE REGISTRATION SERVICE # -------------------------------------------------------------------------- --- # # This section contains parameters for the (optional) cache # announcement service. This service is provided to help # cache administrators locate one another in order to join or # create cache hierarchies. # # An 'announcement' message is sent (via UDP) to the registration # service by Squid. By default, the announcement message is NOT # SENT unless you enable it with 'announce_period' below. # # The announcement message includes your hostname, plus the # following information from this configuration file: # # http_port # icp_port # cache_mgr # # All current information is processed regularly and made # available on the Web at http://www.ircache.net/Cache/Tracker/. # TAG: announce_period # This is how frequently to send cache announcements. The # default is `0' which disables sending the announcement # messages. # # To enable announcing your cache, just uncomment the line # below. # #Default: # announce_period 0 # #To enable announcing your cache, just uncomment the line below. #announce_period 1 day # TAG: announce_host # TAG: announce_file # TAG: announce_port # announce_host and announce_port set the hostname and port # number where the registration message will be sent. # # Hostname will default to 'tracker.ircache.net' and port will # default default to 3131. If the 'filename' argument is given, # the contents of that file will be included in the announce # message. # #Default: # announce_host tracker.ircache.net # announce_port 3131 # HTTPD-ACCELERATOR OPTIONS # -------------------------------------------------------------------------- --- # TAG: httpd_accel_host # TAG: httpd_accel_port # If you want to run Squid as an httpd accelerator, define the # host name and port number where the real HTTP server is. # # If you want virtual host support then specify the hostname # as "virtual". # # If you want virtual port support then specify the port as "0". # # NOTE: enabling httpd_accel_host disables proxy-caching and # ICP. If you want these features enabled also, then set # the 'httpd_accel_with_proxy' option. # #Default: httpd_accel_host virtual httpd_accel_port 80 # TAG: httpd_accel_single_host on|off # If you are running Squid as a accelerator and have a single backend # server then set this to on. This causes Squid to forward the request # to this server irregardles of what any redirectors or Host headers # says. # # Leave this at off if you have multiple backend servers, and use a # redirector (or host table or private DNS) to map the requests to the # appropriate backend servers. Note that the mapping needs to be a # 1-1 mapping between requested and backend (from redirector) domain # names or caching will fail, as cacing is performed using the # URL returned from the redirector. # # See also redirect_rewrites_host_header. # #Default: httpd_accel_single_host off # TAG: httpd_accel_with_proxy on|off # If you want to use Squid as both a local httpd accelerator # and as a proxy, change this to 'on'. Note however that your # proxy users may have trouble to reach the accelerated domains # unless their browsers are configured not to use this proxy for # those domains (for example via the no_proxy browser configuration # setting) # #Default: httpd_accel_with_proxy on # TAG: httpd_accel_uses_host_header on|off # HTTP/1.1 requests include a Host: header which is basically the # hostname from the URL. Squid can be an accelerator for # different HTTP servers by looking at this header. However, # Squid does NOT check the value of the Host header, so it opens # a big security hole. We recommend that this option remain # disabled unless you are sure of what you are doing. # # However, you will need to enable this option if you run Squid # as a transparent proxy. Otherwise, virtual servers which # require the Host: header will not be properly cached. # #Default: httpd_accel_uses_host_header on # MISCELLANEOUS # -------------------------------------------------------------------------- --- # TAG: dns_testnames # The DNS tests exit as soon as the first site is successfully looked up # # This test can be disabled with the -D command line option. # #Default: # dns_testnames netscape.com internic.net nlanr.net microsoft.com # TAG: logfile_rotate # Specifies the number of logfile rotations to make when you # type 'squid -k rotate'. The default is 10, which will rotate # with extensions 0 through 9. Setting logfile_rotate to 0 will # disable the rotation, but the logfiles are still closed and # re-opened. This will enable you to rename the logfiles # yourself just before sending the rotate signal. # # Note, the 'squid -k rotate' command normally sends a USR1 # signal to the running squid process. In certain situations # (e.g. on Linux with Async I/O), USR1 is used for other # purposes, so -k rotate uses another signal. It is best to get # in the habit of using 'squid -k rotate' instead of 'kill -USR1 # <pid>'. # #Default: # logfile_rotate 10 # TAG: append_domain # Appends local domain name to hostnames without any dots in # them. append_domain must begin with a period. # #Example: # append_domain .yourdomain.com # #Default: # none # TAG: tcp_recv_bufsize (bytes) # Size of receive buffer to set for TCP sockets. Probably just # as easy to change your kernel's default. Set to zero to use # the default buffer size. # #Default: # tcp_recv_bufsize 0 bytes # TAG: err_html_text # HTML text to include in error messages. Make this a "mailto" # URL to your admin address, or maybe just a link to your # organizations Web page. # # To include this in your error messages, you must rewrite # the error template files (found in the "errors" directory). # Wherever you want the 'err_html_text' line to appear, # insert a %L tag in the error template file. # #Default: # none # TAG: deny_info # Usage: deny_info err_page_name acl # Example: deny_info ERR_CUSTOM_ACCESS_DENIED bad_guys # # This can be used to return a ERR_ page for requests which # do not pass the 'http_access' rules. A single ACL will cause # the http_access check to fail. If a 'deny_info' line exists # for that ACL then Squid returns a corresponding error page. # # You may use ERR_ pages that come with Squid or create your own pages # and put them into the configured errors/ directory. # #Default: # none # TAG: memory_pools on|off # If set, Squid will keep pools of allocated (but unused) memory # available for future use. If memory is a premium on your # system and you believe your malloc library outperforms Squid # routines, disable this. # #Default: memory_pools off # TAG: memory_pools_limit (bytes) # Used only with memory_pools on: # memory_pools_limit 50 MB # # If set to a non-zero value, Squid will keep at most the specified # limit of allocated (but unused) memory in memory pools. All free() # requests that exceed this limit will be handled by your malloc # library. Squid does not pre-allocate any memory, just safe-keeps # objects that otherwise would be free()d. Thus, it is safe to set # memory_pools_limit to a reasonably high value even if your # configuration will use less memory. # # If not set (default) or set to zero, Squid will keep all memory it # can. That is, there will be no limit on the total amount of memory # used for safe-keeping. # # To disable memory allocation optimization, do not set # memory_pools_limit to 0. Set memory_pools to "off" instead. # # An overhead for maintaining memory pools is not taken into account # when the limit is checked. This overhead is close to four bytes per # object kept. However, pools may actually _save_ memory because of # reduced memory thrashing in your malloc library. # #Default: # none # TAG: forwarded_for on|off # If set, Squid will include your system's IP address or name # in the HTTP requests it forwards. By default it looks like # this: # # X-Forwarded-For: 192.1.2.3 # # If you disable this, it will appear as # # X-Forwarded-For: unknown # #Default: # forwarded_for on # TAG: log_icp_queries on|off # If set, ICP queries are logged to access.log. You may wish # do disable this if your ICP load is VERY high to speed things # up or to simplify log analysis. # #Default: # log_icp_queries on # TAG: icp_hit_stale on|off # If you want to return ICP_HIT for stale cache objects, set this # option to 'on'. If you have sibling relationships with caches # in other administrative domains, this should be 'off'. If you only # have sibling relationships with caches under your control, then # it is probably okay to set this to 'on'. # #Default: # icp_hit_stale off # TAG: minimum_direct_hops # If using the ICMP pinging stuff, do direct fetches for sites # which are no more than this many hops away. # #Default: # minimum_direct_hops 4 # TAG: minimum_direct_rtt # If using the ICMP pinging stuff, do direct fetches for sites # which are no more than this many rtt milliseconds away. # #Default: # minimum_direct_rtt 400 # TAG: cachemgr_passwd # Specify passwords for cachemgr operations. # # Usage: cachemgr_passwd password action action ... # # Some valid actions are (see cache manager menu for a full list): # 5min # 60min # asndb # authenticator # cbdata # client_list # comm_incoming # config * # counters # delay # digest_stats # dns # events # filedescriptors # fqdncache # histograms # http_headers # info # io # ipcache # mem # menu # netdb # non_peers # objects # pconn # peer_select # redirector # refresh # server_list # shutdown * # store_digest # storedir # utilization # via_headers # vm_objects # # * Indicates actions which will not be performed without a # valid password, others can be performed if not listed here. # # To disable an action, set the password to "disable". # To allow performing an action without a password, set the # password to "none". # # Use the keyword "all" to set the same password for all actions. # #Example: # cachemgr_passwd secret shutdown # cachemgr_passwd lesssssssecret info stats/objects # cachemgr_passwd disable all # #Default: # none # TAG: store_avg_object_size (kbytes) # Average object size, used to estimate number of objects your # cache can hold. See doc/Release-Notes-1.1.txt. The default is # 13 KB. # #Default: # store_avg_object_size 13 KB # TAG: store_objects_per_bucket # Target number of objects per bucket in the store hash table. # Lowering this value increases the total number of buckets and # also the storage maintenance rate. The default is 50. # #Default: # store_objects_per_bucket 20 # TAG: client_db on|off # If you want to disable collecting per-client statistics, then # turn off client_db here. # #Default: # client_db on # TAG: netdb_low # TAG: netdb_high # The low and high water marks for the ICMP measurement # database. These are counts, not percents. The defaults are # 900 and 1000. When the high water mark is reached, database # entries will be deleted until the low mark is reached. # #Default: # netdb_low 900 # netdb_high 1000 # TAG: netdb_ping_period # The minimum period for measuring a site. There will be at # least this much delay between successive pings to the same # network. The default is five minutes. # #Default: # netdb_ping_period 5 minutes # TAG: query_icmp on|off # If you want to ask your peers to include ICMP data in their ICP # replies, enable this option. # # If your peer has configured Squid (during compilation) with # '--enable-icmp' then that peer will send ICMP pings to origin server # sites of the URLs it receives. If you enable this option then the # ICP replies from that peer will include the ICMP data (if available). # Then, when choosing a parent cache, Squid will choose the parent with # the minimal RTT to the origin server. When this happens, the # hierarchy field of the access.log will be # "CLOSEST_PARENT_MISS". This option is off by default. # #Default: # query_icmp off # TAG: test_reachability on|off # When this is 'on', ICP MISS replies will be ICP_MISS_NOFETCH # instead of ICP_MISS if the target host is NOT in the ICMP # database, or has a zero RTT. # #Default: # test_reachability off # TAG: buffered_logs on|off # Some log files (cache.log, useragent.log) are written with # stdio functions, and as such they can be buffered or # unbuffered. By default they will be unbuffered. Buffering them # can speed up the writing slightly (though you are unlikely to # need to worry). # #Default: # buffered_logs off # TAG: reload_into_ims on|off # When you enable this option, client no-cache or ``reload'' # requests will be changed to If-Modified-Since requests. # Doing this VIOLATES the HTTP standard. Enabling this # feature could make you liable for problems which it # causes. # # see also refresh_pattern for a more selective approach. # # This option may be disabled by using --disable-http-violations # with the configure script. # #Default: # reload_into_ims off # TAG: always_direct # Usage: always_direct allow|deny [!]aclname ... # # Here you can use ACL elements to specify requests which should # ALWAYS be forwarded directly to origin servers. For example, # to always directly forward requests for local servers use # something like: # # acl local-servers dstdomain my.domain.net # always_direct allow local-servers # # To always forward FTP requests directly, use # # acl FTP proto FTP # always_direct allow FTP # # NOTE: There is a similar, but opposite option named # 'never_direct'. You need to be aware that "always_direct deny # foo" is NOT the same thing as "never_direct allow foo". You # may need to use a deny rule to exclude a more-specific case of # some other rule. Example: # # acl local-external dstdomain external.foo.net # acl local-servers dstdomain foo.net # always_direct deny local-external # always_direct allow local-servers # # This option replaces some v1.1 options such as local_domain # and local_ip. # #Default: # none # TAG: never_direct # Usage: never_direct allow|deny [!]aclname ... # # never_direct is the opposite of always_direct. Please read # the description for always_direct if you have not already. # # With 'never_direct' you can use ACL elements to specify # requests which should NEVER be forwarded directly to origin # servers. For example, to force the use of a proxy for all # requests, except those in your local domain use something like: # # acl local-servers dstdomain foo.net # acl all src 0.0.0.0/0.0.0.0 # never_direct deny local-servers # never_direct allow all # # or if squid is inside a firewall and there is local intranet # servers inside the firewall then use something like: # # acl local-intranet dstdomain foo.net # acl local-external dstdomain external.foo.net # always_direct deny local-external # always_direct allow local-intranet # never_direct allow all # # This option replaces some v1.1 options such as inside_firewall # and firewall_ip. # #Default: # none # TAG: anonymize_headers # Usage: anonymize_headers allow|deny header_name ... # # This option replaces the old 'http_anonymizer' option with # something that is much more configurable. You may now # specify exactly which headers are to be allowed, or which # are to be removed from outgoing requests. # # There are two methods of using this option. You may either # allow specific headers (thus denying all others), or you # may deny specific headers (thus allowing all others). # # For example, to achieve the same behavior as the old # 'http_anonymizer standard' option, you should use: # # anonymize_headers deny From Referer Server # anonymize_headers deny User-Agent WWW-Authenticate Link # # Or, to reproduce the old 'http_anonymizer paranoid' feature # you should use: # # anonymize_headers allow Allow Authorization Cache-Control # anonymize_headers allow Content-Encoding Content-Length # anonymize_headers allow Content-Type Date Expires Host # anonymize_headers allow If-Modified-Since Last-Modified # anonymize_headers allow Location Pragma Accept # anonymize_headers allow Accept-Encoding Accept-Language # anonymize_headers allow Content-Language Mime-Version # anonymize_headers allow Retry-After Title Connection # anonymize_headers allow Proxy-Connection # # NOTE: You can not mix "allow" and "deny". All 'anonymize_headers' # lines must have the same second argument. # # By default, all headers are allowed (no anonymizing is # performed). # #Default: # none # TAG: fake_user_agent # If you filter the User-Agent header with 'anonymize_headers' it # may cause some Web servers to refuse your request. Use this to # fake one up. For example: # # fake_user_agent Nutscrape/1.0 (CP/M; 8-bit) # (credit to Paul Southworth pauls@etext.org for this one!) # #Default: # none # TAG: icon_directory # Where the icons are stored. These are normally kept in # /usr/local/etc/squid/icons # #Default: # icon_directory /usr/local/etc/squid/icons # TAG: error_directory # If you wish to create your own versions of the default # (English) error files, either to customize them to suit your # language or company copy the template English files to another # directory and point this tag at them. # #Default: # error_directory /usr/local/etc/squid/errors # TAG: minimum_retry_timeout (seconds) # This specifies the minimum connect timeout, for when the # connect timeout is reduced to compensate for the availability # of multiple IP addresses. # # When a connection to a host is initiated, and that host has # several IP addresses, the default connection timeout is reduced # by dividing it by the number of addresses. So, a site with 15 # addresses would then have a timeout of 8 seconds for each # address attempted. To avoid having the timeout reduced to the # point where even a working host would not have a chance to # respond, this setting is provided. The default, and the # minimum value, is five seconds, and the maximum value is sixty # seconds, or half of connect_timeout, whichever is greater and # less than connect_timeout. # #Default: # minimum_retry_timeout 5 seconds # TAG: maximum_single_addr_tries # This sets the maximum number of connection attempts for a # host that only has one address (for multiple-address hosts, # each address is tried once). # # The default value is three tries, the (not recommended) # maximum is 255 tries. A warning message will be generated # if it is set to a value greater than ten. # #Default: # maximum_single_addr_tries 3 # TAG: snmp_port # Note: This option is only available if Squid is rebuilt with the # --enable-snmp option # # Squid can now serve statistics and status information via SNMP. # By default it listens to port 3401 on the machine. If you don't # wish to use SNMP, set this to "0". # # NOTE: SNMP support requires use the --enable-snmp configure # command line option. # #Default: # snmp_port 3401 # TAG: snmp_access # Note: This option is only available if Squid is rebuilt with the # --enable-snmp option # # Allowing or denying access to the SNMP port. # # All access to the agent is denied by default. # usage: # # snmp_access allow|deny [!]aclname ... # #Example: # snmp_access allow snmppublic localhost # snmp_access deny all # #Default: # snmp_access deny all # TAG: snmp_incoming_address # Note: This option is only available if Squid is rebuilt with the # --enable-snmp option # # TAG: snmp_outgoing_address # Note: This option is only available if Squid is rebuilt with the # --enable-snmp option # # Just like 'udp_incoming_address' above, but for the SNMP port. # # snmp_incoming_address is used for the SNMP socket receiving # messages from SNMP agents. # snmp_outgoing_address is used for SNMP packets returned to SNMP # agents. # # The default snmp_incoming_address (0.0.0.0) is to listen on all # available network interfaces. # # If snmp_outgoing_address is set to 255.255.255.255 (the default) # then it will use the same socket as snmp_incoming_address. Only # change this if you want to have SNMP replies sent using another # address than where this Squid listens for SNMP queries. # # NOTE, snmp_incoming_address and snmp_outgoing_address can not have # the same value since they both use port 3401. # #Default: # snmp_incoming_address 0.0.0.0 # snmp_outgoing_address 255.255.255.255 # TAG: as_whois_server # WHOIS server to query for AS numbers. NOTE: AS numbers are # queried only when Squid starts up, not for every request. # #Default: # as_whois_server whois.ra.net # as_whois_server whois.ra.net # TAG: wccp_router # Use this option to define your WCCP ``home'' router for # Squid. Setting the 'wccp_router' to 0.0.0.0 (the default) # disables WCCP. # #Default: wccp_router ip.of.my.router # TAG: wccp_version # According to some users, Cisco IOS 11.2 only supports WCCP # version 3. If you're using that version of IOS, change # this value to 3. # #Default: wccp_version 4 # TAG: wccp_incoming_address # TAG: wccp_outgoing_address # wccp_incoming_address Use this option if you require WCCP # messages to be received on only one # interface. Do NOT use this option if # you're unsure how many interfaces you # have, or if you know you have only one # interface. # # wccp_outgoing_address Use this option if you require WCCP # messages to be sent out on only one # interface. Do NOT use this option if # you're unsure how many interfaces you # have, or if you know you have only one # interface. # # The default behavior is to not bind to any specific address. # # NOTE, wccp_incoming_address and wccp_outgoing_address can not have # the same value since they both use port 2048. # #Default: #wccp_incoming_address 213.181.52.37 #wccp_outgoing_address 213.181.52.38 # DELAY POOL PARAMETERS (all require DELAY_POOLS compilation option) # -------------------------------------------------------------------------- --- # TAG: delay_pools # Note: This option is only available if Squid is rebuilt with the # --enable-delay-pools option # # This represents the number of delay pools to be used. For example, # if you have one class 2 delay pool and one class 3 delays pool, you # have a total of 2 delay pools. # # To enable this option, you must use --enable-delay-pools with the # configure script. # #Default: # delay_pools 0 # TAG: delay_class # Note: This option is only available if Squid is rebuilt with the # --enable-delay-pools option # # This defines the class of each delay pool. There must be exactly one # delay_class line for each delay pool. For example, to define two # delay pools, one of class 2 and one of class 3, the settings above # and here would be: # #Example: # delay_pools 2 # 2 delay pools # delay_class 1 2 # pool 1 is a class 2 pool # delay_class 2 3 # pool 2 is a class 3 pool # # The delay pool classes are: # # class 1 Everything is limited by a single aggregate # bucket. # # class 2 Everything is limited by a single aggregate # bucket as well as an "individual" bucket chosen # from bits 25 through 32 of the IP address. # # class 3 Everything is limited by a single aggregate # bucket as well as a "network" bucket chosen # from bits 17 through 24 of the IP address and a # "individual" bucket chosen from bits 17 through # 32 of the IP address. # # NOTE: If an IP address is a.b.c.d # -> bits 25 through 32 are "d" # -> bits 17 through 24 are "c" # -> bits 17 through 32 are "c * 256 + d" # #Default: # none # TAG: delay_access # Note: This option is only available if Squid is rebuilt with the # --enable-delay-pools option # # This is used to determine which delay pool a request falls into. # The first matched delay pool is always used, i.e., if a request falls # into delay pool number one, no more delay are checked, otherwise the # rest are checked in order of their delay pool number until they have # all been checked. For example, if you want some_big_clients in delay # pool 1 and lotsa_little_clients in delay pool 2: # #Example: # delay_access 1 allow some_big_clients # delay_access 1 deny all # delay_access 2 allow lotsa_little_clients # delay_access 2 deny all # #Default: # none # TAG: delay_parameters # Note: This option is only available if Squid is rebuilt with the # --enable-delay-pools option # # This defines the parameters for a delay pool. Each delay pool has # a number of "buckets" associated with it, as explained in the # description of delay_class. For a class 1 delay pool, the syntax is: # #delay_parameters pool aggregate # # For a class 2 delay pool: # #delay_parameters pool aggregate individual # # For a class 3 delay pool: # #delay_parameters pool aggregate network individual # # The variables here are: # # pool a pool number - ie, a number between 1 and the # number specified in delay_pools as used in # delay_class lines. # # aggregate the "delay parameters" for the aggregate bucket # (class 1, 2, 3). # # individual the "delay parameters" for the individual # buckets (class 2, 3). # # network the "delay parameters" for the network buckets # (class 3). # # A pair of delay parameters is written restore/maximum, where restore is # the number of bytes (not bits - modem and network speeds are usually # quoted in bits) per second placed into the bucket, and maximum is the # maximum number of bytes which can be in the bucket at any time. # # For example, if delay pool number 1 is a class 2 delay pool as in the # above example, and is being used to strictly limit each host to 64kbps # (plus overheads), with no overall limit, the line is: # #delay_parameters 1 -1/-1 8000/8000 # # Note that the figure -1 is used to represent "unlimited". # # And, if delay pool number 2 is a class 3 delay pool as in the above # example, and you want to limit it to a total of 256kbps (strict limit) # with each 8-bit network permitted 64kbps (strict limit) and each # individual host permitted 4800bps with a bucket maximum size of 64kb # to permit a decent web page to be downloaded at a decent speed # (if the network is not being limited due to overuse) but slow down # large downloads more significantly: # #delay_parameters 2 32000/32000 8000/8000 600/64000 # # There must be one delay_parameters line for each delay pool. # #Default: # none # TAG: delay_initial_bucket_level (percent, 0-100) # Note: This option is only available if Squid is rebuilt with the # --enable-delay-pools option # # The initial bucket percentage is used to determine how much is put # in each bucket when squid starts, is reconfigured, or first notices # a host accessing it (in class 2 and class 3, individual hosts and # networks only have buckets associated with them once they have been # "seen" by squid). # #Default: # delay_initial_bucket_level 50 # TAG: incoming_icp_average # TAG: incoming_http_average # TAG: incoming_dns_average # TAG: min_icp_poll_cnt # TAG: min_dns_poll_cnt # TAG: min_http_poll_cnt # Heavy voodoo here. I can't even believe you are reading this. # Are you crazy? Don't even think about adjusting these unless # you understand the algorithms in comm_select.c first! # #Default: # incoming_icp_average 6 # incoming_http_average 4 # incoming_dns_average 4 # min_icp_poll_cnt 8 # min_dns_poll_cnt 8 # min_http_poll_cnt 8 # TAG: max_open_disk_fds # To avoid having disk as the I/O bottleneck Squid can optionally # bypass the on-disk cache if more than this amount of disk file # descriptors are open. # # A value of 0 indicates no limit. # #Default: # max_open_disk_fds 0 # TAG: offline_mode # Enable this option and Squid will never try to validate cached # objects. # #Default: # offline_mode off # TAG: uri_whitespace # What to do with requests that have whitespace characters in the # URI. Options: # # strip: The whitespace characters are stripped out of the URL. # This is the behavior recommended by RFC2616. # deny: The request is denied. The user receives an "Invalid # Request" message. # allow: The request is allowed and the URI is not changed. The # whitespace characters remain in the URI. Note the # whitespace is passed to redirector processes if they # are in use. # encode: The request is allowed and the whitespace characters are # encoded according to RFC1738. This could be considered # a violation of the HTTP/1.1 # RFC because proxies are not allowed to rewrite URI's. # chop: The request is allowed and the URI is chopped at the # first whitespace. This might also be considered a # violation. # #Default: # uri_whitespace strip # TAG: broken_posts # A list of ACL elements which, if matched, causes Squid to send # a extra CRLF pair after the body of a PUT/POST request. # # Some HTTP servers has broken implementations of PUT/POST, # and rely on a extra CRLF pair sent by some WWW clients. # # Quote from RFC 2068 section 4.1 on this matter: # # Note: certain buggy HTTP/1.0 client implementations generate an # extra CRLF's after a POST request. To restate what is explicitly # forbidden by the BNF, an HTTP/1.1 client must not preface or follow # a request with an extra CRLF. # #Example: # acl buggy_server url_regex ^http://.... # broken_posts allow buggy_server # #Default: # none # TAG: mcast_miss_addr # Note: This option is only available if Squid is rebuilt with the # -DMULTICAST_MISS_STREAM option # # If you enable this option, every "cache miss" URL will # be sent out on the specified multicast address. # # Do not enable this option unless you are are absolutely # certain you understand what you are doing. # #Default: # mcast_miss_addr 255.255.255.255 # TAG: mcast_miss_ttl # Note: This option is only available if Squid is rebuilt with the # -DMULTICAST_MISS_TTL option # # This is the time-to-live value for packets multicasted # when multicasting off cache miss URLs is enabled. By # default this is set to 'site scope', i.e. 16. # #Default: # mcast_miss_ttl 16 # TAG: mcast_miss_port # Note: This option is only available if Squid is rebuilt with the # -DMULTICAST_MISS_STREAM option # # This is the port number to be used in conjunction with # 'mcast_miss_addr'. # #Default: # mcast_miss_port 3135 # TAG: mcast_miss_encode_key # Note: This option is only available if Squid is rebuilt with the # -DMULTICAST_MISS_STREAM option # # The URLs that are sent in the multicast miss stream are # encrypted. This is the encryption key. # #Default: # mcast_miss_encode_key XXXXXXXXXXXXXXXX # TAG: nonhierarchical_direct # By default, Squid will send any non-hierarchical requests # (matching hierarchy_stoplist or not cachable request type) direct # to origin servers. # # If you set this to off, then Squid will prefer to send these # requests to parents. # # Note that in most configurations, by turning this off you will only # add latency to these request without any improvement in global hit # ratio. # # If you are inside an firewall then see never_direct instead of # this directive. # #Default: # nonhierarchical_direct on # TAG: prefer_direct # Normally Squid tries to use parents for most requests. If you by some # reason like it to first try going direct and only use a parent if # going direct fails then set this to off. # # By combining nonhierarchical_direct off and prefer_direct on you # can set up Squid to use a parent as a backup path if going direct # fails. # #Default: # prefer_direct off # TAG: strip_query_terms # By default, Squid strips query terms from requested URLs before # logging. This protects your user's privacy. # #Default: # strip_query_terms on # TAG: coredump_dir # By default Squid leaves core files in the first cache_dir # directory. If you set 'coredump_dir' to a directory # that exists, Squid will chdir() to that directory at startup # and coredump files will be left there. # #Default: # none # TAG: redirector_bypass # When this is 'on', a request will not go through the # redirector if all redirectors are busy. If this is 'off' # and the redirector queue grows too large, Squid will exit # with a FATAL error and ask you to increase the number of # redirectors. You should only enable this if the redirectors # are not critical to your caching system. If you use # redirectors for access control, and you enable this option, # then users may have access to pages that they should not # be allowed to request. # #Default: # redirector_bypass off # TAG: ignore_unknown_nameservers # By default Squid checks that DNS responses are received # from the same IP addresses that they are sent to. If they # don't match, Squid ignores the response and writes a warning # message to cache.log. You can allow responses from unknown # nameservers by setting this option to 'off'. # #Default: # ignore_unknown_nameservers on # TAG: digest_generation # Note: This option is only available if Squid is rebuilt with the # --enable-cache-digests option # # This controls whether the server will generate a Cache Digest # of its contents. By default, Cache Digest generation is # enabled if Squid is compiled with USE_CACHE_DIGESTS defined. # #Default: # digest_generation on # TAG: digest_bits_per_entry # Note: This option is only available if Squid is rebuilt with the # --enable-cache-digests option # # This is the number of bits of the server's Cache Digest which # will be associated with the Digest entry for a given HTTP # Method and URL (public key) combination. The default is 5. # #Default: # digest_bits_per_entry 5 # TAG: digest_rebuild_period (seconds) # Note: This option is only available if Squid is rebuilt with the # --enable-cache-digests option # # This is the number of seconds between Cache Digest rebuilds. # #Default: # digest_rebuild_period 1 hour # TAG: digest_rewrite_period (seconds) # Note: This option is only available if Squid is rebuilt with the # --enable-cache-digests option # # This is the number of seconds between Cache Digest writes to # disk. # #Default: # digest_rewrite_period 1 hour # TAG: digest_swapout_chunk_size (bytes) # Note: This option is only available if Squid is rebuilt with the # --enable-cache-digests option # # This is the number of bytes of the Cache Digest to write to # disk at a time. It defaults to 4096 bytes (4KB), the Squid # default swap page. # #Default: # digest_swapout_chunk_size 4096 bytes # TAG: digest_rebuild_chunk_percentage (percent, 0-100) # Note: This option is only available if Squid is rebuilt with the # --enable-cache-digests option # # This is the percentage of the Cache Digest to be scanned at a # time. By default it is set to 10% of the Cache Digest. # #Default: # digest_rebuild_chunk_percentage 10 # TAG: chroot # Use this to have Squid do a chroot() while initializing. This # also causes Squid to fully drop root privileges after # initializing. This means, for example, that if you use a HTTP # port less than 1024 and try to reconfigure, you will get an # error. # #Default: # none # TAG: client_persistent_connections # TAG: server_persistent_connections # Persistent connection support for clients and servers. By # default, Squid uses persistent connections (when allowed) # with its clients and servers. You can use these options to # disable persistent connections with clients and/or servers. # #Default: # client_persistent_connections on # server_persistent_connections on # TAG: pipeline_prefetch # To boost the performance of pipelined requests to closer # match that of a non-proxied environment Squid tries to fetch # up to two requests in parallell from a pipeline. # #Default: # pipeline_prefetch on # TAG: extension_methods # Squid only knows about standardized HTTP request methods. # You can add up to 20 additional "extension" methods here. # #Default: # none # TAG: high_response_time_warning (msec) # If the one-minute median response time exceeds this value, # Squid prints a WARNING with debug level 0 to get the # administrators attention. The value is in milliseconds. # #Default: # high_response_time_warning 0 # TAG: high_page_fault_warning # If the one-minute average page fault rate exceeds this # value, Squid prints a WARNING with debug level 0 to get # the administrators attention. The value is in page faults # per second. # #Default: # high_page_fault_warning 0 # TAG: high_memory_warning # If the memory usage (as determined by mallinfo) exceeds # value, Squid prints a WARNING with debug level 0 to get # the administrators attention. # #Default: # high_memory_warning 0 # TAG: store_dir_select_algorithm # Set this to 'round-robin' as an alternative. # #Default: # store_dir_select_algorithm least-load # TAG: forward_log # Note: This option is only available if Squid is rebuilt with the # -DWIP_FWD_LOG option # # Logs the server-side requests. # # This is currently work in progress. # #Default: # none # TAG: ie_refresh on|off # Microsoft Internet Explorer up until version 5.5 Service # Pack 1 has an issue with transparent proxies, wherein it # is impossible to force a refresh. Turning this on provides # a partial fix to the problem, by causing all IMS-REFRESH # requests from older IE versions to check the origin server # for fresh content. This reduces hit ratio by some amount # (~10% in my experience), but allows users to actually get # fresh content when they want it. Note that because Squid # cannot tell if the user is using 5.5 or 5.5SP1, the behavior # of 5.5 is unchanged from old versions of Squid (i.e. a # forced refresh is impossible). Newer versions of IE will, # hopefully, continue to have the new behavior and will be # handled based on that assumption. This option defaults to # the old Squid behavior, which is better for hit ratios but # worse for clients using IE, if they need to be able to # force fresh content. # #Default: # ie_refresh off --------------------------------------------------------------------------- cache# cat /usr/src/sys/i386/conf/CACHE # # GENERIC -- Generic kernel configuration file for FreeBSD/i386 # # For more information on this file, please read the handbook section on # Kernel Configuration Files: # # http://www.FreeBSD.org/handbook/kernelconfig-config.html # # The handbook is also available locally in /usr/share/doc/handbook # if you've installed the doc distribution, otherwise always see the # FreeBSD World Wide Web server (http://www.FreeBSD.org/) for the # latest information. # # An exhaustive list of options and more detailed explanations of the # device lines is also present in the ./LINT configuration file. If you are # in doubt as to the purpose or necessity of a line, check first in LINT. # # $FreeBSD: src/sys/i386/conf/GENERIC,v 1.246.2.38 2002/01/25 17:41:40 murray Ex p $ machine i386 #cpu I386_CPU #cpu I486_CPU cpu I586_CPU cpu I686_CPU ident CACHE maxusers 512 #options SMP # Symmetric MultiProcessor Kernel #options APIC_IO # Symmetric (APIC) I/O #options SMP_INVLTLB # TLB shootdowns (ONLY with APIC_IO) #options NCPU=2 # number of CPUs #options NBUS=4 # number of busses #options NAPIC=1 # number of IO APICs #options NINTR=24 # number of INTs #options SMP_PRIVPAGES # BROKEN, DO NOT use! #options SMP_AUTOSTART # BROKEN, DO NOT use! #options SERIAL_DEBUG # com port debug output #makeoptions DEBUG=-g #Build kernel with gdb(1) debug symbols options MATH_EMULATE #Support for x87 emulation options INET #InterNETworking options INET6 #IPv6 communications protocols options FFS #Berkeley Fast Filesystem options FFS_ROOT #FFS usable as root device [keep this!] options SOFTUPDATES #Enable FFS soft updates support options UFS_DIRHASH #Improve performance on big directories options MFS #Memory Filesystem options MD_ROOT #MD is a potential root device options NFS #Network Filesystem options NFS_ROOT #NFS usable as root device, NFS required options MSDOSFS #MSDOS Filesystem options CD9660 #ISO 9660 Filesystem options CD9660_ROOT #CD-ROM usable as root, CD9660 required options PROCFS #Process filesystem options COMPAT_43 #Compatible with BSD 4.3 [KEEP THIS!] options SCSI_DELAY=15000 #Delay (in ms) before probing SCSI options UCONSOLE #Allow users to grab the console options USERCONFIG #boot -c editor options VISUAL_USERCONFIG #visual boot -c editor options KTRACE #ktrace(1) support options SYSVSHM #SYSV-style shared memory options SYSVMSG #SYSV-style message queues options SYSVSEM #SYSV-style semaphores options P1003_1B #Posix P1003_1B real-time extensions options _KPOSIX_PRIORITY_SCHEDULING options ICMP_BANDLIM #Rate limit bad replies options KBD_INSTALL_CDEV # install a CDEV entry in /dev options GRE #OPTION GRE # To make an SMP kernel, the next two are needed options SMP # Symmetric MultiProcessor Kernel options APIC_IO # Symmetric (APIC) I/O device isa device eisa device pci # Floppy drives device fdc0 at isa? port IO_FD1 irq 6 drq 2 device fd0 at fdc0 drive 0 device fd1 at fdc0 drive 1 # # If you have a Toshiba Libretto with its Y-E Data PCMCIA floppy, # don't use the above line for fdc0 but the following one: #device fdc0 # ATA and ATAPI devices device ata0 at isa? port IO_WD1 irq 14 device ata1 at isa? port IO_WD2 irq 15 device ata device atadisk # ATA disk drives device atapicd # ATAPI CDROM drives device atapifd # ATAPI floppy drives device atapist # ATAPI tape drives options ATA_STATIC_ID #Static device numbering # SCSI Controllers device ahb # EISA AHA1742 family device ahc # AHA2940 and onboard AIC7xxx devices device amd # AMD 53C974 (Tekram DC-390(T)) device isp # Qlogic family device ncr # NCR/Symbios Logic device sym # NCR/Symbios Logic (newer chipsets) options SYM_SETUP_LP_PROBE_MAP=0x40 # Allow ncr to attach legacy NCR devices when # both sym and ncr are configured device adv0 at isa? device adw device bt0 at isa? device aha0 at isa? device aic0 at isa? device ncv # NCR 53C500 device nsp # Workbit Ninja SCSI-3 device stg # TMC 18C30/18C50 # SCSI peripherals device scbus # SCSI bus (required) device da # Direct Access (disks) device sa # Sequential Access (tape etc) device cd # CD device pass # Passthrough device (direct SCSI access) # RAID controllers interfaced to the SCSI subsystem device asr # DPT SmartRAID V, VI and Adaptec SCSI RAID device dpt # DPT Smartcache - See LINT for options! device mly # Mylex AcceleRAID/eXtremeRAID # RAID controllers device aac # Adaptec FSA RAID, Dell PERC2/PERC3 device ida # Compaq Smart RAID device amr # AMI MegaRAID device mlx # Mylex DAC960 family device twe # 3ware Escalade # atkbdc0 controls both the keyboard and the PS/2 mouse device atkbdc0 at isa? port IO_KBD device atkbd0 at atkbdc? irq 1 flags 0x1 device psm0 at atkbdc? irq 12 device vga0 at isa? # splash screen/screen saver pseudo-device splash # syscons is the default console driver, resembling an SCO console device sc0 at isa? flags 0x100 # Enable this and PCVT_FREEBSD for pcvt vt220 compatible console driver #device vt0 at isa? #options XSERVER # support for X server on a vt console #options FAT_CURSOR # start with block cursor # If you have a ThinkPAD, uncomment this along with the rest of the PCVT lines #options PCVT_SCANSET=2 # IBM keyboards are non-std # Floating point support - do not disable. device npx0 at nexus? port IO_NPX irq 13 # Power management support (see LINT for more options) device apm0 at nexus? disable flags 0x20 # Advanced Power Management # PCCARD (PCMCIA) support device card device pcic0 at isa? irq 0 port 0x3e0 iomem 0xd0000 device pcic1 at isa? irq 0 port 0x3e2 iomem 0xd4000 disable # Serial (COM) ports device sio0 at isa? port IO_COM1 flags 0x10 irq 4 device sio1 at isa? port IO_COM2 irq 3 device sio2 at isa? disable port IO_COM3 irq 5 device sio3 at isa? disable port IO_COM4 irq 9 # Parallel port device ppc0 at isa? irq 7 device ppbus # Parallel port bus (required) device lpt # Printer device plip # TCP/IP over parallel device ppi # Parallel port interface device #device vpo # Requires scbus and da # PCI Ethernet NICs. device de # DEC/Intel DC21x4x (``Tulip'') device txp # 3Com 3cR990 (``Typhoon'') device vx # 3Com 3c590, 3c595 (``Vortex'') # PCI Ethernet NICs that use the common MII bus controller code. # NOTE: Be sure to keep the 'device miibus' line in order to use these NICs! device miibus # MII bus support device dc # DEC/Intel 21143 and various workalikes device fxp # Intel EtherExpress PRO/100B (82557, 82558) device pcn # AMD Am79C97x PCI 10/100 NICs device rl # RealTek 8129/8139 device sf # Adaptec AIC-6915 (``Starfire'') device sis # Silicon Integrated Systems SiS 900/SiS 7016 device ste # Sundance ST201 (D-Link DFE-550TX) device tl # Texas Instruments ThunderLAN device tx # SMC EtherPower II (83c170 ``EPIC'') device vr # VIA Rhine, Rhine II device wb # Winbond W89C840F device wx # Intel Gigabit Ethernet Card (``Wiseman'') device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'') device bge # Broadcom BCM570x (``Tigon III'') # ISA Ethernet NICs. # 'device ed' requires 'device miibus' device ed0 at isa? port 0x280 irq 10 iomem 0xd8000 device ex device ep device fe0 at isa? port 0x300 # Xircom Ethernet device xe # PRISM I IEEE 802.11b wireless NIC. device awi # WaveLAN/IEEE 802.11 wireless NICs. Note: the WaveLAN/IEEE really # exists only as a PCMCIA device, so there is no ISA attachment needed # and resources will always be dynamically assigned by the pccard code. device wi # Aironet 4500/4800 802.11 wireless NICs. Note: the declaration below will # work for PCMCIA and PCI cards, as well as ISA cards set to ISA PnP # mode (the factory default). If you set the switches on your ISA # card for a manually chosen I/O address and IRQ, you must specify # those parameters here. device an # The probe order of these is presently determined by i386/isa/isa_compat.c. device ie0 at isa? port 0x300 irq 10 iomem 0xd0000 #device le0 at isa? port 0x300 irq 5 iomem 0xd0000 device lnc0 at isa? port 0x280 irq 10 drq 0 device cs0 at isa? port 0x300 device sn0 at isa? port 0x300 irq 10 # Pseudo devices - the number indicates how many units to allocate. pseudo-device loop # Network loopback pseudo-device ether # Ethernet support pseudo-device sl 1 # Kernel SLIP pseudo-device ppp 1 # Kernel PPP pseudo-device tun # Packet tunnel. pseudo-device pty # Pseudo-ttys (telnet etc) pseudo-device md # Memory "disks" pseudo-device gif # IPv6 and IPv4 tunneling pseudo-device faith 1 # IPv6-to-IPv4 relaying (translation) # The `bpf' pseudo-device enables the Berkeley Packet Filter. # Be aware of the administrative consequences of enabling this! pseudo-device bpf #Berkeley packet filter # USB support device uhci # UHCI PCI->USB interface device ohci # OHCI PCI->USB interface device usb # USB Bus (required) device ugen # Generic device uhid # "Human Interface Devices" device ukbd # Keyboard device ulpt # Printer device umass # Disks/Mass storage - Requires scbus and da device ums # Mouse device uscanner # Scanners device urio # Diamond Rio MP3 Player # USB Ethernet, requires mii device aue # ADMtek USB ethernet device cue # CATC USB ethernet device kue # Kawasaki LSI USB ethernet ---------------------------------------------------------------------------- ---- cache# cat /usr/src/sys/i386/conf/LINT # # LINT -- config file for checking all the sources, tries to pull in # as much of the source tree as it can. # # $FreeBSD: src/sys/i386/conf/LINT,v 1.749.2.96 2001/12/23 08:17:37 pirzyk Exp $ # # NB: You probably don't want to try running a kernel built from this # file. Instead, you should start from GENERIC, and add options from # this file as required. # # # This directive is mandatory; it defines the architecture to be # configured for; in this case, the 386 family based IBM-PC and # compatibles. # machine i386 # # This is the ``identification'' of the kernel. Usually this should # be the same as the name of your kernel. # ident LINT # # The `maxusers' parameter controls the static sizing of a number of # internal system tables by a formula defined in subr_param.c. Setting # maxusers to 0 will cause the system to auto-size based on physical # memory. # maxusers 512 # # The `makeoptions' parameter allows variables to be passed to the # generated Makefile in the build area. # # CONF_CFLAGS gives some extra compiler flags that are added to ${CFLAGS} # after most other flags. Here we use it to inhibit use of non-optimal # gcc builtin functions (e.g., memcmp). # # DEBUG happens to be magic. # The following is equivalent to 'config -g KERNELNAME' and creates # 'kernel.debug' compiled with -g debugging as well as a normal # 'kernel'. Use 'make install.debug' to install the debug kernel # but that isn't normally necessary as the debug symbols are not loaded # by the kernel and are not useful there anyway. # # KERNEL can be overridden so that you can change the default name of your # kernel. # # MODULES_OVERRIDE can be used to limit modules built to a specific list. # makeoptions CONF_CFLAGS=-fno-builtin #Don't allow use of memcmp, etc. #makeoptions DEBUG=-g #Build kernel with gdb(1) debug symbols #makeoptions KERNEL=foo #Build kernel "foo" and install "/foo" # Only build Linux API modules and plus those parts of the sound system I need. #makeop###################################### # COMPATIBILITY OPTIONS # # Implement system calls compatible with 4.3BSD and older versions of # FreeBSD. You probably do NOT want to remove this as much current code # still relies on the 4.3 emulation. # options COMPAT_43 # # Allow applications running in user space to control the Local Descriptor # Table (LDT). This is required by some ports. Future versions of FreeBSD # may require this option for some programs in the base system. # options USER_LDT #allow user-level control of i386 ldt # # These three options provide support for System V Interface # Definition-style interprocess communication, in the form of shared # memory, semaphores, and message queues, respectively. # # System V shared memory and tunable parameters options SYSVSHM # include support for shared memory options SHMMAXPGS=4194304 # max amount of shared memory pages (4k on i38 6) options SHMALL=67108864 # max amount of shared memory (bytes) #options SHMMAX="(SHMMAXPGS*PAGE_SIZE+1)" # max shared memory segment size (bytes) options SHMMAX=536870912 options SHMMIN=2 # min shared memory segment size (bytes) options SHMMNI=33000 # max number of shared memory identifiers options SHMSEG=9000 # max shared memory segments per process # System V semaphores and tunable parameters options SYSVSEM # include support for semaphores options SEMMAP=31 # amount of entries in semaphore map options SEMMNI=11 # number of semaphore identifiers in the system options SEMMNS=61 # number of semaphores in the system options SEMMNU=31 # number of undo structures in the system options SEMMSL=61000 # max number of semaphores per id options SEMOPM=101000 # max number of operations per semop call options SEMUME=11000 # max number of undo entries per process # System V message queues and tunable parameters options SYSVMSG # include support for message queues options MSGMNB=4294967296 # max characters per message queue options MSGMNI=40000 # max number of message queue identifiers options MSGSEG=134217728 # max number of message segments in the system options MSGSSZ=64 # size of a message segment MUST be power of 2 options MSGTQL=134217728 # max amount of messages in the system ##################################################################### # DEBUGGING OPTIONS # # Enable the kernel debugger. # options DDB # # Don't drop into DDB for a panic. Intended for unattended operation # where you may want to drop to DDB from the console, but still want # the machine to recover from a panic # options DDB_UNATTENDED # # If using GDB remote mode to debug the kernel, there's a non-standard # extension to the remote protocol that can be used to use the serial # port as both the debugging port and the system console. It's non- # standard and you're on your own if you enable it. See also the # "remotechat" variables in the FreeBSD specific version of gdb. # options GDB_REMOTE_CHAT # # KTRACE enables the system-call tracing facility ktrace(2). # options KTRACE #kernel tracing # # The INVARIANTS option is used in a number of source files to enable # extra sanity checking of internal structures. This support is not # enabled by default because of the extra time it would take to check # for these conditions, which can only occur as a result of # programming errors. # options INVARIANTS # # The INVARIANT_SUPPORT option makes us compile in support for # verifying some of the internal structures. It is a prerequisite for # 'INVARIANTS', as enabling 'INVARIANTS' will make these functions be # called. The intent is that you can set 'INVARIANTS' for single # source files (by changing the source file or specifying it on the # command line) if you have 'INVARIANT_SUPPORT' enabled. # options INVARIANT_SUPPORT # # The DIAGNOSTIC option is used to enable extra debugging information # from some parts of the kernel. As this makes everything more noisy, # it is disabled by default. # options DIAGNOSTIC # # PERFMON causes the driver for Pentium/Pentium Pro performance counters # to be compiled. See perfmon(4) for more information. # options PERFMON # # This option let some drivers co-exist that can't co-exist in a running # system. This is used to be able to compile all kernel code in one go for # quality assurance purposes (like this file, which the option takes it name # from.) # options COMPILING_LINT # XXX - this doesn't belong here. # Allow ordinary users to take the console - this is useful for X. options UCONSOLE # XXX - this doesn't belong here either options USERCONFIG #boot -c editor options INTRO_USERCONFIG #imply -c and show intro screen options VISUAL_USERCONFIG #visual boot -c editor ##################################################################### # NETWORKING OPTIONS # # Protocol families: # Only the INET (Internet) family is officially supported in FreeBSD. # Source code for the NS (Xerox Network Service) is provided for amusement # value. # options INET #Internet communications protocols options INET6 #IPv6 communications protocols options IPSEC #IP security options IPSEC_ESP #IP security (crypto; define w/ IPSEC) options IPSEC_DEBUG #debug for IP security options IPX #IPX/SPX communications protocols options IPXIP #IPX in IP encapsulation (not available) options IPTUNNEL #IP in IPX encapsulation (not available) options NCP #NetWare Core protocol options NETATALK #Appletalk communications protocols # These are currently broken but are shipped due to interest. #options NS #Xerox NS protocols #options NSIP #XNS over IP # # SMB/CIFS requester # NETSMB enables support for SMB protocol, it requires LIBMCHAIN and LIBICONV # options. # NETSMBCRYPTO enables support for encrypted passwords. options NETSMB #SMB/CIFS requester options NETSMBCRYPTO #encrypted password support for SMB # mchain library. It can be either loaded as KLD or compiled into kernel options LIBMCHAIN #mbuf management library # netgraph(4). Enable the base netgraph code with the NETGRAPH option. # Individual node types can be enabled with the corresponding option # listed below; however, this is not strictly necessary as netgraph # will automatically load the corresponding KLD module if the node type # is not already compiled into the kernel. Each type below has a # corresponding man page, e.g., ng_async(8). options NETGRAPH #netgraph(4) system options NETGRAPH_ASYNC options NETGRAPH_BPF options NETGRAPH_CISCO options NETGRAPH_ECHO options NETGRAPH_ETHER options NETGRAPH_FRAME_RELAY options NETGRAPH_HOLE options NETGRAPH_IFACE options NETGRAPH_KSOCKET options NETGRAPH_LMI # MPPC compression requires proprietary files (not included) #options NETGRAPH_MPPC_COMPRESSION options NETGRAPH_MPPC_ENCRYPTION options NETGRAPH_ONE2MANY options NETGRAPH_PPP options NETGRAPH_PPPOE options NETGRAPH_PPTPGRE options NETGRAPH_RFC1490 options NETGRAPH_SOCKET options NETGRAPH_TEE options NETGRAPH_TTY options NETGRAPH_UI options NETGRAPH_VJC #options GRE #OPTION GRE device mn # Munich32x/Falc54 Nx64kbit/sec cards. # # Network interfaces: # The `loop' pseudo-device is MANDATORY when networking is enabled. # The `ether' pseudo-device provides generic code to handle # Ethernets; it is MANDATORY when a Ethernet device driver is # configured or token-ring is enabled. # The 'fddi' pseudo-device provides generic code to support FDDI. # The `sppp' pseudo-device serves a similar role for certain types # of synchronous PPP links (like `cx', `ar'). # The `sl' pseudo-device implements the Serial Line IP (SLIP) service. # The `ppp' pseudo-device implements the Point-to-Point Protocol. # The `bpf' pseudo-device enables the Berkeley Packet Filter. Be # aware of the legal and administrative consequences of enabling this # option. The number of devices determines the maximum number of # simultaneous BPF clients programs runnable. # The `disc' pseudo-device implements a minimal network interface, # which throws away all packets sent and never receives any. It is # included for testing purposes. This shows up as the 'ds' interface. # The `tun' pseudo-device implements (user-)ppp and nos-tun # The `gif' pseudo-device implements IPv6 over IP4 tunneling, # IPv4 over IPv6 tunneling, IPv4 over IPv4 tunneling and # IPv6 over IPv6 tunneling. # The `faith' pseudo-device captures packets sent to it and diverts them # to the IPv4/IPv6 translation daemon. # The `stf' device implements 6to4 encapsulation. # The `ef' pseudo-device provides support for multiple ethernet frame types # specified via ETHER_* options. See ef(4) for details. # # The PPP_BSDCOMP option enables support for compress(1) style entire # packet compression, the PPP_DEFLATE is for zlib/gzip style compression. # PPP_FILTER enables code for filtering the ppp data stream and selecting # events for resetting the demand dial activity timer - requires bpf. # See pppd(8) for more details. # pseudo-device ether #Generic Ethernet pseudo-device vlan 1 #VLAN support pseudo-device token #Generic TokenRing pseudo-device fddi #Generic FDDI pseudo-device sppp #Generic Synchronous PPP pseudo-device loop #Network loopback device pseudo-device bpf #Berkeley packet filter pseudo-device disc #Discard device (ds0, ds1, etc) pseudo-device tun #Tunnel driver (ppp(8), nos-tun(8)) pseudo-device sl 2 #Serial Line IP pseudo-device ppp 2 #Point-to-point protocol options PPP_BSDCOMP #PPP BSD-compress support options PPP_DEFLATE #PPP zlib/deflate/gzip support options PPP_FILTER #enable bpf filtering (needs bpf) pseudo-device ef # Multiple ethernet frames support options ETHER_II # enable Ethernet_II frame options ETHER_8023 # enable Ethernet_802.3 (Novell) frame options ETHER_8022 # enable Ethernet_802.2 frame options ETHER_SNAP # enable Ethernet_802.2/SNAP frame # for IPv6 pseudo-device gif #IPv6 and IPv4 tunneling pseudo-device faith 1 #for IPv6 and IPv4 translation pseudo-device stf #6to4 IPv6 over IPv4 encapsulation # # Internet family options: # # MROUTING enables the kernel multicast packet forwarder, which works # with mrouted(8). # # IPFIREWALL enables support for IP firewall construction, in # conjunction with the `ipfw' program. IPFIREWALL_VERBOSE sends # logged packets to the system logger. IPFIREWALL_VERBOSE_LIMIT # limits the number of times a matching entry can be logged. # # WARNING: IPFIREWALL defaults to a policy of "deny ip from any to any" # and if you do not add other rules during startup to allow access, # YOU WILL LOCK YOURSELF OUT. It is suggested that you set firewall_type=open # in /etc/rc.conf when first enabling this feature, then refining the # firewall rules in /etc/rc.firewall after you've tested that the new kernel # feature works properly. # # IPFIREWALL_DEFAULT_TO_ACCEPT causes the default rule (at boot) to # allow everything. Use with care, if a cracker can crash your # firewall machine, they can get to your protected machines. However, # if you are using it as an as-needed filter for specific problems as # they arise, then this may be for you. Changing the default to 'allow' # means that you won't get stuck if the kernel and /sbin/ipfw binary get # out of sync. # # IPDIVERT enables the divert IP sockets, used by ``ipfw divert'' # # IPSTEALTH enables code to support stealth forwarding (i.e., forwarding # packets without touching the ttl). This can be useful to hide firewalls # from traceroute and similar tools. # # TCPDEBUG is undocumented. # options MROUTING # Multicast routing options IPFIREWALL #firewall options IPFIREWALL_VERBOSE #enable logging to syslogd(8) options IPFIREWALL_FORWARD #enable transparent proxy support options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default options IPV6FIREWALL #firewall for IPv6 options IPV6FIREWALL_VERBOSE options IPV6FIREWALL_VERBOSE_LIMIT=100 options IPV6FIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT #divert sockets options IPFILTER #ipfilter support options IPFILTER_LOG #ipfilter logging options IPFILTER_DEFAULT_BLOCK #block all packets by default options IPSTEALTH #support for stealth forwarding options TCPDEBUG # RANDOM_IP_ID causes the ID field in IP packets to be randomized # instead of incremented by 1 with each packet generated. This # option closes a minor information leak which allows remote # observers to determine the rate of packet generation on the # machine by watching the counter. options RANDOM_IP_ID # Statically Link in accept filters options ACCEPT_FILTER_DATA options ACCEPT_FILTER_HTTP # # TCP_DROP_SYNFIN adds support for ignoring TCP packets with SYN+FIN. This # prevents nmap et al. from identifying the TCP/IP stack, but breaks support # for RFC1644 extensions and is not recommended for web servers. # options TCP_DROP_SYNFIN #drop TCP packets with SYN+FIN # ICMP_BANDLIM enables icmp error response bandwidth limiting. You # typically want this option as it will help protect the machine from # D.O.S. packet attacks. # options ICMP_BANDLIM # DUMMYNET enables the "dummynet" bandwidth limiter. You need # IPFIREWALL as well. See the dummynet(4) manpage for more info. # BRIDGE enables bridging between ethernet cards -- see bridge(4). # You can use IPFIREWALL and dummynet together with bridging. options DUMMYNET options BRIDGE # # ATM (HARP version) options # # ATM_CORE includes the base ATM functionality code. This must be included # for ATM support. # # ATM_IP includes support for running IP over ATM. # # At least one (and usually only one) of the following signalling managers # must be included (note that all signalling managers include PVC support): # ATM_SIGPVC includes support for the PVC-only signalling manager `sigpvc'. # ATM_SPANS includes support for the `spans' signalling manager, which runs # the FORE Systems's proprietary SPANS signalling protocol. # ATM_UNI includes support for the `uni30' and `uni31' signalling managers, # which run the ATM Forum UNI 3.x signalling protocols. # # The `hea' driver provides support for the Efficient Networks, Inc. # ENI-155p ATM PCI Adapter. # # The `hfa' driver provides support for the FORE Systems, Inc. # PCA-200E ATM PCI Adapter. # options ATM_CORE #core ATM protocol family options ATM_IP #IP over ATM support options ATM_SIGPVC #SIGPVC signalling manager options ATM_SPANS #SPANS signalling manager options ATM_UNI #UNI signalling manager device hea #Efficient ENI-155p ATM PCI device hfa #FORE PCA-200E ATM PCI ##################################################################### # FILESYSTEM OPTIONS # # Only the root, /usr, and /tmp filesystems need be statically # compiled; everything else will be automatically loaded at mount # time. (Exception: the UFS family---FFS, and MFS --- cannot # currently be demand-loaded.) Some people still prefer to statically # compile other filesystems as well. # # NB: The NULL, PORTAL, UMAP and UNION filesystems are known to be # buggy, and WILL panic your system if you attempt to do anything with # them. They are included here as an incentive for some enterprising # soul to sit down and fix them. # # One of these is mandatory: options FFS #Fast filesystem options MFS #Memory File System options NFS #Network File System # The rest are optional: #options NFS_NOSERVER #Disable the NFS-server code. options CD9660 #ISO 9660 filesystem options FDESC #File descriptor filesystem options KERNFS #Kernel filesystem options MSDOSFS #MS DOS File System options NTFS #NT File System options NULLFS #NULL filesystem options NWFS #NetWare filesystem options PORTAL #Portal filesystem options PROCFS #Process filesystem options SMBFS #SMB/CIFS filesystem options UMAPFS #UID map filesystem options UNION #Union filesystem # The xFS_ROOT options REQUIRE the associated ``options xFS'' options CD9660_ROOT #CD-ROM usable as root device options FFS_ROOT #FFS usable as root device options NFS_ROOT #NFS usable as root device # Soft updates is technique for improving file system speed and # making abrupt shutdown less risky. options SOFTUPDATES # Directory hashing improves the speed of operations on very large # directories at the expense of some memory. options UFS_DIRHASH # Make space in the kernel for a root filesystem on a md device. # Define to the number of kilobytes to reserve for the filesystem. options MD_ROOT_SIZE=10 # Make the md device a potential root device, either with preloaded # images of type mfs_root or md_root. options MD_ROOT # Specify double the default maximum size for malloc(9)-backed md devices. options MD_NSECT=40000 # Allow this many swap-devices. # # In order to manage swap, the system must reserve bitmap space that # scales with the largest mounted swap device multiplied by NSWAPDEV, # irregardless of whether other swap devices exist or not. So it # is not a good idea to make this value too large. options NSWAPDEV=5 # Disk quotas are supported when this option is enabled. options QUOTA #enable disk quotas # If you are running a machine just as a fileserver for PC and MAC # users, using SAMBA or Netatalk, you may consider setting this option # and keeping all those users' directories on a filesystem that is # mounted with the suiddir option. This gives new files the same # ownership as the directory (similar to group). It's a security hole # if you let these users run programs, so confine it to file-servers # (but it'll save you lots of headaches in those cases). Root owned # directories are exempt and X bits are cleared. The suid bit must be # set on the directory as well; see chmod(1) PC owners can't see/set # ownerships so they keep getting their toes trodden on. This saves # you all the support calls as the filesystem it's used on will act as # they expect: "It's my dir so it must be my file". # options SUIDDIR # NFS options: options NFS_MINATTRTIMO=3 # VREG attrib cache timeout in sec options NFS_MAXATTRTIMO=60 options NFS_MINDIRATTRTIMO=30 # VDIR attrib cache timeout in sec options NFS_MAXDIRATTRTIMO=60 options NFS_GATHERDELAY=10 # Default write gather delay (msec) options NFS_UIDHASHSIZ=29 # Tune the size of nfssvc_sock with this options NFS_WDELAYHASHSIZ=16 # and with this options NFS_MUIDHASHSIZ=63 # Tune the size of nfsmount with this options NFS_DEBUG # Enable NFS Debugging # Coda stuff: options CODA #CODA filesystem. pseudo-device vcoda 4 #coda minicache <-> venus comm. # # Add support for the EXT2FS filesystem of Linux fame. Be a bit # careful with this - the ext2fs code has a tendency to lag behind # changes and not be exercised very much, so mounting read/write could # be dangerous (and even mounting read only could result in panics.) # options EXT2FS # Use real implementations of the aio_* system calls. There are numerous # stability and security issues in the current aio code that make it # unsuitable for inclusion on machines with untrusted local users. options VFS_AIO ##################################################################### # POSIX P1003.1B # Real time extensions added in the 1993 Posix # P1003_1B: Infrastructure # _KPOSIX_PRIORITY_SCHEDULING: Build in _POSIX_PRIORITY_SCHEDULING # _KPOSIX_VERSION: Version kernel is built for options P1003_1B options _KPOSIX_PRIORITY_SCHEDULING options _KPOSIX_VERSION=199309L ##################################################################### # CLOCK OPTIONS # The granularity of operation is controlled by the kernel option HZ whose # default value (100) means a granularity of 10ms. For an accurate simulation # of high data rates it might be necessary to reduce the timer granularity to # 1ms or less. Consider, however, that some interfaces using programmed I/O # may require a considerable time to output packets. So, reducing the # granularity too much might actually cause ticks to be missed thus reducing # the accuracy of operation. options HZ=100 # Other clock options options CLK_CALIBRATION_LOOP options CLK_USE_I8254_CALIBRATION options CLK_USE_TSC_CALIBRATION ##################################################################### # SCSI DEVICES # SCSI DEVICE CONFIGURATION # The SCSI subsystem consists of the `base' SCSI code, a number of # high-level SCSI device `type' drivers, and the low-level host-adapter # device drivers. The host adapters are listed in the ISA and PCI # device configuration sections below. # # Beginning with FreeBSD 2.0.5 you can wire down your SCSI devices so # that a given bus, target, and LUN always come on line as the same # device unit. In earlier versions the unit numbers were assigned # in the order that the devices were probed on the SCSI bus. This # means that if you removed a disk drive, you may have had to rewrite # your /etc/fstab file, and also that you had to be careful when adding # a new disk as it may have been probed earlier and moved your device # configuration around. # This old behavior is maintained as the default behavior. The unit # assignment begins with the first non-wired down unit for a device # type. For example, if you wire a disk as "da3" then the first # non-wired disk will be assigned da4. # The syntax for wiring down devices is: # device scbus0 at ahc0 # Single bus device # device scbus1 at ahc1 bus 0 # Single bus device # device scbus3 at ahc2 bus 0 # Twin bus device # device scbus2 at ahc2 bus 1 # Twin bus device # device da0 at scbus0 target 0 unit 0 # device da1 at scbus3 target 1 # device da2 at scbus2 target 3 # device sa1 at scbus1 target 6 # device cd # "units" (SCSI logical unit number) that are not specified are # treated as if specified as LUN 0. # All SCSI devices allocate as many units as are required. # The "unknown" device (uk? in pre-2.0.5) is now part of the base SCSI # configuration and doesn't have to be explicitly configured. device scbus #base SCSI code device ch #SCSI media changers device da #SCSI direct access devices (aka disks) device sa #SCSI tapes device cd #SCSI CD-ROMs device pass #CAM passthrough driver device pt #SCSI processor type device ses #SCSI SES/SAF-TE driver # CAM OPTIONS: # debugging options: # -- NOTE -- If you specify one of the bus/target/lun options, you must # specify them all! # CAMDEBUG: When defined enables debugging macros # CAM_DEBUG_BUS: Debug the given bus. Use -1 to debug all busses. # CAM_DEBUG_TARGET: Debug the given target. Use -1 to debug all targets. # CAM_DEBUG_LUN: Debug the given lun. Use -1 to debug all luns. # CAM_DEBUG_FLAGS: OR together CAM_DEBUG_INFO, CAM_DEBUG_TRACE, # CAM_DEBUG_SUBTRACE, and CAM_DEBUG_CDB # # CAM_MAX_HIGHPOWER: Maximum number of concurrent high power (start unit) cmds # SCSI_NO_SENSE_STRINGS: When defined disables sense descriptions # SCSI_NO_OP_STRINGS: When defined disables opcode descriptions # SCSI_DELAY: The number of MILLISECONDS to freeze the SIM (scsi adapter) # queue after a bus reset, and the number of milliseconds to # freeze the device queue after a bus device reset. options CAMDEBUG options CAM_DEBUG_BUS=-1 options CAM_DEBUG_TARGET=-1 options CAM_DEBUG_LUN=-1 options CAM_DEBUG_FLAGS="CAM_DEBUG_INFO|CAM_DEBUG_TRACE|CAM_DEBUG_CDB" options CAM_MAX_HIGHPOWER=4 options SCSI_NO_SENSE_STRINGS options SCSI_NO_OP_STRINGS options SCSI_DELAY=8000 # Be pessimistic about Joe SCSI device # Options for the CAM CDROM driver: # CHANGER_MIN_BUSY_SECONDS: Guaranteed minimum time quantum for a changer LUN # CHANGER_MAX_BUSY_SECONDS: Maximum time quantum per changer LUN, only # enforced if there is I/O waiting for another LUN # The compiled in defaults for these variables are 2 and 10 seconds, # respectively. # # These can also be changed on the fly with the following sysctl variables: # kern.cam.cd.changer.min_busy_seconds # kern.cam.cd.changer.max_busy_seconds # options CHANGER_MIN_BUSY_SECONDS=2 options CHANGER_MAX_BUSY_SECONDS=10 # Options for the CAM sequential access driver: # SA_IO_TIMEOUT: Timeout for read/write/wfm operations, in minutes # SA_SPACE_TIMEOUT: Timeout for space operations, in minutes # SA_REWIND_TIMEOUT: Timeout for rewind operations, in minutes # SA_ERASE_TIMEOUT: Timeout for erase operations, in minutes # SA_1FM_AT_EOD: Default to model which only has a default one filemark at EOT. options SA_IO_TIMEOUT="(4)" options SA_SPACE_TIMEOUT="(60)" options SA_REWIND_TIMEOUT="(2*60)" options SA_ERASE_TIMEOUT="(4*60)" options SA_1FM_AT_EOD # Optional timeout for the CAM processor target (pt) device # This is specified in seconds. The default is 60 seconds. options SCSI_PT_DEFAULT_TIMEOUT="60" # Optional enable of doing SES passthrough on other devices (e.g., disks) # # Normally disabled because a lot of newer SCSI disks report themselves # as having SES capabilities, but this can then clot up attempts to build # build a topology with the SES device that's on the box these drives # are in.... options SES_ENABLE_PASSTHROUGH ##################################################################### # MISCELLANEOUS DEVICES AND OPTIONS # The `pty' device usually turns out to be ``effectively mandatory'', # as it is required for `telnetd', `rlogind', `screen', `emacs', and # `xterm', among others. pseudo-device pty #Pseudo ttys pseudo-device speaker #Play IBM BASIC-style noises out your speaker pseudo-device gzip #Exec gzipped a.out's pseudo-device vn #Vnode driver (turns a file into a device) pseudo-device md #Memory/malloc disk pseudo-device snp 3 #Snoop device - to look at pty/vty/etc.. pseudo-device ccd 4 #Concatenated disk driver # Configuring Vinum into the kernel is not necessary, since the kld # module gets started automatically when vinum(8) starts. This # device is also untested. Use at your own risk. # # The option VINUMDEBUG must match the value set in CFLAGS # in src/sbin/vinum/Makefile. Failure to do so will result in # the following message from vinum(8): # # Can't get vinum config: Invalid argument # # see vinum(4) for more reasons not to use these options. pseudo-device vinum #Vinum concat/mirror/raid driver options VINUMDEBUG #enable Vinum debugging hooks # Kernel side iconv library options LIBICONV # Size of the kernel message buffer. Should be N * pagesize. options MSGBUF_SIZE=40960 ##################################################################### # HARDWARE DEVICE CONFIGURATION # ISA and EISA devices: # EISA support is available for some device, so they can be auto-probed. # MicroChannel (MCA) support is available for some devices. # # Mandatory ISA devices: isa, npx # device isa # # Options for `isa': # # AUTO_EOI_1 enables the `automatic EOI' feature for the master 8259A # interrupt controller. This saves about 0.7-1.25 usec for each interrupt. # This option breaks suspend/resume on some portables. # # AUTO_EOI_2 enables the `automatic EOI' feature for the slave 8259A # interrupt controller. This saves about 0.7-1.25 usec for each interrupt. # Automatic EOI is documented not to work for for the slave with the # original i8259A, but it works for some clones and some integrated # versions. # # MAXMEM specifies the amount of RAM on the machine; if this is not # specified, FreeBSD will first read the amount of memory from the CMOS # RAM, so the amount of memory will initially be limited to 64MB or 16MB # depending on the BIOS. If the BIOS reports 64MB, a memory probe will # then attempt to detect the installed amount of RAM. If this probe # fails to detect >64MB RAM you will have to use the MAXMEM option. # The amount is in kilobytes, so for a machine with 128MB of RAM, it would # be 131072 (128 * 1024). # # BROKEN_KEYBOARD_RESET disables the use of the keyboard controller to # reset the CPU for reboot. This is needed on some systems with broken # keyboard controllers. # # PAS_JOYSTICK_ENABLE enables the gameport on the ProAudio Spectrum options AUTO_EOI_1 #options AUTO_EOI_2 options MAXMEM="(128*1024)" #options BROKEN_KEYBOARD_RESET #options PAS_JOYSTICK_ENABLE # Enable support for the kernel PLL to use an external PPS signal, # under supervision of [x]ntpd(8) # More info in ntpd documentation: http://www.eecis.udel.edu/~ntp options PPS_SYNC # If you see the "calcru: negative time of %ld usec for pid %d (%s)\n" # message you probably have some broken sw/hw which disables interrupts # for too long. You can make the system more resistant to this by # choosing a high value for NTIMECOUNTER. The default is 5, there # is no upper limit but more than a couple of hundred are not productive. # A better strategy may be to sysctl -w kern.timecounter.method=1 options NTIMECOUNTER=20 # The keyboard controller; it controls the keyboard and the PS/2 mouse. device atkbdc0 at isa? port IO_KBD # The AT keyboard device atkbd0 at atkbdc? irq 1 # Options for atkbd: options ATKBD_DFLT_KEYMAP # specify the built-in keymap makeoptions ATKBD_DFLT_KEYMAP="jp.106" # These options are valid for other keyboard drivers as well. options KBD_DISABLE_KEYMAP_LOAD # refuse to load a keymap options KBD_INSTALL_CDEV # install a CDEV entry in /dev # `flags' for atkbd: # 0x01 Force detection of keyboard, else we always assume a keyboard # 0x02 Don't reset keyboard, useful for some newer ThinkPads # 0x03 Force detection and avoid reset, might help with certain # dockingstations # 0x04 Old-style (XT) keyboard support, useful for older ThinkPads # PS/2 mouse device psm0 at atkbdc? irq 12 # Options for psm: options PSM_HOOKRESUME #hook the system resume event, useful #for some laptops options PSM_RESETAFTERSUSPEND #reset the device at the resume event # The video card driver. device vga0 at isa? # Options for vga: # Try the following option if the mouse pointer is not drawn correctly # or font does not seem to be loaded properly. May cause flicker on # some systems. options VGA_ALT_SEQACCESS # If you can dispense with some vga driver features, you may want to # use the following options to save some memory. options VGA_NO_FONT_LOADING # don't save/load font options VGA_NO_MODE_CHANGE # don't change video modes # Older video cards may require this option for proper operation. options VGA_SLOW_IOACCESS # do byte-wide i/o's to TS and GDC regs # The following option probably won't work with the LCD displays. options VGA_WIDTH90 # support 90 column modes # To include support for VESA video modes options VESA # Splash screen at start up! Screen savers require this too. pseudo-device splash # The pcvt console driver (vt220 compatible). device vt0 at isa? options XSERVER # support for running an X server on vt options FAT_CURSOR # start with block cursor # This PCVT option is for keyboards such as those used on IBM ThinkPad laptops options PCVT_SCANSET=2 # IBM keyboards are non-std # Other PCVT options are documented in pcvt(4). options PCVT_24LINESDEF options PCVT_CTRL_ALT_DEL options PCVT_EMU_MOUSE options PCVT_FREEBSD=211 options PCVT_META_ESC options PCVT_NSCREENS=9 options PCVT_PRETTYSCRNS options PCVT_SCREENSAVER options PCVT_USEKBDSEC options PCVT_VT220KEYB # The syscons console driver (sco color console compatible). device sc0 at isa? options MAXCONS=16 # number of virtual consoles options SC_ALT_MOUSE_IMAGE # simplified mouse cursor in text mode options SC_DFLT_FONT # compile font in makeoptions SC_DFLT_FONT=cp850 options SC_DISABLE_DDBKEY # disable `debug' key options SC_DISABLE_REBOOT # disable reboot key sequence options SC_HISTORY_SIZE=200 # number of history buffer lines options SC_MOUSE_CHAR=0x3 # char code for text mode mouse cursor options SC_PIXEL_MODE # add support for the raster text mode # The following options will let you change the default colors of syscons. options SC_NORM_ATTR="(FG_GREEN|BG_BLACK)" options SC_NORM_REV_ATTR="(FG_YELLOW|BG_GREEN)" options SC_KERNEL_CONS_ATTR="(FG_RED|BG_BLACK)" options SC_KERNEL_CONS_REV_ATTR="(FG_BLACK|BG_RED)" # If you have a two button mouse, you may want to add the following option # to use the right button of the mouse to paste text. options SC_TWOBUTTON_MOUSE # You can selectively disable features in syscons. options SC_NO_CUTPASTE options SC_NO_FONT_LOADING options SC_NO_HISTORY options SC_NO_SYSMOUSE # # The Numeric Processing eXtension driver. In addition to this, you # may configure a math emulator (see above). If your machine has a # hardware FPU and the kernel configuration includes the npx device # *and* a math emulator compiled into the kernel, the hardware FPU # will be used, unless it is found to be broken or unless "flags" to # npx0 includes "0x08", which requests preference for the emulator. device npx0 at nexus? port IO_NPX flags 0x0 irq 13 # # `flags' for npx0: # 0x01 don't use the npx registers to optimize bcopy. # 0x02 don't use the npx registers to optimize bzero. # 0x04 don't use the npx registers to optimize copyin or copyout. # 0x08 use emulator even if hardware FPU is available. # The npx registers are normally used to optimize copying and zeroing when # all of the following conditions are satisfied: # I586_CPU is an option # the cpu is an i586 (perhaps not a Pentium) # the probe for npx0 succeeds # INT 16 exception handling works. # Then copying and zeroing using the npx registers is normally 30-100% faster. # The flags can be used to control cases where it doesn't work or is slower. # Setting them at boot time using userconfig works right (the optimizations # are not used until later in the bootstrap when npx0 is attached). # Flag 0x08 automatically disables the i586 optimized routines. # # # Optional ISA and EISA devices: # # # SCSI host adapters: `aha', `aic', `bt' # # adv: All Narrow SCSI bus AdvanSys controllers. # adw: Second Generation AdvanSys controllers including the ADV940UW. # aha: Adaptec 154x # ahc: Adaptec 274x/284x/294x # aic: Adaptec 152x # bt: Most Buslogic controllers # ncv: NCR 53C500 based SCSI host adapters. # nsp: Workbit Ninja SCSI-3 based PC Card SCSI host adapters. # stg: TMC 18C30, 18C50 based ISA/PC Card SCSI host adapters. # # Note that the order is important in order for Buslogic cards to be # probed correctly. # device bt0 at isa? port IO_BT0 device adv0 at isa? device adw device aha0 at isa? device aic0 at isa? device ncv device nsp device stg0 at isa? port 0x140 irq 11 # # Adaptec FSA RAID controllers, including integrated DELL controller, # the Dell PERC 2/QC and the HP NetRAID-4M # # AAC_COMPAT_LINUX Include code to support Linux-binary management # utilities (requires Linux compatibility # support). # device aac # # Compaq Smart RAID, Mylex DAC960 and AMI MegaRAID controllers. Only # one entry is needed; the code will find and configure all supported # controllers. # device ida # Compaq Smart RAID device mlx # Mylex DAC960 device amr # AMI MegaRAID # # 3ware ATA RAID # device twe # 3ware ATA RAID # # The 'ATA' driver supports all ATA and ATAPI devices. # It can reuse the majors of wd.c for booting purposes. # You only need one "device ata" for it to find all # PCI ATA/ATAPI devices on modern machines. device ata device atadisk # ATA disk drives device atapicd # ATAPI CDROM drives device atapifd # ATAPI floppy drives device atapist # ATAPI tape drives #The following options are valid on the ATA driver: # # ATA_STATIC_ID: controller numbering is static (like the old driver) # else the device numbers are dynamically allocated. options ATA_STATIC_ID # # For older non-PCI systems, these are the lines to use: #device ata0 at isa? port IO_WD1 irq 14 #device ata1 at isa? port IO_WD2 irq 15 # # ST-506, ESDI, and IDE hard disks: `wdc' and `wd' # # The flags fields are used to enable the multi-sector I/O and # the 32BIT I/O modes. The flags may be used in either the controller # definition or in the individual disk definitions. The controller # definition is supported for the boot configuration stuff. # # Each drive has a 16 bit flags value defined: # The low 8 bits are the maximum value for the multi-sector I/O, # where 0xff defaults to the maximum that the drive can handle. # The high bit of the 16 bit flags (0x8000) allows probing for # 32 bit transfers. Bit 14 (0x4000) enables a hack to wake # up powered-down laptop drives. Bit 13 (0x2000) allows # probing for PCI IDE DMA controllers, such as Intel's PIIX # south bridges. Bit 12 (0x1000) sets LBA mode instead of the # default CHS mode for accessing the drive. See the wd.4 man page. # # The flags field for the drives can be specified in the controller # specification with the low 16 bits for drive 0, and the high 16 bits # for drive 1. # e.g.: #device wdc0 at isa? port IO_WD1 irq 14 flags 0x00ff8004 # # specifies that drive 0 will be allowed to probe for 32 bit transfers and # a maximum multi-sector transfer of 4 sectors, and drive 1 will not be # allowed to probe for 32 bit transfers, but will allow multi-sector # transfers up to the maximum that the drive supports. # # If you are using a PCI controller that is not running in compatibility # mode (for example, it is a 2nd IDE PCI interface), then use config line(s) # such as: # #device wdc2 at isa? port 0 flags 0xa0ffa0ff #device wd4 at wdc2 drive 0 #device wd5 at wdc2 drive 1 # #device wdc3 at isa? port 0 flags 0xa0ffa0ff #device wd6 at wdc3 drive 0 #device wd7 at wdc3 drive 1 # # Note that the above config would be useful for a Promise card, when used # on a MB that already has a PIIX controller. Note the bogus irq and port # entries. These are automatically filled in by the IDE/PCI support. # # This driver must be commented out because it is mutually exclusive with # the ata(4) driver. # device wdc0 at isa? port IO_WD1 irq 14 device wd0 at wdc0 drive 0 device wd1 at wdc0 drive 1 device wdc1 at isa? port IO_WD2 irq 15 device wd2 at wdc1 drive 0 device wd3 at wdc1 drive 1 # # This option allow you to override the default probe time for IDE # devices, to get a faster probe. Setting this below 10000 violate # the IDE specs, but may still work for you (it will work for most # people). # options IDE_DELAY=8000 # Be optimistic about Joe IDE device # IDE CD-ROM & CD-R/RW driver - requires wdc controller device wcd # IDE floppy driver - requires wdc controller device wfd # IDE tape driver - requires wdc controller device wst # # Standard floppy disk controllers: `fdc' and `fd' # device fdc0 at isa? port IO_FD1 irq 6 drq 2 # # FDC_DEBUG enables floppy debugging. Since the debug output is huge, you # gotta turn it actually on by setting the variable fd_debug with DDB, # however. options FDC_DEBUG device fd0 at fdc0 drive 0 device fd1 at fdc0 drive 1 # M-systems DiskOnchip products see src/sys/contrib/dev/fla/README device fla0 at isa? # # Other standard PC hardware: `mse', `sio', etc. # # mse: Logitech and ATI InPort bus mouse ports # sio: serial ports (see sio(4)) device mse0 at isa? port 0x23c irq 5 device sio0 at isa? port IO_COM1 flags 0x10 irq 4 # # `flags' for serial drivers that support consoles (only for sio now): # 0x10 enable console support for this unit. The other console flags # are ignored unless this is set. Enabling console support does # not make the unit the preferred console - boot with -h or set # the 0x20 flag for that. Currently, at most one unit can have # console support; the first one (in config file order) with # this flag set is preferred. Setting this flag for sio0 gives # the old behaviour. # 0x20 force this unit to be the console (unless there is another # higher priority console). This replaces the COMCONSOLE option. # 0x40 reserve this unit for low level console operations. Do not # access the device in any normal way. # 0x80 use this port for serial line gdb support in ddb. # # PnP `flags' (set via userconfig using pnp x flags y) # 0x1 disable probing of this device. Used to prevent your modem # from being attached as a PnP modem. # # Options for serial drivers that support consoles (only for sio now): options BREAK_TO_DEBUGGER #a BREAK on a comconsole goes to #DDB, if available. options CONSPEED=115200 # speed for serial console # (default 9600) # Solaris implements a new BREAK which is initiated by a character # sequence CR ~ ^b which is similar to a familiar pattern used on # Sun servers by the Remote Console. options ALT_BREAK_TO_DEBUGGER # Options for sio: options COM_ESP #code for Hayes ESP options COM_MULTIPORT #code for some cards with shared IRQs # Other flags for sio that aren't documented in the man page. # 0x20000 enable hardware RTS/CTS and larger FIFOs. Only works for # ST16650A-compatible UARTs. # # Network interfaces: `cx', `ed', `el', `ep', `ie', `is', `le', `lnc' # # ar: Arnet SYNC/570i hdlc sync 2/4 port V.35/X.21 serial driver (requires sppp) # cs: IBM Etherjet and other Crystal Semi CS89x0-based adapters # cx: Cronyx/Sigma multiport sync/async (with Cisco or PPP framing) # ed: Western Digital and SMC 80xx; Novell NE1000 and NE2000; 3Com 3C503 # el: 3Com 3C501 (slow!) # ep: 3Com 3C509 # ex: Intel EtherExpress Pro/10 and other i82595-based adapters # fe: Fujitsu MB86960A/MB86965A Ethernet # ie: AT&T StarLAN 10 and EN100; 3Com 3C507; unknown NI5210; Intel EtherExpress # le: Digital Equipment EtherWorks 2 and EtherWorks 3 (DEPCA, DE100, # DE101, DE200, DE201, DE202, DE203, DE204, DE205, DE422) # lnc: Lance/PCnet cards (Isolan, Novell NE2100, NE32-VL, AMD Am7990 & Am79C960) # rdp: RealTek RTL 8002-based pocket ethernet adapters # sbni: Granch SBNI12-xx adapters # sr: RISCom/N2 hdlc sync 1/2 port V.35/X.21 serial driver (requires sppp) # wl: Lucent Wavelan (ISA card only). # awi: IEEE 802.11b PRISM I cards. # wi: Lucent WaveLAN/IEEE 802.11 PCMCIA adapters. Note: this supports both # the PCMCIA and ISA cards: the ISA card is really a PCMCIA to ISA # bridge with a PCMCIA adapter plugged into it. # an: Aironet 4500/4800 802.11 wireless adapters. Supports the PCMCIA, # PCI and ISA varieties. # xe: Xircom/Intel EtherExpress Pro100/16 PC Card ethernet controller. # ray: Raytheon Raylink 802.11 wireless NICs, OEM as Webgear Aviator 2.4GHz # oltr: Olicom ISA token-ring adapters OC-3115, OC-3117, OC-3118 and OC-3133 # (no options needed) # device ar0 at isa? port 0x300 irq 10 iomem 0xd0000 device cs0 at isa? port 0x300 device cx0 at isa? port 0x240 irq 15 drq 7 device ed0 at isa? port 0x280 irq 5 iomem 0xd8000 device el0 at isa? port 0x300 irq 9 device ep device ex device fe0 at isa? port 0x300 device ie0 at isa? port 0x300 irq 5 iomem 0xd0000 device ie1 at isa? port 0x360 irq 7 iomem 0xd0000 device le0 at isa? port 0x300 irq 5 iomem 0xd0000 device lnc0 at isa? port 0x280 irq 10 drq 0 device rdp0 at isa? port 0x378 irq 7 flags 2 device sbni0 at isa? port 0x210 irq 5 flags 0xefdead device sr0 at isa? port 0x300 irq 5 iomem 0xd0000 device sn0 at isa? port 0x300 irq 10 device awi device wi device an options WLCACHE # enables the signal-strength cache options WLDEBUG # enables verbose debugging output device wl0 at isa? port 0x300 device xe device ray device oltr0 at isa? # # ATM related options # # The `en' device provides support for Efficient Networks (ENI) # ENI-155 PCI midway cards, and the Adaptec 155Mbps PCI ATM cards (ANA- 59x0). # # atm pseudo-device provides generic atm functions and is required for # atm devices. # NATM enables the netnatm protocol family that can be used to # bypass TCP/IP. # # the current driver supports only PVC operations (no atm-arp, no multicast). # for more details, please read the original documents at # http://www.ccrc.wustl.edu/pub/chuck/tech/bsdatm/bsdatm.html # pseudo-device atm device en options NATM #native ATM # # Audio drivers: `snd', `sb', `pas', `gus', `pca' # # snd: Voxware sound support code # sb: SoundBlaster PCM - SoundBlaster, SB Pro, SB16, ProAudioSpectrum # sbxvi: SoundBlaster 16 # sbmidi: SoundBlaster 16 MIDI interface # pas: ProAudioSpectrum PCM and MIDI # gus: Gravis Ultrasound - Ultrasound, Ultrasound 16, Ultrasound MAX # gusxvi: Gravis Ultrasound 16-bit PCM (do not use) # mss: Microsoft Sound System # css: Crystal Sound System (CSS 423x PnP) # sscape: Ensoniq Soundscape MIDI interface # sscape_mss: Ensoniq Soundscape PCM (requires sscape) # opl: Yamaha OPL-2 and OPL-3 FM - SB, SB Pro, SB 16, ProAudioSpectrum # uart: stand-alone 6850 UART for MIDI # mpu: Roland MPU-401 stand-alone card # # Note: It has been reported that ISA DMA with the SoundBlaster will # lock up the machine (PR docs/5358). If this happens to you, # turning off USWC write posting in your machine's BIOS may fix # the problem. # # Beware! The addresses specified below are also hard-coded in # src/sys/i386/isa/sound/sound_config.h. If you change the values here, you # must also change the values in the include file. # # pcm: PCM audio through various sound cards. # # This has support for a large number of new audio cards, based on # CS423x, OPTi931, Yamaha OPL-SAx, and also for SB16, GusPnP. # For more information about this driver and supported cards, # see the pcm.4 man page. # # The flags of the device tells the device a bit more info about the # device that normally is obtained through the PnP interface. # bit 2..0 secondary DMA channel; # bit 4 set if the board uses two dma channels; # bit 15..8 board type, overrides autodetection; leave it # zero if don't know what to put in (and you don't, # since this is unsupported at the moment...). # # This driver will use the new PnP code if it's available. # # pca: PCM audio through your PC speaker # # If you have a GUS-MAX card and want to use the CS4231 codec on the # card the drqs for the gus max must be 8 bit (1, 2, or 3). # # If you would like to use the full duplex option on the gus, then define # flags to be the ``read dma channel''. # # options BROKEN_BUS_CLOCK #PAS-16 isn't working and OPTI chipset # options SYMPHONY_PAS #PAS-16 isn't working and SYMPHONY chipset # options EXCLUDE_SBPRO #PAS-16 # options SBC_IRQ=5 #PAS-16. Must match irq on sb0 line. # PAS16: The order of the pas0/sb0/opl0 is important since the # sb emulation is enabled in the pas-16 attach. # # To override the GUS defaults use: # options GUS_DMA2 # options GUS_DMA # options GUS_IRQ # # The src/sys/i386/isa/sound/sound.doc has more information. # Controls all "VOXWARE" driver sound devices. See Luigi's driver # below for an alternate which may work better for some cards. # #device snd #device pas0 at isa? port 0x388 irq 10 drq 6 #device sb0 at isa? port 0x220 irq 5 drq 1 #device sbxvi0 at isa? drq 5 #device sbmidi0 at isa? port 0x330 #device awe0 at isa? port 0x620 #device gus0 at isa? port 0x220 irq 12 drq 1 ##device gus0 at isa? port 0x220 irq 12 drq 1 flags 0x3 #device mss0 at isa? port 0x530 irq 10 drq 1 #device css0 at isa? port 0x534 irq 5 drq 1 flags 0x08 #device sscape0 at isa? port 0x330 irq 9 drq 0 #device trix0 at isa? port 0x330 irq 6 drq 0 #device sscape_mss0 at isa? port 0x534 irq 5 drq 1 #device opl0 at isa? port 0x388 #device mpu0 at isa? port 0x330 irq 6 drq 0 #device uart0 at isa? port 0x330 irq 5 # The newpcm driver (use INSTEAD of snd0 and all VOXWARE drivers!). # Note that motherboard sound devices may require options PNPBIOS. # # Supported cards include: # Creative SoundBlaster ISA PnP/non-PnP # Supports ESS and Avance ISA chips as well. # Gravis UltraSound ISA PnP/non-PnP # Crystal Semiconductor CS461x/428x PCI # Neomagic 256AV (ac97) # Most of the more common ISA/PnP sb/mss/ess compatable cards. # For non-pnp sound cards with no bridge drivers only: device pcm0 at isa? irq 10 drq 1 flags 0x0 # # For PnP/PCI sound cards device pcm # The bridge drivers for sound cards. These can be seperately configured # for providing services to the likes of new-midi (not in the tree yet). # When used with 'device pcm' they also provide pcm sound services. # # sbc: Creative SoundBlaster ISA PnP/non-PnP # Supports ESS and Avance ISA chips as well. # gusc: Gravis UltraSound ISA PnP/non-PnP # csa: Crystal Semiconductor CS461x/428x PCI # For non-PnP cards: device sbc0 at isa? port 0x220 irq 5 drq 1 flags 0x15 device gusc0 at isa? port 0x220 irq 5 drq 1 flags 0x13 # Not controlled by `snd' device pca0 at isa? port IO_TIMER1 # # Miscellaneous hardware: # # mcd: Mitsumi CD-ROM using proprietary (non-ATAPI) interface # scd: Sony CD-ROM using proprietary (non-ATAPI) interface # matcd: Matsushita/Panasonic CD-ROM using proprietary (non-ATAPI) interface # wt: Wangtek and Archive QIC-02/QIC-36 tape drives # ctx: Cortex-I frame grabber # apm: Laptop Advanced Power Management (experimental) # spigot: The Creative Labs Video Spigot video-acquisition board # meteor: Matrox Meteor video capture board # bktr: Brooktree bt848/848a/849a/878/879 video capture and TV Tuner board # cy: Cyclades serial driver # dgb: Digiboard PC/Xi and PC/Xe series driver (ALPHA QUALITY!) # dgm: Digiboard PC/Xem driver # gp: National Instruments AT-GPIB and AT-GPIB/TNT board # asc: GI1904-based hand scanners, e.g. the Trust Amiscan Grey # gsc: Genius GS-4500 hand scanner. # joy: joystick # labpc: National Instrument's Lab-PC and Lab-PC+ # rc: RISCom/8 multiport card # rp: Comtrol Rocketport(ISA) - single card # tw: TW-523 power line interface for use with X-10 home control products # si: Specialix SI/XIO 4-32 port terminal multiplexor # stl: Stallion EasyIO and EasyConnection 8/32 (ISA and PCI), EasyConnection 8/6 4 PCI # stli: Stallion EasyConnection 8/64 ISA/EISA, ONboard, Brumby (intelligent) # nmdm: nullmodem terminal driver (see nmdm(4)) # Notes on APM # The flags takes the following meaning for apm0: # 0x0020 Statclock is broken. # If apm is omitted, some systems require sysctl -w kern.timecounter.method=1 # for correct timekeeping. # Notes on the spigot: # The video spigot is at 0xad6. This port address can not be changed. # The irq values may only be 10, 11, or 15 # I/O memory is an 8kb region. Possible values are: # 0a0000, 0a2000, ..., 0fffff, f00000, f02000, ..., ffffff # The start address must be on an even boundary. # Add the following option if you want to allow non-root users to be able # to access the spigot. This option is not secure because it allows users # direct access to the I/O page. # options SPIGOT_UNSECURE # Notes on the Comtrol Rocketport driver: # # The exact values used for rp0 depend on how many boards you have # in the system. The manufacturer's sample configs are listed as: # # Comtrol Rocketport ISA single card # device rp0 at isa? port 0x280 # # If instead you have two ISA cards, one installed at 0x100 and the # second installed at 0x180, then you should add the following to # your kernel configuration file: # # device rp0 at isa? port 0x100 # device rp1 at isa? port 0x180 # # For 4 ISA cards, it might be something like this: # # device rp0 at isa? port 0x180 # device rp1 at isa? port 0x100 # device rp2 at isa? port 0x340 # device rp3 at isa? port 0x240 # # And for PCI cards, you only need say: # # device rp # Notes on the Digiboard driver: # # The following flag values have special meanings: # 0x01 - alternate layout of pins (dgb & dgm) # 0x02 - use the windowed PC/Xe in 64K mode (dgb only) # Notes on the Specialix SI/XIO driver: # **This is NOT a Specialix supported Driver!** # The host card is memory, not IO mapped. # The Rev 1 host cards use a 64K chunk, on a 32K boundary. # The Rev 2 host cards use a 32K chunk, on a 32K boundary. # The cards can use an IRQ of 11, 12 or 15. # Notes on the Stallion stl and stli drivers: # See src/i386/isa/README.stl for complete instructions. # This is version 2.0.0, unsupported by Stallion. # The stl driver has a secondary IO port hard coded at 0x280. You need # to change src/i386/isa/stallion.c if you reconfigure this on the boards. # The "flags" and "iosiz" settings on the stli driver depend on the board: # EasyConnection 8/64 ISA: flags 23 iosiz 0x1000 # EasyConnection 8/64 EISA: flags 24 iosiz 0x10000 # EasyConnection 8/64 MCA: flags 25 iosiz 0x1000 # ONboard ISA: flags 4 iosiz 0x10000 # ONboard EISA: flags 7 iosiz 0x10000 # ONboard MCA: flags 3 iosiz 0x10000 # Brumby: flags 2 iosiz 0x4000 # Stallion: flags 1 iosiz 0x10000 # For the PCI cards, "device stl" will suffice. device mcd0 at isa? port 0x300 irq 10 # for the Sony CDU31/33A CDROM device scd0 at isa? port 0x230 # for the SoundBlaster 16 multicd - up to 4 devices device matcd0 at isa? port 0x230 device wt0 at isa? port 0x300 irq 5 drq 1 device ctx0 at isa? port 0x230 iomem 0xd0000 device spigot0 at isa? port 0xad6 irq 15 iomem 0xee000 device apm0 device gp0 at isa? port 0x2c0 device gsc0 at isa? port IO_GSC1 drq 3 device joy0 at isa? port IO_GAME device cy0 at isa? irq 10 iomem 0xd4000 iosiz 0x2000 options CY_PCI_FASTINTR # Use with cy_pci unless irq is shared device dgb0 at isa? port 0x220 iomem 0xfc000 options NDGBPORTS=16 # Defaults to 16*NDGB device dgm0 at isa? port 0x104 iomem 0xd0000 device labpc0 at isa? port 0x260 irq 5 device rc0 at isa? port 0x220 irq 12 device rp0 at isa? port 0x280 # the port and irq for tw0 are fictitious device tw0 at isa? port 0x380 irq 11 device si0 at isa? iomem 0xd0000 irq 12 device asc0 at isa? port IO_ASC1 drq 3 irq 10 device stl0 at isa? port 0x2a0 irq 10 device stli0 at isa? port 0x2a0 iomem 0xcc000 flags 23 iosiz 0x1000 # You are unlikely to have the hardware for loran0 <phk@FreeBSD.org> device loran0 at isa? irq 5 # HOT1 Xilinx 6200 card (http://www.vcc.com/) device xrpu # nullmodem terminal driver device nmdm # # MCA devices: # # The MCA bus device is `mca'. It provides auto-detection and # configuration support for all devices on the MCA bus. # # The 'aha' device provides support for the Adaptec 1640 # # The 'bt' device provides support for various Buslogic/Bustek # and Storage Dimensions SCSI adapters. # # The 'ep' device provides support for the 3Com 3C529 ethernet card. # device mca # # EISA devices: # # The EISA bus device is `eisa'. It provides auto-detection and # configuration support for all devices on the EISA bus. # # The `ahb' device provides support for the Adaptec 174X adapter. # # The `ahc' device provides support for the Adaptec 274X and 284X # adapters. The 284X, although a VLB card, responds to EISA probes. # # fea: DEC DEFEA EISA FDDI adapter # device eisa device ahb device ahc device fea # The aic7xxx driver will attempt to use memory mapped I/O for all PCI # controllers that have it configured only if this option is set. Unfortunately, # this doesn't work on some motherboards, which prevents it from being the # default. options AHC_ALLOW_MEMIO # The adw driver will attempt to use memory mapped I/O for all PCI # controllers that have it configured only if this option is set. options ADW_ALLOW_MEMIO # By default, only 10 EISA slots are probed, since the slot numbers # above clash with the configuration address space of the PCI subsystem, # and the EISA probe is not very smart about this. This is sufficient # for most machines, but in particular the HP NetServer LC series comes # with an onboard AIC7770 dual-channel SCSI controller on EISA slot #11, # thus you need to bump this figure to 12 for them. options EISA_SLOTS=12 # # PCI devices & PCI options: # # The main PCI bus device is `pci'. It provides auto-detection and # configuration support for all devices on the PCI bus, using either # configuration mode defined in the PCI specification. device pci # PCI options # #options PCI_QUIET #quiets PCI code on chipset settings # The `ahc' device provides support for the Adaptec 29/3940(U)(W) # and motherboard based AIC7870/AIC7880 adapters. # # The `amd' device provides support for the AMD 53C974 SCSI host # adapter chip as found on devices such as the Tekram DC-390(T). # # The `bge' device provides support for gigabit ethernet adapters # based on the Broadcom BCM570x familiy of controllers, including the # 3Com 3c996-T, the SysKonnect SK-9D21 and SK-9D41, and the embedded # gigE NICs on Dell PowerEdge 2550 servers. # # The `ncr' device provides support for the NCR 53C810 and 53C825 # self-contained SCSI host adapters. # # The `isp' device provides support for the Qlogic ISP 1020, 1040 # nd 1040B PCI SCSI host adapters, ISP 1240 Dual Ultra SCSI, # ISP 1080 and 1280 (Dual) Ultra2, ISP 12160 Ultra3 SCSI, as well as # the Qlogic ISP 2100 and ISP 2200 Fibre Channel Host Adapters. # # The `dc' device provides support for PCI fast ethernet adapters # based on the DEC/Intel 21143 and various workalikes including: # the ADMtek AL981 Comet and AN985 Centaur, the ASIX Electronics # AX88140A and AX88141, the Davicom DM9100 and DM9102, the Lite-On # 82c168 and 82c169 PNIC, the Lite-On/Macronix LC82C115 PNIC II # and the Macronix 98713/98713A/98715/98715A/98725 PMAC. This driver # replaces the old al, ax, dm, pn and mx drivers. List of brands: # Digital DE500-BA, Kingston KNE100TX, D-Link DFE-570TX, SOHOware SFA110, # SVEC PN102-TX, CNet Pro110B, 120A, and 120B, Compex RL100-TX, # LinkSys LNE100TX, LNE100TX V2.0, Jaton XpressNet, Alfa Inc GFC2204, # KNE110TX. # # The `de' device provides support for the Digital Equipment DC21040 # self-contained Ethernet adapter. # # The `fxp' device provides support for the Intel EtherExpress Pro/100B # PCI Fast Ethernet adapters. # # The `gx' device provides support for the Intel Pro/1000 Gigabit Ethernet # PCI adapters (82542, 82543-F, 82543-T). # # The 'lge' device provides support for PCI gigabit ethernet adapters # based on the Level 1 LXT1001 NetCellerator chipset. This includes the # D-Link DGE-500SX, SMC TigerCard 1000 (SMC9462SX), and some Addtron cards. # # The 'nge' device provides support for PCI gigabit ethernet adapters # based on the National Semiconductor DP83820 and DP83821 chipset. This # includes the SMC EZ Card 1000 (SMC9462TX), D-Link DGE-500T, Asante # FriendlyNet GigaNIX 1000TA and 1000TPC, the Addtron AEG320T, the # LinkSys EG1032 and EG1064, the Surecom EP-320G-TX and the Netgear GA622T. # # The 'pcn' device provides support for PCI fast ethernet adapters based # on the AMD Am79c97x chipsets, including the PCnet/FAST, PCnet/FAST+, # PCnet/PRO and PCnet/Home. These were previously handled by the lnc # driver (and still will be if you leave this driver out of the kernel). # # The 'rl' device provides support for PCI fast ethernet adapters based # on the RealTek 8129/8139 chipset. Note that the RealTek driver defaults # to using programmed I/O to do register accesses because memory mapped # mode seems to cause severe lockups on SMP hardware. This driver also # supports the Accton EN1207D `Cheetah' adapter, which uses a chip called # the MPX 5030/5038, which is either a RealTek in disguise or a RealTek # workalike. Note that the D-Link DFE-530TX+ uses the RealTek chipset # and is supported by this driver, not the 'vr' driver. # # The 'sf' device provides support for Adaptec Duralink PCI fast # ethernet adapters based on the Adaptec AIC-6915 "starfire" controller. # This includes dual and quad port cards, as well as one 100baseFX card. # Most of these are 64-bit PCI devices, except for one single port # card which is 32-bit. # # The 'ste' device provides support for adapters based on the Sundance # Technologies ST201 PCI fast ethernet controller. This includes the # D-Link DFE-550TX. # # The 'sis' device provides support for adapters based on the Silicon # Integrated Systems SiS 900 and SiS 7016 PCI fast ethernet controller # chips. # # The 'sk' device provides support for the SysKonnect SK-984x series # PCI gigabit ethernet NICs. This includes the SK-9841 and SK-9842 # single port cards (single mode and multimode fiber) and the # SK-9843 and SK-9844 dual port cards (also single mode and multimode). # The driver will autodetect the number of ports on the card and # attach each one as a separate network interface. # # The 'ti' device provides support for PCI gigabit ethernet NICs based # on the Alteon Networks Tigon 1 and Tigon 2 chipsets. This includes the # Alteon AceNIC, the 3Com 3c985, the Netgear GA620 and various others. # Note that you will probably want to bump up NMBCLUSTERS a lot to use # this driver. # # The 'tl' device provides support for the Texas Instruments TNETE100 # series 'ThunderLAN' cards and integrated ethernet controllers. This # includes several Compaq Netelligent 10/100 cards and the built-in # ethernet controllers in several Compaq Prosignia, Proliant and # Deskpro systems. It also supports several Olicom 10Mbps and 10/100 # boards. # # The `tx' device provides support for the SMC 9432 TX, BTX and FTX cards. # # The `txp' device provides support for the 3Com 3cR990 "Typhoon" # 10/100 adapters. # # The `vr' device provides support for various fast ethernet adapters # based on the VIA Technologies VT3043 `Rhine I' and VT86C100A `Rhine II' # chips, including the D-Link DFE530TX (see 'rl' for DFE530TX+), the Hawking # Technologies PN102TX, and the AOpen/Acer ALN-320. # # The `vx' device provides support for the 3Com 3C590 and 3C595 # early support # # The `wb' device provides support for various fast ethernet adapters # based on the Winbond W89C840F chip. Note: this is not the same as # the Winbond W89C940F, which is an NE2000 clone. # # The `wx' device provides support for the Intel Gigabit Ethernet # PCI card (`Wiseman'). # # The `xl' device provides support for the 3Com 3c900, 3c905 and # 3c905B (Fast) Etherlink XL cards and integrated controllers. This # includes the integrated 3c905B-TX chips in certain Dell Optiplex and # Dell Precision desktop machines and the integrated 3c905-TX chips # in Dell Latitude laptop docking stations. # # The `fpa' device provides support for the Digital DEFPA PCI FDDI # adapter. pseudo-device fddi is also needed. # # The `meteor' device is a PCI video capture board. It can also have the # following options: # options METEOR_ALLOC_PAGES=xxx preallocate kernel pages for data entry # figure (ROWS*COLUMN*BYTES_PER_PIXEL*FRAME+PAGE_SIZE-1)/PAGE_SIZE # options METEOR_DEALLOC_PAGES remove all allocated pages on close (2) # options METEOR_DEALLOC_ABOVE=xxx remove all allocated pages above the # specified amount. If this value is below the allocated amount no action # taken # options METEOR_SYSTEM_DEFAULT={METEOR_PAL|METEOR_NTSC|METEOR_SECAM}, used # for initialization of fps routine when a signal is not present. # # The 'bktr' device is a PCI video capture device using the Brooktree # bt848/bt848a/bt849a/bt878/bt879 chipset. When used with a TV Tuner it forms a # TV card, eg Miro PC/TV, Hauppauge WinCast/TV WinTV, VideoLogic Captivator, # Intel Smart Video III, AverMedia, IMS Turbo, FlyVideo. # # options OVERRIDE_CARD=xxx # options OVERRIDE_TUNER=xxx # options OVERRIDE_MSP=1 # options OVERRIDE_DBX=1 # These options can be used to override the auto detection # The current values for xxx are found in src/sys/dev/bktr/bktr_card.h # Using sysctl(8) run-time overrides on a per-card basis can be made # # options BROOKTREE_SYSTEM_DEFAULT=BROOKTREE_PAL # or # options BROOKTREE_SYSTEM_DEFAULT=BROOKTREE_NTSC # Specifes the default video capture mode. # This is required for Dual Crystal (28&35Mhz) boards where PAL is used # to prevent hangs during initialisation. eg VideoLogic Captivator PCI. # # options BKTR_USE_PLL # PAL or SECAM users who have a 28Mhz crystal (and no 35Mhz crystal) # must enable PLL mode with this option. eg some new Bt878 cards. # # options BKTR_GPIO_ACCESS # This enable IOCTLs which give user level access to the GPIO port. # # options BKTR_NO_MSP_RESET # Prevents the MSP34xx reset. Good if you initialise the MSP in another OS first # # options BKTR_430_FX_MODE # Switch Bt878/879 cards into Intel 430FX chipset compatibility mode. # # options BKTR_SIS_VIA_MODE # Switch Bt878/879 cards into SIS/VIA chipset compatibility mode which is # needed for some old SiS and VIA chipset motherboards. # This also allows Bt878/879 chips to work on old OPTi (<1997) chipset # motherboards and motherboards with bad or incomplete PCI 2.1 support. # As a rough guess, old = before 1998 # # # The oltr driver supports the following Olicom PCI token-ring adapters # OC-3136, OC-3137, OC-3139, OC-3140, OC-3141, OC-3540, OC-3250 # device ahc # AHA2940 and onboard AIC7xxx devices device amd # AMD 53C974 (Teckram DC-390(T)) device isp # Qlogic family device ispfw # Firmware for QLogic HBAs device ncr # NCR/Symbios Logic device sym # NCR/Symbios Logic (newer chipsets) # # Options for ISP # # ISP_TARGET_MODE - enable target mode operation #options ISP_TARGET_MODE=1 # Options used in dev/sym/ (Symbios SCSI driver). #options SYM_SETUP_LP_PROBE_MAP #-Low Priority Probe Map (bits) # Allows the ncr to take precedence # 1 (1<<0) -> 810a, 860 # 2 (1<<1) -> 825a, 875, 885, 895 # 4 (1<<2) -> 895a, 896, 1510d #options SYM_SETUP_SCSI_DIFF #-HVD support for 825a, 875, 885 # disabled:0 (default), enabled:1 #options SYM_SETUP_PCI_PARITY #-PCI parity checking # disabled:0, enabled:1 (default) #options SYM_SETUP_MAX_LUN #-Number of LUNs supported # default:8, range:[1..64] # MII bus support is required for some PCI 10/100 ethernet NICs, # namely those which use MII-compliant transceivers or implement # tranceiver control interfaces that operate like an MII. Adding # "device miibus0" to the kernel config pulls in support for # the generic miibus API and all of the PHY drivers, including a # generic one for PHYs that aren't specifically handled by an # individual driver. device miibus # PCI Ethernet NICs that use the common MII bus controller code. device dc # DEC/Intel 21143 and various workalikes device fxp # Intel EtherExpress PRO/100B (82557, 82558) device pcn # AMD Am79C97x PCI 10/100 NICs device rl # RealTek 8129/8139 device sf # Adaptec AIC-6915 (``Starfire'') device sis # Silicon Integrated Systems SiS 900/SiS 7016 device ste # Sundance ST201 (D-Link DFE-550TX) device tl # Texas Instruments ThunderLAN device tx # SMC EtherPower II (83c17x ``EPIC'') device vr # VIA Rhine, Rhine II device wb # Winbond W89C840F device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'') # PCI Ethernet NICs. device de # DEC/Intel DC21x4x (``Tulip'') device txp # 3Com 3cR990 (``Typhoon'') device vx # 3Com 3c590, 3c595 (``Vortex'') # Gigabit Ethernet NICs. device bge # Broadcom BCM570x (``Tigon III'') device gx # Intel Pro/1000 (82542, 82543) device lge # Level 1 LXT1001 (``Mercury'') device nge # NatSemi DP83820 and DP83821 device sk # SysKonnect GEnesis device ti # Alteon (``Tigon I'', ``Tigon II'') device wx device fpa device meteor #The oltr driver in the ISA section will also find PCI cards. #device oltr0 # Brooktree driver has been ported to the new I2C framework. Thus, # you'll need to have the following 3 lines in the kernel config. # device smbus # device iicbus # device iicbb # The iic and smb devices are only needed if you want to control other # I2C slaves connected to the external connector of some cards. # device bktr # # PCCARD/PCMCIA # # card: pccard slots # pcic: isa/pccard bridge device pcic0 at isa? device pcic1 at isa? device card # You may need to reset all pccards after resuming options PCIC_RESUME_RESET # reset after resume # # Laptop/Notebook options: # # See also: # apm under `Miscellaneous hardware' # above. # For older notebooks that signal a powerfail condition (external # power supply dropped, or battery state low) by issuing an NMI: options POWERFAIL_NMI # make it beep instead of panicing # # SMB bus # # System Management Bus support is provided by the 'smbus' device. # Access to the SMBus device is via the 'smb' device (/dev/smb*), # which is a child of the 'smbus' device. # # Supported devices: # smb standard io through /dev/smb* # # Supported SMB interfaces: # iicsmb I2C to SMB bridge with any iicbus interface # bktr brooktree848 I2C hardware interface # intpm Intel PIIX4 (82371AB, 82443MX) Power Management Unit # alpm Acer Aladdin-IV/V/Pro2 Power Management Unit # ichsmb Intel ICH SMBus controller chips (82801AA, 82801AB, 82801BA) # device smbus # Bus support, required for smb below. device intpm device alpm device ichsmb device smb # # I2C Bus # # Philips i2c bus support is provided by the `iicbus' device. # # Supported devices: # ic i2c network interface # iic i2c standard io # iicsmb i2c to smb bridge. Allow i2c i/o with smb commands. # # Supported interfaces: # pcf Philips PCF8584 ISA-bus controller # bktr brooktree848 I2C software interface # # Other: # iicbb generic I2C bit-banging code (needed by lpbb, bktr) # device iicbus # Bus support, required for ic/iic/iicsmb below. device iicbb device ic device iic device iicsmb # smb over i2c bridge device pcf0 at isa? port 0x320 irq 5 #--------------------------------------------------------------------------- # ISDN4BSD # # See /usr/share/examples/isdn/ROADMAP for an introduction to isdn4bsd. # # i4b passive ISDN cards support contains the following hardware drivers: # # isic - Siemens/Infineon ISDN ISAC/HSCX/IPAC chipset driver # iwic - Winbond W6692 PCI bus ISDN S/T interface controller # ifpi - AVM Fritz!Card PCI driver # ihfc - Cologne Chip HFC ISA/ISA-PnP chipset driver # ifpnp - AVM Fritz!Card PnP driver # itjc - Siemens ISAC / TJNet Tiger300/320 chipset # # i4b active ISDN cards support contains the following hardware drivers: # # iavc - AVM B1 PCI, AVM B1 ISA, AVM T1 # # Note that the ``options'' (if given) and ``device'' lines must BOTH # be uncommented to enable support for a given card ! # # In addition to a hardware driver (and probably an option) the mandatory # ISDN protocol stack devices and the mandatory support device must be # enabled as well as one or more devices from the optional devices section. # #--------------------------------------------------------------------------- # isic driver (Siemens/Infineon chipsets) #--------------------------------------------------------------------------- # # ISA bus non-PnP Cards: # ---------------------- # # Teles S0/8 or Niccy 1008 options TEL_S0_8 device isic0 at isa? iomem 0xd0000 irq 5 flags 1 # # Teles S0/16 or Creatix ISDN-S0 or Niccy 1016 options TEL_S0_16 #device isic0 at isa? port 0xd80 iomem 0xd0000 irq 5 flags 2 # # Teles S0/16.3 options TEL_S0_16_3 #device isic0 at isa? port 0xd80 irq 5 flags 3 # # AVM A1 or AVM Fritz!Card options AVM_A1 #device isic0 at isa? port 0x340 irq 5 flags 4 # # USRobotics Sportster ISDN TA intern options USR_STI #device isic0 at isa? port 0x268 irq 5 flags 7 # # ITK ix1 Micro ( < V.3, non-PnP version ) options ITKIX1 #device isic0 at isa? port 0x398 irq 10 flags 18 # # ELSA PCC-16 options ELSA_PCC16 #device isic0 at isa? port 0x360 irq 10 flags 20 # # ISA bus PnP Cards: # ------------------ # # Teles S0/16.3 PnP options TEL_S0_16_3_P #device isic # # Creatix ISDN-S0 P&P options CRTX_S0_P #device isic # # Dr. Neuhaus Niccy Go@ options DRN_NGO #device isic # # Sedlbauer Win Speed options SEDLBAUER #device isic # # Dynalink IS64PH options DYNALINK #device isic # # ELSA QuickStep 1000pro ISA options ELSA_QS1ISA #device isic # # ITK ix1 Micro ( V.3, PnP version ) options ITKIX1 #device isic # # Siemens I-Surf 2.0 options SIEMENS_ISURF2 #device isic # # Asuscom ISDNlink 128K ISAC options ASUSCOM_IPAC #device isic # # Eicon Diehl DIVA 2.0 and 2.02 options EICON_DIVA #device isic # # PCI bus Cards: # -------------- # # ELSA MicroLink ISDN/PCI (same as ELSA QuickStep 1000pro PCI) options ELSA_QS1PCI #device isic # #--------------------------------------------------------------------------- # ifpnp driver for AVM Fritz!Card ISA PnP #--------------------------------------------------------------------------- # # AVM Fritz!Card ISA PnP device ifpnp # #--------------------------------------------------------------------------- # ihfc driver for Cologne Chip ISA chipsets (experimental!) #--------------------------------------------------------------------------- # # Teles 16.3c ISA PnP # AcerISDN P10 ISA PnP # TELEINT ISDN SPEED No.1 device ihfc # #--------------------------------------------------------------------------- # ifpi driver for AVM Fritz!Card PCI 1.0 (2.0 unsupported!) #--------------------------------------------------------------------------- # # AVM Fritz!Card PCI 1.0 device ifpi # #--------------------------------------------------------------------------- # iwic driver for Winbond W6692 chipset #--------------------------------------------------------------------------- # # ASUSCOM P-IN100-ST-D (and other Winbond W6692 based cards) device iwic # #--------------------------------------------------------------------------- # itjc driver for Simens ISAC / TJNet Tiger300/320 chipset #--------------------------------------------------------------------------- # # Traverse Technologies NETjet-S # Teles PCI-TJ device itjc # #--------------------------------------------------------------------------- # iavc driver (AVM active cards, needs i4bcapi driver!) #--------------------------------------------------------------------------- # pseudo-device "i4bcapi" 2 # # AVM B1 PCI device iavc0 # # AVM B1 ISA bus (PnP mode not supported!) #device iavc0 at isa? port 0x150 irq 5 # # # ISDN Protocol Stack (mandatory) # ------------------------------- # # Q.921 / layer 2 - i4b passive cards D channel handling pseudo-device "i4bq921" # # Q.931 / layer 3 - i4b passive cards D channel handling pseudo-device "i4bq931" # # layer 4 - i4b common passive and active card handling pseudo-device "i4b" # # ISDN devices # ------------ # # userland driver to do ISDN tracing (for passive cards only) pseudo-device "i4btrc" 4 # # userland driver to control the whole thing (mandatory) pseudo-device "i4bctl" # # userland driver for access to raw B channel pseudo-device "i4brbch" 4 # # userland driver for telephony pseudo-device "i4btel" 2 # # network driver for IP over raw HDLC ISDN pseudo-device "i4bipr" 4 # enable VJ header compression detection for ipr i/f options IPR_VJ # enable logging of the first n IP packets to isdnd (n=32 here) #options IPR_LOG=32 # # network driver for sync PPP over ISDN pseudo-device "i4bisppp" 4 # Parallel-Port Bus # # Parallel port bus support is provided by the `ppbus' device. # Multiple devices may be attached to the parallel port, devices # are automatically probed and attached when found. # # Supported devices: # vpo Iomega Zip Drive # Requires SCSI disk support ('scbus' and 'da'), best # performance is achieved with ports in EPP 1.9 mode. # lpt Parallel Printer # plip Parallel network interface # ppi General-purpose I/O ("Geek Port") + IEEE1284 I/O # pps Pulse per second Timing Interface # lpbb Philips official parallel port I2C bit-banging interface # # Supported interfaces: # ppc ISA-bus parallel port interfaces. # options PPC_PROBE_CHIPSET # Enable chipset specific detection # (see flags in ppc(4)) options DEBUG_1284 # IEEE1284 signaling protocol debug options PERIPH_1284 # Makes your computer act as a IEEE1284 # compliant peripheral options DONTPROBE_1284 # Avoid boot detection of PnP parallel devices options VP0_DEBUG # ZIP/ZIP+ debug options LPT_DEBUG # Printer driver debug options PPC_DEBUG # Parallel chipset level debug options PLIP_DEBUG # Parallel network IP interface debug options PCFCLOCK_VERBOSE # Verbose pcfclock driver options PCFCLOCK_MAX_RETRIES=5 # Maximum read tries (default 10) device ppc0 at isa? irq 7 device ppbus device vpo device lpt device plip device ppi device pps device lpbb device pcfclock # Kernel BOOTP support options BOOTP # Use BOOTP to obtain IP address/hostname options BOOTP_NFSROOT # NFS mount root filesystem using BOOTP info options BOOTP_NFSV3 # Use NFS v3 to NFS mount root options BOOTP_COMPAT # Workaround for broken bootp daemons. options BOOTP_WIRED_TO=fxp0 # Use interface fxp0 for BOOTP # # Add tie-ins for a hardware watchdog. This only enable the hooks; # the user must still supply the actual driver. # options HW_WDOG # # Set the number of PV entries per process. Increasing this can # stop panics related to heavy use of shared memory. However, that can # (combined with large amounts of physical memory) cause panics at # boot time due the kernel running out of VM space. # # If you're tweaking this, you might also want to increase the sysctls # "vm.v_free_min", "vm.v_free_reserved", and "vm.v_free_target". # # The value below is the one more than the default. # options PMAP_SHPGPERPROC=201 # # Change the size of the kernel virtual address space. Due to # constraints in loader(8) on i386, this must be a multiple of 4. # 256 = 1 GB of kernel address space. Increasing this also causes # a reduction of the address space in user processes. 512 splits # the 4GB cpu address space in half (2GB user, 2GB kernel). # options KVA_PAGES=260 # # Disable swapping. This option removes all code which actually performs # swapping, so it's not possible to turn it back on at run-time. # # This is sometimes usable for systems which don't have any swap space # (see also sysctls "vm.defer_swapspace_pageouts" and # "vm.disable_swapspace_pageouts") # #options NO_SWAPPING # Set the number of sf_bufs to allocate. sf_bufs are virtual buffers # for sendfile(2) that are used to map file VM pages, and normally # default to a quantity that is roughly 16*MAXUSERS+512. You would # typically want about 4 of these for each simultaneous file send. # options NSFBUFS=8704 # Set the size of the buffer cache KVM reservation, in buffers. This is # scaled by approximately 16384 bytes. The system will auto-size the buffer # cache if this option is not specified or set to 0. # options NBUF=5120 # Set the size of the mbuf KVM reservation, in clusters. This is scaled # by approximately 2048 bytes. The system will auto-size the mbuf area # if this options is not specified or set to 0. # options NMBCLUSTERS=32768 # Tune the kernel malloc area parameters. VM_KMEM_SIZE represents the # minimum, in bytes, and is typically (12*1024*1024) (12MB). # VM_KMEM_SIZE_MAX represents the maximum, typically 200 megabytes. # VM_KMEM_SIZE_SCALE can be set to adjust the auto-tuning factor, which # typically defaults to 4 (kernel malloc area size is physical memory # divided by the scale factor). # options VM_KMEM_SIZE="(10*1024*1024)" options VM_KMEM_SIZE_MAX="(100*1024*1024)" options VM_KMEM_SIZE_SCALE="4" # Tune the buffer cache maximum KVA reservation, in bytes. The maximum is # usually capped at 200 MB, effecting machines with > 1GB of ram. Note # that the buffer cache only really governs write buffering and disk block # translations. The VM page cache is our primary disk cache and is not # effected by the size of the buffer cache. # options VM_BCACHE_SIZE_MAX="(100*1024*1024)" # Tune the swap zone KVA reservation, in bytes. The default is typically # 70 MB, giving the system the ability to manage a maximum of 28GB worth # of swapped out data. # options VM_SWZONE_SIZE_MAX="(50*1024*1024)" # # Enable extra debugging code for locks. This stores the filename and # line of whatever acquired the lock in the lock itself, and change a # number of function calls to pass around the relevant data. This is # not at all useful unless you are debugging lock code. Also note # that it is likely to break e.g. fstat(1) unless you recompile your # userland with -DDEBUG_LOCKS as well. # options DEBUG_LOCKS # Set the amount of time (in seconds) the system will wait before # rebooting automatically when a kernel panic occurs. If set to (-1), # the system will wait indefinitely until a key is pressed on the # console. options PANIC_REBOOT_WAIT_TIME=16 # # SysVR4 ABI emulation # # The svr4 ABI emulator can be statically compiled into the kernel or loaded as # a KLD module. # The STREAMS network emulation code can also be compiled statically or as a # module. If loaded as a module, it must be loaded before the svr4 module # (the /usr/sbin/svr4 script does this for you). If compiling statically, # the `streams' pseudo-device must be configured into any kernel which also # specifies COMPAT_SVR4. It is possible to have a statically-configured # STREAMS device and a dynamically loadable svr4 emulator; the /usr/sbin/svr4 # script understands that it doesn't need to load the `streams' module under # those circumstances. # Caveat: At this time, `options KTRACE' is required for the svr4 emulator # (whether static or dynamic). # options COMPAT_SVR4 # build emulator statically options DEBUG_SVR4 # enable verbose debugging pseudo-device streams # STREAMS network driver (required for svr4). # The 'asr' driver provides support for current DPT/Adaptec SCSI RAID # controllers (SmartRAID V and VI and later). # These controllers require the CAM infrastructure. # device asr # The 'dpt' driver provides support for DPT controllers (http://www.dpt.com/). # These have hardware RAID-{0,1,5} support, and do multi-initiator I/O. # The DPT controllers are commonly re-licensed under other brand-names - # some controllers by Olivetti, Dec, HP, AT&T, SNI, AST, Alphatronic, NEC and # Compaq are actually DPT controllers. # # See src/sys/dev/dpt for debugging and other subtle options. # DPT_MEASURE_PERFORMANCE Enables a set of (semi)invasive metrics. Various # instruments are enabled. The tools in # /usr/sbin/dpt_* assume these to be enabled. # DPT_HANDLE_TIMEOUTS Normally device timeouts are handled by the DPT. # If you ant the driver to handle timeouts, enable # this option. If your system is very busy, this # option will create more trouble than solve. # DPT_TIMEOUT_FACTOR Used to compute the excessive amount of time to # wait when timing out with the above option. # DPT_DEBUG_xxxx These are controllable from sys/dev/dpt/dpt.h # DPT_LOST_IRQ When enabled, will try, once per second, to catch # any interrupt that got lost. Seems to help in some # DPT-firmware/Motherboard combinations. Minimal # cost, great benefit. # DPT_RESET_HBA Make "reset" actually reset the controller # instead of fudging it. Only enable this if you # are 100% certain you need it. device dpt # DPT options #!CAM# options DPT_MEASURE_PERFORMANCE #!CAM# options DPT_HANDLE_TIMEOUTS options DPT_TIMEOUT_FACTOR=4 options DPT_LOST_IRQ options DPT_RESET_HBA options DPT_ALLOW_MEMIO # # Compaq "CISS" RAID controllers (SmartRAID 5* series) # These controllers have a SCSI-like interface, and require the # CAM infrastructure. # device ciss # # Mylex AcceleRAID and eXtremeRAID controllers with v6 and later # firmware. These controllers have a SCSI-like interface, and require # the CAM infrastructure. # device mly # USB support # UHCI controller device uhci # OHCI controller device ohci # General USB code (mandatory for USB) device usb # # Generic USB device driver device ugen # Human Interface Device (anything with buttons and dials) device uhid # USB keyboard device ukbd # USB printer device ulpt # USB Iomega Zip 100 Drive (Requires scbus and da) device umass # USB modem support device umodem # USB mouse device ums # USB Rio (MP3 Player) device urio # USB scanners device uscanner # # ADMtek USB ethernet. Supports the LinkSys USB100TX, # the Billionton USB100, the Melco LU-ATX, the D-Link DSB-650TX # and the SMC 2202USB. Also works with the ADMtek AN986 Pegasus # eval board. device aue # # CATC USB-EL1201A USB ethernet. Supports the CATC Netmate # and Netmate II, and the Belkin F5U111. device cue # # Kawasaki LSI ethernet. Supports the LinkSys USB10T, # Entrega USB-NET-E45, Peracom Ethernet Adapter, the # 3Com 3c19250, the ADS Technologies USB-10BT, the ATen UC10T, # the Netgear EA101, the D-Link DSB-650, the SMC 2102USB # and 2104USB, and the Corega USB-T. device kue # debugging options for the USB subsystem # options UHCI_DEBUG options OHCI_DEBUG options USB_DEBUG options UGEN_DEBUG options UHID_DEBUG options UHUB_DEBUG options UKBD_DEBUG options ULPT_DEBUG options UMASS_DEBUG options UMS_DEBUG # options for ukbd: options UKBD_DFLT_KEYMAP # specify the built-in keymap makeoptions UKBD_DFLT_KEYMAP=it.iso # # Embedded system options: # # An embedded system might want to run something other than init. options INIT_PATH="/sbin/init:/stand/sysinstall" # Debug options options BUS_DEBUG # enable newbus debugging options DEBUG_VFS_LOCKS # enable vfs lock debugging options NPX_DEBUG # enable npx debugging (FPU/math emu) # More undocumented options for linting. # Note that documenting these are not considered an affront. options AHC_DUMP_EEPROM options AHC_TMODE_ENABLE options CAM_DEBUG_DELAY options CLUSTERDEBUG options COMPAT_LINUX options CPU_UPGRADE_HW_CACHE options DEBUG options DEBUG_LINUX #options DISABLE_PSE options ENABLE_ALART options ENABLE_VFS_IOOPT options FB_DEBUG options FB_INSTALL_CDEV options FE_8BIT_SUPPORT options I4B_SMP_WORKAROUND options I586_PMC_GUPROF=0x70000 options IBCS2 options KBDIO_DEBUG=2 options KBD_MAXRETRY=4 options KBD_MAXWAIT=6 options KBD_RESETDELAY=201 options KEY options LOCKF_DEBUG options LOUTB options NETATALKDEBUG #options OLTR_NO_BULLSEYE_MAC #options OLTR_NO_HAWKEYE_MAC #options OLTR_NO_TMS_MAC options PNPBIOS options PSM_DEBUG=1 options SCSI_NCR_DEBUG options SCSI_NCR_MAX_SYNC=10000 options SCSI_NCR_MAX_WIDE=1 options SCSI_NCR_MYADDR=7 options SC_DEBUG_LEVEL options SC_RENDER_DEBUG options SHOW_BUSYBUFS # List buffers that prevent root unmount options SIMPLELOCK_DEBUG options SI_DEBUG options SLIP_IFF_OPTS options SPX_HACK options TIMER_FREQ="((14318182+6)/12)" options VFS_BIO_DEBUG options XBONEHACK ------------------------------------------------------------ cache# ipcs -a Message Queues: T ID KEY MODE OWNER GROUP CREATOR CGROUP CBYTES QNUM QBYTES LSPID LRPID STIME RTIME CTIME Shared Memory: T ID KEY MODE OWNER GROUP CREATOR CGROUP NATTCH SEGS Z CPID LPID ATIME DTIME CTIME Semaphores: T ID KEY MODE OWNER GROUP CREATOR CGROUP NSEMS OTIM E CTIME ----------------------------------------- ICOSNET votre provider. "Webmail client!" http://www.aloline.com/Received on Wed Apr 24 2002 - 05:46:22 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:07:40 MST