From owner-freebsd-stable@FreeBSD.ORG  Wed Dec 15 22:23:43 2004
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6664516A4CE
	for <freebsd-stable@freebsd.org>;
	Wed, 15 Dec 2004 22:23:43 +0000 (GMT)
Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.192])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 87E0543D3F
	for <freebsd-stable@freebsd.org>;
	Wed, 15 Dec 2004 22:23:42 +0000 (GMT)
	(envelope-from mbrunstein@gmail.com)
Received: by wproxy.gmail.com with SMTP id 55so169242wri
	for <freebsd-stable@freebsd.org>;
	Wed, 15 Dec 2004 14:23:41 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
	s=beta; d=gmail.com;
	h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:references;
	b=uLZyQwTOve46h2mvzZHjSbcAUpbXk+OqHazV4Jmp58wZ9HVlB/W6diiIythH7EFlLAtWaeJsuE946Lo5tN3bkTRvN4m1yawO9c6EKb9UQpfRIUwj65la3NRg/yqnL3PlRfakcpLOTQxa5Xo8TrvX8Z4QbBSkCyjgBBmHnqa8xVU=
Received: by 10.54.45.21 with SMTP id s21mr1756686wrs;
        Wed, 15 Dec 2004 14:23:41 -0800 (PST)
Received: by 10.54.3.47 with HTTP; Wed, 15 Dec 2004 14:23:41 -0800 (PST)
Message-ID: <5982296404121514234afb345e@mail.gmail.com>
Date: Wed, 15 Dec 2004 19:23:41 -0300
From: Mauricio Brunstein <mbrunstein@gmail.com>
To: freebsd-stable@freebsd.org
In-Reply-To: <598229640412141458dd6ae07@mail.gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
References: <5982296404121316301232bcde@mail.gmail.com>
	 <598229640412141458dd6ae07@mail.gmail.com>
Subject: Problem with ppp and pf on FreeBSD 5.3
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
Reply-To: Mauricio Brunstein <mbrunstein@gmail.com>
List-Id: Production branch of FreeBSD source code
	<freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Dec 2004 22:23:43 -0000

I am new to FreeBSD, and UNIX in general but form the beginning I'm
fascinated. I had configured a FreeBSD 5.3 machine to be the
Firewall/gateway of 8 windows PC's. The machine has 2 interfaces one
(fxp0) is connected to the ADSL modem and the another (rl0) is
connected to a switch where the windows boxes are connected too. The
first problem is that sometimes, when ppp redial to the pppoe Internet
provider,  I can use Internet from the FreeBSD machine, but not from
the internal network. I had  found a workaround to this problem, I added
these lines to ppp.linkup
--------------------------------
server:~ $ cat /etc/ppp/ppp.linkup
default:
! pfctl -F all -f /etc/pf.conf
! /usr/local/etc/ez-ipupdate.conf
---------------------------------
Because after a connection drop and reconnect,  sometimes the nat stop 
working and refreshing the pf rules makes the nat to work again. But this 
happens only sometimes.

The oder problem that I can't solve is the following:

In the FreeBSD manual states that one must use router_enable="NO" in
rc.conf, to avoid routed to delete the routes added by ppp. If I do
this, I can't have access to the box from the Internet by means of ssh.

For reference I added the content of the floowing files:

/etc/rc.conf
/etc/start_if.tun0
/etc/ppp/ppp.conf
/etc/pf.conf
/root/kernels/GENERICconALTQ # the kernel config file
demesg

Thank you very much!!!

-------------------------------------------------
server:~ $ cat /etc/rc.conf

# -- sysinstall generated deltas -- # Sun Nov 21 13:07:41 2004
# Created: Sun Nov 21 13:07:41 2004
# Enable network daemons for user convenience.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# This file now contains just the overrides from /etc/defaults/rc.conf.

hostname="server.estudio"
ifconfig_rl0="inet 192.168.2.1  netmask 255.255.255.0"
netd_enable="YES"
saver="dragon"
scrnmap="NO"
sshd_enable="YES"
sshd_flags="-4 -p 222"
usbd_enable="YES"
network_interfaces="lo0 tun0 rl0"
ifconfig_tun0=
#router_enable="NO"
router_enable="YES"
gateway_enable="YES"          # Set to YES if this host will be a gateway
pf_enable="YES" # Enable PF (load module if required)
pf_rules="/etc/pf.conf"         # rules definition file for pf
pf_flags=""                     # additional flags for pfctl startup
#pflog_enable="YES"              # start pflogd(8)
#pflog_logfile="/var/log/pflog"  # where pflogd should store the logfile
#pflog_flags=""                  # additional flags for pflogd startup
inetd_enable="YES"               # Run the network daemon dispatcher (YES/NO).
inetd_program="/usr/sbin/inetd" # path to inetd, if you want a different one.
inetd_flags="-wW -C 60"         # Optional flags to inetd
#nmbd_enable="YES"
#smbd_enable="YES"
#winbindd_enable="YES"
named_enable="YES"               # Run named, the DNS server (or NO).
named_program="/usr/sbin/named" # path to named, if you want a different one.
named_flags="-u bind"           # Flags for named
named_pidfile="/var/run/named/pid" # Must set this in named.conf as well
named_chrootdir="/var/named"    # Chroot directory (or "" not to auto-chroot it)
named_chroot_autoupdate="YES"   # Automatically install/update chrooted
                            # components of named. See /etc/rc.d/named.
named_symlink_enable="YES"      # Symlink the chrooted pid file

---------------------------------------------------------------

server:~ $ uname -a
FreeBSD server.estudio 5.3-RELEASE-p1 FreeBSD 5.3-RELEASE-p1 #1: Tue
Nov 23 02:13:24 ART 2004
root@server.estudio:/usr/obj/usr/src/sys/GENERICconALTQ  i386

------------------------------------------------------------------------

server:~ $ cat /etc/start_if.tun0
ppp -ddial default && /usr/local/etc/ez-ipupdate.conf

-------------------------------------------------------------------

server:~ $ sudo cat /etc/ppp/ppp.conf
default:
set log Phase Chat IPCP CCP tun command
# set log Phase Chat LCP IPCP CCP tun command
# nat enable yes
# nat same_ports yes
# nat use_sockets yes
set device PPPoE:fxp0 # replace fxp0 with your Ethernet device
set mtu 1492
set mru 1492
enable mssfixup
set speed sync
disable acfcomp protocomp
deny acfcomp
set authname xxxxxx
set authkey yyyyyy
set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.255

add default HISADDR
# enable lqr
disable ipv6cp
# set lqrperiod 25
enable dns

--------------------------------------------------------------------

server:~ $ cat /etc/pf.conf

###### Macros

NoRoute = "{ 127.0.0.1/8, 172.16.0.0/12, 10.0.0.0/8, 255.255.255.255/32 }"

###### Tables

######### Options

#set optimization aggressive
set debug loud

######### Normalization

#scrub in on tun0 all random-id no-df
scrub in on tun0 all

#########  Queueing

altq on tun0 priq bandwidth 100Kb queue { q_pri, q_def, q_med }
queue q_pri priority 7
queue q_med priority 3
queue q_def priority 1 priq(default)

###### nat

# General:
nat on tun0 from 192.168.2.0/24 to any - (tun0)
rdr on rl0 proto udp from any to 192.168.2.1/32 port 53 - 200.42.0.109 port 53

# FTP y HTTP Server on the internal network:
#rdr on tun0 proto tcp from any to (tun0)/32 port 21 - 192.168.2.33 port 21
#rdr on tun0 proto tcp from any to (tun0)/32 port 80 - 192.168.2.33 port 80

# ftp-proxy
rdr on rl0 proto tcp from any to any port 21 - 127.0.0.1 port 8021

# VNC:
rdr on tun0 proto { tcp, udp } from any to (tun0)/32 port 5900 -
192.168.2.2 port 5900
rdr on tun0 proto { tcp, udp } from any to (tun0)/32 port 5800 -
192.168.2.2 port 5800
rdr on tun0 proto { tcp, udp } from any to (tun0)/32 port 5902 -
192.168.2.2 port 5900
rdr on tun0 proto { tcp, udp } from any to (tun0)/32 port 5903 -
192.168.2.3 port 5900
rdr on tun0 proto { tcp, udp } from any to (tun0)/32 port 5904 -
192.168.2.4 port 5900
rdr on tun0 proto { tcp, udp } from any to (tun0)/32 port 5905 -
192.168.2.5 port 5900
rdr on tun0 proto { tcp, udp } from any to (tun0)/32 port 5906 -
192.168.2.6 port 5900
rdr on tun0 proto { tcp, udp } from any to (tun0)/32 port 5907 -
192.168.2.7 port 5900

# Bit Torrent
rdr on tun0 proto tcp from any to (tun0)/32 port 6881:6999 -
192.168.2.39 port 6881:*

# MSN

rdr on tun0 proto { tcp, udp } from any to (tun0)/32 port 6891:6900 -
192.168.2.2 port 6891:*

####### Firewall rules
#pass in quick on tun0 all
# Antispoofing

block in log quick on tun0 inet from $NoRoute to any
block in log quick on tun0 inet from any to $NoRoute

# Block nmap scan

block in log quick on tun0 inet proto tcp from any to any flags FUP/FUP
block in log quick on tun0 inet proto tcp from any to any flags SF/SFRA
block in log quick on tun0 inet proto tcp from any to any flags /SFRA

# General rules:
pass in quick on lo0 all
pass out quick on lo0 all
pass in quick on rl0 proto udp from 192.168.2.0/24 to any port = 53 keep state
pass in quick on tun0 proto tcp from any to any port = 222  synproxy state
pass in quick on tun0 proto tcp from any to any port = 22  synproxy state
pass in quick on tun0 proto udp from any to any port = 500 keep state
pass in quick proto esp from any to any keep state
pass out quick proto esp from any to any keep state
pass out quick on tun0 proto tcp from any to any port { 22, 222 }
flags S/SA synproxy state queue  q_pri
pass out quick on tun0 proto tcp from any to any flags S/SA synproxy
state queue (q_def, q_pri)
pass out quick on tun0 proto udp all modulate state
pass out quick on tun0 proto icmp from any to any keep state
#pass in quick on tun0 proto icmp from any to any keep state

# FTP y HTTP internal server:
pass in quick on tun0 proto tcp from any to any port = 21 flags S/SA
synproxy state
pass in quick on tun0 proto tcp from any to any port = 20 flags S/SA
synproxy state

# Passive ftp port range
pass in quick on tun0 proto tcp from any to any port 49151<65535
flags S/SA synproxy state

# VNC:
pass in quick on tun0 proto { tcp, udp } from any to any port = 5900
flags S/SA synproxy state queue q_med
pass in quick on tun0 proto { tcp, udp } from any to any port = 5800
flags S/SA synproxy state queue q_med
pass in quick on tun0 proto { tcp, udp } from any to any port = 5902
flags S/SA synproxy state queue q_med
pass in quick on tun0 proto { tcp, udp } from any to any port = 5903
flags S/SA synproxy state queue q_med
pass in quick on tun0 proto { tcp, udp } from any to any port = 5904
flags S/SA synproxy state queue q_med
pass in quick on tun0 proto { tcp, udp } from any to any port = 5905
flags S/SA synproxy state queue q_med
pass in quick on tun0 proto { tcp, udp } from any to any port = 5906
flags S/SA synproxy state queue q_med
pass in quick on tun0 proto { tcp, udp } from any to any port = 5907
flags S/SA synproxy state queue q_med

# Bit Torrent
pass in quick on tun0 proto tcp from any to any port 6880 < 7000
flags S/SA synproxy state

# MSN
pass in quick on tun0 proto { tcp, udp } from any to any port 6890 <
6901 flags S/SA synproxy state

# ftp proxy
pass  in quick on tun0 inet proto tcp from any to tun0  port  49151
synproxy state queue (q_def, q_pri)

block in log on tun0 from any to any

-------------------------------------------------------------------

sudo cat /root/kernels/GENERICconALTQ | more

#
# GENERIC -- Generic kernel configuration file for FreeBSD/i386
#
# For more information on this file, please read the handbook section on
# Kernel Configuration Files:
#
#    http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-conf
ig.html
#
# The handbook is also available locally in /usr/share/doc/handbook
# if you've installed the doc distribution, otherwise always see the
# FreeBSD World Wide Web server (http://www.FreeBSD.org/) for the
# latest information.
#
# An exhaustive list of options and more detailed explanations of the
# device lines is also present in the ../../conf/NOTES and NOTES files.
# If you are in doubt as to the purpose or necessity of a line, check first
# in NOTES.
#
# $FreeBSD: src/sys/i386/conf/GENERIC,v 1.413.2.6.2.2 2004/10/24 18:02:52 scottl
Exp $

machine         i386
#cpu            I486_CPU
#cpu            I586_CPU
cpu             I686_CPU
ident           GENERIC

# To statically compile in device wiring instead of /boot/device.hints
#hints          "GENERIC.hints"         # Default places to look for devices.

options         SCHED_4BSD              # 4BSD scheduler
options         INET                    # InterNETworking
options         INET6                   # IPv6 communications protocols
options         FFS                     # Berkeley Fast Filesystem
options         SOFTUPDATES             # Enable FFS soft updates support
options         UFS_ACL                 # Support for access control lists
options         UFS_DIRHASH             # Improve performance on big directories

options         MD_ROOT                 # MD is a potential root device
options         NFSCLIENT               # Network Filesystem Client
options         NFSSERVER               # Network Filesystem Server
options         NFS_ROOT                # NFS usable as /, requires NFSCLIENT
options         MSDOSFS                 # MSDOS Filesystem
options         CD9660                  # ISO 9660 Filesystem
options         PROCFS                  # Process filesystem (requires PSEUDOFS)
options         PSEUDOFS                # Pseudo-filesystem framework
options         GEOM_GPT                # GUID Partition Tables.
options         COMPAT_43               # Compatible with BSD 4.3 [KEEP THIS!]
options         COMPAT_FREEBSD4         # Compatible with FreeBSD4
options         SCSI_DELAY=15000        # Delay (in ms) before probing SCSI
options         KTRACE                  # ktrace(1) support
options         SYSVSHM                 # SYSV-style shared memory
options         SYSVMSG                 # SYSV-style message queues
options         SYSVSEM                 # SYSV-style semaphores
options         _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extension
s
options         KBD_INSTALL_CDEV        # install a CDEV entry in /dev
options         AHC_REG_PRETTY_PRINT    # Print register bitfields in debug
                                    # output.  Adds ~128k to driver.
options         AHD_REG_PRETTY_PRINT    # Print register bitfields in debug
                                    # output.  Adds ~215k to driver.
options         ADAPTIVE_GIANT          # Giant mutex is adaptive.

# altq(9). Enable the base part of the hooks with the ALTQ option.
# Individual disciplines must be built into the base system and can not be
# loaded as modules at this point. In order to build a SMP kernel you must
# also have the ALTQ_NOPCC option.
options         ALTQ
options         ALTQ_CBQ        # Class Bases Queueing
options         ALTQ_RED        # Random Early Drop
options         ALTQ_RIO        # RED In/Out
options         ALTQ_HFSC       # Hierarchical Packet Scheduler
options         ALTQ_CDNR       # Traffic conditioner
options         ALTQ_PRIQ       # Priority Queueing
options         ALTQ_NOPCC      # Required for SMP build
options         ALTQ_DEBUG

device          apic            # I/O APIC

# Bus support.  Do not remove isa, even if you have no isa slots
device          isa
device          eisa
device          pci

# Floppy drives
device          fdc

# ATA and ATAPI devices
device          ata
device          atadisk         # ATA disk drives
device          ataraid         # ATA RAID drives
device          atapicd         # ATAPI CDROM drives
device          atapifd         # ATAPI floppy drives
device          atapist         # ATAPI tape drives
options         ATA_STATIC_ID   # Static device numbering

# SCSI Controllers
#device         ahb             # EISA AHA1742 family
#device         ahc             # AHA2940 and onboard AIC7xxx devices
#device         ahd             # AHA39320/29320 and onboard AIC79xx devices
#device         amd             # AMD 53C974 (Tekram DC-390(T))
#device         isp             # Qlogic family
#device         mpt             # LSI-Logic MPT-Fusion
#device         ncr             # NCR/Symbios Logic
#device         sym             # NCR/Symbios Logic (newer chipsets +
those of `ncr')
#device         trm             # Tekram DC395U/UW/F DC315U adapters

#device         adv             # Advansys SCSI adapters
#device         adw             # Advansys wide SCSI adapters
device          aha             # Adaptec 154x SCSI adapters
device          aic             # Adaptec 15[012]x SCSI adapters, AIC-6[23]60.
#device         bt              # Buslogic/Mylex MultiMaster SCSI adapters

#device         ncv             # NCR 53C500
#device         nsp             # Workbit Ninja SCSI-3
#device         stg             # TMC 18C30/18C50

# SCSI peripherals
device          scbus           # SCSI bus (required for SCSI)
device          ch              # SCSI media changers
device          da              # Direct Access (disks)
device          sa              # Sequential Access (tape etc)
device          cd              # CD
device          pass            # Passthrough device (direct SCSI access)
device          ses             # SCSI Environmental Services (and SAF-TE)

# RAID controllers interfaced to the SCSI subsystem
#device         amr             # AMI MegaRAID
#device         asr             # DPT SmartRAID V, VI and Adaptec SCSI RAID
#device         ciss            # Compaq Smart RAID 5*
#device         dpt             # DPT Smartcache III, IV - See NOTES for options
#device         hptmv           # Highpoint RocketRAID 182x
#device         iir             # Intel Integrated RAID
#device         ips             # IBM (Adaptec) ServeRAID
#device         mly             # Mylex AcceleRAID/eXtremeRAID
#device         twa             # 3ware 9000 series PATA/SATA RAID

# RAID controllers
#device         aac             # Adaptec FSA RAID
#device         aacp            # SCSI passthrough for aac (requires CAM)
#device         ida             # Compaq Smart RAID
#device         mlx             # Mylex DAC960 family
#device         pst             # Promise Supertrak SX6000
#device         twe             # 3ware ATA RAID

# atkbdc0 controls both the keyboard and the PS/2 mouse
device          atkbdc          # AT keyboard controller
device          atkbd           # AT keyboard
device          psm             # PS/2 mouse

device          vga             # VGA video card driver

device          splash          # Splash screen and screen saver support

# syscons is the default console driver, resembling an SCO console
device          sc

# Enable this for the pcvt (VT220 compatible) console driver
#device         vt
#options        XSERVER         # support for X server on a vt console
#options        FAT_CURSOR      # start with block cursor

device          agp             # support several AGP chipsets

-----------------------------------------------------------

server:~ $ dmesg |more

pf_map_addr: selected address 200.xxx.xxx.xxx
pf_map_addr: selected address 200.xxx.xxx.xxx
pf_map_addr: selected address 200.xxx.xxx.xxx
pf_map_addr: selected address 200.xxx.xxx.xxx
pf_map_addr: selected address 200.xxx.xxx.xxx
pf_map_addr: selected address 200.xxx.xxx.xxx
.....
.....
.. "pf_map_addr: selected address 200.xxx.xxx.xxx" is repeated ~50 times
.....
....
pf_map_addr: selected address 200.xxx.xxx.xxx
pf_map_addr: selected address 200.xxx.xxx.xxx
pf_map_addr: selected address 200.xxx.xxx.xxx
pf_map_addr: selected address 200.xxx.xxx.xxx
adding osfp AIX 4.3 2 = 16384:64:0:44:0x2 1 (TS=,M=512,W=*0) 100401
adding osfp AIX 4.3 3 = 16384:64:0:44:0x2 1 (TS=,M=512,W=*0) 100402
adding osfp AIX 4.3 2-3 = 16384:64:0:44:0x2 1 (TS=,M=512,W=*0) 100403
....
.....
adding osfp Windows 2000 RFC1323 = *0:128:1:64:0x2040803 9
(TS=0,M=*0,W=0) b01004
adding osfp Windows XP RFC1323 = *0:128:1:64:0x2040803 9 (TS=0,M=*0,W=*0) b01403
adding osfp Windows XP  = *0:128:1:48:0x403 4 (TS=,M=*0,W=*0) b01400
adding osfp Windows 2000  = *0:128:1:48:0x403 4 (TS=,M=*0,W=*0) b01000
pf: dropping packet with ip options
pf: dropping packet with ip options
Waiting (max 60 seconds) for system process `vnlru' to stop...done
Waiting (max 60 seconds) for system process `bufdaemon' to stop...done
Waiting (max 60 seconds) for system process `syncer' to stop...
Syncing disks, vnodes remaining...2 1 1 1 0 0 done
No buffers busy after final sync
Uptime: 3d4h14m37s
Shutting down ACPI
Rebooting...
Copyright (c) 1992-2004 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
      The Regents of the University of California. All rights reserved.
FreeBSD 5.3-RELEASE-p1 #1: Tue Nov 23 02:13:24 ART 2004
  root@server.estudio:/usr/obj/usr/src/sys/GENERICconALTQ
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Celeron(R) CPU 2.53GHz (2527.01-MHz 686-class CPU)
Origin = "GenuineIntel"  Id = 0xf34  Stepping = 4
Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE
real memory  = 266530816 (254 MB)
avail memory = 251162624 (239 MB)
ACPI APIC Table: <INTEL  D865GBF 
ioapic0 <Version 2.0 irqs 0-23 on motherboard
npx0: [FAST]
npx0: <math processor on motherboard
npx0: INT 16 interface
acpi0: <INTEL D865GBF on motherboard
acpi0: Power Button (fixed)
Timecounter "ACPI-fast" frequency 3579545 Hz quality 1000
acpi_timer0: <24-bit timer at 3.579545MHz port 0x408-0x40b on acpi0
cpu0: <ACPI CPU on acpi0
pcib0: <ACPI Host-PCI bridge port 0xcf8-0xcff on acpi0
pci0: <ACPI PCI bus on pcib0
agp0: <Intel 82865G (865G GMCH) SVGA controller port 0xec00-0xec07
mem 0xffa80000-0xffafffff,0xf0000000-0xf7ffffff irq 16 at device 2.0
on pci0
agp0: detected 892k stolen memory
agp0: aperture size is 128M
uhci0: <Intel 82801EB (ICH5) USB controller USB-A port 0xc800-0xc81f
irq 16 at device 29.0 on pci0
uhci0: [GIANT-LOCKED]
usb0: <Intel 82801EB (ICH5) USB controller USB-A on uhci0
usb0: USB revision 1.0
uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1: <Intel 82801EB (ICH5) USB controller USB-B port 0xcc00-0xcc1f
irq 19 at device 29.1 on pci0
uhci1: [GIANT-LOCKED]
usb1: <Intel 82801EB (ICH5) USB controller USB-B on uhci1
usb1: USB revision 1.0
uhub1: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2: <Intel 82801EB (ICH5) USB controller USB-C port 0xd000-0xd01f
irq 18 at device 29.2 on pci0
uhci2: [GIANT-LOCKED]
usb2: <Intel 82801EB (ICH5) USB controller USB-C on uhci2
usb2: USB revision 1.0
uhub2: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
uhci3: <Intel 82801EB (ICH5) USB controller USB-D port 0xd400-0xd41f
irq 16 at device 29.3 on pci0
uhci3: [GIANT-LOCKED]
usb3: <Intel 82801EB (ICH5) USB controller USB-D on uhci3
usb3: USB revision 1.0
uhub3: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub3: 2 ports with 2 removable, self powered
pci0: <serial bus, USB at device 29.7 (no driver attached)
pcib1: <ACPI PCI-PCI bridge at device 30.0 on pci0
pci1: <ACPI PCI bus on pcib1
rl0: <RealTek 8139 10/100BaseTX port 0xb800-0xb8ff mem
0xff8ffc00-0xff8ffcff irq 22 at device 1.0 on pci1
miibus0: <MII bus on rl0
rlphy0: <RealTek internal media interface on miibus0
rlphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
rl0: Ethernet address: 00:08:54:1d:8b:e5
fxp0: <Intel 82801BA (D865) Pro/100 VE Ethernet port 0xbc00-0xbc3f
mem 0xff8fe000-0xff8fefff irq 20 at device 8.0 on pci1
miibus1: <MII bus on fxp0
inphy0: <i82562ET 10/100 media interface on miibus1
inphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
fxp0: Ethernet address: 00:11:11:85:ef:a8
isab0: <PCI-ISA bridge at device 31.0 on pci0
isa0: <ISA bus on isab0
atapci0: <Intel ICH5 UDMA100 controller port
0xffa0-0xffaf,0x376,0x170-0x177,0x3f6,0x1f0-0x1f7 at device 31.1 on
pci0
ata0: channel #0 on atapci0
ata1: channel #1 on atapci0
atapci1: <Intel ICH5 SATA150 controller port
0xd800-0xd80f,0xdc00-0xdc03,0xe000-0xe007,0xe400-0xe403,0xe800-0xe807
irq 18 at device 31.2 on pci0
ata2: channel #0 on atapci1
ata3: channel #1 on atapci1
pci0: <serial bus, SMBus at device 31.3 (no driver attached)
pci0: <multimedia, audio at device 31.5 (no driver attached)
acpi_button0: <Sleep Button on acpi0
fdc0: <floppy drive controller port
0x3f7,0x3f4-0x3f5,0x3f2-0x3f3,0x3f0-0x3f1 irq 6 drq 2 on acpi0
fdc0: [FAST]
fd0: <1440-KB 3.5" drive on fdc0 drive 0
sio0: configured irq 4 not in bitmap of probed irqs 0
sio0: port may not be enabled
sio0: <16550A-compatible COM port port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
sio0: type 16550A
ppc0: <Standard parallel printer port port 0x378-0x37f irq 7 on acpi0
ppc0: Generic chipset (NIBBLE-only) in COMPATIBLE mode
ppbus0: <Parallel port bus on ppc0
plip0: <PLIP network interface on ppbus0
lpt0: <Printer on ppbus0
lpt0: Interrupt-driven port
ppi0: <Parallel I/O on ppbus0
pmtimer0 on isa0
atkbdc0: <Keyboard controller (i8042) at port 0x64,0x60 on isa0
atkbd0: <AT Keyboard irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
sc0: <System console at flags 0x100 on isa0
sc0: VGA <16 virtual consoles, flags=0x300
sio1: configured irq 3 not in bitmap of probed irqs 0
sio1: port may not be enabled
vga0: <Generic ISA VGA at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
Timecounter "TSC" frequency 2527014649 Hz quality 800
Timecounters tick every 10.000 msec
acpi_cpu: throttling enabled, 8 steps (100% to 12.5%), currently 100.0%
ad0: 152627MB <WDC WD1600BB-00DWA0/15.05R15 [310101/16/63] at
ata0-master UDMA100
acd0: CDROM <CDU5211/YYS7 at ata1-master UDMA33
Mounting root from ufs:/dev/ad0s1a
altq: emulate 256000000Hz cpu clock
pf: started
altq: started
pf: dropping packet with ip options
pf: dropping packet with ip options
pf: dropping packet with ip options

-------------------------------------------------