Re: Blocking web content
Thomas Mullins wrote: > We have evaluated Dansguardian at work. It did really well. We've been using DG for years and it has proven stable, highly configurable and is actively developed. AV capabilities and so on. You would do well to give it a spin and read up on all the features, we found things to use we didn't know we needed In fact we took 5 minutes and upgraded to 2.9.8.5 less than an hour ago. We upgrade OpenBSD at each new release and have yet to have any DG issues. Bob [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Re: spamd - SPEWS status -- Fun results --
Greets >> Wouldn't distributing a traplist make it prone to being poisoned? i.e. a >> pissed off spammer adding a legit email to the traplist. I plugged in the traplist recently while mostly asleep ( late night ) at the keyboard. Next day I spen an hour and a half examining my mail server because my mail volume dropped so suddenly by 75%, I had forgot I reinitialized spamd etc. and thought the server had problems. Bob [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Re: ntp is blocked because of my pf.conf
Didier Wiroth wrote: rule 3/(match) block out on pppoe0: 158.64.137.18.5537 > 212.112.228.242.123: v4 client strat 0 poll 0 prec 0 [tos 0x10] > > I have the following rule (the entire pf.conf is below): > pass out quick on $ext_if inet proto udp from ($ext_if) to any \ > keep state I had a similar issue, entering a destination port 123 fixed it Bob D [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Re: VOIP NAT
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Demuel I. Bendano, R.E.E wrote: > The major easy here is on how the voice traffic from OBSD-VPN-A to > OBSD-VPN-B and vice versa encrypted. That is, an encryption of the voice > traffic as full-duplex. Thanks for your response, unfortunately the client has excluded VPNs in the solution, at least for the time being. Bob D Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org iD8DBQFFqB6vKGD1vPUWdzIRAmcDAJ4nTK3sQbpAunCD26i7/zNomLmRtACdHGU7 q7mRs7EjZs2uug3ibRweFyM= =vCm6 -END PGP SIGNATURE-
VOIP NAT
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Greets I have been trying numerous configs trying to out smart the inability of VOIP to transfer to UDP encapsulated RTP. A very common problem as anyone who deals with NAT and VOIP knows. The outside G729 enabled phone connects nicely to the VOIP network when directly connected to it directly through the Internet. Through the firewall it of course does not work. This system worked previously using an IPsec VPN through the firewall as it handles all the NAT-T issues for the VOIP network, and is in fact one of the recommendations by the VOIP manufacturers. Although this solves a large number of problems, it is unfortunately by the clients choosing, off the table as a resolution. If anyone reading this understands the VOIP / NAT issue, preferably via experience, and has an answer to what is involved making VOIP work through a pf enabled OpenBSD 4.0 stable firewall, Could you please lend a hand, offer direction? I have tried everything I can come up with using pf.conf, google, huge numbers of my own ideas and everything is starting to look the same, or my brain is starting to smoke, I haven't figured out which yet. Bob D Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org iD8DBQFFp+G+KGD1vPUWdzIRAi5dAKCjQiztTHHhgQO8r+xLvJHEBOcD4QCfXJcl l+H179YBd3BED2+VGXnTH+g= =zH7E -END PGP SIGNATURE-
Re: pftop question
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Edy wrote: Hi Edy > Even tho we limit the users to 30Kbps/thread but if we have extra > bandwidth in the 3Mbps pool, we would like to distribute it evenly. You would want to be looking at load balancing Edy. Combined with QoS can do what you want Bob Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org iD8DBQFFoSnLKGD1vPUWdzIRAjEsAJ91Bbu7VjSIXAs5j3BgQLIXWDTAUACglX19 hx+9HUBfI5jW9kloiA963/Q= =K1ED -END PGP SIGNATURE-
Carp failover times
OpenBSD 4.0 stable Greets What are some of the failover times people are getting using carp / pfsync when the plug gets pulled from one of the units. BobD
Re: Extract IP to table
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joachim Schipper wrote: Hi Joachim > I don't really get what you want to do. What connects to what, and which > IP address are we talking about (does the phone get an address from the > firewall? The firewall from the ISP?)? From which traffic should the IP > be extracted? Are you aware that this is almost certainly not very > secure? The VOIP phone is connnected to a D-Link router which is connected to an ISP via DHCP. This is connected through the Internet to the head office firewall which uses a static IP specifically for the VOIP phone. The VOIP phone is hardwired to call home to the allocated firewall IP at head office and it uses specific ports to boot and stay alive so they are easily detected when the phone calls home. The address of the DHCP Dlink router will change at some point so I want to be able to detect the IP change at the firewall and automatically insert the new DLink router IP address into a table on the firewall so connnectivity is uninterrupted or a least minimized. What I am hoping to be able to do seamlessly is extract the IP from the phone traffic when it calls home, basing it on port number and insert the IP into a table. I would like to run something like authpf using the $userip macro but the workstation at the VOIP phone office is an HP terminal. I had setup an OpenVPN box which worked very well but it was unplugged for unknown reasons as it is not my network. A little extra info: Once the traffic gets through the firewall it is then connected to a control unit that reads the embedded MAC of the VOIP phone and if it matches it then moves on to setup a full connection. The VOIP phone MAC supplied by the phone during the phone boot phase. If the MAC doesn't match, no connection. Thanks for your response Joachim Bob D Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFja/9K35IA5yVGFsRAjFqAKDJMlR2n/DRl0j5mx45GADCQP40GQCeMSfl At6rfPKjF15mF1jAGpTZAE0= =8XHI -END PGP SIGNATURE-
Extract IP to table
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Greets I have a client with a single VOIP connection and a dynamic IP shared with the PC. It works. What I am looking for and I know I've seen it but haven't been able to find it again, is to extract the IP address from traffic and put it into a table to allow the VOIP phone to reestablish connectivity to the border firewall when the IP changes. I have looked through dynamic dns but the potential latency to restablish the correct IP is said to be up to 20 minutes, that won't do. Better ideas, documents, sites? Bob D Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFjBNUK35IA5yVGFsRAntKAKCLRLu2MK9XHwcgfqGQCSoPHjtxoACdHih8 79NTjQkAI64guFqsaOI7Y9A= =EcmC -END PGP SIGNATURE-
Re: dup-to work around
> > I need to get all traffic dup-to'd over to a graphing box using only the > > firewall, now dup-to works fine for the traffic that passes through the > > firewall but the blocked traffic doesn't get dup-to'd. > > route-to blocked traffic. Sold ! ... to the man with the funny hat!! That is the simplicity I was looking for ;-) Thanks to all who responded to my query. BobD
Re: Openbsd comparatives
On Monday 27 November 2006 10:43 am, you wrote: > hi anyone know about openbsd vs other i have to show this information to > be ablo to use openbsd in our networks Are there any speific issues you are addressing, i.e. Traffic managment, Desktop?? Bob D
Re: ip not forwarding after 4.0 rebuild.
On Monday 13 November 2006 7:53 pm, you wrote: > But I don't know what I need to do differently to change the > situations. Is pf enabled and blocking perhaps? Bob D
Oldest hardware running OpenBSD 4.0
I had forgotten about this dns cache my 20 PC lab uses. Did a reinstall last night. All is well OpenBSD 4.0-current (GENERIC) #1172: Sun Oct 22 20:45:57 MDT 2006 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel OverDrive Pentium (P24T) ("GenuineIntel" 586-class) 84 MHz cpu0: FPU,V86,DE,PSE,TSC,MSR,CX8 cpu0: F00F bug workaround installed real mem = 41512960 (40540K) avail mem = 29241344 (28556K) using 537 buffers containing 2199552 bytes (2148K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(f2) BIOS, date 01/25/95 pcibios at bios0 function 0x1a not configured bios0: ROM list: 0xe/0x8000 cpu0 at mainbus0 isa0 at mainbus0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0: console keyboard vga0 at isa0 port 0x3b0/48 iomem 0xa/131072 wsdisplay0 at vga0 mux 1: console (80x25, vt100 emulation), using wskbd0 wsdisplay0: screen 1-5 added (80x25, vt100 emulation) wdc0 at isa0 port 0x1f0/8 irq 14 wd0 at wdc0 channel 0 drive 0: wd0: 16-sector PIO, LBA, 2015MB, 4127760 sectors wd0(wdc0:0:0): using BIOS timings ep0 at isa0 port 0x300/16 irq 10: address 00:60:8c:b9:62:9a, utp/aui (default utp) pcppi0 at isa0 port 0x61 midi0 at pcppi0: spkr0 at pcppi0 lpt2 at isa0 port 0x3bc/4: polled npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec biomask fbe5 netmask ffe5 ttymask ffe7 pctr: 586-class performance counters and user-level cycle counter enabled nvram: invalid checksum dkcsum: wd0 matches BIOS drive 0x80 root on wd0a rootdev=0x0 rrootdev=0x300 rawdev=0x302 clock: unknown CMOS layout Bob D
Re: OpenBSD 4.0 - Where is it?
> I am new to the list and I do not fully understand the process either. > However, I believe that the project gets a large portion of its funding > from the sale of CDs. So to give added incentive to buy CDs, those who > pre-order get the release early. I think this is how it works but I could > be wrong.. You are correct and don't forget the cool T-shirts!! Mr D
Re: openbsd mobile question?
On Monday 16 October 2006 4:28 am, Sideris Michael wrote: > > does openbsd 4.0 supports intel ac'97 modem and intel ipw2200 on laptop? It has installed nicely on my notebook with ipw2200, I haven't tried the modem. Bob D
Re: Soekris network problems - 48 hour deadline
On Saturday 14 October 2006 4:10 am, you wrote: Hi Richard I dealt with an ISP on behalf of a client that required a MSS of 1100 during one particular phase of troubleshooting. Funny thing (not) they forgot to notify everyone when said problem was corrected and the client ran with that MSS for 5 months.Thankfully the actual packets they used are consistently small. Anyway, have you done the ruleset adjustment to to "pass out quick" on your $ext_if to rule out a rule issue. I have used this many times and has been helpful and takes just a couple of minutes. Do a one to one NAT from your testing machine through the OBSD box and put "pass in quick keep state" on the $int_if and "pass out quick keep state on the $ext_if" at the top of your ruleset and see what happens. If things work correctly you add back you ruleset one at a time. > > Should I keep going lower, or try some other variation? Certainly try lower, you may find the "magic bullet" Sonicwall defaults to 1500 If your comfortable with sending your complete ruleset to the list or to me privately please do so. It is more often than not considerably more helpful. Thanks Richard -- Sincerely Bob DeBolt
Re: Pf que for voip
On Thursday 02 February 2006 04:20, you wrote: Greets > You'd have to manually tune it. There's no way for altq/pf to know what > speed "you get" on a given day/week/moment, it only knows about the > physcial speed (or whatever you set manually) for the interface. Absolutely correct regarding manual tuning. One of my clients is at the end of the line regarding attenuation (114) and signal over noise of 2, both extremely poor readings. Good is in the range of 40 and 15 respectively. Talk to you ISP and they should be able to give you those line condition readings without issue. I haven't found one that doesn't. The ADSL service package my client has is 2.5Mb D/L and 1 U/L, however, due to the poor line conditions the slightest issue anywhere in the network circuit causes voice dropoff among other things. They have G729 on the voip system which has reduced the traffic by a huge amount 80kb down to 8kb per conversation. Tuning the queue for all of these conditions of course is best guess and go from there, the next step for us is to drop the service package down to 1.5Mb and 640kb allowing a much lower stress level on the line making it much less prone to breakdown as there is no way to change the attenuation and signall over noise ratios. Get to know your ISP and I sure you'll find they can be helpful. ( be nice to them even if they are clearly inexperienced ). Do the math on the amount of bandwidth you actually need for your phone(s) Do the math on how much bandwidth your remaining services require ( or can at least get by on) Make an educated guess on the initial settings and go from there. Try to make sure you get those line readings as you can waste a LOT of time tracking down queue gremlins that don't exist ;-) Hope this helps Bob
Unusual ping using IPSec
Greets OpenBSD 3.8 stable Cable connection to remote town Normal internal network IP's are DT 192.168.10/24, Remote 192.168.8/24 When pinging and endpoint from one end of an IPSec tunnel to the other, occasionally the ping returns with one of the 10.X.X.X IP's of a router along the path. The router IP shows up on traceroute and is more often than not the same one, last hop before the firewall . We see this happening when receiving a complaint from the small town users about not being able to login to the DT servers. After what is usually a brief period, they login and the pings return to normal. This can roll along for weeks without issue, (other than high latency issues), then a few days in a row this happens. As one would expect the cable company, when queried about this, never has any problems with their equipment. DSL is not available where they are at Main question is this, why does the 10.x.x.x address come back to us instead of timing out?? Bob D
Re: graphing pf stats
On Sunday 01 January 2006 18:52, you wrote: pfstat works well, it may be a nice starting point for you or it may do everything you want. Bob
Re: NAT/pf before IPSEC
On Wednesday 21 December 2005 02:09, you wrote: >now I need to nat my internal network > to appear to be coming from 10.0.20.254 Is this to accommodate a service of some type or what? Add some more information as there is likely a bunch of ways to do something depending of the expected or required results. Are both ends 3.8? Bob D
routing question
Greets I have a scenario that is simple but I am having trouble getting my head around. Inside a 192.168.10/24 network there exists a 10.4.6/24 network for VOIP. Everthing works fine. The issue I have is setting up a route for a third party VOIP management company who wants to access the VOIP control center via an SSL interface from the Internet thru the firewall to the VOIP control center. All of the data traffic on the data LAN has the router address of 192.168.10.1. The data side of the vlan router is 192.168.10.16 and the VOIP side on the vlan router is 10.4.6.253. To access the VOIP network one must go thru the 192.168.10.16 interface of he vlan router. Adding a route to a workstation on the 192.168.10 network to the 10.4.6 network using the 192.168.10.16 interface as the gateway works fine, thus allowing access to the SSL web interface. Adding a route on the firewall to the 10.4.6 network thru the 192.168.10.16 interface allows internal workstations to access the SSL web interface. The root of the problem I have is getting traffic from the Internet to the 10.4.6 SSL web interface thru the 192.168.10.16 interface of the vlan router. Anyone have experiece on this one? Bob D
"find" a file greater than X MB's
Greets I have had an issue with a hard drive filling up in a very short time after upgrading a software package. Although I resolved the issue and all is well now, I spent more time than I should have looking for files greater than a certain size. I tried numerous combinations of "find" switches using the find man page and on and on but couldn't get the simple result of files greater than a specified size, 2MB in my case. I had a document several weeks ago that used a piped cut command and was very cool indeed, can't find it now that I need it. I have come to realize there are so many more tools for openbsd ( unix in general ) than I had realized to process the ouput as well. Any takers? Bob
Re: quagga woes
I use it fine on 3.8, fresh cvs update for everything stable. Bob D
Re: isakmpd: invalid next payload type RESERVED_MIN in payload of type 10
On Friday 04 November 2005 14:47, Tobias Walkowiak wrote: Hi Tobias > > Other workaround, disable nat-t with the -T option. It works fine, I have multiple offices with data and VOIP traffic running through separate tunnels, the -T has allowed the other 3.8.upgrades to wait until Monday. Thanks Hans-Joerg Hoexer Bob D
Re: isakmpd: invalid next payload type RESERVED_MIN in payload of type 10
Greets I too have the same issue. A straight upgrade, there were only a couple of 3.7 to 3.8 syntax corrections to make. I wonder if maybe there is a minor syntax change somewhere along the way. I am going through the isakmpd.conf and isakmpd man pages again to see if I may have missed something. Bob D
A great article ( found on the OpenBSD site)
Greets I certainly found it worth a read. http://www.computerworld.com.au/index.php/id;1375194866;fp;16;fpid;0 Bob D
self induced dup-to setup problem
Greets Dell 866MHz 256MB RAM OpenBSD 3.8 snapshot, or 3.7 GENERIC or 3.5 GENERIC All three have shown me the same problem. Three interfaces rl0, rl1 are the internal and external bridge interfaces, the bridge works just fine on all three OS versions. FXP0 is the logging interface to another box. I have read what there is regarding dup-to and know it is straight forward, obviously I'm missing something. I also learned that log-all is now log (all). Not yet in the FAQ After not being able to dup-to on the snapshot I thought maybe there is an issue with it so the other two releases were tried with the same result. As stated the IPless bridge works fine ( otherwise you wouldn't be reading this email). Here is the simplest form of what I now have. pass in on $ext_if dup-to $log_if all pass out on $ext_if dup-to $log_if all I have tried pass quick on the log interface and on and on and on. TCPdump shows that nothing is hitting the log interface. I have Bob
Re: OpenBSD in commercial firewalls?
Funny you should bring this up today I just received a phone call from a headhunter from 3000 miles away who is looking for couple of people who are opensource security savvy (closer to the engineering level and C proficient) and the conversation related to his client who is putting together firewall / VPN appliances based on OpenBSD and / or Linux. I would not have received the call had I not been involved in OpenBSD, likely numerous others have received similar calls. It is likely that there are scores of companies using OpenBSD code / ideas or portions thereof, that won't reveal what they are doing. Microsoft comes to mind. > Any comments on the devices? Links would > be appreciated. > Bob
Re: ALTQ: amount of queue rules
Greets > maximum number of queues are in include files.For CBQ > limit is 256, HFSC 64 per interface. > Also you can use QoS only on outgoing interface. I am about to test something that I read very recently, written by D. Hartmeier?? (could be mistaken) When doing QOS on inbound, i.e. and inound ssh connection keep state you are then controlling outbound traffic based on an inbound connection. A search or the archives will reveal if it was Daniel or not. -- Sincerely Bob DeBolt
Another successful notebook install
Thanks OpenBSD team!! Sent via wireless OpenBSD 3.7-current (GENERIC) #109: Sun May 1 13:42:34 MDT 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R) Pentium(R) M processor 1.60GHz ("GenuineIntel" 686-class) 1.60 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,TM,SBF,EST,TM2 cpu0: Enhanced SpeedStep 1600 MHz (1340 mV): speeds: 1600, 1400, 1200, 1000, 800, 600 MHz real mem = 519610368 (507432K) avail mem = 467259392 (456308K) using 4278 buffers containing 26083328 bytes (25472K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(ae) BIOS, date 05/21/01, BIOS32 rev. 0 @ 0xe9810 pcibios0 at bios0: rev 2.1 @ 0xe7000/0x671 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xfe890/160 (8 entries) pcibios0: PCI Interrupt Router at 000:31:0 ("Intel 82801AA LPC" rev 0x00) pcibios0: PCI bus #2 is the last bus bios0: ROM list: 0xc/0xd000! 0xe/0x1800 0xe6000/0x1000! cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 "Intel 82852GM Hub-PCI" rev 0x02 "Intel 82852GM Memory" rev 0x02 at pci0 dev 0 function 1 not configured "Intel 82852GM Configuration" rev 0x02 at pci0 dev 0 function 3 not configured vga1 at pci0 dev 2 function 0 "Intel 82852GM AGP" rev 0x02: aperture at 0xb000, size 0x800 wsdisplay0 at vga1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) "Intel 82852GM AGP" rev 0x02 at pci0 dev 2 function 1 not configured uhci0 at pci0 dev 29 function 0 "Intel 82801DB USB" rev 0x03: irq 11 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1 at pci0 dev 29 function 1 "Intel 82801DB USB" rev 0x03: irq 5 usb1 at uhci1: USB revision 1.0 uhub1 at usb1 uhub1: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2 at pci0 dev 29 function 2 "Intel 82801DB USB" rev 0x03: irq 5 usb2 at uhci2: USB revision 1.0 uhub2 at usb2 uhub2: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered ehci0 at pci0 dev 29 function 7 "Intel 82801DB USB" rev 0x03: irq 10 usb3 at ehci0: USB revision 2.0 uhub3 at usb3 uhub3: Intel EHCI root hub, class 9/0, rev 2.00/1.00, addr 1 uhub3: 6 ports with 6 removable, self powered ppb0 at pci0 dev 30 function 0 "Intel 82801BAM Hub-to-PCI" rev 0x83 pci1 at ppb0 bus 1 "VIA VT6306 FireWire" rev 0x80 at pci1 dev 0 function 0 not configured rl0 at pci1 dev 1 function 0 "Realtek 8139" rev 0x10: irq 11 address 00:02:3f:08:34:6e rlphy0 at rl0 phy 0: RTL internal phy iwi0 at pci1 dev 2 function 0 "Intel PRO/Wireless 2200BG" rev 0x05: irq 11, address 00:0e:35:26:8a:5a cbb0 at pci1 dev 4 function 0 "ENE CB-1410 CardBus" rev 0x01: irq 11 cardslot0 at cbb0 slot 0 flags 0 cardbus0 at cardslot0: bus 2 device 0 cacheline 0x8, lattimer 0x20 pcmcia0 at cardslot0 ichpcib0 at pci0 dev 31 function 0 "Intel 82801DBM LPC" rev 0x03 pciide0 at pci0 dev 31 function 1 "Intel 82801DBM IDE" rev 0x03: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: wd0: 16-sector PIO, LBA, 57231MB, 117210240 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 atapiscsi0 at pciide0 channel 1 drive 0 scsibus0 at atapiscsi0: 2 targets cd0 at scsibus0 targ 0 lun 0: SCSI0 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 "Intel 82801DB SMBus" rev 0x03 at pci0 dev 31 function 3 not configured auich0 at pci0 dev 31 function 5 "Intel 82801DB AC97" rev 0x03: irq 5, ICH4 AC97 ac97: codec id 0x414c4740 (Avance Logic ALC202) ac97: codec features headphone, 20 bit DAC, 18 bit ADC, Realtek 3D audio0 at auich0 "Intel 82801DB Modem" rev 0x03 at pci0 dev 31 function 6 not configured isa0 at ichpcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0 (mux 1 ignored for console): console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pms0 mux 0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: sysbeep0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 npx0 at isa0 port 0xf0/16: using exception 16 pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo biomask ef75 netmask ef75 ttymask fff7 pctr: 686-class user-level performance counters enabled mtrr: Pentium Pro MTRR support dkcsum: wd0 matched BIOS disk 80 root on wd0a rootdev=0x0 rrootdev=0x300 rawdev=0x302 auich0: measured ac97 link rate at 48001 Hz, will use 48000 Hz