m0n0wall: status Sun Feb 12 14:17:14 GMT 2012 Note: make sure to remove any sensitive information (passwords, maybe also IP addresses) before posting information from this page in public places (like mailing lists)! Passwords in config.xml have been automatically removed. This status page includes the following information: System uptime Interfaces Routing tables Network buffers Network protocol statistics Kernel parameters Kernel modules loaded ipfw show ipnat -lv ipfstat -v ipfstat -nio ipfstat -6 -nio unparsed ipnat rules unparsed ipfilter rules unparsed IPv6 ipfilter rules unparsed ipfw rules resolv.conf Processes dhcpd.conf ez-ipupdate.cache rtadvd.conf df racoon.conf SPD SAD last 200 system log entries last 50 filter log entries ls /conf ls /var/run config.xml System uptime 2:17PM up 4 mins, 0 users, load averages: 0.06, 0.18, 0.09 Interfaces vr0: flags=8943 metric 0 mtu 1500 options=82809 ether 00:0d:b9:17:2b:bc inet 81.xxx.xxx.33 netmask 0xfffffff0 broadcast 81.xxx.xxx.47 inet6 fe80::20d:b9ff:fe17:2bbc%vr0 prefixlen 64 scopeid 0x1 inet6 2001:xxx:xxxx::1 prefixlen 64 nd6 options=41 media: Ethernet autoselect (10baseT/UTP ) status: active vr1: flags=8843 metric 0 mtu 1500 options=8280b ether 00:0d:b9:17:2b:bd inet6 fe80::20d:b9ff:fe17:2bbd%vr1 prefixlen 64 scopeid 0x2 nd6 options=43 media: Ethernet autoselect (100baseTX ) status: active vr2: flags=8943 metric 0 mtu 1500 options=82809 ether 00:0d:b9:17:2b:be inet6 fe80::20d:b9ff:fe17:2bbe%vr2 prefixlen 64 scopeid 0x3 nd6 options=41 media: Ethernet autoselect (100baseTX ) status: active ath0: flags=8843 metric 0 mtu 2290 ether 90:a4:de:81:68:7b media: IEEE 802.11 Wireless Ethernet autoselect mode 11g status: running lo0: flags=8049 metric 0 mtu 16384 options=3 inet 127.0.0.1 netmask 0xff000000 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 nd6 options=43 enc0: flags=41 metric 0 mtu 1536 wlan0: flags=8943 metric 0 mtu 1500 ether 90:a4:de:81:68:7b inet6 fe80::92a4:deff:fe81:687b%wlan0 prefixlen 64 scopeid 0x7 nd6 options=41 media: IEEE 802.11 Wireless Ethernet autoselect mode 11g status: running ssid Mwall_noname channel 1 (2412 MHz 11g) bssid 90:a4:de:81:68:7b country US ecm authmode WPA1+WPA2/802.11i privacy MIXED deftxkey 2 AES-CCM 2:128-bit txpower 21 scanvalid 60 protmode CTS wme burst dtimperiod 1 -dfs ngwan0: flags=88d1 metric 0 mtu 1492 inet 81.xxx.xxx.64 --> 81.187.81.187 netmask 0xffffffff bridge0: flags=8843 metric 0 mtu 1500 ether 8a:2a:4a:fb:7b:fd id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: wlan0 flags=143 ifmaxaddr 0 port 7 priority 128 path cost 370370 member: vr0 flags=143 ifmaxaddr 0 port 1 priority 128 path cost 2000000 member: vr2 flags=143 ifmaxaddr 0 port 3 priority 128 path cost 200000 ipfw0: flags=8801 metric 0 mtu 65536 Routing tables Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 81.187.81.187 UGS 0 133 ngwan0 81.187.81.187 link#8 UH 0 0 ngwan0 81.xxx.xxx.32/28 link#1 U 2 4546 vr0 81.xxx.xxx.33 link#1 UHS 0 0 lo0 81.xxx.xxx.64 link#8 UHS 0 0 lo0 127.0.0.1 link#5 UH 0 0 lo0 Internet6: Destination Gateway Flags Netif Expire ::/96 ::1 UGRS lo0 => default ngwan0 US ngwan0 ::1 ::1 UH lo0 ::ffff:0.0.0.0/96 ::1 UGRS lo0 2001:xxx:xxxx::/64 link#1 U vr0 2001:xxx:xxxx::1 link#1 UHS lo0 2002::/24 ::1 UGRS lo0 2002:7f00::/24 ::1 UGRS lo0 2002:e000::/20 ::1 UGRS lo0 2002:ff00::/24 ::1 UGRS lo0 fe80::/10 ::1 UGRS lo0 fe80::%vr0/64 link#1 U vr0 fe80::20d:b9ff:fe17:2bbc%vr0 link#1 UHS lo0 fe80::%vr1/64 link#2 U vr1 fe80::20d:b9ff:fe17:2bbd%vr1 link#2 UHS lo0 fe80::%vr2/64 link#3 U vr2 fe80::20d:b9ff:fe17:2bbe%vr2 link#3 UHS lo0 fe80::%lo0/64 link#5 U lo0 fe80::1%lo0 link#5 UHS lo0 fe80::%wlan0/64 link#7 U wlan0 fe80::92a4:deff:fe81:687b%wlan0 link#7 UHS lo0 fe80::%ngwan0/64 link#8 U ngwan0 ff01:1::/32 fe80::20d:b9ff:fe17:2bbc%vr0 U vr0 ff01:2::/32 fe80::20d:b9ff:fe17:2bbd%vr1 U vr1 ff01:3::/32 fe80::20d:b9ff:fe17:2bbe%vr2 U vr2 ff01:5::/32 ::1 U lo0 ff01:7::/32 fe80::92a4:deff:fe81:687b%wlan0 U wlan0 ff02::%vr0/32 fe80::20d:b9ff:fe17:2bbc%vr0 U vr0 ff02::%vr1/32 fe80::20d:b9ff:fe17:2bbd%vr1 U vr1 ff02::%vr2/32 fe80::20d:b9ff:fe17:2bbe%vr2 U vr2 ff02::%lo0/32 ::1 U lo0 ff02::%wlan0/32 fe80::92a4:deff:fe81:687b%wlan0 U wlan0 Network buffers 426/219/645 mbufs in use (current/cache/total) 425/93/518/7616 mbuf clusters in use (current/cache/total/max) 425/87 mbuf+clusters out of packet secondary zone in use (current/cache) 0/0/0/3808 4k (page size) jumbo clusters in use (current/cache/total/max) 0/0/0/1904 9k jumbo clusters in use (current/cache/total/max) 0/0/0/952 16k jumbo clusters in use (current/cache/total/max) 956K/240K/1197K bytes allocated to network (current/cache/total) 0/0/0 requests for mbufs denied (mbufs/clusters/mbuf+clusters) 0/0/0 requests for jumbo clusters denied (4k/9k/16k) 0/3/2160 sfbufs in use (current/peak/max) 0 requests for sfbufs denied 0 requests for sfbufs delayed 0 requests for I/O initiated by sendfile 0 calls to protocol drain routines Network protocol statistics netstat: sysctl: net.inet.sctp.stats: No such file or directory tcp: 4619 packets sent 4602 data packets (770885 bytes) 0 data packets (0 bytes) retransmitted 0 data packets unnecessarily retransmitted 0 resends initiated by MTU discovery 13 ack-only packets (4 delayed) 0 URG only packets 0 window probe packets 0 window update packets 4 control packets 4469 packets received 4447 acks (for 770893 bytes) 3 duplicate acks 0 acks for unsent data 17 packets (4538 bytes) received in-sequence 0 completely duplicate packets (0 bytes) 0 old duplicate packets 0 packets with some dup. data (0 bytes duped) 0 out-of-order packets (0 bytes) 0 packets (0 bytes) of data after window 0 window probes 0 window update packets 1 packet received after close 0 discarded for bad checksums 0 discarded for bad header offset fields 0 discarded because packet too short 0 discarded due to memory problems 0 connection requests 5 connection accepts 0 bad connection attempts 0 listen queue overflows 0 ignored RSTs in the windows 5 connections established (including accepts) 3 connections closed (including 0 drops) 3 connections updated cached RTT on close 3 connections updated cached RTT variance on close 0 connections updated cached ssthresh on close 0 embryonic connections dropped 4447 segments updated rtt (of 4442 attempts) 0 retransmit timeouts 0 connections dropped by rexmit timeout 0 persist timeouts 0 connections dropped by persist timeout 0 Connections (fin_wait_2) dropped because of timeout 0 keepalive timeouts 0 keepalive probes sent 0 connections dropped by keepalive 3091 correct ACK header predictions 10 correct data packet header predictions 6 syncache entries added 3 retransmitted 0 dupsyn 0 dropped 5 completed 0 bucket overflow 0 cache overflow 0 reset 1 stale 0 aborted 0 badack 0 unreach 0 zone failures 6 cookies sent 0 cookies received 0 SACK recovery episodes 0 segment rexmits in SACK recovery episodes 0 byte rexmits in SACK recovery episodes 0 SACK options (SACK blocks) received 0 SACK options (SACK blocks) sent 0 SACK scoreboard overflow 0 packets with ECN CE bit set 0 packets with ECN ECT(0) bit set 0 packets with ECN ECT(1) bit set 0 successful ECN handshakes 0 times ECN reduced the congestion window udp: 91 datagrams received 0 with incomplete header 0 with bad data length field 0 with bad checksum 0 with no checksum 6 dropped due to no socket 1 broadcast/multicast datagram undelivered 0 dropped due to full socket buffers 0 not for hashed pcb 84 delivered 71 datagrams output 0 times multicast source filter matched ip: 4693 total packets received 0 bad header checksums 0 with size smaller than minimum 0 with data size < data length 0 with ip length > max ip packet size 0 with header length < data size 0 with data length < header length 0 with bad options 0 with incorrect version number 0 fragments received 0 fragments dropped (dup or out of space) 0 fragments dropped after timeout 0 packets reassembled ok 4560 packets for this host 0 packets for unknown/unsupported protocol 36 packets forwarded (0 packets fast forwarded) 28 packets not forwardable 0 packets received for unknown multicast group 0 redirects sent 4701 packets sent from this host 0 packets sent with fabricated ip header 0 output packets dropped due to no bufs, etc. 0 output packets discarded due to no route 0 output datagrams fragmented 0 fragments created 0 datagrams that can't be fragmented 0 tunneling packets that can't find gif 0 datagrams with bad address in header icmp: 6 calls to icmp_error 0 errors not generated in response to an icmp message Output histogram: destination unreachable: 6 0 messages with bad code fields 0 messages less than the minimum length 0 messages with bad checksum 0 messages with bad length 0 multicast echo requests ignored 0 multicast timestamp requests ignored 0 message responses generated 0 invalid return addresses 0 no return routes ICMP address mask responses are disabled igmp: 0 messages received 0 messages received with too few bytes 0 messages received with wrong TTL 0 messages received with bad checksum 0 V1/V2 membership queries received 0 V3 membership queries received 0 membership queries received with invalid field(s) 0 general queries received 0 group queries received 0 group-source queries received 0 group-source queries dropped 0 membership reports received 0 membership reports received with invalid field(s) 0 membership reports received for groups to which we belong 0 V3 reports received without Router Alert 0 membership reports sent ipsec: 0 inbound packets processed successfully 0 inbound packets violated process security policy 0 inbound packets with no SA available 0 invalid inbound packets 0 inbound packets failed due to insufficient memory 0 inbound packets failed getting SPI 0 inbound packets failed on AH replay check 0 inbound packets failed on ESP replay check 0 inbound packets considered authentic 0 inbound packets failed on authentication 0 outbound packets processed successfully 0 outbound packets violated process security policy 0 outbound packets with no SA available 0 invalid outbound packets 0 outbound packets failed due to insufficient memory 0 outbound packets with no route 0 SPD cache lookups 0 SPD cache misses 0 inbound packets violated process security policy 0 outbound packets violated process security policy 0 outbound packets with no SA available 0 outbound packets failed due to insufficient memory 0 outbound packets with no route available 0 invalid outbound packets 0 outbound packets with bundled SAs 0 mbufs coalesced during clone 0 clusters coalesced during clone 0 clusters copied during clone 0 mbufs inserted during makespace ah: 0 packets shorter than header shows 0 packets dropped; protocol family not supported 0 packets dropped; no TDB 0 packets dropped; bad KCR 0 packets dropped; queue full 0 packets dropped; no transform 0 replay counter wraps 0 packets dropped; bad authentication detected 0 packets dropped; bad authentication length 0 possible replay packets detected 0 packets in 0 packets out 0 packets dropped; invalid TDB 0 bytes in 0 bytes out 0 packets dropped; larger than IP_MAXPACKET 0 packets blocked due to policy 0 crypto processing failures 0 tunnel sanity check failures esp: 0 packets shorter than header shows 0 packets dropped; protocol family not supported 0 packets dropped; no TDB 0 packets dropped; bad KCR 0 packets dropped; queue full 0 packets dropped; no transform 0 packets dropped; bad ilen 0 replay counter wraps 0 packets dropped; bad encryption detected 0 packets dropped; bad authentication detected 0 possible replay packets detected 0 packets in 0 packets out 0 packets dropped; invalid TDB 0 bytes in 0 bytes out 0 packets dropped; larger than IP_MAXPACKET 0 packets blocked due to policy 0 crypto processing failures 0 tunnel sanity check failures ipcomp: 0 packets shorter than header shows 0 packets dropped; protocol family not supported 0 packets dropped; no TDB 0 packets dropped; bad KCR 0 packets dropped; queue full 0 packets dropped; no transform 0 replay counter wraps 0 packets in 0 packets out 0 packets dropped; invalid TDB 0 bytes in 0 bytes out 0 packets dropped; larger than IP_MAXPACKET 0 packets blocked due to policy 0 crypto processing failures 0 packets sent uncompressed; size < compr. algo. threshold 0 packets sent uncompressed; compression was useless arp: 2 ARP requests sent 7 ARP replies sent 10 ARP requests received 1 ARP reply received 21 ARP packets received 0 total packets dropped due to no ARP entry 0 ARP entrys timed out 0 Duplicate IPs seen ip6: 72 total packets received 0 with size smaller than minimum 0 with data size < data length 0 with bad options 0 with incorrect version number 0 fragments received 0 fragments dropped (dup or out of space) 0 fragments dropped after timeout 0 fragments that exceeded limit 0 packets reassembled ok 31 packets for this host 0 packets forwarded 0 packets not forwardable 0 redirects sent 96 packets sent from this host 0 packets sent with fabricated ip header 0 output packets dropped due to no bufs, etc. 0 output packets discarded due to no route 0 output datagrams fragmented 0 fragments created 0 datagrams that can't be fragmented 0 packets that violated scope rules 0 multicast packets which we don't join Input histogram: TCP: 36 UDP: 1 ICMP6: 35 Mbuf statistics: 31 one mbuf 41 one ext mbuf 0 two or more ext mbuf 0 packets whose headers are not continuous 0 tunneling packets that can't find gif 0 packets discarded because of too many headers 0 failures of source address selection Source addresses selection rule applied: 35 first candidate 35 appropriate scope icmp6: 0 calls to icmp6_error 0 errors not generated in response to an icmp6 message 0 errors not generated because of rate limitation Output histogram: router advertisement: 31 neighbor solicitation: 6 neighbor advertisement: 2 0 messages with bad code fields 0 messages < minimum length 0 bad checksums 0 messages with bad length Input histogram: router advertisement: 31 neighbor solicitation: 2 neighbor advertisement: 2 Histogram of error messages to be generated: 0 no route 0 administratively prohibited 0 beyond scope 0 address unreachable 0 port unreachable 0 packet too big 0 time exceed transit 0 time exceed reassembly 0 erroneous header field 0 unrecognized next header 0 unrecognized option 0 redirect 0 unknown 0 message responses generated 0 messages with too many ND options 0 messages with bad ND options 0 bad neighbor solicitation messages 0 bad neighbor advertisement messages 0 bad router solicitation messages 0 bad router advertisement messages 0 bad redirect messages 0 path MTU changes ipsec6: 0 inbound packets processed successfully 0 inbound packets violated process security policy 0 inbound packets with no SA available 0 invalid inbound packets 0 inbound packets failed due to insufficient memory 0 inbound packets failed getting SPI 0 inbound packets failed on AH replay check 0 inbound packets failed on ESP replay check 0 inbound packets considered authentic 0 inbound packets failed on authentication 0 outbound packets processed successfully 0 outbound packets violated process security policy 0 outbound packets with no SA available 0 invalid outbound packets 0 outbound packets failed due to insufficient memory 0 outbound packets with no route 0 SPD cache lookups 0 SPD cache misses 0 inbound packets violated process security policy 0 outbound packets violated process security policy 0 outbound packets with no SA available 0 outbound packets failed due to insufficient memory 0 outbound packets with no route available 0 invalid outbound packets 0 outbound packets with bundled SAs 0 mbufs coalesced during clone 0 clusters coalesced during clone 0 clusters copied during clone 0 mbufs inserted during makespace rip6: 0 messages received 0 checksum calculations on inbound 0 messages with bad checksum 0 messages dropped due to no socket 0 multicast messages dropped due to no socket 0 messages dropped due to full socket buffers 0 delivered 0 datagrams output pfkey: 4 requests sent from userland 64 bytes sent from userland histogram by message type: flush: 1 dump: 1 x_spddump: 1 x_spdflush: 1 0 messages with invalid length field 0 messages with invalid version field 0 messages with invalid message type field 0 messages too short 0 messages with memory allocation failure 0 messages with duplicate extension 0 messages with invalid extension type 0 messages with invalid sa type 0 messages with invalid address extension 4 requests sent to userland 64 bytes sent to userland histogram by message type: flush: 1 dump: 1 x_spddump: 1 x_spdflush: 1 0 messages toward single socket 0 messages toward all sockets 0 messages toward registered sockets 0 messages with memory allocation failure Kernel parameters kern.ostype: FreeBSD kern.osrelease: 8.2-RELEASE-p6 kern.osrevision: 199506 kern.version: FreeBSD 8.2-RELEASE-p6 #0: Sat Feb 11 21:55:36 CET 2012 root@builder82.m0n0.ch:/usr/m0n0wall/build82/tmp/sys/i386/compile/M0N0WALL_GENERIC kern.maxvnodes: 14640 kern.maxproc: 1668 kern.maxfiles: 3336 kern.argmax: 262144 kern.securelevel: -1 kern.hostname: m0n0wall.xxx.xx.uk kern.hostid: 0 kern.clockrate: { hz = 1000, tick = 1000, profhz = 1024, stathz = 128 } kern.posix1version: 200112 kern.ngroups: 1023 kern.job_control: 1 kern.saved_ids: 0 kern.boottime: { sec = 1329056009, usec = 137012 } Sun Feb 12 14:13:29 2012 kern.domainname: kern.osreldate: 802000 kern.bootfile: /kernel kern.maxfilesperproc: 3002 kern.maxprocperuid: 1501 kern.ipc.maxsockbuf: 262144 kern.ipc.sockbuf_waste_factor: 8 kern.ipc.somaxconn: 128 kern.ipc.max_linkhdr: 40 kern.ipc.max_protohdr: 60 kern.ipc.max_hdr: 100 kern.ipc.max_datalen: 100 kern.ipc.nmbjumbo16: 952 kern.ipc.nmbjumbo9: 1904 kern.ipc.nmbjumbop: 3808 kern.ipc.nmbclusters: 7616 kern.ipc.piperesizeallowed: 1 kern.ipc.piperesizefail: 0 kern.ipc.pipeallocfail: 0 kern.ipc.pipefragretry: 0 kern.ipc.pipekva: 114688 kern.ipc.maxpipekva: 10485760 kern.ipc.msgseg: 2048 kern.ipc.msgssz: 8 kern.ipc.msgtql: 40 kern.ipc.msgmnb: 2048 kern.ipc.msgmni: 40 kern.ipc.msgmax: 16384 kern.ipc.semaem: 16384 kern.ipc.semvmx: 32767 kern.ipc.semusz: 136 kern.ipc.semume: 10 kern.ipc.semopm: 100 kern.ipc.semmsl: 60 kern.ipc.semmnu: 30 kern.ipc.semmns: 60 kern.ipc.semmni: 10 kern.ipc.semmap: 30 kern.ipc.shm_allow_removed: 0 kern.ipc.shm_use_phys: 0 kern.ipc.shmall: 8192 kern.ipc.shmseg: 128 kern.ipc.shmmni: 192 kern.ipc.shmmin: 1 kern.ipc.shmmax: 33554432 kern.ipc.maxsockets: 7616 kern.ipc.numopensockets: 34 kern.ipc.nsfbufsused: 0 kern.ipc.nsfbufspeak: 3 kern.ipc.nsfbufs: 2160 kern.dummy: 0 kern.ps_strings: 3217031152 kern.usrstack: 3217031168 kern.logsigexit: 1 kern.iov_max: 1024 kern.hostuuid: 00000000-0000-0000-0000-000000000000 kern.cam.boot_delay: 0 kern.cam.pmp.default_timeout: 30 kern.cam.pmp.retry_count: 1 kern.cam.cam_srch_hi: 0 kern.cam.scsi_delay: 5000 kern.cam.cd.retry_count: 4 kern.cam.cd.changer.max_busy_seconds: 15 kern.cam.cd.changer.min_busy_seconds: 5 kern.cam.ada.spindown_shutdown: 1 kern.cam.ada.ada_send_ordered: 1 kern.cam.ada.default_timeout: 30 kern.cam.ada.retry_count: 4 kern.cam.da.da_send_ordered: 1 kern.cam.da.default_timeout: 60 kern.cam.da.retry_count: 4 kern.disks: ad0 kern.geom.collectstats: 1 kern.geom.debugflags: 0 kern.elf32.fallback_brand: -1 kern.init_shutdown_timeout: 120 kern.init_path: /sbin/init:/sbin/oinit:/sbin/init.bak:/rescue/init:/stand/sysinstall kern.acct_suspended: 0 kern.acct_configured: 0 kern.acct_chkfreq: 15 kern.acct_resume: 4 kern.acct_suspend: 2 kern.cp_times: 595 271 1069 682 26122 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 kern.cp_time: 595 271 1070 682 26122 kern.constty_wakeups_per_second: 5 kern.consmsgbuf_size: 8192 kern.consmute: 0 kern.console: ttyu0,/ttyu0,ucom, kern.openfiles: 83 kern.kq_calloutmax: 4096 kern.ps_arg_cache_limit: 256 kern.stackprot: 7 kern.randompid: 0 kern.lastpid: 276 kern.module_path: /boot/kernel;/boot/modules kern.malloc_count: 229 kern.fallback_elf_brand: -1 kern.features.posix_shm: 1 kern.features.ipsec_natt: 1 kern.features.ipsec: 1 kern.maxusers: 103 kern.ident: M0N0WALL_GENERIC kern.polling.idlepoll_sleeping: 1 kern.polling.stalled: 0 kern.polling.suspect: 0 kern.polling.phase: 0 kern.polling.handlers: 0 kern.polling.residual_burst: 0 kern.polling.pending_polls: 0 kern.polling.lost_polls: 0 kern.polling.short_ticks: 0 kern.polling.reg_frac: 20 kern.polling.user_frac: 50 kern.polling.idle_poll: 0 kern.polling.each_burst: 5 kern.polling.burst_max: 150 kern.polling.burst: 5 kern.kstack_pages: 2 kern.shutdown.kproc_shutdown_wait: 60 kern.shutdown.poweroff_delay: 5000 kern.sync_on_panic: 0 kern.corefile: %N.core kern.nodump_coredump: 0 kern.coredump: 0 kern.sugid_coredump: 0 kern.sigqueue.alloc_fail: 0 kern.sigqueue.overflow: 0 kern.sigqueue.preallocate: 1024 kern.sigqueue.max_pending_per_proc: 128 kern.forcesigexit: 1 kern.fscale: 2048 kern.timecounter.tick: 1 kern.timecounter.choice: TSC(800) i8254(0) dummy(-1000000) kern.timecounter.hardware: TSC kern.timecounter.stepwarnings: 0 kern.timecounter.tc.i8254.mask: 4294967295 kern.timecounter.tc.i8254.counter: 69270 kern.timecounter.tc.i8254.frequency: 1193182 kern.timecounter.tc.i8254.quality: 0 kern.timecounter.tc.TSC.mask: 4294967295 kern.timecounter.tc.TSC.counter: 481787621 kern.timecounter.tc.TSC.frequency: 498052739 kern.timecounter.tc.TSC.quality: 800 kern.timecounter.smp_tsc: 0 kern.timecounter.invariant_tsc: 0 kern.threads.max_threads_hits: 0 kern.threads.max_threads_per_proc: 1500 kern.ccpu: 0 kern.sched.preemption: 1 kern.sched.topology_spec: 0 kern.sched.steal_thresh: 0 kern.sched.steal_idle: 1 kern.sched.steal_htt: 1 kern.sched.balance_interval: 128 kern.sched.balance: 1 kern.sched.affinity: 1 kern.sched.idlespinthresh: 4 kern.sched.idlespins: 10000 kern.sched.static_boost: 160 kern.sched.preempt_thresh: 64 kern.sched.interact: 30 kern.sched.slice: 12 kern.sched.name: ULE kern.devstat.version: 6 kern.devstat.generation: 42 kern.devstat.numdevs: 2 kern.kobj_methodcount: 140 kern.log_wakeups_per_second: 5 kern.vm_guest: none kern.sgrowsiz: 131072 kern.maxssiz: 67108864 kern.dflssiz: 8388608 kern.maxdsiz: 536870912 kern.dfldsiz: 134217728 kern.maxtsiz: 134217728 kern.maxbcache: 209715200 kern.maxswzone: 33554432 kern.nswbuf: 256 kern.nbuf: 1992 kern.ncallout: 5020 kern.hz: 1000 kern.msgbuf_clear: 0 kern.msgbuf: kern.always_console_output: 0 kern.log_console_output: 1 kern.smp.forward_signal_enabled: 1 kern.smp.topology: 0 kern.smp.cpus: 1 kern.smp.disabled: 0 kern.smp.active: 0 kern.smp.maxcpus: 32 kern.smp.maxid: 31 kern.tty_inq_flush_secure: 1 kern.tty_inq_nslow: 0 kern.tty_inq_nfast: 0 kern.tty_outq_nslow: 0 kern.tty_outq_nfast: 0 kern.pts_maxdev: 999 kern.tty_pty_warningcnt: 1 kern.tty_nout: 1253 kern.tty_nin: 0 kern.minvnodes: 3660 kern.metadelay: 28 kern.dirdelay: 29 kern.filedelay: 30 kern.chroot_allow_open_directories: 1 kern.cryptodevallowsoft: 0 kern.userasymcrypto: 1 kern.random.yarrow.gengateinterval: 10 kern.random.yarrow.bins: 10 kern.random.yarrow.fastthresh: 192 kern.random.yarrow.slowthresh: 256 kern.random.yarrow.slowoverthresh: 2 kern.random.sys.seeded: 1 kern.random.sys.harvest.ethernet: 1 kern.random.sys.harvest.point_to_point: 1 kern.random.sys.harvest.interrupt: 1 kern.random.sys.harvest.swi: 0 vm.vmtotal: System wide totals computed every five seconds: (values in kilobytes) =============================================== Processes: (RUNQ: 2 Disk Wait: 0 Page Wait: 0 Sleep: 14) Virtual Memory: (Total: 2183456K Active: 68712K) Real Memory: (Total: 31776K Active: 18088K) Shared Virtual Memory: (Total: 5224K Active: 2452K) Shared Real Memory: (Total: 3732K Active: 2192K) Free Memory Pages: 171944K vm.loadavg: { 0.06 0.18 0.09 } vm.v_free_min: 375 vm.v_free_target: 1617 vm.v_free_reserved: 117 vm.v_inactive_target: 2425 vm.v_cache_min: 1617 vm.v_cache_max: 3234 vm.v_pageout_free_min: 34 vm.pageout_algorithm: 0 vm.swap_enabled: 0 vm.kmem_map_free: 62947328 vm.kmem_map_size: 7901184 vm.kmem_size_scale: 3 vm.kmem_size_max: 335544320 vm.kmem_size_min: 0 vm.kmem_size: 70848512 vm.nswapdev: 0 vm.dmmax: 32 vm.swap_async_max: 4 vm.overcommit: 0 vm.swap_reserved: 76738560 vm.swap_total: 0 vm.zone_count: 82 vm.kstacks: 72 vm.kstack_cache_size: 128 vm.exec_map_entries: 16 vm.stats.misc.zero_page_count: 0 vm.stats.misc.cnt_prezero: 0 vm.stats.vm.v_kthreadpages: 0 vm.stats.vm.v_rforkpages: 0 vm.stats.vm.v_vforkpages: 30646 vm.stats.vm.v_forkpages: 11413 vm.stats.vm.v_kthreads: 21 vm.stats.vm.v_rforks: 0 vm.stats.vm.v_vforks: 199 vm.stats.vm.v_forks: 56 vm.stats.vm.v_interrupt_free_min: 2 vm.stats.vm.v_pageout_free_min: 34 vm.stats.vm.v_cache_max: 3234 vm.stats.vm.v_cache_min: 1617 vm.stats.vm.v_cache_count: 10 vm.stats.vm.v_inactive_count: 1559 vm.stats.vm.v_inactive_target: 2425 vm.stats.vm.v_active_count: 3299 vm.stats.vm.v_wire_count: 3987 vm.stats.vm.v_free_count: 42976 vm.stats.vm.v_free_min: 375 vm.stats.vm.v_free_target: 1617 vm.stats.vm.v_free_reserved: 117 vm.stats.vm.v_page_count: 51893 vm.stats.vm.v_page_size: 4096 vm.stats.vm.v_tfree: 36775 vm.stats.vm.v_pfree: 24182 vm.stats.vm.v_dfree: 0 vm.stats.vm.v_tcached: 105 vm.stats.vm.v_pdpages: 0 vm.stats.vm.v_pdwakeups: 0 vm.stats.vm.v_reactivated: 85 vm.stats.vm.v_intrans: 0 vm.stats.vm.v_vnodepgsout: 2 vm.stats.vm.v_vnodepgsin: 1979 vm.stats.vm.v_vnodeout: 2 vm.stats.vm.v_vnodein: 266 vm.stats.vm.v_swappgsout: 0 vm.stats.vm.v_swappgsin: 0 vm.stats.vm.v_swapout: 0 vm.stats.vm.v_swapin: 0 vm.stats.vm.v_ozfod: 823 vm.stats.vm.v_zfod: 28243 vm.stats.vm.v_cow_optim: 0 vm.stats.vm.v_cow_faults: 6351 vm.stats.vm.v_vm_faults: 46691 vm.stats.sys.v_soft: 215025 vm.stats.sys.v_intr: 267664 vm.stats.sys.v_syscall: 155119 vm.stats.sys.v_trap: 57019 vm.stats.sys.v_swtch: 911729 vm.stats.object.bypasses: 16 vm.stats.object.collapses: 168 vm.v_free_severe: 246 vm.max_proc_mmap: 9840 vm.old_msync: 0 vm.msync_flush_flags: 0 vm.boot_pages: 48 vm.max_wired: 16602 vm.pageout_lock_miss: 0 vm.disable_swapspace_pageouts: 0 vm.defer_swapspace_pageouts: 0 vm.swap_idle_enabled: 0 vm.pageout_stats_interval: 5 vm.pageout_full_stats_interval: 20 vm.pageout_stats_max: 1617 vm.max_launder: 32 vm.phys_segs: SEGMENT 0: start: 0x1000 end: 0x9f000 free list: 0xc0d28c48 SEGMENT 1: start: 0x100000 end: 0x400000 free list: 0xc0d28c48 SEGMENT 2: start: 0x3426000 end: 0xfb3d000 free list: 0xc0d28b40 vm.phys_free: FREE LIST 0: ORDER (SIZE) | NUMBER | POOL 0 | POOL 1 -- -- -- -- -- -- 10 ( 4096K) | 31 | 0 9 ( 2048K) | 1 | 0 8 ( 1024K) | 1 | 0 7 ( 512K) | 1 | 0 6 ( 256K) | 0 | 0 5 ( 128K) | 0 | 0 4 ( 64K) | 1 | 0 3 ( 32K) | 0 | 0 2 ( 16K) | 0 | 0 1 ( 8K) | 0 | 1 0 ( 4K) | 1 | 8 FREE LIST 1: ORDER (SIZE) | NUMBER | POOL 0 | POOL 1 -- -- -- -- -- -- 10 ( 4096K) | 0 | 0 9 ( 2048K) | 1 | 0 8 ( 1024K) | 1 | 0 7 ( 512K) | 0 | 0 6 ( 256K) | 1 | 0 5 ( 128K) | 1 | 0 4 ( 64K) | 1 | 0 3 ( 32K) | 2 | 0 2 ( 16K) | 2 | 0 1 ( 8K) | 2 | 0 0 ( 4K) | 2 | 0 vm.reserv.reclaimed: 0 vm.reserv.partpopq: LEVEL SIZE NUMBER -1: 37628K, 11 vm.reserv.freed: 32 vm.reserv.broken: 0 vm.idlezero_enable: 0 vm.kvm_free: 826273792 vm.kvm_size: 1073737728 vm.pmap.pmap_collect_active: 0 vm.pmap.pmap_collect_inactive: 0 vm.pmap.pv_entry_spare: 4025 vm.pmap.pv_entry_allocs: 186136 vm.pmap.pv_entry_frees: 176385 vm.pmap.pc_chunk_tryfail: 0 vm.pmap.pc_chunk_frees: 883 vm.pmap.pc_chunk_allocs: 924 vm.pmap.pc_chunk_count: 41 vm.pmap.pv_entry_count: 9751 vm.pmap.pde.promotions: 0 vm.pmap.pde.p_failures: 0 vm.pmap.pde.mappings: 0 vm.pmap.pde.demotions: 0 vm.pmap.shpgperproc: 200 vm.pmap.pv_entry_max: 385728 vm.pmap.pg_ps_enabled: 0 vm.pmap.pat_works: 0 vfs.devfs.rule_depth: 1 vfs.devfs.generation: 59 vfs.flushwithdeps: 0 vfs.notbufdflashes: 0 vfs.flushbufqtarget: 100 vfs.getnewbufrestarts: 0 vfs.getnewbufcalls: 540 vfs.hifreebuffers: 230 vfs.lofreebuffers: 115 vfs.numfreebuffers: 1981 vfs.dirtybufthresh: 466 vfs.hidirtybuffers: 518 vfs.lodirtybuffers: 259 vfs.numdirtybuffers: 11 vfs.recursiveflushes: 82 vfs.altbufferflushes: 0 vfs.bdwriteskip: 0 vfs.dirtybufferflushes: 0 vfs.hirunningspace: 1048576 vfs.lorunningspace: 524288 vfs.bufdefragcnt: 0 vfs.buffreekvacnt: 0 vfs.bufreusecnt: 517 vfs.hibufspace: 31981568 vfs.lobufspace: 31916032 vfs.maxmallocbufspace: 1599078 vfs.bufmallocspace: 5120 vfs.maxbufspace: 32636928 vfs.bufspace: 8470528 vfs.runningbufspace: 0 vfs.vmiodirenable: 1 vfs.cache.numfullpathfound: 514 vfs.cache.numfullpathfail4: 0 vfs.cache.numfullpathfail2: 0 vfs.cache.numfullpathfail1: 0 vfs.cache.numfullpathcalls: 514 vfs.cache.nchstats: 41931 8682 66 0 2969 0 15 418 vfs.cache.numupgrades: 0 vfs.cache.numneghits: 8682 vfs.cache.numnegzaps: 44 vfs.cache.numposhits: 41931 vfs.cache.numposzaps: 22 vfs.cache.nummisszap: 7 vfs.cache.nummiss: 2962 vfs.cache.numchecks: 50746 vfs.cache.dotdothits: 0 vfs.cache.dothits: 254 vfs.cache.numcalls: 53902 vfs.cache.numcache: 203 vfs.cache.numneg: 12 vfs.ncsizefactor: 2 vfs.ncnegfactor: 16 vfs.read_max: 8 vfs.write_behind: 1 vfs.lookup_shared: 1 vfs.usermount: 0 vfs.worklist_len: 1 vfs.timestamp_precision: 0 vfs.reassignbufcalls: 583 vfs.vlru_allow_cache_src: 0 vfs.freevnodes: 16 vfs.wantfreevnodes: 3660 vfs.numvnodes: 229 vfs.ffs.doreallocblks: 1 vfs.ffs.doasyncfree: 1 vfs.ffs.compute_summary_at_mount: 0 net.local.stream.recvspace: 8192 net.local.stream.sendspace: 8192 net.local.dgram.recvspace: 4096 net.local.dgram.maxdgram: 2048 net.local.taskcount: 0 net.local.recycled: 0 net.local.deferred: 0 net.local.inflight: 0 net.inet.ip.portrange.randomtime: 45 net.inet.ip.portrange.randomcps: 10 net.inet.ip.portrange.randomized: 1 net.inet.ip.portrange.reservedlow: 0 net.inet.ip.portrange.reservedhigh: 1023 net.inet.ip.portrange.hilast: 65535 net.inet.ip.portrange.hifirst: 64536 net.inet.ip.portrange.last: 65535 net.inet.ip.portrange.first: 64536 net.inet.ip.portrange.lowlast: 600 net.inet.ip.portrange.lowfirst: 1023 net.inet.ip.forwarding: 1 net.inet.ip.redirect: 1 net.inet.ip.ttl: 64 net.inet.ip.rtexpire: 3600 net.inet.ip.rtminexpire: 10 net.inet.ip.rtmaxcache: 128 net.inet.ip.sourceroute: 0 net.inet.ip.intr_queue_maxlen: 256 net.inet.ip.intr_queue_drops: 0 net.inet.ip.accept_sourceroute: 0 net.inet.ip.keepfaith: 0 net.inet.ip.gifttl: 30 net.inet.ip.same_prefix_carp_only: 0 net.inet.ip.subnets_are_local: 0 net.inet.ip.random_id_total: 0 net.inet.ip.random_id_collisions: 0 net.inet.ip.random_id_period: 8192 net.inet.ip.mcast.loop: 1 net.inet.ip.mcast.maxsocksrc: 128 net.inet.ip.mcast.maxgrpsrc: 512 net.inet.ip.fastforwarding: 0 net.inet.ip.maxfragpackets: 238 net.inet.ip.output_flowtable_size: 8192 net.inet.ip.stealth: 0 net.inet.ip.maxfragsperpacket: 16 net.inet.ip.fragpackets: 0 net.inet.ip.check_interface: 0 net.inet.ip.random_id: 0 net.inet.ip.sendsourcequench: 0 net.inet.ip.process_options: 1 net.inet.ip.fw.static_count: 19 net.inet.ip.fw.default_to_accept: 1 net.inet.ip.fw.tables_max: 128 net.inet.ip.fw.default_rule: 65535 net.inet.ip.fw.verbose_limit: 0 net.inet.ip.fw.verbose: 0 net.inet.ip.fw.autoinc_step: 100 net.inet.ip.fw.one_pass: 1 net.inet.ip.fw.enable: 1 net.inet.ip.fw.dyn_keepalive: 1 net.inet.ip.fw.dyn_short_lifetime: 5 net.inet.ip.fw.dyn_udp_lifetime: 10 net.inet.ip.fw.dyn_rst_lifetime: 1 net.inet.ip.fw.dyn_fin_lifetime: 1 net.inet.ip.fw.dyn_syn_lifetime: 20 net.inet.ip.fw.dyn_ack_lifetime: 300 net.inet.ip.fw.dyn_max: 4096 net.inet.ip.fw.dyn_count: 0 net.inet.ip.fw.curr_dyn_buckets: 256 net.inet.ip.fw.dyn_buckets: 256 net.inet.ip.dummynet.io_pkt_drop: 0 net.inet.ip.dummynet.io_pkt_fast: 8 net.inet.ip.dummynet.io_pkt: 147 net.inet.ip.dummynet.queue_count: 0 net.inet.ip.dummynet.fsk_count: 12 net.inet.ip.dummynet.si_count: 0 net.inet.ip.dummynet.schk_count: 8 net.inet.ip.dummynet.tick_lost: 0 net.inet.ip.dummynet.tick_diff: 193 net.inet.ip.dummynet.tick_adjustment: 28 net.inet.ip.dummynet.tick_delta_sum: 655 net.inet.ip.dummynet.tick_delta: 0 net.inet.ip.dummynet.red_max_pkt_size: 1500 net.inet.ip.dummynet.red_avg_pkt_size: 512 net.inet.ip.dummynet.red_lookup_depth: 256 net.inet.ip.dummynet.expire_cycle: 0 net.inet.ip.dummynet.expire: 1 net.inet.ip.dummynet.debug: 0 net.inet.ip.dummynet.io_fast: 0 net.inet.ip.dummynet.pipe_byte_limit: 1048576 net.inet.ip.dummynet.pipe_slot_limit: 100 net.inet.ip.dummynet.hash_size: 64 net.inet.icmp.maskrepl: 0 net.inet.icmp.icmplim: 200 net.inet.icmp.bmcastecho: 0 net.inet.icmp.quotelen: 8 net.inet.icmp.reply_from_interface: 0 net.inet.icmp.reply_src: net.inet.icmp.icmplim_output: 1 net.inet.icmp.log_redirect: 0 net.inet.icmp.drop_redirect: 0 net.inet.icmp.maskfake: 0 net.inet.igmp.gsrdelay: 10 net.inet.igmp.default_version: 3 net.inet.igmp.legacysupp: 0 net.inet.igmp.v2enable: 1 net.inet.igmp.v1enable: 1 net.inet.igmp.sendlocal: 1 net.inet.igmp.sendra: 1 net.inet.igmp.recvifkludge: 1 net.inet.ipip.ipip_allow: 0 net.inet.tcp.rfc1323: 1 net.inet.tcp.mssdflt: 512 net.inet.tcp.keepidle: 7200000 net.inet.tcp.keepintvl: 75000 net.inet.tcp.sendspace: 32768 net.inet.tcp.recvspace: 65536 net.inet.tcp.keepinit: 75000 net.inet.tcp.delacktime: 100 net.inet.tcp.v6mssdflt: 1024 net.inet.tcp.hostcache.purge: 0 net.inet.tcp.hostcache.prune: 300 net.inet.tcp.hostcache.expire: 3600 net.inet.tcp.hostcache.count: 1 net.inet.tcp.hostcache.bucketlimit: 30 net.inet.tcp.hostcache.hashsize: 512 net.inet.tcp.hostcache.cachelimit: 15360 net.inet.tcp.read_locking: 1 net.inet.tcp.recvbuf_max: 262144 net.inet.tcp.recvbuf_inc: 16384 net.inet.tcp.recvbuf_auto: 1 net.inet.tcp.insecure_rst: 0 net.inet.tcp.ecn.maxretries: 1 net.inet.tcp.ecn.enable: 0 net.inet.tcp.abc_l_var: 2 net.inet.tcp.rfc3465: 1 net.inet.tcp.rfc3390: 1 net.inet.tcp.rfc3042: 1 net.inet.tcp.drop_synfin: 0 net.inet.tcp.delayed_ack: 1 net.inet.tcp.blackhole: 0 net.inet.tcp.log_in_vain: 0 net.inet.tcp.sendbuf_max: 262144 net.inet.tcp.sendbuf_inc: 8192 net.inet.tcp.sendbuf_auto: 1 net.inet.tcp.tso: 1 net.inet.tcp.newreno: 1 net.inet.tcp.local_slowstart_flightsize: 4 net.inet.tcp.slowstart_flightsize: 1 net.inet.tcp.path_mtu_discovery: 1 net.inet.tcp.reass.overflows: 0 net.inet.tcp.reass.cursegments: 0 net.inet.tcp.reass.maxsegments: 507 net.inet.tcp.sack.globalholes: 0 net.inet.tcp.sack.globalmaxholes: 65536 net.inet.tcp.sack.maxholes: 128 net.inet.tcp.sack.enable: 1 net.inet.tcp.inflight.stab: 20 net.inet.tcp.inflight.max: 1073725440 net.inet.tcp.inflight.min: 6144 net.inet.tcp.inflight.rttthresh: 10 net.inet.tcp.inflight.debug: 0 net.inet.tcp.inflight.enable: 0 net.inet.tcp.isn_reseed_interval: 0 net.inet.tcp.icmp_may_rst: 1 net.inet.tcp.pcbcount: 6 net.inet.tcp.do_tcpdrain: 1 net.inet.tcp.tcbhashsize: 512 net.inet.tcp.log_debug: 0 net.inet.tcp.minmss: 216 net.inet.tcp.syncache.rst_on_sock_fail: 1 net.inet.tcp.syncache.rexmtlimit: 3 net.inet.tcp.syncache.hashsize: 512 net.inet.tcp.syncache.count: 0 net.inet.tcp.syncache.cachelimit: 15360 net.inet.tcp.syncache.bucketlimit: 30 net.inet.tcp.syncookies_only: 0 net.inet.tcp.syncookies: 1 net.inet.tcp.timer_race: 0 net.inet.tcp.finwait2_timeout: 60000 net.inet.tcp.fast_finwait2_recycle: 0 net.inet.tcp.always_keepalive: 1 net.inet.tcp.rexmit_slop: 200 net.inet.tcp.rexmit_min: 30 net.inet.tcp.msl: 30000 net.inet.tcp.nolocaltimewait: 0 net.inet.tcp.maxtcptw: 499 net.inet.udp.checksum: 1 net.inet.udp.maxdgram: 9216 net.inet.udp.recvspace: 42080 net.inet.udp.blackhole: 0 net.inet.udp.log_in_vain: 0 net.inet.esp.esp_enable: 1 net.inet.ah.ah_cleartos: 1 net.inet.ah.ah_enable: 1 net.inet.ipcomp.ipcomp_enable: 1 net.inet.ipsec.def_policy: 1 net.inet.ipsec.esp_trans_deflev: 1 net.inet.ipsec.esp_net_deflev: 1 net.inet.ipsec.ah_trans_deflev: 1 net.inet.ipsec.ah_net_deflev: 1 net.inet.ipsec.ah_cleartos: 1 net.inet.ipsec.ah_offsetmask: 0 net.inet.ipsec.dfbit: 0 net.inet.ipsec.ecn: 0 net.inet.ipsec.debug: 0 net.inet.ipsec.filtertunnel: 0 net.inet.ipsec.crypto_support: 50331648 net.inet.raw.recvspace: 9216 net.inet.raw.maxdgram: 9216 net.inet.ipf.fr_minttl: 4 net.inet.ipf.fr_chksrc: 0 net.inet.ipf.fr_defaultauthage: 600 net.inet.ipf.fr_authused: 0 net.inet.ipf.fr_authsize: 32 net.inet.ipf.ipf_hostmap_sz: 2047 net.inet.ipf.ipf_rdrrules_sz: 127 net.inet.ipf.ipf_natrules_sz: 127 net.inet.ipf.ipf_nattable_sz: 2047 net.inet.ipf.fr_statemax: 30000 net.inet.ipf.fr_statesize: 42859 net.inet.ipf.fr_running: 1 net.inet.ipf.fr_ipfrttl: 120 net.inet.ipf.fr_defnatage: 1200 net.inet.ipf.fr_icmptimeout: 120 net.inet.ipf.fr_udpacktimeout: 480 net.inet.ipf.fr_udptimeout: 240 net.inet.ipf.fr_tcpclosed: 60 net.inet.ipf.fr_tcptimeout: 480 net.inet.ipf.fr_tcplastack: 60 net.inet.ipf.fr_tcpclosewait: 480 net.inet.ipf.fr_tcphalfclosed: 480 net.inet.ipf.fr_tcpidletimeout: 18000 net.inet.ipf.fr_active: 0 net.inet.ipf.fr_pass: 134217729 net.inet.ipf.fr_flags: 0 net.inet.accf.unloadable: 0 net.inet.flowtable.stats: table name: ipv4 collisions: 0 allocated: 0 misses: 115 max_depth: 0 free_checks: 18 frees: 5 hits: 5101 lookups: 5216 net.inet.flowtable.nmbflows: 7616 net.inet.flowtable.tcp_expire: 86400 net.inet.flowtable.fin_wait_expire: 600 net.inet.flowtable.udp_expire: 300 net.inet.flowtable.syn_expire: 300 net.inet.flowtable.enable: 1 net.inet.flowtable.debug: 0 net.link.generic.system.ifcount: 10 net.link.ether.inet.log_arp_permanent_modify: 1 net.link.ether.inet.log_arp_movements: 1 net.link.ether.inet.log_arp_wrong_iface: 1 net.link.ether.inet.proxyall: 0 net.link.ether.inet.useloopback: 1 net.link.ether.inet.maxtries: 5 net.link.ether.inet.max_age: 1200 net.link.ether.ipfw: 0 net.link.vlan.soft_pad: 0 net.link.bridge.ipfw: 0 net.link.bridge.inherit_mac: 0 net.link.bridge.log_stp: 0 net.link.bridge.pfil_local_phys: 0 net.link.bridge.pfil_member: 1 net.link.bridge.pfil_bridge: 0 net.link.bridge.ipfw_arp: 0 net.link.bridge.pfil_onlyip: 1 net.link.stf.stf_debug: 0 net.link.stf.route_cache: 1 net.link.gif.parallel_tunnels: 0 net.link.gif.max_nesting: 1 net.link.log_link_state_change: 1 net.link.ifqmaxlen: 50 net.link.tun.devfs_cloning: 1 net.key.debug: 0 net.key.spi_trycnt: 1000 net.key.spi_minval: 256 net.key.spi_maxval: 268435455 net.key.int_random: 60 net.key.larval_lifetime: 30 net.key.blockacq_count: 10 net.key.blockacq_lifetime: 20 net.key.esp_keymin: 256 net.key.esp_auth: 0 net.key.ah_keymin: 128 net.key.preferred_oldsa: 0 net.inet6.ip6.forwarding: 1 net.inet6.ip6.redirect: 1 net.inet6.ip6.hlim: 64 net.inet6.ip6.maxfragpackets: 1904 net.inet6.ip6.accept_rtadv: 0 net.inet6.ip6.keepfaith: 0 net.inet6.ip6.log_interval: 5 net.inet6.ip6.hdrnestlimit: 15 net.inet6.ip6.dad_count: 1 net.inet6.ip6.auto_flowlabel: 1 net.inet6.ip6.defmcasthlim: 1 net.inet6.ip6.gifhlim: 30 net.inet6.ip6.kame_version: FreeBSD net.inet6.ip6.use_deprecated: 1 net.inet6.ip6.rr_prune: 5 net.inet6.ip6.v6only: 1 net.inet6.ip6.rtexpire: 3600 net.inet6.ip6.rtminexpire: 10 net.inet6.ip6.rtmaxcache: 128 net.inet6.ip6.use_tempaddr: 0 net.inet6.ip6.temppltime: 86400 net.inet6.ip6.tempvltime: 604800 net.inet6.ip6.auto_linklocal: 1 net.inet6.ip6.prefer_tempaddr: 0 net.inet6.ip6.use_defaultzone: 0 net.inet6.ip6.maxfrags: 1904 net.inet6.ip6.mcast_pmtu: 0 net.inet6.ip6.stealth: 0 net.inet6.ip6.no_radr: 0 net.inet6.ip6.norbit_raif: 0 net.inet6.ip6.rfc6204w3: 0 net.inet6.ip6.mcast.loop: 1 net.inet6.ip6.mcast.maxsocksrc: 128 net.inet6.ip6.mcast.maxgrpsrc: 512 net.inet6.ip6.fw.deny_unknown_exthdrs: 1 net.inet6.ip6.fw.enable: 1 net.inet6.ipsec6.def_policy: 1 net.inet6.ipsec6.esp_trans_deflev: 1 net.inet6.ipsec6.esp_net_deflev: 1 net.inet6.ipsec6.ah_trans_deflev: 1 net.inet6.ipsec6.ah_net_deflev: 1 net.inet6.ipsec6.ecn: 0 net.inet6.ipsec6.debug: 0 net.inet6.ipsec6.filtertunnel: 0 net.inet6.icmp6.rediraccept: 1 net.inet6.icmp6.redirtimeout: 600 net.inet6.icmp6.nd6_prune: 1 net.inet6.icmp6.nd6_delay: 5 net.inet6.icmp6.nd6_umaxtries: 3 net.inet6.icmp6.nd6_mmaxtries: 3 net.inet6.icmp6.nd6_useloopback: 1 net.inet6.icmp6.nodeinfo: 3 net.inet6.icmp6.errppslimit: 100 net.inet6.icmp6.nd6_maxnudhint: 0 net.inet6.icmp6.nd6_debug: 0 net.inet6.icmp6.nd6_maxqueuelen: 1 net.inet6.icmp6.nd6_onlink_ns_rfc4861: 0 net.inet6.mld.use_allow: 1 net.inet6.mld.v1enable: 1 net.inet6.mld.gsrdelay: 10 net.bpf.zerocopy_enable: 0 net.bpf.maxinsns: 512 net.bpf.maxbufsize: 524288 net.bpf.bufsize: 4096 net.ifdescr_maxlen: 1024 net.enc.out.ipsec_bpf_mask: 0x00000003 net.enc.out.ipsec_filter_mask: 0x00000001 net.enc.in.ipsec_bpf_mask: 0x00000001 net.enc.in.ipsec_filter_mask: 0x00000002 net.isr.numthreads: 1 net.isr.defaultqlimit: 256 net.isr.maxqlimit: 10240 net.isr.bindthreads: 0 net.isr.maxthreads: 1 net.isr.direct: 1 net.isr.direct_force: 1 net.raw.recvspace: 8192 net.raw.sendspace: 8192 net.my_fibnum: 0 net.add_addr_allfibs: 1 net.fibs: 1 net.route.netisr_maxqlen: 256 net.wlan.cac_timeout: 60 net.wlan.nol_timeout: 1800 net.wlan.addba_maxtries: 3 net.wlan.addba_backoff: 10000 net.wlan.addba_timeout: 250 net.wlan.recv_bar: 1 net.wlan.0.%parent: ath0 net.wlan.0.driver_caps: 1736500416 net.wlan.0.bmiss_max: 2 net.wlan.0.inact_run: 300 net.wlan.0.inact_probe: 30 net.wlan.0.inact_auth: 180 net.wlan.0.inact_init: 30 net.graph.msg_version: 8 net.graph.abi_version: 12 net.graph.maxdata: 512 net.graph.maxalloc: 4096 net.graph.threads: 1 net.graph.control.proto: 2 net.graph.data.proto: 1 net.graph.family: 32 net.graph.recvspace: 20480 net.graph.maxdgram: 20480 debug.mddebug: 0 debug.elf32_legacy_coredump: 0 debug.bootverbose: 0 debug.boothowto: -2147479552 debug.cpufreq.verbose: 0 debug.cpufreq.lowest: 0 debug.fail_point.buf_pressure: off debug.sizeof.cdev_priv: 236 debug.sizeof.cdev: 184 debug.sizeof.g_bioq: 32 debug.sizeof.g_consumer: 60 debug.sizeof.g_provider: 88 debug.sizeof.g_geom: 68 debug.sizeof.g_class: 68 debug.sizeof.kinfo_proc: 768 debug.sizeof.buf: 336 debug.sizeof.bio: 140 debug.sizeof.proc: 680 debug.sizeof.vnode: 268 debug.sizeof.devstat: 240 debug.sizeof.namecache: 36 debug.osd: 0 debug.to_avg_mpcalls: 1010 debug.to_avg_lockcalls: 0 debug.to_avg_gcalls: 0 debug.to_avg_depth: 1216 debug.umtx.umtx_pi_allocated: 0 debug.kdb.stop_cpus: 1 debug.kdb.trap_code: 0 debug.kdb.trap: 0 debug.kdb.panic: 0 debug.kdb.enter: 0 debug.kdb.current: debug.kdb.available: debug.rman_debug: 0 debug.ttydebug: 0 debug.disablefullpath: 0 debug.disablecwd: 0 debug.vfscache: 1 debug.numcachehv: 29 debug.numcache: 203 debug.numneg: 12 debug.ncnegfactor: 16 debug.nchash: 16383 debug.vnlru_nowhere: 0 debug.rush_requests: 0 debug.if_tun_debug: 0 debug.crypto_timing: 0 debug.collectsnapstats: 0 debug.snapdebug: 0 debug.dopersistence: 0 debug.dir_entry: 0 debug.direct_blk_ptrs: 0 debug.inode_bitmap: 0 debug.indir_blk_ptrs: 0 debug.sync_limit_hit: 0 debug.ino_limit_hit: 0 debug.blk_limit_hit: 0 debug.ino_limit_push: 0 debug.blk_limit_push: 0 debug.worklist_push: 0 debug.maxindirdeps: 50 debug.tickdelay: 2 debug.max_softdeps: 58560 debug.dobkgrdwrite: 1 debug.bigcgs: 0 debug.dircheck: 0 debug.fdc.settle: 0 debug.fdc.spec2: 16 debug.fdc.spec1: 175 debug.fdc.retries: 10 debug.fdc.debugflags: 0 debug.fdc.fifo: 8 debug.PMAP1unchanged: 25679 debug.PMAP1changed: 185 debug.PMAP1changedcpu: 0 debug.x86bios.int: 0 debug.x86bios.call: 0 debug.hwpstate_verbose: 0 debug.minidump: 1 hw.machine: i386 hw.model: Geode(TM) Integrated Processor by AMD PCS hw.ncpu: 1 hw.byteorder: 1234 hw.physmem: 217546752 hw.usermem: 201216000 hw.pagesize: 4096 hw.floatingpoint: 1 hw.machine_arch: i386 hw.realmem: 268435456 hw.amr.force_sg32: 0 hw.an.an_cache_iponly: 1 hw.an.an_cache_mcastonly: 0 hw.an.an_cache_mode: dbm hw.an.an_dump: off hw.ata.setmax: 0 hw.ata.wc: 1 hw.ata.atapi_dma: 0 hw.ata.ata_dma_check_80pin: 1 hw.ata.ata_dma: 0 hw.ath.bstuck: 4 hw.ath.txbuf: 200 hw.ath.rxbuf: 40 hw.ath.resetcal: 1200 hw.ath.shortcal: 100 hw.ath.longcal: 30 hw.ath.hal.swba_backoff: 0 hw.ath.hal.sw_brt: 10 hw.ath.hal.dma_brt: 2 hw.bce.msi_enable: 1 hw.bce.tso_enable: 1 hw.bge.allow_asf: 0 hw.cardbus.cis_debug: 0 hw.cardbus.debug: 0 hw.cs.recv_delay: 570 hw.cs.ignore_checksum_failure: 0 hw.hifn.maxbatch: 1 hw.mfi.max_cmds: 128 hw.mfi.event_class: 0 hw.mfi.event_locale: 65535 hw.pccard.cis_debug: 0 hw.pccard.debug: 0 hw.cbb.debug: 0 hw.cbb.start_32_io: 4096 hw.cbb.start_16_io: 256 hw.cbb.start_memory: 2281701376 hw.pcic.pd6722_vsense: 1 hw.pcic.intr_mask: 57016 hw.pci.usb_early_takeover: 1 hw.pci.honor_msi_blacklist: 1 hw.pci.enable_msix: 1 hw.pci.enable_msi: 1 hw.pci.do_power_resume: 1 hw.pci.do_power_nodriver: 0 hw.pci.enable_io_modes: 1 hw.pci.default_vgapci_unit: -1 hw.pci.host_mem_start: 2147483648 hw.pci.mcfg: 1 hw.pci.irq_override_mask: 57080 hw.syscons.kbd_debug: 1 hw.syscons.kbd_reboot: 1 hw.syscons.bell: 1 hw.syscons.saver.keybonly: 1 hw.syscons.sc_no_suspend_vtswitch: 0 hw.usb.no_boot_wait: 0 hw.usb.debug: 0 hw.usb.usb_lang_mask: 255 hw.usb.usb_lang_id: 9 hw.usb.template: 0 hw.usb.power_timeout: 30 hw.usb.ucom.cons_baud: 9600 hw.usb.ucom.cons_unit: -1 hw.wi.debug: 0 hw.wi.txerate: 0 hw.xe.debug: 0 hw.intr_storm_threshold: 1000 hw.pagesizes: 4096 0 hw.availpages: 53112 hw.bus.devctl_queue: 1000 hw.bus.devctl_disable: 0 hw.kbd.keymap_restrict_change: 0 hw.busdma.total_bpages: 499 hw.busdma.zone0.total_bpages: 499 hw.busdma.zone0.free_bpages: 499 hw.busdma.zone0.reserved_bpages: 0 hw.busdma.zone0.active_bpages: 0 hw.busdma.zone0.total_bounced: 0 hw.busdma.zone0.total_deferred: 0 hw.busdma.zone0.lowaddr: 0xffffffff hw.busdma.zone0.alignment: 4096 hw.clockrate: 498 hw.via_feature_xcrypt: 0 hw.via_feature_rng: 0 hw.instruction_sse: 0 hw.apic.enable_extint: 0 hw.mca.erratum383: 0 hw.mca.amd10h_L1TP: 1 hw.mca.enabled: 1 machdep.enable_panic_key: 0 machdep.rtc_save_period: 1800 machdep.adjkerntz: 0 machdep.wall_cmos_clock: 0 machdep.disable_rtc_set: 0 machdep.elan_freq: 33333332 machdep.elan_gpio_config: machdep.disable_mtrrs: 0 machdep.guessed_bootdev: 2689597440 machdep.idle: acpi machdep.idle_available: spin, hlt, acpi, machdep.hlt_cpus: 0 machdep.prot_fault_translation: 0 machdep.panic_on_nmi: 1 machdep.tsc_freq: 498052739 machdep.i8254_freq: 1193182 user.cs_path: /usr/bin:/bin:/usr/sbin:/sbin: user.bc_base_max: 99 user.bc_dim_max: 2048 user.bc_scale_max: 99 user.bc_string_max: 1000 user.coll_weights_max: 0 user.expr_nest_max: 32 user.line_max: 2048 user.re_dup_max: 255 user.posix2_version: 199212 user.posix2_c_bind: 0 user.posix2_c_dev: 0 user.posix2_char_term: 0 user.posix2_fort_dev: 0 user.posix2_fort_run: 0 user.posix2_localedef: 0 user.posix2_sw_dev: 0 user.posix2_upe: 0 user.stream_max: 20 user.tzname_max: 255 p1003_1b.asynchronous_io: 0 p1003_1b.mapped_files: 1 p1003_1b.memlock: 0 p1003_1b.memlock_range: 0 p1003_1b.memory_protection: 0 p1003_1b.message_passing: 0 p1003_1b.prioritized_io: 0 p1003_1b.priority_scheduling: 1 p1003_1b.realtime_signals: 200112 p1003_1b.semaphores: 0 p1003_1b.fsync: 0 p1003_1b.shared_memory_objects: 1 p1003_1b.synchronized_io: 0 p1003_1b.timers: 200112 p1003_1b.aio_listio_max: -1 p1003_1b.aio_max: -1 p1003_1b.aio_prio_delta_max: -1 p1003_1b.delaytimer_max: 2147483647 p1003_1b.mq_open_max: 0 p1003_1b.pagesize: 4096 p1003_1b.rtsig_max: 62 p1003_1b.sem_nsems_max: 0 p1003_1b.sem_value_max: 0 p1003_1b.sigqueue_max: 128 p1003_1b.timer_max: 32 security.jail.param.cpuset.id: 0 security.jail.param.host.hostid: 0 security.jail.param.host.hostuuid: 64 security.jail.param.host.domainname: 256 security.jail.param.host.hostname: 256 security.jail.param.children.max: 0 security.jail.param.children.cur: 0 security.jail.param.enforce_statfs: 0 security.jail.param.securelevel: 0 security.jail.param.path: 1024 security.jail.param.name: 256 security.jail.param.parent: 0 security.jail.param.jid: 0 security.jail.enforce_statfs: 2 security.jail.mount_allowed: 0 security.jail.chflags_allowed: 0 security.jail.allow_raw_sockets: 0 security.jail.sysvipc_allowed: 0 security.jail.socket_unixiproute_only: 1 security.jail.set_hostname_allowed: 1 security.jail.jail_max_af_ips: 255 security.jail.jailed: 0 security.bsd.map_at_zero: 0 security.bsd.suser_enabled: 1 security.bsd.unprivileged_proc_debug: 1 security.bsd.conservative_signals: 1 security.bsd.see_other_gids: 1 security.bsd.see_other_uids: 1 security.bsd.unprivileged_read_msgbuf: 1 security.bsd.hardlink_check_gid: 0 security.bsd.hardlink_check_uid: 0 security.bsd.unprivileged_get_quota: 0 security.bsd.stack_guard_page: 0 dev.nexus.0.%driver: nexus dev.nexus.0.%parent: root0 dev.npx.0.%desc: math processor dev.npx.0.%driver: npx dev.npx.0.%parent: nexus0 dev.ram.0.%desc: System RAM dev.ram.0.%driver: ram dev.ram.0.%parent: nexus0 dev.cryptosoft.0.%desc: software crypto dev.cryptosoft.0.%driver: cryptosoft dev.cryptosoft.0.%parent: nexus0 dev.legacy.0.%desc: legacy system dev.legacy.0.%driver: legacy dev.legacy.0.%parent: nexus0 dev.pcib.0.%desc: Host to PCI bridge dev.pcib.0.%driver: pcib dev.pcib.0.%parent: legacy0 dev.pci.0.%desc: PCI bus dev.pci.0.%driver: pci dev.pci.0.%parent: pcib0 dev.hostb.0.%desc: Host to PCI bridge dev.hostb.0.%driver: hostb dev.hostb.0.%location: slot=1 function=0 dev.hostb.0.%pnpinfo: vendor=0x1022 device=0x2080 subvendor=0x1022 subdevice=0x2080 class=0x060000 dev.hostb.0.%parent: pci0 dev.vr.0.%desc: VIA VT6105M Rhine III 10/100BaseTX dev.vr.0.%driver: vr dev.vr.0.%location: slot=9 function=0 dev.vr.0.%pnpinfo: vendor=0x1106 device=0x3053 subvendor=0x1106 subdevice=0x0106 class=0x020000 dev.vr.0.%parent: pci0 dev.vr.0.stats: -1 dev.vr.1.%desc: VIA VT6105M Rhine III 10/100BaseTX dev.vr.1.%driver: vr dev.vr.1.%location: slot=10 function=0 dev.vr.1.%pnpinfo: vendor=0x1106 device=0x3053 subvendor=0x1106 subdevice=0x0106 class=0x020000 dev.vr.1.%parent: pci0 dev.vr.1.stats: -1 dev.vr.2.%desc: VIA VT6105M Rhine III 10/100BaseTX dev.vr.2.%driver: vr dev.vr.2.%location: slot=11 function=0 dev.vr.2.%pnpinfo: vendor=0x1106 device=0x3053 subvendor=0x1106 subdevice=0x0106 class=0x020000 dev.vr.2.%parent: pci0 dev.vr.2.stats: -1 dev.miibus.0.%desc: MII bus dev.miibus.0.%driver: miibus dev.miibus.0.%parent: vr0 dev.miibus.1.%desc: MII bus dev.miibus.1.%driver: miibus dev.miibus.1.%parent: vr1 dev.miibus.2.%desc: MII bus dev.miibus.2.%driver: miibus dev.miibus.2.%parent: vr2 dev.ukphy.0.%desc: Generic IEEE 802.3u media interface dev.ukphy.0.%driver: ukphy dev.ukphy.0.%location: phyno=1 dev.ukphy.0.%pnpinfo: oui=0x4063 model=0x34 rev=0x3 dev.ukphy.0.%parent: miibus0 dev.ukphy.1.%desc: Generic IEEE 802.3u media interface dev.ukphy.1.%driver: ukphy dev.ukphy.1.%location: phyno=1 dev.ukphy.1.%pnpinfo: oui=0x4063 model=0x34 rev=0x3 dev.ukphy.1.%parent: miibus1 dev.ukphy.2.%desc: Generic IEEE 802.3u media interface dev.ukphy.2.%driver: ukphy dev.ukphy.2.%location: phyno=1 dev.ukphy.2.%pnpinfo: oui=0x4063 model=0x34 rev=0x3 dev.ukphy.2.%parent: miibus2 dev.ath.0.%desc: Atheros 5212 dev.ath.0.%driver: ath dev.ath.0.%location: slot=12 function=0 dev.ath.0.%pnpinfo: vendor=0x168c device=0x0013 subvendor=0x185f subdevice=0x1012 class=0x020000 dev.ath.0.%parent: pci0 dev.ath.0.smoothing_rate: 95 dev.ath.0.sample_rate: 10 dev.ath.0.sample_stats: 0 dev.ath.0.countrycode: 0 dev.ath.0.regdomain: 0 dev.ath.0.slottime: 9 dev.ath.0.acktimeout: 48 dev.ath.0.ctstimeout: 48 dev.ath.0.softled: 0 dev.ath.0.ledpin: 0 dev.ath.0.ledon: 0 dev.ath.0.ledidle: 2700 dev.ath.0.txantenna: 0 dev.ath.0.rxantenna: 1 dev.ath.0.diversity: 1 dev.ath.0.txintrperiod: 5 dev.ath.0.diag: 0 dev.ath.0.tpscale: 0 dev.ath.0.tpc: 0 dev.ath.0.tpack: 63 dev.ath.0.tpcts: 63 dev.ath.0.rfsilent: 1 dev.ath.0.rfkill: 1 dev.ath.0.intmit: 1 dev.ath.0.monpass: 24 dev.isab.0.%desc: PCI-ISA bridge dev.isab.0.%driver: isab dev.isab.0.%location: slot=15 function=0 dev.isab.0.%pnpinfo: vendor=0x1022 device=0x2090 subvendor=0x1022 subdevice=0x2090 class=0x060100 dev.isab.0.%parent: pci0 dev.isa.0.%desc: ISA bus dev.isa.0.%driver: isa dev.isa.0.%parent: isab0 dev.atapci.0.%desc: AMD CS5536 UDMA100 controller dev.atapci.0.%driver: atapci dev.atapci.0.%location: slot=15 function=2 dev.atapci.0.%pnpinfo: vendor=0x1022 device=0x209a subvendor=0x1022 subdevice=0x209a class=0x010180 dev.atapci.0.%parent: pci0 dev.ata.0.%desc: ATA channel 0 dev.ata.0.%driver: ata dev.ata.0.%location: channel=0 dev.ata.0.%parent: atapci0 dev.ata.1.%desc: ATA channel 1 dev.ata.1.%driver: ata dev.ata.1.%location: channel=1 dev.ata.1.%parent: atapci0 dev.ohci.0.%desc: OHCI (generic) USB controller dev.ohci.0.%driver: ohci dev.ohci.0.%location: slot=15 function=4 dev.ohci.0.%pnpinfo: vendor=0x1022 device=0x2094 subvendor=0x1022 subdevice=0x2094 class=0x0c0310 dev.ohci.0.%parent: pci0 dev.usbus.0.%desc: OHCI (generic) USB controller dev.usbus.0.%driver: usbus dev.usbus.0.%parent: ohci0 dev.usbus.1.%desc: AMD CS5536 (Geode) USB 2.0 controller dev.usbus.1.%driver: usbus dev.usbus.1.%parent: ehci0 dev.ehci.0.%desc: AMD CS5536 (Geode) USB 2.0 controller dev.ehci.0.%driver: ehci dev.ehci.0.%location: slot=15 function=5 dev.ehci.0.%pnpinfo: vendor=0x1022 device=0x2095 subvendor=0x1022 subdevice=0x2095 class=0x0c0320 dev.ehci.0.%parent: pci0 dev.cpu.0.%driver: cpu dev.cpu.0.%parent: legacy0 dev.pmtimer.0.%driver: pmtimer dev.pmtimer.0.%parent: isa0 dev.orm.0.%desc: ISA Option ROM dev.orm.0.%driver: orm dev.orm.0.%pnpinfo: pnpid=ORM0000 dev.orm.0.%parent: isa0 dev.uart.0.%desc: 16550 or compatible dev.uart.0.%driver: uart dev.uart.0.%parent: isa0 dev.atrtc.0.%desc: AT Real Time Clock dev.atrtc.0.%driver: atrtc dev.atrtc.0.%parent: isa0 dev.uhub.0.%desc: AMD OHCI root HUB, class 9/0, rev 1.00/1.00, addr 1 dev.uhub.0.%driver: uhub dev.uhub.0.%parent: usbus0 dev.uhub.1.%desc: AMD EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1 dev.uhub.1.%driver: uhub dev.uhub.1.%parent: usbus1 dev.ad.0.%desc: TRANSCEND/20071116 dev.ad.0.%driver: ad dev.ad.0.%parent: ata0 dev.subdisk.0.%driver: subdisk dev.subdisk.0.%parent: ad0 dev.glxsb.0.%desc: AMD Geode LX Security Block (AES-128-CBC, RNG) dev.glxsb.0.%driver: glxsb dev.glxsb.0.%location: slot=1 function=2 dev.glxsb.0.%pnpinfo: vendor=0x1022 device=0x2082 subvendor=0x1022 subdevice=0x2082 class=0x101000 dev.glxsb.0.%parent: pci0 hptmv.status: RocketRAID 18xx SATA Controller driver Version v1.16 Kernel modules loaded /sbin/kldstat: not found ipfw show 50000 6592 1413786 allow ip from 81.xxx.xxx.33 to any 50001 6415 342847 allow ip from any to 81.xxx.xxx.33 50002 0 0 pipe 3 udp from 81.xxx.xxx.38 to any iptos lowdelay,throughput out via ngwan0 50003 0 0 pipe 4 udp from any to 81.xxx.xxx.38 iptos lowdelay,throughput in via ngwan0 50004 6 240 queue 3 tcp from any to any iplen 0-80 tcpflags ack out via ngwan0 50005 54 3143 queue 1 ip from any to any iplen 0-100 out via ngwan0 50006 0 0 queue 1 udp from any to any dst-port 53 out via ngwan0 50007 0 0 queue 1 ah from any to any out via ngwan0 50008 0 0 queue 1 esp from any to any out via ngwan0 50009 0 0 queue 1 gre from any to any out via ngwan0 50010 0 0 queue 2 icmp from any to any out via ngwan0 50011 42 5791 queue 4 ip from any to any out via ngwan0 50012 0 0 queue 8 icmp from any to any in via ngwan0 50013 7 395 queue 8 ip from any to any iplen 0-100 in via ngwan0 50014 0 0 queue 8 ah from any to any in via ngwan0 50015 0 0 queue 8 esp from any to any in via ngwan0 50016 0 0 queue 8 gre from any to any in via ngwan0 50017 38 7177 queue 6 ip from any to any in via ngwan0 65535 292 44352 allow ip from any to any ipnat -lv List of active MAP/Redirect filters: map ngwan0 from 81.xxx.xxx.32/28 to 192.168.2.1/32 port = ftp -> 192.168.2.2/32 proxy port ftp ftp/tcp map ngwan0 from 81.xxx.xxx.32/28 to 192.168.2.1/32 -> 192.168.2.2/32 portmap tcp/udp 1024:64535 map ngwan0 from 81.xxx.xxx.32/28 to 192.168.2.1/32 -> 192.168.2.2/32 map ngwan0 from 81.xxx.xxx.64/32 to any port = 53 -> 0.0.0.0/32 tcp/udp List of active sessions: MAP 81.xxx.xxx.64 6848 <- -> 81.xxx.xxx.64 6848 [217.169.20.20 53] ttl 1193 use 0 sumd 0/0 pr 17 bkt 1570/1570 flags 2 ifp X,X bytes 123/63 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 23859 <- -> 81.xxx.xxx.64 23859 [217.169.20.20 53] ttl 1193 use 0 sumd 0/0 pr 17 bkt 340/340 flags 2 ifp X,X bytes 79/63 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 40729 <- -> 81.xxx.xxx.64 40729 [217.169.20.20 53] ttl 1192 use 0 sumd 0/0 pr 17 bkt 1938/1938 flags 2 ifp X,X bytes 119/68 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 56604 <- -> 81.xxx.xxx.64 56604 [217.169.20.20 53] ttl 1192 use 0 sumd 0/0 pr 17 bkt 721/721 flags 2 ifp X,X bytes 202/68 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 29418 <- -> 81.xxx.xxx.64 29418 [217.169.20.20 53] ttl 1191 use 0 sumd 0/0 pr 17 bkt 128/128 flags 2 ifp X,X bytes 129/69 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 38143 <- -> 81.xxx.xxx.64 38143 [217.169.20.20 53] ttl 1191 use 0 sumd 0/0 pr 17 bkt 1444/1444 flags 2 ifp X,X bytes 117/69 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 14633 <- -> 81.xxx.xxx.64 14633 [217.169.20.20 53] ttl 1191 use 0 sumd 0/0 pr 17 bkt 1838/1838 flags 2 ifp X,X bytes 217/65 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 14456 <- -> 81.xxx.xxx.64 14456 [217.169.20.21 53] ttl 1191 use 0 sumd 0/0 pr 17 bkt 1597/1597 flags 2 ifp X,X bytes 177/121 pkts 1/2 ipsumd 0 MAP 81.xxx.xxx.64 14456 <- -> 81.xxx.xxx.64 14456 [217.169.20.20 53] ttl 1191 use 0 sumd 0/0 pr 17 bkt 1591/1591 flags 2 ifp X,X bytes 177/65 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 29885 <- -> 81.xxx.xxx.64 29885 [217.169.20.20 53] ttl 1166 use 0 sumd 0/0 pr 17 bkt 892/892 flags 2 ifp X,X bytes 129/77 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 36436 <- -> 81.xxx.xxx.64 36436 [217.169.20.20 53] ttl 1166 use 0 sumd 0/0 pr 17 bkt 649/649 flags 2 ifp X,X bytes 357/77 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 13651 <- -> 81.xxx.xxx.64 13651 [217.169.20.20 53] ttl 1150 use 0 sumd 0/0 pr 17 bkt 304/304 flags 2 ifp X,X bytes 130/70 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 54609 <- -> 81.xxx.xxx.64 54609 [217.169.20.21 53] ttl 1150 use 0 sumd 0/0 pr 17 bkt 2005/2005 flags 2 ifp X,X bytes 118/126 pkts 1/2 ipsumd 0 MAP 81.xxx.xxx.64 54609 <- -> 81.xxx.xxx.64 54609 [217.169.20.20 53] ttl 1150 use 0 sumd 0/0 pr 17 bkt 1999/1999 flags 2 ifp X,X bytes 118/70 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 47930 <- -> 81.xxx.xxx.64 47930 [217.169.20.20 53] ttl 1124 use 0 sumd 0/0 pr 17 bkt 179/179 flags 2 ifp X,X bytes 155/59 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 54266 <- -> 81.xxx.xxx.64 54266 [217.169.20.20 53] ttl 1124 use 0 sumd 0/0 pr 17 bkt 227/227 flags 2 ifp X,X bytes 143/59 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 50492 <- -> 81.xxx.xxx.64 50492 [217.169.20.20 53] ttl 1090 use 0 sumd 0/0 pr 17 bkt 701/701 flags 2 ifp X,X bytes 162/67 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 8061 <- -> 81.xxx.xxx.64 8061 [217.169.20.21 53] ttl 1090 use 0 sumd 0/0 pr 17 bkt 805/805 flags 2 ifp X,X bytes 150/123 pkts 1/2 ipsumd 0 MAP 81.xxx.xxx.64 8061 <- -> 81.xxx.xxx.64 8061 [217.169.20.20 53] ttl 1090 use 0 sumd 0/0 pr 17 bkt 799/799 flags 2 ifp X,X bytes 150/67 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 36500 <- -> 81.xxx.xxx.64 36500 [217.169.20.21 53] ttl 962 use 0 sumd 0/0 pr 17 bkt 663/663 flags 2 ifp X,X bytes 116/116 pkts 1/2 ipsumd 0 MAP 81.xxx.xxx.64 36500 <- -> 81.xxx.xxx.64 36500 [217.169.20.20 53] ttl 962 use 0 sumd 0/0 pr 17 bkt 657/657 flags 2 ifp X,X bytes 116/60 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 2341 <- -> 81.xxx.xxx.64 2341 [217.169.20.20 53] ttl 832 use 0 sumd 0/0 pr 17 bkt 766/766 flags 2 ifp X,X bytes 129/73 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 44520 <- -> 81.xxx.xxx.64 44520 [217.169.20.20 53] ttl 832 use 0 sumd 0/0 pr 17 bkt 1722/1722 flags 2 ifp X,X bytes 129/73 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 4347 <- -> 81.xxx.xxx.64 4347 [217.169.20.20 53] ttl 832 use 0 sumd 0/0 pr 17 bkt 288/288 flags 2 ifp X,X bytes 119/63 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 40892 <- -> 81.xxx.xxx.64 40892 [217.169.20.21 53] ttl 832 use 0 sumd 0/0 pr 17 bkt 685/685 flags 2 ifp X,X bytes 119/119 pkts 1/2 ipsumd 0 MAP 81.xxx.xxx.64 40892 <- -> 81.xxx.xxx.64 40892 [217.169.20.20 53] ttl 832 use 0 sumd 0/0 pr 17 bkt 679/679 flags 2 ifp X,X bytes 119/63 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 11999 <- -> 81.xxx.xxx.64 11999 [217.169.20.20 53] ttl 783 use 0 sumd 0/0 pr 17 bkt 1338/1338 flags 2 ifp X,X bytes 133/63 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 14670 <- -> 81.xxx.xxx.64 14670 [217.169.20.20 53] ttl 783 use 0 sumd 0/0 pr 17 bkt 1075/1075 flags 2 ifp X,X bytes 132/73 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 31294 <- -> 81.xxx.xxx.64 31294 [217.169.20.20 53] ttl 783 use 0 sumd 0/0 pr 17 bkt 1138/1138 flags 2 ifp X,X bytes 132/73 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 8071 <- -> 81.xxx.xxx.64 8071 [217.169.20.20 53] ttl 783 use 0 sumd 0/0 pr 17 bkt 1312/1312 flags 2 ifp X,X bytes 158/61 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 46803 <- -> 81.xxx.xxx.64 46803 [217.169.20.21 53] ttl 783 use 0 sumd 0/0 pr 17 bkt 455/455 flags 2 ifp X,X bytes 122/63 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 46803 <- -> 81.xxx.xxx.64 46803 [217.169.20.20 53] ttl 783 use 0 sumd 0/0 pr 17 bkt 449/449 flags 2 ifp X,X bytes 122/63 pkts 1/1 ipsumd 0 MAP 81.xxx.xxx.64 16034 <- -> 81.xxx.xxx.64 16034 [217.169.20.21 53] ttl 783 use 0 sumd 0/0 pr 17 bkt 73/73 flags 2 ifp X,X bytes 113/121 pkts 1/2 ipsumd 0 MAP 81.xxx.xxx.64 16034 <- -> 81.xxx.xxx.64 16034 [217.169.20.20 53] ttl 783 use 0 sumd 0/0 pr 17 bkt 67/67 flags 2 ifp X,X bytes 113/65 pkts 1/1 ipsumd 0 List of active host mappings: 81.xxx.xxx.64,217.169.20.21 -> 0.0.0.0 (use = 6 hv = 0) 81.xxx.xxx.64,217.169.20.20 -> 0.0.0.0 (use = 22 hv = 0) 81.xxx.xxx.64,217.169.20.21 -> 0.0.0.0 (use = 3 hv = 0) 81.xxx.xxx.64,217.169.20.20 -> 0.0.0.0 (use = 8 hv = 0) ipfstat -v bad packets: in 0 out 0 IPv6 packets: in 72 out 96 input packets: blocked 43 passed 6849 nomatch 0 counted 0 short 0 output packets: blocked 20 passed 7019 nomatch 0 counted 0 short 0 input packets logged: blocked 0 passed 0 output packets logged: blocked 0 passed 0 packets logged: input 0 output 0 log failures: input 0 output 0 fragment state(in): kept 0 lost 0 not fragmented 0 fragment state(out): kept 0 lost 0 not fragmented 0 packet state(in): kept 51 lost 0 packet state(out): kept 54 lost 6 ICMP replies: 0 TCP RSTs sent: 0 Invalid source(in): 0 Result cache hits(in): 24 (out): 37 IN Pullups succeeded: 0 failed: 0 OUT Pullups succeeded: 38 failed: 0 Fastroute successes: 0 failures: 0 TCP cksum fails(in): 0 (out): 0 IPF Ticks: 449 Packet log flags set: (0) none ipfstat -nio @1 pass out quick on lo0 all @2 pass out quick on vr0 proto udp from 81.xxx.xxx.33/32 port = bootps to any port = bootpc @3 pass out quick on vr2 proto udp from 81.xxx.xxx.33/32 port = bootps to any port = bootpc @4 pass out quick on wlan0 proto udp from 81.xxx.xxx.33/32 port = bootps to any port = bootpc @5 pass out quick on ngwan0 proto udp from any port = bootpc to any port = bootps @6 pass out quick on vr0 all keep state @7 pass out quick on ngwan0 all keep state @8 pass out quick on vr2 all keep state @9 pass out quick on wlan0 all keep state @10 block out quick all @1 pass in quick on lo0 all @2 block in quick from any to any with short @3 block in quick from any to any with ipopts @4 pass in quick on vr0 proto udp from any port = bootpc to 255.255.255.255/32 port = bootps @5 pass in quick on vr0 proto udp from any port = bootpc to 81.xxx.xxx.33/32 port = bootps @6 pass in quick on vr2 proto udp from any port = bootpc to 255.255.255.255/32 port = bootps @7 pass in quick on vr2 proto udp from any port = bootpc to 81.xxx.xxx.33/32 port = bootps @8 pass in quick on wlan0 proto udp from any port = bootpc to 255.255.255.255/32 port = bootps @9 pass in quick on wlan0 proto udp from any port = bootpc to 81.xxx.xxx.33/32 port = bootps @10 block in quick on ngwan0 from 81.xxx.xxx.32/28 to any @11 block in quick on ngwan0 proto udp from any port = bootps to 81.xxx.xxx.32/28 port = bootpc @12 pass in quick on ngwan0 proto udp from any port = bootps to any port = bootpc @13 block in quick on ngwan0 from 10.0.0.0/8 to any @14 block in quick on ngwan0 from 127.0.0.0/8 to any @15 block in quick on ngwan0 from 172.16.0.0/12 to any @16 block in quick on ngwan0 from 192.168.0.0/16 to any @17 skip 1 in proto tcp from any to any flags S/FSRA @18 block in quick proto tcp from any to any @19 block in quick on vr0 all head 100 @20 block in quick on ngwan0 all head 200 @21 block in quick on vr2 all head 300 @22 block in quick on wlan0 all head 400 @23 block in quick all # Group 100 @1 pass in quick from 81.xxx.xxx.32/28 to 81.xxx.xxx.33/32 keep state group 100 @2 pass in quick from any to any keep state group 100 @3 pass in quick proto udp from any to 81.xxx.xxx.38/32 port = 5060 keep state group 100 @4 pass in quick proto udp from any to 81.xxx.xxx.38/32 port 5003 >< 5021 keep state group 100 # Group 200 @1 pass in log first quick proto udp from any to 81.xxx.xxx.32/28 port = isakmp keep state group 200 @2 pass in log first quick proto udp from any to 81.xxx.xxx.32/28 port = sae-urn keep state group 200 @3 pass in quick proto esp from any to 81.xxx.xxx.32/28 keep state group 200 @4 pass in quick proto udp from 81.187.30.104/29 port = 5060 to 81.xxx.xxx.38/32 port = 5060 keep state group 200 @5 pass in quick proto udp from 81.187.30.119/32 port = 5060 to 81.xxx.xxx.38/32 port = 5060 keep state group 200 @6 pass in quick proto udp from any port 5003 >< 5021 to 81.xxx.xxx.38/32 port 5003 >< 5021 keep state group 200 @7 pass in quick proto udp from 81.187.30.104/29 port = globe to 81.xxx.xxx.38/32 port = globe keep state group 200 @8 pass in quick proto udp from 81.187.30.119/32 port = globe to 81.xxx.xxx.38/32 port = globe keep state group 200 # Group 300 @1 pass in quick from any to any keep state group 300 # Group 400 @1 pass in quick from any to any keep state group 400 ipfstat -6 -nio @1 pass out quick on lo0 all @2 pass out quick on vr0 from fe80::/10 to fe80::/10 @3 pass out quick on vr2 from fe80::/10 to fe80::/10 @4 pass out quick on wlan0 from fe80::/10 to fe80::/10 @5 pass out quick proto ipv6-icmp from any to any @6 pass out quick proto ipv6-icmp from any to any @7 pass out quick proto ipv6-icmp from any to any @8 pass out quick proto ipv6-icmp from any to any @9 pass out quick proto ipv6-icmp from any to any @10 pass out quick proto ipv6-icmp from any to any @11 pass out quick proto ipv6-icmp from any to any @12 pass out quick on ngwan0 proto udp from any port = dhcpv6-client to any port = dhcpv6-server @13 pass out quick on vr0 all keep state @14 pass out quick on ngwan0 all keep state @15 pass out quick on vr2 all keep state @16 pass out quick on wlan0 all keep state @17 block out quick all @1 pass in quick on lo0 all @2 pass in quick on vr0 from fe80::/10 to fe80::/10 @3 pass in quick on vr0 proto udp from any port = dhcpv6-client to ff02::1:2/128 port = dhcpv6-server @4 pass in quick on vr2 from fe80::/10 to fe80::/10 @5 pass in quick on vr2 proto udp from any port = dhcpv6-client to ff02::1:2/128 port = dhcpv6-server @6 pass in quick on wlan0 from fe80::/10 to fe80::/10 @7 pass in quick on wlan0 proto udp from any port = dhcpv6-client to ff02::1:2/128 port = dhcpv6-server @8 pass in quick proto ipv6-icmp from any to any @9 pass in quick proto ipv6-icmp from any to any @10 pass in quick proto ipv6-icmp from any to any @11 pass in quick proto ipv6-icmp from any to any @12 pass in quick proto ipv6-icmp from any to any @13 pass in quick proto ipv6-icmp from any to any @14 pass in quick proto ipv6-icmp from any to any @15 pass in quick on ngwan0 proto udp from any to any port = dhcpv6-client @16 block in quick on ngwan0 from 2001:xxx:xxxx::/64 to any @17 block in quick on ngwan0 from fec0::/10 to any @18 block in quick on ngwan0 from any to fec0::/10 @19 block in quick on ngwan0 from ::ffff:0.0.0.0/96 to any @20 block in quick on ngwan0 from any to ::ffff:0.0.0.0/96 @21 block in quick on ngwan0 from ::224.0.0.0/100 to any @22 block in quick on ngwan0 from any to ::224.0.0.0/100 @23 block in quick on ngwan0 from ::127.0.0.0/104 to any @24 block in quick on ngwan0 from any to ::127.0.0.0/104 @25 block in quick on ngwan0 from ::/104 to any @26 block in quick on ngwan0 from any to ::/104 @27 block in quick on ngwan0 from ::255.0.0.0/104 to any @28 block in quick on ngwan0 from any to ::255.0.0.0/104 @29 block in quick on ngwan0 from ::/96 to any @30 block in quick on ngwan0 from any to ::/96 @31 block in quick on ngwan0 from 2002:e000::/20 to any @32 block in quick on ngwan0 from any to 2002:e000::/20 @33 block in quick on ngwan0 from 2002:7f00::/24 to any @34 block in quick on ngwan0 from any to 2002:7f00::/24 @35 block in quick on ngwan0 from 2002::/24 to any @36 block in quick on ngwan0 from any to 2002::/24 @37 block in quick on ngwan0 from 2002:ff00::/24 to any @38 block in quick on ngwan0 from any to 2002:ff00::/24 @39 block in quick on ngwan0 from 2002:a00::/24 to any @40 block in quick on ngwan0 from any to 2002:a00::/24 @41 block in quick on ngwan0 from 2002:ac10::/28 to any @42 block in quick on ngwan0 from any to 2002:ac10::/28 @43 block in quick on ngwan0 from 2002:c0a8::/32 to any @44 block in quick on ngwan0 from any to 2002:c0a8::/32 @45 block in quick on ngwan0 from ff05::/16 to any @46 block in quick on ngwan0 from any to ff05::/16 @47 skip 1 in proto tcp from any to any flags S/FSRA @48 block in quick proto tcp from any to any @49 block in quick on vr0 all head 10100 @50 block in quick on ngwan0 all head 10200 @51 block in quick on vr2 all head 10300 @52 block in quick on wlan0 all head 10400 @53 block in quick all # Group 10100 @1 pass in quick from 2001:xxx:xxxx::/64 to 2001:xxx:xxxx::1/128 keep state group 10100 @2 pass in quick from any to any keep state group 10100 # Group 10200 # Group 10300 @1 pass in quick from any to any keep state group 10300 # Group 10400 @1 pass in quick from any to any keep state group 10400 unparsed ipnat rules map ngwan0 from 81.xxx.xxx.32/28 to 192.168.2.1/32 port = 21 -> 192.168.2.2/32 proxy port 21 ftp/tcp map ngwan0 from 81.xxx.xxx.32/28 to 192.168.2.1/32 -> 192.168.2.2/32 portmap tcp/udp 1024:64535 map ngwan0 from 81.xxx.xxx.32/28 to 192.168.2.1/32 -> 192.168.2.2/32 map ngwan0 from 81.xxx.xxx.64/32 to any port = 53 -> 0.0.0.0/32 tcp/udp unparsed ipfilter rules # loopback pass in quick on lo0 all pass out quick on lo0 all # block short packets block in quick all with short # block IP options block in quick all with ipopts # allow access to DHCP server on LAN pass in quick on vr0 proto udp from any port = 68 to 255.255.255.255 port = 67 pass in quick on vr0 proto udp from any port = 68 to 81.xxx.xxx.33 port = 67 pass out quick on vr0 proto udp from 81.xxx.xxx.33 port = 67 to any port = 68 # allow access to DHCP server on opt1 pass in quick on vr2 proto udp from any port = 68 to 255.255.255.255 port = 67 pass in quick on vr2 proto udp from any port = 68 to 81.xxx.xxx.33 port = 67 pass out quick on vr2 proto udp from 81.xxx.xxx.33 port = 67 to any port = 68 # allow access to DHCP server on opt2 pass in quick on wlan0 proto udp from any port = 68 to 255.255.255.255 port = 67 pass in quick on wlan0 proto udp from any port = 68 to 81.xxx.xxx.33 port = 67 pass out quick on wlan0 proto udp from 81.xxx.xxx.33 port = 67 to any port = 68 # WAN spoof check block in quick on ngwan0 from 81.xxx.xxx.32/28 to any # allow our DHCP client out to the WAN # XXX - should be more restrictive # (not possible at the moment - need 'me' like in ipfw) pass out quick on ngwan0 proto udp from any port = 68 to any port = 67 block in quick on ngwan0 proto udp from any port = 67 to 81.xxx.xxx.32/28 port = 68 pass in quick on ngwan0 proto udp from any port = 67 to any port = 68 # LAN/OPT spoof check (needs to be after DHCP because of broadcast addresses) # block anything from private networks on WAN interface block in quick on ngwan0 from 10.0.0.0/8 to any block in quick on ngwan0 from 127.0.0.0/8 to any block in quick on ngwan0 from 172.16.0.0/12 to any block in quick on ngwan0 from 192.168.0.0/16 to any # Block TCP packets that do not mark the start of a connection skip 1 in proto tcp all flags S/SAFR block in quick proto tcp all #--------------------------------------------------------------------------- # group head 100 - LAN interface #--------------------------------------------------------------------------- block in quick on vr0 all head 100 # let out anything from the firewall host itself and decrypted IPsec traffic pass out quick on vr0 all keep state #--------------------------------------------------------------------------- # group head 200 - WAN interface #--------------------------------------------------------------------------- block in quick on ngwan0 all head 200 # let out anything from the firewall host itself and decrypted IPsec traffic pass out quick on ngwan0 all keep state #--------------------------------------------------------------------------- # group head 300 - opt1 interface #--------------------------------------------------------------------------- block in quick on vr2 all head 300 # let out anything from the firewall host itself and decrypted IPsec traffic pass out quick on vr2 all keep state #--------------------------------------------------------------------------- # group head 400 - opt2 interface #--------------------------------------------------------------------------- block in quick on wlan0 all head 400 # let out anything from the firewall host itself and decrypted IPsec traffic pass out quick on wlan0 all keep state # make sure the user cannot lock himself out of the webGUI pass in quick from 81.xxx.xxx.32/28 to 81.xxx.xxx.33 keep state group 100 # User-defined rules follow pass in log first quick proto udp from any to 81.xxx.xxx.33/28 port = 500 keep state group 200 pass in log first quick proto udp from any to 81.xxx.xxx.33/28 port = 4500 keep state group 200 pass in quick proto esp from any to 81.xxx.xxx.33/28 keep state group 200 pass in quick proto udp from 81.187.30.110/29 port = 5060 to 81.xxx.xxx.38 port = 5060 keep state group 200 pass in quick proto udp from 81.187.30.119 port = 5060 to 81.xxx.xxx.38 port = 5060 keep state group 200 pass in quick proto udp from any port 5003 >< 5021 to 81.xxx.xxx.38 port 5003 >< 5021 keep state group 200 pass in quick proto udp from 81.187.30.110/29 port = 2002 to 81.xxx.xxx.38 port = 2002 keep state group 200 pass in quick proto udp from 81.187.30.119 port = 2002 to 81.xxx.xxx.38 port = 2002 keep state group 200 pass in quick from any to any keep state group 400 pass in quick from any to any keep state group 300 pass in quick from any to any keep state group 100 pass in quick proto udp from any to 81.xxx.xxx.38 port = 5060 keep state group 100 pass in quick proto udp from any to 81.xxx.xxx.38 port 5003 >< 5021 keep state group 100 #--------------------------------------------------------------------------- # default rules (just to be sure) #--------------------------------------------------------------------------- block in quick all block out quick all unparsed IPv6 ipfilter rules # loopback pass in quick on lo0 all pass out quick on lo0 all # allow link-local traffic on LAN pass in quick on vr0 from fe80::/10 to fe80::/10 pass out quick on vr0 from fe80::/10 to fe80::/10 # allow access to DHCPv6 server on LAN pass in quick on vr0 proto udp from any port = 546 to ff02::1:2 port = 547 # allow link-local traffic on opt1 pass in quick on vr2 from fe80::/10 to fe80::/10 pass out quick on vr2 from fe80::/10 to fe80::/10 # allow access to DHCP server on opt1 pass in quick on vr2 proto udp from any port = 546 to ff02::1:2 port = 547 # allow link-local traffic on opt2 pass in quick on wlan0 from fe80::/10 to fe80::/10 pass out quick on wlan0 from fe80::/10 to fe80::/10 # allow access to DHCP server on opt2 pass in quick on wlan0 proto udp from any port = 546 to ff02::1:2 port = 547 # allow essential ICMPv6 messages: router and neighbor soliciation/advertisement pass in quick proto ipv6-icmp from any to any icmp-type 133 pass in quick proto ipv6-icmp from any to any icmp-type 134 pass in quick proto ipv6-icmp from any to any icmp-type 135 pass in quick proto ipv6-icmp from any to any icmp-type 136 pass out quick proto ipv6-icmp from any to any icmp-type 133 pass out quick proto ipv6-icmp from any to any icmp-type 134 pass out quick proto ipv6-icmp from any to any icmp-type 135 pass out quick proto ipv6-icmp from any to any icmp-type 136 # also allow ICMPv6 destination unreachable, packet too big (PMTUD) and time exceeded pass in quick proto ipv6-icmp from any to any icmp-type 1 pass out quick proto ipv6-icmp from any to any icmp-type 1 pass in quick proto ipv6-icmp from any to any icmp-type 2 pass out quick proto ipv6-icmp from any to any icmp-type 2 pass in quick proto ipv6-icmp from any to any icmp-type 3 pass out quick proto ipv6-icmp from any to any icmp-type 3 # allow our DHCPv6 client out to the WAN # XXX - should be more restrictive # (not possible at the moment - need 'me' like in ipfw) pass out quick on ngwan0 proto udp from any port = 546 to any port = 547 pass in quick on ngwan0 proto udp from any to any port = 546 # WAN spoof check block in quick on ngwan0 from 2001:xxx:xxxx:0:0:0:0:0/64 to any # Stop site-local on the outside interface block in quick on ngwan0 from fec0::/10 to any block in quick on ngwan0 from any to fec0::/10 # Disallow "internal" addresses to appear on the wire. block in quick on ngwan0 from ::ffff:0.0.0.0/96 to any block in quick on ngwan0 from any to ::ffff:0.0.0.0/96 # Disallow packets to malicious IPv4 compatible prefix. block in quick on ngwan0 from ::224.0.0.0/100 to any block in quick on ngwan0 from any to ::224.0.0.0/100 block in quick on ngwan0 from ::127.0.0.0/104 to any block in quick on ngwan0 from any to ::127.0.0.0/104 block in quick on ngwan0 from ::0.0.0.0/104 to any block in quick on ngwan0 from any to ::0.0.0.0/104 block in quick on ngwan0 from ::255.0.0.0/104 to any block in quick on ngwan0 from any to ::255.0.0.0/104 block in quick on ngwan0 from ::0.0.0.0/96 to any block in quick on ngwan0 from any to ::0.0.0.0/96 # Disallow packets to malicious 6to4 prefix. block in quick on ngwan0 from 2002:e000::/20 to any block in quick on ngwan0 from any to 2002:e000::/20 block in quick on ngwan0 from 2002:7f00::/24 to any block in quick on ngwan0 from any to 2002:7f00::/24 block in quick on ngwan0 from 2002:0000::/24 to any block in quick on ngwan0 from any to 2002:0000::/24 block in quick on ngwan0 from 2002:ff00::/24 to any block in quick on ngwan0 from any to 2002:ff00::/24 block in quick on ngwan0 from 2002:0a00::/24 to any block in quick on ngwan0 from any to 2002:0a00::/24 block in quick on ngwan0 from 2002:ac10::/28 to any block in quick on ngwan0 from any to 2002:ac10::/28 block in quick on ngwan0 from 2002:c0a8::/32 to any block in quick on ngwan0 from any to 2002:c0a8::/32 block in quick on ngwan0 from ff05::/16 to any block in quick on ngwan0 from any to ff05::/16 pass in quick on ngwan0 proto udp from any to any port = 546 # Block TCP packets that do not mark the start of a connection skip 1 in proto tcp all flags S/SAFR block in quick proto tcp all #--------------------------------------------------------------------------- # group head 10100 - LAN interface #--------------------------------------------------------------------------- block in quick on vr0 all head 10100 # let out anything from the firewall host itself and decrypted IPsec traffic pass out quick on vr0 all keep state #--------------------------------------------------------------------------- # group head 10200 - WAN interface #--------------------------------------------------------------------------- block in quick on ngwan0 all head 10200 # let out anything from the firewall host itself and decrypted IPsec traffic pass out quick on ngwan0 all keep state #--------------------------------------------------------------------------- # group head 10300 - opt1 interface #--------------------------------------------------------------------------- block in quick on vr2 all head 10300 # let out anything from the firewall host itself and decrypted IPsec traffic pass out quick on vr2 all keep state #--------------------------------------------------------------------------- # group head 10400 - opt2 interface #--------------------------------------------------------------------------- block in quick on wlan0 all head 10400 # let out anything from the firewall host itself and decrypted IPsec traffic pass out quick on wlan0 all keep state # make sure the user cannot lock himself out of the webGUI pass in quick from 2001:xxx:xxxx:0:0:0:0:0/64 to 2001:xxx:xxxx::1 keep state group 10100 # User-defined rules follow pass in quick from any to any keep state group 10400 pass in quick from any to any keep state group 10300 pass in quick from any to any keep state group 10100 #--------------------------------------------------------------------------- # default rules (just to be sure) #--------------------------------------------------------------------------- block in quick all block out quick all unparsed ipfw rules add 50000 set 4 pass all from 81.xxx.xxx.33 to any add 50001 set 4 pass all from any to 81.xxx.xxx.33 add 50002 set 4 pipe 3 udp from 81.xxx.xxx.38 to any iptos lowdelay,throughput out via ngwan0 add 50003 set 4 pipe 4 udp from any to 81.xxx.xxx.38 iptos lowdelay,throughput in via ngwan0 add 50004 set 4 queue 3 tcp from any to any iplen 0-80 tcpflags ack out via ngwan0 add 50005 set 4 queue 1 all from any to any iplen 0-100 out via ngwan0 add 50006 set 4 queue 1 udp from any to any 53 out via ngwan0 add 50007 set 4 queue 1 ah from any to any out via ngwan0 add 50008 set 4 queue 1 esp from any to any out via ngwan0 add 50009 set 4 queue 1 gre from any to any out via ngwan0 add 50010 set 4 queue 2 icmp from any to any out via ngwan0 add 50011 set 4 queue 4 all from any to any out via ngwan0 add 50012 set 4 queue 8 icmp from any to any in via ngwan0 add 50013 set 4 queue 8 all from any to any iplen 0-100 in via ngwan0 add 50014 set 4 queue 8 ah from any to any in via ngwan0 add 50015 set 4 queue 8 esp from any to any in via ngwan0 add 50016 set 4 queue 8 gre from any to any in via ngwan0 add 50017 set 4 queue 6 all from any to any in via ngwan0 pipe 1 config bw 275Kbit/s pipe 2 config bw 7466Kbit/s pipe 3 config bw 128Kbit/s pipe 4 config bw 256Kbit/s queue 1 config pipe 1 weight 50 queue 2 config pipe 1 weight 30 queue 3 config pipe 1 weight 15 queue 4 config pipe 1 weight 4 queue 5 config pipe 1 weight 1 queue 6 config pipe 2 weight 30 queue 7 config pipe 2 weight 10 queue 8 config pipe 2 weight 60 resolv.conf domain xxx.xx.uk nameserver 217.169.20.20 nameserver 217.169.20.21 Processes USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND root 10 78.5 0.0 0 8 ?? RL 2:13PM 3:26.27 [idle] root 266 7.2 1.4 5076 2988 ?? S 2:17PM 0:00.79 /usr/local/sbin/mini_httpd -S -E /var/etc/cert.pem -c **.php|**.cgi -u root -maxproc 16 -i /var/run/mini_httpd.pid root 264 5.2 4.0 10300 8588 ?? SN 2:17PM 0:00.62 /usr/local/bin/php status.php root 11 1.6 0.1 0 112 ?? WL 2:13PM 0:03.20 [intr] root 0 0.0 0.0 0 56 ?? DLs 2:13PM 0:01.46 [kernel] root 1 0.0 0.2 2912 472 ?? ILs 2:13PM 0:00.13 /sbin/init -- root 2 0.0 0.0 0 8 ?? DL 2:13PM 0:00.02 [g_event] root 3 0.0 0.0 0 8 ?? DL 2:13PM 0:00.01 [g_up] root 4 0.0 0.0 0 8 ?? DL 2:13PM 0:00.01 [g_down] root 5 0.0 0.0 0 8 ?? DL 2:13PM 0:00.00 [crypto] root 6 0.0 0.0 0 8 ?? DL 2:13PM 0:00.00 [crypto returns] root 7 0.0 0.0 0 8 ?? DL 2:13PM 0:00.00 [xpt_thrd] root 8 0.0 0.0 0 8 ?? DL 2:13PM 0:00.07 [md0] root 9 0.0 0.0 0 8 ?? DL 2:13PM 0:00.00 [pagedaemon] root 12 0.0 0.0 0 8 ?? DL 2:13PM 0:00.00 [ng_queue] root 13 0.0 0.0 0 8 ?? DL 2:13PM 0:00.90 [yarrow] root 14 0.0 0.0 0 64 ?? DL 2:13PM 0:00.11 [usb] root 15 0.0 0.0 0 8 ?? DL 2:13PM 0:00.00 [idlepoll] root 16 0.0 0.0 0 8 ?? DL 2:13PM 0:00.00 [pagezero] root 17 0.0 0.0 0 8 ?? DL 2:13PM 0:00.00 [bufdaemon] root 18 0.0 0.0 0 8 ?? DL 2:13PM 0:00.01 [syncer] root 19 0.0 0.0 0 8 ?? DL 2:13PM 0:00.00 [vnlru] root 20 0.0 0.0 0 8 ?? DL 2:13PM 0:00.00 [softdepflush] root 21 0.0 0.0 0 8 ?? DL 2:13PM 0:00.00 [flowcleaner] root 64 0.0 0.8 3476 1628 ?? Ss 2:13PM 0:00.01 /usr/sbin/hostapd -B -P /var/run/hostapd-wlan0.pid /var/etc/hostapd-wlan0.conf root 72 0.0 1.9 7848 4024 ?? Ss 2:13PM 0:00.21 /usr/local/sbin/mpd5 -b -d /var/etc -p /var/run/mpd.pid pppoe root 120 0.0 0.8 3292 1748 ?? Ss 2:13PM 0:00.01 /sbin/ipmon -sD root 131 0.0 0.6 3380 1248 ?? Ss 2:13PM 0:00.04 /usr/sbin/syslogd -ss root 133 0.0 1.3 5076 2860 ?? Ss 2:13PM 0:00.01 /usr/local/sbin/mini_httpd -S -E /var/etc/cert.pem -c **.php|**.cgi -u root -maxproc 16 -i /var/run/mini_httpd.pid nobody 136 0.0 0.7 3292 1428 ?? S 2:13PM 0:00.03 /usr/local/sbin/dnsmasq --edns-packet-max=4096 -l /var/db/dhcpd.leases -s xxx.xx.uk --server=/xxx.xx.uk/81.xxx.xxx.33 root 141 0.0 1.6 4316 3420 ?? Ss 2:13PM 0:00.00 /usr/local/sbin/dhcpd -cf /var/etc/dhcpd.conf vr0 root 149 0.0 0.6 3292 1272 ?? Is 2:13PM 0:00.00 /usr/local/sbin/dhcp6s -c /var/etc/dhcp6s.vr0.conf -k /var/run/dhcp6sctlkey -p 64705 -P /var/run/dhcp6s.vr0.pid vr0 root 164 0.0 0.7 3632 1452 ?? I 2:13PM 0:00.01 /bin/sh /etc/rc.initial console root 207 0.0 0.5 3292 1116 ?? Ss 2:13PM 0:00.04 /usr/sbin/rtadvd -D -c /var/etc/rtadvd.conf vr0 root 265 0.0 1.4 5076 2984 ?? S 2:17PM 0:00.00 /usr/local/sbin/mini_httpd -S -E /var/etc/cert.pem -c **.php|**.cgi -u root -maxproc 16 -i /var/run/mini_httpd.pid root 284 0.0 0.6 3432 1192 ?? RN 2:17PM 0:00.01 ps xauww root 138 0.0 0.7 3632 1436 u0- I+ 2:13PM 0:00.01 /bin/sh /usr/local/bin/runsntp.sh /var/run/runsntp.pid /var/run/sntp.pid 300 0.m0n0wall.pool.ntp.org root 139 0.0 0.7 3396 1384 u0- I+ 2:13PM 0:00.02 /usr/sbin/sntp -r -P no -l /var/run/sntp.pid -x 300 0.m0n0wall.pool.ntp.org dhcpd.conf option domain-name "xxx.xx.uk"; default-lease-time 7200; max-lease-time 86400; authoritative; log-facility local7; ddns-update-style none; subnet 81.xxx.xxx.32 netmask 255.255.255.240 { pool { range 81.xxx.xxx.44 81.xxx.xxx.46; } option routers 81.xxx.xxx.33; option domain-name-servers 81.xxx.xxx.33; default-lease-time 21600; max-lease-time 86400; } host s_lan_0 { hardware ethernet 00:1b:fc:31:3c:8f; fixed-address 81.xxx.xxx.34; } host s_lan_1 { hardware ethernet 00:e0:4c:04:c8:8f; fixed-address 81.xxx.xxx.36; } host s_lan_2 { hardware ethernet 00:14:a4:6a:bc:c6; fixed-address 81.xxx.xxx.37; } host s_lan_3 { hardware ethernet 7c:2f:80:04:d3:a6; fixed-address 81.xxx.xxx.38; } host s_lan_4 { hardware ethernet 08:00:46:6e:4b:8a; fixed-address 81.xxx.xxx.39; } host s_lan_5 { hardware ethernet 90:a4:de:81:68:56; fixed-address 81.xxx.xxx.40; } host s_lan_6 { hardware ethernet 00:c0:32:00:a0:46; fixed-address 81.xxx.xxx.42; } host s_lan_7 { hardware ethernet 00:26:37:3b:ac:b8; fixed-address 81.xxx.xxx.43; } ez-ipupdate.cache cat: /conf/ez-ipupdate.cache: No such file or directory rtadvd.conf vr0:raflags="":maxinterval#10:mininterval#4:prefixlen#64 df Filesystem 512-blocks Used Avail Capacity Mounted on /dev/md0 70526 34178 36348 48% / devfs 2 2 0 100% /dev /dev/ad0a 48406 22968 25438 47% /cf racoon.conf cat: /var/etc/racoon.conf: No such file or directory SPD No SPD entries. SAD No SAD entries. last 200 system log entries Feb 12 14:13:40 m0n0wall syslogd: kernel boot file is /kernel Feb 12 14:13:40 m0n0wall kernel: Copyright (c) 1992-2011 The FreeBSD Project. Feb 12 14:13:40 m0n0wall kernel: Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 Feb 12 14:13:40 m0n0wall kernel: The Regents of the University of California. All rights reserved. Feb 12 14:13:40 m0n0wall kernel: FreeBSD is a registered trademark of The FreeBSD Foundation. Feb 12 14:13:40 m0n0wall kernel: FreeBSD 8.2-RELEASE-p6 #0: Sat Feb 11 21:55:36 CET 2012 Feb 12 14:13:40 m0n0wall kernel: root@builder82.m0n0.ch:/usr/m0n0wall/build82/tmp/sys/i386/compile/M0N0WALL_GENERIC i386 Feb 12 14:13:40 m0n0wall kernel: Timecounter "i8254" frequency 1193182 Hz quality 0 Feb 12 14:13:40 m0n0wall kernel: CPU: Geode(TM) Integrated Processor by AMD PCS (498.05-MHz 586-class CPU) Feb 12 14:13:40 m0n0wall kernel: Origin = "AuthenticAMD" Id = 0x5a2 Family = 5 Model = a Stepping = 2 Feb 12 14:13:40 m0n0wall kernel: Features=0x88a93d Feb 12 14:13:40 m0n0wall kernel: AMD Features=0xc0400000 Feb 12 14:13:40 m0n0wall kernel: real memory = 268435456 (256 MB) Feb 12 14:13:40 m0n0wall kernel: avail memory = 210477056 (200 MB) Feb 12 14:13:40 m0n0wall kernel: pnpbios: Bad PnP BIOS data checksum Feb 12 14:13:40 m0n0wall kernel: wlan: mac acl policy registered Feb 12 14:13:40 m0n0wall kernel: kbd0 at kbdmux0 Feb 12 14:13:40 m0n0wall kernel: K6-family MTRR support enabled (2 registers) Feb 12 14:13:40 m0n0wall kernel: cryptosoft0: on motherboard Feb 12 14:13:40 m0n0wall kernel: pcib0: pcibus 0 on motherboard Feb 12 14:13:40 m0n0wall kernel: pci0: on pcib0 Feb 12 14:13:40 m0n0wall kernel: Geode LX: PC Engines ALIX.2 v0.99 tinyBIOS V1.4a (C)1997-2007 Feb 12 14:13:40 m0n0wall kernel: pci0: at device 1.2 (no driver attached) Feb 12 14:13:40 m0n0wall kernel: vr0: port 0x1000-0x10ff mem 0xe0000000-0xe00000ff irq 10 at device 9.0 on pci0 Feb 12 14:13:40 m0n0wall kernel: vr0: Quirks: 0x2 Feb 12 14:13:40 m0n0wall kernel: vr0: Revision: 0x96 Feb 12 14:13:40 m0n0wall kernel: miibus0: on vr0 Feb 12 14:13:40 m0n0wall kernel: ukphy0: PHY 1 on miibus0 Feb 12 14:13:40 m0n0wall kernel: ukphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto Feb 12 14:13:40 m0n0wall kernel: vr0: Ethernet address: 00:0d:b9:17:2b:bc Feb 12 14:13:40 m0n0wall kernel: vr0: [ITHREAD] Feb 12 14:13:40 m0n0wall kernel: vr1: port 0x1400-0x14ff mem 0xe0040000-0xe00400ff irq 11 at device 10.0 on pci0 Feb 12 14:13:40 m0n0wall kernel: vr1: Quirks: 0x2 Feb 12 14:13:40 m0n0wall kernel: vr1: Revision: 0x96 Feb 12 14:13:40 m0n0wall kernel: miibus1: on vr1 Feb 12 14:13:40 m0n0wall kernel: ukphy1: PHY 1 on miibus1 Feb 12 14:13:40 m0n0wall kernel: ukphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto Feb 12 14:13:40 m0n0wall kernel: vr1: Ethernet address: 00:0d:b9:17:2b:bd Feb 12 14:13:40 m0n0wall kernel: vr1: [ITHREAD] Feb 12 14:13:40 m0n0wall kernel: vr2: port 0x1800-0x18ff mem 0xe0080000-0xe00800ff irq 12 at device 11.0 on pci0 Feb 12 14:13:40 m0n0wall kernel: vr2: Quirks: 0x2 Feb 12 14:13:40 m0n0wall kernel: vr2: Revision: 0x96 Feb 12 14:13:40 m0n0wall kernel: miibus2: on vr2 Feb 12 14:13:40 m0n0wall kernel: ukphy2: PHY 1 on miibus2 Feb 12 14:13:40 m0n0wall kernel: ukphy2: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto Feb 12 14:13:40 m0n0wall kernel: vr2: Ethernet address: 00:0d:b9:17:2b:be Feb 12 14:13:40 m0n0wall kernel: vr2: [ITHREAD] Feb 12 14:13:40 m0n0wall kernel: ath0: mem 0xe00c0000-0xe00cffff irq 9 at device 12.0 on pci0 Feb 12 14:13:40 m0n0wall kernel: ath0: [ITHREAD] Feb 12 14:13:40 m0n0wall kernel: ath0: AR5212 mac 5.9 RF5112 phy 4.3 Feb 12 14:13:40 m0n0wall kernel: isab0: port 0x6000-0x6007,0x6100-0x61ff,0x6200-0x623f,0x9d00-0x9d7f,0x9c00-0x9c3f at device 15.0 on pci0 Feb 12 14:13:40 m0n0wall kernel: isa0: on isab0 Feb 12 14:13:40 m0n0wall kernel: atapci0: port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xff00-0xff0f at device 15.2 on pci0 Feb 12 14:13:40 m0n0wall kernel: ata0: on atapci0 Feb 12 14:13:40 m0n0wall kernel: ata0: [ITHREAD] Feb 12 14:13:40 m0n0wall kernel: ata1: on atapci0 Feb 12 14:13:40 m0n0wall kernel: ata1: [ITHREAD] Feb 12 14:13:40 m0n0wall kernel: ohci0: mem 0xefffe000-0xefffefff irq 15 at device 15.4 on pci0 Feb 12 14:13:40 m0n0wall kernel: ohci0: [ITHREAD] Feb 12 14:13:40 m0n0wall kernel: usbus0: on ohci0 Feb 12 14:13:40 m0n0wall kernel: ehci0: mem 0xefffd000-0xefffdfff irq 15 at device 15.5 on pci0 Feb 12 14:13:40 m0n0wall kernel: ehci0: [ITHREAD] Feb 12 14:13:40 m0n0wall kernel: usbus1: EHCI version 1.0 Feb 12 14:13:40 m0n0wall kernel: usbus1: on ehci0 Feb 12 14:13:40 m0n0wall kernel: cpu0 on motherboard Feb 12 14:13:40 m0n0wall kernel: pmtimer0 on isa0 Feb 12 14:13:40 m0n0wall kernel: orm0: at iomem 0xe0000-0xea7ff pnpid ORM0000 on isa0 Feb 12 14:13:40 m0n0wall kernel: uart0: <16550 or compatible> at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0 Feb 12 14:13:40 m0n0wall kernel: uart0: [FILTER] Feb 12 14:13:40 m0n0wall kernel: uart0: console (9600,n,8,1) Feb 12 14:13:40 m0n0wall kernel: atrtc0: at port 0x70 irq 8 on isa0 Feb 12 14:13:40 m0n0wall kernel: Timecounter "TSC" frequency 498052739 Hz quality 800 Feb 12 14:13:40 m0n0wall kernel: Timecounters tick every 1.000 msec Feb 12 14:13:40 m0n0wall kernel: IPsec: Initialized Security Association Processing. Feb 12 14:13:40 m0n0wall kernel: IP Filter: v4.1.34 initialized. Default = block all, Logging = enabled Feb 12 14:13:40 m0n0wall kernel: usbus0: 12Mbps Full Speed USB v1.0 Feb 12 14:13:40 m0n0wall kernel: usbus1: 480Mbps High Speed USB v2.0 Feb 12 14:13:40 m0n0wall kernel: ugen0.1: at usbus0 Feb 12 14:13:40 m0n0wall kernel: uhub0: on usbus0 Feb 12 14:13:40 m0n0wall kernel: ugen1.1: at usbus1 Feb 12 14:13:40 m0n0wall kernel: uhub1: on usbus1 Feb 12 14:13:40 m0n0wall kernel: mad0: 121MB at ata0-master PIO4 Feb 12 14:13:40 m0n0wall kernel: d0: Preloaded image 38674432 bytes at 0xc0d7b4d4 Feb 12 14:13:40 m0n0wall kernel: Root mount waiting for: usbus1 usbus0 Feb 12 14:13:40 m0n0wall kernel: uhub0: 4 ports with 4 removable, self powered Feb 12 14:13:40 m0n0wall kernel: Root mount waiting for: usbus1 Feb 12 14:13:40 m0n0wall kernel: uhub1: 4 ports with 4 removable, self powered Feb 12 14:13:40 m0n0wall kernel: Trying to mount root from ufs:/dev/md0 Feb 12 14:13:40 m0n0wall kernel: glxsb0: mem 0xefff4000-0xefff7fff irq 9 at device 1.2 on pci0 Feb 12 14:13:40 m0n0wall kernel: wlan0: Ethernet address: 90:a4:de:81:68:7b Feb 12 14:13:40 m0n0wall kernel: bridge0: Ethernet address: ce:30:f4:55:8b:75 Feb 12 14:13:40 m0n0wall kernel: bridge0: Ethernet address: 8a:2a:4a:fb:7b:fd Feb 12 14:13:40 m0n0wall dnsmasq[136]: started, version 2.59rc1 cachesize 150 Feb 12 14:13:40 m0n0wall dnsmasq[136]: compile time options: IPv6 GNU-getopt no-DBus no-i18n DHCP TFTP no-conntrack no-IDN Feb 12 14:13:40 m0n0wall dnsmasq[136]: ignoring nameserver 81.xxx.xxx.33 - local interface Feb 12 14:13:40 m0n0wall dnsmasq[136]: ignoring nameserver 81.xxx.xxx.33 - local interface Feb 12 14:13:40 m0n0wall dnsmasq[136]: failed to access /var/db/dhcpd.leases: No such file or directory Feb 12 14:13:40 m0n0wall dnsmasq[136]: failed to access /var/db/dhcpd.leases: No such file or directory Feb 12 14:13:40 m0n0wall dnsmasq[136]: reading /etc/resolv.conf Feb 12 14:13:40 m0n0wall dnsmasq[136]: using nameserver 2001:8b0::2020#53 Feb 12 14:13:41 m0n0wall dnsmasq[136]: using nameserver 217.169.20.21#53 Feb 12 14:13:41 m0n0wall dnsmasq[136]: using nameserver 217.169.20.20#53 Feb 12 14:13:41 m0n0wall dnsmasq[136]: read /etc/hosts - 9 addresses Feb 12 14:13:41 m0n0wall dhcpd: Internet Systems Consortium DHCP Server 4.1-ESV-R4 Feb 12 14:13:41 m0n0wall dhcpd: Copyright 2004-2011 Internet Systems Consortium. Feb 12 14:13:41 m0n0wall dhcpd: All rights reserved. Feb 12 14:13:41 m0n0wall dhcpd: For info, please visit https://www.isc.org/software/dhcp/ Feb 12 14:13:41 m0n0wall dhcp6s[149]: dhcp6_ctl_authinit: failed to decode base64 string Feb 12 14:13:41 m0n0wall dhcp6s[149]: dhcp6_ctl_authinit: failed to decode base64 string Feb 12 14:13:41 m0n0wall kernel: ipfw2 (+ipv6) initialized, divert loadable, nat loadable, rule-based forwarding enabled, default to accept, logging disabled Feb 12 14:13:41 m0n0wall kernel: load_dn_sched dn_sched FIFO loaded Feb 12 14:13:41 m0n0wall kernel: load_dn_sched dn_sched QFQ loaded Feb 12 14:13:41 m0n0wall kernel: load Feb 12 14:13:41 m0n0wall kernel: stray irq7 Feb 12 14:13:41 m0n0wall kernel: _dn_sched dn_sched RR loaded Feb 12 14:13:41 m0n0wall kernel: load_dn_sched dn_sched WF2Q+ loaded Feb 12 14:13:41 m0n0wall kernel: load_dn_sched dn_sched PRIO loaded Feb 12 14:13:46 m0n0wall dnsmasq[136]: reading /var/db/dhcpd.leases Feb 12 14:13:46 m0n0wall dnsmasq[136]: reading /etc/resolv.conf Feb 12 14:13:46 m0n0wall dnsmasq[136]: using nameserver 217.169.20.21#53 Feb 12 14:13:46 m0n0wall dnsmasq[136]: using nameserver 217.169.20.20#53 Feb 12 14:13:48 m0n0wall hostapd: wlan0: STA 90:a4:de:81:68:56 IEEE 802.11: associated Feb 12 14:13:48 m0n0wall hostapd: wlan0: STA 90:a4:de:81:68:56 RADIUS: starting accounting session 4F37C90E-00000000 Feb 12 14:13:48 m0n0wall hostapd: wlan0: STA 90:a4:de:81:68:56 WPA: pairwise key handshake completed (RSN) last 50 filter log entries ls /conf config.xml ls /var/run dhcp6s.vr0.pid dhcp6sctlkey dhcpd.pid dnsmasq.pid hostapd-wlan0.pid htpasswd ipmon.pid ld-elf.so.hints log logpriv mini_httpd.pid mpd.pid rtadvd.pid runsntp.pid sntp.pid syslog.pid utmp config.xml 1.9 1329047706 m0n0wall xxx.xx.uk admin xxxxx Europe/London 300 0.m0n0wall.pool.ntp.org https C 217.169.20.20 217.169.20.21 2001:8b0::2020 vr0 81.xxx.xxx.33 28 2001:xxx:xxxx::1 64 vr1 pppoe ppp OPT1 vr2 31 lan WLAN-OPT2 wlan0 31 lan xxxx@a xxxxx aaisp dyndns phdassociates xxxxx phdassociates dyndns-office.com 60 81.xxx.xxx.44 81.xxx.xxx.46 00:1b:fc:31:3c:8f 2001:xxx:xxxx:x:xxx:fcff:fe31:3c8f bandit 00:1b:fc:31:3c:8f 81.xxx.xxx.34 bandit 00:e0:4c:04:c8:8f 81.xxx.xxx.36 xxxxx-xp 00:14:a4:6a:bc:c6 81.xxx.xxx.37 acer 7c:2f:80:04:d3:a6 81.xxx.xxx.38 S685-IP 08:00:46:6e:4b:8a 81.xxx.xxx.39 smeserver 90:a4:de:81:68:56 81.xxx.xxx.40 alix WLAN IPV4 00:c0:32:00:a0:46 81.xxx.xxx.42 rpc 00:26:37:3b:ac:b8 81.xxx.xxx.43 Blade mobile 21600 86400 2001:xxx:xxxx::2 2001:xxx:xxxx::10 21600 86400 16 xxx.xx.uk 81.xxx.xxx.33 monowall acer xxx.xx.uk 81.xxx.xxx.37 alix xxx.xx.uk 81.xxx.xxx.40 bandit xxx.xx.uk 81.xxx.xxx.34 Blade-mobile xxx.xx.uk 81.xxx.xxx.43 xxxxx-xp xxx.xx.uk 81.xxx.xxx.36 rpc xxx.xx.uk 81.xxx.xxx.42 S685-IP xxx.xx.uk 81.xxx.xxx.38 public 300 81.xxx.xxx.32/28 ADSL Router NAT 192.168.2.2 wan 192.168.2.1/32 pass wan udp
81.xxx.xxx.33/28
500
IPsec ESP IKE
pass wan udp
81.xxx.xxx.33/28
4500
IPsec ESP NAT-T allow
pass wan esp
81.xxx.xxx.33/28
IPsec ESP allow
pass wan udp
81.187.30.110/29
5060
81.xxx.xxx.38
5060
SIP ports
pass wan udp
81.187.30.119
5060
81.xxx.xxx.38
5060
SIP ports
pass wan udp 5004-5020
81.xxx.xxx.38
5004-5020
RTP ports
pass wan udp
81.187.30.110/29
2002
81.xxx.xxx.38
2002
SIP port 2002
pass wan udp
81.187.30.119
2002
81.xxx.xxx.38
2002
SIP port 2002
pass wan tcp
81.xxx.xxx.33
443
Allow Remote Admin
pass opt3 opt3 Default WAN -> any pass opt2 Default WLAN -> any pass opt1 Default OPT1 -> any pass lan Default LAN -> any pass lan udp
81.xxx.xxx.38
5060
pass lan udp
81.xxx.xxx.38
5004-5020
pass Default IPsec VPN ipsec pass opt3 opt3 Default WAN -> Any pass opt2 Default WLAN -> Any pass opt1 Default VOIP -> Any pass lan Default LAN -> Any
120 wan lan 192.168.0.0/24 xxxxxxxxxxxxx.dyndns-office.com main 3des sha1 2 28800 xxxxx pre_shared_key esp 3des blowfish cast128 rijndael hmac_sha1 hmac_md5 2 86400 xxxxxfrom PHD xxxxx@xxx.xx.uk xxxxx 60 aggressive 3des sha1 2 28800 pre_shared_key esp 3des blowfish cast128 rijndael hmac_sha1 hmac_md5 2 28800 275 m_Total Upload 7466 m_Total Download 128 Dedicated VOIP Outbound 256 Dedicated VOIP Inbound m_High Priority #1 Upload 0 50 m_High Priority #2 Upload 0 30 m_High Priority #3 Upload 0 15 m_Bulk Upload 0 4 m_Hated Upload 0 1 m_Bulk Download 1 30 m_Hated Download 1 10 m_High Priority Download 1 60 wan udp
81.xxx.xxx.38
out lowdelay,throughput m_Outbound VOIP from 81.xxx.xxx.38 2
wan udp
81.xxx.xxx.38
in lowdelay,throughput m_Inbound VOIP to 81.xxx.xxx.38 3
m_TCP ACK Upload 2 wan out 0-80 tcp ack m_Small Pkt Upload 0 wan out 0-100 m_Outbound DNS Query 0 wan out 53 udp m_AH Upload 0 wan out ah m_ESP Upload 0 wan out esp m_GRE Upload 0 wan out gre m_ICMP Upload 1 wan out icmp m_Catch-All Upload 3 wan out m_ICMP Download 7 wan in icmp m_Small Pkt Download 7 wan in 0-100 m_AH Download 7 wan in ah m_ESP Download 7 wan in esp m_GRE Download 7 wan in gre m_Catch-All Download 5 wan in 448 8128
ath0 11b hostap xxxxxxxxxxxx 0 psk 3 ccmp xxxxxxxxxxxxxxx