Appendix A. UNIX Kernel Configuration Files
Appendix A. UNIX Kernel Configuration Files
This appendix presents the network-relevant configuration file portions for Linux, OpenBSD, and FreeBSD. It is assumed that you are familiar with how to configure and compile modular kernels on the respective platform. Relevant remarks are offered as comments within the configuration. Be warned that these are not full configurations, just fragments to be incorporated in the labs for this book, and they might differ slightly within minor revisions of your kernel series. Example A-1 presents a Linux configuration for the 2.4.x kernel series, Example A-2 shows an OpenBSD configuration for 3.x, and Example A-3 lists a configuration for the 4.x FreeBSD kernel series.
Example A-1. Linux 2.4.22 Network Kernel Options
# # Code maturity-level options # CONFIG_EXPERIMENTAL=y # # Loadable module support # CONFIG_MODULES=y CONFIG_MODVERSIONS=y CONFIG_KMOD=y # # Networking options # CONFIG_PACKET=y CONFIG_PACKET_MMAP=y CONFIG_NETLINK_DEV=y CONFIG_NETFILTER=y CONFIG_NETFILTER_DEBUG=y CONFIG_FILTER=y CONFIG_UNIX=y CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_FWMARK=y CONFIG_IP_ROUTE_NAT=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_TOS=y CONFIG_IP_ROUTE_VERBOSE=y # CONFIG_IP_PNP is not set CONFIG_NET_IPIP=m CONFIG_NET_IPGRE=m CONFIG_NET_IPGRE_BROADCAST=y CONFIG_IP_MROUTE=y CONFIG_IP_PIMSM_V1=y CONFIG_IP_PIMSM_V2=y # CONFIG_ARPD is not set # CONFIG_INET_ECN is not set CONFIG_SYN_COOKIES=y # # IP: Netfilter Configuration # CONFIG_IP_NF_CONNTRACK=m CONFIG_IP_NF_FTP=m # CONFIG_IP_NF_AMANDA is not set # CONFIG_IP_NF_TFTP is not set CONFIG_IP_NF_IRC=m CONFIG_IP_NF_QUEUE=m CONFIG_IP_NF_IPTABLES=m CONFIG_IP_NF_MATCH_LIMIT=m CONFIG_IP_NF_MATCH_MAC=m CONFIG_IP_NF_MATCH_PKTTYPE=m CONFIG_IP_NF_MATCH_MARK=m CONFIG_IP_NF_MATCH_MULTIPORT=m CONFIG_IP_NF_MATCH_TOS=m # CONFIG_IP_NF_MATCH_RECENT is not set CONFIG_IP_NF_MATCH_ECN=m CONFIG_IP_NF_MATCH_DSCP=m CONFIG_IP_NF_MATCH_AH_ESP=m CONFIG_IP_NF_MATCH_LENGTH=m CONFIG_IP_NF_MATCH_TTL=m CONFIG_IP_NF_MATCH_TCPMSS=m CONFIG_IP_NF_MATCH_HELPER=m CONFIG_IP_NF_MATCH_STATE=m CONFIG_IP_NF_MATCH_CONNTRACK=m CONFIG_IP_NF_MATCH_UNCLEAN=m CONFIG_IP_NF_MATCH_OWNER=m CONFIG_IP_NF_FILTER=m CONFIG_IP_NF_TARGET_REJECT=m CONFIG_IP_NF_TARGET_MIRROR=m CONFIG_IP_NF_NAT=m CONFIG_IP_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=m CONFIG_IP_NF_TARGET_REDIRECT=m # CONFIG_IP_NF_NAT_LOCAL is not set # CONFIG_IP_NF_NAT_SNMP_BASIC is not set CONFIG_IP_NF_NAT_IRC=m CONFIG_IP_NF_NAT_FTP=m CONFIG_IP_NF_MANGLE=m CONFIG_IP_NF_TARGET_TOS=m # CONFIG_IP_NF_TARGET_ECN is not set # CONFIG_IP_NF_TARGET_DSCP is not set CONFIG_IP_NF_TARGET_MARK=m CONFIG_IP_NF_TARGET_LOG=m CONFIG_IP_NF_TARGET_ULOG=m CONFIG_IP_NF_TARGET_TCPMSS=m # CONFIG_IP_NF_ARPTABLES is not set # CONFIG_IP_NF_COMPAT_IPCHAINS is not set # CONFIG_IP_NF_COMPAT_IPFWADM is not set CONFIG_IPV6=m # # IPv6: Netfilter Configuration # CONFIG_IP6_NF_QUEUE=m CONFIG_IP6_NF_IPTABLES=m CONFIG_IP6_NF_MATCH_LIMIT=m CONFIG_IP6_NF_MATCH_MAC=m # CONFIG_IP6_NF_MATCH_RT is not set # CONFIG_IP6_NF_MATCH_OPTS is not set # CONFIG_IP6_NF_MATCH_FRAG is not set # CONFIG_IP6_NF_MATCH_HL is not set CONFIG_IP6_NF_MATCH_MULTIPORT=m CONFIG_IP6_NF_MATCH_OWNER=m CONFIG_IP6_NF_MATCH_MARK=m # CONFIG_IP6_NF_MATCH_IPV6HEADER is not set # CONFIG_IP6_NF_MATCH_AHESP is not set CONFIG_IP6_NF_MATCH_LENGTH=m CONFIG_IP6_NF_MATCH_EUI64=m CONFIG_IP6_NF_FILTER=m CONFIG_IP6_NF_TARGET_LOG=m CONFIG_IP6_NF_MANGLE=m CONFIG_IP6_NF_TARGET_MARK=m # CONFIG_KHTTPD is not set # CONFIG_ATM is not set CONFIG_VLAN_8021Q=y # # # # CONFIG_IPX is not set # CONFIG_ATALK is not set # # AppleTalk devices # # CONFIG_DECNET is not set CONFIG_BRIDGE=y # CONFIG_X25 is not set # CONFIG_LAPB is not set # CONFIG_LLC is not set # CONFIG_NET_DIVERT is not set # CONFIG_ECONET is not set # CONFIG_WAN_ROUTER is not set # CONFIG_NET_FASTROUTE is not set # CONFIG_NET_HW_FLOWCONTROL is not set # # QoS and/or fair queuing # CONFIG_NET_SCHED=y CONFIG_NET_SCH_CBQ=m CONFIG_NET_SCH_HTB=m CONFIG_NET_SCH_CSZ=m CONFIG_NET_SCH_PRIO=m CONFIG_NET_SCH_RED=m CONFIG_NET_SCH_SFQ=m CONFIG_NET_SCH_TEQL=m CONFIG_NET_SCH_TBF=m CONFIG_NET_SCH_GRED=m CONFIG_NET_SCH_DSMARK=m CONFIG_NET_SCH_INGRESS=m CONFIG_NET_QOS=y CONFIG_NET_ESTIMATOR=y CONFIG_NET_CLS=y CONFIG_NET_CLS_TCINDEX=m CONFIG_NET_CLS_ROUTE4=m CONFIG_NET_CLS_ROUTE=y CONFIG_NET_CLS_FW=m CONFIG_NET_CLS_U32=m CONFIG_NET_CLS_RSVP=m CONFIG_NET_CLS_RSVP6=m CONFIG_NET_CLS_POLICE=y # # Network testing # CONFIG_NET_PKTGEN=m CONFIG_IPSEC=y # # IPSec options (FreeS/WAN) # CONFIG_IPSEC_IPIP=y CONFIG_IPSEC_AH=y CONFIG_IPSEC_AUTH_HMAC_MD5=y CONFIG_IPSEC_AUTH_HMAC_SHA1=y CONFIG_IPSEC_ESP=y CONFIG_IPSEC_ENC_3DES=y CONFIG_IPSEC_IPCOMP=y CONFIG_IPSEC_DEBUG=y # # Network device support # CONFIG_NETDEVICES=y # # ARCnet devices # # CONFIG_ARCNET is not set CONFIG_DUMMY=m CONFIG_BONDING=m CONFIG_EQUALIZER=m CONFIG_TUN=m # CONFIG_ETHERTAP is not set # CONFIG_NET_SB1000 is not set # # Ethernet (10 or 100 Mb) # CONFIG_NET_ETHERNET=y # CONFIG_HAPPYMEAL is not set # CONFIG_SUNGEM is not set CONFIG_NET_VENDOR_3COM=y # CONFIG_EL1 is not set # CONFIG_EL2 is not set # CONFIG_ELPLUS is not set # CONFIG_EL16 is not set # CONFIG_EL3 is not set # CONFIG_3C515 is not set CONFIG_VORTEX=y # CONFIG_TYPHOON is not set # CONFIG_LANCE is not set # CONFIG_NET_VENDOR_SMC is not set # CONFIG_NET_VENDOR_RACAL is not set # CONFIG_AT1700 is not set # CONFIG_DEPCA is not set # CONFIG_HP100 is not set # CONFIG_NET_ISA is not set CONFIG_NET_PCI=y # CONFIG_PCNET32 is not set # CONFIG_AMD8111_ETH is not set # CONFIG_ADAPTEC_STARFIRE is not set # CONFIG_AC3200 is not set # CONFIG_APRICOT is not set # CONFIG_B44 is not set # CONFIG_CS89x0 is not set # CONFIG_TULIP is not set # CONFIG_DE4X5 is not set # CONFIG_DGRS is not set # CONFIG_DM9102 is not set # CONFIG_EEPRO100 is not set # CONFIG_E100 is not set # CONFIG_FEALNX is not set # CONFIG_NATSEMI is not set CONFIG_NE2K_PCI=y # CONFIG_8139CP is not set # CONFIG_8139TOO is not set # CONFIG_SIS900 is not set # CONFIG_EPIC100 is not set # CONFIG_SUNDANCE is not set # CONFIG_TLAN is not set # CONFIG_VIA_RHINE is not set # CONFIG_WINBOND_840 is not set # CONFIG_NET_POCKET is not set # # Ethernet (1000 Mb) # # CONFIG_ACENIC is not set # CONFIG_DL2K is not set # CONFIG_E1000 is not set # CONFIG_NS83820 is not set # CONFIG_HAMACHI is not set # CONFIG_YELLOWFIN is not set # CONFIG_R8169 is not set # CONFIG_SK98LIN is not set # CONFIG_TIGON3 is not set # CONFIG_FDDI is not set # CONFIG_HIPPI is not set CONFIG_PLIP=m CONFIG_PPP=m CONFIG_PPP_MULTILINK=y CONFIG_PPP_FILTER=y CONFIG_PPP_ASYNC=m CONFIG_PPP_SYNC_TTY=m CONFIG_PPP_DEFLATE=m CONFIG_PPP_BSDCOMP=m CONFIG_PPPOE=m # CONFIG_SLIP is not set # # Wireless LAN (non ham radio) # # CONFIG_NET_RADIO is not set # # Token Ring devices # CONFIG_TR=y CONFIG_IBMTR=m CONFIG_IBMOL=m CONFIG_IBMLS=m CONFIG_3C359=m CONFIG_TMS380TR=m CONFIG_TMSPCI=m CONFIG_TMSISA=m CONFIG_ABYSS=m CONFIG_SMCTR=m # CONFIG_NET_FC is not set # CONFIG_RCPCI is not set CONFIG_SHAPER=m # # Network File Systems # CONFIG_CODA_FS=m # CONFIG_INTERMEZZO_FS is not set CONFIG_NFS_FS=m CONFIG_NFS_V3=y # CONFIG_NFS_DIRECTIO is not set CONFIG_NFSD=m CONFIG_NFSD_V3=y # CONFIG_NFSD_TCP is not set CONFIG_SUNRPC=m CONFIG_LOCKD=m CONFIG_LOCKD_V4=y CONFIG_SMB_FS=m # CONFIG_SMB_NLS_DEFAULT is not set # CONFIG_NCP_FS is not set # CONFIG_ZISOFS_FS is not set # # Cryptographic options # CONFIG_CRYPTO=y CONFIG_CRYPTO_HMAC=y CONFIG_CRYPTO_NULL=m CONFIG_CRYPTO_MD4=m CONFIG_CRYPTO_MD5=m CONFIG_CRYPTO_SHA1=m CONFIG_CRYPTO_SHA256=m CONFIG_CRYPTO_SHA512=m CONFIG_CRYPTO_DES=m CONFIG_CRYPTO_BLOWFISH=m CONFIG_CRYPTO_TWOFISH=m CONFIG_CRYPTO_SERPENT=m CONFIG_CRYPTO_AES=m CONFIG_CRYPTO_DEFLATE=m CONFIG_CRYPTO_TEST=m
Example A-2. OpenBSD 3.1 Network Kernel Options
#option INSECURE # default to secure option NTP # hooks supporting the Network Time Protocol option DIAGNOSTIC # internal consistency checks option KTRACE # system call tracing, via ktrace(1) option KMEMSTATS # collect malloc(9) statistics option PTRACE # ptrace(2) system call option CRYPTO # cryptographic framework option SYSVMSG # System V-like message queues option SYSVSEM # System V-like semaphores option SYSVSHM # System V-like memory sharing option UVM_SWAP_ENCRYPT# support encryption of pages going to swap option LKM # loadable kernel modules option FFS # UFS option FFS_SOFTUPDATES # Soft updates option QUOTA # UFS quotas option EXT2FS # Second Extended File System option MFS # memory file system option XFS # xfs file system option TCP_SACK # Selective acknowledgements for TCP option TCP_FACK # Forward acknowledgements for TCP option TCP_SIGNATURE # TCP MD5 signatures, for BGP routing sessions option NFSCLIENT # Network File System client option NFSSERVER # Network File System server option CD9660 # ISO 9660 + Rock Ridge file system option MSDOSFS # MS-DOS file system option FDESC # /dev/fd option FIFO # FIFOs; Recommended option KERNFS # /kern option NULLFS # loopback file system option PORTAL # dynamically created file system objects option PROCFS # /proc option UMAPFS # NULLFS + uid and gid remapping option GATEWAY # packet forwarding option INET # IP + ICMP + TCP + UDP option IPFILTER_DEFAULT_BLOCK option ALTQ # ALTQ base option INET6 # IPv6 (needs INET) option PULLDOWN_TEST # use m_pulldown for IPv6 packet parsing option IPSEC # IPSec option IPFILTER # IP packet filter for security option IPFILTER_LOG # use /dev/ipl to log IPF option PPP_BSDCOMP # PPP BSD compression option PPP_DEFLATE option MROUTING # Multicast router pseudo-device pf 1 # packet filter pseudo-device pflog 1 # pf log if pseudo-device loop 2 # network loopback pseudo-device bpfilter 8 # packet filter pseudo-device sl 2 # CSLIP pseudo-device ppp 2 # PPP pseudo-device sppp 1 # Sync PPP/HDLC pseudo-device tun 2 # network tunneling over tty pseudo-device enc 1 # option IPSec needs the encapsulation interface pseudo-device bridge 2 # network bridging support pseudo-device vlan 2 # IEEE 802.1Q VLAN pseudo-device gre 1 # GRE encapsulation interface pseudo-device pty 64 # pseudo-terminals pseudo-device tb 1 # tablet line discipline pseudo-device vnd 4 # paging to files pseudo-device ksyms 1 # kernel symbols device # for IPv6 pseudo-device gif 4 # IPv[46] over IPv[46] tunnel (RFC 1933) pseudo-device faith 1 # IPv[46] tcp relay translation i/f option BOOT_CONFIG # add support for boot ?c options ALTQ_CBQ # class-based queuing options ALTQ_WFQ # weighted fair queuing options ALTQ_FIFOQ # FIFO queuing options ALTQ_RED # random early detection options ALTQ_FLOWVALVE # flowvalve for RED (needs RED) options ALTQ_RIO # triple red for diffserv (needs RED) options ALTQ_LOCALQ # local use options ALTQ_HFSC # hierarchical fair service curve options ALTQ_JOBS # joint buffer management and scheduling options ALTQ_IPSEC # check IPSec in IPv4 options ALTQ_CDNR # diffserv traffic conditioner options ALTQ_BLUE # blue by wu-chang feng options ALTQ_PRIQ # priority queue #options ALTQ_NOPCC # don't use processor-cycle counter #options ALTQ_DEBUG # for debugging machine i386 # architecture, used by config; required option I586_CPU option I686_CPU option GPL_MATH_EMULATE # floating point emulation. option NMBCLUSTERS=8192 option USER_PCICONF # user-space PCI configuration option XSERVER # diddle with console driver option APERTURE # in-kernel aperture driver for XFree86 option DUMMY_NOPS # speed hack; recommended option COMPAT_SVR4 # binary compatibility with SVR4 option COMPAT_IBCS2 # binary compatibility with SCO and ISC option COMPAT_LINUX # binary compatibility with Linux option COMPAT_FREEBSD # binary compatibility with FreeBSD option COMPAT_BSDOS # binary compatibility with BSD/OS maxusers 32 # estimated number of users # Networking devices ne0 at isa? port 0x240 irq 9 # NE[12]000 Ethernet ne1 at isa? port 0x300 irq 10 # NE[12]000 Ethernet ne2 at isa? port 0x280 irq 9 # NE[12]000 Ethernet ne* at isapnp? # NE[12]000 PnP Ethernet # crypto support #hifn* at pci? dev ? function ? # Hi/fn 7751 crypto card #ubsec* at pci? dev ? function ? # Bluesteel Networks 5xxx crypto card #ises* at pci? dev ? function ? # Pijnenburg PCC-ISES # mouse & keyboard multiplexor pseudo-devices pseudo-device wsmux 2 pseudo-device crypto 1
Example A-3. FreeBSD 4.9 Network Kernel Options
machine i386 cpu I686_CPU ident GENERIC maxusers 0 options MATH_EMULATE # Support for x87 emulation options INET # Internetworking options INET6 # IPv6 communications protocols options FFS # Berkeley Fast File System options FFS_ROOT # FFS usable as root device (Keep this!) options SOFTUPDATES # Enable FFS soft updates support options UFS_DIRHASH # Improve performance on big directories options MFS # Memory File System options MD_ROOT # MD is a potential root device options NFS # Network File System options NFS_ROOT # NFS usable as root device, NFS required options MSDOSFS # MS-DOS File System options CD9660 # ISO 9660 File System options CD9660_ROOT # CD-ROM usable as root, CD9660 required options PROCFS # Process file system options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!] options SCSI_DELAY=15000 # Delay (in ms) before probing SCSI options UCONSOLE # Allow users to grab the console options USERCONFIG # boot -c editor options VISUAL_USERCONFIG # visual boot -c editor options KTRACE # ktrace(1) support options SYSVSHM # SYSV-style shared memory options SYSVMSG # SYSV-style message queues options SYSVSEM # SYSV-style semaphores options P1003_1B # Posix P1003_1B real-time extensions options _KPOSIX_PRIORITY_SCHEDULING options ICMP_BANDLIM # Rate limit bad replies options KBD_INSTALL_CDEV # install a CDEV entry in /dev options SMBFS # SMB/CIFS file system options HZ=1000 options SOFTUPDATES # FFS soft Updates # Directory hashing improves the speed of operations on very large # directories at the expense of some memory. options UFS_DIRHASH # Allow this to swap many devices. # # To manage swap, the system must reserve bitmap space that # scales with the largest mounted swap device multiplied by NSWAPDEV, # regardless of whether other swap devices exist. So it # is not a good idea to make this value too large. options NSWAPDEV=5 # Disk quotas are supported when this option is enabled. options QUOTA # enable disk quotas options IPSEC # IP security options IPSEC_ESP # IP security (crypto; define w/IPSEC) options IPSEC_DEBUG # debug for IP security # Set IPSEC_FILTERGIF to force packets coming through a gif tunnel # to be processed by any configured packet filtering (ipfw, ipf). # The default is that packets coming from a tunnel are not processed; # they are assumed trusted. # # Note that enabling this can be problematic as there are no mechanisms # in place for distinguishing packets coming out of a tunnel (e.g., no # encX devices as found on OpenBSD). # options IPSEC_FILTERGIF # filter IPSec packets from a tunnel # # Experimental IPSec implementation that uses the kernel crypto # framework. This cannot be configured together with IPSec and # (currently) supports only IPv4. To use this, you must also # configure the crypto device (see below). Note that with this # you get all the IPSec protocols (e.g., there is no FAST_IPSEC_ESP). # IPSEC_DEBUG is used, as above, to configure debugging support # within the IPSec protocols. # # options FAST_IPSEC # new IPsec options MROUTING # Multicast routing options PIM # Protocol Independent Multicast options IPFIREWALL # firewall options IPFIREWALL_VERBOSE # enable logging to syslogd(8) options IPFIREWALL_FORWARD # enable transparent proxy support options IPFIREWALL_VERBOSE_LIMIT=100 # limit verbosity options IPFIREWALL_DEFAULT_TO_ACCEPT # allow everything by default options IPV6FIREWALL # firewall for IPv6 options IPV6FIREWALL_VERBOSE options IPV6FIREWALL_VERBOSE_LIMIT=100 options IPV6FIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT # divert sockets options IPFILTER # ipfilter support options IPFILTER_LOG # ipfilter logging options IPFILTER_DEFAULT_BLOCK # block all packets by default options IPSTEALTH # support for stealth forwarding options TCPDEBUG # TCP-related debugging info # RANDOM_IP_ID causes the ID field in IP packets to be randomized # instead of incremented by 1 with each packet generated. This # option closes a minor information leak, which allows remote # observers to determine the rate of packet generation on the # machine by watching the counter. options RANDOM_IP_ID # # TCP_DROP_SYNFIN adds support for ignoring TCP packets with SYN+FIN. This # prevents nmap et al. from identifying the TCP/IP stack, but it breaks support # for RFC 1644 extensions and is not recommended for web servers. # options TCP_DROP_SYNFIN # drop TCP packets with SYN+FIN # ICMP_BANDLIM enables icmp error response bandwidth limiting. You # typically want this option because it will help protect the machine from # DoS packet attacks. # options ICMP_BANDLIM # DUMMYNET enables the "dummynet" bandwidth limiter. You need # IPFIREWALL, too. See the dummynet(4) and ipfw(8) man pages for more info. # When you run DUMMYNET, it is advisable to also have "options HZ=1000" # to achieve a smoother scheduling of the traffic. # # BRIDGE enables bridging between ethernet cards; see bridge(4). # You can use IPFIREWALL and DUMMYNET together with bridging. # options DUMMYNET options BRIDGE options ATM_CORE # core ATM protocol family options ATM_IP # IP over ATM support options ATM_SIGPVC # SIGPVC signaling manager options ATM_SPANS # SPANS signaling manager options ATM_UNI # UNI signaling manager device hea # Efficient ENI-155p ATM PCI device hfa # FORE PCA-200E ATM PCI device proatm # ProSum's ProATM-155 pseudo-device atm # The ATM pseudo-device device en # Efficient Networks ATM Driver options NATM # native ATM # SMB/CIFS requester # NETSMB enables support for SMB protocol; it requires LIBMCHAIN and LIBICONV # options. # NETSMBCRYPTO enables support for encrypted passwords. options NETSMB # SMB/CIFS requester options NETSMBCRYPTO # encrypted password support for SMB # mchain library. It can be either loaded as KLD or compiled into kernel options LIBMCHAIN # mbuf management library options LIBICONV# netgraph(4). Enable the base Netgraph code with the NETGRAPH option. # Individual node types can be enabled with the corresponding option # listed below; however, this is not strictly necessary because Netgraph # will automatically load the corresponding KLD module if the node type # is not already compiled into the kernel. Each type below has a # corresponding man page; e.g., ng_async(8). options NETGRAPH # netgraph(4) system options NETGRAPH_ASYNC options NETGRAPH_BPF options NETGRAPH_CISCO options NETGRAPH_ECHO options NETGRAPH_ETHER options NETGRAPH_FRAME_RELAY options NETGRAPH_HOLE options NETGRAPH_IFACE options NETGRAPH_KSOCKET options NETGRAPH_L2TP options NETGRAPH_LMI # MPPC compression requires proprietary files (not included) #options NETGRAPH_MPPC_COMPRESSION options NETGRAPH_MPPC_ENCRYPTION options NETGRAPH_ONE2MANY options NETGRAPH_PPP options NETGRAPH_PPPOE options NETGRAPH_PPTPGRE options NETGRAPH_RFC1490 options NETGRAPH_SOCKET options NETGRAPH_TEE options NETGRAPH_TTY options NETGRAPH_UI options NETGRAPH_VJC # Coda stuff: options CODA # CODA file system. pseudo-device vcoda 4 # coda minicache <-> venus comm. # PCI Ethernet NICs that use the common MII bus controller code. # Note: Be sure to keep the 'device miibus' line in order to use these NICs! device miibus # MII bus support device xl # 3Com 3c90x (``Boomerang'', ``Cyclone'') # ISA Ethernet NICs. # 'device ed' requires 'device miibus' device ed0 at isa? disable port 0x280 irq 10 iomem 0xd8000 # Pseudo devices - the number indicates how many units to allocate. pseudo-device loop 3 # Network loopback pseudo-device ether # Ethernet support pseudo-device sl 1 # Kernel SLIP pseudo-device ppp 1 # Kernel PPP pseudo-device tun 3 # Packet tunnel pseudo-device pty # Pseudo-ttys (Telnet etc.) pseudo-device md # Memory "disks" pseudo-device vlan 3 # VLAN support pseudo-device token # Generic Token Ring pseudo-device sppp # Generic Synchronous PPP pseudo-device bpf # Berkeley packet filter pseudo-device disc # Discard device (ds0, ds1, etc.) pseudo-device sl 2 # Serial Line IP pseudo-device gre 3 # IP over IP tunneling pseudo-device ppp 2 # Point-to-Point Protocol options PPP_BSDCOMP # PPP BSD-compress support options PPP_DEFLATE # PPP zlib/deflate/gzip support options PPP_FILTER # enable bpf filtering (needs bpf) # for IPv6 pseudo-device gif # IPv6 and IPv4 tunneling pseudo-device faith 1 # for IPv6 and IPv4 translation pseudo-device stf # 6to4 IPv6 over IPv4 encapsulation
