#mastoadmin

So, you’ve decided to start a mastodon instance, and would also like to get ahead of moderating undesirable instances before they’ve had a chance to federate with you?

First of all you’ll need a list of undesirable instances, I used https://wiki.tenforward.social/doku.php?id=tenforward:suspensions curated by https://tenforward.social/@guinan

Next you can either add them one by one in your server’s moderation controls, or starting with Mastodon 4.0.0rc1, you can create an app which uses the new APIs to add them programatically.

These instructions for creating an app are pretty much taken verbatim from the https://docs.joinmastodon.org/client/intro/, but repeated here for verbosity.

Create your app, replacing ‘example.org’ with your Mastodon server address:
curl -X POST \
       -F 'client_name=My Admin Tools' \
       -F 'redirect_uris=urn:ietf:wg:oauth:2.0:oob' \
       -F 'scopes=read admin:write' \
       -F 'website=https://example.org' \
       https://example.org/api/v1/apps

This will return some JSON with information we need later, it should look something like:
{
"id":"5",
"name":"My Admin Tools",
"website":"https://example.org",
"redirect_uri":"urn:ietf:wg:oauth:2.0:oob",
"client_id":"<Your Unique Client Id>",
"client_secret":"<Your Unique Client Secret>",
"vapid_key":"<Your Unique Vapid Key>"
}

Next, construct a URL for your instance, it should be of the form:
https://example.org/oauth/authorize?client_id=<Your Unique Client Id>&scope=read+admin:write&redirect_uri=urn:ietf:wg:oauth:2.
0:oob&response_type=code

and open it in a new browser tab. This, if all goes well, gives you <Your Authorisation Code> which we will need in the next step. If all didn’t go well, you may need to log in to your instance with an administrator account, not a regular user or moderator account.

Next, we need an oauth token so our app can operate as our user.
curl -X POST \
       -F 'client_id=<Your Unique Client Id>' \
       -F 'client_secret=<Your Unique Client Secret>' \
       -F 'redirect_uri=urn:ietf:wg:oauth:2.0:oob' \
       -F 'grant_type=authorization_code' \
       -F 'code=<Your Authorisation Code>' \
       -F 'scope=read admin:write' \
       https://example.org/oauth/token

This returns JSON containing our token, and should look something like:
{
"access_token":"<Access Token>",
"token_type":"Bearer",
"scope":"read admin:write",
"created_at":1667707091

}

Almost there! First of all, save your list of instances to block in a text file, with each instance on it’s own line, call it something imaginative like block.txt
Then, call the API in a loop to block each instance.
while read dom; do
 curl -X POST \
       -H 'Authorization: Bearer <Access Token>' \
       -F 'domain='$dom \
       -F 'severity=suspend' \
       -F 'private_comment=Bulk Imported' \
       https://example.org/api/v1/admin/domain_blocks
done <blocks.txt

You should now see the blocks in your Moderation -> Federation panel.

Let’s Encrypt – RFC2136 & Bind Views

If, like me, you run your BIND DNS server with an internal and external view (why does the world need to be able to be told my printer’s name and IP address?) you may have wondered how you can use Let’s Encrypt’s RFC2136 plugin to update the TXT record on the external view, enabling DNS based challenges and, the holy grail of wildcard certificates.

My previous approach to this involved a mess of IP aliases, listening on cloned loopback interfaces, and was a big ball of noodles. The correct(?) current way I’m doing this is as follows.

Step 1, generate a key with tsig-keygen:
tsig-keygen -a hmac-sha256 letsencrypt

This should output a key you can put in your bind key file / config file similar to:
key "letsencrypt" {
       algorithm hmac-sha256;
       secret "yPYZpwSpKmA+dQw4w9WgXcQ=";
};


Assuming you have your internal / external split as I do, you should already have something similar to:
acl local { 127.0.0.1; 192.168.69.0/24; };

view "internal" {
 match-clients { local; };
 ... internal zone config ...
};

view "external" {
 match-clients { "any"; };
 .. external zones config ...
};

in your bind config file.

To allow the acme/let’s encrypt client update the external zones, whilst coming from an internal location we need to update the internal match-clients to exclude anything using the key we generated above.
This gives us something like:
view "internal" {
 match-clients { !key letsencrypt; local; };
 ... internal zone config ...
};


Now we need to tell bind that the let’s encrypt/acme client is allowed to update our external zone.
view "external" {
 match-clients { "any"; };
 zone "example.org" IN {
   type master;
   file "/usr/local/etc/namedb/master/external/example.org";
   update-policy {  
     grant letsencrypt subdomain example.org. ANY;  
   };
 };  
};


I’m pretty sure the ANY in the update-policy there can be changed to more restrictive, but it works for me.

And that’s it. For the bind configuration.
We now need a config file for acme to use. This is fairly simple (but annoyingly isn’t just the key generated above by tsig-keygen)

For the key above, the file would look like:
dns_rfc2136_server = 127.0.0.1
# Target DNS port
dns_rfc2136_port = 53
# TSIG key name
dns_rfc2136_name = letsencrypt
# TSIG key secret
dns_rfc2136_secret = yPYZpwSpKmA+dQw4w9WgXcQ=
# TSIG key algorithm
dns_rfc2136_algorithm = HMAC-SHA512

I keep this file with my bind configs in /usr/local/etc/namedb/ but as long as it’s readable by whoever is running certbot renew that’s all that’s important.

And then we just need to tell certbot/lets’s encrypt/acme client to use the config file, and then everything should be seamless when renewing your DNS-01 validated Let’s Encrypt certificates.

For me, that’s done in the file: /usr/local/etc/letsencrypt/renewal/example.org.conf, which contains:  
version = 1.30.0
archive_dir = /usr/local/etc/letsencrypt/archive/example.org
cert = /usr/local/etc/letsencrypt/live/example.org/cert.pem
privkey = /usr/local/etc/letsencrypt/live/example.org/privkey.pem
chain = /usr/local/etc/letsencrypt/live/example.org/chain.pem
fullchain = /usr/local/etc/letsencrypt/live/example.org/fullchain.pem

# Options used in the renewal process
[renewalparams]
account = [redacted]
authenticator = dns-rfc2136
dns_rfc2136_credentials = /usr/local/etc/namedb/letsencrypt.conf
server = https://acme-v02.api.letsencrypt.org/directory
key_type = rsa


Your paths may vary, and your domains certainly will.

And that, should be it.
You can also use the key generated directly in opnsense, but you may need to specify the zone you are updating in the opnsense acme client plugins. I may do a follow up detailing the OPNsense acme setup, but that’d mostly be a series of screenshots.

Until next time,

(∗ ・‿・)ノ゛

Using an unlocked HG612 with PlusNet

 
First of all, get a spare HG612 from your on-line marketplace of choice. (BT will get all pissy if you unlock the one they provide).

Unlock using the guide from  huawei HG612 hacking

Remove the ptm1.301 WAN connection. This is used by BT to check up on your modem.

Edit the ptm1.101 WAN connection so that it looks like:

  • WAN Connection – enabled
  • Service List – INTERNET
  • Port Binding – LAN1
  • Connection Mode – Bridge
  • Bridge Type – PPPoE Bridge
  • DHCP Transparent Transmission – Disabled
  • WAN 802.1q – Enabled – VLAN ID: 101
  • WAN 802.1p – Enabled – VLAN ID: 1
  • LAN 802.1q – Disabled
  • LAN 802.1p – Disabled

Connect LAN1 of the modem to the WAN port of your router and you should be good to go.
You can connect LAN2 to your friendly neighbourhood switch and access the modem with your browser / telnet to access line stats.
 

Horde5, IMP6 with NginX (under FreeBSD)

Install horde from ports (mail/horde-webmail)

Create the following server entry in your preferred config file.

server {
  server_name horde.example.org;
  access_log /var/log/nginx/horde.example.org-access.log;
  error_log /var/log/nginx/horde.example.org-error.log;
  root /usr/local/www/horde/;
  index index.php;
  location / {
    try_files $uri $uri/ /rampage.php?$args;
  }
  location ~ \.php {
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
    fastcgi_param PHP_VALUE "cgi.fix_pathinfo=1";
    fastcgi_pass unix:/var/run/php-fpm.sock;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include fastcgi_params;
  }
}

Enjoy!

Notes:
Some other config files say location ~ \.php$ { This will stop uris such as /services/ajax.php/imp/ being matched correctly.

Re-Introducing thundertank!

[ 0.000000] Linux version 3.3.8 (adw@nofate) (gcc version 4.6.3 20120201 (prerelease) (Linaro GCC 4.6-2012.02) ) #1 Sun Jan 13 18:43:02 GMT 2013
[ 0.000000] MyLoader: sysp=6d409381, boardp=17c02a70, parts=3ac41d02
[ 0.000000] bootconsole [early0] enabled
[ 0.000000] CPU revision is: 00019374 (MIPS 24Kc)
[ 0.000000] SoC: Atheros AR7242 rev 1
[ 0.000000] Clocks: CPU:400.000MHz, DDR:400.000MHz, AHB:200.000MHz, Ref:5.000MHz
[ 0.000000] Determined physical RAM map:
[ 0.000000] memory: 04000000 @ 00000000 (usable)
[ 0.000000] User-defined physical RAM map:
[ 0.000000] memory: 04000000 @ 00000000 (usable)
[ 0.000000] Initrd not found or empty – disabling initrd
[ 0.000000] Zone PFN ranges:
[ 0.000000] Normal 0x00000000 -> 0x00004000
[ 0.000000] Movable zone start PFN for each node
[ 0.000000] Early memory PFN ranges
[ 0.000000] 0: 0x00000000 -> 0x00004000
[ 0.000000] On node 0 totalpages: 16384
[ 0.000000] free_area_init_node: node 0, pgdat 802eed40, node_mem_map 81000000
[ 0.000000] Normal zone: 128 pages used for memmap
[ 0.000000] Normal zone: 0 pages reserved
[ 0.000000] Normal zone: 16256 pages, LIFO batch:3
[ 0.000000] pcpu-alloc: s0 r0 d32768 u32768 alloc=1*32768
[ 0.000000] pcpu-alloc: [0] 0
[ 0.000000] Built 1 zonelists in Zone order, mobility grouping on. Total pages: 16256
[ 0.000000] Kernel command line: no-uart gpio=3911 HZ=200000000 mem=64M kmac=D4:CA:6D:4D:06:2C board=751g boot=1 mlc=2 rootfstype=yaffs noinitrd
[ 0.000000] PID hash table entries: 256 (order: -2, 1024 bytes)
[ 0.000000] Dentry cache hash table entries: 8192 (order: 3, 32768 bytes)
[ 0.000000] Inode-cache hash table entries: 4096 (order: 2, 16384 bytes)
[ 0.000000] Primary instruction cache 64kB, VIPT, 4-way, linesize 32 bytes.
[ 0.000000] Primary data cache 32kB, 4-way, VIPT, cache aliases, linesize 32 bytes
[ 0.000000] Writing ErrCtl register=00000000
[ 0.000000] Readback ErrCtl register=00000000
[ 0.000000] Memory: 61496k/65536k available (2188k kernel code, 4040k reserved, 432k data, 212k init, 0k highmem)
[ 0.000000] SLUB: Genslabs=9, HWalign=32, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
[ 0.000000] NR_IRQS:51
[ 0.000000] Calibrating delay loop… 265.42 BogoMIPS (lpj=1327104)
[ 0.080000] pid_max: default: 32768 minimum: 301
[ 0.080000] Mount-cache hash table entries: 512
[ 0.090000] NET: Registered protocol family 16
[ 0.090000] gpiochip_add: registered GPIOs 0 to 17 on device: ath79
[ 0.100000] MIPS: machine is MikroTik RouterBOARD 751G
[ 0.100000] ar71xx: pll_reg 0xb805002c: 0x62000000
[ 0.330000] registering PCI controller with io_map_base unset
[ 0.350000] bio: create slab <bio-0> at 0
[ 0.350000] PCI host bridge to bus 0000:00
[ 0.360000] pci_bus 0000:00: root bus resource [mem 0x10000000-0x13ffffff]
[ 0.360000] pci_bus 0000:00: root bus resource [io 0x0000]
[ 0.370000] pci 0000:00:00.0: [168c:ff1c] type 0 class 0x000200
[ 0.370000] pci 0000:00:00.0: fixup device configuration
[ 0.370000] pci 0000:00:00.0: reg 10: [mem 0x00000000-0x0000ffff 64bit]
[ 0.370000] pci 0000:00:00.0: supports D1
[ 0.370000] pci 0000:00:00.0: PME# supported from D0 D1 D3hot
[ 0.370000] pci 0000:00:00.0: BAR 0: assigned [mem 0x10000000-0x1000ffff 64bit]
[ 0.380000] pci 0000:00:00.0: using irq 40 for pin 1
[ 0.380000] Switching to clocksource MIPS
[ 0.390000] NET: Registered protocol family 2
[ 0.390000] IP route cache hash table entries: 1024 (order: 0, 4096 bytes)
[ 0.400000] TCP established hash table entries: 2048 (order: 2, 16384 bytes)
[ 0.410000] TCP bind hash table entries: 2048 (order: 1, 8192 bytes)
[ 0.410000] TCP: Hash tables configured (established 2048 bind 2048)
[ 0.420000] TCP reno registered
[ 0.420000] UDP hash table entries: 256 (order: 0, 4096 bytes)
[ 0.430000] UDP-Lite hash table entries: 256 (order: 0, 4096 bytes)
[ 0.440000] NET: Registered protocol family 1
[ 0.440000] PCI: CLS 0 bytes, default 32
[ 0.460000] yaffs built Jan 13 2013 18:42:07 Installing.
[ 0.460000]
[ 0.460000]
[ 0.460000]
[ 0.460000]
[ 0.460000] YAFFS-WARNING CONFIG_YAFFS_ALWAYS_CHECK_CHUNK_ERASED selected.
[ 0.460000]
[ 0.460000]
[ 0.460000]
[ 0.460000] msgmni has been set to 120
[ 0.460000] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 254)
[ 0.470000] io scheduler noop registered
[ 0.470000] io scheduler deadline registered (default)
[ 0.480000] Serial: 8250/16550 driver, 16 ports, IRQ sharing enabled
[ 0.510000] serial8250.0: ttyS0 at MMIO 0x18020000 (irq = 11) is a 16550A
[ 0.520000] console [ttyS0] enabled, bootconsole disabled
[ 0.650000] NAND flash driver for the RouterBOARD 750 version 0.1.0
[ 0.730000] NAND device: Manufacturer ID: 0xec, Chip ID: 0x76 (Samsung NAND 64MiB 3,3V 8-bit)
[ 0.830000] Scanning device for bad blocks
[ 1.040000] Bad eraseblock 2101 at 0x0000020d4000
[ 1.240000] Creating 3 MTD partitions on “NAND 64MiB 3,3V 8-bit”:
[ 1.320000] 0x000000000000-0x000000040000 : “booter”
[ 1.380000] 0x000000040000-0x000000400000 : “kernel”
[ 1.440000] 0x000000400000-0x000004000000 : “rootfs”
[ 1.500000] mtd: partition “rootfs” set to be root filesystem
[ 1.570000] split_squashfs: no squashfs found in “NAND 64MiB 3,3V 8-bit”
[ 1.780000] ag71xx_mdio: probed
[ 1.820000] eth0: Atheros AG71xx at 0xb9000000, irq 4
[ 2.450000] eth0: Atheros AR8327 switch driver attached.
[ 3.650000] ag71xx ag71xx.0: eth0: connected to PHY at ag71xx-mdio.0:00 [uid=004dd033, driver=Atheros AR8216/AR8236/AR8316]
[ 3.790000] TCP cubic registered
[ 3.830000] NET: Registered protocol family 17
[ 3.880000] Bridge firewalling registered
[ 3.930000] 8021q: 802.1Q VLAN Support v1.8
[ 3.980000] yaffs: dev is 32505858 name is “mtdblock2” ro
[ 4.040000] yaffs: passed flags “”
[ 4.080000] yaffs: Attempting MTD mount of 31.2,”mtdblock2″
[ 4.160000] block 1845 is marked bad
[ 4.160000] block 1846 is bad
[ 6.140000] yaffs_read_super: is_checkpointed 0
[ 6.140000] VFS: Mounted root (yaffs filesystem) readonly on device 31:2.
[ 6.220000] Freeing unused kernel memory: 212k freed
[ 8.660000] eth0: link up (1000Mbps/Full duplex)
[ 10.630000] eth0: link down
[ 11.240000] Compat-drivers backport release: compat-drivers-2012-09-04-2-gddac993
[ 11.330000] Backport based on wireless-testing.git master-2012-09-07
[ 11.410000] compat.git: wireless-testing.git
[ 11.560000] cfg80211: Calling CRDA to update world regulatory domain
[ 11.640000] cfg80211: World regulatory domain updated:
[ 11.700000] cfg80211: (start_freq – end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[ 11.800000] cfg80211: (2402000 KHz – 2472000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 11.890000] cfg80211: (2457000 KHz – 2482000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
[ 11.990000] cfg80211: (2474000 KHz – 2494000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
[ 12.080000] cfg80211: (5170000 KHz – 5250000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 12.170000] cfg80211: (5735000 KHz – 5835000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 12.760000] PCI: Enabling device 0000:00:00.0 (0000 -> 0002)
[ 12.830000] ath: EEPROM regdomain: 0x0
[ 12.830000] ath: EEPROM indicates default country code should be used
[ 12.830000] ath: doing EEPROM country->regdmn map search
[ 12.830000] ath: country maps to regdmn code: 0x3a
[ 12.830000] ath: Country alpha2 being used: US
[ 12.830000] ath: Regpair used: 0x3a
[ 12.840000] ieee80211 phy0: Selected rate control algorithm ‘minstrel_ht’
[ 12.840000] Registered led device: ath9k-phy0
[ 12.840000] ieee80211 phy0: Atheros AR9280 Rev:2 mem=0xb0000000, irq=40
[ 12.920000] cfg80211: Calling CRDA for country: US
[ 13.060000] PPP generic driver version 2.4.2
[ 13.180000] ip_tables: (C) 2000-2006 Netfilter Core Team
[ 13.290000] cfg80211: Regulatory domain changed to country: US
[ 13.360000] cfg80211: (start_freq – end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[ 13.450000] cfg80211: (2402000 KHz – 2472000 KHz @ 40000 KHz), (300 mBi, 2700 mBm)
[ 13.550000] cfg80211: (5170000 KHz – 5250000 KHz @ 40000 KHz), (300 mBi, 1700 mBm)
[ 13.640000] cfg80211: (5250000 KHz – 5330000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 13.730000] cfg80211: (5490000 KHz – 5600000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 13.820000] cfg80211: (5650000 KHz – 5710000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 13.920000] cfg80211: (5735000 KHz – 5835000 KHz @ 40000 KHz), (300 mBi, 3000 mBm)
[ 14.120000] NET: Registered protocol family 24
[ 14.210000] nf_conntrack version 0.5.0 (964 buckets, 3856 max)
[ 14.550000] Netfilter messages via NETLINK v0.30.
[ 18.300000] device eth0.1 entered promiscuous mode
[ 18.360000] device eth0 entered promiscuous mode
[ 19.210000] cfg80211: Calling CRDA for country: GB
[ 19.260000] cfg80211: Regulatory domain changed to country: GB
[ 19.330000] cfg80211: (start_freq – end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[ 19.430000] cfg80211: (2402000 KHz – 2482000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[ 19.520000] cfg80211: (5170000 KHz – 5250000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[ 19.610000] cfg80211: (5250000 KHz – 5330000 KHz @ 40000 KHz), (N/A, 2000 mBm)
[ 19.700000] cfg80211: (5490000 KHz – 5710000 KHz @ 40000 KHz), (N/A, 2700 mBm)
[ 20.050000] eth0: link up (1000Mbps/Full duplex)
[ 20.310000] br-lan: port 1(eth0.1) entered forwarding state
[ 20.370000] br-lan: port 1(eth0.1) entered forwarding state
[ 22.370000] br-lan: port 1(eth0.1) entered forwarding state
[ 23.140000] device wlan0 entered promiscuous mode
[ 24.180000] br-lan: port 2(wlan0) entered forwarding state
[ 24.250000] br-lan: port 2(wlan0) entered forwarding state
[ 26.250000] br-lan: port 2(wlan0) entered forwarding state

Just need to convert the ipfw firewall rules to iptables and work out what servers (dns, dhcp, etc) belong where (dns is the main one, although I already have a split config for internal / external) and the OpenWRT router will be at the helm.

HOWTO: Use a v3i as a USB GPRS modem on t-mobile UK

First of all, set your USB connection to ‘Data/Fax Connection’ rather than MemoryCard (Settings -> Connection -> USB Settings) and connect to the PC. Wait for Windows to install the drivers. If you don’t have a driver CD, use connect to the internet to find the latest drivers. (This works under XP, other OSes are untested).

Configure the Modem’s INIT string
Start > Settings > Control Panel > Phone and Modem Options > Choose your modem > Click Properties > Choose tab Advanced > At Extra initialization commands, enter code: AT+CGDCONT=2,”IP”,”general.t-mobile.uk” > OK
Connection Installation
Start > Control Panel > Network Connections > New Connection Wizard > Next > Connect to the Internet > Next > Set up my connection manually > Next > Connect using a dial up modem > Next > Choose your modem > Next > Type ‘t-mobile GPRS’ > Next > Type *99***1# > Next > Type in box Username : wapuser > Type in box Password : wap > Type in box Confirm : wap > Next > Finish

These instructions may also work using the modem over Bluetooth, but you won’t have the handy advantage of charging the phone whilst using it as a modem from one cable.

Reinstalling XP on a Toshiba NB100

Sounds like a simple task, but I’ve battled this confounded machine most of this morning, however … I now have a solution!

1) Problems with Stop Errors during XP setup.
These were likely caused by a broken partition table (possibly caused by some nastyness that prompted the reinstall in the first place)
Solution: Boot Ubuntu-on-a-stick and toast the partition table using dd if=/dev/zero of=/dev/sda bs=512 count=1

2) XP Setup not finding any hard drives
Solution – Set SATA mode to compatible in the bios (note, doing this will mean ubuntu-on-a-stick will no longer see the drive!)

3) XP can’t see the CD drive during the GUI mode of the setup
Solution – Turn off Legacy USB support in the BIOS (The CD Drive will likely stop being bootable)

And this is just so far …!

And it is done!

Copyright (c) 1992-2010 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 8.1-RELEASE #0: Mon Jul 26 09:38:12 BST 2010
root@skynet.avatastic.co.uk:/usr/src/sys/amd64/compile/SKYNET amd64
Timecounter “i8254” frequency 1193182 Hz quality 0
CPU: Intel(R) Atom(TM) CPU 330 @ 1.60GHz (1601.97-MHz K8-class CPU)
Origin = “GenuineIntel” Id = 0x106c2 Family = 6 Model = 1c Stepping = 2
Features=0xbfe9fbff
Features2=0x40e31d
AMD Features=0x20000800
AMD Features2=0x1
TSC: P-state invariant
real memory = 1073741824 (1024 MB)
avail memory = 1016123392 (969 MB)
ACPI APIC Table:
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
FreeBSD/SMP: 1 package(s) x 2 core(s) x 2 HTT threads
cpu0 (BSP): APIC ID: 0
cpu1 (AP/HT): APIC ID: 1
cpu2 (AP): APIC ID: 2
cpu3 (AP/HT): APIC ID: 3
ioapic0: Changing APIC ID to 4
ioapic0 irqs 0-23 on motherboard
kbd1 at kbdmux0
acpi0: on motherboard
acpi0: [ITHREAD]
acpi0: Power Button (fixed)
acpi0: reservation of 0, a0000 (3) failed
acpi0: reservation of 100000, 3f700000 (3) failed
Timecounter “ACPI-fast” frequency 3579545 Hz quality 1000
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x808-0x80b on acpi0
cpu0: on acpi0
cpu1: on acpi0
cpu2: on acpi0
cpu3: on acpi0
pcib0: port 0xcf8-0xcff on acpi0
pci0: on pcib0
vgapci0: port 0xcc00-0xcc07 mem 0xfe980000-0xfe9fffff,0xe0000000-0xefffffff,0xfe940000-0xfe97ffff irq 16 at device 2.0 on pci0
agp0: on vgapci0
agp0: detected 7932k stolen memory
agp0: aperture size is 256M
pci0: at device 27.0 (no driver attached)
pcib1: irq 16 at device 28.0 on pci0
pci2: on pcib1
pcib2: irq 17 at device 28.1 on pci0
pci1: on pcib2
re0: port 0xd800-0xd8ff mem 0xfdeff000-0xfdefffff,0xfdef8000-0xfdefbfff irq 17 at device 0.0 on pci1
re0: Using 1 MSI messages
re0: Chip rev. 0x28000000
re0: MAC rev. 0x00000000
miibus0: on re0
rgephy0: PHY 1 on miibus0
rgephy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-FDX, auto
re0: Ethernet address: 00:25:22:34:93:30
re0: [FILTER]
uhci0: port 0xc400-0xc41f irq 23 at device 29.0 on pci0
uhci0: [ITHREAD]
uhci0: LegSup = 0x2f00
usbus0: on uhci0
uhci1: port 0xc480-0xc49f irq 19 at device 29.1 on pci0
uhci1: [ITHREAD]
uhci1: LegSup = 0x2f00
usbus1: on uhci1
uhci2: port 0xc800-0xc81f irq 18 at device 29.2 on pci0
uhci2: [ITHREAD]
uhci2: LegSup = 0x2f00
usbus2: on uhci2
uhci3: port 0xc880-0xc89f irq 16 at device 29.3 on pci0
uhci3: [ITHREAD]
uhci3: LegSup = 0x2f00
usbus3: on uhci3
ehci0: mem 0xfe937c00-0xfe937fff irq 23 at device 29.7 on pci0
ehci0: [ITHREAD]
usbus4: EHCI version 1.0
usbus4: on ehci0
pcib3: at device 30.0 on pci0
pci3: on pcib3
fxp0: port 0xec00-0xec3f mem 0xfebff000-0xfebfffff,0xfebc0000-0xfebdffff irq 21 at device 0.0 on pci3
miibus1: on fxp0
inphy0: PHY 1 on miibus1
inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
fxp0: Ethernet address: 00:02:b3:eb:24:48
fxp0: [ITHREAD]
isab0: at device 31.0 on pci0
isa0: on isab0
atapci0: port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xffa0-0xffaf at device 31.1 on pci0
ata0: on atapci0
ata0: [ITHREAD]
atapci1: port 0xc080-0xc087,0xc000-0xc003,0xbc00-0xbc07,0xb880-0xb883,0xb800-0xb80f irq 19 at device 31.2 on pci0
atapci1: [ITHREAD]
ata2: on atapci1
ata2: [ITHREAD]
ata3: on atapci1
ata3: [ITHREAD]
pci0: at device 31.3 (no driver attached)
acpi_button0: on acpi0
atrtc0: port 0x70-0x71 irq 8 on acpi0
uart0: <16550 or compatible> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
uart0: [FILTER]
orm0: at iomem 0xcb000-0xcc7ff on isa0
sc0: at flags 0x100 on isa0
sc0: VGA <16 virtual consoles, flags=0x300>
vga0: at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
atkbdc0: at port 0x60,0x64 on isa0
atkbd0: irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
atkbd0: [ITHREAD]
p4tcc0: on cpu0
p4tcc1: on cpu1
p4tcc2: on cpu2
p4tcc3: on cpu3
Timecounters tick every 1.000 msec
ipfw2 (+ipv6) initialized, divert enabled, nat enabled, rule-based forwarding disabled, default to accept, logging disabled
load_dn_sched dn_sched QFQ loaded
load_dn_sched dn_sched RR loaded
load_dn_sched dn_sched WF2Q+ loaded
load_dn_sched dn_sched FIFO loaded
load_dn_sched dn_sched PRIO loaded
usbus0: 12Mbps Full Speed USB v1.0
usbus1: 12Mbps Full Speed USB v1.0
usbus2: 12Mbps Full Speed USB v1.0
usbus3: 12Mbps Full Speed USB v1.0
usbus4: 480Mbps High Speed USB v2.0
ad0: 76319MB at ata0-master UDMA100
ugen0.1: at usbus0
uhub0: on usbus0
ugen1.1: at usbus1
uhub1: on usbus1
ugen2.1: at usbus2
uhub2: on usbus2
ugen3.1: at usbus3
uhub3: on usbus3
ugen4.1: at usbus4
uhub4: on usbus4
ad1: 78533MB at ata0-slave UDMA100
SMP: AP CPU #1 Launched!
SMP: AP CPU #3 Launched!
SMP: AP CPU #2 Launched!
Root mount waiting for: usbus4 usbus3 usbus2 usbus1 usbus0
uhub0: 2 ports with 2 removable, self powered
uhub1: 2 ports with 2 removable, self powered
uhub2: 2 ports with 2 removable, self powered
uhub3: 2 ports with 2 removable, self powered
Root mount waiting for: usbus4
Root mount waiting for: usbus4
Root mount waiting for: usbus4
uhub4: 8 ports with 8 removable, self powered
Trying to mount root from ufs:/dev/ad0s1a