这是之前给35服务器装完ESXi之后给虚拟机安装FreeBSD8的过程，整理一下放到这里存档吧。

分区划分（对/和/var有较大的冗余，因为/usr/home、/var/log都已经独立出来，所以16G的根分区显得非常多）：

Filesystem Size Used Avail Capacity Mounted on
/dev/da0s1a 16G 2.7G 12G 19% /
/dev/da0s1d 4.7G 10M 4.3G 0% /var
/dev/da1s1g 40G 20G 16G 56% /data
/dev/da1s1d 29G 17G 9.6G 64% /usr/home
/dev/da1s1e 28G 610M 26G 2% /var/log
/dev/da1s1f 58G 27G 26G 51% /www
/dev/da2s1d 71G 345M 65G 1% /backup
安装的FB8.1虚拟机使用了三块虚拟硬盘：da0纯安装系统和软件，受快照系统影响；da1和da2是日常数据和备份数据，都为独立属性不受快照系统影响。出任何系统问题只需要恢复系统快照即可恢复网站访问。/www中存放网站程序文件以及附件，/data 中存放MySQL数据，/var/log中存放所有日志文件，/usr/home存放用户数据，/backup为备份内容。

 

---

补发一些当时重装FreeBSD8.1的笔记。

先最小化安装FreeBSD8

再由FreeBSD8.1通过PORTS安装Apache、Nginx、PHP、MySQL、Memcache等软件

 

下载Ports

portsnap fetch

更新Ports

portsnap update

 

更改当前用户使用的Shell

chsh命令永久的将你的shell换为tcsh

改用bash: chsh -s /usr/local/bin/bash

复原csh：chsh -s /bin/csh

一个tcsh配置文件示例

alias h history 25

alias ls ls -FG

umask 22

set path = (/sbin /bin /usr/sbin /usr/bin /usr/games /usr/local/sbin /usr/local/bin /usr/X11R6/bin $HOME/bin)

set prompt='%B%n%b@%U%m%u %S%/%s %#'

set prompt2='%R?'

set prompt3='CORRECT> %B%R%b (y|n|e)?'

set autolist

set history=2048

set savehist = 2048 merge

setenv LANG en_US.ISO8859-1

setenv LC_ALL en_US.ISO8859-1

setenv EDITOR vi

setenv PAGER more

setenv BLOCKSIZE K

设置SSHD

/etc/ssh/sshd_config

UseDNS no

Protocol 2

Port 2

安装axel

/usr/ports/ftp/axel/

修改/etc/make.conf (找不到这个文件，就新建) ，加入以下内容换成多线程下载

FETCH_CMD=axel
FETCH_BEFORE_ARGS= -n 5 -a
FETCH_AFTER_ARGS=
DISABLE_SIZE=yes

安装sudo

/usr/ports/security/sudo
sudo的配置文件在/usr/local/etc/sudoers里面。sudo的配置文件不应直接编辑，而应使用 visudo 来进行修改

%wheel ALL=(ALL) ALL
这个命令指定了wheel这个组的所有者可以使用全部的权限。
Defaults:M-gtuiw timestamp_timeout=0, runaspw, passwd_tries=1

这个命令设置密码在一段时间后自动退出

安装Apache

/usr/ports/www/apache22

cd /usr/src/sys/modules/accf_data;make clean;make;make install;make clean;kldload accf_data （解决可能出现的内核模块问题）

cd /usr/src/sys/modules/accf_http;make clean;make;make install;make clean;kldload accf_http （解决可能出现的内核模块问题）

echo 'apache22_enable ="YES"' >> /etc/rc.conf

echo 'accf_http_load="YES"' >> /boot/loader.conf （解决可能出现的内核模块问题）

安装PHP52

/usr/ports/lang/php52

echo 'AddType application/x-httpd-php .php' >> /usr/local/etc/apache22/httpd.conf

cp /usr/local/etc/php.ini-recommended /usr/local/etc/php.ini

修改php.ini

open_basedir = /www:/tmp
disable_functions =passthru,exec,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,ini_alter,ini_alter,ini_restore,dl,pfsock
open,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server
display_errors = Off
output_buffering = On

安装php扩展模块以及安装eaccelerator

/usr/ports/lang/php52-extensions

cd /usr/ports/www/eaccelerator
make install clean

在php.ini中添加

zend_extension="/usr/local/lib/php/extensions/no-debug-non-zts-
20060613/eaccelerator.so"
eaccelerator.shm_size="32"
eaccelerator.cache_dir="/data/cache/ea"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="0"
eaccelerator.shm_prune_period="0"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"

 

安装MySQL

/usr/ports/databases/mysql50-server/

make WITH_XCHARSET=all

cp /usr/local/share/mysql/my-small.cnf /etc/my.cnf

/usr/local/bin/mysql_install_db --user=mysql

chown -R mysql:mysql /var/db/mysql/

/usr/local/bin/mysqld_safe -u mysql &

mysqladmin -u root password tobethepassword （修改密码）
echo 'mysql_enable="YES"' >> /etc/rc.conf

 

安装ProFTPD

安装webmin

安装CVSUP

/usr/ports/net/cvsup

ee /usr/share/examples/cvsup/stable-supfile

更新src 一些更新服务器地址

cvsup.freebsdchina.org

cvsup2.freebsdchina.org

cvsup3.freebsdchina.org

cvsup.scivoid.com

cvsup.cn.freebsd.org

更新源码： cvsup -g -L 2 /usr/share/examples/cvsup/stable-supfile

内核配置文件中添加IPF支持 重新编译内核

options IPFILTER

options IPFILTER_LOG

options IPFILTER_DEFAULT_BLOCK

rc.conf中添加

ipfilter_enable="YES"

ipfilter_rules="/etc/ipf/ipf.conf"

ipmon_enable="YES"

ipmon_flags="-Ds"

ipnat_enable="YES"

ipnat_rules="/etc/ipf/ipnat.conf"

安装memcache

cd /usr/ports/databases/pecl-memcache
make install clean

 

安装Squid 并选择 [X] SQUID_PF Enable transparent proxying with PF

/usr/ports/www/squid

 

差不多到这里需要安装的软件全部装完了，这个时候推荐对/www执行一下

find ./ -type f -print0 | xargs -0 chmod u-x,g-x,o-x

 

这样就可以去除掉所有网站文件的执行权限，并且可以依照情况去除所有网站目录的r权限，这样即使被取得webshell别人也不能对相应的目录进行列表。（推荐将不需要写入的文件夹的写入权限去除，不需要写入的网站文件夹给x权限，需要写入的网站文件夹给wx权限）

 

 

至于通过修改/etc/sysctl.conf 和/boot/loader.conf文件调优，实际效果并不明显，但多少还是有些效果的。 不过网上一份流传得很广的sysctl.conf文件是有问题的，连FB的大大都专门逐条解释了相应的错误，下一页贴上我现在用的sysctl.conf文件。

 

相应的意义可以在网上搜索一下

# $FreeBSD: src/etc/sysctl.conf,v 1.8.34.1.2.1 2009/10/25 01:10:29 kensmith Exp $
#
# This file is read when going to multi-user and its contents piped thru
# ``sysctl'' to adjust kernel values. ``man 5 sysctl.conf'' for details.
#

# Uncomment this to prevent users from seeing information about processes that
# are being run under another UID.
#security.bsd.see_other_uids=0
net.inet.ip.sourceroute=0
net.inet.ip.accept_sourceroute=0
kern.ipc.nmbclusters=32768
net.inet.tcp.drop_synfin=1
kern.maxvnodes=8446

security.bsd.see_other_uids=0
kern.ipc.maxsockbuf=262144
net.inet.icmp.drop_redirect=1
net.inet.icmp.log_redirect=1
net.inet.ip.redirect=0
net.inet.icmp.icmplim=200
net.inet.icmp.icmplim_output=0
net.inet.tcp.always_keepalive=1
net.inet.tcp.msl=2000
net.inet.tcp.blackhole=2
kern.ipc.somaxconn=1024
kern.coredump=0

其实IPF配置也是一个大头内容，临时写了一个配置文件，非常简单的内容。需要的可以参考一下，放在下页

 

默认只开80和443端口

# allow 21
#pass in quick from any to 202.101.208.xx mask 255.255.255.255 port = 21
# allow 22
#pass in quick from any to 202.101.208.xx mask 255.255.255.255 port = 22
# allow 80
pass in quick from any to 202.101.208.xx mask 255.255.255.255 port = 80
# Allow 443
pass in quick from any to 202.101.208.xx mask 255.255.255.255 port = 443
# FTP PASV
pass in quick from any to 202.101.208.xx mask 255.255.255.255 port 2000 >< 2030
# Allow 8081
#pass in quick from any to 202.101.208.xx mask 255.255.255.255 port = 8081
# Allow ECJTU
pass in quick from 202.101.208.aa mask 255.255.255.255 to 202.101.208.xx mask 255.255.255.255
# Allow ECJTU2
pass in quick from 172.16.86.0 mask 255.255.255.0 to 202.101.208.xx mask 255.255.255.255

#pass in all

# Out going
pass out quick from 202.101.208.xx mask 255.255.255.255 to any keep state
pass out all

# ################################################################
# Loopback Interface
# ################################################################
# ----------------------------------------------------------------
# Allow everything to/from your loopback interface so you
# can ping yourself (e.g. ping localhost)
# ----------------------------------------------------------------
pass in quick on lo0 all
pass out quick on lo0 all

# ################################################################
# Inside Interface
# ################################################################
# ----------------------------------------------------------------
# Allow out all TCP, UDP, and ICMP traffic & keep state
# ----------------------------------------------------------------
# pass out quick on le0 all head 1
# pass out quick on le0 proto tcp from any to any keep state group 1
# pass out quick on le0 proto udp from any to any keep state group 1
# pass out quick on le0 proto icmp from any to any keep state group 1

########################################################################
#Allow in all TCP , UDP and ICMP traffic & keep state
########################################################################
#pass in quick on le0 proto tcp from any to any keep state
#pass in quick on le0 proto udp from any to any keep state
pass in quick on le0 proto icmp from any to any keep state

 

 

再来一个内核配置文件好了 同样在下页

 

 

只有需要的硬件和支持


cpu		I686_CPU
ident		Holmesian

#Holmesian add this to make the kernel better!
#IPF
options IPFILTER
options IPFILTER_LOG
options IPFILTER_DEFAULT_BLOCK

options 	SCHED_ULE		# ULE scheduler
options 	PREEMPTION		# Enable kernel thread preemption
options 	INET			# InterNETworking
#options 	INET6			# IPv6 communications protocols
options 	SCTP			# Stream Control Transmission Protocol
options 	FFS			# Berkeley Fast Filesystem
options 	SOFTUPDATES		# Enable FFS soft updates support
options 	UFS_ACL			# Support for access control lists
options 	UFS_DIRHASH		# Improve performance on big directories
options 	UFS_GJOURNAL		# Enable gjournal-based UFS journaling
options 	MD_ROOT			# MD is a potential root device
#options 	NFSCLIENT		# Network Filesystem Client
#options 	NFSSERVER		# Network Filesystem Server
#options 	NFSLOCKD		# Network Lock Manager
#options 	NFS_ROOT		# NFS usable as /, requires NFSCLIENT
options 	MSDOSFS			# MSDOS Filesystem
options 	CD9660			# ISO 9660 Filesystem
options 	PROCFS			# Process filesystem (requires PSEUDOFS)
options 	PSEUDOFS		# Pseudo-filesystem framework
options 	GEOM_PART_GPT		# GUID Partition Tables.
options 	GEOM_LABEL		# Provides labelization
options 	COMPAT_43TTY		# BSD 4.3 TTY compat (sgtty)
options 	COMPAT_FREEBSD4		# Compatible with FreeBSD4
options 	COMPAT_FREEBSD5		# Compatible with FreeBSD5
options 	COMPAT_FREEBSD6		# Compatible with FreeBSD6
options 	COMPAT_FREEBSD7		# Compatible with FreeBSD7
options 	SCSI_DELAY=5000		# Delay (in ms) before probing SCSI
options 	KTRACE			# ktrace(1) support
options 	STACK			# stack(9) support
options 	SYSVSHM			# SYSV-style shared memory
options 	SYSVMSG			# SYSV-style message queues
options 	SYSVSEM			# SYSV-style semaphores
options 	P1003_1B_SEMAPHORES	# POSIX-style semaphores
options 	_KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions
options 	PRINTF_BUFR_SIZE=128	# Prevent printf output being interspersed.
options 	KBD_INSTALL_CDEV	# install a CDEV entry in /dev
options 	HWPMC_HOOKS		# Necessary kernel hooks for hwpmc(4)
options 	AUDIT			# Security event auditing
options 	MAC			# TrustedBSD MAC Framework
options		FLOWTABLE		# per-cpu routing cache
#options 	KDTRACE_HOOKS		# Kernel DTrace hooks
options 	INCLUDE_CONFIG_FILE     # Include this file in kernel

# To make an SMP kernel, the next two lines are needed
options 	SMP			# Symmetric MultiProcessor Kernel
device		apic			# I/O APIC

# CPU frequency control
device		cpufreq

# Bus support.
device		acpi
device		eisa
device		pci

# Floppy drives
#device		fdc

# ATA and ATAPI devices
device		ata
device		atadisk		# ATA disk drives
#device		ataraid		# ATA RAID drives
device		atapicd		# ATAPI CDROM drives
#device		atapifd		# ATAPI floppy drives
#device		atapist		# ATAPI tape drives
options 	ATA_STATIC_ID	# Static device numbering

# SCSI Controllers
device		ahb		# EISA AHA1742 family
device		ahc		# AHA2940 and onboard AIC7xxx devices
options 	AHC_REG_PRETTY_PRINT	# Print register bitfields in debug
					# output.  Adds ~128k to driver.
device		ahd		# AHA39320/29320 and onboard AIC79xx devices
options 	AHD_REG_PRETTY_PRINT	# Print register bitfields in debug
					# output.  Adds ~215k to driver.
device		amd		# AMD 53C974 (Tekram DC-390(T))
device		hptiop		# Highpoint RocketRaid 3xxx series
device		isp		# Qlogic family
#device		ispfw		# Firmware for QLogic HBAs- normally a module
device		mpt		# LSI-Logic MPT-Fusion
#device		ncr		# NCR/Symbios Logic
device		sym		# NCR/Symbios Logic (newer chipsets + those of `ncr')
device		trm		# Tekram DC395U/UW/F DC315U adapters

device		adv		# Advansys SCSI adapters
device		adw		# Advansys wide SCSI adapters
device		aha		# Adaptec 154x SCSI adapters
device		aic		# Adaptec 15[012]x SCSI adapters, AIC-6[23]60.
device		bt		# Buslogic/Mylex MultiMaster SCSI adapters

device		ncv		# NCR 53C500
device		nsp		# Workbit Ninja SCSI-3
device		stg		# TMC 18C30/18C50

# SCSI peripherals
device		scbus		# SCSI bus (required for SCSI)
device		ch		# SCSI media changers
device		da		# Direct Access (disks)
device		sa		# Sequential Access (tape etc)
device		cd		# CD
device		pass		# Passthrough device (direct SCSI access)
device		ses		# SCSI Environmental Services (and SAF-TE)

# RAID controllers interfaced to the SCSI subsystem
device		amr		# AMI MegaRAID
device		arcmsr		# Areca SATA II RAID
device		asr		# DPT SmartRAID V, VI and Adaptec SCSI RAID
device		ciss		# Compaq Smart RAID 5*
device		dpt		# DPT Smartcache III, IV - See NOTES for options
device		hptmv		# Highpoint RocketRAID 182x
device		hptrr		# Highpoint RocketRAID 17xx, 22xx, 23xx, 25xx
device		iir		# Intel Integrated RAID
device		ips		# IBM (Adaptec) ServeRAID
device		mly		# Mylex AcceleRAID/eXtremeRAID
device		twa		# 3ware 9000 series PATA/SATA RAID

# RAID controllers
#device		aac		# Adaptec FSA RAID
#device		aacp		# SCSI passthrough for aac (requires CAM)
#device		ida		# Compaq Smart RAID
#device		mfi		# LSI MegaRAID SAS
#device		mlx		# Mylex DAC960 family
#device		pst		# Promise Supertrak SX6000
#device		twe		# 3ware ATA RAID

# atkbdc0 controls both the keyboard and the PS/2 mouse
device		atkbdc		# AT keyboard controller
device		atkbd		# AT keyboard
device		psm		# PS/2 mouse

device		kbdmux		# keyboard multiplexer

device		vga		# VGA video card driver

device		splash		# Splash screen and screen saver support

# syscons is the default console driver, resembling an SCO console
device		sc

device		agp		# support several AGP chipsets

# Power management support (see NOTES for more options)
#device		apm
# Add suspend/resume support for the i8254.
device		pmtimer

# PCCARD (PCMCIA) support
# PCMCIA and cardbus bridge support
#device		cbb		# cardbus (yenta) bridge
#device		pccard		# PC Card (16-bit) bus
#device		cardbus		# CardBus (32-bit) bus

# Serial (COM) ports
device		uart		# Generic UART driver

# Parallel port
device		ppc
device		ppbus		# Parallel port bus (required)
device		lpt		# Printer
device		plip		# TCP/IP over parallel
device		ppi		# Parallel port interface device
#device		vpo		# Requires scbus and da

# If you've got a "dumb" serial or parallel PCI card that is
# supported by the puc(4) glue driver, uncomment the following
# line to enable it (connects to sio, uart and/or ppc drivers):
#device		puc

# PCI Ethernet NICs.
#device		de		# DEC/Intel DC21x4x (``Tulip'')
#device		em		# Intel PRO/1000 Gigabit Ethernet Family
#device		igb		# Intel PRO/1000 PCIE Server Gigabit Family
#device		ixgb		# Intel PRO/10GbE Ethernet Card
device		le		# AMD Am7900 LANCE and Am79C9xx PCnet
#device		ti		# Alteon Networks Tigon I/II gigabit Ethernet
#device		txp		# 3Com 3cR990 (``Typhoon'')
#device		vx		# 3Com 3c590, 3c595 (``Vortex'')

# PCI Ethernet NICs that use the common MII bus controller code.
# NOTE: Be sure to keep the 'device miibus' line in order to use these NICs!
device		miibus		# MII bus support
#device		ae		# Attansic/Atheros L2 FastEthernet
#device		age		# Attansic/Atheros L1 Gigabit Ethernet
#device		alc		# Atheros AR8131/AR8132 Ethernet
#device		ale		# Atheros AR8121/AR8113/AR8114 Ethernet
#device		bce		# Broadcom BCM5706/BCM5708 Gigabit Ethernet
#device		bfe		# Broadcom BCM440x 10/100 Ethernet
#device		bge		# Broadcom BCM570xx Gigabit Ethernet
#device		dc		# DEC/Intel 21143 and various workalikes
#device		et		# Agere ET1310 10/100/Gigabit Ethernet
#device		fxp		# Intel EtherExpress PRO/100B (82557, 82558)
#device		jme		# JMicron JMC250 Gigabit/JMC260 Fast Ethernet
#device		lge		# Level 1 LXT1001 gigabit Ethernet
#device		msk		# Marvell/SysKonnect Yukon II Gigabit Ethernet
#device		nfe		# nVidia nForce MCP on-board Ethernet
#device		nge		# NatSemi DP83820 gigabit Ethernet
#device		nve		# nVidia nForce MCP on-board Ethernet Networking
#device		pcn		# AMD Am79C97x PCI 10/100 (precedence over 'le')
#device		re		# RealTek 8139C+/8169/8169S/8110S
#device		rl		# RealTek 8129/8139
#device		sf		# Adaptec AIC-6915 (``Starfire'')
#device		sge		# Silicon Integrated Systems SiS190/191
#device		sis		# Silicon Integrated Systems SiS 900/SiS 7016
#device		sk		# SysKonnect SK-984x & SK-982x gigabit Ethernet
#device		ste		# Sundance ST201 (D-Link DFE-550TX)
#device		stge		# Sundance/Tamarack TC9021 gigabit Ethernet
#device		tl		# Texas Instruments ThunderLAN
#device		tx		# SMC EtherPower II (83c170 ``EPIC'')
#device		vge		# VIA VT612x gigabit Ethernet
#device		vr		# VIA Rhine, Rhine II
#device		wb		# Winbond W89C840F
#device		xl		# 3Com 3c90x (``Boomerang'', ``Cyclone'')

# ISA Ethernet NICs.  pccard NICs included.
device		cs		# Crystal Semiconductor CS89x0 NIC
# 'device ed' requires 'device miibus'
#device		ed		# NE[12]000, SMC Ultra, 3c503, DS8390 cards
#device		ex		# Intel EtherExpress Pro/10 and Pro/10+
#device		ep		# Etherlink III based cards
#device		fe		# Fujitsu MB8696x based cards
#device		ie		# EtherExpress 8/16, 3C507, StarLAN 10 etc.
#device		sn		# SMC's 9000 series of Ethernet chips
#device		xe		# Xircom pccard Ethernet

# Wireless NIC cards
#device		wlan		# 802.11 support
#options 	IEEE80211_DEBUG	# enable debug msgs
#options 	IEEE80211_AMPDU_AGE # age frames in AMPDU reorder q's
#options 	IEEE80211_SUPPORT_MESH	# enable 802.11s draft support
#device		wlan_wep	# 802.11 WEP support
#device		wlan_ccmp	# 802.11 CCMP support
#device		wlan_tkip	# 802.11 TKIP support
#device		wlan_amrr	# AMRR transmit rate control algorithm
#device		an		# Aironet 4500/4800 802.11 wireless NICs.
#device		ath		# Atheros pci/cardbus NIC's
#device		ath_hal		# pci/cardbus chip support
#options 	AH_SUPPORT_AR5416	# enable AR5416 tx/rx descriptors
#device		ath_rate_sample	# SampleRate tx rate control for ath
#device		ral		# Ralink Technology RT2500 wireless NICs.
#device		wi		# WaveLAN/Intersil/Symbol 802.11 wireless NICs.
#device		wl		# Older non 802.11 Wavelan wireless NIC.

# Pseudo devices.
device		loop		# Network loopback
device		random		# Entropy device
device		ether		# Ethernet support
device		vlan		# 802.1Q VLAN support
device		tun		# Packet tunnel.
device		pty		# BSD-style compatibility pseudo ttys
device		md		# Memory "disks"
#device		gif		# IPv6 and IPv4 tunneling
#device		faith		# IPv6-to-IPv4 relaying (translation)
device		firmware	# firmware assist module

# The `bpf' device enables the Berkeley Packet Filter.
# Be aware of the administrative consequences of enabling this!
# Note that 'bpf' is required for DHCP.
device		bpf		# Berkeley packet filter

# USB support
options 	USB_DEBUG	# enable debug msgs
device		uhci		# UHCI PCI->USB interface
device		ohci		# OHCI PCI->USB interface
device		ehci		# EHCI PCI->USB interface (USB 2.0)
device		usb		# USB Bus (required)
#device		udbp		# USB Double Bulk Pipe devices
device		uhid		# "Human Interface Devices"
device		ukbd		# Keyboard
#device		ulpt		# Printer
device		umass		# Disks/Mass storage - Requires scbus and da
device		ums		# Mouse
#device		urio		# Diamond Rio 500 MP3 player
# USB Serial devices
device		u3g		# USB-based 3G modems (Option, Huawei, Sierra)
device		uark		# Technologies ARK3116 based serial adapters
device		ubsa		# Belkin F5U103 and compatible serial adapters
device		uftdi		# For FTDI usb serial adapters
device		uipaq		# Some WinCE based devices
device		uplcom		# Prolific PL-2303 serial adapters
device		uslcom		# SI Labs CP2101/CP2102 serial adapters
device		uvisor		# Visor and Palm devices
device		uvscom		# USB serial support for DDI pocket's PHS
# USB Ethernet, requires miibus
#device		aue		# ADMtek USB Ethernet
#device		axe		# ASIX Electronics USB Ethernet
#device		cdce		# Generic USB over Ethernet
#device		cue		# CATC USB Ethernet
#device		kue		# Kawasaki LSI USB Ethernet
#device		rue		# RealTek RTL8150 USB Ethernet
#device		udav		# Davicom DM9601E USB
# USB Wireless
#device		rum		# Ralink Technology RT2501USB wireless NICs
#device		uath		# Atheros AR5523 wireless NICs
#device		ural		# Ralink Technology RT2500USB wireless NICs
#device		zyd		# ZyDAS zb1211/zb1211b wireless NICs

# FireWire support
device		firewire	# FireWire bus code
#device		sbp		# SCSI over FireWire (Requires scbus and da)
device		fwe		# Ethernet over FireWire (non-standard!)
device		fwip		# IP over FireWire (RFC 2734,3146)
device		dcons		# Dumb console driver
device		dcons_crom	# Configuration ROM for dcons