1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" $DragonFly: src/share/man/man5/rc.conf.5,v 1.61 2008/10/20 07:35:08 swildner Exp $ 27.Dd August 28, 2009 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65See the 66.Va rc_conf_files 67variable below. 68.Pp 69The following list provides a name and short description for each 70variable that can be set in the 71.Nm 72file. 73To set a variable of 74.Vt bool 75type, specify either 76.Dq Li YES , 77.Dq Li TRUE , 78.Dq Li ON , 79or 80.Dq Li 1 . 81To unset, specify 82.Dq Li NO , 83.Dq Li FALSE , 84.Dq Li OFF , 85or 86.Dq Li 0 . 87These values are case insensitive. 88The 89.Va _enable 90postfix in the name of a variable for starting a service can be 91omitted (as in 92.Nx ) . 93.Bl -tag -width indent-two 94.It Va rc_debug 95.Pq Vt bool 96If set to 97.Dq Li YES , 98enable output of debug messages from rc scripts. 99This variable can be helpful in diagnosing mistakes when 100editing or integrating new scripts. 101Beware that this produces copious output to the terminal and 102.Xr syslog 3 . 103.It Va rc_info 104.Pq Vt bool 105If set to 106.Dq Li NO , 107disable informational messages from the rc scripts. 108Informational messages are displayed when 109a condition that is not serious enough to warrant a warning or an error occurs. 110.It Va swapfile 111.Pq Vt str 112If set to 113.Dq Li NO , 114no swapfile is installed, otherwise the value is used as the full 115pathname to a file to use for additional swap space. 116.It Va apm_enable 117.Pq Vt bool 118If set to 119.Dq Li YES , 120enable support for Automatic Power Management with the 121.Xr apm 8 122command. 123.It Va apmd_enable 124.Pq Vt bool 125Run 126.Xr apmd 8 127to handle APM event from userland. 128This also enables support for APM. 129.It Va apmd_flags 130.Pq Vt str 131If 132.Va apmd_enable 133is set to 134.Dq Li YES , 135these are the flags to pass to the 136.Xr apmd 8 137daemon. 138.It Va battd_enable 139Enable 140.Xr battd 8 141to monitor the status of batteries present in the system. 142This also enables support for APM. 143.It Va battd_flags 144.Pq Vt str 145If 146.Va battd_enable 147is set to 148.Dq Li YES , 149these are the flags to pass to the 150.Xr battd 8 151daemon. 152.It Va devd_enable 153.Pq Vt bool 154Run 155.Xr devd 8 156to handle device added, removed or unknown events from the kernel. 157.It Va devd_flags 158.Pq Vt str 159If 160.Va devd_enable 161is set to 162.Dq Li YES , 163these are the flags to pass to the 164.Xr devd 8 165daemon. 166.It Va sensorsd_enable 167.Pq Vt bool 168Set to 169.Dq Li NO 170by default. 171Setting this to 172.Dq Li YES 173enables 174.Xr sensorsd 8 , 175a sensors monitoring and logging daemon. 176.It Va sensorsd_flags 177.Pq Vt str 178Empty by default. 179Additional flags passed to the 180.Xr sensorsd 8 181program. 182.It Va pccard_ifconfig 183.Pq Vt str 184List of arguments to be passed to 185.Xr ifconfig 8 186at boot time or on insertion of the card (e.g.\& 187.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 188for a fixed address or 189.Dq Li DHCP 190for a DHCP client). 191.It Va pccard_ether_delay 192.Pq Vt str 193Set the delay before starting 194.Xr dhclient 8 195in the 196.Pa /etc/pccard_ether 197script. 198This defaults to 5 seconds to work around a bug in the 199.Xr ed 4 200driver which can lead to system hangs when using some newer 201.Xr ed 4 202based cards. 203.It Va removable_interfaces 204.Pq Vt str 205List of removable network interfaces to be supported by 206.Pa /etc/pccard_ether . 207.It Va local_startup 208.Pq Vt str 209List of directories to search for startup script files. 210.It Va script_name_sep 211.Pq Vt str 212The field separator to use for breaking down the list of startup script files 213into individual filenames. 214The default is a space. 215It is not necessary to change this unless there are startup scripts with names 216containing spaces. 217.It Va hostapd_enable 218.Pq Vt bool 219Set to 220.Dq Li YES 221to start 222.Xr hostapd 8 223at system boot time. 224.It Va hostname 225.Pq Vt str 226The fully qualified domain name (FQDN) of this host on the network. 227This should almost certainly be set to something meaningful, even if 228there is no network connection. 229If 230.Xr dhclient 8 231is used to set the hostname via DHCP, 232this variable should be set to an empty string. 233.It Va ipv6_enable 234.Pq Vt bool 235Enable support for IPv6 networking. 236Note that this requires that the kernel have been compiled with 237.Cd "options INET6" . 238.It Va nisdomainname 239.Pq Vt str 240The NIS domain name of this host, or 241.Dq Li NO 242if NIS is not used. 243.It Va dhclient_program 244.Pq Vt str 245Path to the DHCP client program 246(default 247.Pa /sbin/dhclient ) . 248.It Va dhclient_flags 249.Pq Vt str 250Additional flags to pass to the DHCP client program. 251.It Va pf_enable 252.Pq Vt bool 253Set to 254.Dq Li YES 255to load 256.Xr pf 4 257at startup. 258If the kernel was not built with 259.Cd "device pf" , 260the 261.Pa pf.ko 262kernel module will be loaded. 263See also 264.Va firewall_enable 265and 266.Va ipfilter_enable . 267.It Va pf_rules 268.Pq Vt str 269Path to the 270.Xr pf 4 271ruleset definition file. 272.It Va pf_program 273.Pq Vt str 274Path to 275.Xr pfctl 8 . 276.It Va pf_flags 277.Pq Vt str 278If 279.Va pf_enable 280is set to 281.Dq Li YES , 282these are the flags to pass to 283.Xr pfctl 8 284when loading the ruleset. 285.It Va pflog_enable 286.Pq Vt bool 287Set this to 288.Dq Li YES 289to enable 290.Xr pflogd 8 291which logs packets from 292.Xr pf 4 . 293.It Va pflog_logfile 294.Pq Vt str 295If 296.Va pflog_enable 297is set to 298.Dq Li YES 299this specifies the path of the log file. 300.It Va pflog_program 301.Pq Vt str 302Path to 303.Xr pflogd 8 . 304.It Va pflog_flags 305.Pq Vt str 306If 307.Va pflog_enable 308is set to 309.Dq Li YES , 310these are the flags to pass to 311.Xr pflogd 8 . 312.It Va firewall_enable 313.Pq Vt bool 314Set to 315.Dq Li YES 316to load firewall rules at startup. 317If the kernel was not built with 318.Cd "options IPFIREWALL" , 319the 320.Pa ipfw.ko 321kernel module will be loaded. 322See also 323.Va pf_enable 324and 325.Va ipfilter_enable . 326.It Va ipv6_firewall_enable 327.Pq Vt bool 328The IPv6 equivalent of 329.Va firewall_enable . 330Set to 331.Dq Li YES 332to load IPv6 firewall rules at startup. 333If the kernel was not built with 334.Cd "options IPV6FIREWALL" , 335the 336.Pa ip6fw.ko 337kernel module will be loaded. 338.It Va firewall_script 339.Pq Vt str 340The full path to the firewall script to run 341(default 342.Pa /etc/rc.firewall ) . 343.It Va ipv6_firewall_script 344.Pq Vt str 345The IPv6 equivalent of 346.Va firewall_script . 347.It Va firewall_type 348.Pq Vt str 349Names the firewall type from the selection in 350.Pa /etc/rc.firewall , 351or the file which contains the local firewall ruleset. 352Valid selections from 353.Pa /etc/rc.firewall 354are: 355.Pp 356.Bl -tag -width ".Li simple" -compact 357.It Li open 358unrestricted IP access 359.It Li closed 360all IP services disabled, except via 361.Dq Li lo0 362.It Li client 363basic protection for a workstation on a LAN 364.It Li simple 365alias for 366.Li client . 367.El 368.Pp 369If a filename is specified, the full path must be given. 370.It Va firewall_trusted_nets 371.Pq Vt str 372List of trusted networks (if 373.Va firewall_type 374is set to 375.Li client ) . 376.It Va firewall_trusted_interfaces 377.Pq Vt str 378List of trusted network interfaces (if 379.Va firewall_type 380is set to 381.Li client ) . 382.It Va firewall_allowed_icmp_types 383.Pq Vt str 384List of allowed ICMP types (if 385.Va firewall_type 386is set to 387.Li client ) . 388.It Va firewall_open_tcp_ports 389.Pq Vt str 390List of TCP ports to open (if 391.Va firewall_type 392is set to 393.Li client ) . 394.It Va firewall_open_udp_ports 395.Pq Vt str 396List of UDP ports to open (if 397.Va firewall_type 398is set to 399.Li client ) . 400.It Va ipv6_firewall_type 401.Pq Vt str 402The IPv6 equivalent of 403.Va firewall_type . 404.It Va firewall_quiet 405.Pq Vt bool 406Set to 407.Dq Li YES 408to disable the display of firewall rules on the console during boot. 409.It Va ipv6_firewall_quiet 410.Pq Vt bool 411The IPv6 equivalent of 412.Va firewall_quiet . 413.It Va firewall_logging 414.Pq Vt bool 415Set to 416.Dq Li YES 417to enable firewall event logging. 418This is equivalent to the 419.Dv IPFIREWALL_VERBOSE 420kernel option. 421.It Va ipv6_firewall_logging 422.Pq Vt bool 423The IPv6 equivalent of 424.Va firewall_logging . 425.It Va firewall_flags 426.Pq Vt str 427Flags passed to 428.Xr ipfw 8 429if 430.Va firewall_type 431specifies a filename. 432.It Va ipv6_firewall_flags 433.Pq Vt str 434The IPv6 equivalent of 435.Va firewall_flags . 436.It Va natd_program 437.Pq Vt str 438Path to 439.Xr natd 8 . 440.It Va natd_enable 441.Pq Vt bool 442Set to 443.Dq Li YES 444to enable 445.Xr natd 8 . 446.Va firewall_enable 447must also be set to 448.Dq Li YES , 449and 450.Xr divert 4 451sockets must be enabled in the kernel. 452.It Va natd_interface 453.Pq Vt str 454This is the name of the public interface on which 455.Xr natd 8 456should run. 457The interface may be given as an interface name or as an IP address. 458.It Va natd_flags 459.Pq Vt str 460Additional 461.Xr natd 8 462flags should be placed here. 463The 464.Fl n 465or 466.Fl a 467flag is automatically added with the above 468.Va natd_interface 469as an argument. 470.\" ----- ipfilter_enable setting -------------------------------- 471.It Va ipfilter_enable 472.Pq Vt bool 473Set to 474.Dq Li NO 475by default. 476Setting this to 477.Dq Li YES 478enables 479.Xr ipf 8 480packet filtering. 481.Pp 482Typical usage will require putting 483.Bd -literal 484ipfilter_enable="YES" 485ipnat_enable="YES" 486ipmon_enable="YES" 487ipfs_enable="YES" 488.Ed 489.Pp 490into 491.Pa /etc/rc.conf 492and editing 493.Pa /etc/ipf.rules 494and 495.Pa /etc/ipnat.rules 496appropriately. 497.Pp 498Note that 499.Va ipfilter_enable 500and 501.Va ipnat_enable 502can be enabled independently. 503.Va ipmon_enable 504and 505.Va ipfs_enable 506both require at least one of 507.Va ipfilter_enable 508and 509.Va ipnat_enable 510to be enabled. 511.Pp 512Having 513.Bd -literal 514options IPFILTER 515options IPFILTER_LOG 516options IPFILTER_DEFAULT_BLOCK 517.Ed 518.Pp 519in the kernel configuration file is a good idea, too. 520See also 521.Va pf_enable 522and 523.Va firewall_enable . 524.\" ----- ipfilter_program setting ------------------------------ 525.It Va ipfilter_program 526.Pq Vt str 527Path to 528.Xr ipf 8 529(default 530.Pa /sbin/ipf ) . 531.\" ----- ipfilter_rules setting -------------------------------- 532.It Va ipfilter_rules 533.Pq Vt str 534Set to 535.Pa /etc/ipf.rules 536by default. 537The name of the filter rule definition file. 538The file is expected to be readable for the 539.Xr ipf 8 540command to execute. 541.\" ----- ipv6_ipfilter_rules setting --------------------------- 542.It Va ipv6_ipfilter_rules 543.Pq Vt str 544Set to 545.Pa /etc/ipf6.rules 546by default. 547The name of the IPv6 filter rule definition file. 548The file is expected to be readable for the 549.Xr ipf 8 550command to execute. 551.\" ----- ipfilter_flags setting -------------------------------- 552.It Va ipfilter_flags 553.Pq Vt str 554Empty by default. 555Flags passed to the 556.Xr ipf 8 557program. 558.\" ----- ipnat_enable setting ---------------------------------- 559.It Va ipnat_enable 560.Pq Vt bool 561Set to 562.Dq Li NO 563by default. 564Set it to 565.Dq Li YES 566to enable 567.Xr ipnat 8 568network address translation. 569See 570.Va ipfilter_enable 571for a detailed discussion. 572.\" ----- ipnat_program setting --------------------------------- 573.It Va ipnat_program 574.Pq Vt str 575Path to 576.Xr ipnat 8 577(default 578.Pa /sbin/ipnat ) . 579.\" ----- ipnat_rules setting ----------------------------------- 580.It Va ipnat_rules 581.Pq Vt str 582Set to 583.Pa /etc/ipnat.rules 584by default. 585The name of the file 586holding the network address translation definition. 587This file is expected to be readable for the 588.Xr ipnat 8 589command to execute. 590.\" ----- ipnat_flags setting ----------------------------------- 591.It Va ipnat_flags 592.Pq Vt str 593Empty by default. 594Flags passed to the 595.Xr ipnat 8 596program. 597.\" ----- ipmon_enable setting ---------------------------------- 598.It Va ipmon_enable 599.Pq Vt bool 600Set to 601.Dq Li NO 602by default. 603Set it to 604.Dq Li YES 605to enable 606.Xr ipmon 8 607monitoring (logging 608.Xr ipf 8 609and 610.Xr ipnat 8 611events). 612Setting this variable needs setting 613.Va ipfilter_enable 614or 615.Va ipnat_enable 616too. 617See 618.Va ipfilter_enable 619for a detailed discussion. 620.\" ----- ipmon_program setting --------------------------------- 621.It Va ipmon_program 622.Pq Vt str 623Path to 624.Xr ipmon 8 625(default 626.Pa /sbin/ipmon ) . 627.\" ----- ipmon_flags setting ----------------------------------- 628.It Va ipmon_flags 629.Pq Vt str 630Set to 631.Dq Li -Ds 632by default. 633Flags passed to the 634.Xr ipmon 8 635program. 636Another typical example would be 637.Dq Fl D Pa /var/log/ipflog 638to have 639.Xr ipmon 8 640log directly to a file bypassing 641.Xr syslogd 8 . 642Make sure to adjust 643.Pa /etc/newsyslog.conf 644in such case like this: 645.Bd -literal 646/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 647.Ed 648.\" ----- ipfs_enable setting ----------------------------------- 649.It Va ipfs_enable 650.Pq Vt bool 651Set to 652.Dq Li NO 653by default. 654Set it to 655.Dq Li YES 656to enable 657.Xr ipfs 8 658saving the filter and NAT state tables during shutdown 659and reloading them during startup again. 660Setting this variable needs setting 661.Va ipfilter_enable 662or 663.Va ipnat_enable 664to 665.Dq Li YES 666too. 667See 668.Va ipfilter_enable 669for a detailed discussion. 670Note that if 671.Va kern_securelevel 672is set to 3, 673.Va ipfs_enable 674cannot be used because the raised securelevel will prevent 675.Xr ipfs 8 676from saving the state tables at shutdown time. 677.\" ----- ipfs_program setting ---------------------------------- 678.It Va ipfs_program 679.Pq Vt str 680Path to 681.Xr ipfs 8 682(default 683.Pa /sbin/ipfs ) . 684.\" ----- ipfs_flags setting ------------------------------------ 685.It Va ipfs_flags 686.Pq Vt str 687Empty by default. 688Flags passed to the 689.Xr ipfs 8 690program. 691.\" ----- end of added ipf hook --------------------------------- 692.It Va tcp_extensions 693.Pq Vt bool 694Set to 695.Dq Li YES 696by default. 697Setting this to 698.Dq Li NO 699disables certain TCP options as described by 700.Rs 701.%T "RFC 1323" 702.Re 703Setting this to 704.Dq Li NO 705might help remedy such problems with connections as randomly hanging 706or other weird behavior. 707Some network devices are known to be broken with respect to these options. 708.It Va log_in_vain 709.Pq Vt int 710Set to 0 by default. 711The 712.Xr sysctl 8 713variables, 714.Va net.inet.tcp.log_in_vain 715and 716.Va net.inet.udp.log_in_vain , 717as described in 718.Xr tcp 4 719and 720.Xr udp 4 , 721are set to the given value. 722.It Va tcp_keepalive 723.Pq Vt bool 724Set to 725.Dq Li YES 726by default. 727Setting to 728.Dq Li NO 729will disable probing idle TCP connections to verify that the 730peer is still up and reachable. 731.It Va tcp_drop_synfin 732.Pq Vt bool 733Set to 734.Dq Li NO 735by default. 736Setting to 737.Dq Li YES 738will cause the kernel to ignore TCP frames that have both 739the SYN and FIN flags set. 740This prevents OS fingerprinting, but may break some legitimate applications. 741This option is only available if the kernel was built with the 742.Dv TCP_DROP_SYNFIN 743option. 744.It Va icmp_drop_redirect 745.Pq Vt bool 746Set to 747.Dq Li NO 748by default. 749Setting to 750.Dq Li YES 751will cause the kernel to ignore ICMP REDIRECT packets. 752Refer to 753.Xr icmp 4 754for more information. 755.It Va icmp_log_redirect 756.Pq Vt bool 757Set to 758.Dq Li NO 759by default. 760Setting to 761.Dq Li YES 762will cause the kernel to log ICMP REDIRECT packets. 763Note that 764the log messages are not rate-limited, so this option should only be used 765for troubleshooting networks. 766Refer to 767.Xr icmp 4 768for more information. 769.It Va icmp_bmcastecho 770.Pq Vt bool 771Set to 772.Dq Li YES 773to respond to broadcast or multicast ICMP ping packets. 774Refer to 775.Xr icmp 4 776for more information. 777.It Va ip_portrange_first 778.Pq Vt int 779If not set to 780.Dq Li NO , 781this is the first port in the default portrange. 782Refer to 783.Xr ip 4 784for more information. 785.It Va ip_portrange_last 786.Pq Vt int 787If not set to 788.Dq Li NO , 789this is the last port in the default portrange. 790Refer to 791.Xr ip 4 792for more information. 793.\" 794.It Va ifconfig_ Ns Aq Ar interface 795.Pq Vt str 796Configuration for 797.Dq interface . 798Typically includes IP address. 799Assuming that the interface in question was 800.Li ed0 , 801it might look something like this: 802.Bd -literal 803ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 804.Ed 805.Pp 806If the 807.Pa /etc/start_if. Ns Aq Ar interface 808file is present, it is read and executed by the 809.Xr sh 1 810interpreter before configuring the interface as specified in the 811.Va ifconfig_ Ns Aq Ar interface 812and 813.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 814variables. 815.Pp 816It is possible to bring up an interface with DHCP by adding 817.Dq Li DHCP 818to the 819.Va ifconfig_ Ns Aq Ar interface 820variable. 821For instance, to initialize the 822.Li ed0 823device via DHCP, it is possible to use something like: 824.Bd -literal 825ifconfig_ed0="DHCP" 826.Ed 827.Pp 828Also, if your interface needs WPA authentication, it is possible to add 829.Dq Li WPA 830to the 831.Va ifconfig_ Ns Aq Ar interface 832variable. 833This will start 834.Xr wpa_supplicant 8 . 835See 836.Xr wpa_supplicant.conf 5 837for configuring authentication information. 838.Pp 839Finally, you can add 840.Xr ifconfig 8 841options in this variable, in addition to the 842.Pa /etc/start_if. Ns Aq Ar interface 843file. 844For instance, to initialize the 845.Li wi0 846device via DHCP, using WPA authentication and 802.11b mode, it is 847possible to use something like: 848.Bd -literal 849ifconfig_wi0="up DHCP WPA mode 11b" 850.Ed 851.Pp 852.\" 853.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 854.Pq Vt str 855Configuration to establish an additional network address for 856.Dq interface . 857Assuming that the interface in question was 858.Li ed0 , 859it might look something like this: 860.Bd -literal 861ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 862ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 863.Ed 864.Pp 865And so on. 866For each 867.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 868entry that is found, its contents are passed to 869.Xr ifconfig 8 . 870Execution stops at the first unsuccessful access, so if 871something like this is present: 872.Bd -literal 873ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 874ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 875ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 876ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 877.Ed 878.Pp 879Then note that alias4 would 880.Em not 881be added since the search would stop with the missing alias3 entry. 882.Pp 883.\" 884.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 885.Pq Vt str 886New name for 887.Dq interface . 888It is possible to rename interface by doing: 889.Bd -literal 890ifconfig_ed0_name="net0" 891ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 892.Ed 893.It Va network_interfaces 894.Pq Vt str 895The list of network interfaces to configure on this host, 896or 897.Dq Li auto 898to configure all network interfaces 899(default 900.Dq Li auto ) . 901For example, if the only network devices to be configured are the loopback device 902.Pq Li lo0 903and a NIC using the 904.Xr ed 4 905driver, this could be set to 906.Dq Li "lo0 ed0" . 907An 908.Va ifconfig_ Ns Aq Ar interface 909variable is assumed to exist for each value of 910.Ar interface . 911.It Va ipv6_network_interfaces 912.Pq Vt str 913This is the IPv6 equivalent of 914.Va network_interfaces . 915Instead of setting the ifconfig variables as 916.Va ifconfig_ Ns Aq Ar interface 917they should be set as 918.Va ipv6_ifconfig_ Ns Aq Ar interface . 919Aliases should be set as 920.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 921Interfaces that do not have a 922.Va ipv6_ifconfig_ Ns Aq Ar interface 923setting will be auto configured by 924.Xr rtsol 8 925if the 926.Va ipv6_gateway_enable 927is set to 928.Dq Li NO . 929Note that the IPv6 networking code does not support the 930.Pa /etc/start_if. Ns Aq Ar interface 931files. 932.It Va ipv6_prefix_ Ns Aq Ar interface 933.Pq Vt str 934Assign prefix to 935.Ar interface , 936prefixlen 64 is used. 937.It Va ipv6_default_interface 938.Pq Vt str 939If not set to 940.Dq Li NO , 941this is the default output interface for scoped addresses. 942Now this works only for IPv6 link local multicast addresses. 943.It Va cloned_interfaces 944.Pq Vt str 945Set to the list of clonable network interfaces to create on this host. 946Entries in 947.Va cloned_interfaces 948are automatically appended to 949.Va network_interfaces 950for configuration. 951.It Va gif_interfaces 952.Pq Vt str 953Set to the list of 954.Xr gif 4 955tunnel interfaces to configure on this host. 956A 957.Va gifconfig_ Ns Aq Ar interface 958variable is assumed to exist for each value of 959.Ar interface . 960The value of this variable is used to configure the link layer of the 961tunnel according to the syntax of the 962.Cm tunnel 963option to 964.Xr ifconfig 8 . 965Additionally, this option ensures that each listed interface is created via the 966.Cm create 967option to 968.Xr ifconfig 8 969before attempting to configure it. 970.It Va sppp_interfaces 971.Pq Vt str 972Set to the list of 973.Xr sppp 4 974interfaces to configure on this host. 975A 976.Va spppconfig_ Ns Aq Ar interface 977variable is assumed to exist for each value of 978.Ar interface . 979Each interface should also be configured by a general 980.Va ifconfig_ Ns Aq Ar interface 981setting. 982Refer to 983.Xr spppcontrol 8 984for more information about available options. 985.It Va ppp_enable 986.Pq Vt bool 987If set to 988.Dq Li YES , 989run the 990.Xr ppp 8 991daemon. 992.It Va ppp_mode 993.Pq Vt str 994Mode in which to run the 995.Xr ppp 8 996daemon. 997Accepted modes are 998.Dq Li auto , 999.Dq Li ddial , 1000.Dq Li direct 1001and 1002.Dq Li dedicated . 1003See the manual for a full description. 1004.It Va ppp_nat 1005.Pq Vt bool 1006If set to 1007.Dq Li YES , 1008enables network address translation. 1009Used in conjunction with 1010.Va gateway_enable 1011allows hosts on private network addresses access to the Internet using 1012this host as a network address translating router. 1013.It Va ppp_profile 1014.Pq Vt str 1015The name of the profile to use from 1016.Pa /etc/ppp/ppp.conf . 1017.It Va ppp_user 1018.Pq Vt str 1019The name of the user under which 1020.Xr ppp 8 1021should be started. 1022By default, 1023.Xr ppp 8 1024is started as 1025.Dq Li root . 1026.It Va rc_conf_files 1027.Pq Vt str 1028This option is used to specify a list of files that will override 1029the settings in 1030.Pa /etc/defaults/rc.conf . 1031The files will be read in the order in which they are specified and should 1032include the full path to the file. 1033By default, the files specified are 1034.Pa /etc/rc.conf 1035and 1036.Pa /etc/rc.conf.local 1037.It Va fsck_y_enable 1038.Pq Vt bool 1039If set to 1040.Dq Li YES , 1041.Xr fsck 8 1042will be run with the 1043.Fl y 1044flag if the initial preen of the file systems fails. 1045.It Va netfs_types 1046.Pq Vt str 1047List of file system types that are network-based. 1048This list should generally not be modified by end users. 1049Use 1050.Va extra_netfs_types 1051instead. 1052.It Va extra_netfs_types 1053.Pq Vt str 1054If set to something other than 1055.Dq Li NO 1056(the default), this variable extends the list of file system types 1057for which automatic mounting at startup by 1058.Xr rc 8 1059should be delayed until the network is initialized. 1060It should contain 1061a whitespace-separated list of network file system descriptor pairs, 1062each consisting of a file system type as passed to 1063.Xr mount 8 1064and a human-readable, one-word description, joined with a colon 1065.Pq Ql \&: . 1066Extending the default list in this way is only necessary 1067when third party file system types are used. 1068.It Va devfs_config_files 1069.Pq Vt str 1070This option is used to specify a list of configuration files containing 1071.Xr devfs 5 1072rules that will be applied by 1073.Xr devfsctl 8 1074in the order in which they are specified and must include the full path 1075to the file. 1076.It Va syslogd_enable 1077.Pq Vt bool 1078If set to 1079.Dq Li YES , 1080run the 1081.Xr syslogd 8 1082daemon. 1083.It Va syslogd_program 1084.Pq Vt str 1085Path to 1086.Xr syslogd 8 1087(default 1088.Pa /usr/sbin/syslogd ) . 1089.It Va syslogd_flags 1090.Pq Vt str 1091If 1092.Va syslogd_enable 1093is set to 1094.Dq Li YES , 1095these are the flags to pass to 1096.Xr syslogd 8 . 1097.It Va inetd_enable 1098.Pq Vt bool 1099If set to 1100.Dq Li YES , 1101run the 1102.Xr inetd 8 1103daemon. 1104.It Va inetd_program 1105.Pq Vt str 1106Path to 1107.Xr inetd 8 1108(default 1109.Pa /usr/sbin/inetd ) . 1110.It Va inetd_flags 1111.Pq Vt str 1112If 1113.Va inetd_enable 1114is set to 1115.Dq Li YES , 1116these are the flags to pass to 1117.Xr inetd 8 . 1118.It Va named_enable 1119.Pq Vt bool 1120If set to 1121.Dq Li YES , 1122run the 1123.Xr named 8 1124daemon. 1125.It Va named_program 1126.Pq Vt str 1127Path to 1128.Xr named 8 1129(default 1130.Pa /usr/sbin/named ) . 1131.It Va named_flags 1132.Pq Vt str 1133If 1134.Va named_enable 1135is set to 1136.Dq Li YES , 1137these are the flags to pass to 1138.Xr named 8 . 1139.It Va named_pidfile 1140.Pq Vt str 1141This is the default path to the 1142.Xr named 8 1143daemon's PID file. 1144Change it if you change the location in 1145.Pa /etc/namedb/named.conf . 1146.It Va named_chrootdir 1147.Pq Vt str 1148The root directory for a name server run in a 1149.Xr chroot 8 1150environment. 1151If left empty 1152.Xr named 8 1153will not be run in a 1154.Xr chroot 8 1155environment. 1156.It Va rwhod_enable 1157.Pq Vt bool 1158If set to 1159.Dq Li YES , 1160run the 1161.Xr rwhod 8 1162daemon at boot time. 1163.It Va rwhod_flags 1164.Pq Vt str 1165If 1166.Va rwhod_enable 1167is set to 1168.Dq Li YES , 1169these are the flags to pass to it. 1170.It Va amd_enable 1171.Pq Vt bool 1172If set to 1173.Dq Li YES , 1174run the 1175.Xr amd 8 1176daemon at boot time. 1177.It Va amd_flags 1178.Pq Vt str 1179If 1180.Va amd_enable 1181is set to 1182.Dq Li YES , 1183these are the flags to pass to it. 1184See the 1185.Xr amd 8 1186manpage for more information. 1187.It Va amd_map_program 1188.Pq Vt str 1189If set, the specified program is run to get the list of 1190.Xr amd 8 1191maps. 1192For example, if the 1193.Xr amd 8 1194maps are stored in NIS, one can set this to run 1195.Xr ypcat 1 1196to get a list of 1197.Xr amd 8 1198maps from the 1199.Pa amd.master 1200NIS map. 1201.It Va update_motd 1202.Pq Vt bool 1203If set to 1204.Dq Li YES , 1205.Pa /etc/motd 1206will be updated at boot time to reflect the kernel release being run. 1207If set to 1208.Dq Li NO , 1209.Pa /etc/motd 1210will not be updated. 1211.It Va nfs_client_enable 1212.Pq Vt bool 1213If set to 1214.Dq Li YES , 1215setup NFS client parameters at boot time. 1216.It Va nfs_access_cache 1217.Pq Vt int 1218If 1219.Va nfs_client_enable 1220is set to 1221.Dq Li YES , 1222this can be set to 1223.Dq Li 0 1224to disable NFS ACCESS RPC caching, or to the number of seconds for which 1225NFS ACCESS results should be cached. 1226A value of 2-10 seconds will substantially reduce network traffic for 1227many NFS operations. 1228The default is 5 seconds. 1229Note that the attribute cache holds stat information only. 1230The NFS data cache is independent of the attribute cache and is only 1231invalidated when the client detects that the server has modified the 1232underlying file. 1233This value specifies a maximum timeout. 1234The NFS client will automatically use a shorter timeout for files which 1235have been recently modified. 1236.It Va nfs_neg_cache 1237.Pq Vt int 1238If 1239.Va nfs_client_enable 1240is set to 1241.Dq Li YES , 1242this can be set to 1243.Dq Li 0 1244to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1245filenames), or to the number of seconds for which negative lookups should 1246be cached. 1247A value of 2-10 seconds will substantially reduce network 1248traffic for many NFS operations, especially source code builds. 1249The default is 3 seconds. 1250.It Va nfs_server_enable 1251.Pq Vt bool 1252If set to 1253.Dq Li YES , 1254run the NFS server daemons at boot time. 1255.It Va nfs_server_flags 1256.Pq Vt str 1257If 1258.Va nfs_server_enable 1259is set to 1260.Dq Li YES , 1261these are the flags to pass to the 1262.Xr nfsd 8 1263daemon. 1264.It Va mountd_enable 1265.Pq Vt bool 1266If set to 1267.Dq Li YES , 1268and no 1269.Va nfs_server_enable 1270is set, start 1271.Xr mountd 8 , 1272but not 1273.Xr nfsd 8 1274daemon. 1275It is commonly needed to run CFS without real NFS used. 1276.It Va mountd_flags 1277.Pq Vt str 1278If 1279.Va mountd_enable 1280is set to 1281.Dq Li YES , 1282these are the flags to pass to the 1283.Xr mountd 8 1284daemon. 1285.It Va weak_mountd_authentication 1286.Pq Vt bool 1287If set to 1288.Dq Li YES , 1289allow services like PCNFSD to make non-privileged mount requests. 1290.It Va nfs_reserved_port_only 1291.Pq Vt bool 1292If set to 1293.Dq Li YES , 1294provide NFS services only on a secure port. 1295.It Va nfs_bufpackets 1296.Pq Vt int 1297If set to a number, indicates the number of packets worth of 1298socket buffer space to reserve on an NFS client. 1299The kernel default is typically 4. 1300Using a higher number may be useful on gigabit networks to improve performance. 1301The minimum value is 2 and the maximum is 64. 1302.It Va rpc_umntall_enable 1303.Pq Vt bool 1304If set to 1305.Dq Li YES 1306(default) and we are also an NFS client, run 1307.Xr rpc.umntall 8 1308at boot time to clear out old mounts on remote servers. 1309If set to 1310.Dq Li NO 1311then 1312.Xr rpc.umntall 8 1313will not be run at boot time. 1314.It Va rpc_lockd_enable 1315.Pq Vt bool 1316If set to 1317.Dq Li YES 1318and also an NFS server, run 1319.Xr rpc.lockd 8 1320at boot time. 1321.It Va rpc_lockd_flags 1322.Pq Vt str 1323If 1324.Va rpc_lockd_enable 1325is set to 1326.Dq Li YES , 1327these are the flags to pass to 1328.Xr rpc.lockd 8 . 1329.It Va rpc_statd_enable 1330.Pq Vt bool 1331If set to 1332.Dq Li YES 1333and also an NFS server, run 1334.Xr rpc.statd 8 1335at boot time. 1336.It Va rpc_statd_flags 1337.Pq Vt str 1338If 1339.Va rpc_statd_enable 1340is set to 1341.Dq Li YES , 1342these are the flags to pass to 1343.Xr rpc.statd 8 . 1344.It Va rpcbind_program 1345.Pq Vt str 1346Path to program for rpcbind daemon 1347(default 1348.Pa /usr/sbin/rpcbind ) . 1349.It Va rpcbind_enable 1350.Pq Vt bool 1351If set to 1352.Dq Li YES , 1353run 1354.Va rpcbind_program 1355at boot time. 1356.It Va rpcbind_flags 1357.Pq Vt str 1358If 1359.Va rpcbind_enable 1360is set to 1361.Dq Li YES , 1362these are the flags to pass to 1363.Va rpcbind_program . 1364.It Va keyserv_enable 1365.Pq Vt bool 1366If set to 1367.Dq Li YES , 1368run the 1369.Xr keyserv 8 1370daemon on boot for running Secure RPC. 1371.It Va keyserv_flags 1372.Pq Vt str 1373If 1374.Va keyserv_enable 1375is set to 1376.Dq Li YES , 1377these are the flags to pass to 1378.Xr keyserv 8 1379daemon. 1380.It Va pppoed_enable 1381.Pq Vt bool 1382If set to 1383.Dq Li YES , 1384run the 1385.Xr pppoed 8 1386daemon at boot time to provide PPP over Ethernet services. 1387.It Va pppoed_provider 1388.Pq Vt str 1389.Xr pppoed 8 1390listens to requests to this provider and ultimately runs 1391.Xr ppp 8 1392with a 1393.Ar system 1394argument of the same name. 1395.It Va pppoed_flags 1396.Pq Vt str 1397Additional flags to pass to 1398.Xr pppoed 8 . 1399.It Va pppoed_interface 1400.Pq Vt str 1401The network interface to run 1402.Xr pppoed 8 1403on. 1404This is mandatory when 1405.Va pppoed_enable 1406is set to 1407.Dq Li YES . 1408.It Va timed_enable 1409.Pq Vt bool 1410If set to 1411.Dq Li YES , 1412run the 1413.Xr timed 8 1414service at boot time. 1415This command is intended for networks of machines where a consistent 1416.Dq "network time" 1417for all hosts must be established. 1418This is often useful in large NFS environments where time stamps on 1419files are expected to be consistent network-wide. 1420.It Va timed_flags 1421.Pq Vt str 1422If 1423.Va timed_enable 1424is set to 1425.Dq Li YES , 1426these are the flags to pass to the 1427.Xr timed 8 1428service. 1429.It Va dntpd_enable 1430.Pq Vt bool 1431If set to 1432.Dq Li YES , 1433run 1434.Xr dntpd 8 1435at system boot time. 1436.It Va dntpd_program 1437.Pq Vt str 1438Path to 1439.Xr dntpd 8 1440(default 1441.Pa /usr/sbin/dntpd ) . 1442.It Va dntpd_flags 1443.Pq Vt str 1444If 1445.Va dntpd_enable 1446is set to 1447.Dq Li YES , 1448these are the flags to pass to the 1449.Xr dntpd 8 1450daemon. 1451.It Va btconfig_enable 1452.Pq Vt bool 1453If set to 1454.Dq Li YES , 1455configure Bluetooth devices via 1456.Xr btconfig 8 1457at system boot time. 1458.It Va btconfig_devices 1459.Pq Vt str 1460If 1461.Va btconfig_enable 1462is set to 1463.Dq Li YES , 1464this is the list of Bluetooth devices to configure. 1465If 1466.Va btconfig_devices 1467is not specified, all devices known to the system will be configured. 1468A 1469.Va btconfig_ Ns Aq Ar device 1470variable can be set to specify parameters to be passed to 1471.Ar device . 1472.It Va btconfig_args 1473.Pq Vt str 1474If 1475.Va btconfig_enable 1476is set to 1477.Dq Li YES , 1478this is the list of configuration parameters to pass to all Bluetooth 1479devices. 1480.It Va sdpd_enable 1481.Pq Vt bool 1482If set to 1483.Dq Li YES , 1484run the Service Discovery Profile daemon 1485.Xr ( sdpd 8 ) 1486at system boot time. 1487.It Va sdpd_flags 1488.Pq Vt str 1489If 1490.Va sdpd_enable 1491is set to 1492.Dq Li YES , 1493these are the flags to pass to the 1494.Xr sdpd 8 1495daemon. 1496.It Va bthcid_enable 1497.Pq Vt bool 1498If set to 1499.Dq Li YES , 1500run the Bluetooth Link Key/PIN Code Manager daemon 1501.Xr ( bthcid 8 ) 1502at system boot time. 1503.It Va bthcid_flags 1504.Pq Vt str 1505If 1506.Va bthcid_enable 1507is set to 1508.Dq Li YES , 1509these are the flags to pass to the 1510.Xr bthcid 8 1511daemon. 1512.It Va nis_client_enable 1513.Pq Vt bool 1514If set to 1515.Dq Li YES , 1516run the 1517.Xr ypbind 8 1518service at system boot time. 1519.It Va nis_client_flags 1520.Pq Vt str 1521If 1522.Va nis_client_enable 1523is set to 1524.Dq Li YES , 1525these are the flags to pass to the 1526.Xr ypbind 8 1527service. 1528.It Va nis_ypset_enable 1529.Pq Vt bool 1530If set to 1531.Dq Li YES , 1532run the 1533.Xr ypset 8 1534daemon at system boot time. 1535.It Va nis_ypset_flags 1536.Pq Vt str 1537If 1538.Va nis_ypset_enable 1539is set to 1540.Dq Li YES , 1541these are the flags to pass to the 1542.Xr ypset 8 1543daemon. 1544.It Va nis_server_enable 1545.Pq Vt bool 1546If set to 1547.Dq Li YES , 1548run the 1549.Xr ypserv 8 1550daemon at system boot time. 1551.It Va nis_server_flags 1552.Pq Vt str 1553If 1554.Va nis_server_enable 1555is set to 1556.Dq Li YES , 1557these are the flags to pass to the 1558.Xr ypserv 8 1559daemon. 1560.It Va nis_ypxfrd_enable 1561.Pq Vt bool 1562If set to 1563.Dq Li YES , 1564run the 1565.Xr rpc.ypxfrd 8 1566daemon at system boot time. 1567.It Va nis_ypxfrd_flags 1568.Pq Vt str 1569If 1570.Va nis_ypxfrd_enable 1571is set to 1572.Dq Li YES , 1573these are the flags to pass to the 1574.Xr rpc.ypxfrd 8 1575daemon. 1576.It Va nis_yppasswdd_enable 1577.Pq Vt bool 1578If set to 1579.Dq Li YES , 1580run the 1581.Xr rpc.yppasswdd 8 1582daemon at system boot time. 1583.It Va nis_yppasswdd_flags 1584.Pq Vt str 1585If 1586.Va nis_yppasswdd_enable 1587is set to 1588.Dq Li YES , 1589these are the flags to pass to the 1590.Xr rpc.yppasswdd 8 1591daemon. 1592.It Va rpc_ypupdated_enable 1593.Pq Vt bool 1594If set to 1595.Dq Li YES , 1596run the 1597.Nm rpc.ypupdated 1598daemon at system boot time. 1599.It Va defaultrouter 1600.Pq Vt str 1601If not set to 1602.Dq Li NO , 1603create a default route to this host name or IP address 1604(use an IP address if this router is also required to get to the 1605name server!). 1606.It Va ipv6_defaultrouter 1607.Pq Vt str 1608The IPv6 equivalent of 1609.Va defaultrouter . 1610.It Va static_routes 1611.Pq Vt str 1612Set to the list of static routes that are to be added at system boot time. 1613If not set to 1614.Dq Li NO 1615then for each whitespace separated 1616.Ar element 1617in the value, a 1618.Va route_ Ns Aq Ar element 1619variable is assumed to exist whose contents will later be passed to a 1620.Dq Nm route Cm add 1621operation. 1622.It Va ipv6_static_routes 1623.Pq Vt str 1624The IPv6 equivalent of 1625.Va static_routes . 1626If not set to 1627.Dq Li NO 1628then for each whitespace separated 1629.Ar element 1630in the value, a 1631.Va ipv6_route_ Ns Aq Ar element 1632variable is assumed to exist whose contents will later be passed to a 1633.Dq Nm route Cm add Fl inet6 1634operation. 1635.It Va gateway_enable 1636.Pq Vt bool 1637If set to 1638.Dq Li YES , 1639configure host to act as an IP router, e.g. to forward packets 1640between interfaces. 1641.It Va ipv6_gateway_enable 1642.Pq Vt bool 1643The IPv6 equivalent of 1644.Va gateway_enable . 1645.It Va router_enable 1646.Pq Vt bool 1647If set to 1648.Dq Li YES , 1649run a routing daemon of some sort, based on the settings of 1650.Va router_program 1651and 1652.Va router_flags . 1653.It Va ipv6_router_enable 1654.Pq Vt bool 1655The IPv6 equivalent of 1656.Va router_enable . 1657If set to 1658.Dq Li YES , 1659run a routing daemon of some sort, based on the settings of 1660.Va ipv6_router_program 1661and 1662.Va ipv6_router_flags . 1663.It Va router_program 1664.Pq Vt str 1665If 1666.Va router_enable 1667is set to 1668.Dq Li YES , 1669this is the name of the routing daemon to use 1670(default 1671.Pa /sbin/routed ) . 1672.It Va ipv6_router_program 1673.Pq Vt str 1674The IPv6 equivalent of 1675.Va router_program 1676(default 1677.Pa /sbin/route6d ) . 1678.It Va router_flags 1679.Pq Vt str 1680If 1681.Va router_enable 1682is set to 1683.Dq Li YES , 1684these are the flags to pass to the routing daemon. 1685.It Va ipv6_router_flags 1686.Pq Vt str 1687The IPv6 equivalent of 1688.Va router_flags . 1689.It Va mrouted_enable 1690.Pq Vt bool 1691If set to 1692.Dq Li YES , 1693run the multicast routing daemon, 1694.Xr mrouted 8 . 1695.It Va mroute6d_enable 1696.Pq Vt bool 1697The IPv6 equivalent of 1698.Va mrouted_enable . 1699If set to 1700.Dq Li YES , 1701run the IPv6 multicast routing daemon. 1702Note that no IPv6 multicast routing daemon is included in the 1703.Dx 1704base system but 1705.Xr pim6dd 8 1706can be installed from the 1707.Xr pkgsrc 7 1708collection. 1709.It Va mrouted_flags 1710.Pq Vt str 1711If 1712.Va mrouted_enable 1713is set to 1714.Dq Li YES , 1715these are the flags to pass to the 1716.Xr mrouted 8 1717daemon. 1718.It Va mroute6d_flags 1719.Pq Vt str 1720The IPv6 equivalent of 1721.Va mrouted_flags . 1722If 1723.Va mroute6d_enable 1724is set to 1725.Dq Li YES , 1726these are the flags passed to the IPv6 multicast routing daemon. 1727.It Va mroute6d_program 1728.Pq Vt str 1729If 1730.Va mroute6d_enable 1731is set to 1732.Dq Li YES , 1733this is the path to the IPv6 multicast routing daemon. 1734.It Va rtadvd_enable 1735.Pq Vt bool 1736If set to 1737.Dq Li YES , 1738run the 1739.Xr rtadvd 8 1740daemon at boot time. 1741.Xr rtadvd 8 1742will only run if 1743.Va ipv6_gateway_enable 1744is also set to 1745.Dq Li YES . 1746The 1747.Xr rtadvd 8 1748utility sends router advertisement packets to the interfaces specified in 1749.Va rtadvd_interfaces . 1750.Xr rtadvd 8 1751and should only be enabled with great care. 1752You may want to fine-tune 1753.Xr rtadvd.conf 5 . 1754.It Va rtadvd_interfaces 1755.Pq Vt str 1756If 1757.Va rtadvd_enable 1758is set to 1759.Dq Li YES 1760this is the list of interfaces to use. 1761.It Va rtsold_enable 1762.Pq Vt bool 1763If set to 1764.Dq Li YES , 1765run the 1766.Xr rtsold 8 1767daemon at boot time. 1768The 1769.Xr rtsold 8 1770daemon is used for automatic discovery of non-link local addresses. 1771.It Va rtsold_flags 1772.Pq Vt str 1773If 1774.Va rtsold_enable 1775is set to 1776.Dq Li YES , 1777these are the flags to pass to the 1778.Xr rtsold 8 1779daemon. 1780.It Va ipxgateway_enable 1781.Pq Vt bool 1782If set to 1783.Dq Li YES , 1784enable the routing of IPX traffic. 1785.It Va ipxrouted_enable 1786.Pq Vt bool 1787If set to 1788.Dq Li YES , 1789run the 1790.Xr IPXrouted 8 1791daemon at system boot time. 1792.It Va ipxrouted_flags 1793.Pq Vt str 1794If 1795.Va ipxrouted_enable 1796is set to 1797.Dq Li YES , 1798these are the flags to pass to the 1799.Xr IPXrouted 8 1800daemon. 1801.It Va arpproxy_all 1802.Pq Vt bool 1803If set to 1804.Dq Li YES , 1805enable global proxy ARP. 1806.It Va forward_sourceroute 1807.Pq Vt bool 1808If set to 1809.Dq Li YES 1810and 1811.Va gateway_enable 1812is also set to 1813.Dq Li YES , 1814source-routed packets are forwarded. 1815.It Va accept_sourceroute 1816.Pq Vt bool 1817If set to 1818.Dq Li YES , 1819the system will accept source-routed packets directed at it. 1820.It Va rarpd_enable 1821.Pq Vt bool 1822If set to 1823.Dq Li YES , 1824run the 1825.Xr rarpd 8 1826daemon at system boot time. 1827.It Va rarpd_flags 1828.Pq Vt str 1829If 1830.Va rarpd_enable 1831is set to 1832.Dq Li YES , 1833these are the flags to pass to the 1834.Xr rarpd 8 1835daemon. 1836.It Va bootparamd_enable 1837.Pq Vt bool 1838If set to 1839.Dq Li YES , 1840run the 1841.Xr bootparamd 8 1842daemon at system boot time. 1843.It Va bootparamd_flags 1844.Pq Vt str 1845If 1846.Va bootparamd_enable 1847is set to 1848.Dq Li YES , 1849these are the flags to pass to the 1850.Xr bootparamd 8 1851daemon. 1852.It Va stf_interface_ipv4addr 1853.Pq Vt str 1854If not set to 1855.Dq Li NO , 1856this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1857Specify this entry to enable the 6to4 interface. 1858.It Va stf_interface_ipv4plen 1859.Pq Vt int 1860Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1861An effective value is 0-31. 1862.It Va stf_interface_ipv6_ifid 1863.Pq Vt str 1864IPv6 interface ID for 1865.Xr stf 4 . 1866This can be set to 1867.Dq Li AUTO . 1868.It Va stf_interface_ipv6_slaid 1869.Pq Vt str 1870IPv6 Site Level Aggregator for 1871.Xr stf 4 . 1872.It Va ipv6_faith_prefix 1873.Pq Vt str 1874If not set to 1875.Dq Li NO , 1876this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP translator. 1877You also need 1878.Xr faithd 8 1879setup. 1880.It Va ipv6_ipv4mapping 1881.Pq Vt bool 1882If set to 1883.Dq Li YES 1884this enables IPv4 mapped IPv6 address communication (like 1885.Li ::ffff:a.b.c.d ) . 1886.It Va atm_enable 1887.Pq Vt bool 1888Set to 1889.Dq Li YES 1890to enable the configuration of ATM interfaces at system boot time. 1891For all of the ATM variables described below, please refer to the 1892.Xr atm 8 1893man page for further details on the available command parameters. 1894Also refer to the files in 1895.Pa /usr/share/examples/atm 1896for more detailed configuration information. 1897.It Va atm_netif_ Ns Aq Ar intf 1898.Pq Vt str 1899For the ATM physical interface 1900.Ar intf , 1901this variable defines the name prefix and count for the ATM network 1902interfaces to be created. 1903The value will be passed as the parameters of an 1904.Dq Nm atm Cm "set netif" Ar intf 1905command. 1906.It Va atm_sigmgr_ Ns Aq Ar intf 1907.Pq Vt str 1908For the ATM physical interface 1909.Ar intf , 1910this variable defines the ATM signalling manager to be used. 1911The value will be passed as the parameters of an 1912.Dq Nm atm Cm attach Ar intf 1913command. 1914.It Va atm_prefix_ Ns Aq Ar intf 1915.Pq Vt str 1916For the ATM physical interface 1917.Ar intf , 1918this variable defines the NSAP prefix for interfaces using a UNI signalling 1919manager. 1920If set to 1921.Dq Li ILMI , 1922the prefix will automatically be set via the 1923.Xr ilmid 8 1924daemon. 1925Otherwise, the value will be passed as the parameters of an 1926.Dq Nm atm Cm "set prefix" Ar intf 1927command. 1928.It Va atm_macaddr_ Ns Aq Ar intf 1929.Pq Vt str 1930For the ATM physical interface 1931.Ar intf , 1932this variable defines the MAC address for interfaces using a UNI signalling 1933manager. 1934If set to 1935.Dq Li NO , 1936the hardware MAC address contained in the ATM interface card will be used. 1937Otherwise, the value will be passed as the parameters of an 1938.Dq Nm atm Cm "set mac" Ar intf 1939command. 1940.It Va atm_arpserver_ Ns Aq Ar netif 1941.Pq Vt str 1942For the ATM network interface 1943.Ar netif , 1944this variable defines the ATM address for a host which is to provide ATMARP 1945service. 1946This variable is only applicable to interfaces using a UNI signalling manager. 1947If set to 1948.Dq Li local , 1949this host will become an ATMARP server. 1950The value will be passed as the parameters of an 1951.Dq Nm atm Cm "set arpserver" Ar netif 1952command. 1953.It Va atm_scsparp_ Ns Aq Ar netif 1954.Pq Vt bool 1955If set to 1956.Dq Li YES , 1957SCSP/ATMARP service for the network interface 1958.Ar netif 1959will be initiated using the 1960.Xr scspd 8 1961and 1962.Xr atmarpd 8 1963daemons. 1964This variable is only applicable if 1965.Va atm_arpserver_ Ns Aq Ar netif 1966is set to 1967.Dq Li local . 1968.It Va atm_arps 1969.Pq Vt str 1970Set to the list of permanent ATM ARP entries to be added at system boot time. 1971For each whitespace separated 1972.Ar element 1973in the value, an 1974.Va atm_arp_ Ns Aq Ar element 1975variable is assumed to exist. 1976The value of each of these variables will be passed as the parameters of an 1977.Dq Nm atm Cm "add arp" 1978command. 1979.It Va keybell 1980.Pq Vt str 1981The keyboard bell sound. 1982Set to 1983.Dq Li normal , 1984.Dq Li visual , 1985.Dq Li off , 1986or 1987.Dq Li NO 1988if the default behavior is desired. 1989For details, refer to the 1990.Xr kbdcontrol 1 1991manpage. 1992.It Va keymap 1993.Pq Vt str 1994If set to 1995.Dq Li NO , 1996no keymap is installed, otherwise the value is used to install 1997the keymap file in 1998.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1999.It Va keyrate 2000.Pq Vt str 2001The keyboard repeat speed. 2002Set to 2003.Dq Li slow , 2004.Dq Li normal , 2005.Dq Li fast , 2006or 2007.Dq Li NO 2008if the default behavior is desired. 2009.It Va keychange 2010.Pq Vt str 2011If not set to 2012.Dq Li NO , 2013attempt to program the function keys with the value. 2014The value should be a single string of the form: 2015.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2016.It Va cursor 2017.Pq Vt str 2018Can be set to the value of 2019.Dq Li normal , 2020.Dq Li blink , 2021.Dq Li destructive , 2022or 2023.Dq Li NO 2024to set the cursor behavior explicitly or choose the default behavior. 2025.It Va scrnmap 2026.Pq Vt str 2027If set to 2028.Dq Li NO , 2029no screen map is installed, otherwise the value is used to install 2030the screen map file in 2031.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2032.It Va font8x16 2033.Pq Vt str 2034If set to 2035.Dq Li NO , 2036the default 8x16 font value is used for screen size requests, otherwise 2037the value in 2038.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2039is used. 2040.It Va font8x14 2041.Pq Vt str 2042If set to 2043.Dq Li NO , 2044the default 8x14 font value is used for screen size requests, otherwise 2045the value in 2046.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2047is used. 2048.It Va font8x8 2049.Pq Vt str 2050If set to 2051.Dq Li NO , 2052the default 8x8 font value is used for screen size requests, otherwise 2053the value in 2054.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2055is used. 2056.It Va blanktime 2057.Pq Vt int 2058If set to 2059.Dq Li NO , 2060the default screen blanking interval is used, otherwise it is set to 2061.Ar value 2062seconds. 2063.It Va saver 2064.Pq Vt str 2065If not set to 2066.Dq Li NO , 2067this is the actual screen saver to use 2068.Li ( blank , snake , daemon , 2069etc). 2070.It Va moused_enable 2071.Pq Vt str 2072If set to 2073.Dq Li YES , 2074the 2075.Xr moused 8 2076daemon is started for doing cut/paste selection on the console. 2077.It Va moused_type 2078.Pq Vt str 2079This is the protocol type of the mouse connected to this host. 2080This variable must be set if 2081.Va moused_enable 2082is set to 2083.Dq Li YES . 2084The 2085.Xr moused 8 2086daemon 2087is able to detect the appropriate mouse type automatically in many cases. 2088Set this variable to 2089.Dq Li auto 2090to let the daemon detect it, or 2091select one from the following list if the automatic detection fails. 2092.Pp 2093If the mouse is attached to the PS/2 mouse port, choose 2094.Dq Li auto 2095or 2096.Dq Li ps/2 , 2097regardless of the brand and model of the mouse. 2098Likewise, if the mouse is attached to the bus mouse port, choose 2099.Dq Li auto 2100or 2101.Dq Li busmouse . 2102All other protocols are for serial mice and will not work with 2103the PS/2 and bus mice. 2104If this is a USB mouse, 2105.Dq Li auto 2106is the only protocol type which will work. 2107.Pp 2108.Bl -tag -width ".Li x10mouseremote" -compact 2109.It Li microsoft 2110Microsoft mouse (serial) 2111.It Li intellimouse 2112Microsoft IntelliMouse (serial) 2113.It Li mousesystems 2114Mouse systems Corp. mouse (serial) 2115.It Li mmseries 2116MM Series mouse (serial) 2117.It Li logitech 2118Logitech mouse (serial) 2119.It Li busmouse 2120A bus mouse 2121.It Li mouseman 2122Logitech MouseMan and TrackMan (serial) 2123.It Li glidepoint 2124ALPS GlidePoint (serial) 2125.It Li thinkingmouse 2126Kensington ThinkingMouse (serial) 2127.It Li ps/2 2128PS/2 mouse 2129.It Li mmhittab 2130MM HitTablet (serial) 2131.It Li x10mouseremote 2132X10 MouseRemote (serial) 2133.It Li versapad 2134Interlink VersaPad (serial) 2135.El 2136.Pp 2137Even if the mouse is not in the above list, it may be compatible 2138with one in the list. 2139Refer to the man page for 2140.Xr moused 8 2141for compatibility information. 2142.Pp 2143It should also be noted that while this is enabled, any 2144other client of the mouse (such as an X server) should access 2145the mouse through the virtual mouse device, 2146.Pa /dev/sysmouse , 2147and configure it as a 2148.Dq Li sysmouse 2149type mouse, since all 2150mouse data is converted to this single canonical format when using 2151.Xr moused 8 . 2152If the client program does not support the 2153.Dq Li sysmouse 2154type, specify the 2155.Dq Li mousesystems 2156type. 2157It is the second preferred type. 2158.It Va moused_port 2159.Pq Vt str 2160If 2161.Va moused_enable 2162is set to 2163.Dq Li YES , 2164this is the actual port the mouse is on. 2165It might be 2166.Pa /dev/cuaa0 2167for a COM1 serial mouse, 2168.Pa /dev/psm0 2169for a PS/2 mouse or 2170.Pa /dev/mse0 2171for a bus mouse, for example. 2172.It Va moused_flags 2173.Pq Vt str 2174If 2175.Va moused_type 2176is set, these are the additional flags to pass to the 2177.Xr moused 8 2178daemon. 2179.It Va mousechar_start 2180.Pq Vt int 2181If set to 2182.Dq Li NO , 2183the default mouse cursor character range 2184.Li 0xd0 Ns - Ns Li 0xd3 2185is used, otherwise the range start is set to 2186.Ar value 2187character, see 2188.Xr vidcontrol 1 . 2189Use if the default range is occupied in the language code table. 2190.It Va vidhistory 2191.Pq Vt int 2192Set the size of the history (scrollback) buffer in lines. 2193.It Va allscreens_flags 2194.Pq Vt str 2195If set, 2196.Xr vidcontrol 1 2197is run with these options for each of the virtual terminals 2198.Pq Pa /dev/ttyv* . 2199For example, 2200.Dq Fl m Cm on 2201will enable the mouse pointer on all virtual terminals if 2202.Va moused_enable 2203is set to 2204.Dq Li YES . 2205.It Va allscreens_kbdflags 2206.Pq Vt str 2207If set, 2208.Xr kbdcontrol 1 2209is run with these options for each of the virtual terminals 2210.Pq Pa /dev/ttyv* . 2211For example, 2212.Dq Fl h Li 200 2213will set the 2214.Xr syscons 4 2215scrollback (history) buffer to 200 lines. 2216.It Va cron_enable 2217.Pq Vt bool 2218If set to 2219.Dq Li YES , 2220run the 2221.Xr cron 8 2222daemon at system boot time. 2223.It Va cron_program 2224.Pq Vt str 2225Path to 2226.Xr cron 8 2227(default 2228.Pa /usr/sbin/cron ) . 2229.It Va cron_flags 2230.Pq Vt str 2231If 2232.Va cron_enable 2233is set to 2234.Dq Li YES , 2235these are the flags to pass to 2236.Xr cron 8 . 2237.It Va lpd_program 2238.Pq Vt str 2239Path to 2240.Xr lpd 8 2241(default 2242.Pa /usr/sbin/lpd ) . 2243.It Va lpd_enable 2244.Pq Vt bool 2245If set to 2246.Dq Li YES , 2247run the 2248.Xr lpd 8 2249daemon at system boot time. 2250.It Va lpd_flags 2251.Pq Vt str 2252If 2253.Va lpd_enable 2254is set to 2255.Dq Li YES , 2256these are the flags to pass to the 2257.Xr lpd 8 2258daemon. 2259.It Va nscd_enable 2260.Pq Vt bool 2261If set to 2262.Dq Li YES , 2263run the 2264.Xr nscd 8 2265daemon at system boot time. 2266.It Va mixer_enable 2267.Pq Vt bool 2268If set to 2269.Dq Li YES , 2270preserve 2271.Xr mixer 8 2272settings across reboots. 2273.It Va mta_start_script 2274.Pq Vt str 2275The full path to the script to run to start 2276a mail transfer agent. 2277The default is 2278.Pa /etc/rc.sendmail . 2279The 2280.Va sendmail_* 2281variables which 2282.Pa /etc/rc.sendmail 2283uses are documented in the 2284.Xr rc.sendmail 8 2285man page. 2286.It Va fixbootfile 2287.Pq Vt bool 2288In a 2289.Sq HAMMER ROOT with UFS /boot 2290setup, the boot loader will not set up the 2291.Va kern.bootfile 2292sysctl correctly. 2293The system will attempt to fix this on its own. 2294Set this variable to 2295.Dq Li NO 2296to turn this behavior off. 2297.It Va dumpdev 2298.Pq Vt str 2299Indicates the device (usually a swap partition) to which a crash dump 2300should be written in the event of a system crash. 2301The value of this variable is passed as the argument to 2302.Xr dumpon 8 . 2303To disable crash dumps, set this variable to 2304.Dq Li NO . 2305.It Va dumpdir 2306.Pq Vt str 2307When the system reboots after a crash and a crash dump is found on the 2308device specified by the 2309.Va dumpdev 2310variable, 2311.Xr savecore 8 2312will save that crash dump and a copy of the kernel to the directory 2313specified by the 2314.Va dumpdir 2315variable. 2316The default value is 2317.Pa /var/crash . 2318Set to 2319.Dq Li NO 2320to not run 2321.Xr savecore 8 2322at boot time when 2323.Va dumpdir 2324is set. 2325.It Va savecore_flags 2326.Pq Vt str 2327If crash dumps are enabled, these are the flags to pass to the 2328.Xr savecore 8 2329utility. 2330.It Va enable_quotas 2331.Pq Vt bool 2332Set to 2333.Dq Li YES 2334to turn on user disk quotas on system startup via the 2335.Xr quotaon 8 2336command. 2337.It Va check_quotas 2338.Pq Vt bool 2339Set to 2340.Dq Li YES 2341to enable user disk quota checking via the 2342.Xr quotacheck 8 2343command. 2344.It Va accounting_enable 2345.Pq Vt bool 2346Set to 2347.Dq Li YES 2348to enable system accounting through the 2349.Xr accton 8 2350facility. 2351.It Va linux_enable 2352.Pq Vt bool 2353Set to 2354.Dq Li YES 2355to enable Linux/ELF binary emulation at system initial boot time. 2356.It Va sysvipc_enable 2357.Pq Vt bool 2358If set to 2359.Dq Li YES , 2360load System V IPC primitives at boot time. 2361.\" ----- cleanvar_enable setting-------------------------------- 2362.It Va cleanvar_enable 2363.Pq Vt bool 2364Set to 2365.Dq Li YES 2366to have 2367.Pa /var/run , 2368.Pa /var/spool/lock 2369and 2370.Pa /var/spool/uucp/.Temp/* 2371cleaned at startup. 2372.\" ----- clear_tmp_enable setting------------------------------- 2373.It Va clear_tmp_enable 2374.Pq Vt bool 2375Set to 2376.Dq Li YES 2377to have 2378.Pa /tmp 2379cleaned at startup. 2380.\" ----- ldconfig_paths setting -------------------------------- 2381.It Va ldconfig_paths 2382.Pq Vt str 2383Set to the list of shared library paths to use with 2384.Xr ldconfig 8 . 2385NOTE: 2386.Pa /usr/lib 2387will always be added first, so it need not appear in this list. 2388.It Va ldconfig_insecure 2389.Pq Vt bool 2390The 2391.Xr ldconfig 8 2392utility normally refuses to use directories 2393which are writable by anyone except root. 2394Set this variable to 2395.Dq Li YES 2396to disable that security check during system startup. 2397.It Va kern_securelevel 2398.Pq Vt int 2399The kernel security level to set at startup. 2400The allowed range of 2401.Ar value 2402ranges from \-1 (the compile time default) to 3 (the most secure). 2403See 2404.Xr init 8 2405for the list of possible security levels and their effect on system operation. 2406.It Va start_vinum 2407.Pq Vt bool 2408Set to 2409.Dq Li YES 2410to start 2411.Xr vinum 8 2412at system boot time. 2413.It Va sshd_enable 2414.Pq Vt bool 2415Set to 2416.Dq Li YES 2417to start 2418.Xr sshd 8 2419at system boot time. 2420.It Va sshd_program 2421.Pq Vt str 2422Path to the SSH server program 2423(default 2424.Pa /usr/sbin/sshd ) . 2425.It Va sshd_flags 2426.Pq Vt str 2427If 2428.Va sshd_enable 2429is set to 2430.Dq Li YES , 2431these are the flags to pass to the 2432.Xr sshd 8 2433daemon. 2434.It Va ftpd_enable 2435.Pq Vt bool 2436Set to 2437.Dq Li YES 2438to start 2439.Xr ftpd 8 2440at system boot time. 2441.It Va ftpd_flags 2442.Pq Vt str 2443If 2444.Va ftpd_enable 2445is set to 2446.Dq Li YES , 2447these are the flags to pass to the 2448.Xr ftpd 8 2449daemon. 2450.It Va usbd_enable 2451.Pq Vt bool 2452If set to 2453.Dq Li YES , 2454run the 2455.Xr usbd 8 2456daemon at boot time. 2457.It Va usbd_flags 2458.Pq Vt str 2459If 2460.Va usbd_enable 2461is set to 2462.Dq Li YES , 2463these are the flags passed to 2464.Xr usbd 8 2465daemon. 2466.It Va watchdogd_enable 2467.Pq Vt bool 2468If set to 2469.Dq Li YES , 2470start the 2471.Xr watchdogd 8 2472daemon at boot time. 2473This requires that the kernel have been compiled with 2474.Cd "options WATCHDOG" . 2475.It Va jail_enable 2476.Pq Vt bool 2477If set to 2478.Dq Li NO , 2479any configured jails will not be started. 2480.It Va jail_list 2481.Pq Vt str 2482A space separated list of names for jails. 2483This is purely a configuration aid to help identify and 2484configure multiple jails. 2485The names specified in this list will be used to 2486identify settings common to an instance of a jail. 2487Assuming that the jail in question was named 2488.Li vjail , 2489you would have the following dependent variables: 2490.Bd -literal 2491jail_vjail_hostname="jail.example.com" 2492jail_vjail_ip="192.168.1.100" 2493jail_vjail_rootdir="/var/jails/vjail/root" 2494.Ed 2495.Pp 2496.It Va jail_flags 2497.Pq Vt str 2498Unset by default. 2499When set, use as default value for 2500.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2501for every jail in 2502.Va jail_list . 2503.It Va jail_interface 2504.Pq Vt str 2505Unset by default. 2506When set, use as default value for 2507.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2508for every jail in 2509.Va jail_list . 2510.It Va jail_fstab 2511.Pq Vt str 2512Unset by default. 2513When set, use as default value for 2514.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2515for every jail in 2516.Va jail_list . 2517.It Va jail_mount_enable 2518.Pq Vt bool 2519Set to 2520.Dq Li NO 2521by default. 2522When set to 2523.Dq Li YES , 2524sets 2525.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2526to 2527.Dq Li YES 2528by default for every jail in 2529.Va jail_list . 2530.It Va jail_fdesc_enable 2531.Pq Vt bool 2532Set to 2533.Dq Li NO 2534by default. 2535When set to 2536.Dq Li YES , 2537sets 2538.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2539to 2540.Dq Li YES 2541by default for every jail in 2542.Va jail_list . 2543.It Va jail_procfs_enable 2544.Pq Vt bool 2545Set to 2546.Dq Li NO 2547by default. 2548When set to 2549.Dq Li YES , 2550sets 2551.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2552to 2553.Dq Li YES 2554by default for every jail in 2555.Va jail_list . 2556.It Va jail_exec_start 2557.Pq Vt str 2558Unset by default. 2559When set, use as default value for 2560.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2561for every jail in 2562.Va jail_list . 2563.It Va jail_exec_stop 2564Unset by default. 2565When set, use as default value for 2566.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2567for every jail in 2568.Va jail_list . 2569.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2570.Pq Vt str 2571Unset by default. 2572Set to the root directory used by jail 2573.Va jname . 2574.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2575.Pq Vt str 2576Unset by default. 2577Set to the fully qualified domain name (FQDN) assigned to jail 2578.Va jname . 2579.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2580.Pq Vt str 2581Unset by default. 2582Set to the IP address assigned to jail 2583.Va jname . 2584.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2585.Pq Vt str 2586Set to 2587.Dq Li -l -U root 2588by default. 2589These are flags to pass to 2590.Xr jail 8 . 2591.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2592.Pq Vt str 2593Unset by default. 2594When set, sets the interface to use when setting IP address alias. 2595Note that the alias is created at jail startup and removed at jail shutdown. 2596.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2597.Pq Vt str 2598Set to 2599.Pa /etc/fstab. Ns Aq Ar jname 2600by default. 2601This is the file system information file to use for jail 2602.Va jname . 2603.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2604.Pq Vt bool 2605Set to 2606.Dq Li NO 2607by default. 2608When set to 2609.Dq Li YES , 2610mount all file systems from 2611.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2612at jail startup. 2613.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2614.Pq Vt bool 2615Set to 2616.Dq Li NO 2617by default. 2618When set to 2619.Dq Li YES , 2620mount the file-descriptor file system inside jail 2621.Ar jname 2622at jail startup. 2623.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2624.Pq Vt bool 2625Set to 2626.Dq Li NO 2627by default. 2628When set to 2629.Dq Li YES , 2630mount the process file system inside jail 2631.Ar jname 2632at jail startup. 2633.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2634.Pq Vt str 2635Set to 2636.Dq Li /bin/sh /etc/rc 2637by default. 2638This is the command executed at jail startup. 2639.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2640.Pq Vt str 2641Set to 2642.Dq Li /bin/sh /etc/rc.shutdown 2643by default. 2644This is the command executed at jail shutdown. 2645.It Va jail_set_hostname_allow 2646.Pq Vt bool 2647If set to 2648.Dq Li NO , 2649do not allow the root user in a jail to set its hostname. 2650.It Va jail_socket_unixiproute_only 2651.Pq Vt bool 2652If set to 2653.Dq Li YES , 2654do not allow any sockets, 2655besides UNIX/IP/route sockets, 2656to be used within a jail. 2657.It Va jail_sysvipc_allow 2658.Pq Vt bool 2659If set to 2660.Dq Li YES , 2661allow applications within a jail to use System V IPC. 2662.It Va newsyslog_enable 2663.Pq Vt bool 2664If set to 2665.Dq Li YES , 2666run 2667.Xr newsyslog 8 2668before syslogd starts. 2669.It Va newsyslog_flags 2670.Pq Vt str 2671If 2672.Va newsyslog_enable 2673is set to 2674.Dq Li YES , 2675these are the flags passed to 2676.Xr newsyslog 8 . 2677.It Va resident_enable 2678.Pq Vt bool 2679If set to 2680.Dq Li YES , 2681make the dynamic binaries listed in 2682.Pa /etc/resident.conf 2683resident. 2684.It Va varsym_enable 2685.Pq Vt bool 2686If set to 2687.Dq Li YES , 2688process 2689.Pa /etc/varsym.conf 2690to set system-wide variables for variant symlinks. 2691.It Va rand_irqs 2692.Pq Vt str 2693Set either to 2694.Dq Li NO 2695or a whitespace separated list of IRQ numbers which will be used as a source of 2696randomness. 2697.\" ----- isdn settings --------------------------------- 2698.It Va isdn_enable 2699.Pq Vt bool 2700Set to 2701.Dq Li NO 2702by default. 2703When set to 2704.Dq Li YES , 2705starts the 2706.Xr isdnd 8 2707daemon at system boot time. 2708.It Va isdn_flags 2709.Pq Vt str 2710Set to 2711.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2712by default. 2713Additional flags to pass to 2714.Xr isdnd 8 2715(but see 2716.Va isdn_fsdev 2717and 2718.Va isdn_ttype 2719for certain tunable parameters). 2720.It Va isdn_ttype 2721.Pq Vt str 2722Set to 2723.Dq Li cons25 2724by default. 2725The terminal type of the output device when 2726.Xr isdnd 8 2727operates in full-screen mode. 2728.It Va isdn_screenflags 2729.Pq Vt str 2730Set to 2731.Dq Li NO 2732by default. 2733The video mode for full-screen mode (only for 2734.Xr syscons 4 2735console driver, see 2736.Xr vidcontrol 1 2737for valid modes). 2738.It Va isdn_fsdev 2739.Pq Vt str 2740Set to 2741.Dq Li NO 2742by default. 2743The output device for 2744.Xr isdnd 8 2745in full-screen mode (or 2746.Dq Li NO 2747for daemon mode). 2748.It Va isdn_trace 2749.Pq Vt bool 2750Set to 2751.Dq Li NO 2752by default. 2753When set to 2754.Dq Li YES , 2755enables the ISDN protocol trace utility 2756.Xr isdntrace 8 2757at system boot time. 2758.It Va isdn_traceflags 2759.Pq Vt str 2760Set to 2761.Dq Fl f Pa /var/tmp/isdntrace0 2762by default. 2763Flags for 2764.Xr isdntrace 8 . 2765.\" ----------------------------------------------------- 2766.It Va entropy_dir 2767.Pq Vt str 2768Set to 2769.Dq Li NO 2770to disable caching entropy via 2771.Xr cron 8 . 2772Otherwise set to the directory used to store entropy files in. 2773.It Va entropy_file 2774.Pq Vt str 2775Set to 2776.Dq Li NO 2777to disable caching entropy through reboots. 2778Otherwise set to the filename used to store cached entropy through reboots. 2779This file should be located on the root file system to seed the 2780.Xr random 4 2781device as early as possible in the boot process. 2782.It Va ipsec_enable 2783.Pq Vt bool 2784Set to 2785.Dq Li YES 2786to run 2787.Xr setkey 8 2788on 2789.Va ipsec_file 2790at boot time. 2791.It Va ipsec_file 2792.Pq Vt str 2793Configuration file for 2794.Xr setkey 8 . 2795.It Va dmesg_enable 2796.Pq Vt bool 2797Set to 2798.Dq Li YES 2799to save 2800.Xr dmesg 8 2801to 2802.Pa /var/run/dmesg.boot 2803on boot. 2804.It Va rcshutdown_timeout 2805.Pq Vt int 2806If set, start a watchdog timer in the background which will terminate 2807.Pa rc.shutdown 2808if 2809.Xr shutdown 8 2810has not completed within the specified time (in seconds). 2811.El 2812.Sh FILES 2813.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2814.It Pa /etc/defaults/rc.conf 2815.It Pa /etc/rc.conf 2816.It Pa /etc/rc.conf.local 2817.It Pa /etc/start_if. Ns Aq Ar interface 2818.El 2819.Sh SEE ALSO 2820.Xr catman 1 , 2821.Xr gdb 1 , 2822.Xr info 1 , 2823.Xr kbdcontrol 1 , 2824.Xr varsym 1 , 2825.Xr vidcontrol 1 , 2826.Xr ip 4 , 2827.Xr ipf 4 , 2828.Xr ipfw 4 , 2829.Xr kld 4 , 2830.Xr pf 4 , 2831.Xr tcp 4 , 2832.Xr udp 4 , 2833.Xr exports 5 , 2834.Xr motd 5 , 2835.Xr resident.conf 5 , 2836.Xr varsym.conf 5 , 2837.Xr accton 8 , 2838.Xr amd 8 , 2839.Xr apm 8 , 2840.Xr atm 8 , 2841.Xr btconfig 8 , 2842.Xr bthcid 8 , 2843.Xr cron 8 , 2844.Xr devd 8 , 2845.Xr dhclient 8 , 2846.Xr dntpd 8 , 2847.Xr ftpd 8 , 2848.Xr ifconfig 8 , 2849.Xr inetd 8 , 2850.Xr isdnd 8 , 2851.Xr isdntrace 8 , 2852.Xr jail 8 , 2853.Xr lpd 8 , 2854.Xr makewhatis 8 , 2855.Xr mdconfig 8 , 2856.Xr mixer 8 , 2857.Xr mountd 8 , 2858.Xr moused 8 , 2859.Xr mrouted 8 , 2860.Xr named 8 , 2861.Xr nfsd 8 , 2862.Xr pcnfsd 8 , 2863.Xr pfctl 8 , 2864.Xr pflogd 8 , 2865.Xr quotacheck 8 , 2866.Xr quotaon 8 , 2867.Xr rc 8 , 2868.Xr rc.sendmail 8 , 2869.Xr resident 8 , 2870.Xr rndcontrol 8 , 2871.Xr route 8 , 2872.Xr routed 8 , 2873.Xr rpcbind 8 , 2874.Xr rpc.lockd 8 , 2875.Xr rpc.statd 8 , 2876.Xr rtadvd 8 , 2877.Xr rtsold 8 , 2878.Xr rwhod 8 , 2879.Xr savecore 8 , 2880.Xr sdpd 8 , 2881.Xr sensorsd 8 , 2882.Xr sshd 8 , 2883.Xr swapon 8 , 2884.Xr sysctl 8 , 2885.Xr syslogd 8 , 2886.Xr timed 8 , 2887.Xr usbd 8 , 2888.Xr vinum 8 , 2889.Xr yp 8 , 2890.Xr ypbind 8 , 2891.Xr ypserv 8 , 2892.Xr ypset 8 2893.Sh HISTORY 2894The 2895.Nm 2896file appeared in 2897.Fx 2.2.2 . 2898.Sh AUTHORS 2899.An Jordan K. Hubbard . 2900