1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" $DragonFly: src/share/man/man5/rc.conf.5,v 1.3 2003/08/01 04:23:44 rob Exp $ 27.Dd March 3, 2002 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67See the 68.Va rc_conf_files 69variable below. 70.Pp 71The following list provides a name and short description for each 72variable that can be set in the 73.Nm 74file: 75.Bl -tag -width indent-two 76.It Va rc_debug 77.Pq Vt bool 78If set to 79.Dq Li YES , 80enable output of debug messages from rc scripts. 81This variable can be helpful in diagnosing mistakes when 82editing or integrating new scripts. 83Beware that this produces copious output to the terminal and 84.Xr syslog 3 . 85.It Va rc_info 86.Pq Vt bool 87If set to 88.Dq Li NO , 89disable informational messages from the rc scripts. 90Informational messages are displayed when 91a condition that is not serious enough to warrant a warning or 92an error occurs. 93.It Va swapfile 94.Pq Vt str 95If set to 96.Dq Li NO , 97no swapfile is installed, otherwise the value is used as the full 98pathname to a file to use for additional swap space. 99.It Va apm_enable 100.Pq Vt bool 101If set to 102.Dq Li YES , 103enable support for Automatic Power Management with 104the 105.Xr apm 8 106command. 107.It Va apmd_enable 108.Pq Vt bool 109Run 110.Xr apmd 8 111to handle APM event from userland. 112This also enables support for APM. 113.It Va apmd_flags 114.Pq Vt str 115If 116.Va apmd_enable 117is set to 118.Dq Li YES , 119these are the flags to pass to the 120.Xr apmd 8 121daemon. 122.It Va devd_enable 123.Pq Vt bool 124Run 125.Xr devd 8 126to handle device added, removed or unknown events from the kernel. 127.It Va pccard_enable 128.Pq Vt bool 129If set to 130.Dq Li YES , 131enable PCCARD support at boot time. 132.It Va pccard_mem 133.Pq Vt str 134Set to PCCARD controller memory address or 135.Dq Li DEFAULT 136for the default value. 137.It Va pccard_ifconfig 138.Pq Vt str 139List of arguments to be passed to 140.Xr ifconfig 8 141at boot time or on 142insertion of the card (e.g.\& 143.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 144for a fixed address or 145.Dq Li DHCP 146for a DHCP client). 147.It Va pccard_beep 148.Pq Vt int 149If 0, 150set the PCCARD controller to silent mode. 151If 1, 152set it to beep mode. 153If 2, 154set it to melody mode. 155.It Va pccard_conf 156.Pq Vt str 157Path to the configuration file for the 158.Xr pccardd 8 159daemon (e.g.\& 160.Pa /etc/pccard.conf.sample ) . 161.It Va pccardd_flags 162.Pq Vt str 163If 164.Va pccard_enable 165is set to 166.Dq Li YES , 167these are the flags to pass to the 168.Xr pccardd 8 169daemon. 170.It Va pccard_ether_delay 171.Pq Vt str 172Set the delay before starting 173.Xr dhclient 8 174in the 175.Pa /etc/pccard_ether 176script. 177This defaults to 5 seconds to work around a bug in the 178.Xr ed 4 179driver which can lead to system hangs when using some newer 180.Xr ed 4 181based cards. 182.It Va removable_interfaces 183.Pq Vt str 184List of removable network interfaces to be supported by 185.Pa /etc/pccard_ether . 186.It Va local_startup 187.Pq Vt str 188List of directories to search for startup script files. 189.It Va script_name_sep 190.Pq Vt str 191The field separator to use for breaking down the list of startup script files 192into individual filenames. 193The default is a space. 194It is not necessary to change this unless there are startup scripts with names 195containing spaces. 196.It Va hostname 197.Pq Vt str 198The fully qualified domain name (FQDN) of this host on the network. 199This should almost certainly be set to something meaningful, even if 200there is no network connection. 201If 202.Xr dhclient 8 203is used to set the hostname via DHCP, 204this variable should be set to an empty string. 205.It Va ipv6_enable 206.Pq Vt bool 207Enable support for IPv6 networking. 208Note that this requires that the kernel have been compiled with 209.Cd "options INET6" . 210.It Va nisdomainname 211.Pq Vt str 212The NIS domain name of this host, or 213.Dq Li NO 214if NIS is not used. 215.It Va dhclient_program 216.Pq Vt str 217Path to the DHCP client program 218.Pa ( /sbin/dhclient , 219the ISC DHCP client, 220is the default). 221.It Va dhclient_flags 222.Pq Vt str 223Additional flags to pass to the DHCP client program. 224For the ISC DHCP client, see the 225.Xr dhclient 8 226manpage for a description of the command line options available. 227.It Va background_dhclient 228.Pq Vt bool 229Set to 230.Dq Li YES 231to start the dhcp client in background. 232This can cause trouble with applications depending on 233a working network, but it will provide a faster startup 234in many cases. 235.It Va firewall_enable 236.Pq Vt bool 237Set to 238.Dq Li YES 239to load firewall rules at startup. 240If the kernel was not built with 241.Cd "options IPFIREWALL" , 242the 243.Pa ipfw.ko 244kernel module will be loaded. 245See also 246.Va ipfilter_enable . 247.It Va ipv6_firewall_enable 248.Pq Vt bool 249The IPv6 equivalent of 250.Va firewall_enable . 251Set to 252.Dq Li YES 253to load IPv6 firewall rules at startup. 254If the kernel was not built with 255.Cd "options IPV6FIREWALL" , 256the 257.Pa ip6fw.ko 258kernel module will be loaded. 259.It Va firewall_script 260.Pq Vt str 261This variable specifies the full path to the firewall script to run. 262The default is 263.Pa /etc/rc.firewall . 264.It Va ipv6_firewall_script 265.Pq Vt str 266The IPv6 equivalent of 267.Va firewall_script . 268.It Va firewall_type 269.Pq Vt str 270Names the firewall type from the selection in 271.Pa /etc/rc.firewall , 272or the file which contains the local firewall ruleset. 273Valid selections from 274.Pa /etc/rc.firewall 275are: 276.Pp 277.Bl -tag -width ".Li simple" -compact 278.It Li open 279unrestricted IP access 280.It Li closed 281all IP services disabled, except via 282.Dq Li lo0 283.It Li client 284basic protection for a workstation 285.It Li simple 286basic protection for a LAN. 287.El 288.Pp 289If a filename is specified, the full path 290must be given. 291.It Va ipv6_firewall_type 292.Pq Vt str 293The IPv6 equivalent of 294.Va firewall_type . 295.It Va firewall_quiet 296.Pq Vt bool 297Set to 298.Dq Li YES 299to disable the display of firewall rules on the console during boot. 300.It Va ipv6_firewall_quiet 301.Pq Vt bool 302The IPv6 equivalent of 303.Va firewall_quiet . 304.It Va firewall_logging 305.Pq Vt bool 306Set to 307.Dq Li YES 308to enable firewall event logging. 309This is equivalent to the 310.Dv IPFIREWALL_VERBOSE 311kernel option. 312.It Va ipv6_firewall_logging 313.Pq Vt bool 314The IPv6 equivalent of 315.Va firewall_logging . 316.It Va firewall_flags 317.Pq Vt str 318Flags passed to 319.Xr ipfw 8 320if 321.Va firewall_type 322specifies a filename. 323.It Va ipv6_firewall_flags 324.Pq Vt str 325The IPv6 equivalent of 326.Va firewall_flags . 327.It Va natd_program 328.Pq Vt str 329Path to 330.Xr natd 8 . 331.It Va natd_enable 332.Pq Vt bool 333Set to 334.Dq Li YES 335to enable 336.Xr natd 8 . 337.Va firewall_enable 338must also be set to 339.Dq Li YES , 340and 341.Xr divert 4 342sockets must be enabled in the kernel. 343.It Va natd_interface 344.Pq Vt str 345This is the name of the public interface on which 346.Xr natd 8 347should run. 348The interface may be given as an interface name or as an IP address. 349.It Va natd_flags 350.Pq Vt str 351Additional 352.Xr natd 8 353flags should be placed here. 354The 355.Fl n 356or 357.Fl a 358flag is automatically added with the above 359.Va natd_interface 360as an argument. 361.\" ----- ipfilter_enable setting -------------------------------- 362.It Va ipfilter_enable 363.Pq Vt bool 364Set to 365.Dq Li NO 366by default. 367Setting this to 368.Dq Li YES 369enables 370.Xr ipf 8 371packet filtering. 372.Pp 373Typical usage will require putting 374.Bd -literal 375ipfilter_enable="YES" 376ipnat_enable="YES" 377ipmon_enable="YES" 378ipfs_enable="YES" 379.Ed 380.Pp 381into 382.Pa /etc/rc.conf 383and editing 384.Pa /etc/ipf.rules 385and 386.Pa /etc/ipnat.rules 387appropriately. 388.Pp 389Note that 390.Va ipfilter_enable 391and 392.Va ipnat_enable 393can be enabled independently. 394.Va ipmon_enable 395and 396.Va ipfs_enable 397both require at least one of 398.Va ipfilter_enable 399and 400.Va ipnat_enable 401to be enabled. 402.Pp 403Having 404.Bd -literal 405options IPFILTER 406options IPFILTER_LOG 407options IPFILTER_DEFAULT_BLOCK 408.Ed 409.Pp 410in the kernel configuration file is a good idea, too. 411.\" ----- ipfilter_program setting ------------------------------ 412.It Va ipfilter_program 413.Pq Vt str 414Path to 415.Xr ipf 8 416(default 417.Pa /sbin/ipf ) . 418.\" ----- ipfilter_rules setting -------------------------------- 419.It Va ipfilter_rules 420.Pq Vt str 421Set to 422.Pa /etc/ipf.rules 423by default. 424This variable contains the name of the filter rule definition file. 425The file is expected to be readable for the 426.Xr ipf 8 427command to execute. 428.\" ----- ipv6_ipfilter_rules setting --------------------------- 429.It Va ipv6_ipfilter_rules 430.Pq Vt str 431Set to 432.Pa /etc/ipf6.rules 433by default. 434This variable contains the IPv6 filter rule definition file. 435The file is expected to be readable for the 436.Xr ipf 8 437command to execute. 438.\" ----- ipfilter_flags setting -------------------------------- 439.It Va ipfilter_flags 440.Pq Vt str 441Empty by default. 442This variable contains flags passed to the 443.Xr ipf 8 444program. 445.\" ----- ipnat_enable setting ---------------------------------- 446.It Va ipnat_enable 447.Pq Vt bool 448Set to 449.Dq Li NO 450by default. 451Set it to 452.Dq Li YES 453to enable 454.Xr ipnat 1 455network address translation. 456See 457.Va ipfilter_enable 458for a detailed discussion. 459.\" ----- ipnat_program setting --------------------------------- 460.It Va ipnat_program 461.Pq Vt str 462Path to 463.Xr ipnat 1 464(default 465.Pa /sbin/ipnat ) . 466.\" ----- ipnat_rules setting ----------------------------------- 467.It Va ipnat_rules 468.Pq Vt str 469Set to 470.Pa /etc/ipnat.rules 471by default. 472This variable contains the name of the file 473holding the network address translation definition. 474This file is expected to be readable for the 475.Xr ipnat 1 476command to execute. 477.\" ----- ipnat_flags setting ----------------------------------- 478.It Va ipnat_flags 479.Pq Vt str 480Empty by default. 481This variable contains flags passed to the 482.Xr ipnat 1 483program. 484.\" ----- ipmon_enable setting ---------------------------------- 485.It Va ipmon_enable 486.Pq Vt bool 487Set to 488.Dq Li NO 489by default. 490Set it to 491.Dq Li YES 492to enable 493.Xr ipmon 8 494monitoring (logging 495.Xr ipf 8 496and 497.Xr ipnat 1 498events). 499Setting this variable needs setting 500.Va ipfilter_enable 501or 502.Va ipnat_enable 503too. 504See 505.Va ipfilter_enable 506for a detailed discussion. 507.\" ----- ipmon_program setting --------------------------------- 508.It Va ipmon_program 509.Pq Vt str 510Path to 511.Xr ipmon 8 512(default 513.Pa /sbin/ipmon ) . 514.\" ----- ipmon_flags setting ----------------------------------- 515.It Va ipmon_flags 516.Pq Vt str 517Set to 518.Dq Li -Ds 519by default. 520This variable contains flags passed to the 521.Xr ipmon 8 522program. 523Another typical example would be 524.Dq Fl D Pa /var/log/ipflog 525to have 526.Xr ipmon 8 527log directly to a file bypassing 528.Xr syslogd 8 . 529Make sure to adjust 530.Pa /etc/newsyslog.conf 531in such case like this: 532.Bd -literal 533/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 534.Ed 535.\" ----- ipfs_enable setting ----------------------------------- 536.It Va ipfs_enable 537.Pq Vt bool 538Set to 539.Dq Li NO 540by default. 541Set it to 542.Dq Li YES 543to enable 544.Xr ipfs 8 545saving the filter and NAT state tables during shutdown 546and reloading them during startup again. 547Setting this variable needs setting 548.Va ipfilter_enable 549or 550.Va ipnat_enable 551to 552.Dq Li YES 553too. 554See 555.Va ipfilter_enable 556for a detailed discussion. 557Note that if 558.Va kern_securelevel 559is set to 3, 560.Va ipfs_enable 561cannot be used 562because the raised securelevel will prevent 563.Xr ipfs 8 564from saving the state tables at shutdown time. 565.\" ----- ipfs_program setting ---------------------------------- 566.It Va ipfs_program 567.Pq Vt str 568Path to 569.Xr ipfs 8 570(default 571.Pa /sbin/ipfs ) . 572.\" ----- ipfs_flags setting ------------------------------------ 573.It Va ipfs_flags 574.Pq Vt str 575Empty by default. 576This variable contains flags passed to the 577.Xr ipfs 8 578program. 579.\" ----- end of added ipf hook --------------------------------- 580.It Va tcp_extensions 581.Pq Vt bool 582Set to 583.Dq Li YES 584by default. 585Setting this to 586.Dq Li NO 587disables certain TCP options as described by 588.Rs 589.%T "RFC 1323" 590.Re 591Setting this to 592.Dq Li NO 593might help remedy such problems with connections as randomly hanging 594or other weird behavior. 595Some network devices are known 596to be broken with respect to these options. 597.It Va log_in_vain 598.Pq Vt int 599Set to 0 by default. 600The 601.Xr sysctl 8 602variables, 603.Va net.inet.tcp.log_in_vain 604and 605.Va net.inet.udp.log_in_vain , 606as described in 607.Xr tcp 4 608and 609.Xr udp 4 , 610are set to the given value. 611.It Va tcp_keepalive 612.Pq Vt bool 613Set to 614.Dq Li YES 615by default. 616Setting to 617.Dq Li NO 618will disable probing idle TCP connections to verify that the 619peer is still up and reachable. 620.It Va tcp_drop_synfin 621.Pq Vt bool 622Set to 623.Dq Li NO 624by default. 625Setting to 626.Dq Li YES 627will cause the kernel to ignore TCP frames that have both 628the SYN and FIN flags set. 629This prevents OS fingerprinting, but may 630break some legitimate applications. 631This option is only available if the 632kernel was built with the 633.Dv TCP_DROP_SYNFIN 634option. 635.It Va icmp_drop_redirect 636.Pq Vt bool 637Set to 638.Dq Li NO 639by default. 640Setting to 641.Dq Li YES 642will cause the kernel to ignore ICMP REDIRECT packets. 643Refer to 644.Xr icmp 4 645for more information. 646.It Va icmp_log_redirect 647.Pq Vt bool 648Set to 649.Dq Li NO 650by default. 651Setting to 652.Dq Li YES 653will cause the kernel to log ICMP REDIRECT packets. 654Note that 655the log messages are not rate-limited, so this option should only be used 656for troubleshooting networks. 657Refer to 658.Xr icmp 4 659for more information. 660.It Va icmp_bmcastecho 661.Pq Vt bool 662Set to 663.Dq Li YES 664to respond to broadcast or multicast ICMP ping packets. 665Refer to 666.Xr icmp 4 667for more information. 668.It Va ip_portrange_first 669.Pq Vt int 670If not set to 671.Dq Li NO , 672this is the first port in the default portrange. 673Refer to 674.Xr ip 4 675for more information. 676.It Va ip_portrange_last 677.Pq Vt int 678If not set to 679.Dq Li NO , 680this is the last port in the default portrange. 681Refer to 682.Xr ip 4 683for more information. 684.It Va network_interfaces 685.Pq Vt str 686Set to the list of network interfaces to configure on this host. 687For example, if the only network devices in the system are the loopback 688device 689.Pq Li lo0 690and a NIC using the 691.Xr ed 4 692driver, 693this could be set to 694.Dq Li "lo0 ed0" . 695An 696.Va ifconfig_ Ns Aq Ar interface 697variable is also assumed to exist for each value of 698.Ar interface . 699It is also possible to add IP alias entries here in cases where 700multiple IP addresses registered against a single interface 701are desired. 702Assuming that the interface in question was 703.Li ed0 , 704it might look 705something like this: 706.Bd -literal 707ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 708ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 709.Ed 710.Pp 711And so on. 712For each 713.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 714entry that is found, 715its contents are passed to 716.Xr ifconfig 8 . 717Execution stops at the first unsuccessful access, so if 718something like this is present: 719.Bd -literal 720ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 721ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 722ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 723ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 724.Ed 725.Pp 726Then note that alias4 would 727.Em not 728be added since the search would 729stop with the missing alias3 entry. 730.Pp 731If the 732.Pa /etc/start_if. Ns Aq Ar interface 733file is present, it is read and executed by the 734.Xr sh 1 735interpreter 736before configuring the interface as specified in the 737.Va ifconfig_ Ns Aq Ar interface 738and 739.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 740variables. 741.Pp 742It is possible to bring up an interface with DHCP by setting the 743.Va ifconfig_ Ns Aq Ar interface 744variable to 745.Dq Li DHCP . 746For instance, to initialize the 747.Li ed0 748device via DHCP, 749it is possible to use something like: 750.Bd -literal 751ifconfig_ed0="DHCP" 752.Ed 753.It Va ipv6_network_interfaces 754.Pq Vt str 755This is the IPv6 equivalent of 756.Va network_interfaces . 757Instead of setting the ifconfig variables as 758.Va ifconfig_ Ns Aq Ar interface 759they should be set as 760.Va ipv6_ifconfig_ Ns Aq Ar interface . 761Aliases should be set as 762.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 763.Va ipv6_prefix_ Ns Aq Ar interface 764does something. 765Interfaces that do not have a 766.Va ipv6_ifconfig_ Ns Aq Ar interface 767setting will be auto configured by 768.Xr rtsol 8 769if the 770.Va ipv6_gateway_enable 771is set to 772.Dq Li NO . 773Note that the IPv6 networking code does not support the 774.Pa /etc/start_if. Ns Aq Ar interface 775files. 776.It Va ipv6_default_interface 777.Pq Vt str 778If not set to 779.Dq Li NO , 780this is the default output interface for scoped addresses. 781Now this works only for IPv6 link local multicast addresses. 782.It Va cloned_interfaces 783.Pq Vt str 784Set to the list of clonable network interfaces to create on this host. 785Entries in 786.Va cloned_interfaces 787are automatically appended to 788.Va network_interfaces 789for configuration. 790.It Va gif_interfaces 791.Pq Vt str 792Set to the list of 793.Xr gif 4 794tunnel interfaces to configure on this host. 795A 796.Va gifconfig_ Ns Aq Ar interface 797variable is assumed to exist for each value of 798.Ar interface . 799The value of this variable is used to configure the link layer of the 800tunnel according to the syntax of the 801.Cm tunnel 802option to 803.Xr ifconfig 8 . 804Additionally, this option ensures that each listed interface is created 805via the 806.Cm create 807option to 808.Xr ifconfig 8 809before attempting to configure it. 810.It Va sppp_interfaces 811.Pq Vt str 812Set to the list of 813.Xr sppp 4 814interfaces to configure on this host. 815A 816.Va spppconfig_ Ns Aq Ar interface 817variable is assumed to exist for each value of 818.Ar interface . 819Each interface should also be configured by a general 820.Va ifconfig_ Ns Aq Ar interface 821setting. 822Refer to 823.Xr spppcontrol 8 824for more information about available options. 825.It Va ppp_enable 826.Pq Vt bool 827If set to 828.Dq Li YES , 829run the 830.Xr ppp 8 831daemon. 832.It Va ppp_mode 833.Pq Vt str 834Mode in which to run the 835.Xr ppp 8 836daemon. 837Accepted modes are 838.Dq Li auto , 839.Dq Li ddial , 840.Dq Li direct 841and 842.Dq Li dedicated . 843See the manual for a full description. 844.It Va ppp_nat 845.Pq Vt bool 846If set to 847.Dq Li YES , 848enables network address translation. 849Used in conjunction with 850.Va gateway_enable 851allows hosts on private network addresses access to the Internet using 852this host as a network address translating router. 853.It Va ppp_profile 854.Pq Vt str 855The name of the profile to use from 856.Pa /etc/ppp/ppp.conf . 857.It Va ppp_user 858.Pq Vt str 859The name of the user under which 860.Xr ppp 8 861should be started. 862By 863default, 864.Xr ppp 8 865is started as 866.Dq Li root . 867.It Va rc_conf_files 868.Pq Vt str 869This option is used to specify a list of files that will override 870the settings in 871.Pa /etc/defaults/rc.conf . 872The files will be read in the order in which they are specified and should 873include the full path to the file. 874By default, the files specified are 875.Pa /etc/rc.conf 876and 877.Pa /etc/rc.conf.local 878.It Va fsck_y_enable 879.Pq Vt bool 880If set to 881.Dq Li YES , 882.Xr fsck 8 883will be run with the 884.Fl y 885flag if the initial preen 886of the file systems fails. 887.It Va netfs_types 888.Pq Vt str 889List of file system types that are network-based. 890This list should generally not be modified by end users. 891Use 892.Va extra_netfs_types 893instead. 894.It Va extra_netfs_types 895.Pq Vt str 896If set to something other than 897.Dq Li NO 898(the default), 899this variable extends the list of file system types 900for which automatic mounting at startup by 901.Xr rc 8 902should be delayed until the network is initialized. 903It should contain 904a whitespace-separated list of network file system descriptor pairs, 905each consisting of a file system type as passed to 906.Xr mount 8 907and a human-readable, one-word description, 908joined with a colon 909.Pq Ql \&: . 910Extending the default list in this way is only necessary 911when third party file system types are used. 912.It Va syslogd_enable 913.Pq Vt bool 914If set to 915.Dq Li YES , 916run the 917.Xr syslogd 8 918daemon. 919.It Va syslogd_program 920.Pq Vt str 921Path to 922.Xr syslogd 8 923(default 924.Pa /usr/sbin/syslogd ) . 925.It Va syslogd_flags 926.Pq Vt str 927If 928.Va syslogd_enable 929is set to 930.Dq Li YES , 931these are the flags to pass to 932.Xr syslogd 8 . 933.It Va inetd_enable 934.Pq Vt bool 935If set to 936.Dq Li YES , 937run the 938.Xr inetd 8 939daemon. 940.It Va inetd_program 941.Pq Vt str 942Path to 943.Xr inetd 8 944(default 945.Pa /usr/sbin/inetd ) . 946.It Va inetd_flags 947.Pq Vt str 948If 949.Va inetd_enable 950is set to 951.Dq Li YES , 952these are the flags to pass to 953.Xr inetd 8 . 954.It Va named_rcng 955.Pq Vt bool 956If set to 957.Dq Li YES 958use new functionality provided in the 959.Pa /etc/rc.d/named 960script to facilitate a 961.Xr chroot 8 962instance of 963.Xr named 8 . 964This variable is experimental. 965It may be removed or changed in the near future. 966.It Va named_enable 967.Pq Vt bool 968If set to 969.Dq Li YES , 970run the 971.Xr named 8 972daemon. 973.It Va named_program 974.Pq Vt str 975Path to 976.Xr named 8 977(default 978.Pa /usr/sbin/named ) . 979.It Va named_flags 980.Pq Vt str 981If 982.Va named_enable 983is set to 984.Dq Li YES , 985these are the flags to pass to 986.Xr named 8 . 987.It Va named_pidfile 988.Pq Vt str 989This is the default path to the 990.Xr named 8 991daemon's PID file. 992Change it if you change the location in 993.Xr named.conf 5 . 994.It Va named_chrootdir 995.Pq Vt str 996The root directory for a name server run in a 997.Xr chroot 8 998environment. 999If left empty 1000.Xr named 8 1001will not be run in a 1002.Xr chroot 8 1003environment. 1004This variable has no effect if 1005.Va named_rcng 1006is not enabled. 1007This variable is experimental. 1008It may be removed or changed in the near future. 1009.It Va named_chroot_autoupdate 1010.Pq Vt bool 1011Set to 1012.Dq Li NO 1013to disable automatic syncing of libraries and 1014other system files between the root file system and the 1015.Xr chroot 8 . 1016This variable has no effect if 1017.Va named_rcng 1018is not enabled. 1019This variable is experimental. 1020It may be removed or changed in the near future. 1021.It Va named_symlink_enable 1022.Pq Vt bool 1023Set to 1024.Dq Li NO 1025to disable symlinking of 1026.Va named_pidfile 1027and 1028.Pa /var/run/ndc 1029into the 1030.Xr chroot 8 1031environment in which 1032.Xr named 8 1033is running. 1034This variable has no effect if 1035.Va named_rcng 1036is not enabled. 1037This variable is experimental. 1038It may be removed or changed in the near future. 1039.It Va kerberos5_server_enable 1040.Pq Vt bool 1041Set to 1042.Dq Li YES 1043to start a Kerberos 5 authentication server 1044at boot time. 1045.It Va kerberos5_server 1046.Pq Vt str 1047If 1048.Va kerberos5_server_enable 1049is set to 1050.Dq Li YES 1051this is the path to Kerberos 5 Authentication Server. 1052.It Va kadmind5_server_enable 1053.Pq Vt bool 1054Set to 1055.Dq Li YES 1056to start 1057.Xr kadmind 8 , 1058the Kerberos 5 Administration Daemon; set to 1059.Dq Li NO 1060on a slave server. 1061.It Va kadmind5_server 1062.Pq Vt str 1063If 1064.Va kadmind5_server_enable 1065is set to 1066.Dq Li YES 1067this is the path to Kerberos 5 Administration Daemon. 1068.It Va kpasswdd_server_enable 1069.Pq Vt bool 1070Set to 1071.Dq Li YES 1072to start 1073.Xr kpasswdd 8 , 1074the Kerberos 5 Password-Changing Daemon; set to 1075.Dq Li NO 1076on a slave server. 1077.It Va kpasswdd_server 1078.Pq Vt str 1079If 1080.Va kpasswdd_server_enable 1081is set to 1082.Dq Li YES 1083this is the path to Kerberos 5 Password-Changing Daemon. 1084.It Va rwhod_enable 1085.Pq Vt bool 1086If set to 1087.Dq Li YES , 1088run the 1089.Xr rwhod 8 1090daemon at boot time. 1091.It Va rwhod_flags 1092.Pq Vt str 1093If 1094.Va rwhod_enable 1095is set to 1096.Dq Li YES , 1097these are the flags to pass to it. 1098.It Va amd_enable 1099.Pq Vt bool 1100If set to 1101.Dq Li YES , 1102run the 1103.Xr amd 8 1104daemon at boot time. 1105.It Va amd_flags 1106.Pq Vt str 1107If 1108.Va amd_enable 1109is set to 1110.Dq Li YES , 1111these are the flags to pass to it. 1112See the 1113.Xr amd 8 1114manpage for more information. 1115.It Va amd_map_program 1116.Pq Vt str 1117If set, 1118the specified program is run to get the list of 1119.Xr amd 8 1120maps. 1121For example, if the 1122.Xr amd 8 1123maps are stored in NIS, one can set this to 1124run 1125.Xr ypcat 1 1126to get a list of 1127.Xr amd 8 1128maps from the 1129.Pa amd.master 1130NIS map. 1131.It Va update_motd 1132.Pq Vt bool 1133If set to 1134.Dq Li YES , 1135.Pa /etc/motd 1136will be updated at boot time to reflect the kernel release 1137being run. 1138If set to 1139.Dq Li NO , 1140.Pa /etc/motd 1141will not be updated. 1142.It Va nfs_client_enable 1143.Pq Vt bool 1144If set to 1145.Dq Li YES , 1146run the NFS client daemons at boot time. 1147.It Va nfs_access_cache 1148.Pq Vt int 1149If 1150.Va nfs_client_enable 1151is set to 1152.Dq Li YES , 1153this can be set to 1154.Dq Li 0 1155to disable NFS ACCESS RPC caching, or to the number of seconds for which 1156NFS ACCESS 1157results should be cached. 1158A value of 2-10 seconds will substantially reduce network 1159traffic for many NFS operations. 1160.It Va nfs_server_enable 1161.Pq Vt bool 1162If set to 1163.Dq Li YES , 1164run the NFS server daemons at boot time. 1165.It Va nfs_server_flags 1166.Pq Vt str 1167If 1168.Va nfs_server_enable 1169is set to 1170.Dq Li YES , 1171these are the flags to pass to the 1172.Xr nfsd 8 1173daemon. 1174.It Va mountd_enable 1175.Pq Vt bool 1176If set to 1177.Dq Li YES , 1178and no 1179.Va nfs_server_enable 1180is set, start 1181.Xr mountd 8 , 1182but not 1183.Xr nfsd 8 1184daemon. 1185It is commonly needed to run CFS without real NFS used. 1186.It Va mountd_flags 1187.Pq Vt str 1188If 1189.Va mountd_enable 1190is set to 1191.Dq Li YES , 1192these are the flags to pass to the 1193.Xr mountd 8 1194daemon. 1195.It Va weak_mountd_authentication 1196.Pq Vt bool 1197If set to 1198.Dq Li YES , 1199allow services like PCNFSD to make non-privileged mount 1200requests. 1201.It Va nfs_reserved_port_only 1202.Pq Vt bool 1203If set to 1204.Dq Li YES , 1205provide NFS services only on a secure port. 1206.It Va nfs_bufpackets 1207.Pq Vt int 1208If set to a number, indicates the number of packets worth of 1209socket buffer space to reserve on an NFS client. 1210The kernel default is typically 4. 1211Using a higher number may be 1212useful on gigabit networks to improve performance. 1213The minimum value is 12142 and the maximum is 64. 1215.It Va rpc_lockd_enable 1216.Pq Vt bool 1217If set to 1218.Dq Li YES 1219and also an NFS server, run 1220.Xr rpc.lockd 8 1221at boot time. 1222.It Va rpc_statd_enable 1223.Pq Vt bool 1224If set to 1225.Dq Li YES 1226and also an NFS server, run 1227.Xr rpc.statd 8 1228at boot time. 1229.It Va rpcbind_program 1230.Pq Vt str 1231Path to 1232.Xr rpcbind 8 1233(default 1234.Pa /usr/sbin/rpcbind ) . 1235.It Va rpcbind_enable 1236.Pq Vt bool 1237If set to 1238.Dq Li YES , 1239run the 1240.Xr rpcbind 8 1241service at boot time. 1242.It Va rpcbind_flags 1243.Pq Vt str 1244If 1245.Va rpcbind_enable 1246is set to 1247.Dq Li YES , 1248these are the flags to pass to the 1249.Xr rpcbind 8 1250daemon. 1251.It Va keyserv_enable 1252.Pq Vt bool 1253If set to 1254.Dq Li YES , 1255run the 1256.Xr keyserv 8 1257daemon on boot for running Secure RPC. 1258.It Va keyserv_flags 1259.Pq Vt str 1260If 1261.Va keyserv_enable 1262is set to 1263.Dq Li YES , 1264these are the flags to pass to 1265.Xr keyserv 8 1266daemon. 1267.It Va pppoed_enable 1268.Pq Vt bool 1269If set to 1270.Dq Li YES , 1271run the 1272.Xr pppoed 8 1273daemon at boot time to provide PPP over Ethernet services. 1274.It Va pppoed_ Ns Ar provider 1275.Pq Vt str 1276.Xr pppoed 8 1277listens to requests to this 1278.Ar provider 1279and ultimately runs 1280.Xr ppp 8 1281with a 1282.Ar system 1283argument of the same name. 1284.It Va pppoed_flags 1285.Pq Vt str 1286Additional flags to pass to 1287.Xr pppoed 8 . 1288.It Va pppoed_interface 1289.Pq Vt str 1290The network interface to run 1291.Xr pppoed 8 1292on. 1293This is mandatory when 1294.Va pppoed_enable 1295is set to 1296.Dq Li YES . 1297.It Va timed_enable 1298.Pq Vt bool 1299If set to 1300.Dq Li YES , 1301run the 1302.Xr timed 8 1303service at boot time. 1304This command is intended for networks of 1305machines where a consistent 1306.Dq "network time" 1307for all hosts must be established. 1308This is often useful in large NFS 1309environments where time stamps on files are expected to be consistent 1310network-wide. 1311.It Va timed_flags 1312.Pq Vt str 1313If 1314.Va timed_enable 1315is set to 1316.Dq Li YES , 1317these are the flags to pass to the 1318.Xr timed 8 1319service. 1320.It Va ntpdate_enable 1321.Pq Vt bool 1322If set to 1323.Dq Li YES , 1324run 1325.Xr ntpdate 8 1326at system startup. 1327This command is intended to 1328synchronize the system clock only 1329.Em once 1330from some standard reference. 1331An option to set this up initially 1332(from a list of known servers) is also provided by the 1333.Xr sysinstall 8 1334program when the system is first installed. 1335.It Va ntpdate_program 1336.Pq Vt str 1337Path to 1338.Xr ntpdate 8 1339(default 1340.Pa /usr/sbin/ntpdate ) . 1341.It Va ntpdate_flags 1342.Pq Vt str 1343If 1344.Va ntpdate_enable 1345is set to 1346.Dq Li YES , 1347these are the flags to pass to the 1348.Xr ntpdate 8 1349command (typically a hostname). 1350.It Va ntpd_enable 1351.Pq Vt bool 1352If set to 1353.Dq Li YES , 1354run the 1355.Xr ntpd 8 1356command at boot time. 1357.It Va ntpd_program 1358.Pq Vt str 1359Path to 1360.Xr ntpd 8 1361(default 1362.Pa /usr/sbin/ntpd ) . 1363.It Va ntpd_flags 1364.Pq Vt str 1365If 1366.Va ntpd_enable 1367is set to 1368.Dq Li YES , 1369these are the flags to pass to the 1370.Xr ntpd 8 1371daemon. 1372.It Va nis_client_enable 1373.Pq Vt bool 1374If set to 1375.Dq Li YES , 1376run the 1377.Xr ypbind 8 1378service at system boot time. 1379.It Va nis_client_flags 1380.Pq Vt str 1381If 1382.Va nis_client_enable 1383is set to 1384.Dq Li YES , 1385these are the flags to pass to the 1386.Xr ypbind 8 1387service. 1388.It Va nis_ypset_enable 1389.Pq Vt bool 1390If set to 1391.Dq Li YES , 1392run the 1393.Xr ypset 8 1394daemon at system boot time. 1395.It Va nis_ypset_flags 1396.Pq Vt str 1397If 1398.Va nis_ypset_enable 1399is set to 1400.Dq Li YES , 1401these are the flags to pass to the 1402.Xr ypset 8 1403daemon. 1404.It Va nis_server_enable 1405.Pq Vt bool 1406If set to 1407.Dq Li YES , 1408run the 1409.Xr ypserv 8 1410daemon at system boot time. 1411.It Va nis_server_flags 1412.Pq Vt str 1413If 1414.Va nis_server_enable 1415is set to 1416.Dq Li YES , 1417these are the flags to pass to the 1418.Xr ypserv 8 1419daemon. 1420.It Va nis_ypxfrd_enable 1421.Pq Vt bool 1422If set to 1423.Dq Li YES , 1424run the 1425.Xr rpc.ypxfrd 8 1426daemon at system boot time. 1427.It Va nis_ypxfrd_flags 1428.Pq Vt str 1429If 1430.Va nis_ypxfrd_enable 1431is set to 1432.Dq Li YES , 1433these are the flags to pass to the 1434.Xr rpc.ypxfrd 8 1435daemon. 1436.It Va nis_yppasswdd_enable 1437.Pq Vt bool 1438If set to 1439.Dq Li YES , 1440run the 1441.Xr rpc.yppasswdd 8 1442daemon at system boot time. 1443.It Va nis_yppasswdd_flags 1444.Pq Vt str 1445If 1446.Va nis_yppasswdd_enable 1447is set to 1448.Dq Li YES , 1449these are the flags to pass to the 1450.Xr rpc.yppasswdd 8 1451daemon. 1452.It Va rpc_ypupdated_enable 1453.Pq Vt bool 1454If set to 1455.Dq Li YES , 1456run the 1457.Nm rpc.ypupdated 1458daemon at system boot time. 1459.It Va defaultrouter 1460.Pq Vt str 1461If not set to 1462.Dq Li NO , 1463create a default route to this host name or IP address 1464(use an IP address if this router is also required to get to the 1465name server!). 1466.It Va ipv6_defaultrouter 1467.Pq Vt str 1468The IPv6 equivalent of 1469.Va defaultrouter . 1470.It Va static_routes 1471.Pq Vt str 1472Set to the list of static routes that are to be added at system 1473boot time. 1474If not set to 1475.Dq Li NO 1476then for each whitespace separated 1477.Ar element 1478in the value, a 1479.Va route_ Ns Aq Ar element 1480variable is assumed to exist 1481whose contents will later be passed to a 1482.Dq Nm route Cm add 1483operation. 1484.It Va ipv6_static_routes 1485.Pq Vt str 1486The IPv6 equivalent of 1487.Va static_routes . 1488If not set to 1489.Dq Li NO 1490then for each whitespace separated 1491.Ar element 1492in the value, a 1493.Va ipv6_route_ Ns Aq Ar element 1494variable is assumed to exist 1495whose contents will later be passed to a 1496.Dq Nm route Cm add Fl inet6 1497operation. 1498.It Va gateway_enable 1499.Pq Vt bool 1500If set to 1501.Dq Li YES , 1502configure host to act as an IP router, e.g. to forward packets 1503between interfaces. 1504.It Va ipv6_gateway_enable 1505.Pq Vt bool 1506The IPv6 equivalent of 1507.Va gateway_enable . 1508.It Va router_enable 1509.Pq Vt bool 1510If set to 1511.Dq Li YES , 1512run a routing daemon of some sort, based on the 1513settings of 1514.Va router 1515and 1516.Va router_flags . 1517.It Va ipv6_router_enable 1518.Pq Vt bool 1519The IPv6 equivalent of 1520.Va router_enable . 1521If set to 1522.Dq Li YES , 1523run a routing daemon of some sort, based on the 1524settings of 1525.Va ipv6_router 1526and 1527.Va ipv6_router_flags . 1528.It Va router 1529.Pq Vt str 1530If 1531.Va router_enable 1532is set to 1533.Dq Li YES , 1534this is the name of the routing daemon to use. 1535.It Va ipv6_router 1536.Pq Vt str 1537The IPv6 equivalent of 1538.Va router . 1539.It Va router_flags 1540.Pq Vt str 1541If 1542.Va router_enable 1543is set to 1544.Dq Li YES , 1545these are the flags to pass to the routing daemon. 1546.It Va ipv6_router_flags 1547.Pq Vt str 1548The IPv6 equivalent of 1549.Va router_flags . 1550.It Va mrouted_enable 1551.Pq Vt bool 1552If set to 1553.Dq Li YES , 1554run the multicast routing daemon, 1555.Xr mrouted 8 . 1556.It Va mroute6d_enable 1557.Pq Vt bool 1558The IPv6 equivalent of 1559.Va mrouted_enable . 1560If set to 1561.Dq Li YES , 1562run the IPv6 multicast routing daemon. 1563Note that no IPv6 multicast routing daemon is included in the 1564.Fx 1565base system but 1566.Xr pim6dd 8 1567can be installed from the 1568.Fx 1569Ports Collection. 1570.It Va mrouted_flags 1571.Pq Vt str 1572If 1573.Va mrouted_enable 1574is set to 1575.Dq Li YES , 1576these are the flags to pass to the 1577.Xr mrouted 8 1578daemon. 1579.It Va mroute6d_flags 1580.Pq Vt str 1581The IPv6 equivalent of 1582.Va mrouted_flags . 1583If 1584.Va mroute6d_enable 1585is set to 1586.Dq Li YES , 1587these are the flags passed to the IPv6 multicast routing daemon. 1588.It Va mroute6d_program 1589.Pq Vt str 1590If 1591.Va mroute6d_enable 1592is set to 1593.Dq Li YES , 1594this is the path to the IPv6 multicast routing daemon. 1595.It Va rtadvd_enable 1596.Pq Vt bool 1597If set to 1598.Dq Li YES , 1599run the 1600.Xr rtadvd 8 1601daemon at boot time. 1602.Xr rtadvd 8 1603will only run if 1604.Va ipv6_gateway_enable 1605is also set to 1606.Dq Li YES . 1607The 1608.Xr rtadvd 8 1609utility sends router advertisement packets to the interfaces specified in 1610.Va rtadvd_interfaces . 1611.Xr rtadvd 8 1612and should only be enabled with great care. 1613You may want to fine-tune 1614.Xr rtadvd.conf 5 . 1615.It Va rtadvd_interfaces 1616.Pq Vt str 1617If 1618.Va rtadvd_enable 1619is set to 1620.Dq Li YES 1621this is the list of interfaces to use. 1622.It Va ipxgateway_enable 1623.Pq Vt bool 1624If set to 1625.Dq Li YES , 1626enable the routing of IPX traffic. 1627.It Va ipxrouted_enable 1628.Pq Vt bool 1629If set to 1630.Dq Li YES , 1631run the 1632.Xr IPXrouted 8 1633daemon at system boot time. 1634.It Va ipxrouted_flags 1635.Pq Vt str 1636If 1637.Va ipxrouted_enable 1638is set to 1639.Dq Li YES , 1640these are the flags to pass to the 1641.Xr IPXrouted 8 1642daemon. 1643.It Va arpproxy_all 1644.Pq Vt bool 1645If set to 1646.Dq Li YES , 1647enable global proxy ARP. 1648.It Va forward_sourceroute 1649.Pq Vt bool 1650If set to 1651.Dq Li YES 1652and 1653.Va gateway_enable 1654is also set to 1655.Dq Li YES , 1656source-routed packets are forwarded. 1657.It Va accept_sourceroute 1658.Pq Vt bool 1659If set to 1660.Dq Li YES , 1661the system will accept source-routed packets directed at it. 1662.It Va rarpd_enable 1663.Pq Vt bool 1664If set to 1665.Dq Li YES , 1666run the 1667.Xr rarpd 8 1668daemon at system boot time. 1669.It Va rarpd_flags 1670.Pq Vt str 1671If 1672.Va rarpd_enable 1673is set to 1674.Dq Li YES , 1675these are the flags to pass to the 1676.Xr rarpd 8 1677daemon. 1678.It Va bootparamd_enable 1679.Pq Vt bool 1680If set to 1681.Dq Li YES , 1682run the 1683.Xr bootparamd 8 1684daemon at system boot time. 1685.It Va bootparamd_flags 1686.Pq Vt str 1687If 1688.Va bootparamd_enable 1689is set to 1690.Dq Li YES , 1691these are the flags to pass to the 1692.Xr bootparamd 8 1693daemon. 1694.It Va stf_interface_ipv4addr 1695.Pq Vt str 1696If not set to 1697.Dq Li NO , 1698this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 1699interface). 1700Specify this entry to enable the 6to4 interface. 1701.It Va stf_interface_ipv4plen 1702.Pq Vt int 1703Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1704An effective value is 0-31. 1705.It Va stf_interface_ipv6_ifid 1706.Pq Vt str 1707IPv6 interface ID for 1708.Xr stf 4 . 1709This can be set to 1710.Dq Li AUTO . 1711.It Va stf_interface_ipv6_slaid 1712.Pq Vt str 1713IPv6 Site Level Aggregator for 1714.Xr stf 4 . 1715.It Va ipv6_faith_prefix 1716.Pq Vt str 1717If not set to 1718.Dq Li NO , 1719this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 1720translator. 1721You also need 1722.Xr faithd 8 1723setup. 1724.It Va ipv6_ipv4mapping 1725.Pq Vt bool 1726If set to 1727.Dq Li YES 1728this enables IPv4 mapped IPv6 address communication (like 1729.Li ::ffff:a.b.c.d ) . 1730.It Va atm_enable 1731.Pq Vt bool 1732Set to 1733.Dq Li YES 1734to enable the configuration of ATM interfaces at system boot time. 1735For all of the ATM variables described below, please refer to the 1736.Xr atm 8 1737man page for further details on the available command parameters. 1738Also refer to the files in 1739.Pa /usr/share/examples/atm 1740for more detailed configuration information. 1741.It Va atm_load 1742.Pq Vt str 1743This is a list of physical ATM interface drivers to load. Typical values are 1744.Dq Li hfa_pci 1745and/or 1746.Dq Li hea_pci . 1747.It Va atm_netif_ Ns Aq Ar intf 1748.Pq Vt str 1749For the ATM physical interface 1750.Ar intf , 1751this variable defines the name prefix and count for the ATM network 1752interfaces to be created. 1753The value will be passed as the parameters of an 1754.Dq Nm atm Cm "set netif" Ar intf 1755command. 1756.It Va atm_sigmgr_ Ns Aq Ar intf 1757.Pq Vt str 1758For the ATM physical interface 1759.Ar intf , 1760this variable defines the ATM signalling manager to be used. 1761The value will be passed as the parameters of an 1762.Dq Nm atm Cm attach Ar intf 1763command. 1764.It Va atm_prefix_ Ns Aq Ar intf 1765.Pq Vt str 1766For the ATM physical interface 1767.Ar intf , 1768this variable defines the NSAP prefix for interfaces using a UNI signalling 1769manager. 1770If set to 1771.Dq Li ILMI , 1772the prefix will automatically be set via the 1773.Xr ilmid 8 1774daemon. 1775Otherwise, the value will be passed as the parameters of an 1776.Dq Nm atm Cm "set prefix" Ar intf 1777command. 1778.It Va atm_macaddr_ Ns Aq Ar intf 1779.Pq Vt str 1780For the ATM physical interface 1781.Ar intf , 1782this variable defines the MAC address for interfaces using a UNI signalling 1783manager. 1784If set to 1785.Dq Li NO , 1786the hardware MAC address contained in the ATM interface card will be used. 1787Otherwise, the value will be passed as the parameters of an 1788.Dq Nm atm Cm "set mac" Ar intf 1789command. 1790.It Va atm_arpserver_ Ns Aq Ar netif 1791.Pq Vt str 1792For the ATM network interface 1793.Ar netif , 1794this variable defines the ATM address for a host which is to provide ATMARP 1795service. 1796This variable is only applicable to interfaces using a UNI signalling 1797manager. 1798If set to 1799.Dq Li local , 1800this host will become an ATMARP server. 1801The value will be passed as the parameters of an 1802.Dq Nm atm Cm "set arpserver" Ar netif 1803command. 1804.It Va atm_scsparp_ Ns Aq Ar netif 1805.Pq Vt bool 1806If set to 1807.Dq Li YES , 1808SCSP/ATMARP service for the network interface 1809.Ar netif 1810will be initiated using the 1811.Xr scspd 8 1812and 1813.Xr atmarpd 8 1814daemons. 1815This variable is only applicable if 1816.Va atm_arpserver_ Ns Aq Ar netif 1817is set to 1818.Dq Li local . 1819.It Va atm_pvcs 1820.Pq Vt str 1821Set to the list of ATM PVCs to be added at system 1822boot time. 1823For each whitespace separated 1824.Ar element 1825in the value, an 1826.Va atm_pvc_ Ns Aq Ar element 1827variable is assumed to exist. 1828The value of each of these variables 1829will be passed as the parameters of an 1830.Dq Nm atm Cm "add pvc" 1831command. 1832.It Va atm_arps 1833.Pq Vt str 1834Set to the list of permanent ATM ARP entries to be added 1835at system boot time. 1836For each whitespace separated 1837.Ar element 1838in the value, an 1839.Va atm_arp_ Ns Aq Ar element 1840variable is assumed to exist. 1841The value of each of these variables 1842will be passed as the parameters of an 1843.Dq Nm atm Cm "add arp" 1844command. 1845.It Va natm_interfaces 1846.Pq Vt str 1847Set to the list of 1848.Xr natm 4 1849interfaces that will also be used for HARP through 1850.Xr harp 4 . 1851If this list is not empty all interfaces in the list will be brought up 1852with 1853.Xr ifconfig 9 1854and 1855.Xr harp 4 1856will be loaded. 1857For this to work the interface drivers must be either compiled into the 1858kernel or must reside on the root partition. 1859.It Va keybell 1860.Pq Vt str 1861The keyboard bell sound. 1862Set to 1863.Dq Li normal , 1864.Dq Li visual , 1865.Dq Li off , 1866or 1867.Dq Li NO 1868if the default behavior is desired. 1869For details, refer to the 1870.Xr kbdcontrol 1 1871manpage. 1872.It Va keymap 1873.Pq Vt str 1874If set to 1875.Dq Li NO , 1876no keymap is installed, otherwise the value is used to install 1877the keymap file in 1878.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1879.It Va keyrate 1880.Pq Vt str 1881The keyboard repeat speed. 1882Set to 1883.Dq Li slow , 1884.Dq Li normal , 1885.Dq Li fast , 1886or 1887.Dq Li NO 1888if the default behavior is desired. 1889.It Va keychange 1890.Pq Vt str 1891If not set to 1892.Dq Li NO , 1893attempt to program the function keys with the value. 1894The value should 1895be a single string of the form: 1896.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 1897.It Va cursor 1898.Pq Vt str 1899Can be set to the value of 1900.Dq Li normal , 1901.Dq Li blink , 1902.Dq Li destructive , 1903or 1904.Dq Li NO 1905to set the cursor behavior explicitly or choose the default behavior. 1906.It Va scrnmap 1907.Pq Vt str 1908If set to 1909.Dq Li NO , 1910no screen map is installed, otherwise the value is used to install 1911the screen map file in 1912.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 1913.It Va font8x16 1914.Pq Vt str 1915If set to 1916.Dq Li NO , 1917the default 8x16 font value is used for screen size requests, otherwise 1918the value in 1919.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1920is used. 1921.It Va font8x14 1922.Pq Vt str 1923If set to 1924.Dq Li NO , 1925the default 8x14 font value is used for screen size requests, otherwise 1926the value in 1927.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1928is used. 1929.It Va font8x8 1930.Pq Vt str 1931If set to 1932.Dq Li NO , 1933the default 8x8 font value is used for screen size requests, otherwise 1934the value in 1935.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1936is used. 1937.It Va blanktime 1938.Pq Vt int 1939If set to 1940.Dq Li NO , 1941the default screen blanking interval is used, otherwise it is set 1942to 1943.Ar value 1944seconds. 1945.It Va saver 1946.Pq Vt str 1947If not set to 1948.Dq Li NO , 1949this is the actual screen saver to use 1950.Li ( blank , snake , daemon , 1951etc). 1952.It Va moused_enable 1953.Pq Vt str 1954If set to 1955.Dq Li YES , 1956the 1957.Xr moused 8 1958daemon is started for doing cut/paste selection on the console. 1959.It Va moused_type 1960.Pq Vt str 1961This is the protocol type of the mouse connected to this host. 1962This variable must be set if 1963.Va moused_enable 1964is set to 1965.Dq Li YES . 1966The 1967.Xr moused 8 1968daemon 1969is able to detect the appropriate mouse type automatically in many cases. 1970Set this variable to 1971.Dq Li auto 1972to let the daemon detect it, or 1973select one from the following list if the automatic detection fails. 1974.Pp 1975If the mouse is attached to the PS/2 mouse port, choose 1976.Dq Li auto 1977or 1978.Dq Li ps/2 , 1979regardless of the brand and model of the mouse. 1980Likewise, if the 1981mouse is attached to the bus mouse port, choose 1982.Dq Li auto 1983or 1984.Dq Li busmouse . 1985All other protocols are for serial mice and will not work with 1986the PS/2 and bus mice. 1987If this is a USB mouse, 1988.Dq Li auto 1989is the only protocol type which will work. 1990.Pp 1991.Bl -tag -width ".Li x10mouseremote" -compact 1992.It Li microsoft 1993Microsoft mouse (serial) 1994.It Li intellimouse 1995Microsoft IntelliMouse (serial) 1996.It Li mousesystems 1997Mouse systems Corp. mouse (serial) 1998.It Li mmseries 1999MM Series mouse (serial) 2000.It Li logitech 2001Logitech mouse (serial) 2002.It Li busmouse 2003A bus mouse 2004.It Li mouseman 2005Logitech MouseMan and TrackMan (serial) 2006.It Li glidepoint 2007ALPS GlidePoint (serial) 2008.It Li thinkingmouse 2009Kensington ThinkingMouse (serial) 2010.It Li ps/2 2011PS/2 mouse 2012.It Li mmhittab 2013MM HitTablet (serial) 2014.It Li x10mouseremote 2015X10 MouseRemote (serial) 2016.It Li versapad 2017Interlink VersaPad (serial) 2018.El 2019.Pp 2020Even if the mouse is not in the above list, it may be compatible 2021with one in the list. 2022Refer to the man page for 2023.Xr moused 8 2024for compatibility information. 2025.Pp 2026It should also be noted that while this is enabled, any 2027other client of the mouse (such as an X server) should access 2028the mouse through the virtual mouse device, 2029.Pa /dev/sysmouse , 2030and configure it as a 2031.Dq Li sysmouse 2032type mouse, since all 2033mouse data is converted to this single canonical format when 2034using 2035.Xr moused 8 . 2036If the client program does not support the 2037.Dq Li sysmouse 2038type, 2039specify the 2040.Dq Li mousesystems 2041type. 2042It is the second preferred type. 2043.It Va moused_port 2044.Pq Vt str 2045If 2046.Va moused_enable 2047is set to 2048.Dq Li YES , 2049this is the actual port the mouse is on. 2050It might be 2051.Pa /dev/cuaa0 2052for a COM1 serial mouse, 2053.Pa /dev/psm0 2054for a PS/2 mouse or 2055.Pa /dev/mse0 2056for a bus mouse, for example. 2057.It Va moused_flags 2058.Pq Vt str 2059If 2060.Va moused_type 2061is set, these are the additional flags to pass to the 2062.Xr moused 8 2063daemon. 2064.It Va mousechar_start 2065.Pq Vt int 2066If set to 2067.Dq Li NO , 2068the default mouse cursor character range 2069.Li 0xd0 Ns - Ns Li 0xd3 2070is used, 2071otherwise the range start is set 2072to 2073.Ar value 2074character, see 2075.Xr vidcontrol 1 . 2076Use if the default range is occupied in the language code table. 2077.It Va allscreens_flags 2078.Pq Vt str 2079If set, 2080.Xr vidcontrol 1 2081is run with these options for each of the virtual terminals 2082.Pq Pa /dev/ttyv* . 2083For example, 2084.Dq Fl m Cm on 2085will enable the mouse pointer on all virtual terminals 2086if 2087.Va moused_enable 2088is set to 2089.Dq Li YES . 2090.It Va allscreens_kbdflags 2091.Pq Vt str 2092If set, 2093.Xr kbdcontrol 1 2094is run with these options for each of the virtual terminals 2095.Pq Pa /dev/ttyv* . 2096For example, 2097.Dq Fl h Li 200 2098will set the 2099.Xr syscons 4 2100scrollback (history) buffer to 200 lines. 2101.It Va cron_enable 2102.Pq Vt bool 2103If set to 2104.Dq Li YES , 2105run the 2106.Xr cron 8 2107daemon at system boot time. 2108.It Va cron_program 2109.Pq Vt str 2110Path to 2111.Xr cron 8 2112(default 2113.Pa /usr/sbin/cron ) . 2114.It Va cron_flags 2115.Pq Vt str 2116If 2117.Va cron_enable 2118is set to 2119.Dq Li YES , 2120these are the flags to pass to 2121.Xr cron 8 . 2122.It Va lpd_program 2123.Pq Vt str 2124Path to 2125.Xr lpd 8 2126(default 2127.Pa /usr/sbin/lpd ) . 2128.It Va lpd_enable 2129.Pq Vt bool 2130If set to 2131.Dq Li YES , 2132run the 2133.Xr lpd 8 2134daemon at system boot time. 2135.It Va lpd_flags 2136.Pq Vt str 2137If 2138.Va lpd_enable 2139is set to 2140.Dq Li YES , 2141these are the flags to pass to the 2142.Xr lpd 8 2143daemon. 2144.It Va mta_start_script 2145.Pq Vt str 2146This variable specifies the full path to the script to run to start 2147a mail transfer agent. 2148The default is 2149.Pa /etc/rc.sendmail . 2150The 2151.Va sendmail_* 2152variables which 2153.Pa /etc/rc.sendmail 2154uses are documented in the 2155.Xr rc.sendmail 8 2156man page. 2157.It Va dumpdev 2158.Pq Vt str 2159Indicates the device (usually a swap partition) to which a crash dump 2160should be written in the event of a system crash. 2161The value of this variable is passed as the argument to 2162.Xr dumpon 8 . 2163To disable crash dumps, set this variable to 2164.Dq Li NO . 2165.It Va dumpdir 2166.Pq Vt str 2167When the system reboots after a crash and a crash dump is found on the 2168device specified by the 2169.Va dumpdev 2170variable, 2171.Xr savecore 8 2172will save that crash dump and a copy of the kernel to the directory 2173specified by the 2174.Va dumpdir 2175variable. 2176The default value is 2177.Pa /var/crash . 2178Set to 2179.Dq Li NO 2180to not run 2181.Xr savecore 8 2182at boot time when 2183.Va dumpdir 2184is set. 2185.It Va savecore_flags 2186.Pq Vt str 2187If crash dumps are enabled, these are the flags to pass to the 2188.Xr savecore 8 2189utility. 2190.It Va enable_quotas 2191.Pq Vt bool 2192Set to 2193.Dq Li YES 2194to turn on user disk quotas on system startup via the 2195.Xr quotaon 8 2196command. 2197.It Va check_quotas 2198.Pq Vt bool 2199Set to 2200.Dq Li YES 2201to enable user disk quota checking via the 2202.Xr quotacheck 8 2203command. 2204.It Va accounting_enable 2205.Pq Vt bool 2206Set to 2207.Dq Li YES 2208to enable system accounting through the 2209.Xr accton 8 2210facility. 2211.It Va ibcs2_enable 2212.Pq Vt bool 2213Set to 2214.Dq Li YES 2215to enable iBCS2 (SCO) binary emulation at system initial boot 2216time. 2217.It Va ibcs2_loaders 2218.Pq Vt str 2219If not set to 2220.Dq Li NO 2221and if 2222.Va ibcs2_enable 2223is set to 2224.Dq Li YES , 2225this specifies a list of additional iBCS2 loaders to enable. 2226.It Va linux_enable 2227.Pq Vt bool 2228Set to 2229.Dq Li YES 2230to enable Linux/ELF binary emulation at system initial 2231boot time. 2232.It Va osf1_enable 2233.Pq Vt bool 2234Set to 2235.Dq Li YES 2236to enable OSF/1 (Digital UNIX) binary emulation at system 2237initial boot time. 2238(alpha) 2239.It Va svr4_enable 2240.Pq Vt bool 2241If set to 2242.Dq Li YES , 2243enable SysVR4 emulation at boot time. 2244.It Va sysvipc_enable 2245.Pq Vt bool 2246If set to 2247.Dq Li YES , 2248load System V IPC primitives at boot time. 2249.It Va clear_tmp_enable 2250.Pq Vt bool 2251Set to 2252.Dq Li YES 2253to have 2254.Pa /tmp 2255cleaned at startup. 2256.It Va ldconfig_paths 2257.Pq Vt str 2258Set to the list of shared library paths to use with 2259.Xr ldconfig 8 . 2260NOTE: 2261.Pa /usr/lib 2262will always be added first, so it need not appear in this list. 2263.It Va ldconfig_paths_aout 2264.Pq Vt str 2265Set to the list of shared library paths to use with 2266.Xr ldconfig 8 2267legacy 2268.Xr a.out 5 2269support. 2270.It Va ldconfig_insecure 2271.Pq Vt bool 2272The 2273.Xr ldconfig 8 2274utility normally refuses to use directories 2275which are writable by anyone except root. 2276Set this variable to 2277.Dq Li YES 2278to disable that security check during system startup. 2279.It Va kern_securelevel_enable 2280.Pq Vt bool 2281Set to 2282.Dq Li YES 2283to set the kernel security level at system startup. 2284.It Va kern_securelevel 2285.Pq Vt int 2286The kernel security level to set at startup. 2287The allowed range of 2288.Ar value 2289ranges from \-1 (the compile time default) to 3 (the 2290most secure). 2291See 2292.Xr init 8 2293for the list of possible security levels and their effect 2294on system operation. 2295.It Va lomac_enable 2296.Pq Vt bool 2297Set to 2298.Dq Li YES 2299to enable Low Watermark Mandatory Access Control (LOMAC) at boot time. 2300This security model enforces integrity constraints for system processes; 2301see 2302.Xr lomac 4 2303for a complete description of the LOMAC model, as well as its impact 2304on system operation. 2305.It Va start_vinum 2306.Pq Vt bool 2307Set to 2308.Dq Li YES 2309to start 2310.Xr vinum 8 2311at system boot time. 2312.It Va sshd_program 2313.Pq Vt str 2314Path to the SSH server program 2315.Pa ( /usr/sbin/sshd 2316is the default). 2317.It Va sshd_enable 2318.Pq Vt bool 2319Set to 2320.Dq Li YES 2321to start 2322.Xr sshd 8 2323at system boot time. 2324.It Va sshd_flags 2325.Pq Vt str 2326If 2327.Va sshd_enable 2328is set to 2329.Dq Li YES , 2330these are the flags to pass to the 2331.Xr sshd 8 2332daemon. 2333.It Va usbd_enable 2334.Pq Vt bool 2335If set to 2336.Dq Li YES , 2337run the 2338.Xr usbd 8 2339daemon at boot time. 2340.It Va usbd_flags 2341.Pq Vt str 2342If 2343.Va usbd_enable 2344is set to 2345.Dq Li YES , 2346these are the flags passed to 2347.Xr usbd 8 2348daemon. 2349.It Va watchdogd_enable 2350.Pq Vt bool 2351If set to 2352.Dq Li YES , 2353start the 2354.Xr watchdogd 8 2355daemon at boot time. 2356This requires that the kernel have been compiled with 2357.Cd "options WATCHDOG" . 2358.It Va jail_enable 2359.Pq Vt bool 2360If set to 2361.Dq Li NO , 2362any configured jails will not be started. 2363.It Va jail_list 2364.Pq Vt str 2365A space separated list of names for jails. 2366This is purely a configuration aid to help identify and 2367configure multiple jails. 2368The names specified in this list will be used to 2369identify settings common to an instance of a jail. 2370Assuming that the jail in question was named 2371.Li vjail , 2372you would have the following dependant variables: 2373.Bd -literal 2374jail_vjail_hostname="jail.example.com" 2375jail_vjail_ip="192.168.1.100" 2376jail_vjail_rootdir="/var/jails/vjail/root" 2377jail_vjail_exec="/bin/sh /etc/rc" 2378.Ed 2379.Pp 2380The last one is optional. 2381It defaults to 2382.Pa /etc/rc 2383if it is not set. 2384.It Va jail_set_hostname_allow 2385.Pq Vt bool 2386If set to 2387.Dq Li NO , 2388do not allow the root user in a jail to set its hostname. 2389.It Va jail_socket_unixiproute_only 2390.Pq Vt bool 2391If set to 2392.Dq Li NO , 2393do not allow any protocol, 2394besides TCP/IP, 2395to be used within a jail. 2396.It Va jail_sysvipc_allow 2397.Pq Vt bool 2398If set to 2399.Dq Li YES , 2400allow applications within a jail to use System V IPC. 2401.It Va unaligned_print 2402.Pq Vt bool 2403If set to 2404.Dq Li NO , 2405unaligned access warnings will not be printed. 2406(alpha) 2407.\" ----- isdn settings --------------------------------- 2408.It Va isdn_enable 2409.Pq Vt bool 2410Set to 2411.Dq Li NO 2412by default. 2413When set to 2414.Dq Li YES , 2415starts the 2416.Xr isdnd 8 2417daemon 2418at system boot time. 2419.It Va isdn_flags 2420.Pq Vt str 2421Set to 2422.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2423by default. 2424Additional flags to pass to 2425.Xr isdnd 8 2426(but see 2427.Va isdn_fsdev 2428and 2429.Va isdn_ttype 2430for certain tunable parameters). 2431.It Va isdn_ttype 2432.Pq Vt str 2433Set to 2434.Dq Li cons25 2435by default. 2436The terminal type of the output device when 2437.Xr isdnd 8 2438operates in full-screen mode. 2439.It Va isdn_screenflags 2440.Pq Vt str 2441Set to 2442.Dq Li NO 2443by default. 2444The video mode for full-screen mode (only for 2445.Xr syscons 4 2446console driver, see 2447.Xr vidcontrol 1 2448for valid modes). 2449.It Va isdn_fsdev 2450.Pq Vt str 2451Set to 2452.Dq Li NO 2453by default. 2454The output device for 2455.Xr isdnd 8 2456in full-screen mode (or 2457.Dq Li NO 2458for daemon mode). 2459.It Va isdn_trace 2460.Pq Vt bool 2461Set to 2462.Dq Li NO 2463by default. 2464When set to 2465.Dq Li YES , 2466enables the ISDN protocol trace utility 2467.Xr isdntrace 8 2468at system boot time. 2469.It Va isdn_traceflags 2470.Pq Vt str 2471Set to 2472.Dq Fl f Pa /var/tmp/isdntrace0 2473by default. 2474Flags for 2475.Xr isdntrace 8 . 2476.\" ----------------------------------------------------- 2477.It Va pcvt_verbose 2478.Pq Vt bool 2479Set to 2480.Dq Li NO 2481by default. 2482When set to 2483.Dq Li YES , 2484verbose messages about the actions done by the start script are displayed. 2485.Em Note : 2486the 2487.Xr pcvt 4 2488driver must be compiled into the kernel before the 2489.Xr pcvt 4 2490related 2491options described here take any effect. 2492.It Va pcvt_keymap 2493.Pq Vt str 2494Set to 2495.Dq Li NO 2496by default. 2497Use this to configure a national keyboard mapping found in the 2498.Pa /usr/share/misc/keycap.pcvt 2499file of keyboard mappings. 2500(See also the manual pages 2501.Xr keycap 5 2502and 2503.Xr keycap 3 2504for usage of 2505.Xr pcvt 4 Ns 's 2506keycap database and the manual page 2507.Xr kcon 1 2508option 2509.Fl m 2510for national keyboard mapping configuration.) 2511.It Va pcvt_keydel 2512.Pq Vt int 2513Set to 2514.Dq Li NO 2515by default. 2516Used to set the keyboard key repeat delay value. 2517Valid values are 2518in the range 0..3 for delay values of 250, 500, 750 and 1000 msec. 2519(See also the 2520.Xr kcon 1 2521manual page.) 2522.It Va pcvt_keyrate 2523.Pq Vt int 2524Set to 2525.Dq Li NO 2526by default. 2527Used to set the keyboard key repetition rate value. 2528Valid values are 2529in the range 0..31 for repetition values of 2..30 characters per second. 2530.It Va pcvt_keyrepeat 2531.Pq Vt bool 2532Set to 2533.Dq Li NO 2534by default. 2535Set to 2536.Dq Li YES 2537to enable automatic keyboard key repeating. 2538.It Va pcvt_force24 2539.Pq Vt bool 2540Set to 2541.Dq Li NO 2542by default. 2543Set to 2544.Dq Li YES 2545to force 2546.Xr pcvt 4 2547to use 24 lines only (in 25 lines mode) for compatibility 2548with the original 2549.Tn VT220 2550terminal. 2551.It Va pcvt_hpext 2552.Pq Vt bool 2553Set to 2554.Dq Li NO 2555by default. 2556Set to 2557.Dq Li YES 2558to enable the display and functionality of function key labels (as found 2559on 2560.Tn Hewlett-Packard 2561terminals such as the 2562.Tn HP2392A 2563and the 2564.Tn HP700/92 2565in 2566.Tn ANSI 2567mode). 2568.It Va pcvt_lines 2569.Pq Vt int 2570Set to 2571.Dq Li NO 2572by default resulting in a value of 25. 2573Used to set the number of lines on the screen. 2574For VGA displays, valid 2575values are 25, 28, 40 and 50 lines. 2576(See also the 2577.Xr scon 1 2578manual page.) 2579.It Va pcvt_blanktime 2580.Pq Vt int 2581Set to 2582.Dq Li NO 2583by default. 2584Used to set the screen saver timeout in seconds for values greater than 2585zero. 2586.It Va pcvt_cursorh 2587.Pq Vt int 2588Set to 2589.Dq Li NO 2590by default. 2591Used to set the cursor top scanline. 2592(See also the 2593.Xr cursor 1 2594manual page.) 2595.It Va pcvt_cursorl 2596.Pq Vt int 2597Set to 2598.Dq Li NO 2599by default. 2600Used to set the cursor bottom scanline. 2601.It Va pcvt_monohigh 2602.Pq Vt bool 2603Set to 2604.Dq Li NO 2605by default. 2606Set to 2607.Dq Li YES 2608to set intensity to high on monochrome monitors. 2609(See also the 2610.Xr scon 1 2611manual page, option 2612.Fl p , 2613for more information on changing VGA palette 2614values.) 2615.It Va harvest_interrupt 2616.Pq Vt bool 2617Set to 2618.Dq Li YES 2619to use hardware interrupts as an entropy source. 2620Refer to 2621.Xr random 4 2622for more information. 2623.It Va harvest_ethernet 2624.Pq Vt bool 2625Set to 2626.Dq Li YES 2627to use LAN traffic as an entropy source. 2628Refer to 2629.Xr random 4 2630for more information. 2631.It Va harvest_p_to_p 2632.Pq Vt bool 2633Set to 2634.Dq Li YES 2635to use serial line traffic as an entropy source. 2636Refer to 2637.Xr random 4 2638for more information. 2639.It Va entropy_dir 2640.Pq Vt str 2641Set to 2642.Dq Li NO 2643to disable caching entropy via 2644.Xr cron 8 . 2645Otherwise set to the directory used to store entropy files in. 2646.It Va entropy_file 2647.Pq Vt str 2648Set to 2649.Dq Li NO 2650to disable caching entropy through reboots. 2651Otherwise set to the filename used to store cached entropy through 2652reboots. 2653This file should be located on the root file system to seed the 2654.Xr random 4 2655device as early as possible in the boot process. 2656.It Va entropy_save_sz 2657.Pq Vt int 2658Size of the entropy cache files saved by 2659.Nm save-entropy 2660periodically. 2661.It Va entropy_save_num 2662.Pq Vt int 2663Number of entropy cache files to save by 2664.Nm save-entropy 2665periodically. 2666.It Va ipsec_enable 2667.Pq Vt bool 2668Set to 2669.Dq Li YES 2670to run 2671.Xr setkey 8 2672on 2673.Va ipsec_file 2674at boot time. 2675.It Va ipsec_file 2676.Pq Vt str 2677Configuration file for 2678.Xr setkey 8 . 2679.It Va dmesg_enable 2680.Pq Vt bool 2681Set to 2682.Dq Li YES 2683to save 2684.Xr dmesg 8 2685to 2686.Pa /var/run/dmesg.boot 2687on boot. 2688.It Va rcshutdown_timeout 2689.Pq Vt int 2690If set, start a watchdog timer in the background which will terminate 2691.Pa rc.shutdown 2692if 2693.Xr shutdown 8 2694has not completed within the specified time (in seconds). 2695.El 2696.Sh FILES 2697.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 2698.It Pa /etc/defaults/rc.conf 2699.It Pa /etc/rc.conf 2700.It Pa /etc/rc.conf.local 2701.El 2702.Sh SEE ALSO 2703.Xr catman 1 , 2704.Xr gdb 1 , 2705.Xr info 1 , 2706.Xr kbdcontrol 1 , 2707.Xr makewhatis 1 , 2708.Xr vidcontrol 1 , 2709.Xr ip 4 , 2710.Xr kld 4 , 2711.Xr tcp 4 , 2712.Xr udp 4 , 2713.Xr exports 5 , 2714.Xr motd 5 , 2715.Xr accton 8 , 2716.Xr amd 8 , 2717.Xr apm 8 , 2718.Xr atm 8 , 2719.Xr cron 8 , 2720.Xr dhclient 8 , 2721.Xr ifconfig 8 , 2722.Xr inetd 8 , 2723.Xr isdnd 8 , 2724.Xr isdntrace 8 , 2725.Xr kldxref 8 , 2726.Xr lpd 8 , 2727.Xr mdconfig 8 , 2728.Xr mountd 8 , 2729.Xr moused 8 , 2730.Xr mrouted 8 , 2731.Xr named 8 , 2732.Xr nfsd 8 , 2733.Xr ntpd 8 , 2734.Xr ntpdate 8 , 2735.Xr pcnfsd 8 , 2736.Xr quotacheck 8 , 2737.Xr quotaon 8 , 2738.Xr rc 8 , 2739.Xr rc.sendmail 8 , 2740.Xr route 8 , 2741.Xr routed 8 , 2742.Xr rpc.lockd 8 , 2743.Xr rpc.statd 8 , 2744.Xr rpcbind 8 , 2745.Xr rwhod 8 , 2746.Xr savecore 8 , 2747.Xr sshd 8 , 2748.Xr swapon 8 , 2749.Xr sysctl 8 , 2750.Xr syslogd 8 , 2751.Xr timed 8 , 2752.Xr usbd 8 , 2753.Xr vinum 8 , 2754.Xr yp 8 , 2755.Xr ypbind 8 , 2756.Xr ypserv 8 , 2757.Xr ypset 8 2758.Sh HISTORY 2759The 2760.Nm 2761file appeared in 2762.Fx 2.2.2 . 2763.Sh AUTHORS 2764.An Jordan K. Hubbard . 2765