1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" $DragonFly: src/share/man/man5/rc.conf.5,v 1.61 2008/10/20 07:35:08 swildner Exp $ 27.Dd December 12, 2009 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65See the 66.Va rc_conf_files 67variable below. 68.Pp 69The following list provides a name and short description for each 70variable that can be set in the 71.Nm 72file. 73To set a variable of 74.Vt bool 75type, specify either 76.Dq Li YES , 77.Dq Li TRUE , 78.Dq Li ON , 79or 80.Dq Li 1 . 81To unset, specify 82.Dq Li NO , 83.Dq Li FALSE , 84.Dq Li OFF , 85or 86.Dq Li 0 . 87These values are case insensitive. 88The 89.Va _enable 90postfix in the name of a variable for starting a service can be 91omitted (as in 92.Nx ) . 93.Bl -tag -width indent-two 94.It Va rc_debug 95.Pq Vt bool 96If set to 97.Dq Li YES , 98enable output of debug messages from rc scripts. 99This variable can be helpful in diagnosing mistakes when 100editing or integrating new scripts. 101Beware that this produces copious output to the terminal and 102.Xr syslog 3 . 103.It Va rc_info 104.Pq Vt bool 105If set to 106.Dq Li NO , 107disable informational messages from the rc scripts. 108Informational messages are displayed when 109a condition that is not serious enough to warrant a warning or an error occurs. 110.It Va swapfile 111.Pq Vt str 112If set to 113.Dq Li NO , 114no swapfile is installed, otherwise the value is used as the full 115pathname to a file to use for additional swap space. 116.It Va apm_enable 117.Pq Vt bool 118If set to 119.Dq Li YES , 120enable support for Automatic Power Management with the 121.Xr apm 8 122command. 123.It Va apmd_enable 124.Pq Vt bool 125Run 126.Xr apmd 8 127to handle APM event from userland. 128This also enables support for APM. 129.It Va apmd_flags 130.Pq Vt str 131If 132.Va apmd_enable 133is set to 134.Dq Li YES , 135these are the flags to pass to the 136.Xr apmd 8 137daemon. 138.It Va battd_enable 139Enable 140.Xr battd 8 141to monitor the status of batteries present in the system. 142This also enables support for APM. 143.It Va battd_flags 144.Pq Vt str 145If 146.Va battd_enable 147is set to 148.Dq Li YES , 149these are the flags to pass to the 150.Xr battd 8 151daemon. 152.It Va devd_enable 153.Pq Vt bool 154Run 155.Xr devd 8 156to handle device added, removed or unknown events from the kernel. 157.It Va devd_flags 158.Pq Vt str 159If 160.Va devd_enable 161is set to 162.Dq Li YES , 163these are the flags to pass to the 164.Xr devd 8 165daemon. 166.It Va sensorsd_enable 167.Pq Vt bool 168Set to 169.Dq Li NO 170by default. 171Setting this to 172.Dq Li YES 173enables 174.Xr sensorsd 8 , 175a sensors monitoring and logging daemon. 176.It Va sensorsd_flags 177.Pq Vt str 178Empty by default. 179Additional flags passed to the 180.Xr sensorsd 8 181program. 182.It Va hotplugd_enable 183.Pq Vt bool 184Set to 185.Dq Li NO 186by default. 187Setting this to 188.Dq Li YES 189enables 190.Xr hotplugd 8 , 191a devices hot plugging monitoring daemon. 192.It Va hotplugd_flags 193.Pq Vt str 194Empty by default. 195Additional flags passed to the 196.Xr hotplugd 8 197program. 198.It Va pccard_ifconfig 199.Pq Vt str 200List of arguments to be passed to 201.Xr ifconfig 8 202at boot time or on insertion of the card (e.g.\& 203.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 204for a fixed address or 205.Dq Li DHCP 206for a DHCP client). 207.It Va pccard_ether_delay 208.Pq Vt str 209Set the delay before starting 210.Xr dhclient 8 211in the 212.Pa /etc/pccard_ether 213script. 214This defaults to 5 seconds to work around a bug in the 215.Xr ed 4 216driver which can lead to system hangs when using some newer 217.Xr ed 4 218based cards. 219.It Va removable_interfaces 220.Pq Vt str 221List of removable network interfaces to be supported by 222.Pa /etc/pccard_ether . 223.It Va local_startup 224.Pq Vt str 225List of directories to search for startup script files. 226.It Va script_name_sep 227.Pq Vt str 228The field separator to use for breaking down the list of startup script files 229into individual filenames. 230The default is a space. 231It is not necessary to change this unless there are startup scripts with names 232containing spaces. 233.It Va hostapd_enable 234.Pq Vt bool 235Set to 236.Dq Li YES 237to start 238.Xr hostapd 8 239at system boot time. 240.It Va hostname 241.Pq Vt str 242The fully qualified domain name (FQDN) of this host on the network. 243This should almost certainly be set to something meaningful, even if 244there is no network connection. 245If 246.Xr dhclient 8 247is used to set the hostname via DHCP, 248this variable should be set to an empty string. 249.It Va ipv6_enable 250.Pq Vt bool 251Enable support for IPv6 networking. 252Note that this requires that the kernel have been compiled with 253.Cd "options INET6" . 254.It Va nisdomainname 255.Pq Vt str 256The NIS domain name of this host, or 257.Dq Li NO 258if NIS is not used. 259.It Va dhclient_program 260.Pq Vt str 261Path to the DHCP client program 262(default 263.Pa /sbin/dhclient ) . 264.It Va dhclient_flags 265.Pq Vt str 266Additional flags to pass to the DHCP client program. 267.It Va pf_enable 268.Pq Vt bool 269Set to 270.Dq Li YES 271to load 272.Xr pf 4 273at startup. 274If the kernel was not built with 275.Cd "device pf" , 276the 277.Pa pf.ko 278kernel module will be loaded. 279See also 280.Va firewall_enable 281and 282.Va ipfilter_enable . 283.It Va pf_rules 284.Pq Vt str 285Path to the 286.Xr pf 4 287ruleset definition file. 288.It Va pf_program 289.Pq Vt str 290Path to 291.Xr pfctl 8 . 292.It Va pf_flags 293.Pq Vt str 294If 295.Va pf_enable 296is set to 297.Dq Li YES , 298these are the flags to pass to 299.Xr pfctl 8 300when loading the ruleset. 301.It Va pflog_enable 302.Pq Vt bool 303Set this to 304.Dq Li YES 305to enable 306.Xr pflogd 8 307which logs packets from 308.Xr pf 4 . 309.It Va pflog_logfile 310.Pq Vt str 311If 312.Va pflog_enable 313is set to 314.Dq Li YES 315this specifies the path of the log file. 316.It Va pflog_program 317.Pq Vt str 318Path to 319.Xr pflogd 8 . 320.It Va pflog_flags 321.Pq Vt str 322If 323.Va pflog_enable 324is set to 325.Dq Li YES , 326these are the flags to pass to 327.Xr pflogd 8 . 328.It Va firewall_enable 329.Pq Vt bool 330Set to 331.Dq Li YES 332to load firewall rules at startup. 333If the kernel was not built with 334.Cd "options IPFIREWALL" , 335the 336.Pa ipfw.ko 337kernel module will be loaded. 338See also 339.Va pf_enable 340and 341.Va ipfilter_enable . 342.It Va ipv6_firewall_enable 343.Pq Vt bool 344The IPv6 equivalent of 345.Va firewall_enable . 346Set to 347.Dq Li YES 348to load IPv6 firewall rules at startup. 349If the kernel was not built with 350.Cd "options IPV6FIREWALL" , 351the 352.Pa ip6fw.ko 353kernel module will be loaded. 354.It Va firewall_script 355.Pq Vt str 356The full path to the firewall script to run 357(default 358.Pa /etc/rc.firewall ) . 359.It Va ipv6_firewall_script 360.Pq Vt str 361The IPv6 equivalent of 362.Va firewall_script . 363.It Va firewall_type 364.Pq Vt str 365Names the firewall type from the selection in 366.Pa /etc/rc.firewall , 367or the file which contains the local firewall ruleset. 368Valid selections from 369.Pa /etc/rc.firewall 370are: 371.Pp 372.Bl -tag -width ".Li simple" -compact 373.It Li open 374unrestricted IP access 375.It Li closed 376all IP services disabled, except via 377.Dq Li lo0 378.It Li client 379basic protection for a workstation on a LAN 380.It Li simple 381alias for 382.Li client . 383.El 384.Pp 385If a filename is specified, the full path must be given. 386.It Va firewall_trusted_nets 387.Pq Vt str 388List of trusted networks (if 389.Va firewall_type 390is set to 391.Li client ) . 392.It Va firewall_trusted_interfaces 393.Pq Vt str 394List of trusted network interfaces (if 395.Va firewall_type 396is set to 397.Li client ) . 398.It Va firewall_allowed_icmp_types 399.Pq Vt str 400List of allowed ICMP types (if 401.Va firewall_type 402is set to 403.Li client ) . 404.It Va firewall_open_tcp_ports 405.Pq Vt str 406List of TCP ports to open (if 407.Va firewall_type 408is set to 409.Li client ) . 410.It Va firewall_open_udp_ports 411.Pq Vt str 412List of UDP ports to open (if 413.Va firewall_type 414is set to 415.Li client ) . 416.It Va ipv6_firewall_type 417.Pq Vt str 418The IPv6 equivalent of 419.Va firewall_type . 420.It Va firewall_quiet 421.Pq Vt bool 422Set to 423.Dq Li YES 424to disable the display of firewall rules on the console during boot. 425.It Va ipv6_firewall_quiet 426.Pq Vt bool 427The IPv6 equivalent of 428.Va firewall_quiet . 429.It Va firewall_logging 430.Pq Vt bool 431Set to 432.Dq Li YES 433to enable firewall event logging. 434This is equivalent to the 435.Dv IPFIREWALL_VERBOSE 436kernel option. 437.It Va ipv6_firewall_logging 438.Pq Vt bool 439The IPv6 equivalent of 440.Va firewall_logging . 441.It Va firewall_flags 442.Pq Vt str 443Flags passed to 444.Xr ipfw 8 445if 446.Va firewall_type 447specifies a filename. 448.It Va ipv6_firewall_flags 449.Pq Vt str 450The IPv6 equivalent of 451.Va firewall_flags . 452.It Va natd_program 453.Pq Vt str 454Path to 455.Xr natd 8 . 456.It Va natd_enable 457.Pq Vt bool 458Set to 459.Dq Li YES 460to enable 461.Xr natd 8 . 462.Va firewall_enable 463must also be set to 464.Dq Li YES , 465and 466.Xr divert 4 467sockets must be enabled in the kernel. 468.It Va natd_interface 469.Pq Vt str 470This is the name of the public interface on which 471.Xr natd 8 472should run. 473The interface may be given as an interface name or as an IP address. 474.It Va natd_flags 475.Pq Vt str 476Additional 477.Xr natd 8 478flags should be placed here. 479The 480.Fl n 481or 482.Fl a 483flag is automatically added with the above 484.Va natd_interface 485as an argument. 486.\" ----- ipfilter_enable setting -------------------------------- 487.It Va ipfilter_enable 488.Pq Vt bool 489Set to 490.Dq Li NO 491by default. 492Setting this to 493.Dq Li YES 494enables 495.Xr ipf 8 496packet filtering. 497.Pp 498Typical usage will require putting 499.Bd -literal 500ipfilter_enable="YES" 501ipnat_enable="YES" 502ipmon_enable="YES" 503ipfs_enable="YES" 504.Ed 505.Pp 506into 507.Pa /etc/rc.conf 508and editing 509.Pa /etc/ipf.rules 510and 511.Pa /etc/ipnat.rules 512appropriately. 513.Pp 514Note that 515.Va ipfilter_enable 516and 517.Va ipnat_enable 518can be enabled independently. 519.Va ipmon_enable 520and 521.Va ipfs_enable 522both require at least one of 523.Va ipfilter_enable 524and 525.Va ipnat_enable 526to be enabled. 527.Pp 528Having 529.Bd -literal 530options IPFILTER 531options IPFILTER_LOG 532options IPFILTER_DEFAULT_BLOCK 533.Ed 534.Pp 535in the kernel configuration file is a good idea, too. 536See also 537.Va pf_enable 538and 539.Va firewall_enable . 540.\" ----- ipfilter_program setting ------------------------------ 541.It Va ipfilter_program 542.Pq Vt str 543Path to 544.Xr ipf 8 545(default 546.Pa /sbin/ipf ) . 547.\" ----- ipfilter_rules setting -------------------------------- 548.It Va ipfilter_rules 549.Pq Vt str 550Set to 551.Pa /etc/ipf.rules 552by default. 553The name of the filter rule definition file. 554The file is expected to be readable for the 555.Xr ipf 8 556command to execute. 557.\" ----- ipv6_ipfilter_rules setting --------------------------- 558.It Va ipv6_ipfilter_rules 559.Pq Vt str 560Set to 561.Pa /etc/ipf6.rules 562by default. 563The name of the IPv6 filter rule definition file. 564The file is expected to be readable for the 565.Xr ipf 8 566command to execute. 567.\" ----- ipfilter_flags setting -------------------------------- 568.It Va ipfilter_flags 569.Pq Vt str 570Empty by default. 571Flags passed to the 572.Xr ipf 8 573program. 574.\" ----- ipnat_enable setting ---------------------------------- 575.It Va ipnat_enable 576.Pq Vt bool 577Set to 578.Dq Li NO 579by default. 580Set it to 581.Dq Li YES 582to enable 583.Xr ipnat 8 584network address translation. 585See 586.Va ipfilter_enable 587for a detailed discussion. 588.\" ----- ipnat_program setting --------------------------------- 589.It Va ipnat_program 590.Pq Vt str 591Path to 592.Xr ipnat 8 593(default 594.Pa /sbin/ipnat ) . 595.\" ----- ipnat_rules setting ----------------------------------- 596.It Va ipnat_rules 597.Pq Vt str 598Set to 599.Pa /etc/ipnat.rules 600by default. 601The name of the file 602holding the network address translation definition. 603This file is expected to be readable for the 604.Xr ipnat 8 605command to execute. 606.\" ----- ipnat_flags setting ----------------------------------- 607.It Va ipnat_flags 608.Pq Vt str 609Empty by default. 610Flags passed to the 611.Xr ipnat 8 612program. 613.\" ----- ipmon_enable setting ---------------------------------- 614.It Va ipmon_enable 615.Pq Vt bool 616Set to 617.Dq Li NO 618by default. 619Set it to 620.Dq Li YES 621to enable 622.Xr ipmon 8 623monitoring (logging 624.Xr ipf 8 625and 626.Xr ipnat 8 627events). 628Setting this variable needs setting 629.Va ipfilter_enable 630or 631.Va ipnat_enable 632too. 633See 634.Va ipfilter_enable 635for a detailed discussion. 636.\" ----- ipmon_program setting --------------------------------- 637.It Va ipmon_program 638.Pq Vt str 639Path to 640.Xr ipmon 8 641(default 642.Pa /sbin/ipmon ) . 643.\" ----- ipmon_flags setting ----------------------------------- 644.It Va ipmon_flags 645.Pq Vt str 646Set to 647.Dq Li -Ds 648by default. 649Flags passed to the 650.Xr ipmon 8 651program. 652Another typical example would be 653.Dq Fl D Pa /var/log/ipflog 654to have 655.Xr ipmon 8 656log directly to a file bypassing 657.Xr syslogd 8 . 658Make sure to adjust 659.Pa /etc/newsyslog.conf 660in such case like this: 661.Bd -literal 662/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 663.Ed 664.\" ----- ipfs_enable setting ----------------------------------- 665.It Va ipfs_enable 666.Pq Vt bool 667Set to 668.Dq Li NO 669by default. 670Set it to 671.Dq Li YES 672to enable 673.Xr ipfs 8 674saving the filter and NAT state tables during shutdown 675and reloading them during startup again. 676Setting this variable needs setting 677.Va ipfilter_enable 678or 679.Va ipnat_enable 680to 681.Dq Li YES 682too. 683See 684.Va ipfilter_enable 685for a detailed discussion. 686Note that if 687.Va kern_securelevel 688is set to 3, 689.Va ipfs_enable 690cannot be used because the raised securelevel will prevent 691.Xr ipfs 8 692from saving the state tables at shutdown time. 693.\" ----- ipfs_program setting ---------------------------------- 694.It Va ipfs_program 695.Pq Vt str 696Path to 697.Xr ipfs 8 698(default 699.Pa /sbin/ipfs ) . 700.\" ----- ipfs_flags setting ------------------------------------ 701.It Va ipfs_flags 702.Pq Vt str 703Empty by default. 704Flags passed to the 705.Xr ipfs 8 706program. 707.\" ----- end of added ipf hook --------------------------------- 708.It Va tcp_extensions 709.Pq Vt bool 710Set to 711.Dq Li YES 712by default. 713Setting this to 714.Dq Li NO 715disables certain TCP options as described by 716.Rs 717.%T "RFC 1323" 718.Re 719Setting this to 720.Dq Li NO 721might help remedy such problems with connections as randomly hanging 722or other weird behavior. 723Some network devices are known to be broken with respect to these options. 724.It Va log_in_vain 725.Pq Vt int 726Set to 0 by default. 727The 728.Xr sysctl 8 729variables, 730.Va net.inet.tcp.log_in_vain 731and 732.Va net.inet.udp.log_in_vain , 733as described in 734.Xr tcp 4 735and 736.Xr udp 4 , 737are set to the given value. 738.It Va tcp_keepalive 739.Pq Vt bool 740Set to 741.Dq Li YES 742by default. 743Setting to 744.Dq Li NO 745will disable probing idle TCP connections to verify that the 746peer is still up and reachable. 747.It Va tcp_drop_synfin 748.Pq Vt bool 749Set to 750.Dq Li NO 751by default. 752Setting to 753.Dq Li YES 754will cause the kernel to ignore TCP frames that have both 755the SYN and FIN flags set. 756This prevents OS fingerprinting, but may break some legitimate applications. 757This option is only available if the kernel was built with the 758.Dv TCP_DROP_SYNFIN 759option. 760.It Va icmp_drop_redirect 761.Pq Vt bool 762Set to 763.Dq Li NO 764by default. 765Setting to 766.Dq Li YES 767will cause the kernel to ignore ICMP REDIRECT packets. 768Refer to 769.Xr icmp 4 770for more information. 771.It Va icmp_log_redirect 772.Pq Vt bool 773Set to 774.Dq Li NO 775by default. 776Setting to 777.Dq Li YES 778will cause the kernel to log ICMP REDIRECT packets. 779Note that 780the log messages are not rate-limited, so this option should only be used 781for troubleshooting networks. 782Refer to 783.Xr icmp 4 784for more information. 785.It Va icmp_bmcastecho 786.Pq Vt bool 787Set to 788.Dq Li YES 789to respond to broadcast or multicast ICMP ping packets. 790Refer to 791.Xr icmp 4 792for more information. 793.It Va ip_portrange_first 794.Pq Vt int 795If not set to 796.Dq Li NO , 797this is the first port in the default portrange. 798Refer to 799.Xr ip 4 800for more information. 801.It Va ip_portrange_last 802.Pq Vt int 803If not set to 804.Dq Li NO , 805this is the last port in the default portrange. 806Refer to 807.Xr ip 4 808for more information. 809.\" 810.It Va ifconfig_ Ns Aq Ar interface 811.Pq Vt str 812Configuration for 813.Dq interface . 814Typically includes IP address. 815Assuming that the interface in question was 816.Li ed0 , 817it might look something like this: 818.Bd -literal 819ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 820.Ed 821.Pp 822If the 823.Pa /etc/start_if. Ns Aq Ar interface 824file is present, it is read and executed by the 825.Xr sh 1 826interpreter before configuring the interface as specified in the 827.Va ifconfig_ Ns Aq Ar interface 828and 829.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 830variables. 831.Pp 832It is possible to bring up an interface with DHCP by adding 833.Dq Li DHCP 834to the 835.Va ifconfig_ Ns Aq Ar interface 836variable. 837For instance, to initialize the 838.Li ed0 839device via DHCP, it is possible to use something like: 840.Bd -literal 841ifconfig_ed0="DHCP" 842.Ed 843.Pp 844Also, if your interface needs WPA authentication, it is possible to add 845.Dq Li WPA 846to the 847.Va ifconfig_ Ns Aq Ar interface 848variable. 849This will start 850.Xr wpa_supplicant 8 . 851See 852.Xr wpa_supplicant.conf 5 853for configuring authentication information. 854.Pp 855Finally, you can add 856.Xr ifconfig 8 857options in this variable, in addition to the 858.Pa /etc/start_if. Ns Aq Ar interface 859file. 860For instance, to initialize the 861.Li wi0 862device via DHCP, using WPA authentication and 802.11b mode, it is 863possible to use something like: 864.Bd -literal 865ifconfig_wi0="up DHCP WPA mode 11b" 866.Ed 867.Pp 868.\" 869.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 870.Pq Vt str 871Configuration to establish an additional network address for 872.Dq interface . 873Assuming that the interface in question was 874.Li ed0 , 875it might look something like this: 876.Bd -literal 877ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 878ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 879.Ed 880.Pp 881And so on. 882For each 883.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 884entry that is found, its contents are passed to 885.Xr ifconfig 8 . 886Execution stops at the first unsuccessful access, so if 887something like this is present: 888.Bd -literal 889ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 890ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 891ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 892ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 893.Ed 894.Pp 895Then note that alias4 would 896.Em not 897be added since the search would stop with the missing alias3 entry. 898.Pp 899.\" 900.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 901.Pq Vt str 902New name for 903.Dq interface . 904It is possible to rename interface by doing: 905.Bd -literal 906ifconfig_ed0_name="net0" 907ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 908.Ed 909.It Va network_interfaces 910.Pq Vt str 911The list of network interfaces to configure on this host, 912or 913.Dq Li auto 914to configure all network interfaces 915(default 916.Dq Li auto ) . 917For example, if the only network devices to be configured are the loopback device 918.Pq Li lo0 919and a NIC using the 920.Xr ed 4 921driver, this could be set to 922.Dq Li "lo0 ed0" . 923An 924.Va ifconfig_ Ns Aq Ar interface 925variable is assumed to exist for each value of 926.Ar interface . 927.It Va ipv6_network_interfaces 928.Pq Vt str 929This is the IPv6 equivalent of 930.Va network_interfaces . 931Instead of setting the ifconfig variables as 932.Va ifconfig_ Ns Aq Ar interface 933they should be set as 934.Va ipv6_ifconfig_ Ns Aq Ar interface . 935Aliases should be set as 936.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 937Interfaces that do not have a 938.Va ipv6_ifconfig_ Ns Aq Ar interface 939setting will be auto configured by 940.Xr rtsol 8 941if the 942.Va ipv6_gateway_enable 943is set to 944.Dq Li NO . 945Note that the IPv6 networking code does not support the 946.Pa /etc/start_if. Ns Aq Ar interface 947files. 948.It Va ipv6_prefix_ Ns Aq Ar interface 949.Pq Vt str 950Assign prefix to 951.Ar interface , 952prefixlen 64 is used. 953.It Va ipv6_default_interface 954.Pq Vt str 955If not set to 956.Dq Li NO , 957this is the default output interface for scoped addresses. 958Now this works only for IPv6 link local multicast addresses. 959.It Va cloned_interfaces 960.Pq Vt str 961Set to the list of clonable network interfaces to create on this host. 962Entries in 963.Va cloned_interfaces 964are automatically appended to 965.Va network_interfaces 966for configuration. 967.It Va gif_interfaces 968.Pq Vt str 969Set to the list of 970.Xr gif 4 971tunnel interfaces to configure on this host. 972A 973.Va gifconfig_ Ns Aq Ar interface 974variable is assumed to exist for each value of 975.Ar interface . 976The value of this variable is used to configure the link layer of the 977tunnel according to the syntax of the 978.Cm tunnel 979option to 980.Xr ifconfig 8 . 981Additionally, this option ensures that each listed interface is created via the 982.Cm create 983option to 984.Xr ifconfig 8 985before attempting to configure it. 986.It Va sppp_interfaces 987.Pq Vt str 988Set to the list of 989.Xr sppp 4 990interfaces to configure on this host. 991A 992.Va spppconfig_ Ns Aq Ar interface 993variable is assumed to exist for each value of 994.Ar interface . 995Each interface should also be configured by a general 996.Va ifconfig_ Ns Aq Ar interface 997setting. 998Refer to 999.Xr spppcontrol 8 1000for more information about available options. 1001.It Va ppp_enable 1002.Pq Vt bool 1003If set to 1004.Dq Li YES , 1005run the 1006.Xr ppp 8 1007daemon. 1008.It Va ppp_mode 1009.Pq Vt str 1010Mode in which to run the 1011.Xr ppp 8 1012daemon. 1013Accepted modes are 1014.Dq Li auto , 1015.Dq Li ddial , 1016.Dq Li direct 1017and 1018.Dq Li dedicated . 1019See the manual for a full description. 1020.It Va ppp_nat 1021.Pq Vt bool 1022If set to 1023.Dq Li YES , 1024enables network address translation. 1025Used in conjunction with 1026.Va gateway_enable 1027allows hosts on private network addresses access to the Internet using 1028this host as a network address translating router. 1029.It Va ppp_profile 1030.Pq Vt str 1031The name of the profile to use from 1032.Pa /etc/ppp/ppp.conf . 1033.It Va ppp_user 1034.Pq Vt str 1035The name of the user under which 1036.Xr ppp 8 1037should be started. 1038By default, 1039.Xr ppp 8 1040is started as 1041.Dq Li root . 1042.It Va rc_conf_files 1043.Pq Vt str 1044This option is used to specify a list of files that will override 1045the settings in 1046.Pa /etc/defaults/rc.conf . 1047The files will be read in the order in which they are specified and should 1048include the full path to the file. 1049By default, the files specified are 1050.Pa /etc/rc.conf 1051and 1052.Pa /etc/rc.conf.local 1053.It Va fsck_y_enable 1054.Pq Vt bool 1055If set to 1056.Dq Li YES , 1057.Xr fsck 8 1058will be run with the 1059.Fl y 1060flag if the initial preen of the file systems fails. 1061.It Va netfs_types 1062.Pq Vt str 1063List of file system types that are network-based. 1064This list should generally not be modified by end users. 1065Use 1066.Va extra_netfs_types 1067instead. 1068.It Va extra_netfs_types 1069.Pq Vt str 1070If set to something other than 1071.Dq Li NO 1072(the default), this variable extends the list of file system types 1073for which automatic mounting at startup by 1074.Xr rc 8 1075should be delayed until the network is initialized. 1076It should contain 1077a whitespace-separated list of network file system descriptor pairs, 1078each consisting of a file system type as passed to 1079.Xr mount 8 1080and a human-readable, one-word description, joined with a colon 1081.Pq Ql \&: . 1082Extending the default list in this way is only necessary 1083when third party file system types are used. 1084.It Va devfs_config_files 1085.Pq Vt str 1086This option is used to specify a list of configuration files containing 1087.Xr devfs 5 1088rules that will be applied by 1089.Xr devfsctl 8 1090in the order in which they are specified and must include the full path 1091to the file. 1092.It Va syslogd_enable 1093.Pq Vt bool 1094If set to 1095.Dq Li YES , 1096run the 1097.Xr syslogd 8 1098daemon. 1099.It Va syslogd_program 1100.Pq Vt str 1101Path to 1102.Xr syslogd 8 1103(default 1104.Pa /usr/sbin/syslogd ) . 1105.It Va syslogd_flags 1106.Pq Vt str 1107If 1108.Va syslogd_enable 1109is set to 1110.Dq Li YES , 1111these are the flags to pass to 1112.Xr syslogd 8 . 1113.It Va inetd_enable 1114.Pq Vt bool 1115If set to 1116.Dq Li YES , 1117run the 1118.Xr inetd 8 1119daemon. 1120.It Va inetd_program 1121.Pq Vt str 1122Path to 1123.Xr inetd 8 1124(default 1125.Pa /usr/sbin/inetd ) . 1126.It Va inetd_flags 1127.Pq Vt str 1128If 1129.Va inetd_enable 1130is set to 1131.Dq Li YES , 1132these are the flags to pass to 1133.Xr inetd 8 . 1134.It Va named_enable 1135.Pq Vt bool 1136If set to 1137.Dq Li YES , 1138run the 1139.Xr named 8 1140daemon. 1141.It Va named_program 1142.Pq Vt str 1143Path to 1144.Xr named 8 1145(default 1146.Pa /usr/sbin/named ) . 1147.It Va named_flags 1148.Pq Vt str 1149If 1150.Va named_enable 1151is set to 1152.Dq Li YES , 1153these are the flags to pass to 1154.Xr named 8 . 1155.It Va named_pidfile 1156.Pq Vt str 1157This is the default path to the 1158.Xr named 8 1159daemon's PID file. 1160Change it if you change the location in 1161.Pa /etc/namedb/named.conf . 1162.It Va named_chrootdir 1163.Pq Vt str 1164The root directory for a name server run in a 1165.Xr chroot 8 1166environment. 1167If left empty 1168.Xr named 8 1169will not be run in a 1170.Xr chroot 8 1171environment. 1172.It Va rwhod_enable 1173.Pq Vt bool 1174If set to 1175.Dq Li YES , 1176run the 1177.Xr rwhod 8 1178daemon at boot time. 1179.It Va rwhod_flags 1180.Pq Vt str 1181If 1182.Va rwhod_enable 1183is set to 1184.Dq Li YES , 1185these are the flags to pass to it. 1186.It Va amd_enable 1187.Pq Vt bool 1188If set to 1189.Dq Li YES , 1190run the 1191.Xr amd 8 1192daemon at boot time. 1193.It Va amd_flags 1194.Pq Vt str 1195If 1196.Va amd_enable 1197is set to 1198.Dq Li YES , 1199these are the flags to pass to it. 1200See the 1201.Xr amd 8 1202manpage for more information. 1203.It Va amd_map_program 1204.Pq Vt str 1205If set, the specified program is run to get the list of 1206.Xr amd 8 1207maps. 1208For example, if the 1209.Xr amd 8 1210maps are stored in NIS, one can set this to run 1211.Xr ypcat 1 1212to get a list of 1213.Xr amd 8 1214maps from the 1215.Pa amd.master 1216NIS map. 1217.It Va update_motd 1218.Pq Vt bool 1219If set to 1220.Dq Li YES , 1221.Pa /etc/motd 1222will be updated at boot time to reflect the kernel release being run. 1223If set to 1224.Dq Li NO , 1225.Pa /etc/motd 1226will not be updated. 1227.It Va nfs_client_enable 1228.Pq Vt bool 1229If set to 1230.Dq Li YES , 1231setup NFS client parameters at boot time. 1232.It Va nfs_access_cache 1233.Pq Vt int 1234If 1235.Va nfs_client_enable 1236is set to 1237.Dq Li YES , 1238this can be set to 1239.Dq Li 0 1240to disable NFS ACCESS RPC caching, or to the number of seconds for which 1241NFS ACCESS results should be cached. 1242A value of 2-10 seconds will substantially reduce network traffic for 1243many NFS operations. 1244The default is 5 seconds. 1245Note that the attribute cache holds stat information only. 1246The NFS data cache is independent of the attribute cache and is only 1247invalidated when the client detects that the server has modified the 1248underlying file. 1249This value specifies a maximum timeout. 1250The NFS client will automatically use a shorter timeout for files which 1251have been recently modified. 1252.It Va nfs_neg_cache 1253.Pq Vt int 1254If 1255.Va nfs_client_enable 1256is set to 1257.Dq Li YES , 1258this can be set to 1259.Dq Li 0 1260to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1261filenames), or to the number of seconds for which negative lookups should 1262be cached. 1263A value of 2-10 seconds will substantially reduce network 1264traffic for many NFS operations, especially source code builds. 1265The default is 3 seconds. 1266.It Va nfs_server_enable 1267.Pq Vt bool 1268If set to 1269.Dq Li YES , 1270run the NFS server daemons at boot time. 1271.It Va nfs_server_flags 1272.Pq Vt str 1273If 1274.Va nfs_server_enable 1275is set to 1276.Dq Li YES , 1277these are the flags to pass to the 1278.Xr nfsd 8 1279daemon. 1280.It Va mountd_enable 1281.Pq Vt bool 1282If set to 1283.Dq Li YES , 1284and no 1285.Va nfs_server_enable 1286is set, start 1287.Xr mountd 8 , 1288but not 1289.Xr nfsd 8 1290daemon. 1291It is commonly needed to run CFS without real NFS used. 1292.It Va mountd_flags 1293.Pq Vt str 1294If 1295.Va mountd_enable 1296is set to 1297.Dq Li YES , 1298these are the flags to pass to the 1299.Xr mountd 8 1300daemon. 1301.It Va weak_mountd_authentication 1302.Pq Vt bool 1303If set to 1304.Dq Li YES , 1305allow services like PCNFSD to make non-privileged mount requests. 1306.It Va nfs_reserved_port_only 1307.Pq Vt bool 1308If set to 1309.Dq Li YES , 1310provide NFS services only on a secure port. 1311.It Va nfs_bufpackets 1312.Pq Vt int 1313If set to a number, indicates the number of packets worth of 1314socket buffer space to reserve on an NFS client. 1315The kernel default is typically 4. 1316Using a higher number may be useful on gigabit networks to improve performance. 1317The minimum value is 2 and the maximum is 64. 1318.It Va rpc_umntall_enable 1319.Pq Vt bool 1320If set to 1321.Dq Li YES 1322(default) and we are also an NFS client, run 1323.Xr rpc.umntall 8 1324at boot time to clear out old mounts on remote servers. 1325If set to 1326.Dq Li NO 1327then 1328.Xr rpc.umntall 8 1329will not be run at boot time. 1330.It Va rpc_lockd_enable 1331.Pq Vt bool 1332If set to 1333.Dq Li YES 1334and also an NFS server, run 1335.Xr rpc.lockd 8 1336at boot time. 1337.It Va rpc_lockd_flags 1338.Pq Vt str 1339If 1340.Va rpc_lockd_enable 1341is set to 1342.Dq Li YES , 1343these are the flags to pass to 1344.Xr rpc.lockd 8 . 1345.It Va rpc_statd_enable 1346.Pq Vt bool 1347If set to 1348.Dq Li YES 1349and also an NFS server, run 1350.Xr rpc.statd 8 1351at boot time. 1352.It Va rpc_statd_flags 1353.Pq Vt str 1354If 1355.Va rpc_statd_enable 1356is set to 1357.Dq Li YES , 1358these are the flags to pass to 1359.Xr rpc.statd 8 . 1360.It Va rpcbind_program 1361.Pq Vt str 1362Path to program for rpcbind daemon 1363(default 1364.Pa /usr/sbin/rpcbind ) . 1365.It Va rpcbind_enable 1366.Pq Vt bool 1367If set to 1368.Dq Li YES , 1369run 1370.Va rpcbind_program 1371at boot time. 1372.It Va rpcbind_flags 1373.Pq Vt str 1374If 1375.Va rpcbind_enable 1376is set to 1377.Dq Li YES , 1378these are the flags to pass to 1379.Va rpcbind_program . 1380.It Va keyserv_enable 1381.Pq Vt bool 1382If set to 1383.Dq Li YES , 1384run the 1385.Xr keyserv 8 1386daemon on boot for running Secure RPC. 1387.It Va keyserv_flags 1388.Pq Vt str 1389If 1390.Va keyserv_enable 1391is set to 1392.Dq Li YES , 1393these are the flags to pass to 1394.Xr keyserv 8 1395daemon. 1396.It Va pppoed_enable 1397.Pq Vt bool 1398If set to 1399.Dq Li YES , 1400run the 1401.Xr pppoed 8 1402daemon at boot time to provide PPP over Ethernet services. 1403.It Va pppoed_provider 1404.Pq Vt str 1405.Xr pppoed 8 1406listens to requests to this provider and ultimately runs 1407.Xr ppp 8 1408with a 1409.Ar system 1410argument of the same name. 1411.It Va pppoed_flags 1412.Pq Vt str 1413Additional flags to pass to 1414.Xr pppoed 8 . 1415.It Va pppoed_interface 1416.Pq Vt str 1417The network interface to run 1418.Xr pppoed 8 1419on. 1420This is mandatory when 1421.Va pppoed_enable 1422is set to 1423.Dq Li YES . 1424.It Va timed_enable 1425.Pq Vt bool 1426If set to 1427.Dq Li YES , 1428run the 1429.Xr timed 8 1430service at boot time. 1431This command is intended for networks of machines where a consistent 1432.Dq "network time" 1433for all hosts must be established. 1434This is often useful in large NFS environments where time stamps on 1435files are expected to be consistent network-wide. 1436.It Va timed_flags 1437.Pq Vt str 1438If 1439.Va timed_enable 1440is set to 1441.Dq Li YES , 1442these are the flags to pass to the 1443.Xr timed 8 1444service. 1445.It Va dntpd_enable 1446.Pq Vt bool 1447If set to 1448.Dq Li YES , 1449run 1450.Xr dntpd 8 1451at system boot time. 1452.It Va dntpd_program 1453.Pq Vt str 1454Path to 1455.Xr dntpd 8 1456(default 1457.Pa /usr/sbin/dntpd ) . 1458.It Va dntpd_flags 1459.Pq Vt str 1460If 1461.Va dntpd_enable 1462is set to 1463.Dq Li YES , 1464these are the flags to pass to the 1465.Xr dntpd 8 1466daemon. 1467.It Va btconfig_enable 1468.Pq Vt bool 1469If set to 1470.Dq Li YES , 1471configure Bluetooth devices via 1472.Xr btconfig 8 1473at system boot time. 1474.It Va btconfig_devices 1475.Pq Vt str 1476If 1477.Va btconfig_enable 1478is set to 1479.Dq Li YES , 1480this is the list of Bluetooth devices to configure. 1481If 1482.Va btconfig_devices 1483is not specified, all devices known to the system will be configured. 1484A 1485.Va btconfig_ Ns Aq Ar device 1486variable can be set to specify parameters to be passed to 1487.Ar device . 1488.It Va btconfig_args 1489.Pq Vt str 1490If 1491.Va btconfig_enable 1492is set to 1493.Dq Li YES , 1494this is the list of configuration parameters to pass to all Bluetooth 1495devices. 1496.It Va sdpd_enable 1497.Pq Vt bool 1498If set to 1499.Dq Li YES , 1500run the Service Discovery Profile daemon 1501.Xr ( sdpd 8 ) 1502at system boot time. 1503.It Va sdpd_flags 1504.Pq Vt str 1505If 1506.Va sdpd_enable 1507is set to 1508.Dq Li YES , 1509these are the flags to pass to the 1510.Xr sdpd 8 1511daemon. 1512.It Va bthcid_enable 1513.Pq Vt bool 1514If set to 1515.Dq Li YES , 1516run the Bluetooth Link Key/PIN Code Manager daemon 1517.Xr ( bthcid 8 ) 1518at system boot time. 1519.It Va bthcid_flags 1520.Pq Vt str 1521If 1522.Va bthcid_enable 1523is set to 1524.Dq Li YES , 1525these are the flags to pass to the 1526.Xr bthcid 8 1527daemon. 1528.It Va nis_client_enable 1529.Pq Vt bool 1530If set to 1531.Dq Li YES , 1532run the 1533.Xr ypbind 8 1534service at system boot time. 1535.It Va nis_client_flags 1536.Pq Vt str 1537If 1538.Va nis_client_enable 1539is set to 1540.Dq Li YES , 1541these are the flags to pass to the 1542.Xr ypbind 8 1543service. 1544.It Va nis_ypset_enable 1545.Pq Vt bool 1546If set to 1547.Dq Li YES , 1548run the 1549.Xr ypset 8 1550daemon at system boot time. 1551.It Va nis_ypset_flags 1552.Pq Vt str 1553If 1554.Va nis_ypset_enable 1555is set to 1556.Dq Li YES , 1557these are the flags to pass to the 1558.Xr ypset 8 1559daemon. 1560.It Va nis_server_enable 1561.Pq Vt bool 1562If set to 1563.Dq Li YES , 1564run the 1565.Xr ypserv 8 1566daemon at system boot time. 1567.It Va nis_server_flags 1568.Pq Vt str 1569If 1570.Va nis_server_enable 1571is set to 1572.Dq Li YES , 1573these are the flags to pass to the 1574.Xr ypserv 8 1575daemon. 1576.It Va nis_ypxfrd_enable 1577.Pq Vt bool 1578If set to 1579.Dq Li YES , 1580run the 1581.Xr rpc.ypxfrd 8 1582daemon at system boot time. 1583.It Va nis_ypxfrd_flags 1584.Pq Vt str 1585If 1586.Va nis_ypxfrd_enable 1587is set to 1588.Dq Li YES , 1589these are the flags to pass to the 1590.Xr rpc.ypxfrd 8 1591daemon. 1592.It Va nis_yppasswdd_enable 1593.Pq Vt bool 1594If set to 1595.Dq Li YES , 1596run the 1597.Xr rpc.yppasswdd 8 1598daemon at system boot time. 1599.It Va nis_yppasswdd_flags 1600.Pq Vt str 1601If 1602.Va nis_yppasswdd_enable 1603is set to 1604.Dq Li YES , 1605these are the flags to pass to the 1606.Xr rpc.yppasswdd 8 1607daemon. 1608.It Va rpc_ypupdated_enable 1609.Pq Vt bool 1610If set to 1611.Dq Li YES , 1612run the 1613.Nm rpc.ypupdated 1614daemon at system boot time. 1615.It Va defaultrouter 1616.Pq Vt str 1617If not set to 1618.Dq Li NO , 1619create a default route to this host name or IP address 1620(use an IP address if this router is also required to get to the 1621name server!). 1622.It Va ipv6_defaultrouter 1623.Pq Vt str 1624The IPv6 equivalent of 1625.Va defaultrouter . 1626.It Va static_routes 1627.Pq Vt str 1628Set to the list of static routes that are to be added at system boot time. 1629If not set to 1630.Dq Li NO 1631then for each whitespace separated 1632.Ar element 1633in the value, a 1634.Va route_ Ns Aq Ar element 1635variable is assumed to exist whose contents will later be passed to a 1636.Dq Nm route Cm add 1637operation. 1638.It Va ipv6_static_routes 1639.Pq Vt str 1640The IPv6 equivalent of 1641.Va static_routes . 1642If not set to 1643.Dq Li NO 1644then for each whitespace separated 1645.Ar element 1646in the value, a 1647.Va ipv6_route_ Ns Aq Ar element 1648variable is assumed to exist whose contents will later be passed to a 1649.Dq Nm route Cm add Fl inet6 1650operation. 1651.It Va gateway_enable 1652.Pq Vt bool 1653If set to 1654.Dq Li YES , 1655configure host to act as an IP router, e.g. to forward packets 1656between interfaces. 1657.It Va ipv6_gateway_enable 1658.Pq Vt bool 1659The IPv6 equivalent of 1660.Va gateway_enable . 1661.It Va router_enable 1662.Pq Vt bool 1663If set to 1664.Dq Li YES , 1665run a routing daemon of some sort, based on the settings of 1666.Va router_program 1667and 1668.Va router_flags . 1669.It Va ipv6_router_enable 1670.Pq Vt bool 1671The IPv6 equivalent of 1672.Va router_enable . 1673If set to 1674.Dq Li YES , 1675run a routing daemon of some sort, based on the settings of 1676.Va ipv6_router_program 1677and 1678.Va ipv6_router_flags . 1679.It Va router_program 1680.Pq Vt str 1681If 1682.Va router_enable 1683is set to 1684.Dq Li YES , 1685this is the name of the routing daemon to use 1686(default 1687.Pa /sbin/routed ) . 1688.It Va ipv6_router_program 1689.Pq Vt str 1690The IPv6 equivalent of 1691.Va router_program 1692(default 1693.Pa /sbin/route6d ) . 1694.It Va router_flags 1695.Pq Vt str 1696If 1697.Va router_enable 1698is set to 1699.Dq Li YES , 1700these are the flags to pass to the routing daemon. 1701.It Va ipv6_router_flags 1702.Pq Vt str 1703The IPv6 equivalent of 1704.Va router_flags . 1705.It Va mrouted_enable 1706.Pq Vt bool 1707If set to 1708.Dq Li YES , 1709run the multicast routing daemon, 1710.Xr mrouted 8 . 1711.It Va mroute6d_enable 1712.Pq Vt bool 1713The IPv6 equivalent of 1714.Va mrouted_enable . 1715If set to 1716.Dq Li YES , 1717run the IPv6 multicast routing daemon. 1718Note that no IPv6 multicast routing daemon is included in the 1719.Dx 1720base system but 1721.Xr pim6dd 8 1722can be installed from the 1723.Xr pkgsrc 7 1724collection. 1725.It Va mrouted_flags 1726.Pq Vt str 1727If 1728.Va mrouted_enable 1729is set to 1730.Dq Li YES , 1731these are the flags to pass to the 1732.Xr mrouted 8 1733daemon. 1734.It Va mroute6d_flags 1735.Pq Vt str 1736The IPv6 equivalent of 1737.Va mrouted_flags . 1738If 1739.Va mroute6d_enable 1740is set to 1741.Dq Li YES , 1742these are the flags passed to the IPv6 multicast routing daemon. 1743.It Va mroute6d_program 1744.Pq Vt str 1745If 1746.Va mroute6d_enable 1747is set to 1748.Dq Li YES , 1749this is the path to the IPv6 multicast routing daemon. 1750.It Va rtadvd_enable 1751.Pq Vt bool 1752If set to 1753.Dq Li YES , 1754run the 1755.Xr rtadvd 8 1756daemon at boot time. 1757.Xr rtadvd 8 1758will only run if 1759.Va ipv6_gateway_enable 1760is also set to 1761.Dq Li YES . 1762The 1763.Xr rtadvd 8 1764utility sends router advertisement packets to the interfaces specified in 1765.Va rtadvd_interfaces . 1766.Xr rtadvd 8 1767and should only be enabled with great care. 1768You may want to fine-tune 1769.Xr rtadvd.conf 5 . 1770.It Va rtadvd_interfaces 1771.Pq Vt str 1772If 1773.Va rtadvd_enable 1774is set to 1775.Dq Li YES 1776this is the list of interfaces to use. 1777.It Va rtsold_enable 1778.Pq Vt bool 1779If set to 1780.Dq Li YES , 1781run the 1782.Xr rtsold 8 1783daemon at boot time. 1784The 1785.Xr rtsold 8 1786daemon is used for automatic discovery of non-link local addresses. 1787.It Va rtsold_flags 1788.Pq Vt str 1789If 1790.Va rtsold_enable 1791is set to 1792.Dq Li YES , 1793these are the flags to pass to the 1794.Xr rtsold 8 1795daemon. 1796.It Va ipxgateway_enable 1797.Pq Vt bool 1798If set to 1799.Dq Li YES , 1800enable the routing of IPX traffic. 1801.It Va ipxrouted_enable 1802.Pq Vt bool 1803If set to 1804.Dq Li YES , 1805run the 1806.Xr IPXrouted 8 1807daemon at system boot time. 1808.It Va ipxrouted_flags 1809.Pq Vt str 1810If 1811.Va ipxrouted_enable 1812is set to 1813.Dq Li YES , 1814these are the flags to pass to the 1815.Xr IPXrouted 8 1816daemon. 1817.It Va arpproxy_all 1818.Pq Vt bool 1819If set to 1820.Dq Li YES , 1821enable global proxy ARP. 1822.It Va forward_sourceroute 1823.Pq Vt bool 1824If set to 1825.Dq Li YES 1826and 1827.Va gateway_enable 1828is also set to 1829.Dq Li YES , 1830source-routed packets are forwarded. 1831.It Va accept_sourceroute 1832.Pq Vt bool 1833If set to 1834.Dq Li YES , 1835the system will accept source-routed packets directed at it. 1836.It Va rarpd_enable 1837.Pq Vt bool 1838If set to 1839.Dq Li YES , 1840run the 1841.Xr rarpd 8 1842daemon at system boot time. 1843.It Va rarpd_flags 1844.Pq Vt str 1845If 1846.Va rarpd_enable 1847is set to 1848.Dq Li YES , 1849these are the flags to pass to the 1850.Xr rarpd 8 1851daemon. 1852.It Va bootparamd_enable 1853.Pq Vt bool 1854If set to 1855.Dq Li YES , 1856run the 1857.Xr bootparamd 8 1858daemon at system boot time. 1859.It Va bootparamd_flags 1860.Pq Vt str 1861If 1862.Va bootparamd_enable 1863is set to 1864.Dq Li YES , 1865these are the flags to pass to the 1866.Xr bootparamd 8 1867daemon. 1868.It Va stf_interface_ipv4addr 1869.Pq Vt str 1870If not set to 1871.Dq Li NO , 1872this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1873Specify this entry to enable the 6to4 interface. 1874.It Va stf_interface_ipv4plen 1875.Pq Vt int 1876Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1877An effective value is 0-31. 1878.It Va stf_interface_ipv6_ifid 1879.Pq Vt str 1880IPv6 interface ID for 1881.Xr stf 4 . 1882This can be set to 1883.Dq Li AUTO . 1884.It Va stf_interface_ipv6_slaid 1885.Pq Vt str 1886IPv6 Site Level Aggregator for 1887.Xr stf 4 . 1888.It Va ipv6_faith_prefix 1889.Pq Vt str 1890If not set to 1891.Dq Li NO , 1892this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP translator. 1893You also need 1894.Xr faithd 8 1895setup. 1896.It Va ipv6_ipv4mapping 1897.Pq Vt bool 1898If set to 1899.Dq Li YES 1900this enables IPv4 mapped IPv6 address communication (like 1901.Li ::ffff:a.b.c.d ) . 1902.It Va atm_enable 1903.Pq Vt bool 1904Set to 1905.Dq Li YES 1906to enable the configuration of ATM interfaces at system boot time. 1907For all of the ATM variables described below, please refer to the 1908.Xr atm 8 1909man page for further details on the available command parameters. 1910Also refer to the files in 1911.Pa /usr/share/examples/atm 1912for more detailed configuration information. 1913.It Va atm_netif_ Ns Aq Ar intf 1914.Pq Vt str 1915For the ATM physical interface 1916.Ar intf , 1917this variable defines the name prefix and count for the ATM network 1918interfaces to be created. 1919The value will be passed as the parameters of an 1920.Dq Nm atm Cm "set netif" Ar intf 1921command. 1922.It Va atm_sigmgr_ Ns Aq Ar intf 1923.Pq Vt str 1924For the ATM physical interface 1925.Ar intf , 1926this variable defines the ATM signalling manager to be used. 1927The value will be passed as the parameters of an 1928.Dq Nm atm Cm attach Ar intf 1929command. 1930.It Va atm_prefix_ Ns Aq Ar intf 1931.Pq Vt str 1932For the ATM physical interface 1933.Ar intf , 1934this variable defines the NSAP prefix for interfaces using a UNI signalling 1935manager. 1936If set to 1937.Dq Li ILMI , 1938the prefix will automatically be set via the 1939.Xr ilmid 8 1940daemon. 1941Otherwise, the value will be passed as the parameters of an 1942.Dq Nm atm Cm "set prefix" Ar intf 1943command. 1944.It Va atm_macaddr_ Ns Aq Ar intf 1945.Pq Vt str 1946For the ATM physical interface 1947.Ar intf , 1948this variable defines the MAC address for interfaces using a UNI signalling 1949manager. 1950If set to 1951.Dq Li NO , 1952the hardware MAC address contained in the ATM interface card will be used. 1953Otherwise, the value will be passed as the parameters of an 1954.Dq Nm atm Cm "set mac" Ar intf 1955command. 1956.It Va atm_arpserver_ Ns Aq Ar netif 1957.Pq Vt str 1958For the ATM network interface 1959.Ar netif , 1960this variable defines the ATM address for a host which is to provide ATMARP 1961service. 1962This variable is only applicable to interfaces using a UNI signalling manager. 1963If set to 1964.Dq Li local , 1965this host will become an ATMARP server. 1966The value will be passed as the parameters of an 1967.Dq Nm atm Cm "set arpserver" Ar netif 1968command. 1969.It Va atm_scsparp_ Ns Aq Ar netif 1970.Pq Vt bool 1971If set to 1972.Dq Li YES , 1973SCSP/ATMARP service for the network interface 1974.Ar netif 1975will be initiated using the 1976.Xr scspd 8 1977and 1978.Xr atmarpd 8 1979daemons. 1980This variable is only applicable if 1981.Va atm_arpserver_ Ns Aq Ar netif 1982is set to 1983.Dq Li local . 1984.It Va atm_arps 1985.Pq Vt str 1986Set to the list of permanent ATM ARP entries to be added at system boot time. 1987For each whitespace separated 1988.Ar element 1989in the value, an 1990.Va atm_arp_ Ns Aq Ar element 1991variable is assumed to exist. 1992The value of each of these variables will be passed as the parameters of an 1993.Dq Nm atm Cm "add arp" 1994command. 1995.It Va keybell 1996.Pq Vt str 1997The keyboard bell sound. 1998Set to 1999.Dq Li normal , 2000.Dq Li visual , 2001.Dq Li off , 2002or 2003.Dq Li NO 2004if the default behavior is desired. 2005For details, refer to the 2006.Xr kbdcontrol 1 2007manpage. 2008.It Va keymap 2009.Pq Vt str 2010If set to 2011.Dq Li NO , 2012no keymap is installed, otherwise the value is used to install 2013the keymap file in 2014.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2015.It Va keyrate 2016.Pq Vt str 2017The keyboard repeat speed. 2018Set to 2019.Dq Li slow , 2020.Dq Li normal , 2021.Dq Li fast , 2022or 2023.Dq Li NO 2024if the default behavior is desired. 2025.It Va keychange 2026.Pq Vt str 2027If not set to 2028.Dq Li NO , 2029attempt to program the function keys with the value. 2030The value should be a single string of the form: 2031.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2032.It Va cursor 2033.Pq Vt str 2034Can be set to the value of 2035.Dq Li normal , 2036.Dq Li blink , 2037.Dq Li destructive , 2038or 2039.Dq Li NO 2040to set the cursor behavior explicitly or choose the default behavior. 2041.It Va scrnmap 2042.Pq Vt str 2043If set to 2044.Dq Li NO , 2045no screen map is installed, otherwise the value is used to install 2046the screen map file in 2047.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2048.It Va font8x16 2049.Pq Vt str 2050If set to 2051.Dq Li NO , 2052the default 8x16 font value is used for screen size requests, otherwise 2053the value in 2054.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2055is used. 2056.It Va font8x14 2057.Pq Vt str 2058If set to 2059.Dq Li NO , 2060the default 8x14 font value is used for screen size requests, otherwise 2061the value in 2062.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2063is used. 2064.It Va font8x8 2065.Pq Vt str 2066If set to 2067.Dq Li NO , 2068the default 8x8 font value is used for screen size requests, otherwise 2069the value in 2070.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2071is used. 2072.It Va blanktime 2073.Pq Vt int 2074If set to 2075.Dq Li NO , 2076the default screen blanking interval is used, otherwise it is set to 2077.Ar value 2078seconds. 2079.It Va saver 2080.Pq Vt str 2081If not set to 2082.Dq Li NO , 2083this is the actual screen saver to use 2084.Li ( blank , snake , daemon , 2085etc). 2086.It Va moused_enable 2087.Pq Vt str 2088If set to 2089.Dq Li YES , 2090the 2091.Xr moused 8 2092daemon is started for doing cut/paste selection on the console. 2093.It Va moused_type 2094.Pq Vt str 2095This is the protocol type of the mouse connected to this host. 2096This variable must be set if 2097.Va moused_enable 2098is set to 2099.Dq Li YES . 2100The 2101.Xr moused 8 2102daemon 2103is able to detect the appropriate mouse type automatically in many cases. 2104Set this variable to 2105.Dq Li auto 2106to let the daemon detect it, or 2107select one from the following list if the automatic detection fails. 2108.Pp 2109If the mouse is attached to the PS/2 mouse port, choose 2110.Dq Li auto 2111or 2112.Dq Li ps/2 , 2113regardless of the brand and model of the mouse. 2114Likewise, if the mouse is attached to the bus mouse port, choose 2115.Dq Li auto 2116or 2117.Dq Li busmouse . 2118All other protocols are for serial mice and will not work with 2119the PS/2 and bus mice. 2120If this is a USB mouse, 2121.Dq Li auto 2122is the only protocol type which will work. 2123.Pp 2124.Bl -tag -width ".Li x10mouseremote" -compact 2125.It Li microsoft 2126Microsoft mouse (serial) 2127.It Li intellimouse 2128Microsoft IntelliMouse (serial) 2129.It Li mousesystems 2130Mouse systems Corp. mouse (serial) 2131.It Li mmseries 2132MM Series mouse (serial) 2133.It Li logitech 2134Logitech mouse (serial) 2135.It Li busmouse 2136A bus mouse 2137.It Li mouseman 2138Logitech MouseMan and TrackMan (serial) 2139.It Li glidepoint 2140ALPS GlidePoint (serial) 2141.It Li thinkingmouse 2142Kensington ThinkingMouse (serial) 2143.It Li ps/2 2144PS/2 mouse 2145.It Li mmhittab 2146MM HitTablet (serial) 2147.It Li x10mouseremote 2148X10 MouseRemote (serial) 2149.It Li versapad 2150Interlink VersaPad (serial) 2151.El 2152.Pp 2153Even if the mouse is not in the above list, it may be compatible 2154with one in the list. 2155Refer to the man page for 2156.Xr moused 8 2157for compatibility information. 2158.Pp 2159It should also be noted that while this is enabled, any 2160other client of the mouse (such as an X server) should access 2161the mouse through the virtual mouse device, 2162.Pa /dev/sysmouse , 2163and configure it as a 2164.Dq Li sysmouse 2165type mouse, since all 2166mouse data is converted to this single canonical format when using 2167.Xr moused 8 . 2168If the client program does not support the 2169.Dq Li sysmouse 2170type, specify the 2171.Dq Li mousesystems 2172type. 2173It is the second preferred type. 2174.It Va moused_port 2175.Pq Vt str 2176If 2177.Va moused_enable 2178is set to 2179.Dq Li YES , 2180this is the actual port the mouse is on. 2181It might be 2182.Pa /dev/cuaa0 2183for a COM1 serial mouse, 2184.Pa /dev/psm0 2185for a PS/2 mouse or 2186.Pa /dev/mse0 2187for a bus mouse, for example. 2188.It Va moused_flags 2189.Pq Vt str 2190If 2191.Va moused_type 2192is set, these are the additional flags to pass to the 2193.Xr moused 8 2194daemon. 2195.It Va mousechar_start 2196.Pq Vt int 2197If set to 2198.Dq Li NO , 2199the default mouse cursor character range 2200.Li 0xd0 Ns - Ns Li 0xd3 2201is used, otherwise the range start is set to 2202.Ar value 2203character, see 2204.Xr vidcontrol 1 . 2205Use if the default range is occupied in the language code table. 2206.It Va vidhistory 2207.Pq Vt int 2208Set the size of the history (scrollback) buffer in lines. 2209.It Va allscreens_flags 2210.Pq Vt str 2211If set, 2212.Xr vidcontrol 1 2213is run with these options for each of the virtual terminals 2214.Pq Pa /dev/ttyv* . 2215For example, 2216.Dq Fl m Cm on 2217will enable the mouse pointer on all virtual terminals if 2218.Va moused_enable 2219is set to 2220.Dq Li YES . 2221.It Va allscreens_kbdflags 2222.Pq Vt str 2223If set, 2224.Xr kbdcontrol 1 2225is run with these options for each of the virtual terminals 2226.Pq Pa /dev/ttyv* . 2227For example, 2228.Dq Fl h Li 200 2229will set the 2230.Xr syscons 4 2231scrollback (history) buffer to 200 lines. 2232.It Va cron_enable 2233.Pq Vt bool 2234If set to 2235.Dq Li YES , 2236run the 2237.Xr cron 8 2238daemon at system boot time. 2239.It Va cron_program 2240.Pq Vt str 2241Path to 2242.Xr cron 8 2243(default 2244.Pa /usr/sbin/cron ) . 2245.It Va cron_flags 2246.Pq Vt str 2247If 2248.Va cron_enable 2249is set to 2250.Dq Li YES , 2251these are the flags to pass to 2252.Xr cron 8 . 2253.It Va lpd_program 2254.Pq Vt str 2255Path to 2256.Xr lpd 8 2257(default 2258.Pa /usr/sbin/lpd ) . 2259.It Va lpd_enable 2260.Pq Vt bool 2261If set to 2262.Dq Li YES , 2263run the 2264.Xr lpd 8 2265daemon at system boot time. 2266.It Va lpd_flags 2267.Pq Vt str 2268If 2269.Va lpd_enable 2270is set to 2271.Dq Li YES , 2272these are the flags to pass to the 2273.Xr lpd 8 2274daemon. 2275.It Va nscd_enable 2276.Pq Vt bool 2277If set to 2278.Dq Li YES , 2279run the 2280.Xr nscd 8 2281daemon at system boot time. 2282.It Va mixer_enable 2283.Pq Vt bool 2284If set to 2285.Dq Li YES , 2286preserve 2287.Xr mixer 8 2288settings across reboots. 2289.It Va mta_start_script 2290.Pq Vt str 2291The full path to the script to run to start 2292a mail transfer agent. 2293The default is 2294.Pa /etc/rc.sendmail . 2295The 2296.Va sendmail_* 2297variables which 2298.Pa /etc/rc.sendmail 2299uses are documented in the 2300.Xr rc.sendmail 8 2301man page. 2302.It Va fixbootfile 2303.Pq Vt bool 2304In a 2305.Sq HAMMER ROOT with UFS /boot 2306setup, the boot loader will not set up the 2307.Va kern.bootfile 2308sysctl correctly. 2309The system will attempt to fix this on its own. 2310Set this variable to 2311.Dq Li NO 2312to turn this behavior off. 2313.It Va dumpdev 2314.Pq Vt str 2315Indicates the device (usually a swap partition) to which a crash dump 2316should be written in the event of a system crash. 2317The value of this variable is passed as the argument to 2318.Xr dumpon 8 . 2319To disable crash dumps, set this variable to 2320.Dq Li NO . 2321.It Va dumpdir 2322.Pq Vt str 2323When the system reboots after a crash and a crash dump is found on the 2324device specified by the 2325.Va dumpdev 2326variable, 2327.Xr savecore 8 2328will save that crash dump and a copy of the kernel to the directory 2329specified by the 2330.Va dumpdir 2331variable. 2332The default value is 2333.Pa /var/crash . 2334Set to 2335.Dq Li NO 2336to not run 2337.Xr savecore 8 2338at boot time when 2339.Va dumpdir 2340is set. 2341.It Va savecore_flags 2342.Pq Vt str 2343If crash dumps are enabled, these are the flags to pass to the 2344.Xr savecore 8 2345utility. 2346.It Va enable_quotas 2347.Pq Vt bool 2348Set to 2349.Dq Li YES 2350to turn on user disk quotas on system startup via the 2351.Xr quotaon 8 2352command. 2353.It Va check_quotas 2354.Pq Vt bool 2355Set to 2356.Dq Li YES 2357to enable user disk quota checking via the 2358.Xr quotacheck 8 2359command. 2360.It Va accounting_enable 2361.Pq Vt bool 2362Set to 2363.Dq Li YES 2364to enable system accounting through the 2365.Xr accton 8 2366facility. 2367.It Va linux_enable 2368.Pq Vt bool 2369Set to 2370.Dq Li YES 2371to enable Linux/ELF binary emulation at system initial boot time. 2372.It Va sysvipc_enable 2373.Pq Vt bool 2374If set to 2375.Dq Li YES , 2376load System V IPC primitives at boot time. 2377.\" ----- cleanvar_enable setting-------------------------------- 2378.It Va cleanvar_enable 2379.Pq Vt bool 2380Set to 2381.Dq Li YES 2382to have 2383.Pa /var/run , 2384.Pa /var/spool/lock 2385and 2386.Pa /var/spool/uucp/.Temp/* 2387cleaned at startup. 2388.\" ----- clear_tmp_enable setting------------------------------- 2389.It Va clear_tmp_enable 2390.Pq Vt bool 2391Set to 2392.Dq Li YES 2393to have 2394.Pa /tmp 2395cleaned at startup. 2396.\" ----- ldconfig_paths setting -------------------------------- 2397.It Va ldconfig_paths 2398.Pq Vt str 2399Set to the list of shared library paths to use with 2400.Xr ldconfig 8 . 2401NOTE: 2402.Pa /usr/lib 2403will always be added first, so it need not appear in this list. 2404.It Va ldconfig_insecure 2405.Pq Vt bool 2406The 2407.Xr ldconfig 8 2408utility normally refuses to use directories 2409which are writable by anyone except root. 2410Set this variable to 2411.Dq Li YES 2412to disable that security check during system startup. 2413.It Va kern_securelevel 2414.Pq Vt int 2415The kernel security level to set at startup. 2416The allowed range of 2417.Ar value 2418ranges from \-1 (the compile time default) to 3 (the most secure). 2419See 2420.Xr init 8 2421for the list of possible security levels and their effect on system operation. 2422.It Va start_vinum 2423.Pq Vt bool 2424Set to 2425.Dq Li YES 2426to start 2427.Xr vinum 8 2428at system boot time. 2429.It Va sshd_enable 2430.Pq Vt bool 2431Set to 2432.Dq Li YES 2433to start 2434.Xr sshd 8 2435at system boot time. 2436.It Va sshd_program 2437.Pq Vt str 2438Path to the SSH server program 2439(default 2440.Pa /usr/sbin/sshd ) . 2441.It Va sshd_flags 2442.Pq Vt str 2443If 2444.Va sshd_enable 2445is set to 2446.Dq Li YES , 2447these are the flags to pass to the 2448.Xr sshd 8 2449daemon. 2450.It Va ftpd_enable 2451.Pq Vt bool 2452Set to 2453.Dq Li YES 2454to start 2455.Xr ftpd 8 2456at system boot time. 2457.It Va ftpd_flags 2458.Pq Vt str 2459If 2460.Va ftpd_enable 2461is set to 2462.Dq Li YES , 2463these are the flags to pass to the 2464.Xr ftpd 8 2465daemon. 2466.It Va usbd_enable 2467.Pq Vt bool 2468If set to 2469.Dq Li YES , 2470run the 2471.Xr usbd 8 2472daemon at boot time. 2473.It Va usbd_flags 2474.Pq Vt str 2475If 2476.Va usbd_enable 2477is set to 2478.Dq Li YES , 2479these are the flags passed to 2480.Xr usbd 8 2481daemon. 2482.It Va watchdogd_enable 2483.Pq Vt bool 2484If set to 2485.Dq Li YES , 2486start the 2487.Xr watchdogd 8 2488daemon at boot time. 2489This requires that the kernel have been compiled with 2490.Cd "options WATCHDOG" . 2491.It Va jail_enable 2492.Pq Vt bool 2493If set to 2494.Dq Li NO , 2495any configured jails will not be started. 2496.It Va jail_list 2497.Pq Vt str 2498A space separated list of names for jails. 2499This is purely a configuration aid to help identify and 2500configure multiple jails. 2501The names specified in this list will be used to 2502identify settings common to an instance of a jail. 2503Assuming that the jail in question was named 2504.Li vjail , 2505you would have the following dependent variables: 2506.Bd -literal 2507jail_vjail_hostname="jail.example.com" 2508jail_vjail_ip="192.168.1.100" 2509jail_vjail_rootdir="/var/jails/vjail/root" 2510.Ed 2511.Pp 2512.It Va jail_flags 2513.Pq Vt str 2514Unset by default. 2515When set, use as default value for 2516.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2517for every jail in 2518.Va jail_list . 2519.It Va jail_interface 2520.Pq Vt str 2521Unset by default. 2522When set, use as default value for 2523.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2524for every jail in 2525.Va jail_list . 2526.It Va jail_fstab 2527.Pq Vt str 2528Unset by default. 2529When set, use as default value for 2530.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2531for every jail in 2532.Va jail_list . 2533.It Va jail_mount_enable 2534.Pq Vt bool 2535Set to 2536.Dq Li NO 2537by default. 2538When set to 2539.Dq Li YES , 2540sets 2541.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2542to 2543.Dq Li YES 2544by default for every jail in 2545.Va jail_list . 2546.It Va jail_fdesc_enable 2547.Pq Vt bool 2548Set to 2549.Dq Li NO 2550by default. 2551When set to 2552.Dq Li YES , 2553sets 2554.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2555to 2556.Dq Li YES 2557by default for every jail in 2558.Va jail_list . 2559.It Va jail_procfs_enable 2560.Pq Vt bool 2561Set to 2562.Dq Li NO 2563by default. 2564When set to 2565.Dq Li YES , 2566sets 2567.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2568to 2569.Dq Li YES 2570by default for every jail in 2571.Va jail_list . 2572.It Va jail_exec_start 2573.Pq Vt str 2574Unset by default. 2575When set, use as default value for 2576.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2577for every jail in 2578.Va jail_list . 2579.It Va jail_exec_stop 2580Unset by default. 2581When set, use as default value for 2582.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2583for every jail in 2584.Va jail_list . 2585.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2586.Pq Vt str 2587Unset by default. 2588Set to the root directory used by jail 2589.Va jname . 2590.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2591.Pq Vt str 2592Unset by default. 2593Set to the fully qualified domain name (FQDN) assigned to jail 2594.Va jname . 2595.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2596.Pq Vt str 2597Unset by default. 2598Set to the IP address assigned to jail 2599.Va jname . 2600.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2601.Pq Vt str 2602Set to 2603.Dq Li -l -U root 2604by default. 2605These are flags to pass to 2606.Xr jail 8 . 2607.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2608.Pq Vt str 2609Unset by default. 2610When set, sets the interface to use when setting IP address alias. 2611Note that the alias is created at jail startup and removed at jail shutdown. 2612.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2613.Pq Vt str 2614Set to 2615.Pa /etc/fstab. Ns Aq Ar jname 2616by default. 2617This is the file system information file to use for jail 2618.Va jname . 2619.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2620.Pq Vt bool 2621Set to 2622.Dq Li NO 2623by default. 2624When set to 2625.Dq Li YES , 2626mount all file systems from 2627.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2628at jail startup. 2629.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2630.Pq Vt bool 2631Set to 2632.Dq Li NO 2633by default. 2634When set to 2635.Dq Li YES , 2636mount the file-descriptor file system inside jail 2637.Ar jname 2638at jail startup. 2639.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2640.Pq Vt bool 2641Set to 2642.Dq Li NO 2643by default. 2644When set to 2645.Dq Li YES , 2646mount the process file system inside jail 2647.Ar jname 2648at jail startup. 2649.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2650.Pq Vt str 2651Set to 2652.Dq Li /bin/sh /etc/rc 2653by default. 2654This is the command executed at jail startup. 2655.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2656.Pq Vt str 2657Set to 2658.Dq Li /bin/sh /etc/rc.shutdown 2659by default. 2660This is the command executed at jail shutdown. 2661.It Va jail_set_hostname_allow 2662.Pq Vt bool 2663If set to 2664.Dq Li NO , 2665do not allow the root user in a jail to set its hostname. 2666.It Va jail_socket_unixiproute_only 2667.Pq Vt bool 2668If set to 2669.Dq Li YES , 2670do not allow any sockets, 2671besides UNIX/IP/route sockets, 2672to be used within a jail. 2673.It Va jail_sysvipc_allow 2674.Pq Vt bool 2675If set to 2676.Dq Li YES , 2677allow applications within a jail to use System V IPC. 2678.It Va newsyslog_enable 2679.Pq Vt bool 2680If set to 2681.Dq Li YES , 2682run 2683.Xr newsyslog 8 2684before syslogd starts. 2685.It Va newsyslog_flags 2686.Pq Vt str 2687If 2688.Va newsyslog_enable 2689is set to 2690.Dq Li YES , 2691these are the flags passed to 2692.Xr newsyslog 8 . 2693.It Va resident_enable 2694.Pq Vt bool 2695If set to 2696.Dq Li YES , 2697make the dynamic binaries listed in 2698.Pa /etc/resident.conf 2699resident. 2700.It Va varsym_enable 2701.Pq Vt bool 2702If set to 2703.Dq Li YES , 2704process 2705.Pa /etc/varsym.conf 2706to set system-wide variables for variant symlinks. 2707.It Va rand_irqs 2708.Pq Vt str 2709Set either to 2710.Dq Li NO 2711or a whitespace separated list of IRQ numbers which will be used as a source of 2712randomness. 2713.\" ----- isdn settings --------------------------------- 2714.It Va isdn_enable 2715.Pq Vt bool 2716Set to 2717.Dq Li NO 2718by default. 2719When set to 2720.Dq Li YES , 2721starts the 2722.Xr isdnd 8 2723daemon at system boot time. 2724.It Va isdn_flags 2725.Pq Vt str 2726Set to 2727.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2728by default. 2729Additional flags to pass to 2730.Xr isdnd 8 2731(but see 2732.Va isdn_fsdev 2733and 2734.Va isdn_ttype 2735for certain tunable parameters). 2736.It Va isdn_ttype 2737.Pq Vt str 2738Set to 2739.Dq Li cons25 2740by default. 2741The terminal type of the output device when 2742.Xr isdnd 8 2743operates in full-screen mode. 2744.It Va isdn_screenflags 2745.Pq Vt str 2746Set to 2747.Dq Li NO 2748by default. 2749The video mode for full-screen mode (only for 2750.Xr syscons 4 2751console driver, see 2752.Xr vidcontrol 1 2753for valid modes). 2754.It Va isdn_fsdev 2755.Pq Vt str 2756Set to 2757.Dq Li NO 2758by default. 2759The output device for 2760.Xr isdnd 8 2761in full-screen mode (or 2762.Dq Li NO 2763for daemon mode). 2764.It Va isdn_trace 2765.Pq Vt bool 2766Set to 2767.Dq Li NO 2768by default. 2769When set to 2770.Dq Li YES , 2771enables the ISDN protocol trace utility 2772.Xr isdntrace 8 2773at system boot time. 2774.It Va isdn_traceflags 2775.Pq Vt str 2776Set to 2777.Dq Fl f Pa /var/tmp/isdntrace0 2778by default. 2779Flags for 2780.Xr isdntrace 8 . 2781.\" ----------------------------------------------------- 2782.It Va entropy_dir 2783.Pq Vt str 2784Set to 2785.Dq Li NO 2786to disable caching entropy via 2787.Xr cron 8 . 2788Otherwise set to the directory used to store entropy files in. 2789.It Va entropy_file 2790.Pq Vt str 2791Set to 2792.Dq Li NO 2793to disable caching entropy through reboots. 2794Otherwise set to the filename used to store cached entropy through reboots. 2795This file should be located on the root file system to seed the 2796.Xr random 4 2797device as early as possible in the boot process. 2798.It Va ipsec_enable 2799.Pq Vt bool 2800Set to 2801.Dq Li YES 2802to run 2803.Xr setkey 8 2804on 2805.Va ipsec_file 2806at boot time. 2807.It Va ipsec_file 2808.Pq Vt str 2809Configuration file for 2810.Xr setkey 8 . 2811.It Va dmesg_enable 2812.Pq Vt bool 2813Set to 2814.Dq Li YES 2815to save 2816.Xr dmesg 8 2817to 2818.Pa /var/run/dmesg.boot 2819on boot. 2820.It Va rcshutdown_timeout 2821.Pq Vt int 2822If set, start a watchdog timer in the background which will terminate 2823.Pa rc.shutdown 2824if 2825.Xr shutdown 8 2826has not completed within the specified time (in seconds). 2827.El 2828.Sh FILES 2829.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2830.It Pa /etc/defaults/rc.conf 2831.It Pa /etc/rc.conf 2832.It Pa /etc/rc.conf.local 2833.It Pa /etc/start_if. Ns Aq Ar interface 2834.El 2835.Sh SEE ALSO 2836.Xr catman 1 , 2837.Xr gdb 1 , 2838.Xr info 1 , 2839.Xr kbdcontrol 1 , 2840.Xr varsym 1 , 2841.Xr vidcontrol 1 , 2842.Xr ip 4 , 2843.Xr ipf 4 , 2844.Xr ipfw 4 , 2845.Xr kld 4 , 2846.Xr pf 4 , 2847.Xr tcp 4 , 2848.Xr udp 4 , 2849.Xr exports 5 , 2850.Xr motd 5 , 2851.Xr resident.conf 5 , 2852.Xr varsym.conf 5 , 2853.Xr accton 8 , 2854.Xr amd 8 , 2855.Xr apm 8 , 2856.Xr atm 8 , 2857.Xr btconfig 8 , 2858.Xr bthcid 8 , 2859.Xr cron 8 , 2860.Xr devd 8 , 2861.Xr dhclient 8 , 2862.Xr dntpd 8 , 2863.Xr ftpd 8 , 2864.Xr ifconfig 8 , 2865.Xr inetd 8 , 2866.Xr isdnd 8 , 2867.Xr isdntrace 8 , 2868.Xr jail 8 , 2869.Xr lpd 8 , 2870.Xr makewhatis 8 , 2871.Xr mixer 8 , 2872.Xr mountd 8 , 2873.Xr moused 8 , 2874.Xr mrouted 8 , 2875.Xr named 8 , 2876.Xr nfsd 8 , 2877.Xr pcnfsd 8 , 2878.Xr pfctl 8 , 2879.Xr pflogd 8 , 2880.Xr quotacheck 8 , 2881.Xr quotaon 8 , 2882.Xr rc 8 , 2883.Xr rc.sendmail 8 , 2884.Xr resident 8 , 2885.Xr rndcontrol 8 , 2886.Xr route 8 , 2887.Xr routed 8 , 2888.Xr rpcbind 8 , 2889.Xr rpc.lockd 8 , 2890.Xr rpc.statd 8 , 2891.Xr rtadvd 8 , 2892.Xr rtsold 8 , 2893.Xr rwhod 8 , 2894.Xr savecore 8 , 2895.Xr sdpd 8 , 2896.Xr sensorsd 8 , 2897.Xr sshd 8 , 2898.Xr swapon 8 , 2899.Xr sysctl 8 , 2900.Xr syslogd 8 , 2901.Xr timed 8 , 2902.Xr usbd 8 , 2903.Xr vinum 8 , 2904.Xr yp 8 , 2905.Xr ypbind 8 , 2906.Xr ypserv 8 , 2907.Xr ypset 8 2908.Sh HISTORY 2909The 2910.Nm 2911file appeared in 2912.Fx 2.2.2 . 2913.Sh AUTHORS 2914.An Jordan K. Hubbard . 2915