1.\" SPDX-License-Identifier: BSD-2-Clause 2.\" 3.\" Copyright (c) 2006-2023 Roy Marples 4.\" All rights reserved 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 15.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25.\" SUCH DAMAGE. 26.\" 27.Dd December 10, 2023 28.Dt DHCPCD 8 29.Os 30.Sh NAME 31.Nm dhcpcd 32.Nd a DHCP client 33.Sh SYNOPSIS 34.Nm 35.Op Fl 146ABbDdEGgHJKLMNPpqTV 36.Op Fl C , Fl Fl nohook Ar hook 37.Op Fl c , Fl Fl script Ar script 38.Op Fl e , Fl Fl env Ar value 39.Op Fl F , Fl Fl fqdn Ar FQDN 40.Op Fl f , Fl Fl config Ar file 41.Op Fl h , Fl Fl hostname Ar hostname 42.Op Fl I , Fl Fl clientid Ar clientid 43.Op Fl i , Fl Fl vendorclassid Ar vendorclassid 44.Op Fl j , Fl Fl logfile Ar logfile 45.Op Fl l , Fl Fl leasetime Ar seconds 46.Op Fl m , Fl Fl metric Ar metric 47.Op Fl O , Fl Fl nooption Ar option 48.Op Fl o , Fl Fl option Ar option 49.Op Fl Q , Fl Fl require Ar option 50.Op Fl r , Fl Fl request Ar address 51.Op Fl S , Fl Fl static Ar value 52.Op Fl s , Fl Fl inform Ar address Ns Op Ar /cidr Ns Op Ar /broadcast_address 53.Op Fl Fl inform6 54.Op Fl t , Fl Fl timeout Ar seconds 55.Op Fl u , Fl Fl userclass Ar class 56.Op Fl v , Fl Fl vendor Ar code , Ar value 57.Op Fl W , Fl Fl whitelist Ar address Ns Op Ar /cidr 58.Op Fl w 59.Op Fl Fl waitip Ns = Ns Op 4 | 6 60.Op Fl y , Fl Fl reboot Ar seconds 61.Op Fl X , Fl Fl blacklist Ar address Ns Op Ar /cidr 62.Op Fl Z , Fl Fl denyinterfaces Ar pattern 63.Op Fl z , Fl Fl allowinterfaces Ar pattern 64.Op Fl Fl inactive 65.Op Fl Fl configure 66.Op Fl Fl noconfigure 67.Op interface 68.Op ... 69.Nm 70.Fl n , Fl Fl rebind 71.Op interface 72.Nm 73.Fl k , Fl Fl release 74.Op interface 75.Nm 76.Fl U , Fl Fl dumplease 77.Op Ar interface 78.Nm 79.Fl Fl version 80.Nm 81.Fl x , Fl Fl exit 82.Op interface 83.Sh DESCRIPTION 84.Nm 85is an implementation of the DHCP client specified in 86.Li RFC 2131 . 87.Nm 88gets the host information 89.Po 90IP address, routes, etc 91.Pc 92from a DHCP server and configures the network 93.Ar interface 94of the 95machine on which it is running. 96.Nm 97then runs the configuration script which writes DNS information to 98.Xr resolvconf 8 , 99if available, otherwise directly to 100.Pa /etc/resolv.conf . 101If the hostname is currently blank, (null) or localhost, or 102.Va force_hostname 103is YES or TRUE or 1 then 104.Nm 105sets the hostname to the one supplied by the DHCP server. 106.Nm 107then daemonises and waits for the lease renewal time to lapse. 108It will then attempt to renew its lease and reconfigure if the new lease 109changes when the lease begins to expire or the DHCP server sends a message 110to renew early. 111.Pp 112If any interface reports a working carrier then 113.Nm 114will try to obtain a lease before forking to the background, 115otherwise it will fork right away. 116This behaviour can be modified with the 117.Fl b , Fl Fl background 118and 119.Fl w , Fl Fl waitip 120options. 121.Pp 122.Nm 123is also an implementation of the BOOTP client specified in 124.Li RFC 951 . 125.Pp 126.Nm 127is also an implementation of the IPv6 Router Solicitor as specified in 128.Li RFC 4861 129and 130.Li RFC 6106 . 131.Pp 132.Nm 133is also an implementation of the IPv6 Privacy Extensions to AutoConf as 134specified in 135.Li RFC 4941 . 136This feature needs to be enabled in the kernel and 137.Nm 138will start using it. 139.Pp 140.Nm 141is also an implementation of the DHCPv6 client as specified in 142.Li RFC 3315 . 143By default, 144.Nm 145only starts DHCPv6 when instructed to do so by an IPV6 Router Advertisement. 146If no Identity Association is configured, 147then a Non-temporary Address is requested. 148.Ss Local Link configuration 149If 150.Nm 151failed to obtain a lease, it probes for a valid IPv4LL address 152.Po 153aka ZeroConf, aka APIPA 154.Pc . 155Once obtained it restarts the process of looking for a DHCP server to get a 156proper address. 157.Pp 158When using IPv4LL, 159.Nm 160nearly always succeeds and returns an exit code of 0. 161In the rare case it fails, it normally means that there is a reverse ARP proxy 162installed which always defeats IPv4LL probing. 163To disable this behaviour, you can use the 164.Fl L , Fl Fl noipv4ll 165option. 166.Ss Multiple interfaces 167If a list of interfaces are given on the command line, then 168.Nm 169only works with those interfaces, otherwise 170.Nm 171discovers available Ethernet interfaces that can be configured. 172When 173.Nm 174is not limited to one interface on the command line, 175it is running in Manager mode. 176The 177.Nm dhcpcd-ui 178project expects dhcpcd to be running this way. 179.Pp 180If a single interface is given then 181.Nm 182only works for that interface and runs as a separate instance to other 183.Nm 184processes. 185The 186.Fl w , Fl Fl waitip 187option is enabled in this instance to maintain compatibility with older 188versions. 189Using a single interface, 190optionally further limited to an address protocol, 191also affects the 192.Fl k , 193.Fl N , 194.Fl n 195and 196.Fl x 197options, where the same interface and any address protocol 198will need to be specified, as a lack of an 199interface will imply Manager mode which this is not. 200To force starting in Manager mode with only one interface, the 201.Fl M , Fl Fl manager 202option can be used. 203.Pp 204Interfaces are preferred by carrier, DHCP lease/IPv4LL and then lowest metric. 205For systems that support route metrics, each route will be tagged with the 206metric, otherwise 207.Nm 208changes the routes to use the interface with the same route and the lowest 209metric. 210See options below for controlling which interfaces we allow and deny through 211the use of patterns. 212.Pp 213Non-ethernet interfaces and some virtual ethernet interfaces 214such as TAP and bridge are ignored by default, 215as is the FireWire interface. 216To work with these devices they either need to be specified on the command line, 217be listed in 218.Fl Fl allowinterfaces 219or have an interface directive in 220.Pa /etc/dhcpcd.conf . 221.Ss Hooking into events 222.Nm 223runs 224.Pa /usr/libexec/dhcpcd-run-hooks , 225or the script specified by the 226.Fl c , Fl Fl script 227option. 228This script runs each script found in 229.Pa /usr/libexec/dhcpcd-hooks 230in a lexical order. 231The default installation supplies the scripts 232.Pa 01-test , 233.Pa 20-resolv.conf 234and 235.Pa 30-hostname . 236You can disable each script by using the 237.Fl C , Fl Fl nohook 238option. 239See 240.Xr dhcpcd-run-hooks 8 241for details on how these scripts work. 242.Nm 243currently ignores the exit code of the script. 244.Pp 245More scripts are supplied in 246.Pa /usr/share/dhcpcd/hooks 247and need to be copied to 248.Pa /usr/libexec/dhcpcd-hooks 249if you intend to use them. 250For example, you could install 251.Pa 29-lookup-hostname 252so that 253.Nm 254can lookup the hostname of the IP address in DNS if no hostname 255is given by the lease and one is not already set. 256.Ss Fine tuning 257You can fine-tune the behaviour of 258.Nm 259with the following options: 260.Bl -tag -width indent 261.It Fl b , Fl Fl background 262Background immediately. 263This is useful for startup scripts which don't disable link messages for 264carrier status. 265.It Fl c , Fl Fl script Ar script 266Use this 267.Ar script 268instead of the default 269.Pa /usr/libexec/dhcpcd-run-hooks . 270.It Fl D , Fl Fl duid Op Ar ll | lt | uuid | value 271Use a DHCP Unique Identifier. 272If a system UUID is available, that will be used to create a DUID-UUID, 273otherwise if persistent storage is available then a DUID-LLT 274(link local address + time) is generated, 275otherwise DUID-LL is generated (link local address). 276The DUID type can be hinted as an optional parameter if the file 277.Pa /var/db/dhcpcd/duid 278does not exist. 279If not 280.Va ll , 281.Va lt 282or 283.Va uuid 284then 285.Va value 286will be converted from 00:11:22:33 format. 287This, plus the IAID will be used as the 288.Fl I , Fl Fl clientid . 289The DUID generated will be held in 290.Pa /var/db/dhcpcd/duid 291and should not be copied to other hosts. 292This file also takes precedence over the above rules except for setting a value. 293.It Fl d , Fl Fl debug 294Echo debug messages to the stderr and syslog. 295.It Fl E , Fl Fl lastlease 296If 297.Nm 298cannot obtain a lease, then try to use the last lease acquired for the 299interface. 300.It Fl Fl lastleaseextend 301Same as the above, but the lease will be retained even if it expires. 302.Nm 303will give it up if any other host tries to claim it for their own via ARP. 304This violates RFC 2131, section 3.7, which states the lease should be 305dropped once it has expired. 306.It Fl e , Fl Fl env Ar value 307Push 308.Ar value 309to the environment for use in 310.Xr dhcpcd-run-hooks 8 . 311For example, you can force the hostname hook to always set the hostname with 312.Fl e 313.Va force_hostname=YES . 314.It Fl g , Fl Fl reconfigure 315.Nm 316will re-apply IP address, routing and run 317.Xr dhcpcd-run-hooks 8 318for each interface. 319This is useful so that a 3rd party such as PPP or VPN can change the routing 320table and / or DNS, etc and then instruct 321.Nm 322to put things back afterwards. 323.Nm 324does not read a new configuration when this happens - you should rebind if you 325need that functionality. 326.It Fl F , Fl Fl fqdn Ar fqdn 327Requests that the DHCP server update DNS using FQDN instead of just a 328hostname. 329Valid values for 330.Ar fqdn 331are disable, none, ptr and both. 332.Nm 333itself never does any DNS updates. 334.Nm 335encodes the FQDN hostname as specified in 336.Li RFC 1035 . 337.It Fl f , Fl Fl config Ar file 338Specify a config to load instead of 339.Pa /etc/dhcpcd.conf . 340.Nm 341always processes the config file before any command line options. 342.It Fl h , Fl Fl hostname Ar hostname 343Sends 344.Ar hostname 345to the DHCP server so it can be registered in DNS. 346If 347.Ar hostname 348is an empty string then the current system hostname is sent. 349If 350.Ar hostname 351is a FQDN (i.e., contains a .) then it will be encoded as such. 352.It Fl I , Fl Fl clientid Ar clientid 353Send the 354.Ar clientid . 355If the string is of the format 01:02:03 then it is encoded as hex. 356For interfaces whose hardware address is longer than 8 bytes, or if the 357.Ar clientid 358is an empty string then 359.Nm 360sends a default 361.Ar clientid 362of the hardware family and the hardware address. 363.It Fl i , Fl Fl vendorclassid Ar vendorclassid 364Override the DHCPv4 365.Ar vendorclassid 366field sent. 367The default is 368dhcpcd-<version>:<os>:<machine>:<platform>. 369For example 370.D1 dhcpcd-5.5.6:NetBSD-6.99.5:i386:i386 371If not set then none is sent. 372Some badly configured DHCP servers reject unknown vendorclassids. 373To work around it, try and impersonate Windows by using the MSFT vendorclassid. 374.It Fl j , Fl Fl logfile Ar logfile 375Writes to the specified 376.Ar logfile . 377.Nm 378still writes to 379.Xr syslog 3 . 380The 381.Ar logfile 382is reopened when 383.Nm 384receives the 385.Dv SIGUSR2 386signal. 387.It Fl k , Fl Fl release Op Ar interface 388This causes an existing 389.Nm 390process running on the 391.Ar interface 392to release its lease and de-configure the 393.Ar interface 394regardless of the 395.Fl p , Fl Fl persistent 396option. 397If no 398.Ar interface 399is specified then this applies to all interfaces in Manager mode. 400If no interfaces are left running, 401.Nm 402will exit. 403.It Fl l , Fl Fl leasetime Ar seconds 404Request a lease time of 405.Ar seconds . 406.Ar -1 407represents an infinite lease time. 408By default 409.Nm 410does not request any lease time and leaves it in the hands of the 411DHCP server. 412.It Fl M , Fl Fl manager 413Start 414.Nm 415in Manager mode even if only one interface specified on the command line. 416See the Multiple Interfaces section above. 417.It Fl m , Fl Fl metric Ar metric 418Metrics are used to prefer an interface over another one, lowest wins. 419.Nm 420will supply a default metric of 1000 + 421.Xr if_nametoindex 3 . 422This will be offset by 2000 for wireless interfaces, with additional offsets 423of 1000000 for IPv4LL and 2000000 for roaming interfaces. 424.It Fl n , Fl Fl rebind Op Ar interface 425Notifies 426.Nm 427to reload its configuration and rebind the specified 428.Ar interface . 429If no 430.Ar interface 431is specified then this applies to all interfaces in Manager mode. 432If 433.Nm 434is not running, then it starts up as normal. 435.It Fl N , Fl Fl renew Op Ar interface 436Notifies 437.Nm 438to renew existing addresses on the specified 439.Ar interface . 440If no 441.Ar interface 442is specified then this applies to all interfaces in Manager mode. 443If 444.Nm 445is not running, then it starts up as normal. 446Unlike the 447.Fl n , Fl Fl rebind 448option above, the configuration for 449.Nm 450is not reloaded. 451.It Fl o , Fl Fl option Ar option 452Request the DHCP 453.Ar option 454variable for use in 455.Pa /usr/libexec/dhcpcd-run-hooks . 456.It Fl p , Fl Fl persistent 457.Nm 458de-configures the 459.Ar interface 460when it exits unless this option is enabled. 461Sometimes, this isn't desirable if, for example, you have root mounted over 462NFS or SSH clients connect to this host and they need to be notified of 463the host shutting down. 464You can use this option to stop this from happening. 465.It Fl r , Fl Fl request Ar address 466Request the 467.Ar address 468in the DHCP DISCOVER message. 469There is no guarantee this is the address the DHCP server will actually give. 470If no 471.Ar address 472is given then the first address currently assigned to the 473.Ar interface 474is used. 475.It Fl s , Fl Fl inform Ar address Ns Op Ar /cidr Ns Op Ar /broadcast_address 476Behaves like 477.Fl r , Fl Fl request 478as above, but sends a DHCP INFORM instead of DISCOVER/REQUEST. 479This does not get a lease as such, just notifies the DHCP server of the 480.Ar address 481in use. 482You should also include the optional 483.Ar cidr 484network number in case the address is not already configured on the interface. 485.Nm 486remains running and pretends it has an infinite lease. 487.Nm 488will not de-configure the interface when it exits. 489If 490.Nm 491fails to contact a DHCP server then it returns a failure instead of falling 492back on IPv4LL. 493.It Fl Fl inform6 494Performs a DHCPv6 Information Request. 495No address is requested or specified, but all other DHCPv6 options are allowed. 496This is normally performed automatically when the IPv6 Router Advertises 497that the client should perform this operation. 498This option is only needed when 499.Nm 500is not processing IPv6RA messages and the need for DHCPv6 Information Request 501exists. 502.It Fl S , Fl Fl static Ar value 503Configures a static DHCP 504.Ar value . 505If you set 506.Ic ip_address 507then 508.Nm 509will not attempt to obtain a lease and just use the value for the address with 510an infinite lease time. 511.Pp 512Here is an example which configures a static address, routes and DNS. 513.D1 dhcpcd -S ip_address=192.168.0.10/24 \e 514.D1 -S routers=192.168.0.1 \e 515.D1 -S domain_name_servers=192.168.0.1 \e 516.D1 eth0 517.Pp 518You cannot presently set static DHCPv6 values. 519Use the 520.Fl e , Fl Fl env 521option instead. 522.It Fl t , Fl Fl timeout Ar seconds 523Timeout after 524.Ar seconds , 525instead of the default 30. 526A setting of 0 527.Ar seconds 528causes 529.Nm 530to wait forever to get a lease. 531If 532.Nm 533is working on a single interface then 534.Nm 535will exit when a timeout occurs, otherwise 536.Nm 537will fork into the background. 538.It Fl u , Fl Fl userclass Ar class 539Tags the DHCPv4 message with the userclass 540.Ar class . 541DHCP servers use this to give members of the class DHCP options other than the 542default, without having to know things like hardware address or hostname. 543.It Fl v , Fl Fl vendor Ar code , Ns Ar value 544Add an encapsulated vendor option. 545.Ar code 546should be between 1 and 254 inclusive. 547To add a raw vendor string, omit 548.Ar code 549but keep the comma. 550Examples. 551.Pp 552Set the vendor option 01 with an IP address. 553.D1 dhcpcd \-v 01,192.168.0.2 eth0 554Set the vendor option 02 with a hex code. 555.D1 dhcpcd \-v 02,01:02:03:04:05 eth0 556Set the vendor option 03 with an IP address as a string. 557.D1 dhcpcd \-v 03,\e"192.168.0.2\e" eth0 558Set un-encapsulated vendor option to hello world. 559.D1 dhcpcd \-v ,"hello world" eth0 560.It Fl Fl version 561Display both program version and copyright information. 562.Nm 563then exits before doing any configuration. 564.It Fl w 565Wait for an address to be assigned before forking to the background. 566Does not take an argument, unlike the below option. 567.It Fl Fl waitip Ns = Ns Op 4 | 6 568Wait for an address to be assigned before forking to the background. 5694 means wait for an IPv4 address to be assigned. 5706 means wait for an IPv6 address to be assigned. 571If no argument is given, 572.Nm 573will wait for any address protocol to be assigned. 574It is possible to wait for more than one address protocol and 575.Nm 576will only fork to the background when all waiting conditions are satisfied. 577.It Fl x , Fl Fl exit Op Ar interface 578This will signal an existing 579.Nm 580process running on the 581.Ar interface 582to exit. 583If no 584.Ar interface 585is specified, then the above is applied to all interfaces in Manager mode. 586See the 587.Fl p , Fl Fl persistent 588option to control configuration persistence on exit, 589which is enabled by default in 590.Xr dhcpcd.conf 5 . 591.Nm 592then waits until this process has exited. 593.It Fl y , Fl Fl reboot Ar seconds 594Allow 595.Ar reboot 596seconds before moving to the discover phase if we have an old lease to use. 597Allow 598.Ar reboot 599seconds before starting fallback states from the discover phase. 600IPv4LL is started when the first 601.Ar reboot 602timeout is reached. 603The default is 5 seconds. 604A setting of 0 seconds causes 605.Nm 606to skip the reboot phase and go straight into discover. 607This has no effect on DHCPv6 other than skipping the reboot phase. 608.El 609.Ss Restricting behaviour 610.Nm 611will try to do as much as it can by default. 612However, there are sometimes situations where you don't want the things to be 613configured exactly how the DHCP server wants. 614Here are some options that deal with turning these bits off. 615.Pp 616Note that when 617.Nm 618is restricted to a single interface then the interface also needs to be 619specified when asking 620.Nm 621to exit using the commandline. 622If the protocol is restricted as well then the protocol needs to be included 623with the exit instruction. 624.Bl -tag -width indent 625.It Fl 1 , Fl Fl oneshot 626Exit after configuring an interface. 627Use the 628.Fl w , Fl Fl waitip 629option to specify which protocol(s) to configure before exiting. 630.It Fl 4 , Fl Fl ipv4only 631Configure IPv4 only. 632.It Fl 6 , Fl Fl ipv6only 633Configure IPv6 only. 634.It Fl A , Fl Fl noarp 635Don't request or claim the address by ARP. 636This also disables IPv4LL. 637.It Fl B , Fl Fl nobackground 638Don't run in the background when we acquire a lease. 639This is mainly useful for running under the control of another process, such 640as a debugger or a network manager. 641.It Fl C , Fl Fl nohook Ar script 642Don't run this hook script. 643Matches full name, or prefixed with 2 numbers optionally ending with 644.Pa .sh . 645.Pp 646So to stop 647.Nm 648from touching your DNS settings you would do:- 649.D1 dhcpcd -C resolv.conf eth0 650.It Fl G , Fl Fl nogateway 651Don't set any default routes. 652.It Fl H , Fl Fl xidhwaddr 653Use the last four bytes of the hardware address as the DHCP xid instead 654of a randomly generated number. 655.It Fl J , Fl Fl broadcast 656Instructs the DHCP server to broadcast replies back to the client. 657Normally this is only set for non-Ethernet interfaces, 658such as FireWire and InfiniBand. 659In most instances, 660.Nm 661will set this automatically. 662.It Fl K , Fl Fl nolink 663Don't receive link messages for carrier status. 664You should only have to use this with buggy device drivers or running 665.Nm 666through a network manager. 667.It Fl L , Fl Fl noipv4ll 668Don't use IPv4LL (aka APIPA, aka Bonjour, aka ZeroConf). 669.It Fl O , Fl Fl nooption Ar option 670Removes the 671.Ar option 672from the DHCP message before processing. 673.It Fl P , Fl Fl printpidfile 674Print the 675.Pa pidfile 676.Nm 677will use based on command-line arguments to stdout. 678.It Fl Q , Fl Fl require Ar option 679Requires the 680.Ar option 681to be present in all DHCP messages, otherwise the message is ignored. 682To enforce that 683.Nm 684only responds to DHCP servers and not BOOTP servers, you can 685.Fl Q 686.Ar dhcp_message_type . 687.It Fl q , Fl Fl quiet 688Quiet 689.Nm 690on the command line, only warnings and errors will be displayed. 691If this option is used another time then all console output is disabled. 692These messages are still logged via 693.Xr syslog 3 . 694.It Fl T , Fl Fl test 695On receipt of DHCP messages just call 696.Pa /usr/libexec/dhcpcd-run-hooks 697with the reason of TEST which echos the DHCP variables found in the message 698to the console. 699The interface configuration isn't touched and neither are any configuration 700files. 701The 702.Ar rapid_commit 703option is not sent in TEST mode so that the server does not lease an address. 704To test INFORM the interface needs to be configured with the desired address 705before starting 706.Nm . 707.It Fl U , Fl Fl dumplease Op Ar interface 708Dumps the current lease for the 709.Ar interface 710to stdout. 711If no 712.Ar interface 713is given then all interfaces are dumped. 714Use the 715.Fl 4 716or 717.Fl 6 718flags to specify an address family. 719If a lease is piped in via standard input then that is dumped. 720In this case, specifying an address family is mandatory. 721.It Fl V , Fl Fl variables 722Display a list of option codes, the associated variable and encoding for use in 723.Xr dhcpcd-run-hooks 8 . 724Variables are prefixed with new_ and old_ unless the option number is -. 725Variables without an option are part of the DHCP message and cannot be 726directly requested. 727.It Fl W , Fl Fl whitelist Ar address Ns Op /cidr 728Only accept packets from 729.Ar address Ns Op /cidr . 730.Fl X , Fl Fl blacklist 731is ignored if 732.Fl W , Fl Fl whitelist 733is set. 734.It Fl X , Fl Fl blacklist Ar address Ns Op Ar /cidr 735Ignore all packets from 736.Ar address Ns Op Ar /cidr . 737.It Fl Z , Fl Fl denyinterfaces Ar pattern 738When discovering interfaces, the interface name must not match 739.Ar pattern 740which is a space or comma separated list of patterns passed to 741.Xr fnmatch 3 . 742.It Fl z , Fl Fl allowinterfaces Ar pattern 743When discovering interfaces, the interface name must match 744.Ar pattern 745which is a space or comma separated list of patterns passed to 746.Xr fnmatch 3 . 747If the same interface is matched in 748.Fl Z , Fl Fl denyinterfaces 749then it is still denied. 750.It Fl Fl inactive 751Don't start any interfaces other than those specified on the command line. 752This allows 753.Nm 754to be started in Manager mode and then wait for subsequent 755.Nm 756commands to start each interface as required. 757.It Fl Fl configure 758Allows 759.Nm 760to configure the system. 761This is the default behaviour and sets 762.Ev if_configured=true . 763.It Fl Fl noconfigure 764.Nm 765will not configure the system at all. 766This is only of use if the 767.Fl Fl script 768that 769.Nm 770calls at each network event configures the system instead. 771This is different from 772.Fl T , Fl Fl test 773mode in that it's not one shot and the only change to the environment is the 774addition of 775.Ev if_configured=false . 776.It Fl Fl nodev 777Don't load any 778.Pa /dev 779management modules. 780.El 781.Sh 3RDPARTY LINK MANAGEMENT 782Some interfaces require configuration by 3rd parties, such as PPP or VPN. 783When an interface configuration in 784.Nm 785is marked as STATIC or INFORM without an address then 786.Nm 787will monitor the interface until an address is added or removed from it and 788act accordingly. 789For point to point interfaces (like PPP), a default route to its 790destination is automatically added to the configuration. 791If the point to point interface is configured for INFORM, then 792.Nm 793unicasts INFORM to the destination, otherwise it defaults to STATIC. 794.Sh NOTES 795.Nm 796requires a Berkeley Packet Filter, or BPF device on BSD based systems and a 797Linux Socket Filter, or LPF device on Linux based systems for all IPv4 798configuration. 799.Pp 800If restricting 801.Nm 802to a single interface and optionally address family via the command-line 803then all further calls to 804.Nm 805to rebind, reconfigure or exit need to include the same restrictive flags 806so that 807.Nm 808knows which process to signal. 809.Pp 810Some DHCP servers implement ClientID filtering. 811If 812.Nm 813is replacing an in-use DHCP client then you might need to adjust the clientid 814option 815.Nm 816sends to match. 817If using a DUID in place of the ClientID, edit 818.Pa /var/db/dhcpcd/duid 819accordingly. 820.Sh FILES 821.Bl -ohang 822.It Pa /etc/dhcpcd.conf 823Configuration file for dhcpcd. 824If you always use the same options, put them here. 825.It Pa /usr/libexec/dhcpcd-run-hooks 826Bourne shell script that is run to configure or de-configure an interface. 827.It Pa /lib/dhcpcd/dev 828Linux 829.Pa /dev 830management modules. 831.It Pa /usr/libexec/dhcpcd-hooks 832A directory containing Bourne shell scripts that are run by the above script. 833Each script can be disabled by using the 834.Fl C , Fl Fl nohook 835option described above. 836.It Pa /var/db/dhcpcd/duid 837Text file that holds the DUID used to identify the host. 838.It Pa /var/db/dhcpcd/secret 839Text file that holds a secret key known only to the host. 840.It Pa /var/db/dhcpcd/ Ns Ar interface Ns Ar -ssid Ns .lease 841The actual DHCP message sent by the server. 842We use this when reading the last 843lease and use the file's mtime as when it was issued. 844.It Pa /var/db/dhcpcd/ Ns Ar interface Ns Ar -ssid Ns .lease6 845The actual DHCPv6 message sent by the server. 846We use this when reading the last 847lease and use the file's mtime as when it was issued. 848.It Pa /var/db/dhcpcd/rdm_monotonic 849Stores the monotonic counter used in the 850.Ar replay 851field in Authentication Options. 852.It Pa /var/run/dhcpcd/pid 853Stores the PID of 854.Nm 855running on all interfaces. 856.It Pa /var/run/dhcpcd/ Ns Ar interface Ns .pid 857Stores the PID of 858.Nm 859running on the 860.Ar interface . 861.It Pa /var/run/dhcpcd/sock 862Control socket to the manager daemon. 863.It Pa /var/run/dhcpcd/unpriv.sock 864Unprivileged socket to the manager daemon, only allows state retrieval. 865.It Pa /var/run/dhcpcd/ Ns Ar interface Ns .sock 866Control socket to per interface daemon. 867.It Pa /var/run/dhcpcd/ Ns Ar interface Ns .unpriv.sock 868Unprivileged socket to per interface daemon, only allows state retrieval. 869.El 870.Sh SEE ALSO 871.Xr fnmatch 3 , 872.Xr if_nametoindex 3 , 873.Xr dhcpcd.conf 5 , 874.Xr resolv.conf 5 , 875.Xr dhcpcd-run-hooks 8 , 876.Xr resolvconf 8 877.Sh STANDARDS 878RFC\ 951, RFC\ 1534, RFC\ 2104, RFC\ 2131, RFC\ 2132, RFC\ 2563, RFC\ 2855, 879RFC\ 3004, RFC\ 3118, RFC\ 3203, RFC\ 3315, RFC\ 3361, RFC\ 3633, RFC\ 3396, 880RFC\ 3397, RFC\ 3442, RFC\ 3495, RFC\ 3925, RFC\ 3927, RFC\ 4039, RFC\ 4075, 881RFC\ 4242, RFC\ 4361, RFC\ 4390, RFC\ 4702, RFC\ 4074, RFC\ 4861, RFC\ 4833, 882RFC\ 4941, RFC\ 5227, RFC\ 5942, RFC\ 5969, RFC\ 6106, RFC\ 6334, RFC\ 6355, 883RFC\ 6603, RFC\ 6704, RFC\ 7217, RFC\ 7550, RFC\ 7844. 884.Sh AUTHORS 885.An Roy Marples Aq Mt roy@marples.name 886.Sh BUGS 887Please report them to 888.Lk https://roy.marples.name/projects/dhcpcd 889