1.\" SPDX-License-Identifier: BSD-2-Clause 2.\" 3.\" Copyright (c) 2006-2023 Roy Marples 4.\" All rights reserved 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 15.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25.\" SUCH DAMAGE. 26.\" 27.Dd August 31, 2022 28.Dt DHCPCD 8 29.Os 30.Sh NAME 31.Nm dhcpcd 32.Nd a DHCP client 33.Sh SYNOPSIS 34.Nm 35.Op Fl 146ABbDdEGgHJKLMNPpqTV 36.Op Fl C , Fl Fl nohook Ar hook 37.Op Fl c , Fl Fl script Ar script 38.Op Fl e , Fl Fl env Ar value 39.Op Fl F , Fl Fl fqdn Ar FQDN 40.Op Fl f , Fl Fl config Ar file 41.Op Fl h , Fl Fl hostname Ar hostname 42.Op Fl I , Fl Fl clientid Ar clientid 43.Op Fl i , Fl Fl vendorclassid Ar vendorclassid 44.Op Fl j , Fl Fl logfile Ar logfile 45.Op Fl l , Fl Fl leasetime Ar seconds 46.Op Fl m , Fl Fl metric Ar metric 47.Op Fl O , Fl Fl nooption Ar option 48.Op Fl o , Fl Fl option Ar option 49.Op Fl Q , Fl Fl require Ar option 50.Op Fl r , Fl Fl request Ar address 51.Op Fl S , Fl Fl static Ar value 52.Op Fl s , Fl Fl inform Ar address Ns Op Ar /cidr Ns Op Ar /broadcast_address 53.Op Fl Fl inform6 54.Op Fl t , Fl Fl timeout Ar seconds 55.Op Fl u , Fl Fl userclass Ar class 56.Op Fl v , Fl Fl vendor Ar code , Ar value 57.Op Fl W , Fl Fl whitelist Ar address Ns Op Ar /cidr 58.Op Fl w 59.Op Fl Fl waitip Ns = Ns Op 4 | 6 60.Op Fl y , Fl Fl reboot Ar seconds 61.Op Fl X , Fl Fl blacklist Ar address Ns Op Ar /cidr 62.Op Fl Z , Fl Fl denyinterfaces Ar pattern 63.Op Fl z , Fl Fl allowinterfaces Ar pattern 64.Op Fl Fl inactive 65.Op Fl Fl configure 66.Op Fl Fl noconfigure 67.Op interface 68.Op ... 69.Nm 70.Fl n , Fl Fl rebind 71.Op interface 72.Nm 73.Fl k , Fl Fl release 74.Op interface 75.Nm 76.Fl U , Fl Fl dumplease 77.Op Ar interface 78.Nm 79.Fl Fl version 80.Nm 81.Fl x , Fl Fl exit 82.Op interface 83.Sh DESCRIPTION 84.Nm 85is an implementation of the DHCP client specified in 86.Li RFC 2131 . 87.Nm 88gets the host information 89.Po 90IP address, routes, etc 91.Pc 92from a DHCP server and configures the network 93.Ar interface 94of the 95machine on which it is running. 96.Nm 97then runs the configuration script which writes DNS information to 98.Xr resolvconf 8 , 99if available, otherwise directly to 100.Pa /etc/resolv.conf . 101If the hostname is currently blank, (null) or localhost, or 102.Va force_hostname 103is YES or TRUE or 1 then 104.Nm 105sets the hostname to the one supplied by the DHCP server. 106.Nm 107then daemonises and waits for the lease renewal time to lapse. 108It will then attempt to renew its lease and reconfigure if the new lease 109changes when the lease begins to expire or the DHCP server sends a message 110to renew early. 111.Pp 112If any interface reports a working carrier then 113.Nm 114will try to obtain a lease before forking to the background, 115otherwise it will fork right away. 116This behaviour can be modified with the 117.Fl b , Fl Fl background 118and 119.Fl w , Fl Fl waitip 120options. 121.Pp 122.Nm 123is also an implementation of the BOOTP client specified in 124.Li RFC 951 . 125.Pp 126.Nm 127is also an implementation of the IPv6 Router Solicitor as specified in 128.Li RFC 4861 129and 130.Li RFC 6106 . 131.Pp 132.Nm 133is also an implementation of the IPv6 Privacy Extensions to AutoConf as 134specified in 135.Li RFC 4941 . 136This feature needs to be enabled in the kernel and 137.Nm 138will start using it. 139.Pp 140.Nm 141is also an implementation of the DHCPv6 client as specified in 142.Li RFC 3315 . 143By default, 144.Nm 145only starts DHCPv6 when instructed to do so by an IPV6 Router Advertisement. 146If no Identity Association is configured, 147then a Non-temporary Address is requested. 148.Ss Local Link configuration 149If 150.Nm 151failed to obtain a lease, it probes for a valid IPv4LL address 152.Po 153aka ZeroConf, aka APIPA 154.Pc . 155Once obtained it restarts the process of looking for a DHCP server to get a 156proper address. 157.Pp 158When using IPv4LL, 159.Nm 160nearly always succeeds and returns an exit code of 0. 161In the rare case it fails, it normally means that there is a reverse ARP proxy 162installed which always defeats IPv4LL probing. 163To disable this behaviour, you can use the 164.Fl L , Fl Fl noipv4ll 165option. 166.Ss Multiple interfaces 167If a list of interfaces are given on the command line, then 168.Nm 169only works with those interfaces, otherwise 170.Nm 171discovers available Ethernet interfaces that can be configured. 172When 173.Nm 174is not limited to one interface on the command line, 175it is running in Manager mode. 176The 177.Nm dhcpcd-ui 178project expects dhcpcd to be running this way. 179.Pp 180If a single interface is given then 181.Nm 182only works for that interface and runs as a separate instance to other 183.Nm 184processes. 185The 186.Fl w , Fl Fl waitip 187option is enabled in this instance to maintain compatibility with older 188versions. 189Using a single interface also affects the 190.Fl k , 191.Fl N , 192.Fl n 193and 194.Fl x 195options, where the same interface will need to be specified, as a lack of an 196interface will imply Manager mode which this is not. 197To force starting in Manager mode with only one interface, the 198.Fl M , Fl Fl manager 199option can be used. 200.Pp 201Interfaces are preferred by carrier, DHCP lease/IPv4LL and then lowest metric. 202For systems that support route metrics, each route will be tagged with the 203metric, otherwise 204.Nm 205changes the routes to use the interface with the same route and the lowest 206metric. 207See options below for controlling which interfaces we allow and deny through 208the use of patterns. 209.Pp 210Non-ethernet interfaces and some virtual ethernet interfaces 211such as TAP and bridge are ignored by default, 212as is the FireWire interface. 213To work with these devices they either need to be specified on the command line, 214be listed in 215.Fl Fl allowinterfaces 216or have an interface directive in 217.Pa /etc/dhcpcd.conf . 218.Ss Hooking into events 219.Nm 220runs 221.Pa /usr/libexec/dhcpcd-run-hooks , 222or the script specified by the 223.Fl c , Fl Fl script 224option. 225This script runs each script found in 226.Pa /usr/libexec/dhcpcd-hooks 227in a lexical order. 228The default installation supplies the scripts 229.Pa 01-test , 230.Pa 20-resolv.conf 231and 232.Pa 30-hostname . 233You can disable each script by using the 234.Fl C , Fl Fl nohook 235option. 236See 237.Xr dhcpcd-run-hooks 8 238for details on how these scripts work. 239.Nm 240currently ignores the exit code of the script. 241.Pp 242More scripts are supplied in 243.Pa /usr/share/dhcpcd/hooks 244and need to be copied to 245.Pa /usr/libexec/dhcpcd-hooks 246if you intend to use them. 247For example, you could install 248.Pa 29-lookup-hostname 249so that 250.Nm 251can lookup the hostname of the IP address in DNS if no hostname 252is given by the lease and one is not already set. 253.Ss Fine tuning 254You can fine-tune the behaviour of 255.Nm 256with the following options: 257.Bl -tag -width indent 258.It Fl b , Fl Fl background 259Background immediately. 260This is useful for startup scripts which don't disable link messages for 261carrier status. 262.It Fl c , Fl Fl script Ar script 263Use this 264.Ar script 265instead of the default 266.Pa /usr/libexec/dhcpcd-run-hooks . 267.It Fl D , Fl Fl duid Op Ar ll | lt | uuid | value 268Use a DHCP Unique Identifier. 269If a system UUID is available, that will be used to create a DUID-UUID, 270otherwise if persistent storage is available then a DUID-LLT 271(link local address + time) is generated, 272otherwise DUID-LL is generated (link local address). 273The DUID type can be hinted as an optional parameter if the file 274.Pa /var/db/dhcpcd/duid 275does not exist. 276If not 277.Va ll , 278.Va lt 279or 280.Va uuid 281then 282.Va value 283will be converted from 00:11:22:33 format. 284This, plus the IAID will be used as the 285.Fl I , Fl Fl clientid . 286The DUID generated will be held in 287.Pa /var/db/dhcpcd/duid 288and should not be copied to other hosts. 289This file also takes precedence over the above rules except for setting a value. 290.It Fl d , Fl Fl debug 291Echo debug messages to the stderr and syslog. 292.It Fl E , Fl Fl lastlease 293If 294.Nm 295cannot obtain a lease, then try to use the last lease acquired for the 296interface. 297.It Fl Fl lastleaseextend 298Same as the above, but the lease will be retained even if it expires. 299.Nm 300will give it up if any other host tries to claim it for their own via ARP. 301This violates RFC 2131, section 3.7, which states the lease should be 302dropped once it has expired. 303.It Fl e , Fl Fl env Ar value 304Push 305.Ar value 306to the environment for use in 307.Xr dhcpcd-run-hooks 8 . 308For example, you can force the hostname hook to always set the hostname with 309.Fl e 310.Va force_hostname=YES . 311.It Fl g , Fl Fl reconfigure 312.Nm 313will re-apply IP address, routing and run 314.Xr dhcpcd-run-hooks 8 315for each interface. 316This is useful so that a 3rd party such as PPP or VPN can change the routing 317table and / or DNS, etc and then instruct 318.Nm 319to put things back afterwards. 320.Nm 321does not read a new configuration when this happens - you should rebind if you 322need that functionality. 323.It Fl F , Fl Fl fqdn Ar fqdn 324Requests that the DHCP server update DNS using FQDN instead of just a 325hostname. 326Valid values for 327.Ar fqdn 328are disable, none, ptr and both. 329.Nm 330itself never does any DNS updates. 331.Nm 332encodes the FQDN hostname as specified in 333.Li RFC 1035 . 334.It Fl f , Fl Fl config Ar file 335Specify a config to load instead of 336.Pa /etc/dhcpcd.conf . 337.Nm 338always processes the config file before any command line options. 339.It Fl h , Fl Fl hostname Ar hostname 340Sends 341.Ar hostname 342to the DHCP server so it can be registered in DNS. 343If 344.Ar hostname 345is an empty string then the current system hostname is sent. 346If 347.Ar hostname 348is a FQDN (i.e., contains a .) then it will be encoded as such. 349.It Fl I , Fl Fl clientid Ar clientid 350Send the 351.Ar clientid . 352If the string is of the format 01:02:03 then it is encoded as hex. 353For interfaces whose hardware address is longer than 8 bytes, or if the 354.Ar clientid 355is an empty string then 356.Nm 357sends a default 358.Ar clientid 359of the hardware family and the hardware address. 360.It Fl i , Fl Fl vendorclassid Ar vendorclassid 361Override the DHCPv4 362.Ar vendorclassid 363field sent. 364The default is 365dhcpcd-<version>:<os>:<machine>:<platform>. 366For example 367.D1 dhcpcd-5.5.6:NetBSD-6.99.5:i386:i386 368If not set then none is sent. 369Some badly configured DHCP servers reject unknown vendorclassids. 370To work around it, try and impersonate Windows by using the MSFT vendorclassid. 371.It Fl j , Fl Fl logfile Ar logfile 372Writes to the specified 373.Ar logfile . 374.Nm 375still writes to 376.Xr syslog 3 . 377The 378.Ar logfile 379is reopened when 380.Nm 381receives the 382.Dv SIGUSR2 383signal. 384.It Fl k , Fl Fl release Op Ar interface 385This causes an existing 386.Nm 387process running on the 388.Ar interface 389to release its lease and de-configure the 390.Ar interface 391regardless of the 392.Fl p , Fl Fl persistent 393option. 394If no 395.Ar interface 396is specified then this applies to all interfaces in Manager mode. 397If no interfaces are left running, 398.Nm 399will exit. 400.It Fl l , Fl Fl leasetime Ar seconds 401Request a lease time of 402.Ar seconds . 403.Ar -1 404represents an infinite lease time. 405By default 406.Nm 407does not request any lease time and leaves it in the hands of the 408DHCP server. 409.It Fl M , Fl Fl manager 410Start 411.Nm 412in Manager mode even if only one interface specified on the command line. 413See the Multiple Interfaces section above. 414.It Fl m , Fl Fl metric Ar metric 415Metrics are used to prefer an interface over another one, lowest wins. 416.Nm 417will supply a default metric of 1000 + 418.Xr if_nametoindex 3 . 419This will be offset by 2000 for wireless interfaces, with additional offsets 420of 1000000 for IPv4LL and 2000000 for roaming interfaces. 421.It Fl n , Fl Fl rebind Op Ar interface 422Notifies 423.Nm 424to reload its configuration and rebind the specified 425.Ar interface . 426If no 427.Ar interface 428is specified then this applies to all interfaces in Manager mode. 429If 430.Nm 431is not running, then it starts up as normal. 432.It Fl N , Fl Fl renew Op Ar interface 433Notifies 434.Nm 435to renew existing addresses on the specified 436.Ar interface . 437If no 438.Ar interface 439is specified then this applies to all interfaces in Manager mode. 440If 441.Nm 442is not running, then it starts up as normal. 443Unlike the 444.Fl n , Fl Fl rebind 445option above, the configuration for 446.Nm 447is not reloaded. 448.It Fl o , Fl Fl option Ar option 449Request the DHCP 450.Ar option 451variable for use in 452.Pa /usr/libexec/dhcpcd-run-hooks . 453.It Fl p , Fl Fl persistent 454.Nm 455de-configures the 456.Ar interface 457when it exits unless this option is enabled. 458Sometimes, this isn't desirable if, for example, you have root mounted over 459NFS or SSH clients connect to this host and they need to be notified of 460the host shutting down. 461You can use this option to stop this from happening. 462.It Fl r , Fl Fl request Ar address 463Request the 464.Ar address 465in the DHCP DISCOVER message. 466There is no guarantee this is the address the DHCP server will actually give. 467If no 468.Ar address 469is given then the first address currently assigned to the 470.Ar interface 471is used. 472.It Fl s , Fl Fl inform Ar address Ns Op Ar /cidr Ns Op Ar /broadcast_address 473Behaves like 474.Fl r , Fl Fl request 475as above, but sends a DHCP INFORM instead of DISCOVER/REQUEST. 476This does not get a lease as such, just notifies the DHCP server of the 477.Ar address 478in use. 479You should also include the optional 480.Ar cidr 481network number in case the address is not already configured on the interface. 482.Nm 483remains running and pretends it has an infinite lease. 484.Nm 485will not de-configure the interface when it exits. 486If 487.Nm 488fails to contact a DHCP server then it returns a failure instead of falling 489back on IPv4LL. 490.It Fl Fl inform6 491Performs a DHCPv6 Information Request. 492No address is requested or specified, but all other DHCPv6 options are allowed. 493This is normally performed automatically when the IPv6 Router Advertises 494that the client should perform this operation. 495This option is only needed when 496.Nm 497is not processing IPv6RA messages and the need for DHCPv6 Information Request 498exists. 499.It Fl S , Fl Fl static Ar value 500Configures a static DHCP 501.Ar value . 502If you set 503.Ic ip_address 504then 505.Nm 506will not attempt to obtain a lease and just use the value for the address with 507an infinite lease time. 508.Pp 509Here is an example which configures a static address, routes and DNS. 510.D1 dhcpcd -S ip_address=192.168.0.10/24 \e 511.D1 -S routers=192.168.0.1 \e 512.D1 -S domain_name_servers=192.168.0.1 \e 513.D1 eth0 514.Pp 515You cannot presently set static DHCPv6 values. 516Use the 517.Fl e , Fl Fl env 518option instead. 519.It Fl t , Fl Fl timeout Ar seconds 520Timeout after 521.Ar seconds , 522instead of the default 30. 523A setting of 0 524.Ar seconds 525causes 526.Nm 527to wait forever to get a lease. 528If 529.Nm 530is working on a single interface then 531.Nm 532will exit when a timeout occurs, otherwise 533.Nm 534will fork into the background. 535.It Fl u , Fl Fl userclass Ar class 536Tags the DHCPv4 message with the userclass 537.Ar class . 538DHCP servers use this to give members of the class DHCP options other than the 539default, without having to know things like hardware address or hostname. 540.It Fl v , Fl Fl vendor Ar code , Ns Ar value 541Add an encapsulated vendor option. 542.Ar code 543should be between 1 and 254 inclusive. 544To add a raw vendor string, omit 545.Ar code 546but keep the comma. 547Examples. 548.Pp 549Set the vendor option 01 with an IP address. 550.D1 dhcpcd \-v 01,192.168.0.2 eth0 551Set the vendor option 02 with a hex code. 552.D1 dhcpcd \-v 02,01:02:03:04:05 eth0 553Set the vendor option 03 with an IP address as a string. 554.D1 dhcpcd \-v 03,\e"192.168.0.2\e" eth0 555Set un-encapsulated vendor option to hello world. 556.D1 dhcpcd \-v ,"hello world" eth0 557.It Fl Fl version 558Display both program version and copyright information. 559.Nm 560then exits before doing any configuration. 561.It Fl w 562Wait for an address to be assigned before forking to the background. 563Does not take an argument, unlike the below option. 564.It Fl Fl waitip Ns = Ns Op 4 | 6 565Wait for an address to be assigned before forking to the background. 5664 means wait for an IPv4 address to be assigned. 5676 means wait for an IPv6 address to be assigned. 568If no argument is given, 569.Nm 570will wait for any address protocol to be assigned. 571It is possible to wait for more than one address protocol and 572.Nm 573will only fork to the background when all waiting conditions are satisfied. 574.It Fl x , Fl Fl exit Op Ar interface 575This will signal an existing 576.Nm 577process running on the 578.Ar interface 579to exit. 580If no 581.Ar interface 582is specified, then the above is applied to all interfaces in Manager mode. 583See the 584.Fl p , Fl Fl persistent 585option to control configuration persistence on exit, 586which is enabled by default in 587.Xr dhcpcd.conf 5 . 588.Nm 589then waits until this process has exited. 590.It Fl y , Fl Fl reboot Ar seconds 591Allow 592.Ar reboot 593seconds before moving to the discover phase if we have an old lease to use. 594Allow 595.Ar reboot 596seconds before starting fallback states from the discover phase. 597IPv4LL is started when the first 598.Ar reboot 599timeout is reached. 600The default is 5 seconds. 601A setting of 0 seconds causes 602.Nm 603to skip the reboot phase and go straight into discover. 604This has no effect on DHCPv6 other than skipping the reboot phase. 605.El 606.Ss Restricting behaviour 607.Nm 608will try to do as much as it can by default. 609However, there are sometimes situations where you don't want the things to be 610configured exactly how the DHCP server wants. 611Here are some options that deal with turning these bits off. 612.Pp 613Note that when 614.Nm 615is restricted to a single interface then the interface also needs to be 616specified when asking 617.Nm 618to exit using the commandline. 619If the protocol is restricted as well then the protocol needs to be included 620with the exit instruction. 621.Bl -tag -width indent 622.It Fl 1 , Fl Fl oneshot 623Exit after configuring an interface. 624Use the 625.Fl w , Fl Fl waitip 626option to specify which protocol(s) to configure before exiting. 627.It Fl 4 , Fl Fl ipv4only 628Configure IPv4 only. 629.It Fl 6 , Fl Fl ipv6only 630Configure IPv6 only. 631.It Fl A , Fl Fl noarp 632Don't request or claim the address by ARP. 633This also disables IPv4LL. 634.It Fl B , Fl Fl nobackground 635Don't run in the background when we acquire a lease. 636This is mainly useful for running under the control of another process, such 637as a debugger or a network manager. 638.It Fl C , Fl Fl nohook Ar script 639Don't run this hook script. 640Matches full name, or prefixed with 2 numbers optionally ending with 641.Pa .sh . 642.Pp 643So to stop 644.Nm 645from touching your DNS settings you would do:- 646.D1 dhcpcd -C resolv.conf eth0 647.It Fl G , Fl Fl nogateway 648Don't set any default routes. 649.It Fl H , Fl Fl xidhwaddr 650Use the last four bytes of the hardware address as the DHCP xid instead 651of a randomly generated number. 652.It Fl J , Fl Fl broadcast 653Instructs the DHCP server to broadcast replies back to the client. 654Normally this is only set for non-Ethernet interfaces, 655such as FireWire and InfiniBand. 656In most instances, 657.Nm 658will set this automatically. 659.It Fl K , Fl Fl nolink 660Don't receive link messages for carrier status. 661You should only have to use this with buggy device drivers or running 662.Nm 663through a network manager. 664.It Fl L , Fl Fl noipv4ll 665Don't use IPv4LL (aka APIPA, aka Bonjour, aka ZeroConf). 666.It Fl O , Fl Fl nooption Ar option 667Removes the 668.Ar option 669from the DHCP message before processing. 670.It Fl P , Fl Fl printpidfile 671Print the 672.Pa pidfile 673.Nm 674will use based on command-line arguments to stdout. 675.It Fl Q , Fl Fl require Ar option 676Requires the 677.Ar option 678to be present in all DHCP messages, otherwise the message is ignored. 679To enforce that 680.Nm 681only responds to DHCP servers and not BOOTP servers, you can 682.Fl Q 683.Ar dhcp_message_type . 684.It Fl q , Fl Fl quiet 685Quiet 686.Nm 687on the command line, only warnings and errors will be displayed. 688If this option is used another time then all console output is disabled. 689These messages are still logged via 690.Xr syslog 3 . 691.It Fl T , Fl Fl test 692On receipt of DHCP messages just call 693.Pa /usr/libexec/dhcpcd-run-hooks 694with the reason of TEST which echos the DHCP variables found in the message 695to the console. 696The interface configuration isn't touched and neither are any configuration 697files. 698The 699.Ar rapid_commit 700option is not sent in TEST mode so that the server does not lease an address. 701To test INFORM the interface needs to be configured with the desired address 702before starting 703.Nm . 704.It Fl U , Fl Fl dumplease Op Ar interface 705Dumps the current lease for the 706.Ar interface 707to stdout. 708If no 709.Ar interface 710is given then all interfaces are dumped. 711Use the 712.Fl 4 713or 714.Fl 6 715flags to specify an address family. 716If a lease is piped in via standard input then that is dumped. 717In this case, specifying an address family is mandatory. 718.It Fl V , Fl Fl variables 719Display a list of option codes, the associated variable and encoding for use in 720.Xr dhcpcd-run-hooks 8 . 721Variables are prefixed with new_ and old_ unless the option number is -. 722Variables without an option are part of the DHCP message and cannot be 723directly requested. 724.It Fl W , Fl Fl whitelist Ar address Ns Op /cidr 725Only accept packets from 726.Ar address Ns Op /cidr . 727.Fl X , Fl Fl blacklist 728is ignored if 729.Fl W , Fl Fl whitelist 730is set. 731.It Fl X , Fl Fl blacklist Ar address Ns Op Ar /cidr 732Ignore all packets from 733.Ar address Ns Op Ar /cidr . 734.It Fl Z , Fl Fl denyinterfaces Ar pattern 735When discovering interfaces, the interface name must not match 736.Ar pattern 737which is a space or comma separated list of patterns passed to 738.Xr fnmatch 3 . 739.It Fl z , Fl Fl allowinterfaces Ar pattern 740When discovering interfaces, the interface name must match 741.Ar pattern 742which is a space or comma separated list of patterns passed to 743.Xr fnmatch 3 . 744If the same interface is matched in 745.Fl Z , Fl Fl denyinterfaces 746then it is still denied. 747.It Fl Fl inactive 748Don't start any interfaces other than those specified on the command line. 749This allows 750.Nm 751to be started in Manager mode and then wait for subsequent 752.Nm 753commands to start each interface as required. 754.It Fl Fl configure 755Allows 756.Nm 757to configure the system. 758This is the default behaviour and sets 759.Ev if_configured=true . 760.It Fl Fl noconfigure 761.Nm 762will not configure the system at all. 763This is only of use if the 764.Fl Fl script 765that 766.Nm 767calls at each network event configures the system instead. 768This is different from 769.Fl T , Fl Fl test 770mode in that it's not one shot and the only change to the environment is the 771addition of 772.Ev if_configured=false . 773.It Fl Fl nodev 774Don't load any 775.Pa /dev 776management modules. 777.El 778.Sh 3RDPARTY LINK MANAGEMENT 779Some interfaces require configuration by 3rd parties, such as PPP or VPN. 780When an interface configuration in 781.Nm 782is marked as STATIC or INFORM without an address then 783.Nm 784will monitor the interface until an address is added or removed from it and 785act accordingly. 786For point to point interfaces (like PPP), a default route to its 787destination is automatically added to the configuration. 788If the point to point interface is configured for INFORM, then 789.Nm 790unicasts INFORM to the destination, otherwise it defaults to STATIC. 791.Sh NOTES 792.Nm 793requires a Berkeley Packet Filter, or BPF device on BSD based systems and a 794Linux Socket Filter, or LPF device on Linux based systems for all IPv4 795configuration. 796.Pp 797If restricting 798.Nm 799to a single interface and optionally address family via the command-line 800then all further calls to 801.Nm 802to rebind, reconfigure or exit need to include the same restrictive flags 803so that 804.Nm 805knows which process to signal. 806.Pp 807Some DHCP servers implement ClientID filtering. 808If 809.Nm 810is replacing an in-use DHCP client then you might need to adjust the clientid 811option 812.Nm 813sends to match. 814If using a DUID in place of the ClientID, edit 815.Pa /var/db/dhcpcd/duid 816accordingly. 817.Sh FILES 818.Bl -ohang 819.It Pa /etc/dhcpcd.conf 820Configuration file for dhcpcd. 821If you always use the same options, put them here. 822.It Pa /usr/libexec/dhcpcd-run-hooks 823Bourne shell script that is run to configure or de-configure an interface. 824.It Pa /lib/dhcpcd/dev 825Linux 826.Pa /dev 827management modules. 828.It Pa /usr/libexec/dhcpcd-hooks 829A directory containing Bourne shell scripts that are run by the above script. 830Each script can be disabled by using the 831.Fl C , Fl Fl nohook 832option described above. 833.It Pa /var/db/dhcpcd/duid 834Text file that holds the DUID used to identify the host. 835.It Pa /var/db/dhcpcd/secret 836Text file that holds a secret key known only to the host. 837.It Pa /var/db/dhcpcd/ Ns Ar interface Ns Ar -ssid Ns .lease 838The actual DHCP message sent by the server. 839We use this when reading the last 840lease and use the file's mtime as when it was issued. 841.It Pa /var/db/dhcpcd/ Ns Ar interface Ns Ar -ssid Ns .lease6 842The actual DHCPv6 message sent by the server. 843We use this when reading the last 844lease and use the file's mtime as when it was issued. 845.It Pa /var/db/dhcpcd/rdm_monotonic 846Stores the monotonic counter used in the 847.Ar replay 848field in Authentication Options. 849.It Pa /var/run/dhcpcd/pid 850Stores the PID of 851.Nm 852running on all interfaces. 853.It Pa /var/run/dhcpcd/ Ns Ar interface Ns .pid 854Stores the PID of 855.Nm 856running on the 857.Ar interface . 858.It Pa /var/run/dhcpcd/sock 859Control socket to the manager daemon. 860.It Pa /var/run/dhcpcd/unpriv.sock 861Unprivileged socket to the manager daemon, only allows state retrieval. 862.It Pa /var/run/dhcpcd/ Ns Ar interface Ns .sock 863Control socket to per interface daemon. 864.It Pa /var/run/dhcpcd/ Ns Ar interface Ns .unpriv.sock 865Unprivileged socket to per interface daemon, only allows state retrieval. 866.El 867.Sh SEE ALSO 868.Xr fnmatch 3 , 869.Xr if_nametoindex 3 , 870.Xr dhcpcd.conf 5 , 871.Xr resolv.conf 5 , 872.Xr dhcpcd-run-hooks 8 , 873.Xr resolvconf 8 874.Sh STANDARDS 875RFC\ 951, RFC\ 1534, RFC\ 2104, RFC\ 2131, RFC\ 2132, RFC\ 2563, RFC\ 2855, 876RFC\ 3004, RFC\ 3118, RFC\ 3203, RFC\ 3315, RFC\ 3361, RFC\ 3633, RFC\ 3396, 877RFC\ 3397, RFC\ 3442, RFC\ 3495, RFC\ 3925, RFC\ 3927, RFC\ 4039, RFC\ 4075, 878RFC\ 4242, RFC\ 4361, RFC\ 4390, RFC\ 4702, RFC\ 4074, RFC\ 4861, RFC\ 4833, 879RFC\ 4941, RFC\ 5227, RFC\ 5942, RFC\ 5969, RFC\ 6106, RFC\ 6334, RFC\ 6355, 880RFC\ 6603, RFC\ 6704, RFC\ 7217, RFC\ 7550, RFC\ 7844. 881.Sh AUTHORS 882.An Roy Marples Aq Mt roy@marples.name 883.Sh BUGS 884Please report them to 885.Lk https://roy.marples.name/projects/dhcpcd 886