1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" 27.Dd October 12, 2010 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65See the 66.Va rc_conf_files 67variable below. 68.Pp 69The following list provides a name and short description for each 70variable that can be set in the 71.Nm 72file. 73To set a variable of 74.Vt bool 75type, specify either 76.Dq Li YES , 77.Dq Li TRUE , 78.Dq Li ON , 79or 80.Dq Li 1 . 81To unset, specify 82.Dq Li NO , 83.Dq Li FALSE , 84.Dq Li OFF , 85or 86.Dq Li 0 . 87These values are case insensitive. 88The 89.Va _enable 90postfix in the name of a variable for starting a service can be 91omitted (as in 92.Nx ) . 93.Bl -tag -width indent-two 94.It Va rc_debug 95.Pq Vt bool 96If set to 97.Dq Li YES , 98enable output of debug messages from rc scripts. 99This variable can be helpful in diagnosing mistakes when 100editing or integrating new scripts. 101Beware that this produces copious output to the terminal and 102.Xr syslog 3 . 103.It Va rc_info 104.Pq Vt bool 105If set to 106.Dq Li NO , 107disable informational messages from the rc scripts. 108Informational messages are displayed when 109a condition that is not serious enough to warrant a warning or an error occurs. 110.It Va swapfile 111.Pq Vt str 112If set to 113.Dq Li NO , 114no swapfile is installed, otherwise the value is used as the full 115pathname to a file to use for additional swap space. 116.It Va apm_enable 117.Pq Vt bool 118If set to 119.Dq Li YES , 120enable support for Automatic Power Management with the 121.Xr apm 8 122command. 123.It Va apmd_enable 124.Pq Vt bool 125Run 126.Xr apmd 8 127to handle APM event from userland. 128This also enables support for APM. 129.It Va apmd_flags 130.Pq Vt str 131If 132.Va apmd_enable 133is set to 134.Dq Li YES , 135these are the flags to pass to the 136.Xr apmd 8 137daemon. 138.It Va battd_enable 139Enable 140.Xr battd 8 141to monitor the status of batteries present in the system. 142This also enables support for APM. 143.It Va battd_flags 144.Pq Vt str 145If 146.Va battd_enable 147is set to 148.Dq Li YES , 149these are the flags to pass to the 150.Xr battd 8 151daemon. 152.It Va devd_enable 153.Pq Vt bool 154Run 155.Xr devd 8 156to handle device added, removed or unknown events from the kernel. 157.It Va devd_flags 158.Pq Vt str 159If 160.Va devd_enable 161is set to 162.Dq Li YES , 163these are the flags to pass to the 164.Xr devd 8 165daemon. 166.It Va powerd_enable 167.Pq Vt bool 168Set to 169.Dq Li NO 170by default. 171Setting this to 172.Dq Li YES 173enables 174.Xr powerd 8 , 175a CPU speed control daemon. 176.It Va sensorsd_enable 177.Pq Vt bool 178Set to 179.Dq Li NO 180by default. 181Setting this to 182.Dq Li YES 183enables 184.Xr sensorsd 8 , 185a sensors monitoring and logging daemon. 186.It Va sensorsd_flags 187.Pq Vt str 188Empty by default. 189Additional flags passed to the 190.Xr sensorsd 8 191program. 192.It Va hotplugd_enable 193.Pq Vt bool 194Set to 195.Dq Li NO 196by default. 197Setting this to 198.Dq Li YES 199enables 200.Xr hotplugd 8 , 201a devices hot plugging monitoring daemon. 202.It Va hotplugd_flags 203.Pq Vt str 204Empty by default. 205Additional flags passed to the 206.Xr hotplugd 8 207program. 208.It Va pccard_ifconfig 209.Pq Vt str 210List of arguments to be passed to 211.Xr ifconfig 8 212at boot time or on insertion of the card (e.g.\& 213.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 214for a fixed address or 215.Dq Li DHCP 216for a DHCP client). 217.It Va pccard_ether_delay 218.Pq Vt str 219Set the delay before starting 220.Xr dhclient 8 221in the 222.Pa /etc/pccard_ether 223script. 224This defaults to 5 seconds to work around a bug in the 225.Xr ed 4 226driver which can lead to system hangs when using some newer 227.Xr ed 4 228based cards. 229.It Va removable_interfaces 230.Pq Vt str 231List of removable network interfaces to be supported by 232.Pa /etc/pccard_ether . 233.It Va local_startup 234.Pq Vt str 235List of directories to search for startup script files. 236.It Va script_name_sep 237.Pq Vt str 238The field separator to use for breaking down the list of startup script files 239into individual filenames. 240The default is a space. 241It is not necessary to change this unless there are startup scripts with names 242containing spaces. 243.It Va hostapd_enable 244.Pq Vt bool 245Set to 246.Dq Li YES 247to start 248.Xr hostapd 8 249at system boot time. 250.It Va hostname 251.Pq Vt str 252The fully qualified domain name (FQDN) of this host on the network. 253This should almost certainly be set to something meaningful, even if 254there is no network connection. 255If 256.Xr dhclient 8 257is used to set the hostname via DHCP, 258this variable should be set to an empty string. 259.It Va ipv6_enable 260.Pq Vt bool 261Enable support for IPv6 networking. 262Note that this requires that the kernel have been compiled with 263.Cd "options INET6" . 264.It Va nisdomainname 265.Pq Vt str 266The NIS domain name of this host, or 267.Dq Li NO 268if NIS is not used. 269.It Va dhclient_program 270.Pq Vt str 271Path to the DHCP client program 272(default 273.Pa /sbin/dhclient ) . 274.It Va dhclient_flags 275.Pq Vt str 276Additional flags to pass to the DHCP client program. 277.It Va pf_enable 278.Pq Vt bool 279Set to 280.Dq Li YES 281to load 282.Xr pf 4 283at startup. 284If the kernel was not built with 285.Cd "device pf" , 286the 287.Pa pf.ko 288kernel module will be loaded. 289See also 290.Va firewall_enable 291and 292.Va ipfilter_enable . 293.It Va pf_rules 294.Pq Vt str 295Path to the 296.Xr pf 4 297ruleset definition file. 298.It Va pf_program 299.Pq Vt str 300Path to 301.Xr pfctl 8 . 302.It Va pf_flags 303.Pq Vt str 304If 305.Va pf_enable 306is set to 307.Dq Li YES , 308these are the flags to pass to 309.Xr pfctl 8 310when loading the ruleset. 311.It Va pflog_enable 312.Pq Vt bool 313Set this to 314.Dq Li YES 315to enable 316.Xr pflogd 8 317which logs packets from 318.Xr pf 4 . 319.It Va pflog_logfile 320.Pq Vt str 321If 322.Va pflog_enable 323is set to 324.Dq Li YES 325this specifies the path of the log file. 326.It Va pflog_program 327.Pq Vt str 328Path to 329.Xr pflogd 8 . 330.It Va pflog_flags 331.Pq Vt str 332If 333.Va pflog_enable 334is set to 335.Dq Li YES , 336these are the flags to pass to 337.Xr pflogd 8 . 338.It Va firewall_enable 339.Pq Vt bool 340Set to 341.Dq Li YES 342to load firewall rules at startup. 343If the kernel was not built with 344.Cd "options IPFIREWALL" , 345the 346.Pa ipfw.ko 347kernel module will be loaded. 348See also 349.Va pf_enable 350and 351.Va ipfilter_enable . 352.It Va ipv6_firewall_enable 353.Pq Vt bool 354The IPv6 equivalent of 355.Va firewall_enable . 356Set to 357.Dq Li YES 358to load IPv6 firewall rules at startup. 359If the kernel was not built with 360.Cd "options IPV6FIREWALL" , 361the 362.Pa ip6fw.ko 363kernel module will be loaded. 364.It Va firewall_script 365.Pq Vt str 366The full path to the firewall script to run 367(default 368.Pa /etc/rc.firewall ) . 369.It Va ipv6_firewall_script 370.Pq Vt str 371The IPv6 equivalent of 372.Va firewall_script . 373.It Va firewall_type 374.Pq Vt str 375Names the firewall type from the selection in 376.Pa /etc/rc.firewall , 377or the file which contains the local firewall ruleset. 378Valid selections from 379.Pa /etc/rc.firewall 380are: 381.Pp 382.Bl -tag -width ".Li simple" -compact 383.It Li open 384unrestricted IP access 385.It Li closed 386all IP services disabled, except via 387.Dq Li lo0 388.It Li client 389basic protection for a workstation on a LAN 390.It Li simple 391alias for 392.Li client . 393.El 394.Pp 395If a filename is specified, the full path must be given. 396.It Va firewall_trusted_nets 397.Pq Vt str 398List of trusted networks (if 399.Va firewall_type 400is set to 401.Li client ) . 402.It Va firewall_trusted_interfaces 403.Pq Vt str 404List of trusted network interfaces (if 405.Va firewall_type 406is set to 407.Li client ) . 408.It Va firewall_allowed_icmp_types 409.Pq Vt str 410List of allowed ICMP types (if 411.Va firewall_type 412is set to 413.Li client ) . 414.It Va firewall_open_tcp_ports 415.Pq Vt str 416List of TCP ports to open (if 417.Va firewall_type 418is set to 419.Li client ) . 420.It Va firewall_open_udp_ports 421.Pq Vt str 422List of UDP ports to open (if 423.Va firewall_type 424is set to 425.Li client ) . 426.It Va ipv6_firewall_type 427.Pq Vt str 428The IPv6 equivalent of 429.Va firewall_type . 430.It Va firewall_quiet 431.Pq Vt bool 432Set to 433.Dq Li YES 434to disable the display of firewall rules on the console during boot. 435.It Va ipv6_firewall_quiet 436.Pq Vt bool 437The IPv6 equivalent of 438.Va firewall_quiet . 439.It Va firewall_logging 440.Pq Vt bool 441Set to 442.Dq Li YES 443to enable firewall event logging. 444This is equivalent to the 445.Dv IPFIREWALL_VERBOSE 446kernel option. 447.It Va ipv6_firewall_logging 448.Pq Vt bool 449The IPv6 equivalent of 450.Va firewall_logging . 451.It Va firewall_flags 452.Pq Vt str 453Flags passed to 454.Xr ipfw 8 455if 456.Va firewall_type 457specifies a filename. 458.It Va ipv6_firewall_flags 459.Pq Vt str 460The IPv6 equivalent of 461.Va firewall_flags . 462.It Va natd_program 463.Pq Vt str 464Path to 465.Xr natd 8 . 466.It Va natd_enable 467.Pq Vt bool 468Set to 469.Dq Li YES 470to enable 471.Xr natd 8 . 472.Va firewall_enable 473must also be set to 474.Dq Li YES , 475and 476.Xr divert 4 477sockets must be enabled in the kernel. 478.It Va natd_interface 479.Pq Vt str 480This is the name of the public interface on which 481.Xr natd 8 482should run. 483The interface may be given as an interface name or as an IP address. 484.It Va natd_flags 485.Pq Vt str 486Additional 487.Xr natd 8 488flags should be placed here. 489The 490.Fl n 491or 492.Fl a 493flag is automatically added with the above 494.Va natd_interface 495as an argument. 496.\" ----- ipfilter_enable setting -------------------------------- 497.It Va ipfilter_enable 498.Pq Vt bool 499Set to 500.Dq Li NO 501by default. 502Setting this to 503.Dq Li YES 504enables 505.Xr ipf 8 506packet filtering. 507.Pp 508Typical usage will require putting 509.Bd -literal 510ipfilter_enable="YES" 511ipnat_enable="YES" 512ipmon_enable="YES" 513ipfs_enable="YES" 514.Ed 515.Pp 516into 517.Pa /etc/rc.conf 518and editing 519.Pa /etc/ipf.rules 520and 521.Pa /etc/ipnat.rules 522appropriately. 523.Pp 524Note that 525.Va ipfilter_enable 526and 527.Va ipnat_enable 528can be enabled independently. 529.Va ipmon_enable 530and 531.Va ipfs_enable 532both require at least one of 533.Va ipfilter_enable 534and 535.Va ipnat_enable 536to be enabled. 537.Pp 538Having 539.Bd -literal 540options IPFILTER 541options IPFILTER_LOG 542options IPFILTER_DEFAULT_BLOCK 543.Ed 544.Pp 545in the kernel configuration file is a good idea, too. 546See also 547.Va pf_enable 548and 549.Va firewall_enable . 550.\" ----- ipfilter_program setting ------------------------------ 551.It Va ipfilter_program 552.Pq Vt str 553Path to 554.Xr ipf 8 555(default 556.Pa /sbin/ipf ) . 557.\" ----- ipfilter_rules setting -------------------------------- 558.It Va ipfilter_rules 559.Pq Vt str 560Set to 561.Pa /etc/ipf.rules 562by default. 563The name of the filter rule definition file. 564The file is expected to be readable for the 565.Xr ipf 8 566command to execute. 567.\" ----- ipv6_ipfilter_rules setting --------------------------- 568.It Va ipv6_ipfilter_rules 569.Pq Vt str 570Set to 571.Pa /etc/ipf6.rules 572by default. 573The name of the IPv6 filter rule definition file. 574The file is expected to be readable for the 575.Xr ipf 8 576command to execute. 577.\" ----- ipfilter_flags setting -------------------------------- 578.It Va ipfilter_flags 579.Pq Vt str 580Empty by default. 581Flags passed to the 582.Xr ipf 8 583program. 584.\" ----- ipnat_enable setting ---------------------------------- 585.It Va ipnat_enable 586.Pq Vt bool 587Set to 588.Dq Li NO 589by default. 590Set it to 591.Dq Li YES 592to enable 593.Xr ipnat 8 594network address translation. 595See 596.Va ipfilter_enable 597for a detailed discussion. 598.\" ----- ipnat_program setting --------------------------------- 599.It Va ipnat_program 600.Pq Vt str 601Path to 602.Xr ipnat 8 603(default 604.Pa /sbin/ipnat ) . 605.\" ----- ipnat_rules setting ----------------------------------- 606.It Va ipnat_rules 607.Pq Vt str 608Set to 609.Pa /etc/ipnat.rules 610by default. 611The name of the file 612holding the network address translation definition. 613This file is expected to be readable for the 614.Xr ipnat 8 615command to execute. 616.\" ----- ipnat_flags setting ----------------------------------- 617.It Va ipnat_flags 618.Pq Vt str 619Empty by default. 620Flags passed to the 621.Xr ipnat 8 622program. 623.\" ----- ipmon_enable setting ---------------------------------- 624.It Va ipmon_enable 625.Pq Vt bool 626Set to 627.Dq Li NO 628by default. 629Set it to 630.Dq Li YES 631to enable 632.Xr ipmon 8 633monitoring (logging 634.Xr ipf 8 635and 636.Xr ipnat 8 637events). 638Setting this variable needs setting 639.Va ipfilter_enable 640or 641.Va ipnat_enable 642too. 643See 644.Va ipfilter_enable 645for a detailed discussion. 646.\" ----- ipmon_program setting --------------------------------- 647.It Va ipmon_program 648.Pq Vt str 649Path to 650.Xr ipmon 8 651(default 652.Pa /sbin/ipmon ) . 653.\" ----- ipmon_flags setting ----------------------------------- 654.It Va ipmon_flags 655.Pq Vt str 656Set to 657.Dq Li -Ds 658by default. 659Flags passed to the 660.Xr ipmon 8 661program. 662Another typical example would be 663.Dq Fl D Pa /var/log/ipflog 664to have 665.Xr ipmon 8 666log directly to a file bypassing 667.Xr syslogd 8 . 668Make sure to adjust 669.Pa /etc/newsyslog.conf 670in such case like this: 671.Bd -literal 672/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 673.Ed 674.\" ----- ipfs_enable setting ----------------------------------- 675.It Va ipfs_enable 676.Pq Vt bool 677Set to 678.Dq Li NO 679by default. 680Set it to 681.Dq Li YES 682to enable 683.Xr ipfs 8 684saving the filter and NAT state tables during shutdown 685and reloading them during startup again. 686Setting this variable needs setting 687.Va ipfilter_enable 688or 689.Va ipnat_enable 690to 691.Dq Li YES 692too. 693See 694.Va ipfilter_enable 695for a detailed discussion. 696Note that if 697.Va kern_securelevel 698is set to 3, 699.Va ipfs_enable 700cannot be used because the raised securelevel will prevent 701.Xr ipfs 8 702from saving the state tables at shutdown time. 703.\" ----- ipfs_program setting ---------------------------------- 704.It Va ipfs_program 705.Pq Vt str 706Path to 707.Xr ipfs 8 708(default 709.Pa /sbin/ipfs ) . 710.\" ----- ipfs_flags setting ------------------------------------ 711.It Va ipfs_flags 712.Pq Vt str 713Empty by default. 714Flags passed to the 715.Xr ipfs 8 716program. 717.\" ----- end of added ipf hook --------------------------------- 718.It Va tcp_extensions 719.Pq Vt bool 720Set to 721.Dq Li YES 722by default. 723Setting this to 724.Dq Li NO 725disables certain TCP options as described by 726.Rs 727.%T "RFC 1323" 728.Re 729Setting this to 730.Dq Li NO 731might help remedy such problems with connections as randomly hanging 732or other weird behavior. 733Some network devices are known to be broken with respect to these options. 734.It Va log_in_vain 735.Pq Vt int 736Set to 0 by default. 737The 738.Xr sysctl 8 739variables, 740.Va net.inet.tcp.log_in_vain 741and 742.Va net.inet.udp.log_in_vain , 743as described in 744.Xr tcp 4 745and 746.Xr udp 4 , 747are set to the given value. 748.It Va tcp_keepalive 749.Pq Vt bool 750Set to 751.Dq Li YES 752by default. 753Setting to 754.Dq Li NO 755will disable probing idle TCP connections to verify that the 756peer is still up and reachable. 757.It Va tcp_drop_synfin 758.Pq Vt bool 759Set to 760.Dq Li NO 761by default. 762Setting to 763.Dq Li YES 764will cause the kernel to ignore TCP frames that have both 765the SYN and FIN flags set. 766This prevents OS fingerprinting, but may break some legitimate applications. 767This option is only available if the kernel was built with the 768.Dv TCP_DROP_SYNFIN 769option. 770.It Va icmp_drop_redirect 771.Pq Vt bool 772Set to 773.Dq Li NO 774by default. 775Setting to 776.Dq Li YES 777will cause the kernel to ignore ICMP REDIRECT packets. 778Refer to 779.Xr icmp 4 780for more information. 781.It Va icmp_log_redirect 782.Pq Vt bool 783Set to 784.Dq Li NO 785by default. 786Setting to 787.Dq Li YES 788will cause the kernel to log ICMP REDIRECT packets. 789Note that 790the log messages are not rate-limited, so this option should only be used 791for troubleshooting networks. 792Refer to 793.Xr icmp 4 794for more information. 795.It Va icmp_bmcastecho 796.Pq Vt bool 797Set to 798.Dq Li YES 799to respond to broadcast or multicast ICMP ping packets. 800Refer to 801.Xr icmp 4 802for more information. 803.It Va ip_portrange_first 804.Pq Vt int 805If not set to 806.Dq Li NO , 807this is the first port in the default portrange. 808Refer to 809.Xr ip 4 810for more information. 811.It Va ip_portrange_last 812.Pq Vt int 813If not set to 814.Dq Li NO , 815this is the last port in the default portrange. 816Refer to 817.Xr ip 4 818for more information. 819.\" 820.It Va ifconfig_ Ns Aq Ar interface 821.Pq Vt str 822Configuration for 823.Dq interface . 824Typically includes IP address. 825Assuming that the interface in question was 826.Li ed0 , 827it might look something like this: 828.Bd -literal 829ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 830.Ed 831.Pp 832If the 833.Pa /etc/start_if. Ns Aq Ar interface 834file is present, it is read and executed by the 835.Xr sh 1 836interpreter before configuring the interface as specified in the 837.Va ifconfig_ Ns Aq Ar interface 838and 839.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 840variables. 841.Pp 842It is possible to bring up an interface with DHCP by adding 843.Dq Li DHCP 844to the 845.Va ifconfig_ Ns Aq Ar interface 846variable. 847For instance, to initialize the 848.Li ed0 849device via DHCP, it is possible to use something like: 850.Bd -literal 851ifconfig_ed0="DHCP" 852.Ed 853.Pp 854If a 855.Va wlans_ Ns Aq Ar interface 856variable is set, 857an 858.Xr wlan 4 859interface will be created for each item in the list with the 860.Ar wlandev 861argument set to 862.Ar interface . 863Further wlan cloning arguments may be passed to the 864.Xr ifconfig 8 865.Cm create 866command by setting the 867.Va create_args_ Ns Aq Ar interface 868variable. 869One or more 870.Xr wlan 4 871devices must be created for each wireless devices as of 872.Dx 2.5 . 873Debugging flags for 874.Xr wlan 4 875devices as set by 876.Xr wlandebug 8 877may be specified with an 878.Va wlandebug_ Ns Aq Ar interface 879variable. 880The contents of this variable will be passed directly to 881.Xr wlandebug 8 . 882.Pp 883Also, if your interface needs WPA authentication, it is possible to add 884.Dq Li WPA 885to the 886.Va ifconfig_ Ns Aq Ar interface 887variable. 888This will start 889.Xr wpa_supplicant 8 . 890See 891.Xr wpa_supplicant.conf 5 892for configuring authentication information. 893.Pp 894Finally, you can add 895.Xr ifconfig 8 896options in this variable, in addition to the 897.Pa /etc/start_if. Ns Aq Ar interface 898file. 899For instance, to initialize the 900.Li wi0 901device via DHCP, using WPA authentication and 802.11b mode, it is 902possible to use something like: 903.Bd -literal 904ifconfig_wi0="up DHCP WPA mode 11b" 905.Ed 906.Pp 907.\" 908.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 909.Pq Vt str 910Configuration to establish an additional network address for 911.Dq interface . 912Assuming that the interface in question was 913.Li ed0 , 914it might look something like this: 915.Bd -literal 916ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 917ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 918.Ed 919.Pp 920And so on. 921For each 922.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 923entry that is found, its contents are passed to 924.Xr ifconfig 8 . 925Execution stops at the first unsuccessful access, so if 926something like this is present: 927.Bd -literal 928ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 929ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 930ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 931ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 932.Ed 933.Pp 934Then note that alias4 would 935.Em not 936be added since the search would stop with the missing alias3 entry. 937.Pp 938.\" 939.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 940.Pq Vt str 941New name for 942.Dq interface . 943It is possible to rename interface by doing: 944.Bd -literal 945ifconfig_ed0_name="net0" 946ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 947.Ed 948.It Va network_interfaces 949.Pq Vt str 950The list of network interfaces to configure on this host, 951or 952.Dq Li auto 953to configure all network interfaces 954(default 955.Dq Li auto ) . 956For example, if the only network devices to be configured are the loopback device 957.Pq Li lo0 958and a NIC using the 959.Xr ed 4 960driver, this could be set to 961.Dq Li "lo0 ed0" . 962An 963.Va ifconfig_ Ns Aq Ar interface 964variable is assumed to exist for each value of 965.Ar interface . 966.It Va ipv6_network_interfaces 967.Pq Vt str 968This is the IPv6 equivalent of 969.Va network_interfaces . 970Instead of setting the ifconfig variables as 971.Va ifconfig_ Ns Aq Ar interface 972they should be set as 973.Va ipv6_ifconfig_ Ns Aq Ar interface . 974Aliases should be set as 975.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 976Interfaces that do not have a 977.Va ipv6_ifconfig_ Ns Aq Ar interface 978setting will be auto configured by 979.Xr rtsol 8 980if the 981.Va ipv6_gateway_enable 982is set to 983.Dq Li NO . 984Note that the IPv6 networking code does not support the 985.Pa /etc/start_if. Ns Aq Ar interface 986files. 987.It Va ipv6_prefix_ Ns Aq Ar interface 988.Pq Vt str 989Assign prefix to 990.Ar interface , 991prefixlen 64 is used. 992.It Va ipv6_default_interface 993.Pq Vt str 994If not set to 995.Dq Li NO , 996this is the default output interface for scoped addresses. 997Now this works only for IPv6 link local multicast addresses. 998.It Va cloned_interfaces 999.Pq Vt str 1000Set to the list of clonable network interfaces to create on this host. 1001Entries in 1002.Va cloned_interfaces 1003are automatically appended to 1004.Va network_interfaces 1005for configuration. 1006.It Va gif_interfaces 1007.Pq Vt str 1008Set to the list of 1009.Xr gif 4 1010tunnel interfaces to configure on this host. 1011A 1012.Va gifconfig_ Ns Aq Ar interface 1013variable is assumed to exist for each value of 1014.Ar interface . 1015The value of this variable is used to configure the link layer of the 1016tunnel according to the syntax of the 1017.Cm tunnel 1018option to 1019.Xr ifconfig 8 . 1020Additionally, this option ensures that each listed interface is created via the 1021.Cm create 1022option to 1023.Xr ifconfig 8 1024before attempting to configure it. 1025.It Va sppp_interfaces 1026.Pq Vt str 1027Set to the list of 1028.Xr sppp 4 1029interfaces to configure on this host. 1030A 1031.Va spppconfig_ Ns Aq Ar interface 1032variable is assumed to exist for each value of 1033.Ar interface . 1034Each interface should also be configured by a general 1035.Va ifconfig_ Ns Aq Ar interface 1036setting. 1037Refer to 1038.Xr spppcontrol 8 1039for more information about available options. 1040.It Va ppp_enable 1041.Pq Vt bool 1042If set to 1043.Dq Li YES , 1044run the 1045.Xr ppp 8 1046daemon. 1047.It Va ppp_mode 1048.Pq Vt str 1049Mode in which to run the 1050.Xr ppp 8 1051daemon. 1052Accepted modes are 1053.Dq Li auto , 1054.Dq Li ddial , 1055.Dq Li direct 1056and 1057.Dq Li dedicated . 1058See the manual for a full description. 1059.It Va ppp_nat 1060.Pq Vt bool 1061If set to 1062.Dq Li YES , 1063enables network address translation. 1064Used in conjunction with 1065.Va gateway_enable 1066allows hosts on private network addresses access to the Internet using 1067this host as a network address translating router. 1068.It Va ppp_profile 1069.Pq Vt str 1070The name of the profile to use from 1071.Pa /etc/ppp/ppp.conf . 1072.It Va ppp_user 1073.Pq Vt str 1074The name of the user under which 1075.Xr ppp 8 1076should be started. 1077By default, 1078.Xr ppp 8 1079is started as 1080.Dq Li root . 1081.It Va rc_conf_files 1082.Pq Vt str 1083This option is used to specify a list of files that will override 1084the settings in 1085.Pa /etc/defaults/rc.conf . 1086The files will be read in the order in which they are specified and should 1087include the full path to the file. 1088By default, the files specified are 1089.Pa /etc/rc.conf 1090and 1091.Pa /etc/rc.conf.local 1092.It Va fsck_y_enable 1093.Pq Vt bool 1094If set to 1095.Dq Li YES , 1096.Xr fsck 8 1097will be run with the 1098.Fl y 1099flag if the initial preen of the file systems fails. 1100.It Va netfs_types 1101.Pq Vt str 1102List of file system types that are network-based. 1103This list should generally not be modified by end users. 1104Use 1105.Va extra_netfs_types 1106instead. 1107.It Va extra_netfs_types 1108.Pq Vt str 1109If set to something other than 1110.Dq Li NO 1111(the default), this variable extends the list of file system types 1112for which automatic mounting at startup by 1113.Xr rc 8 1114should be delayed until the network is initialized. 1115It should contain 1116a whitespace-separated list of network file system descriptor pairs, 1117each consisting of a file system type as passed to 1118.Xr mount 8 1119and a human-readable, one-word description, joined with a colon 1120.Pq Ql \&: . 1121Extending the default list in this way is only necessary 1122when third party file system types are used. 1123.It Va devfs_config_files 1124.Pq Vt str 1125This option is used to specify a list of configuration files containing 1126.Xr devfs 5 1127rules that will be applied by 1128.Xr devfsctl 8 1129in the order in which they are specified and must include the full path 1130to the file. 1131.It Va syslogd_enable 1132.Pq Vt bool 1133If set to 1134.Dq Li YES , 1135run the 1136.Xr syslogd 8 1137daemon. 1138.It Va syslogd_program 1139.Pq Vt str 1140Path to 1141.Xr syslogd 8 1142(default 1143.Pa /usr/sbin/syslogd ) . 1144.It Va syslogd_flags 1145.Pq Vt str 1146If 1147.Va syslogd_enable 1148is set to 1149.Dq Li YES , 1150these are the flags to pass to 1151.Xr syslogd 8 . 1152.It Va inetd_enable 1153.Pq Vt bool 1154If set to 1155.Dq Li YES , 1156run the 1157.Xr inetd 8 1158daemon. 1159.It Va inetd_program 1160.Pq Vt str 1161Path to 1162.Xr inetd 8 1163(default 1164.Pa /usr/sbin/inetd ) . 1165.It Va inetd_flags 1166.Pq Vt str 1167If 1168.Va inetd_enable 1169is set to 1170.Dq Li YES , 1171these are the flags to pass to 1172.Xr inetd 8 . 1173.It Va rwhod_enable 1174.Pq Vt bool 1175If set to 1176.Dq Li YES , 1177run the 1178.Xr rwhod 8 1179daemon at boot time. 1180.It Va rwhod_flags 1181.Pq Vt str 1182If 1183.Va rwhod_enable 1184is set to 1185.Dq Li YES , 1186these are the flags to pass to it. 1187.It Va amd_enable 1188.Pq Vt bool 1189If set to 1190.Dq Li YES , 1191run the 1192.Xr amd 8 1193daemon at boot time. 1194.It Va amd_flags 1195.Pq Vt str 1196If 1197.Va amd_enable 1198is set to 1199.Dq Li YES , 1200these are the flags to pass to it. 1201See the 1202.Xr amd 8 1203manpage for more information. 1204.It Va amd_map_program 1205.Pq Vt str 1206If set, the specified program is run to get the list of 1207.Xr amd 8 1208maps. 1209For example, if the 1210.Xr amd 8 1211maps are stored in NIS, one can set this to run 1212.Xr ypcat 1 1213to get a list of 1214.Xr amd 8 1215maps from the 1216.Pa amd.master 1217NIS map. 1218.It Va update_motd 1219.Pq Vt bool 1220If set to 1221.Dq Li YES , 1222.Pa /etc/motd 1223will be updated at boot time to reflect the kernel release being run. 1224If set to 1225.Dq Li NO , 1226.Pa /etc/motd 1227will not be updated. 1228.It Va nfs_client_enable 1229.Pq Vt bool 1230If set to 1231.Dq Li YES , 1232setup NFS client parameters at boot time. 1233.It Va nfs_access_cache 1234.Pq Vt int 1235If 1236.Va nfs_client_enable 1237is set to 1238.Dq Li YES , 1239this can be set to 1240.Dq Li 0 1241to disable NFS ACCESS RPC caching, or to the number of seconds for which 1242NFS ACCESS results should be cached. 1243A value of 2-10 seconds will substantially reduce network traffic for 1244many NFS operations. 1245The default is 5 seconds. 1246Note that the attribute cache holds stat information only. 1247The NFS data cache is independent of the attribute cache and is only 1248invalidated when the client detects that the server has modified the 1249underlying file. 1250This value specifies a maximum timeout. 1251The NFS client will automatically use a shorter timeout for files which 1252have been recently modified. 1253.It Va nfs_neg_cache 1254.Pq Vt int 1255If 1256.Va nfs_client_enable 1257is set to 1258.Dq Li YES , 1259this can be set to 1260.Dq Li 0 1261to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1262filenames), or to the number of seconds for which negative lookups should 1263be cached. 1264A value of 2-10 seconds will substantially reduce network 1265traffic for many NFS operations, especially source code builds. 1266The default is 3 seconds. 1267.It Va nfs_server_enable 1268.Pq Vt bool 1269If set to 1270.Dq Li YES , 1271run the NFS server daemons at boot time. 1272.It Va nfs_server_flags 1273.Pq Vt str 1274If 1275.Va nfs_server_enable 1276is set to 1277.Dq Li YES , 1278these are the flags to pass to the 1279.Xr nfsd 8 1280daemon. 1281.It Va mountd_enable 1282.Pq Vt bool 1283If set to 1284.Dq Li YES , 1285and no 1286.Va nfs_server_enable 1287is set, start 1288.Xr mountd 8 , 1289but not 1290.Xr nfsd 8 1291daemon. 1292It is commonly needed to run CFS without real NFS used. 1293.It Va mountd_flags 1294.Pq Vt str 1295If 1296.Va mountd_enable 1297is set to 1298.Dq Li YES , 1299these are the flags to pass to the 1300.Xr mountd 8 1301daemon. 1302.It Va weak_mountd_authentication 1303.Pq Vt bool 1304If set to 1305.Dq Li YES , 1306allow services like PCNFSD to make non-privileged mount requests. 1307.It Va nfs_reserved_port_only 1308.Pq Vt bool 1309If set to 1310.Dq Li YES , 1311provide NFS services only on a secure port. 1312.It Va nfs_bufpackets 1313.Pq Vt int 1314If set to a number, indicates the number of packets worth of 1315socket buffer space to reserve on an NFS client. 1316The kernel default is typically 4. 1317Using a higher number may be useful on gigabit networks to improve performance. 1318The minimum value is 2 and the maximum is 64. 1319.It Va rpc_umntall_enable 1320.Pq Vt bool 1321If set to 1322.Dq Li YES 1323(default) and we are also an NFS client, run 1324.Xr rpc.umntall 8 1325at boot time to clear out old mounts on remote servers. 1326If set to 1327.Dq Li NO 1328then 1329.Xr rpc.umntall 8 1330will not be run at boot time. 1331.It Va rpc_lockd_enable 1332.Pq Vt bool 1333If set to 1334.Dq Li YES 1335and also an NFS server, run 1336.Xr rpc.lockd 8 1337at boot time. 1338.It Va rpc_lockd_flags 1339.Pq Vt str 1340If 1341.Va rpc_lockd_enable 1342is set to 1343.Dq Li YES , 1344these are the flags to pass to 1345.Xr rpc.lockd 8 . 1346.It Va rpc_statd_enable 1347.Pq Vt bool 1348If set to 1349.Dq Li YES 1350and also an NFS server, run 1351.Xr rpc.statd 8 1352at boot time. 1353.It Va rpc_statd_flags 1354.Pq Vt str 1355If 1356.Va rpc_statd_enable 1357is set to 1358.Dq Li YES , 1359these are the flags to pass to 1360.Xr rpc.statd 8 . 1361.It Va rpcbind_program 1362.Pq Vt str 1363Path to program for rpcbind daemon 1364(default 1365.Pa /usr/sbin/rpcbind ) . 1366.It Va rpcbind_enable 1367.Pq Vt bool 1368If set to 1369.Dq Li YES , 1370run 1371.Va rpcbind_program 1372at boot time. 1373.It Va rpcbind_flags 1374.Pq Vt str 1375If 1376.Va rpcbind_enable 1377is set to 1378.Dq Li YES , 1379these are the flags to pass to 1380.Va rpcbind_program . 1381.It Va keyserv_enable 1382.Pq Vt bool 1383If set to 1384.Dq Li YES , 1385run the 1386.Xr keyserv 8 1387daemon on boot for running Secure RPC. 1388.It Va keyserv_flags 1389.Pq Vt str 1390If 1391.Va keyserv_enable 1392is set to 1393.Dq Li YES , 1394these are the flags to pass to 1395.Xr keyserv 8 1396daemon. 1397.It Va pppoed_enable 1398.Pq Vt bool 1399If set to 1400.Dq Li YES , 1401run the 1402.Xr pppoed 8 1403daemon at boot time to provide PPP over Ethernet services. 1404.It Va pppoed_provider 1405.Pq Vt str 1406.Xr pppoed 8 1407listens to requests to this provider and ultimately runs 1408.Xr ppp 8 1409with a 1410.Ar system 1411argument of the same name. 1412.It Va pppoed_flags 1413.Pq Vt str 1414Additional flags to pass to 1415.Xr pppoed 8 . 1416.It Va pppoed_interface 1417.Pq Vt str 1418The network interface to run 1419.Xr pppoed 8 1420on. 1421This is mandatory when 1422.Va pppoed_enable 1423is set to 1424.Dq Li YES . 1425.It Va timed_enable 1426.Pq Vt bool 1427If set to 1428.Dq Li YES , 1429run the 1430.Xr timed 8 1431service at boot time. 1432This command is intended for networks of machines where a consistent 1433.Dq "network time" 1434for all hosts must be established. 1435This is often useful in large NFS environments where time stamps on 1436files are expected to be consistent network-wide. 1437.It Va timed_flags 1438.Pq Vt str 1439If 1440.Va timed_enable 1441is set to 1442.Dq Li YES , 1443these are the flags to pass to the 1444.Xr timed 8 1445service. 1446.It Va dntpd_enable 1447.Pq Vt bool 1448If set to 1449.Dq Li YES , 1450run 1451.Xr dntpd 8 1452at system boot time. 1453.It Va dntpd_program 1454.Pq Vt str 1455Path to 1456.Xr dntpd 8 1457(default 1458.Pa /usr/sbin/dntpd ) . 1459.It Va dntpd_flags 1460.Pq Vt str 1461If 1462.Va dntpd_enable 1463is set to 1464.Dq Li YES , 1465these are the flags to pass to the 1466.Xr dntpd 8 1467daemon. 1468.It Va btconfig_enable 1469.Pq Vt bool 1470If set to 1471.Dq Li YES , 1472configure Bluetooth devices via 1473.Xr btconfig 8 1474at system boot time. 1475.It Va btconfig_devices 1476.Pq Vt str 1477If 1478.Va btconfig_enable 1479is set to 1480.Dq Li YES , 1481this is the list of Bluetooth devices to configure. 1482If 1483.Va btconfig_devices 1484is not specified, all devices known to the system will be configured. 1485A 1486.Va btconfig_ Ns Aq Ar device 1487variable can be set to specify parameters to be passed to 1488.Ar device . 1489.It Va btconfig_args 1490.Pq Vt str 1491If 1492.Va btconfig_enable 1493is set to 1494.Dq Li YES , 1495this is the list of configuration parameters to pass to all Bluetooth 1496devices. 1497.It Va sdpd_enable 1498.Pq Vt bool 1499If set to 1500.Dq Li YES , 1501run the Service Discovery Profile daemon 1502.Xr ( sdpd 8 ) 1503at system boot time. 1504.It Va sdpd_flags 1505.Pq Vt str 1506If 1507.Va sdpd_enable 1508is set to 1509.Dq Li YES , 1510these are the flags to pass to the 1511.Xr sdpd 8 1512daemon. 1513.It Va bthcid_enable 1514.Pq Vt bool 1515If set to 1516.Dq Li YES , 1517run the Bluetooth Link Key/PIN Code Manager daemon 1518.Xr ( bthcid 8 ) 1519at system boot time. 1520.It Va bthcid_flags 1521.Pq Vt str 1522If 1523.Va bthcid_enable 1524is set to 1525.Dq Li YES , 1526these are the flags to pass to the 1527.Xr bthcid 8 1528daemon. 1529.It Va nis_client_enable 1530.Pq Vt bool 1531If set to 1532.Dq Li YES , 1533run the 1534.Xr ypbind 8 1535service at system boot time. 1536.It Va nis_client_flags 1537.Pq Vt str 1538If 1539.Va nis_client_enable 1540is set to 1541.Dq Li YES , 1542these are the flags to pass to the 1543.Xr ypbind 8 1544service. 1545.It Va nis_ypset_enable 1546.Pq Vt bool 1547If set to 1548.Dq Li YES , 1549run the 1550.Xr ypset 8 1551daemon at system boot time. 1552.It Va nis_ypset_flags 1553.Pq Vt str 1554If 1555.Va nis_ypset_enable 1556is set to 1557.Dq Li YES , 1558these are the flags to pass to the 1559.Xr ypset 8 1560daemon. 1561.It Va nis_server_enable 1562.Pq Vt bool 1563If set to 1564.Dq Li YES , 1565run the 1566.Xr ypserv 8 1567daemon at system boot time. 1568.It Va nis_server_flags 1569.Pq Vt str 1570If 1571.Va nis_server_enable 1572is set to 1573.Dq Li YES , 1574these are the flags to pass to the 1575.Xr ypserv 8 1576daemon. 1577.It Va nis_ypxfrd_enable 1578.Pq Vt bool 1579If set to 1580.Dq Li YES , 1581run the 1582.Xr rpc.ypxfrd 8 1583daemon at system boot time. 1584.It Va nis_ypxfrd_flags 1585.Pq Vt str 1586If 1587.Va nis_ypxfrd_enable 1588is set to 1589.Dq Li YES , 1590these are the flags to pass to the 1591.Xr rpc.ypxfrd 8 1592daemon. 1593.It Va nis_yppasswdd_enable 1594.Pq Vt bool 1595If set to 1596.Dq Li YES , 1597run the 1598.Xr rpc.yppasswdd 8 1599daemon at system boot time. 1600.It Va nis_yppasswdd_flags 1601.Pq Vt str 1602If 1603.Va nis_yppasswdd_enable 1604is set to 1605.Dq Li YES , 1606these are the flags to pass to the 1607.Xr rpc.yppasswdd 8 1608daemon. 1609.It Va rpc_ypupdated_enable 1610.Pq Vt bool 1611If set to 1612.Dq Li YES , 1613run the 1614.Nm rpc.ypupdated 1615daemon at system boot time. 1616.It Va defaultrouter 1617.Pq Vt str 1618If not set to 1619.Dq Li NO , 1620create a default route to this host name or IP address 1621(use an IP address if this router is also required to get to the 1622name server!). 1623.It Va ipv6_defaultrouter 1624.Pq Vt str 1625The IPv6 equivalent of 1626.Va defaultrouter . 1627.It Va static_routes 1628.Pq Vt str 1629Set to the list of static routes that are to be added at system boot time. 1630If not set to 1631.Dq Li NO 1632then for each whitespace separated 1633.Ar element 1634in the value, a 1635.Va route_ Ns Aq Ar element 1636variable is assumed to exist whose contents will later be passed to a 1637.Dq Nm route Cm add 1638operation. 1639.It Va ipv6_static_routes 1640.Pq Vt str 1641The IPv6 equivalent of 1642.Va static_routes . 1643If not set to 1644.Dq Li NO 1645then for each whitespace separated 1646.Ar element 1647in the value, a 1648.Va ipv6_route_ Ns Aq Ar element 1649variable is assumed to exist whose contents will later be passed to a 1650.Dq Nm route Cm add Fl inet6 1651operation. 1652.It Va gateway_enable 1653.Pq Vt bool 1654If set to 1655.Dq Li YES , 1656configure host to act as an IP router, e.g. to forward packets 1657between interfaces. 1658.It Va ipv6_gateway_enable 1659.Pq Vt bool 1660The IPv6 equivalent of 1661.Va gateway_enable . 1662.It Va router_enable 1663.Pq Vt bool 1664If set to 1665.Dq Li YES , 1666run a routing daemon of some sort, based on the settings of 1667.Va router_program 1668and 1669.Va router_flags . 1670.It Va ipv6_router_enable 1671.Pq Vt bool 1672The IPv6 equivalent of 1673.Va router_enable . 1674If set to 1675.Dq Li YES , 1676run a routing daemon of some sort, based on the settings of 1677.Va ipv6_router_program 1678and 1679.Va ipv6_router_flags . 1680.It Va router_program 1681.Pq Vt str 1682If 1683.Va router_enable 1684is set to 1685.Dq Li YES , 1686this is the name of the routing daemon to use 1687(default 1688.Pa /sbin/routed ) . 1689.It Va ipv6_router_program 1690.Pq Vt str 1691The IPv6 equivalent of 1692.Va router_program 1693(default 1694.Pa /sbin/route6d ) . 1695.It Va router_flags 1696.Pq Vt str 1697If 1698.Va router_enable 1699is set to 1700.Dq Li YES , 1701these are the flags to pass to the routing daemon. 1702.It Va ipv6_router_flags 1703.Pq Vt str 1704The IPv6 equivalent of 1705.Va router_flags . 1706.It Va mrouted_enable 1707.Pq Vt bool 1708If set to 1709.Dq Li YES , 1710run the multicast routing daemon, 1711.Xr mrouted 8 . 1712.It Va mroute6d_enable 1713.Pq Vt bool 1714The IPv6 equivalent of 1715.Va mrouted_enable . 1716If set to 1717.Dq Li YES , 1718run the IPv6 multicast routing daemon. 1719Note that no IPv6 multicast routing daemon is included in the 1720.Dx 1721base system but 1722.Xr pim6dd 8 1723can be installed from the 1724.Xr pkgsrc 7 1725collection. 1726.It Va mrouted_flags 1727.Pq Vt str 1728If 1729.Va mrouted_enable 1730is set to 1731.Dq Li YES , 1732these are the flags to pass to the 1733.Xr mrouted 8 1734daemon. 1735.It Va mroute6d_flags 1736.Pq Vt str 1737The IPv6 equivalent of 1738.Va mrouted_flags . 1739If 1740.Va mroute6d_enable 1741is set to 1742.Dq Li YES , 1743these are the flags passed to the IPv6 multicast routing daemon. 1744.It Va mroute6d_program 1745.Pq Vt str 1746If 1747.Va mroute6d_enable 1748is set to 1749.Dq Li YES , 1750this is the path to the IPv6 multicast routing daemon. 1751.It Va rtadvd_enable 1752.Pq Vt bool 1753If set to 1754.Dq Li YES , 1755run the 1756.Xr rtadvd 8 1757daemon at boot time. 1758.Xr rtadvd 8 1759will only run if 1760.Va ipv6_gateway_enable 1761is also set to 1762.Dq Li YES . 1763The 1764.Xr rtadvd 8 1765utility sends router advertisement packets to the interfaces specified in 1766.Va rtadvd_interfaces . 1767.Xr rtadvd 8 1768and should only be enabled with great care. 1769You may want to fine-tune 1770.Xr rtadvd.conf 5 . 1771.It Va rtadvd_interfaces 1772.Pq Vt str 1773If 1774.Va rtadvd_enable 1775is set to 1776.Dq Li YES 1777this is the list of interfaces to use. 1778.It Va rtsold_enable 1779.Pq Vt bool 1780If set to 1781.Dq Li YES , 1782run the 1783.Xr rtsold 8 1784daemon at boot time. 1785The 1786.Xr rtsold 8 1787daemon is used for automatic discovery of non-link local addresses. 1788.It Va rtsold_flags 1789.Pq Vt str 1790If 1791.Va rtsold_enable 1792is set to 1793.Dq Li YES , 1794these are the flags to pass to the 1795.Xr rtsold 8 1796daemon. 1797.It Va ipxgateway_enable 1798.Pq Vt bool 1799If set to 1800.Dq Li YES , 1801enable the routing of IPX traffic. 1802.It Va ipxrouted_enable 1803.Pq Vt bool 1804If set to 1805.Dq Li YES , 1806run the 1807.Xr IPXrouted 8 1808daemon at system boot time. 1809.It Va ipxrouted_flags 1810.Pq Vt str 1811If 1812.Va ipxrouted_enable 1813is set to 1814.Dq Li YES , 1815these are the flags to pass to the 1816.Xr IPXrouted 8 1817daemon. 1818.It Va arpproxy_all 1819.Pq Vt bool 1820If set to 1821.Dq Li YES , 1822enable global proxy ARP. 1823.It Va forward_sourceroute 1824.Pq Vt bool 1825If set to 1826.Dq Li YES 1827and 1828.Va gateway_enable 1829is also set to 1830.Dq Li YES , 1831source-routed packets are forwarded. 1832.It Va accept_sourceroute 1833.Pq Vt bool 1834If set to 1835.Dq Li YES , 1836the system will accept source-routed packets directed at it. 1837.It Va rarpd_enable 1838.Pq Vt bool 1839If set to 1840.Dq Li YES , 1841run the 1842.Xr rarpd 8 1843daemon at system boot time. 1844.It Va rarpd_flags 1845.Pq Vt str 1846If 1847.Va rarpd_enable 1848is set to 1849.Dq Li YES , 1850these are the flags to pass to the 1851.Xr rarpd 8 1852daemon. 1853.It Va bootparamd_enable 1854.Pq Vt bool 1855If set to 1856.Dq Li YES , 1857run the 1858.Xr bootparamd 8 1859daemon at system boot time. 1860.It Va bootparamd_flags 1861.Pq Vt str 1862If 1863.Va bootparamd_enable 1864is set to 1865.Dq Li YES , 1866these are the flags to pass to the 1867.Xr bootparamd 8 1868daemon. 1869.It Va stf_interface_ipv4addr 1870.Pq Vt str 1871If not set to 1872.Dq Li NO , 1873this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1874Specify this entry to enable the 6to4 interface. 1875.It Va stf_interface_ipv4plen 1876.Pq Vt int 1877Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1878An effective value is 0-31. 1879.It Va stf_interface_ipv6_ifid 1880.Pq Vt str 1881IPv6 interface ID for 1882.Xr stf 4 . 1883This can be set to 1884.Dq Li AUTO . 1885.It Va stf_interface_ipv6_slaid 1886.Pq Vt str 1887IPv6 Site Level Aggregator for 1888.Xr stf 4 . 1889.It Va ipv6_faith_prefix 1890.Pq Vt str 1891If not set to 1892.Dq Li NO , 1893this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP translator. 1894You also need 1895.Xr faithd 8 1896setup. 1897.It Va ipv6_ipv4mapping 1898.Pq Vt bool 1899If set to 1900.Dq Li YES 1901this enables IPv4 mapped IPv6 address communication (like 1902.Li ::ffff:a.b.c.d ) . 1903.It Va atm_enable 1904.Pq Vt bool 1905Set to 1906.Dq Li YES 1907to enable the configuration of ATM interfaces at system boot time. 1908For all of the ATM variables described below, please refer to the 1909.Xr atm 8 1910man page for further details on the available command parameters. 1911Also refer to the files in 1912.Pa /usr/share/examples/atm 1913for more detailed configuration information. 1914.It Va atm_netif_ Ns Aq Ar intf 1915.Pq Vt str 1916For the ATM physical interface 1917.Ar intf , 1918this variable defines the name prefix and count for the ATM network 1919interfaces to be created. 1920The value will be passed as the parameters of an 1921.Dq Nm atm Cm "set netif" Ar intf 1922command. 1923.It Va atm_sigmgr_ Ns Aq Ar intf 1924.Pq Vt str 1925For the ATM physical interface 1926.Ar intf , 1927this variable defines the ATM signalling manager to be used. 1928The value will be passed as the parameters of an 1929.Dq Nm atm Cm attach Ar intf 1930command. 1931.It Va atm_prefix_ Ns Aq Ar intf 1932.Pq Vt str 1933For the ATM physical interface 1934.Ar intf , 1935this variable defines the NSAP prefix for interfaces using a UNI signalling 1936manager. 1937If set to 1938.Dq Li ILMI , 1939the prefix will automatically be set via the 1940.Xr ilmid 8 1941daemon. 1942Otherwise, the value will be passed as the parameters of an 1943.Dq Nm atm Cm "set prefix" Ar intf 1944command. 1945.It Va atm_macaddr_ Ns Aq Ar intf 1946.Pq Vt str 1947For the ATM physical interface 1948.Ar intf , 1949this variable defines the MAC address for interfaces using a UNI signalling 1950manager. 1951If set to 1952.Dq Li NO , 1953the hardware MAC address contained in the ATM interface card will be used. 1954Otherwise, the value will be passed as the parameters of an 1955.Dq Nm atm Cm "set mac" Ar intf 1956command. 1957.It Va atm_arpserver_ Ns Aq Ar netif 1958.Pq Vt str 1959For the ATM network interface 1960.Ar netif , 1961this variable defines the ATM address for a host which is to provide ATMARP 1962service. 1963This variable is only applicable to interfaces using a UNI signalling manager. 1964If set to 1965.Dq Li local , 1966this host will become an ATMARP server. 1967The value will be passed as the parameters of an 1968.Dq Nm atm Cm "set arpserver" Ar netif 1969command. 1970.It Va atm_scsparp_ Ns Aq Ar netif 1971.Pq Vt bool 1972If set to 1973.Dq Li YES , 1974SCSP/ATMARP service for the network interface 1975.Ar netif 1976will be initiated using the 1977.Xr scspd 8 1978and 1979.Xr atmarpd 8 1980daemons. 1981This variable is only applicable if 1982.Va atm_arpserver_ Ns Aq Ar netif 1983is set to 1984.Dq Li local . 1985.It Va atm_arps 1986.Pq Vt str 1987Set to the list of permanent ATM ARP entries to be added at system boot time. 1988For each whitespace separated 1989.Ar element 1990in the value, an 1991.Va atm_arp_ Ns Aq Ar element 1992variable is assumed to exist. 1993The value of each of these variables will be passed as the parameters of an 1994.Dq Nm atm Cm "add arp" 1995command. 1996.It Va keybell 1997.Pq Vt str 1998The keyboard bell sound. 1999Set to 2000.Dq Li normal , 2001.Dq Li visual , 2002.Dq Li off , 2003or 2004.Dq Li NO 2005if the default behavior is desired. 2006For details, refer to the 2007.Xr kbdcontrol 1 2008manpage. 2009.It Va keymap 2010.Pq Vt str 2011If set to 2012.Dq Li NO , 2013no keymap is installed, otherwise the value is used to install 2014the keymap file in 2015.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2016.It Va keyrate 2017.Pq Vt str 2018The keyboard repeat speed. 2019Set to 2020.Dq Li slow , 2021.Dq Li normal , 2022.Dq Li fast , 2023or 2024.Dq Li NO 2025if the default behavior is desired. 2026.It Va keychange 2027.Pq Vt str 2028If not set to 2029.Dq Li NO , 2030attempt to program the function keys with the value. 2031The value should be a single string of the form: 2032.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2033.It Va cursor 2034.Pq Vt str 2035Can be set to the value of 2036.Dq Li normal , 2037.Dq Li blink , 2038.Dq Li destructive , 2039or 2040.Dq Li NO 2041to set the cursor behavior explicitly or choose the default behavior. 2042.It Va scrnmap 2043.Pq Vt str 2044If set to 2045.Dq Li NO , 2046no screen map is installed, otherwise the value is used to install 2047the screen map file in 2048.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2049.It Va font8x16 2050.Pq Vt str 2051If set to 2052.Dq Li NO , 2053the default 8x16 font value is used for screen size requests, otherwise 2054the value in 2055.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2056is used. 2057.It Va font8x14 2058.Pq Vt str 2059If set to 2060.Dq Li NO , 2061the default 8x14 font value is used for screen size requests, otherwise 2062the value in 2063.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2064is used. 2065.It Va font8x8 2066.Pq Vt str 2067If set to 2068.Dq Li NO , 2069the default 8x8 font value is used for screen size requests, otherwise 2070the value in 2071.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2072is used. 2073.It Va blanktime 2074.Pq Vt int 2075If set to 2076.Dq Li NO , 2077the default screen blanking interval is used, otherwise it is set to 2078.Ar value 2079seconds. 2080.It Va saver 2081.Pq Vt str 2082If not set to 2083.Dq Li NO , 2084this is the actual screen saver to use 2085.Li ( blank , snake , daemon , 2086etc). 2087.It Va moused_enable 2088.Pq Vt str 2089If set to 2090.Dq Li YES , 2091the 2092.Xr moused 8 2093daemon is started for doing cut/paste selection on the console. 2094.It Va moused_type 2095.Pq Vt str 2096This is the protocol type of the mouse connected to this host. 2097This variable must be set if 2098.Va moused_enable 2099is set to 2100.Dq Li YES . 2101The 2102.Xr moused 8 2103daemon 2104is able to detect the appropriate mouse type automatically in many cases. 2105Set this variable to 2106.Dq Li auto 2107to let the daemon detect it, or 2108select one from the following list if the automatic detection fails. 2109.Pp 2110If the mouse is attached to the PS/2 mouse port, choose 2111.Dq Li auto 2112or 2113.Dq Li ps/2 , 2114regardless of the brand and model of the mouse. 2115Likewise, if the mouse is attached to the bus mouse port, choose 2116.Dq Li auto 2117or 2118.Dq Li busmouse . 2119All other protocols are for serial mice and will not work with 2120the PS/2 and bus mice. 2121If this is a USB mouse, 2122.Dq Li auto 2123is the only protocol type which will work. 2124.Pp 2125.Bl -tag -width ".Li x10mouseremote" -compact 2126.It Li microsoft 2127Microsoft mouse (serial) 2128.It Li intellimouse 2129Microsoft IntelliMouse (serial) 2130.It Li mousesystems 2131Mouse systems Corp. mouse (serial) 2132.It Li mmseries 2133MM Series mouse (serial) 2134.It Li logitech 2135Logitech mouse (serial) 2136.It Li busmouse 2137A bus mouse 2138.It Li mouseman 2139Logitech MouseMan and TrackMan (serial) 2140.It Li glidepoint 2141ALPS GlidePoint (serial) 2142.It Li thinkingmouse 2143Kensington ThinkingMouse (serial) 2144.It Li ps/2 2145PS/2 mouse 2146.It Li mmhittab 2147MM HitTablet (serial) 2148.It Li x10mouseremote 2149X10 MouseRemote (serial) 2150.It Li versapad 2151Interlink VersaPad (serial) 2152.El 2153.Pp 2154Even if the mouse is not in the above list, it may be compatible 2155with one in the list. 2156Refer to the man page for 2157.Xr moused 8 2158for compatibility information. 2159.Pp 2160It should also be noted that while this is enabled, any 2161other client of the mouse (such as an X server) should access 2162the mouse through the virtual mouse device, 2163.Pa /dev/sysmouse , 2164and configure it as a 2165.Dq Li sysmouse 2166type mouse, since all 2167mouse data is converted to this single canonical format when using 2168.Xr moused 8 . 2169If the client program does not support the 2170.Dq Li sysmouse 2171type, specify the 2172.Dq Li mousesystems 2173type. 2174It is the second preferred type. 2175.It Va moused_port 2176.Pq Vt str 2177If 2178.Va moused_enable 2179is set to 2180.Dq Li YES , 2181this is the actual port the mouse is on. 2182It might be 2183.Pa /dev/cuaa0 2184for a COM1 serial mouse, 2185.Pa /dev/psm0 2186for a PS/2 mouse or 2187.Pa /dev/mse0 2188for a bus mouse, for example. 2189.It Va moused_flags 2190.Pq Vt str 2191If 2192.Va moused_type 2193is set, these are the additional flags to pass to the 2194.Xr moused 8 2195daemon. 2196.It Va mousechar_start 2197.Pq Vt int 2198If set to 2199.Dq Li NO , 2200the default mouse cursor character range 2201.Li 0xd0 Ns - Ns Li 0xd3 2202is used, otherwise the range start is set to 2203.Ar value 2204character, see 2205.Xr vidcontrol 1 . 2206Use if the default range is occupied in the language code table. 2207.It Va vidhistory 2208.Pq Vt int 2209Set the size of the history (scrollback) buffer in lines. 2210.It Va allscreens_flags 2211.Pq Vt str 2212If set, 2213.Xr vidcontrol 1 2214is run with these options for each of the virtual terminals 2215.Pq Pa /dev/ttyv* . 2216For example, 2217.Dq Fl m Cm on 2218will enable the mouse pointer on all virtual terminals if 2219.Va moused_enable 2220is set to 2221.Dq Li YES . 2222.It Va allscreens_kbdflags 2223.Pq Vt str 2224If set, 2225.Xr kbdcontrol 1 2226is run with these options for each of the virtual terminals 2227.Pq Pa /dev/ttyv* . 2228For example, 2229.Dq Fl h Li 200 2230will set the 2231.Xr syscons 4 2232scrollback (history) buffer to 200 lines. 2233.It Va cron_enable 2234.Pq Vt bool 2235If set to 2236.Dq Li YES , 2237run the 2238.Xr cron 8 2239daemon at system boot time. 2240.It Va cron_program 2241.Pq Vt str 2242Path to 2243.Xr cron 8 2244(default 2245.Pa /usr/sbin/cron ) . 2246.It Va cron_flags 2247.Pq Vt str 2248If 2249.Va cron_enable 2250is set to 2251.Dq Li YES , 2252these are the flags to pass to 2253.Xr cron 8 . 2254.It Va lpd_program 2255.Pq Vt str 2256Path to 2257.Xr lpd 8 2258(default 2259.Pa /usr/sbin/lpd ) . 2260.It Va lpd_enable 2261.Pq Vt bool 2262If set to 2263.Dq Li YES , 2264run the 2265.Xr lpd 8 2266daemon at system boot time. 2267.It Va lpd_flags 2268.Pq Vt str 2269If 2270.Va lpd_enable 2271is set to 2272.Dq Li YES , 2273these are the flags to pass to the 2274.Xr lpd 8 2275daemon. 2276.It Va nscd_enable 2277.Pq Vt bool 2278If set to 2279.Dq Li YES , 2280run the 2281.Xr nscd 8 2282daemon at system boot time. 2283.It Va mixer_enable 2284.Pq Vt bool 2285If set to 2286.Dq Li YES , 2287preserve 2288.Xr mixer 8 2289settings across reboots. 2290.It Va mta_start_script 2291.Pq Vt str 2292The full path to the script to run to start 2293a mail transfer agent. 2294The default is 2295.Pa /etc/rc.sendmail . 2296The 2297.Va sendmail_* 2298variables which 2299.Pa /etc/rc.sendmail 2300uses are documented in the 2301.Xr rc.sendmail 8 2302man page. 2303.It Va fixbootfile 2304.Pq Vt bool 2305In a 2306.Sq HAMMER ROOT with UFS /boot 2307setup, the boot loader will not set up the 2308.Va kern.bootfile 2309sysctl correctly. 2310The system will attempt to fix this on its own. 2311Set this variable to 2312.Dq Li NO 2313to turn this behavior off. 2314.It Va dumpdev 2315.Pq Vt str 2316Indicates the device (usually a swap partition) to which a crash dump 2317should be written in the event of a system crash. 2318The value of this variable is passed as the argument to 2319.Xr dumpon 8 2320and 2321.Xr savecore 8 . 2322To disable crash dumps, set this variable to 2323.Dq Li NO . 2324.It Va dumpdir 2325.Pq Vt str 2326When the system reboots after a crash and a crash dump is found on the 2327device specified by the 2328.Va dumpdev 2329variable, 2330.Xr savecore 8 2331will save that crash dump and a copy of the kernel to the directory 2332specified by the 2333.Va dumpdir 2334variable. 2335The default value is 2336.Pa /var/crash . 2337Set to 2338.Dq Li NO 2339to not run 2340.Xr savecore 8 2341at boot time when 2342.Va dumpdir 2343is set. 2344.It Va savecore_flags 2345.Pq Vt str 2346If crash dumps are enabled, these are the flags to pass to the 2347.Xr savecore 8 2348utility. 2349.It Va crashinfo_enable 2350.Pq Vt bool 2351Set to 2352.Dq Li YES 2353to turn on automatic crash dump summary generation using the utility 2354specified by the 2355.Va crashinfo_program 2356variable. 2357.It Va crashinfo_program 2358.Pq Vt str 2359Program to run to generate a crash dump summary if the variable 2360.Va crashinfo_enable 2361is set to 2362.Dq Li YES . 2363The default value is 2364.Pa /usr/sbin/crashinfo . 2365.It Va enable_quotas 2366.Pq Vt bool 2367Set to 2368.Dq Li YES 2369to turn on user disk quotas on system startup via the 2370.Xr quotaon 8 2371command. 2372.It Va check_quotas 2373.Pq Vt bool 2374Set to 2375.Dq Li YES 2376to enable user disk quota checking via the 2377.Xr quotacheck 8 2378command. 2379.It Va accounting_enable 2380.Pq Vt bool 2381Set to 2382.Dq Li YES 2383to enable system accounting through the 2384.Xr accton 8 2385facility. 2386.It Va linux_enable 2387.Pq Vt bool 2388Set to 2389.Dq Li YES 2390to enable Linux/ELF binary emulation at system initial boot time. 2391.It Va sysvipc_enable 2392.Pq Vt bool 2393If set to 2394.Dq Li YES , 2395load System V IPC primitives at boot time. 2396.\" ----- cleanvar_enable setting-------------------------------- 2397.It Va cleanvar_enable 2398.Pq Vt bool 2399Set to 2400.Dq Li YES 2401to have 2402.Pa /var/run , 2403.Pa /var/spool/lock 2404and 2405.Pa /var/spool/uucp/.Temp/* 2406cleaned at startup. 2407.\" ----- clear_tmp_enable setting------------------------------- 2408.It Va clear_tmp_enable 2409.Pq Vt bool 2410Set to 2411.Dq Li YES 2412to have 2413.Pa /tmp 2414cleaned at startup. 2415.\" ----- ldconfig_paths setting -------------------------------- 2416.It Va ldconfig_paths 2417.Pq Vt str 2418Set to the list of shared library paths to use with 2419.Xr ldconfig 8 . 2420NOTE: 2421.Pa /usr/lib 2422will always be added first, so it need not appear in this list. 2423.It Va ldconfig_insecure 2424.Pq Vt bool 2425The 2426.Xr ldconfig 8 2427utility normally refuses to use directories 2428which are writable by anyone except root. 2429Set this variable to 2430.Dq Li YES 2431to disable that security check during system startup. 2432.It Va kern_securelevel 2433.Pq Vt int 2434The kernel security level to set at startup. 2435The allowed range of 2436.Ar value 2437ranges from \-1 (the compile time default) to 3 (the most secure). 2438See 2439.Xr init 8 2440for the list of possible security levels and their effect on system operation. 2441.It Va start_vinum 2442.Pq Vt bool 2443Set to 2444.Dq Li YES 2445to start 2446.Xr vinum 8 2447at system boot time. 2448.It Va sshd_enable 2449.Pq Vt bool 2450Set to 2451.Dq Li YES 2452to start 2453.Xr sshd 8 2454at system boot time. 2455.It Va sshd_program 2456.Pq Vt str 2457Path to the SSH server program 2458(default 2459.Pa /usr/sbin/sshd ) . 2460.It Va sshd_flags 2461.Pq Vt str 2462If 2463.Va sshd_enable 2464is set to 2465.Dq Li YES , 2466these are the flags to pass to the 2467.Xr sshd 8 2468daemon. 2469.It Va ftpd_enable 2470.Pq Vt bool 2471Set to 2472.Dq Li YES 2473to start 2474.Xr ftpd 8 2475at system boot time. 2476.It Va ftpd_flags 2477.Pq Vt str 2478If 2479.Va ftpd_enable 2480is set to 2481.Dq Li YES , 2482these are the flags to pass to the 2483.Xr ftpd 8 2484daemon. 2485.It Va usbd_enable 2486.Pq Vt bool 2487If set to 2488.Dq Li YES , 2489run the 2490.Xr usbd 8 2491daemon at boot time. 2492.It Va usbd_flags 2493.Pq Vt str 2494If 2495.Va usbd_enable 2496is set to 2497.Dq Li YES , 2498these are the flags passed to 2499.Xr usbd 8 2500daemon. 2501.It Va watchdogd_enable 2502.Pq Vt bool 2503If set to 2504.Dq Li YES , 2505start the 2506.Xr watchdogd 8 2507daemon at boot time. 2508This requires that the kernel have been compiled with 2509.Cd "options WATCHDOG" . 2510.It Va jail_enable 2511.Pq Vt bool 2512If set to 2513.Dq Li NO , 2514any configured jails will not be started. 2515.It Va jail_list 2516.Pq Vt str 2517A space separated list of names for jails. 2518This is purely a configuration aid to help identify and 2519configure multiple jails. 2520The names specified in this list will be used to 2521identify settings common to an instance of a jail. 2522Assuming that the jail in question was named 2523.Li vjail , 2524you would have the following dependent variables: 2525.Bd -literal 2526jail_vjail_hostname="jail.example.com" 2527jail_vjail_ip="192.168.1.100" 2528jail_vjail_rootdir="/var/jails/vjail/root" 2529.Ed 2530.Pp 2531.It Va jail_flags 2532.Pq Vt str 2533Unset by default. 2534When set, use as default value for 2535.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2536for every jail in 2537.Va jail_list . 2538.It Va jail_interface 2539.Pq Vt str 2540Unset by default. 2541When set, use as default value for 2542.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2543for every jail in 2544.Va jail_list . 2545.It Va jail_fstab 2546.Pq Vt str 2547Unset by default. 2548When set, use as default value for 2549.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2550for every jail in 2551.Va jail_list . 2552.It Va jail_mount_enable 2553.Pq Vt bool 2554Set to 2555.Dq Li NO 2556by default. 2557When set to 2558.Dq Li YES , 2559sets 2560.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2561to 2562.Dq Li YES 2563by default for every jail in 2564.Va jail_list . 2565.It Va jail_fdesc_enable 2566.Pq Vt bool 2567Set to 2568.Dq Li NO 2569by default. 2570When set to 2571.Dq Li YES , 2572sets 2573.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2574to 2575.Dq Li YES 2576by default for every jail in 2577.Va jail_list . 2578.It Va jail_procfs_enable 2579.Pq Vt bool 2580Set to 2581.Dq Li NO 2582by default. 2583When set to 2584.Dq Li YES , 2585sets 2586.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2587to 2588.Dq Li YES 2589by default for every jail in 2590.Va jail_list . 2591.It Va jail_exec_start 2592.Pq Vt str 2593Unset by default. 2594When set, use as default value for 2595.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2596for every jail in 2597.Va jail_list . 2598.It Va jail_exec_stop 2599Unset by default. 2600When set, use as default value for 2601.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2602for every jail in 2603.Va jail_list . 2604.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2605.Pq Vt str 2606Unset by default. 2607Set to the root directory used by jail 2608.Va jname . 2609.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2610.Pq Vt str 2611Unset by default. 2612Set to the fully qualified domain name (FQDN) assigned to jail 2613.Va jname . 2614.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2615.Pq Vt str 2616Unset by default. 2617Set to the IP address assigned to jail 2618.Va jname . 2619.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2620.Pq Vt str 2621Set to 2622.Dq Li -l -U root 2623by default. 2624These are flags to pass to 2625.Xr jail 8 . 2626.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2627.Pq Vt str 2628Unset by default. 2629When set, sets the interface to use when setting IP address alias. 2630Note that the alias is created at jail startup and removed at jail shutdown. 2631.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2632.Pq Vt str 2633Set to 2634.Pa /etc/fstab. Ns Aq Ar jname 2635by default. 2636This is the file system information file to use for jail 2637.Va jname . 2638.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2639.Pq Vt bool 2640Set to 2641.Dq Li NO 2642by default. 2643When set to 2644.Dq Li YES , 2645mount all file systems from 2646.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2647at jail startup. 2648.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2649.Pq Vt bool 2650Set to 2651.Dq Li NO 2652by default. 2653When set to 2654.Dq Li YES , 2655mount the file-descriptor file system inside jail 2656.Ar jname 2657at jail startup. 2658.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2659.Pq Vt bool 2660Set to 2661.Dq Li NO 2662by default. 2663When set to 2664.Dq Li YES , 2665mount the process file system inside jail 2666.Ar jname 2667at jail startup. 2668.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2669.Pq Vt str 2670Set to 2671.Dq Li /bin/sh /etc/rc 2672by default. 2673This is the command executed at jail startup. 2674.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2675.Pq Vt str 2676Set to 2677.Dq Li /bin/sh /etc/rc.shutdown 2678by default. 2679This is the command executed at jail shutdown. 2680.It Va jail_set_hostname_allow 2681.Pq Vt bool 2682If set to 2683.Dq Li NO , 2684do not allow the root user in a jail to set its hostname. 2685.It Va jail_socket_unixiproute_only 2686.Pq Vt bool 2687If set to 2688.Dq Li YES , 2689do not allow any sockets, 2690besides UNIX/IP/route sockets, 2691to be used within a jail. 2692.It Va jail_sysvipc_allow 2693.Pq Vt bool 2694If set to 2695.Dq Li YES , 2696allow applications within a jail to use System V IPC. 2697.It Va lvm_enable 2698.Pq Vt bool 2699If set to 2700.Dq Li YES 2701LVM volumes will be discovered and configured on boot. 2702.It Va newsyslog_enable 2703.Pq Vt bool 2704If set to 2705.Dq Li YES , 2706run 2707.Xr newsyslog 8 2708before syslogd starts. 2709.It Va newsyslog_flags 2710.Pq Vt str 2711If 2712.Va newsyslog_enable 2713is set to 2714.Dq Li YES , 2715these are the flags passed to 2716.Xr newsyslog 8 . 2717.It Va resident_enable 2718.Pq Vt bool 2719If set to 2720.Dq Li YES , 2721make the dynamic binaries listed in 2722.Pa /etc/resident.conf 2723resident. 2724.It Va varsym_enable 2725.Pq Vt bool 2726If set to 2727.Dq Li YES , 2728process 2729.Pa /etc/varsym.conf 2730to set system-wide variables for variant symlinks. 2731.It Va rand_irqs 2732.Pq Vt str 2733Set either to 2734.Dq Li NO 2735or a whitespace separated list of IRQ numbers which will be used as a source of 2736randomness. 2737.\" ----- isdn settings --------------------------------- 2738.It Va isdn_enable 2739.Pq Vt bool 2740Set to 2741.Dq Li NO 2742by default. 2743When set to 2744.Dq Li YES , 2745starts the 2746.Xr isdnd 8 2747daemon at system boot time. 2748.It Va isdn_flags 2749.Pq Vt str 2750Set to 2751.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2752by default. 2753Additional flags to pass to 2754.Xr isdnd 8 2755(but see 2756.Va isdn_fsdev 2757and 2758.Va isdn_ttype 2759for certain tunable parameters). 2760.It Va isdn_ttype 2761.Pq Vt str 2762Set to 2763.Dq Li cons25 2764by default. 2765The terminal type of the output device when 2766.Xr isdnd 8 2767operates in full-screen mode. 2768.It Va isdn_screenflags 2769.Pq Vt str 2770Set to 2771.Dq Li NO 2772by default. 2773The video mode for full-screen mode (only for 2774.Xr syscons 4 2775console driver, see 2776.Xr vidcontrol 1 2777for valid modes). 2778.It Va isdn_fsdev 2779.Pq Vt str 2780Set to 2781.Dq Li NO 2782by default. 2783The output device for 2784.Xr isdnd 8 2785in full-screen mode (or 2786.Dq Li NO 2787for daemon mode). 2788.It Va isdn_trace 2789.Pq Vt bool 2790Set to 2791.Dq Li NO 2792by default. 2793When set to 2794.Dq Li YES , 2795enables the ISDN protocol trace utility 2796.Xr isdntrace 8 2797at system boot time. 2798.It Va isdn_traceflags 2799.Pq Vt str 2800Set to 2801.Dq Fl f Pa /var/tmp/isdntrace0 2802by default. 2803Flags for 2804.Xr isdntrace 8 . 2805.\" ----------------------------------------------------- 2806.It Va entropy_dir 2807.Pq Vt str 2808Set to 2809.Dq Li NO 2810to disable caching entropy via 2811.Xr cron 8 . 2812Otherwise set to the directory used to store entropy files in. 2813.It Va entropy_file 2814.Pq Vt str 2815Set to 2816.Dq Li NO 2817to disable caching entropy through reboots. 2818Otherwise set to the filename used to store cached entropy through reboots. 2819This file should be located on the root file system to seed the 2820.Xr random 4 2821device as early as possible in the boot process. 2822.It Va ipsec_enable 2823.Pq Vt bool 2824Set to 2825.Dq Li YES 2826to run 2827.Xr setkey 8 2828on 2829.Va ipsec_file 2830at boot time. 2831.It Va ipsec_file 2832.Pq Vt str 2833Configuration file for 2834.Xr setkey 8 . 2835.It Va dmesg_enable 2836.Pq Vt bool 2837Set to 2838.Dq Li YES 2839to save 2840.Xr dmesg 8 2841to 2842.Pa /var/run/dmesg.boot 2843on boot. 2844.It Va rcshutdown_timeout 2845.Pq Vt int 2846If set, start a watchdog timer in the background which will terminate 2847.Pa rc.shutdown 2848if 2849.Xr shutdown 8 2850has not completed within the specified time (in seconds). 2851.It Va udevd_enable 2852.Pq Vt bool 2853If set to 2854.Dq Li YES , 2855the udevd daemon will be started on boot. 2856.It Va vkernel_enable 2857.Pq Vt bool 2858If set to 2859.Dq Li NO , 2860any configured vkernels will not be started. 2861.It Va vkernel_kill_timeout 2862.Pq Vt int 2863This defines the default number of seconds that we will wait for the 2864vkernel to shut down on it's own. If after this time it's still alive, 2865it will be killed with SIGKILL. 2866.It Va vkernel_bin 2867.Pq Vt str 2868Defines the default path to the vkernel binary. 2869.It Va vkernel_list 2870.Pq Vt str 2871A space separated list of names for vkernels. 2872This is purely a configuration aid to help identify and 2873configure multiple vkernels. 2874The names specified in this list will be used to 2875identify settings common to a vkernel instance. 2876Assuming that the vkernel in question was named 2877.Li example , 2878you would have the following dependent variables 2879(filled with reference values in this text): 2880.Bd -literal 2881vkernel_example_bin="/usr/obj/usr/src/sys/VKERNEL/kernel.debug" 2882vkernel_example_memsize="64m" 2883vkernel_example_rootimg_list="/var/vkernel/rootimg.01" 2884vkernel_example_iface_list="auto:bridge0" 2885vkernel_example_logfile="/dev/null" 2886vkernel_example_flags="-U" 2887vkernel_example_kill_timeout="45" 2888.Ed 2889.Pp 2890The last five are optional. 2891They default to an empty string if not set, except for logfile which defaults to 2892.Pa /dev/null 2893if it is not set. 2894.El 2895.Sh FILES 2896.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2897.It Pa /etc/defaults/rc.conf 2898.It Pa /etc/rc.conf 2899.It Pa /etc/rc.conf.local 2900.It Pa /etc/start_if. Ns Aq Ar interface 2901.El 2902.Sh SEE ALSO 2903.Xr catman 1 , 2904.Xr gdb 1 , 2905.Xr info 1 , 2906.Xr kbdcontrol 1 , 2907.Xr varsym 1 , 2908.Xr vidcontrol 1 , 2909.Xr ip 4 , 2910.Xr ipf 4 , 2911.Xr ipfw 4 , 2912.Xr kld 4 , 2913.Xr pf 4 , 2914.Xr tcp 4 , 2915.Xr udp 4 , 2916.Xr exports 5 , 2917.Xr motd 5 , 2918.Xr resident.conf 5 , 2919.Xr varsym.conf 5 , 2920.Xr accton 8 , 2921.Xr amd 8 , 2922.Xr apm 8 , 2923.Xr atm 8 , 2924.Xr btconfig 8 , 2925.Xr bthcid 8 , 2926.Xr cron 8 , 2927.Xr devd 8 , 2928.Xr dhclient 8 , 2929.Xr dntpd 8 , 2930.Xr ftpd 8 , 2931.Xr ifconfig 8 , 2932.Xr inetd 8 , 2933.Xr isdnd 8 , 2934.Xr isdntrace 8 , 2935.Xr jail 8 , 2936.Xr lpd 8 , 2937.Xr makewhatis 8 , 2938.Xr mixer 8 , 2939.Xr mountd 8 , 2940.Xr moused 8 , 2941.Xr mrouted 8 , 2942.Xr named 8 , 2943.Xr nfsd 8 , 2944.Xr pcnfsd 8 , 2945.Xr pfctl 8 , 2946.Xr pflogd 8 , 2947.Xr quotacheck 8 , 2948.Xr quotaon 8 , 2949.Xr rc 8 , 2950.Xr rc.sendmail 8 , 2951.Xr resident 8 , 2952.Xr rndcontrol 8 , 2953.Xr route 8 , 2954.Xr routed 8 , 2955.Xr rpcbind 8 , 2956.Xr rpc.lockd 8 , 2957.Xr rpc.statd 8 , 2958.Xr rtadvd 8 , 2959.Xr rtsold 8 , 2960.Xr rwhod 8 , 2961.Xr savecore 8 , 2962.Xr sdpd 8 , 2963.Xr sensorsd 8 , 2964.Xr sshd 8 , 2965.Xr swapon 8 , 2966.Xr sysctl 8 , 2967.Xr syslogd 8 , 2968.Xr timed 8 , 2969.Xr usbd 8 , 2970.Xr vinum 8 , 2971.Xr yp 8 , 2972.Xr ypbind 8 , 2973.Xr ypserv 8 , 2974.Xr ypset 8 2975.Sh HISTORY 2976The 2977.Nm 2978file appeared in 2979.Fx 2.2.2 . 2980.Sh AUTHORS 2981.An Jordan K. Hubbard . 2982