1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" 27.Dd May 21, 2020 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65In addition to 66.Pa /etc/rc.conf.local 67you can also place smaller configuration files for each 68.Xr rc 8 69script in the 70.Pa /etc/rc.conf.d 71directory, which will be included by the 72.Va load_rc_config 73function. 74For jail configurations you could use the file 75.Pa /etc/rc.conf.d/jail 76to store jail specific configuration options. 77Also see the 78.Va rc_conf_files 79variable below. 80.Pp 81The following list provides a name and short description for each 82variable that can be set in the 83.Nm 84file. 85To set a variable of 86.Vt bool 87type, specify either 88.Dq Li YES , 89.Dq Li TRUE , 90.Dq Li ON , 91or 92.Dq Li 1 . 93To unset, specify 94.Dq Li NO , 95.Dq Li FALSE , 96.Dq Li OFF , 97or 98.Dq Li 0 . 99These values are case insensitive. 100The 101.Va _enable 102postfix in the name of a variable for starting a service can be 103omitted (as in 104.Nx ) . 105.Bl -tag -width indent-two 106.It Va rc_debug 107.Pq Vt bool 108If set to 109.Dq Li YES , 110enable output of debug messages from rc scripts. 111This variable can be helpful in diagnosing mistakes when 112editing or integrating new scripts. 113Beware that this produces copious output to the terminal and 114.Xr syslog 3 . 115.It Va rc_info 116.Pq Vt bool 117If set to 118.Dq Li NO , 119disable informational messages from the rc scripts. 120Informational messages are displayed when 121a condition that is not serious enough to warrant a warning or an error occurs. 122.It Va rc_startmsgs 123.Pq Vt bool 124If set to 125.Dq Li YES , 126show 127.Dq Starting foo: 128when faststart is used (e.g., at boot time). 129.It Va swapfile 130.Pq Vt str 131If set to 132.Dq Li NO , 133no swapfile is installed, otherwise the value is used as the full 134pathname to a file to use for additional swap space. 135The 136.Xr vn 4 137driver is needed for a swapfile and will be loaded if it is not 138already compiled into the kernel or loaded via 139.Xr loader.conf 5 . 140.It Ao Ar module Ac Ns Ar _load 141.Pq Vt bool 142If set to 143.Dq YES , 144that kernel module will be loaded. 145If no 146.Ao Ar module Ac Ns Ar _name 147is defined (see below), the 148module's name is taken to be 149.Aq Ar module . 150.It Ao Ar module Ac Ns Ar _name 151.Pq Vt str 152Defines the name of the module. 153.It Va devd_enable 154.Pq Vt bool 155Run 156.Xr devd 8 157to handle device added, removed or unknown events from the kernel. 158.It Va devd_flags 159.Pq Vt str 160If 161.Va devd_enable 162is set to 163.Dq Li YES , 164these are the flags to pass to the 165.Xr devd 8 166daemon. 167.It Va powerd_enable 168.Pq Vt bool 169Set to 170.Dq Li NO 171by default. 172Setting this to 173.Dq Li YES 174enables 175.Xr powerd 8 , 176a CPU speed control daemon. 177.It Va powerd_flags 178.Pq Vt str 179Empty by default. 180Additional flags passed to the 181.Xr powerd 8 182program. 183.Pp 184If you are running a serial port at 115200 baud we recommend setting 185the flags to "-l 1500" as lower frequencies will cause characters to 186drop. 187.It Va sensorsd_enable 188.Pq Vt bool 189Set to 190.Dq Li NO 191by default. 192Setting this to 193.Dq Li YES 194enables 195.Xr sensorsd 8 , 196a sensors monitoring and logging daemon. 197.It Va sensorsd_flags 198.Pq Vt str 199Empty by default. 200Additional flags passed to the 201.Xr sensorsd 8 202program. 203.It Va sysvipcd_enable 204.Pq Vt bool 205Set to 206.Dq Li NO 207by default. 208Setting this to 209.Dq Li YES 210enables 211.Xr sysvipcd 8 , 212a daemon needed for the userspace implementation of the XSI Interprocess 213Communication functions. 214.It Va sysvipcd_flags 215.Pq Vt str 216Empty by default. 217Additional flags passed to the 218.Xr sysvipcd 8 219program. 220.It Va hotplugd_enable 221.Pq Vt bool 222Set to 223.Dq Li NO 224by default. 225Setting this to 226.Dq Li YES 227enables 228.Xr hotplugd 8 , 229a devices hot plugging monitoring daemon. 230.It Va hotplugd_flags 231.Pq Vt str 232Empty by default. 233Additional flags passed to the 234.Xr hotplugd 8 235program. 236.It Va pccard_ifconfig 237.Pq Vt str 238List of arguments to be passed to 239.Xr ifconfig 8 240at boot time or on insertion of the card (e.g.\& 241.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 242for a fixed address or 243.Dq Li DHCP 244for a DHCP client). 245.It Va pccard_ether_delay 246.Pq Vt str 247Set the delay before starting the DHCP client (configured with 248.Va dhcp_client ) 249in the 250.Pa /etc/pccard_ether 251script. 252This defaults to 253.Dq Li 5 254seconds. 255.It Va removable_interfaces 256.Pq Vt str 257List of removable network interfaces to be supported by 258.Pa /etc/pccard_ether . 259.It Va local_startup 260.Pq Vt str 261List of directories to search for startup script files. 262.It Va script_name_sep 263.Pq Vt str 264The field separator to use for breaking down the list of startup script files 265into individual filenames. 266The default is a space. 267It is not necessary to change this unless there are startup scripts with names 268containing spaces. 269.It Va hostname 270.Pq Vt str 271The fully qualified domain name (FQDN) of this host on the network. 272This should almost certainly be set to something meaningful, even if 273there is no network connection. 274If DHCP is used to set the hostname, 275this variable should be set to an empty string. 276.It Va ipv6_enable 277.Pq Vt bool 278Enable support for IPv6 networking. 279Note that this requires that the kernel have been compiled with 280.Cd "options INET6" . 281.It Va nisdomainname 282.Pq Vt str 283The NIS domain name of this host, or 284.Dq Li NO 285if NIS is not used. 286.It Va dhcp_client 287.Pq Vt str 288Set the rc script that is called to start the DHCP client. 289This can be set to 290.Dq Li dhclient 291(default) or 292.Dq Li dhcpcd . 293.It Va dhclient_program 294.Pq Vt str 295Path to the 296.Xr dhclient 8 297program (default 298.Pa /sbin/dhclient ) . 299.It Va dhclient_flags 300.Pq Vt str 301Additional flags to pass to the 302.Xr dhclient 8 303program. 304.It Va dhcpcd_enable 305.Pq Vt bool 306Set to 307.Dq Li YES 308to run 309.Xr dhcpcd 8 310in master mode (i.e., configure all available Ethernet interfaces) at startup. 311.It Va dhcpcd_program 312.Pq Vt str 313Path to the 314.Xr dhcpcd 8 315program (default 316.Pa /sbin/dhcpcd ) . 317.It Va dhcpcd_flags 318.Pq Vt str 319Additional flags to pass to the 320.Xr dhcpcd 8 321program. 322The default value is 323.Fl b , 324i.e., tell 325.Xr dhcpcd 8 326to go to background immediately. 327.It Va dhcpcd_chrootdir 328.Pq Vt str 329If non-blank and 330.Va dhcpcd_enable 331is true, run 332.Xr dhcpcd 8 333as the unprivileged user and group 334.Sq _dhcp , 335.Xr chroot 2 Ns ed 336to 337.Va dhcpcd_chrootdir . 338.Li \&${dhcpcd_chrootdir} Ns Pa /var/run/log 339will be added to the list of log sockets that 340.Xr syslogd 8 341listens to. 342.It Va pf_enable 343.Pq Vt bool 344Set to 345.Dq Li YES 346to load 347.Xr pf 4 348at startup. 349If the kernel was not built with 350.Cd "device pf" , 351the 352.Pa pf.ko 353kernel module will be loaded. 354See also 355.Va firewall_enable . 356.It Va pf_rules 357.Pq Vt str 358Path to the 359.Xr pf 4 360ruleset definition file. 361.It Va pf_program 362.Pq Vt str 363Path to 364.Xr pfctl 8 . 365.It Va pf_flags 366.Pq Vt str 367If 368.Va pf_enable 369is set to 370.Dq Li YES , 371these are the flags to pass to 372.Xr pfctl 8 373when loading the ruleset. 374.It Va pflog_enable 375.Pq Vt bool 376Set this to 377.Dq Li YES 378to enable 379.Xr pflogd 8 380which logs packets from 381.Xr pf 4 . 382.It Va pflog_logfile 383.Pq Vt str 384If 385.Va pflog_enable 386is set to 387.Dq Li YES 388this specifies the path of the log file. 389.It Va pflog_program 390.Pq Vt str 391Path to 392.Xr pflogd 8 . 393.It Va pflog_flags 394.Pq Vt str 395If 396.Va pflog_enable 397is set to 398.Dq Li YES , 399these are the flags to pass to 400.Xr pflogd 8 . 401.It Va firewall_enable 402.Pq Vt bool 403Set to 404.Dq Li YES 405to load firewall rules at startup. 406If the kernel was not built with 407.Cd "options IPFIREWALL" , 408the 409.Pa ipfw.ko 410kernel module will be loaded. 411See also 412.Va pf_enable . 413.It Va ipv6_firewall_enable 414.Pq Vt bool 415The IPv6 equivalent of 416.Va firewall_enable . 417Set to 418.Dq Li YES 419to load IPv6 firewall rules at startup. 420If the kernel was not built with 421.Cd "options IPV6FIREWALL" , 422the 423.Pa ip6fw.ko 424kernel module will be loaded. 425.It Va firewall_script 426.Pq Vt str 427The full path to the firewall script to run 428(default 429.Pa /etc/rc.firewall ) . 430.It Va ipv6_firewall_script 431.Pq Vt str 432The IPv6 equivalent of 433.Va firewall_script . 434.It Va firewall_type 435.Pq Vt str 436Names the firewall type from the selection in 437.Pa /etc/rc.firewall , 438or the file which contains the local firewall ruleset. 439Valid selections from 440.Pa /etc/rc.firewall 441are: 442.Pp 443.Bl -tag -width ".Li simple" -compact 444.It Li open 445unrestricted IP access 446.It Li closed 447all IP services disabled, except via 448.Dq Li lo0 449.It Li client 450basic protection for a workstation on a LAN 451.It Li simple 452alias for 453.Li client . 454.El 455.Pp 456If a filename is specified, the full path must be given. 457.It Va firewall_trusted_nets 458.Pq Vt str 459List of trusted networks (if 460.Va firewall_type 461is set to 462.Li client ) . 463.It Va firewall_trusted_interfaces 464.Pq Vt str 465List of trusted network interfaces (if 466.Va firewall_type 467is set to 468.Li client ) . 469.It Va firewall_allowed_icmp_types 470.Pq Vt str 471List of allowed ICMP types (if 472.Va firewall_type 473is set to 474.Li client ) . 475.It Va firewall_open_tcp_ports 476.Pq Vt str 477List of TCP ports to open (if 478.Va firewall_type 479is set to 480.Li client ) . 481.It Va firewall_open_udp_ports 482.Pq Vt str 483List of UDP ports to open (if 484.Va firewall_type 485is set to 486.Li client ) . 487.It Va ipv6_firewall_type 488.Pq Vt str 489The IPv6 equivalent of 490.Va firewall_type . 491.It Va firewall_quiet 492.Pq Vt bool 493Set to 494.Dq Li YES 495to disable the display of firewall rules on the console during boot. 496.It Va ipv6_firewall_quiet 497.Pq Vt bool 498The IPv6 equivalent of 499.Va firewall_quiet . 500.It Va firewall_logging 501.Pq Vt bool 502Set to 503.Dq Li YES 504to enable firewall event logging. 505This is equivalent to the 506.Dv IPFIREWALL_VERBOSE 507kernel option. 508.It Va ipv6_firewall_logging 509.Pq Vt bool 510The IPv6 equivalent of 511.Va firewall_logging . 512.It Va firewall_flags 513.Pq Vt str 514Flags passed to 515.Xr ipfw 8 516if 517.Va firewall_type 518specifies a filename. 519.It Va ipv6_firewall_flags 520.Pq Vt str 521The IPv6 equivalent of 522.Va firewall_flags . 523.It Va ipfw3_enable 524.Pq Vt bool 525Set to 526.Dq Li YES 527to enable 528.Xr ipfw3 8 . 529.It Va ipfw3_program 530.Pq Vt str 531Path to 532.Xr ipfw3 8 . 533.It Va ipfw3_script 534.Pq Vt str 535The full path to the shell script to run to set up the ipfw3 536firewall rules (default 537.Pa /etc/ipfw3.rules ) . 538.It Va ipfw3_modules 539.Pq Vt str 540List of ipfw3 modules to be loaded before executing the above 541.Va ipfw3_script . 542(default 543.Dq Li ipfw3 ipfw3_basic ) . 544.It Va natd_program 545.Pq Vt str 546Path to 547.Xr natd 8 . 548.It Va natd_enable 549.Pq Vt bool 550Set to 551.Dq Li YES 552to enable 553.Xr natd 8 . 554.Va firewall_enable 555must also be set to 556.Dq Li YES , 557and 558.Xr divert 4 559sockets must be enabled in the kernel. 560.It Va natd_interface 561.Pq Vt str 562This is the name of the public interface on which 563.Xr natd 8 564should run. 565The interface may be given as an interface name or as an IP address. 566.It Va natd_flags 567.Pq Vt str 568Additional 569.Xr natd 8 570flags should be placed here. 571The 572.Fl n 573or 574.Fl a 575flag is automatically added with the above 576.Va natd_interface 577as an argument. 578.It Va tcp_extensions 579.Pq Vt bool 580Set to 581.Dq Li YES 582by default. 583Setting this to 584.Dq Li NO 585disables certain TCP options as described by 586.Rs 587.%T "RFC 1323" 588.Re 589Setting this to 590.Dq Li NO 591might help remedy such problems with connections as randomly hanging 592or other weird behavior. 593Some network devices are known to be broken with respect to these options. 594.It Va log_in_vain 595.Pq Vt int 596Set to 0 by default. 597The 598.Xr sysctl 8 599variables, 600.Va net.inet.tcp.log_in_vain 601and 602.Va net.inet.udp.log_in_vain , 603as described in 604.Xr tcp 4 605and 606.Xr udp 4 , 607are set to the given value. 608.It Va tcp_keepalive 609.Pq Vt bool 610Set to 611.Dq Li YES 612by default. 613Setting to 614.Dq Li NO 615will disable probing idle TCP connections to verify that the 616peer is still up and reachable. 617.It Va tcp_drop_synfin 618.Pq Vt bool 619Set to 620.Dq Li NO 621by default. 622Setting to 623.Dq Li YES 624will cause the kernel to ignore TCP frames that have both 625the SYN and FIN flags set. 626This prevents OS fingerprinting, but may break some legitimate applications. 627This option is only available if the kernel was built with the 628.Dv TCP_DROP_SYNFIN 629option. 630.It Va icmp_drop_redirect 631.Pq Vt bool 632Set to 633.Dq Li NO 634by default. 635Setting to 636.Dq Li YES 637will cause the kernel to ignore ICMP REDIRECT packets. 638Refer to 639.Xr icmp 4 640for more information. 641.It Va icmp_log_redirect 642.Pq Vt bool 643Set to 644.Dq Li NO 645by default. 646Setting to 647.Dq Li YES 648will cause the kernel to log ICMP REDIRECT packets. 649Note that 650the log messages are not rate-limited, so this option should only be used 651for troubleshooting networks. 652Refer to 653.Xr icmp 4 654for more information. 655.It Va icmp_bmcastecho 656.Pq Vt bool 657Set to 658.Dq Li YES 659to respond to broadcast or multicast ICMP ping packets. 660Refer to 661.Xr icmp 4 662for more information. 663.It Va ip_portrange_first 664.Pq Vt int 665If not set to 666.Dq Li NO , 667this is the first port in the default portrange. 668Refer to 669.Xr ip 4 670for more information. 671.It Va ip_portrange_last 672.Pq Vt int 673If not set to 674.Dq Li NO , 675this is the last port in the default portrange. 676Refer to 677.Xr ip 4 678for more information. 679.\" 680.It Va ifconfig_ Ns Aq Ar interface 681.Pq Vt str 682Configuration for 683.Dq interface . 684Typically includes IP address. 685Assuming that the interface in question was 686.Li ed0 , 687it might look something like this: 688.Bd -literal 689ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 690.Ed 691.Pp 692If the 693.Pa /etc/start_if. Ns Aq Ar interface 694file is present, it is read and executed by the 695.Xr sh 1 696interpreter before configuring the interface as specified in the 697.Va ifconfig_ Ns Aq Ar interface 698and 699.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 700variables. 701.Pp 702It is possible to bring up an interface with DHCP by adding 703.Dq Li DHCP 704to the 705.Va ifconfig_ Ns Aq Ar interface 706variable. 707For instance, to initialize the 708.Li ed0 709device via DHCP, it is possible to use something like: 710.Bd -literal 711ifconfig_ed0="DHCP" 712.Ed 713.Pp 714If a 715.Va vlans_ Ns Aq Ar interface 716variable is set, 717a 718.Xr vlan 4 719interface will be created for each item in the list with the 720.Ar vlandev 721argument set to 722.Ar interface . 723If a vlan interface's name is a number, 724then that number is used as the vlan tag and the new vlan interface is 725named 726.Ar interface . Ns Ar tag . 727Otherwise, 728the vlan tag must be specified via a 729.Va vlan 730parameter in the 731.Va create_args_ Ns Aq Ar interface 732variable. 733.Pp 734To create a vlan device named 735.Li em0.101 736on 737.Li em0 738with the vlan tag 101 and the optional the IPv4 address 192.0.2.1/24: 739.Bd -literal 740vlans_em0="101" 741ifconfig_em0_101="inet 192.0.2.1/24" 742.Ed 743.Pp 744To create a vlan device named 745.Li myvlan 746on 747.Li em0 748with the vlan tag 102: 749.Bd -literal 750vlans_em0="myvlan" 751create_args_myvlan="vlan 102" 752.Ed 753.Pp 754If a 755.Va wlans_ Ns Aq Ar interface 756variable is set, 757an 758.Xr wlan 4 759interface will be created for each item in the list with the 760.Ar wlandev 761argument set to 762.Ar interface . 763Further wlan cloning arguments may be passed to the 764.Xr ifconfig 8 765.Cm create 766command by setting the 767.Va create_args_ Ns Aq Ar interface 768variable. 769One or more 770.Xr wlan 4 771devices must be created for each wireless devices as of 772.Dx 2.5 . 773Debugging flags for 774.Xr wlan 4 775devices as set by 776.Xr wlandebug 8 777may be specified with an 778.Va wlandebug_ Ns Aq Ar interface 779variable. 780The contents of this variable will be passed directly to 781.Xr wlandebug 8 . 782.Pp 783Also, if your interface needs WPA authentication, it is possible to add 784.Dq Li WPA 785to the 786.Va ifconfig_ Ns Aq Ar interface 787variable. 788This will start 789.Xr wpa_supplicant 8 . 790See 791.Xr wpa_supplicant.conf 5 792for configuring authentication information. 793But see also 794.Va wpa_supplicant_enable . 795.Pp 796Finally, you can add 797.Xr ifconfig 8 798options in this variable, in addition to the 799.Pa /etc/start_if. Ns Aq Ar interface 800file. 801For instance, to initialize the 802.Li wi0 803device via DHCP, using WPA authentication and 802.11b mode, it is 804possible to use something like: 805.Bd -literal 806wlans_wi0="wlan0" 807ifconfig_wlan0="up DHCP WPA mode 11b" 808.Ed 809.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 810.Pq Vt str 811Configuration to establish an additional network address for 812.Dq interface . 813Assuming that the interface in question was 814.Li ed0 , 815it might look something like this: 816.Bd -literal 817ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 818ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 819.Ed 820.Pp 821And so on. 822For each 823.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 824entry that is found, its contents are passed to 825.Xr ifconfig 8 . 826Execution stops at the first unsuccessful access, so if 827something like this is present: 828.Bd -literal 829ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 830ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 831ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 832ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 833.Ed 834.Pp 835Then note that alias4 would 836.Em not 837be added since the search would stop with the missing alias3 entry. 838.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 839.Pq Vt str 840New name for 841.Dq interface . 842It is possible to rename interface by doing: 843.Bd -literal 844ifconfig_ed0_name="net0" 845ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 846.Ed 847.It Va netif_enable 848.Pq Vt bool 849Set to 850.Dq Li YES 851by default. 852Setting to 853.Dq Li NO 854will disable the configuration of network interfaces. 855.It Va network_interfaces 856.Pq Vt str 857The list of network interfaces to configure on this host, 858or 859.Dq Li auto 860to configure all network interfaces 861(default 862.Dq Li auto ) . 863For example, if the only network devices to be configured are the loopback device 864.Pq Li lo0 865and a NIC using the 866.Xr em 4 867driver, this could be set to 868.Dq Li "lo0 em0" . 869An 870.Va ifconfig_ Ns Aq Ar interface 871variable is assumed to exist for each value of 872.Ar interface . 873.It Va ipv6_network_interfaces 874.Pq Vt str 875This is the IPv6 equivalent of 876.Va network_interfaces . 877Instead of setting the ifconfig variables as 878.Va ifconfig_ Ns Aq Ar interface 879they should be set as 880.Va ipv6_ifconfig_ Ns Aq Ar interface . 881Aliases should be set as 882.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 883Interfaces that do not have a 884.Va ipv6_ifconfig_ Ns Aq Ar interface 885setting will be auto configured by 886.Xr rtsol 8 887if the 888.Va ipv6_gateway_enable 889is set to 890.Dq Li NO . 891Note that the IPv6 networking code does not support the 892.Pa /etc/start_if. Ns Aq Ar interface 893files. 894.It Va ipv6_prefix_ Ns Aq Ar interface 895.Pq Vt str 896Assign prefix to 897.Ar interface , 898prefixlen 64 is used. 899.It Va ipv6_default_interface 900.Pq Vt str 901If not set to 902.Dq Li NO , 903this is the default output interface for scoped addresses. 904Now this works only for IPv6 link local multicast addresses. 905.It Va ip6addrctl_enable 906.Pq Vt bool 907This variable is to enable configuring the default address selection policy table 908.Pq RFC 3484 . 909The default value is 910.Dq Li YES , 911and the policy table to be installed is specified by the 912.Va ip6addrctl_policy 913variable below. 914.It Va ip6addrctl_policy 915.Pq Vt str 916This variable specifies the policy table to be installed, 917and can be one of the following keywords: 918.Dq Li ipv4_prefer , 919.Dq Li ipv6_prefer , 920or 921.Dq Li AUTO 922(default). 923.Pp 924If 925.Dq Li ipv4_prefer 926or 927.Dq Li ipv6_prefer 928is specified, 929.Xr ip6addrctl 8 930installs a pre-defined policy table described in Section 2.1 931.Pq IPv6-preferred 932or 10.3 933.Pq IPv4-preferred 934of RFC 3484. 935.Pp 936If 937.Dq Li AUTO 938is specified, it attempts to read a file 939.Pa /etc/ip6addrctl.conf 940first. 941If this file is found, 942.Xr ip6addrctl 8 943reads and installs it. 944If not found, a policy is automatically set 945according to 946.Va ipv6_enable 947variable; if the variable is set to 948.Dq Li YES 949the IPv6-preferred one is used. 950Otherwise IPv4-preferred. 951.It Va ip6addrctl_verbose 952.Pq Vt bool 953If set to 954.Dq Li YES , 955print the installed policy table after configuring. 956The default value is 957.Dq Li NO . 958.It Va cloned_interfaces 959.Pq Vt str 960Set to the list of clonable network interfaces to create on this host. 961Entries in 962.Va cloned_interfaces 963are automatically appended to 964.Va network_interfaces 965for configuration. 966.It Va gif_interfaces 967.Pq Vt str 968Set to the list of 969.Xr gif 4 970tunnel interfaces to configure on this host. 971A 972.Va gifconfig_ Ns Aq Ar interface 973variable is assumed to exist for each value of 974.Ar interface . 975The value of this variable is used to configure the link layer of the 976tunnel according to the syntax of the 977.Cm tunnel 978option to 979.Xr ifconfig 8 . 980Additionally, this option ensures that each listed interface is created via the 981.Cm create 982option to 983.Xr ifconfig 8 984before attempting to configure it. 985.It Va sppp_interfaces 986.Pq Vt str 987Set to the list of 988.Xr sppp 4 989interfaces to configure on this host. 990A 991.Va spppconfig_ Ns Aq Ar interface 992variable is assumed to exist for each value of 993.Ar interface . 994Each interface should also be configured by a general 995.Va ifconfig_ Ns Aq Ar interface 996setting. 997Refer to 998.Xr spppcontrol 8 999for more information about available options. 1000.It Va ppp_enable 1001.Pq Vt bool 1002If set to 1003.Dq Li YES , 1004run the 1005.Xr ppp 8 1006daemon. 1007.It Va ppp_mode 1008.Pq Vt str 1009Mode in which to run the 1010.Xr ppp 8 1011daemon. 1012Accepted modes are 1013.Dq Li auto , 1014.Dq Li ddial , 1015.Dq Li direct 1016and 1017.Dq Li dedicated . 1018See the manual for a full description. 1019.It Va ppp_nat 1020.Pq Vt bool 1021If set to 1022.Dq Li YES , 1023enables network address translation. 1024Used in conjunction with 1025.Va gateway_enable 1026allows hosts on private network addresses access to the Internet using 1027this host as a network address translating router. 1028.It Va ppp_profile 1029.Pq Vt str 1030The name of the profile to use from 1031.Pa /etc/ppp/ppp.conf . 1032Also used for per-profile overrides of 1033.Va ppp_ Ns Ao Ar profile Ac Ns _unit . 1034Where the profile contains any of the characters 1035.Dq Li .-/+ 1036they are translated to 1037.Dq Li _ 1038for the purposes of the override variable names. 1039.It Va ppp_ Ns Ao Ar profile Ac Ns _unit 1040.Pq Vt int 1041Set the unit number to be used for this profile. 1042See the manual description of 1043.Fl unit Ns Ar N 1044in 1045.Xr ppp 8 1046for details. 1047.It Va ppp_user 1048.Pq Vt str 1049The name of the user under which 1050.Xr ppp 8 1051should be started. 1052By default, 1053.Xr ppp 8 1054is started as 1055.Dq Li root . 1056.It Va rc_conf_files 1057.Pq Vt str 1058This option is used to specify a list of files that will override 1059the settings in 1060.Pa /etc/defaults/rc.conf . 1061The files will be read in the order in which they are specified and should 1062include the full path to the file. 1063By default, the files specified are 1064.Pa /etc/rc.conf 1065and 1066.Pa /etc/rc.conf.local 1067.It Va fsck_y_enable 1068.Pq Vt bool 1069If set to 1070.Dq Li YES , 1071.Xr fsck 8 1072will be run with the 1073.Fl y 1074flag if the initial preen of the file systems fails. 1075.It Va netfs_types 1076.Pq Vt str 1077List of file system types that are network-based. 1078This list should generally not be modified by end users. 1079Use 1080.Va extra_netfs_types 1081instead. 1082.It Va extra_netfs_types 1083.Pq Vt str 1084If set to something other than 1085.Dq Li NO 1086(the default), this variable extends the list of file system types 1087for which automatic mounting at startup by 1088.Xr rc 8 1089should be delayed until the network is initialized. 1090It should contain 1091a whitespace-separated list of network file system descriptor pairs, 1092each consisting of a file system type as passed to 1093.Xr mount 8 1094and a human-readable, one-word description, joined with a colon 1095.Pq Ql \&: . 1096Extending the default list in this way is only necessary 1097when third party file system types are used. 1098.It Va devfs_config_files 1099.Pq Vt str 1100This option is used to specify a list of configuration files containing 1101.Xr devfs 5 1102rules that will be applied by 1103.Xr devfsctl 8 1104in the order in which they are specified and must include the full path 1105to the file. 1106.It Va tmpfs_var_run 1107.Pq Vt bool 1108If set to 1109.Dq Li YES , 1110a 1111.Xr tmpfs 5 1112will be mounted at 1113.Pa /var/run . 1114Necessary directories under there will be automatically created. 1115.It Va tmpfs_tmp 1116.Pq Vt bool 1117If set to 1118.Dq Li YES , 1119a 1120.Xr tmpfs 5 1121will be mounted at 1122.Pa /tmp . 1123.It Va syslogd_enable 1124.Pq Vt bool 1125If set to 1126.Dq Li YES , 1127run the 1128.Xr syslogd 8 1129daemon. 1130.It Va syslogd_program 1131.Pq Vt str 1132Path to 1133.Xr syslogd 8 1134(default 1135.Pa /usr/sbin/syslogd ) . 1136.It Va syslogd_flags 1137.Pq Vt str 1138If 1139.Va syslogd_enable 1140is set to 1141.Dq Li YES , 1142these are the flags to pass to 1143.Xr syslogd 8 . 1144.It Va inetd_enable 1145.Pq Vt bool 1146If set to 1147.Dq Li YES , 1148run the 1149.Xr inetd 8 1150daemon. 1151.It Va inetd_program 1152.Pq Vt str 1153Path to 1154.Xr inetd 8 1155(default 1156.Pa /usr/sbin/inetd ) . 1157.It Va inetd_flags 1158.Pq Vt str 1159If 1160.Va inetd_enable 1161is set to 1162.Dq Li YES , 1163these are the flags to pass to 1164.Xr inetd 8 . 1165.It Va rwhod_enable 1166.Pq Vt bool 1167If set to 1168.Dq Li YES , 1169run the 1170.Xr rwhod 8 1171daemon at boot time. 1172.It Va rwhod_flags 1173.Pq Vt str 1174If 1175.Va rwhod_enable 1176is set to 1177.Dq Li YES , 1178these are the flags to pass to it. 1179.It Va update_motd 1180.Pq Vt bool 1181If set to 1182.Dq Li YES , 1183.Pa /etc/motd 1184will be updated at boot time to reflect the kernel release being run. 1185If set to 1186.Dq Li NO , 1187.Pa /etc/motd 1188will not be updated. 1189.It Va nfs_client_enable 1190.Pq Vt bool 1191If set to 1192.Dq Li YES , 1193setup NFS client parameters at boot time. 1194.It Va nfs_access_cache 1195.Pq Vt int 1196If 1197.Va nfs_client_enable 1198is set to 1199.Dq Li YES , 1200this can be set to 1201.Dq Li 0 1202to disable NFS ACCESS RPC caching, or to the number of seconds for which 1203NFS ACCESS results should be cached. 1204A value of 2-10 seconds will substantially reduce network traffic for 1205many NFS operations. 1206The default is 5 seconds. 1207Note that the attribute cache holds stat information only. 1208The NFS data cache is independent of the attribute cache and is only 1209invalidated when the client detects that the server has modified the 1210underlying file. 1211This value specifies a maximum timeout. 1212The NFS client will automatically use a shorter timeout for files which 1213have been recently modified. 1214.It Va nfs_neg_cache 1215.Pq Vt int 1216If 1217.Va nfs_client_enable 1218is set to 1219.Dq Li YES , 1220this can be set to 1221.Dq Li 0 1222to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1223filenames), or to the number of seconds for which negative lookups should 1224be cached. 1225A value of 2-10 seconds will substantially reduce network 1226traffic for many NFS operations, especially source code builds. 1227The default is 3 seconds. 1228.It Va nfs_server_enable 1229.Pq Vt bool 1230If set to 1231.Dq Li YES , 1232run the NFS server daemons at boot time. 1233.It Va nfs_server_flags 1234.Pq Vt str 1235If 1236.Va nfs_server_enable 1237is set to 1238.Dq Li YES , 1239these are the flags to pass to the 1240.Xr nfsd 8 1241daemon. 1242.It Va mountd_enable 1243.Pq Vt bool 1244If set to 1245.Dq Li YES , 1246and no 1247.Va nfs_server_enable 1248is set, start 1249.Xr mountd 8 , 1250but not 1251.Xr nfsd 8 1252daemon. 1253It is commonly needed to run CFS without real NFS used. 1254.It Va mountd_flags 1255.Pq Vt str 1256If 1257.Va mountd_enable 1258is set to 1259.Dq Li YES , 1260these are the flags to pass to the 1261.Xr mountd 8 1262daemon. 1263.It Va weak_mountd_authentication 1264.Pq Vt bool 1265If set to 1266.Dq Li YES , 1267allow services like PCNFSD to make non-privileged mount requests. 1268.It Va nfs_reserved_port_only 1269.Pq Vt bool 1270If set to 1271.Dq Li YES , 1272provide NFS services only on a secure port. 1273.It Va nfs_bufpackets 1274.Pq Vt int 1275If set to a number, indicates the number of packets worth of 1276socket buffer space to reserve on an NFS client. 1277The kernel default is typically 4. 1278Using a higher number may be useful on gigabit networks to improve performance. 1279The minimum value is 2 and the maximum is 64. 1280.It Va rpc_umntall_enable 1281.Pq Vt bool 1282If set to 1283.Dq Li YES 1284(default) and we are also an NFS client, run 1285.Xr rpc.umntall 8 1286at boot time to clear out old mounts on remote servers. 1287If set to 1288.Dq Li NO 1289then 1290.Xr rpc.umntall 8 1291will not be run at boot time. 1292.It Va rpc_lockd_enable 1293.Pq Vt bool 1294If set to 1295.Dq Li YES 1296and also an NFS server, run 1297.Xr rpc.lockd 8 1298at boot time. 1299.It Va rpc_lockd_flags 1300.Pq Vt str 1301If 1302.Va rpc_lockd_enable 1303is set to 1304.Dq Li YES , 1305these are the flags to pass to 1306.Xr rpc.lockd 8 . 1307.It Va rpc_statd_enable 1308.Pq Vt bool 1309If set to 1310.Dq Li YES 1311and also an NFS server, run 1312.Xr rpc.statd 8 1313at boot time. 1314.It Va rpc_statd_flags 1315.Pq Vt str 1316If 1317.Va rpc_statd_enable 1318is set to 1319.Dq Li YES , 1320these are the flags to pass to 1321.Xr rpc.statd 8 . 1322.It Va rpcbind_program 1323.Pq Vt str 1324Path to program for rpcbind daemon 1325(default 1326.Pa /usr/sbin/rpcbind ) . 1327.It Va rpcbind_enable 1328.Pq Vt bool 1329If set to 1330.Dq Li YES , 1331run 1332.Va rpcbind_program 1333at boot time. 1334.It Va rpcbind_flags 1335.Pq Vt str 1336If 1337.Va rpcbind_enable 1338is set to 1339.Dq Li YES , 1340these are the flags to pass to 1341.Va rpcbind_program . 1342.It Va keyserv_enable 1343.Pq Vt bool 1344If set to 1345.Dq Li YES , 1346run the 1347.Xr keyserv 8 1348daemon on boot for running Secure RPC. 1349.It Va keyserv_flags 1350.Pq Vt str 1351If 1352.Va keyserv_enable 1353is set to 1354.Dq Li YES , 1355these are the flags to pass to 1356.Xr keyserv 8 1357daemon. 1358.It Va pppoed_enable 1359.Pq Vt bool 1360If set to 1361.Dq Li YES , 1362run the 1363.Xr pppoed 8 1364daemon at boot time to provide PPP over Ethernet services. 1365.It Va pppoed_provider 1366.Pq Vt str 1367.Xr pppoed 8 1368listens to requests to this provider and ultimately runs 1369.Xr ppp 8 1370with a 1371.Ar system 1372argument of the same name. 1373.It Va pppoed_flags 1374.Pq Vt str 1375Additional flags to pass to 1376.Xr pppoed 8 . 1377.It Va pppoed_interface 1378.Pq Vt str 1379The network interface to run 1380.Xr pppoed 8 1381on. 1382This is mandatory when 1383.Va pppoed_enable 1384is set to 1385.Dq Li YES . 1386.It Va dntpd_enable 1387.Pq Vt bool 1388If set to 1389.Dq Li YES , 1390run 1391.Xr dntpd 8 1392at system boot time. 1393.It Va dntpd_program 1394.Pq Vt str 1395Path to 1396.Xr dntpd 8 1397(default 1398.Pa /usr/sbin/dntpd ) . 1399.It Va dntpd_flags 1400.Pq Vt str 1401If 1402.Va dntpd_enable 1403is set to 1404.Dq Li YES , 1405these are the flags to pass to the 1406.Xr dntpd 8 1407daemon. 1408.It Va btconfig_enable 1409.Pq Vt bool 1410If set to 1411.Dq Li YES , 1412configure Bluetooth devices via 1413.Xr btconfig 8 1414at system boot time. 1415.It Va btconfig_devices 1416.Pq Vt str 1417If 1418.Va btconfig_enable 1419is set to 1420.Dq Li YES , 1421this is the list of Bluetooth devices to configure. 1422If 1423.Va btconfig_devices 1424is not specified, all devices known to the system will be configured. 1425A 1426.Va btconfig_ Ns Aq Ar device 1427variable can be set to specify parameters to be passed to 1428.Ar device . 1429.It Va btconfig_args 1430.Pq Vt str 1431If 1432.Va btconfig_enable 1433is set to 1434.Dq Li YES , 1435this is the list of configuration parameters to pass to all Bluetooth 1436devices. 1437.It Va sdpd_enable 1438.Pq Vt bool 1439If set to 1440.Dq Li YES , 1441run the Service Discovery Profile daemon 1442.Xr ( sdpd 8 ) 1443at system boot time. 1444.It Va sdpd_flags 1445.Pq Vt str 1446If 1447.Va sdpd_enable 1448is set to 1449.Dq Li YES , 1450these are the flags to pass to the 1451.Xr sdpd 8 1452daemon. 1453.It Va bthcid_enable 1454.Pq Vt bool 1455If set to 1456.Dq Li YES , 1457run the Bluetooth Link Key/PIN Code Manager daemon 1458.Xr ( bthcid 8 ) 1459at system boot time. 1460.It Va bthcid_flags 1461.Pq Vt str 1462If 1463.Va bthcid_enable 1464is set to 1465.Dq Li YES , 1466these are the flags to pass to the 1467.Xr bthcid 8 1468daemon. 1469.It Va nis_client_enable 1470.Pq Vt bool 1471If set to 1472.Dq Li YES , 1473run the 1474.Xr ypbind 8 1475service at system boot time. 1476.It Va nis_client_flags 1477.Pq Vt str 1478If 1479.Va nis_client_enable 1480is set to 1481.Dq Li YES , 1482these are the flags to pass to the 1483.Xr ypbind 8 1484service. 1485.It Va nis_ypset_enable 1486.Pq Vt bool 1487If set to 1488.Dq Li YES , 1489run the 1490.Xr ypset 8 1491daemon at system boot time. 1492.It Va nis_ypset_flags 1493.Pq Vt str 1494If 1495.Va nis_ypset_enable 1496is set to 1497.Dq Li YES , 1498these are the flags to pass to the 1499.Xr ypset 8 1500daemon. 1501.It Va nis_server_enable 1502.Pq Vt bool 1503If set to 1504.Dq Li YES , 1505run the 1506.Xr ypserv 8 1507daemon at system boot time. 1508.It Va nis_server_flags 1509.Pq Vt str 1510If 1511.Va nis_server_enable 1512is set to 1513.Dq Li YES , 1514these are the flags to pass to the 1515.Xr ypserv 8 1516daemon. 1517.It Va nis_ypxfrd_enable 1518.Pq Vt bool 1519If set to 1520.Dq Li YES , 1521run the 1522.Xr rpc.ypxfrd 8 1523daemon at system boot time. 1524.It Va nis_ypxfrd_flags 1525.Pq Vt str 1526If 1527.Va nis_ypxfrd_enable 1528is set to 1529.Dq Li YES , 1530these are the flags to pass to the 1531.Xr rpc.ypxfrd 8 1532daemon. 1533.It Va nis_yppasswdd_enable 1534.Pq Vt bool 1535If set to 1536.Dq Li YES , 1537run the 1538.Xr rpc.yppasswdd 8 1539daemon at system boot time. 1540.It Va nis_yppasswdd_flags 1541.Pq Vt str 1542If 1543.Va nis_yppasswdd_enable 1544is set to 1545.Dq Li YES , 1546these are the flags to pass to the 1547.Xr rpc.yppasswdd 8 1548daemon. 1549.It Va rpc_ypupdated_enable 1550.Pq Vt bool 1551If set to 1552.Dq Li YES , 1553run the 1554.Nm rpc.ypupdated 1555daemon at system boot time. 1556.It Va defaultrouter 1557.Pq Vt str 1558If not set to 1559.Dq Li NO , 1560create a default route to this host name or IP address 1561(use an IP address if this router is also required to get to the 1562name server!). 1563.It Va ipv6_defaultrouter 1564.Pq Vt str 1565The IPv6 equivalent of 1566.Va defaultrouter . 1567.It Va static_routes 1568.Pq Vt str 1569Set to the list of static routes that are to be added at system boot time. 1570If not set to 1571.Dq Li NO 1572then for each whitespace separated 1573.Ar element 1574in the value, a 1575.Va route_ Ns Aq Ar element 1576variable is assumed to exist whose contents will later be passed to a 1577.Dq Nm route Cm add 1578operation. 1579.It Va change_routes 1580.Pq Vt str 1581Set to the list of static routes that are to be changed at system boot time 1582(such as those added by the kernel). 1583If not set to 1584.Dq Li NO 1585then for each whitespace separated 1586.Ar element 1587in the value, a 1588.Va change_route_ Ns Aq Ar element 1589variable is assumed to exist whose contents will later be passed to a 1590.Dq Nm route Cm change 1591operation. 1592.It Va ipv6_static_routes 1593.Pq Vt str 1594The IPv6 equivalent of 1595.Va static_routes . 1596If not set to 1597.Dq Li NO 1598then for each whitespace separated 1599.Ar element 1600in the value, a 1601.Va ipv6_route_ Ns Aq Ar element 1602variable is assumed to exist whose contents will later be passed to a 1603.Dq Nm route Cm add Fl inet6 1604operation. 1605.It Va gateway_enable 1606.Pq Vt bool 1607If set to 1608.Dq Li YES , 1609configure host to act as an IP router, e.g. to forward packets 1610between interfaces. 1611.It Va ipv6_gateway_enable 1612.Pq Vt bool 1613The IPv6 equivalent of 1614.Va gateway_enable . 1615.It Va router_enable 1616.Pq Vt bool 1617If set to 1618.Dq Li YES , 1619run a routing daemon of some sort, based on the settings of 1620.Va router_program 1621and 1622.Va router_flags . 1623.It Va ipv6_router_enable 1624.Pq Vt bool 1625The IPv6 equivalent of 1626.Va router_enable . 1627If set to 1628.Dq Li YES , 1629run a routing daemon of some sort, based on the settings of 1630.Va ipv6_router_program 1631and 1632.Va ipv6_router_flags . 1633.It Va router_program 1634.Pq Vt str 1635If 1636.Va router_enable 1637is set to 1638.Dq Li YES , 1639this is the name of the routing daemon to use 1640(default 1641.Pa /sbin/routed ) . 1642.It Va ipv6_router_program 1643.Pq Vt str 1644The IPv6 equivalent of 1645.Va router_program 1646(default 1647.Pa /sbin/route6d ) . 1648.It Va router_flags 1649.Pq Vt str 1650If 1651.Va router_enable 1652is set to 1653.Dq Li YES , 1654these are the flags to pass to the routing daemon. 1655.It Va ipv6_router_flags 1656.Pq Vt str 1657The IPv6 equivalent of 1658.Va router_flags . 1659.It Va rtadvd_enable 1660.Pq Vt bool 1661If set to 1662.Dq Li YES , 1663run the 1664.Xr rtadvd 8 1665daemon at boot time. 1666.Xr rtadvd 8 1667will only run if 1668.Va ipv6_gateway_enable 1669is also set to 1670.Dq Li YES . 1671The 1672.Xr rtadvd 8 1673utility sends router advertisement packets to the interfaces specified in 1674.Va rtadvd_interfaces . 1675.Xr rtadvd 8 1676and should only be enabled with great care. 1677You may want to fine-tune 1678.Xr rtadvd.conf 5 . 1679.It Va rtadvd_interfaces 1680.Pq Vt str 1681If 1682.Va rtadvd_enable 1683is set to 1684.Dq Li YES 1685this is the list of interfaces to use. 1686.It Va rtsold_enable 1687.Pq Vt bool 1688If set to 1689.Dq Li YES , 1690run the 1691.Xr rtsold 8 1692daemon at boot time. 1693The 1694.Xr rtsold 8 1695daemon is used for automatic discovery of non-link local addresses. 1696.It Va rtsold_flags 1697.Pq Vt str 1698If 1699.Va rtsold_enable 1700is set to 1701.Dq Li YES , 1702these are the flags to pass to the 1703.Xr rtsold 8 1704daemon. 1705.It Va arpproxy_all 1706.Pq Vt bool 1707If set to 1708.Dq Li YES , 1709enable global proxy ARP. 1710.It Va forward_sourceroute 1711.Pq Vt bool 1712If set to 1713.Dq Li YES 1714and 1715.Va gateway_enable 1716is also set to 1717.Dq Li YES , 1718source-routed packets are forwarded. 1719.It Va accept_sourceroute 1720.Pq Vt bool 1721If set to 1722.Dq Li YES , 1723the system will accept source-routed packets directed at it. 1724.It Va rarpd_enable 1725.Pq Vt bool 1726If set to 1727.Dq Li YES , 1728run the 1729.Xr rarpd 8 1730daemon at system boot time. 1731.It Va rarpd_flags 1732.Pq Vt str 1733If 1734.Va rarpd_enable 1735is set to 1736.Dq Li YES , 1737these are the flags to pass to the 1738.Xr rarpd 8 1739daemon. 1740.It Va wpa_supplicant_enable 1741.Pq Vt bool 1742If set to 1743.Dq Li YES , 1744run the 1745.Xr wpa_supplicant 8 1746daemon in 1747.Dq interface matching mode 1748at system boot time. 1749.It Va wpa_supplicant_program 1750.Pq Vt str 1751Path to 1752.Xr wpa_supplicant 8 . 1753.It Va wpa_supplicant_flags 1754.Pq Vt str 1755If 1756.Va wpa_supplicant_enable 1757is set to 1758.Dq Li YES , 1759these are the flags to pass to the 1760.Xr wpa_supplicant 8 1761daemon. 1762.It Va bootparamd_enable 1763.Pq Vt bool 1764If set to 1765.Dq Li YES , 1766run the 1767.Xr bootparamd 8 1768daemon at system boot time. 1769.It Va bootparamd_flags 1770.Pq Vt str 1771If 1772.Va bootparamd_enable 1773is set to 1774.Dq Li YES , 1775these are the flags to pass to the 1776.Xr bootparamd 8 1777daemon. 1778.It Va stf_interface_ipv4addr 1779.Pq Vt str 1780If not set to 1781.Dq Li NO , 1782this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1783Specify this entry to enable the 6to4 interface. 1784.It Va stf_interface_ipv4plen 1785.Pq Vt int 1786Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1787An effective value is 0-31. 1788.It Va stf_interface_ipv6_ifid 1789.Pq Vt str 1790IPv6 interface ID for 1791.Xr stf 4 . 1792This can be set to 1793.Dq Li AUTO . 1794.It Va stf_interface_ipv6_slaid 1795.Pq Vt str 1796IPv6 Site Level Aggregator for 1797.Xr stf 4 . 1798.It Va keybell 1799.Pq Vt str 1800The keyboard bell sound. 1801Set to 1802.Dq Li normal , 1803.Dq Li visual , 1804.Dq Li off , 1805or 1806.Dq Li NO 1807if the default behavior is desired. 1808For details, refer to the 1809.Xr kbdcontrol 1 1810manpage. 1811.It Va keymap 1812.Pq Vt str 1813If set to 1814.Dq Li NO , 1815no keymap is installed, otherwise the value is used to install 1816the keymap file in 1817.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1818.It Va keyrate 1819.Pq Vt str 1820The keyboard repeat speed. 1821Set to 1822.Dq Li slow , 1823.Dq Li normal , 1824.Dq Li fast , 1825or 1826.Dq Li NO 1827if the default behavior is desired. 1828.It Va keychange 1829.Pq Vt str 1830If not set to 1831.Dq Li NO , 1832attempt to program the function keys with the value. 1833The value should be a single string of the form: 1834.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 1835.It Va cursor 1836.Pq Vt str 1837Can be set to the value of 1838.Dq Li normal , 1839.Dq Li blink , 1840.Dq Li destructive , 1841or 1842.Dq Li NO 1843to set the cursor behavior explicitly or choose the default behavior. 1844.It Va scrnmap 1845.Pq Vt str 1846If set to 1847.Dq Li NO , 1848no screen map is installed, otherwise the value is used to install 1849the screen map file in 1850.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 1851.It Va font8x16 1852.Pq Vt str 1853If set to 1854.Dq Li NO , 1855the default 8x16 font value is used for screen size requests, otherwise 1856the value in 1857.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1858is used. 1859.It Va font8x14 1860.Pq Vt str 1861If set to 1862.Dq Li NO , 1863the default 8x14 font value is used for screen size requests, otherwise 1864the value in 1865.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1866is used. 1867.It Va font8x8 1868.Pq Vt str 1869If set to 1870.Dq Li NO , 1871the default 8x8 font value is used for screen size requests, otherwise 1872the value in 1873.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1874is used. 1875.It Va blanktime 1876.Pq Vt int 1877If set to 1878.Dq Li NO , 1879the default screen blanking interval is used, otherwise it is set to 1880.Ar value 1881seconds. 1882.It Va saver 1883.Pq Vt str 1884If not set to 1885.Dq Li NO , 1886this is the actual screen saver to use 1887.Li ( blank , snake , daemon , 1888etc). 1889.It Va moused_nondefault_enable 1890.Pq Vt str 1891If set to 1892.Dq Li NO , 1893the mouse device specified on 1894the command line is not automatically treated as enabled by the 1895.Pa /etc/rc.d/moused 1896script. 1897Having this variable set to 1898.Dq Li YES 1899allows a 1900.Xr usb 4 1901mouse, 1902for example, 1903to be enabled as soon as it is plugged in. 1904.It Va moused_enable 1905.Pq Vt str 1906If set to 1907.Dq Li YES , 1908the 1909.Xr moused 8 1910daemon is started for doing cut/paste selection on the console. 1911.It Va moused_type 1912.Pq Vt str 1913If 1914.Va moused_enable 1915is set to 1916.Dq Li YES , 1917this is the protocol type of the mouse connected to this host. 1918The default type is 1919.Dq Li auto . 1920The 1921.Xr moused 8 1922daemon 1923is able to detect the appropriate mouse type automatically in many cases. 1924Leave this variable at the default 1925.Dq Li auto 1926to let the daemon detect it, or 1927select one from the following list if the automatic detection fails. 1928.Pp 1929If the mouse is attached to the PS/2 mouse port, leave the variable at the 1930default 1931.Dq Li auto 1932or set it to 1933.Dq Li ps/2 , 1934regardless of the brand and model of the mouse. 1935Likewise, if the mouse is attached to the bus mouse port, leave it at 1936.Dq Li auto 1937or set it to 1938.Dq Li busmouse . 1939All other protocols are for serial mice and will not work with 1940the PS/2 and bus mice. 1941If this is a USB mouse, 1942.Dq Li auto 1943is the only protocol type which will work. 1944.Pp 1945.Bl -tag -width ".Li x10mouseremote" -compact 1946.It Li microsoft 1947Microsoft mouse (serial) 1948.It Li intellimouse 1949Microsoft IntelliMouse (serial) 1950.It Li mousesystems 1951Mouse systems Corp. mouse (serial) 1952.It Li mmseries 1953MM Series mouse (serial) 1954.It Li logitech 1955Logitech mouse (serial) 1956.It Li busmouse 1957A bus mouse 1958.It Li mouseman 1959Logitech MouseMan and TrackMan (serial) 1960.It Li glidepoint 1961ALPS GlidePoint (serial) 1962.It Li thinkingmouse 1963Kensington ThinkingMouse (serial) 1964.It Li ps/2 1965PS/2 mouse 1966.It Li mmhittab 1967MM HitTablet (serial) 1968.It Li x10mouseremote 1969X10 MouseRemote (serial) 1970.It Li versapad 1971Interlink VersaPad (serial) 1972.El 1973.Pp 1974Even if the mouse is not in the above list, it may be compatible 1975with one in the list. 1976Refer to the man page for 1977.Xr moused 8 1978for compatibility information. 1979.Pp 1980It should also be noted that while this is enabled, any 1981other client of the mouse (such as an X server) should access 1982the mouse through the virtual mouse device, 1983.Pa /dev/sysmouse , 1984and configure it as a 1985.Dq Li sysmouse 1986type mouse, since all 1987mouse data is converted to this single canonical format when using 1988.Xr moused 8 . 1989If the client program does not support the 1990.Dq Li sysmouse 1991type, specify the 1992.Dq Li mousesystems 1993type. 1994It is the second preferred type. 1995.It Va moused_port 1996.Pq Vt str 1997If 1998.Va moused_enable 1999is set to 2000.Dq Li YES , 2001this is the actual port the mouse is on. 2002It might be 2003.Pa /dev/cuaa0 2004for a COM1 serial mouse or 2005.Pa /dev/psm0 2006for a PS/2 mouse, for example. 2007.It Va moused_flags 2008.Pq Vt str 2009If 2010.Va moused_type 2011is set, these are the additional flags to pass to the 2012.Xr moused 8 2013daemon. 2014.It Va mousechar_start 2015.Pq Vt int 2016If set to 2017.Dq Li NO , 2018the default mouse cursor character range 2019.Li 0xd0 Ns - Ns Li 0xd3 2020is used, otherwise the range start is set to 2021.Ar value 2022character, see 2023.Xr vidcontrol 1 . 2024Use if the default range is occupied in the language code table. 2025.It Va vidhistory 2026.Pq Vt int 2027Set the size of the history (scrollback) buffer in lines. 2028.It Va allscreens_flags 2029.Pq Vt str 2030If set, 2031.Xr vidcontrol 1 2032is run with these options for each of the virtual terminals 2033.Pq Pa /dev/ttyv* . 2034For example, 2035.Dq Fl m Cm on 2036will enable the mouse pointer on all virtual terminals if 2037.Va moused_enable 2038is set to 2039.Dq Li YES . 2040.It Va allscreens_kbdflags 2041.Pq Vt str 2042If set, 2043.Xr kbdcontrol 1 2044is run with these options for each of the virtual terminals 2045.Pq Pa /dev/ttyv* . 2046For example, 2047.Dq Fl h Li 200 2048will set the 2049.Xr syscons 4 2050scrollback (history) buffer to 200 lines. 2051.It Va cron_enable 2052.Pq Vt bool 2053If set to 2054.Dq Li YES , 2055run the 2056.Xr cron 8 2057daemon at system boot time. 2058.It Va cron_program 2059.Pq Vt str 2060Path to 2061.Xr cron 8 2062(default 2063.Pa /usr/sbin/cron ) . 2064.It Va cron_flags 2065.Pq Vt str 2066If 2067.Va cron_enable 2068is set to 2069.Dq Li YES , 2070these are the flags to pass to 2071.Xr cron 8 . 2072.It Va lpd_program 2073.Pq Vt str 2074Path to 2075.Xr lpd 8 2076(default 2077.Pa /usr/sbin/lpd ) . 2078.It Va lpd_enable 2079.Pq Vt bool 2080If set to 2081.Dq Li YES , 2082run the 2083.Xr lpd 8 2084daemon at system boot time. 2085.It Va lpd_flags 2086.Pq Vt str 2087If 2088.Va lpd_enable 2089is set to 2090.Dq Li YES , 2091these are the flags to pass to the 2092.Xr lpd 8 2093daemon. 2094.It Va nscd_enable 2095.Pq Vt bool 2096If set to 2097.Dq Li YES , 2098run the 2099.Xr nscd 8 2100daemon at system boot time. 2101.It Va mixer_enable 2102.Pq Vt bool 2103If set to 2104.Dq Li YES , 2105preserve 2106.Xr mixer 8 2107settings across reboots. 2108.It Va mta_start_script 2109.Pq Vt str 2110The full path to the script to run to start 2111a mail transfer agent. 2112The default is 2113.Pa /etc/rc.sendmail . 2114The 2115.Va sendmail_* 2116variables which 2117.Pa /etc/rc.sendmail 2118uses are documented in the 2119.Xr rc.sendmail 8 2120man page. 2121.It Va fixbootfile 2122.Pq Vt bool 2123In a 2124.Sq HAMMER ROOT with UFS /boot 2125setup, the boot loader will not set up the 2126.Va kern.bootfile 2127sysctl correctly. 2128The system will attempt to fix this on its own. 2129Set this variable to 2130.Dq Li NO 2131to turn this behavior off. 2132.It Va dumpdev 2133.Pq Vt str 2134Indicates the device (usually a swap partition) to which a crash dump 2135should be written in the event of a system crash. 2136The value of this variable is passed as the argument to 2137.Xr dumpon 8 2138and 2139.Xr savecore 8 . 2140To disable crash dumps, set this variable to 2141.Dq Li NO . 2142.It Va dumpdir 2143.Pq Vt str 2144When the system reboots after a crash and a crash dump is found on the 2145device specified by the 2146.Va dumpdev 2147variable, 2148.Xr savecore 8 2149will save that crash dump and a copy of the kernel to the directory 2150specified by the 2151.Va dumpdir 2152variable. 2153The default value is 2154.Pa /var/crash . 2155Set to 2156.Dq Li NO 2157to not run 2158.Xr savecore 8 2159at boot time when 2160.Va dumpdir 2161is set. 2162.It Va savecore_flags 2163.Pq Vt str 2164If crash dumps are enabled, these are the flags to pass to the 2165.Xr savecore 8 2166utility. 2167.It Va crashinfo_enable 2168.Pq Vt bool 2169Set to 2170.Dq Li YES 2171to turn on automatic crash dump summary generation using the utility 2172specified by the 2173.Va crashinfo_program 2174variable. 2175.It Va crashinfo_program 2176.Pq Vt str 2177Program to run to generate a crash dump summary if the variable 2178.Va crashinfo_enable 2179is set to 2180.Dq Li YES . 2181The default value is 2182.Pa /usr/sbin/crashinfo . 2183.It Va enable_quotas 2184.Pq Vt bool 2185Set to 2186.Dq Li YES 2187to turn on user disk quotas on system startup via the 2188.Xr quotaon 8 2189command. 2190.It Va check_quotas 2191.Pq Vt bool 2192Set to 2193.Dq Li YES 2194to enable user disk quota checking via the 2195.Xr quotacheck 8 2196command. 2197.It Va accounting_enable 2198.Pq Vt bool 2199Set to 2200.Dq Li YES 2201to enable system accounting through the 2202.Xr accton 8 2203facility. 2204.\" ----- cleanvar_enable setting-------------------------------- 2205.It Va cleanvar_enable 2206.Pq Vt bool 2207Set to 2208.Dq Li YES 2209to have 2210.Pa /var/run , 2211.Pa /var/spool/lock 2212and 2213.Pa /var/spool/uucp/.Temp/* 2214cleaned at startup. 2215.\" ----- clear_tmp_enable setting------------------------------- 2216.It Va clear_tmp_enable 2217.Pq Vt bool 2218Set to 2219.Dq Li YES 2220to have 2221.Pa /tmp 2222cleaned at startup. 2223.\" ----- ldconfig_paths setting -------------------------------- 2224.It Va ldconfig_paths 2225.Pq Vt str 2226Set to the list of shared library paths to use with 2227.Xr ldconfig 8 . 2228NOTE: 2229.Pa /usr/lib 2230will always be added first, so it need not appear in this list. 2231.It Va ldconfig_insecure 2232.Pq Vt bool 2233The 2234.Xr ldconfig 8 2235utility normally refuses to use directories 2236which are writable by anyone except root. 2237Set this variable to 2238.Dq Li YES 2239to disable that security check during system startup. 2240.It Va ldconfig_local_dirs 2241.Pq Vt str 2242Set to the list of local 2243.Xr ldconfig 8 2244directories. 2245The names of all files in the directories listed will be 2246passed as arguments to 2247.Xr ldconfig 8 . 2248.It Va kern_securelevel 2249.Pq Vt int 2250The kernel security level to set at startup. 2251The allowed range of 2252.Ar value 2253ranges from \-1 (the compile time default) to 3 (the most secure). 2254See 2255.Xr init 8 2256for the list of possible security levels and their effect on system operation. 2257.It Va start_vinum 2258.Pq Vt bool 2259Set to 2260.Dq Li YES 2261to start 2262.Xr vinum 8 2263at system boot time. 2264.It Va sshd_enable 2265.Pq Vt bool 2266Set to 2267.Dq Li YES 2268to start 2269.Xr sshd 8 2270at system boot time. 2271.It Va sshd_program 2272.Pq Vt str 2273Path to the SSH server program 2274(default 2275.Pa /usr/sbin/sshd ) . 2276.It Va sshd_flags 2277.Pq Vt str 2278If 2279.Va sshd_enable 2280is set to 2281.Dq Li YES , 2282these are the flags to pass to the 2283.Xr sshd 8 2284daemon. 2285.It Va ftpd_enable 2286.Pq Vt bool 2287Set to 2288.Dq Li YES 2289to start 2290.Xr ftpd 8 2291at system boot time. 2292.It Va ftpd_flags 2293.Pq Vt str 2294If 2295.Va ftpd_enable 2296is set to 2297.Dq Li YES , 2298these are the flags to pass to the 2299.Xr ftpd 8 2300daemon. 2301.It Va watchdogd_enable 2302.Pq Vt bool 2303If set to 2304.Dq Li YES , 2305start the 2306.Xr watchdogd 8 2307daemon at boot time. 2308.It Va jail_enable 2309.Pq Vt bool 2310If set to 2311.Dq Li NO , 2312any configured jails will not be started. 2313.It Va jail_list 2314.Pq Vt str 2315A space separated list of names for jails. 2316This is purely a configuration aid to help identify and 2317configure multiple jails. 2318The names specified in this list will be used to 2319identify settings common to an instance of a jail. 2320Assuming that the jail in question was named 2321.Li vjail , 2322you would have the following dependent variables: 2323.Bd -literal 2324jail_vjail_hostname="jail.example.com" 2325jail_vjail_ip="192.168.1.100" 2326jail_vjail_rootdir="/var/jails/vjail/root" 2327.Ed 2328.It Va jail_flags 2329.Pq Vt str 2330Unset by default. 2331When set, use as default value for 2332.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2333for every jail in 2334.Va jail_list . 2335.It Va jail_interface 2336.Pq Vt str 2337Unset by default. 2338When set, use as default value for 2339.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2340for every jail in 2341.Va jail_list . 2342.It Va jail_fstab 2343.Pq Vt str 2344Unset by default. 2345When set, use as default value for 2346.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2347for every jail in 2348.Va jail_list . 2349.It Va jail_mount_enable 2350.Pq Vt bool 2351Set to 2352.Dq Li NO 2353by default. 2354When set to 2355.Dq Li YES , 2356sets 2357.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2358to 2359.Dq Li YES 2360by default for every jail in 2361.Va jail_list . 2362.It Va jail_procfs_enable 2363.Pq Vt bool 2364Set to 2365.Dq Li NO 2366by default. 2367When set to 2368.Dq Li YES , 2369sets 2370.Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2371to 2372.Dq Li YES 2373by default for every jail in 2374.Va jail_list . 2375.It Va jail_devfs_enable 2376.Pq Vt bool 2377Set to 2378.Dq Li NO 2379by default. 2380When set to 2381.Dq Li YES , 2382sets 2383.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2384to 2385.Dq Li YES 2386by default for every jail in 2387.Va jail_list . 2388.It Va jail_exec_start 2389.Pq Vt str 2390Unset by default. 2391When set, use as default value for 2392.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2393for every jail in 2394.Va jail_list . 2395.It Va jail_exec_stop 2396Unset by default. 2397When set, use as default value for 2398.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2399for every jail in 2400.Va jail_list . 2401.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2402.Pq Vt str 2403Unset by default. 2404Set to the root directory used by jail 2405.Va jname . 2406.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2407.Pq Vt str 2408Unset by default. 2409Set to the fully qualified domain name (FQDN) assigned to jail 2410.Va jname . 2411.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2412.Pq Vt str 2413Unset by default. 2414Set to the IP address assigned to jail 2415.Va jname . 2416.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2417.Pq Vt str 2418Set to 2419.Dq Li -l -U root 2420by default. 2421These are flags to pass to 2422.Xr jail 8 . 2423.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2424.Pq Vt str 2425Unset by default. 2426When set, sets the interface to use when setting IP address alias. 2427Note that the alias is created at jail startup and removed at jail shutdown. 2428.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2429.Pq Vt str 2430Set to 2431.Pa /etc/fstab. Ns Aq Ar jname 2432by default. 2433This is the file system information file to use for jail 2434.Va jname . 2435.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2436.Pq Vt bool 2437Set to 2438.Dq Li NO 2439by default. 2440When set to 2441.Dq Li YES , 2442mount all file systems from 2443.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2444at jail startup. 2445.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2446.Pq Vt bool 2447Set to 2448.Dq Li NO 2449by default. 2450When set to 2451.Dq Li YES , 2452mount the process file system inside jail 2453.Ar jname 2454at jail startup. 2455.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2456.Pq Vt bool 2457Set to 2458.Dq Li NO 2459by default. 2460When set to 2461.Dq Li YES , 2462mount the device file system inside jail 2463.Ar jname 2464at jail startup. 2465.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2466.Pq Vt str 2467Set to 2468.Dq Li /bin/sh /etc/rc 2469by default. 2470This is the command executed at jail startup. 2471.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2472.Pq Vt str 2473Set to 2474.Dq Li /bin/sh /etc/rc.shutdown 2475by default. 2476This is the command executed at jail shutdown. 2477.It Va jail_default_set_hostname_allow 2478.Pq Vt bool 2479If set to 2480.Dq Li NO , 2481do not allow the root user in a jail to set its hostname. 2482.It Va jail_default_socket_unixiproute_only 2483.Pq Vt bool 2484If set to 2485.Dq Li YES , 2486do not allow any sockets, 2487besides UNIX/IP/route sockets, 2488to be used within a jail. 2489.It Va jail_default_sysvipc_allow 2490.Pq Vt bool 2491If set to 2492.Dq Li YES , 2493allow applications within a jail to use System V IPC. 2494.It Va jail_default_chflags_allow 2495.Pq Vt bool 2496If set to 2497.Dq Li YES , 2498allow applications within a jail to alter system file flags. 2499.It Va jail_default_raw_sockets_allow 2500.Pq Vt bool 2501If set to 2502.Dq Li YES , 2503allow applications within a jail to user raw sockets. 2504.It Va lvm_enable 2505.Pq Vt bool 2506If set to 2507.Dq Li YES 2508LVM volumes will be discovered and configured on boot. 2509.It Va newsyslog_enable 2510.Pq Vt bool 2511If set to 2512.Dq Li YES , 2513run 2514.Xr newsyslog 8 2515before syslogd starts. 2516.It Va newsyslog_flags 2517.Pq Vt str 2518If 2519.Va newsyslog_enable 2520is set to 2521.Dq Li YES , 2522these are the flags passed to 2523.Xr newsyslog 8 . 2524.It Va resident_enable 2525.Pq Vt bool 2526If set to 2527.Dq Li YES , 2528make the dynamic binaries listed in 2529.Pa /etc/resident.conf 2530resident. 2531.It Va varsym_enable 2532.Pq Vt bool 2533If set to 2534.Dq Li YES , 2535process 2536.Pa /etc/varsym.conf 2537to set system-wide variables for variant symlinks. 2538.It Va rand_irqs 2539.Pq Vt str 2540Set either to 2541.Dq Li NO 2542or a whitespace separated list of IRQ numbers which will be used as a source of 2543randomness. 2544.\" ----------------------------------------------------- 2545.It Va entropy_dir 2546.Pq Vt str 2547Set to 2548.Dq Li NO 2549to disable caching entropy via 2550.Xr cron 8 . 2551Otherwise set to the directory used to store entropy files in. 2552.It Va entropy_file 2553.Pq Vt str 2554Set to 2555.Dq Li NO 2556to disable caching entropy through reboots. 2557Otherwise set to the filename used to store cached entropy through reboots. 2558This file should be located on the root file system to seed the 2559.Xr random 4 2560device as early as possible in the boot process. 2561.It Va entropy_save_sz 2562.Pq Vt int 2563Determines the size of the entropy cache files used for entropy cached 2564through reboots and also entropy cached via 2565.Xr cron 8 . 2566The entropy is fed to the system in blocks of 512 bytes, so this number 2567should be large enough to fill as many of the entropy pools in the kernel 2568CSPRNG as possible. 2569By default, it is set to 16384, which should be able to seed all 32 entropy 2570pools in the Fortuna CSPRNG. 2571.It Va dmesg_enable 2572.Pq Vt bool 2573Set to 2574.Dq Li YES 2575to save 2576.Xr dmesg 8 2577to 2578.Pa /var/run/dmesg.boot 2579on boot. 2580.It Va rcshutdown_timeout 2581.Pq Vt int 2582If set, start a watchdog timer in the background which will terminate 2583.Pa rc.shutdown 2584if 2585.Xr shutdown 8 2586has not completed within the specified time (in seconds). 2587Notice that in addition to this soft timeout, 2588.Xr init 8 2589also applies a hard timeout for the execution of 2590.Pa rc.shutdown . 2591This is configured via 2592.Xr sysctl 8 2593variable 2594.Va kern.init_shutdown_timeout 2595and defaults to 120 seconds. Setting the value of 2596.Va rcshutdown_timeout 2597to more than 120 seconds will have no effect until the 2598.Xr sysctl 8 2599variable 2600.Va kern.init_shutdown_timeout 2601is also increased. 2602.It Va udevd_enable 2603.Pq Vt bool 2604If set to 2605.Dq Li YES , 2606the udevd daemon will be started on boot. 2607.It Va vfs_quota_enable 2608.Pq Vt bool 2609If set to 2610.Dq Li YES , 2611vfs quota rc.d scripts will be run on boot. 2612.It Va vfs_quota_sync 2613.Pq Vt str 2614List of mount points whose counters are to be synchronized with on-disk 2615usage during system startup. 2616See also 2617.Xr vquota 8 . 2618.It Va vknetd_enable 2619.Pq Vt bool 2620If set to 2621.Dq Li YES , 2622.Xr vknetd 8 2623will be started on boot. 2624.It Va vknetd_flags 2625.Pq Vt bool 2626Additional flags passed to 2627.Xr vknetd 8 . 2628Usually address/cidrbits is specified here. 2629When no flags are passed, default option 2630.Fl U 2631will be used. 2632.It Va vkernel_enable 2633.Pq Vt bool 2634If set to 2635.Dq Li NO , 2636any configured vkernels will not be started. 2637.It Va vkernel_kill_timeout 2638.Pq Vt int 2639This defines the default number of seconds that we will wait for the 2640vkernel to shut down on its own. 2641If after this time it's still alive, 2642it will be killed with SIGKILL. 2643.It Va vkernel_bin 2644.Pq Vt str 2645Defines the default path to the vkernel binary. 2646.It Va vkernel_list 2647.Pq Vt str 2648A space separated list of names for vkernels. 2649This is purely a configuration aid to help identify and 2650configure multiple vkernels. 2651The names specified in this list will be used to 2652identify settings common to a vkernel instance. 2653Assuming that the vkernel in question was named 2654.Li example , 2655you would have the following dependent variables 2656(filled with reference values in this text): 2657.Bd -literal 2658vkernel_example_bin="/usr/obj/usr/src/sys/VKERNEL64/kernel.debug" 2659vkernel_example_memsize="64m" 2660vkernel_example_rootimg_list="/var/vkernel/rootimg.01" 2661vkernel_example_memimg="/var/vkernel/memimg.000001" 2662vkernel_example_user="myuser" 2663vkernel_example_iface_list="auto:bridge0" 2664vkernel_example_logfile="/dev/null" 2665vkernel_example_flags="-U" 2666vkernel_example_kill_timeout="45" 2667.Ed 2668.Pp 2669The last six are optional. 2670They default to an empty string if not set, except for logfile which defaults to 2671.Pa /dev/null 2672if it is not set. 2673.Pp 2674Note that in case 2675.Va vkernel_memimg 2676is not set, the 2677.Pa rc.d 2678script will create 2679.Pa /var/vkernel , 2680which is the vkernel's default directory for memory images, 2681with permissions of 1777, i.e. world writable with the sticky bit set 2682(see 2683.Xr sticky 8 ) . 2684.It Va autofs_enable 2685.Pq Vt bool 2686If set to 2687.Dq Li YES , 2688start the 2689.Xr automount 8 2690utility and the 2691.Xr automountd 8 2692and 2693.Xr autounmountd 8 2694daemons at boot time. 2695.It Va automount_flags 2696.Pq Vt str 2697If 2698.Va autofs_enable 2699is set to 2700.Dq Li YES , 2701these are the flags to pass to the 2702.Xr automount 8 2703program. 2704By default no flags are passed. 2705.It Va automountd_flags 2706.Pq Vt str 2707If 2708.Va autofs_enable 2709is set to 2710.Dq Li YES , 2711these are the flags to pass to the 2712.Xr automountd 8 2713daemon. 2714By default no flags are passed. 2715.It Va autounmountd_flags 2716.Pq Vt str 2717If 2718.Va autofs_enable 2719is set to 2720.Dq Li YES , 2721these are the flags to pass to the 2722.Xr autounmountd 8 2723daemon. 2724By default no flags are passed. 2725.El 2726.Sh FILES 2727.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2728.It Pa /etc/defaults/rc.conf 2729.It Pa /etc/rc.conf 2730.It Pa /etc/rc.conf.local 2731.It Pa /etc/start_if. Ns Aq Ar interface 2732.El 2733.Sh SEE ALSO 2734.Xr gdb 1 , 2735.Xr info 1 , 2736.Xr kbdcontrol 1 , 2737.Xr varsym 1 , 2738.Xr vidcontrol 1 , 2739.Xr ip 4 , 2740.Xr ipfw 4 , 2741.Xr kld 4 , 2742.Xr pf 4 , 2743.Xr tcp 4 , 2744.Xr udp 4 , 2745.Xr vlan 4 , 2746.Xr autofs 5 , 2747.Xr auto_master 5 , 2748.Xr exports 5 , 2749.Xr motd 5 , 2750.Xr resident.conf 5 , 2751.Xr varsym.conf 5 , 2752.Xr accton 8 , 2753.Xr automount 8 , 2754.Xr automountd 8 , 2755.Xr autounmountd 8 , 2756.Xr btconfig 8 , 2757.Xr bthcid 8 , 2758.Xr cron 8 , 2759.Xr devd 8 , 2760.Xr dhclient 8 , 2761.Xr dhcpcd 8 , 2762.Xr dntpd 8 , 2763.Xr ftpd 8 , 2764.Xr ifconfig 8 , 2765.Xr inetd 8 , 2766.Xr ip6addrctl 8 , 2767.Xr jail 8 , 2768.Xr lpd 8 , 2769.Xr makewhatis 8 , 2770.Xr mixer 8 , 2771.Xr mountd 8 , 2772.Xr moused 8 , 2773.Xr nfsd 8 , 2774.Xr pcnfsd 8 , 2775.Xr pfctl 8 , 2776.Xr pflogd 8 , 2777.Xr quotacheck 8 , 2778.Xr quotaon 8 , 2779.Xr rc 8 , 2780.Xr rc.sendmail 8 , 2781.Xr resident 8 , 2782.Xr rndcontrol 8 , 2783.Xr route 8 , 2784.Xr routed 8 , 2785.Xr rpcbind 8 , 2786.Xr rpc.lockd 8 , 2787.Xr rpc.statd 8 , 2788.Xr rtadvd 8 , 2789.Xr rtsold 8 , 2790.Xr rwhod 8 , 2791.Xr savecore 8 , 2792.Xr sdpd 8 , 2793.Xr sensorsd 8 , 2794.Xr sshd 8 , 2795.Xr swapon 8 , 2796.Xr sysctl 8 , 2797.Xr syslogd 8 , 2798.Xr sysvipcd 8 , 2799.Xr vinum 8 , 2800.Xr wpa_supplicant 8 , 2801.Xr yp 8 , 2802.Xr ypbind 8 , 2803.Xr ypserv 8 , 2804.Xr ypset 8 2805.Sh HISTORY 2806The 2807.Nm 2808file appeared in 2809.Fx 2.2.2 . 2810.Sh AUTHORS 2811.An Jordan K. Hubbard . 2812