1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" 27.Dd February 14, 2024 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65In addition to 66.Pa /etc/rc.conf.local 67you can also place smaller configuration files for each 68.Xr rc 8 69script in the 70.Pa /etc/rc.conf.d 71directory, which will be included by the 72.Va load_rc_config 73function. 74For jail configurations you could use the file 75.Pa /etc/rc.conf.d/jail 76to store jail specific configuration options. 77Also see the 78.Va rc_conf_files 79variable below. 80.Pp 81The following list provides a name and short description for each 82variable that can be set in the 83.Nm 84file. 85To set a variable of 86.Vt bool 87type, specify either 88.Dq Li YES , 89.Dq Li TRUE , 90.Dq Li ON , 91or 92.Dq Li 1 . 93To unset, specify 94.Dq Li NO , 95.Dq Li FALSE , 96.Dq Li OFF , 97or 98.Dq Li 0 . 99These values are case insensitive. 100The 101.Va _enable 102postfix in the name of a variable for starting a service can be 103omitted (as in 104.Nx ) . 105.Bl -tag -width indent-two 106.It Va rc_conf_files 107.Pq Vt str 108This option is used to specify a list of files that will override 109the settings in 110.Pa /etc/defaults/rc.conf . 111The files will be read in the order in which they are specified and should 112include the full path to the file. 113By default, the files specified are 114.Pa /etc/rc.conf 115and 116.Pa /etc/rc.conf.local 117.It Va rc_debug 118.Pq Vt bool 119If set to 120.Dq Li YES , 121enable output of debug messages from rc scripts. 122This variable can be helpful in diagnosing mistakes when 123editing or integrating new scripts. 124Beware that this produces copious output to the terminal and 125.Xr syslog 3 . 126.It Va rc_info 127.Pq Vt bool 128If set to 129.Dq Li NO , 130disable informational messages from the rc scripts. 131Informational messages are displayed when 132a condition that is not serious enough to warrant a warning or an error occurs. 133.It Va rc_startmsgs 134.Pq Vt bool 135If set to 136.Dq Li YES , 137show 138.Dq Starting foo: 139when faststart is used (e.g., at boot time). 140.It Va swapfile 141.Pq Vt str 142If set to 143.Dq Li NO , 144no swapfile is installed, otherwise the value is used as the full 145pathname to a file to use for additional swap space. 146The 147.Xr vn 4 148driver is needed for a swapfile and will be loaded if it is not 149already compiled into the kernel or loaded via 150.Xr loader.conf 5 . 151.It Ao Ar module Ac Ns Ar _load 152.Pq Vt bool 153If set to 154.Dq YES , 155that kernel module will be loaded. 156If no 157.Ao Ar module Ac Ns Ar _name 158is defined (see below), the 159module's name is taken to be 160.Aq Ar module . 161.It Ao Ar module Ac Ns Ar _name 162.Pq Vt str 163Defines the name of the module. 164.It Va devd_enable 165.Pq Vt bool 166Run 167.Xr devd 8 168to handle device added, removed or unknown events from the kernel. 169.It Va devd_flags 170.Pq Vt str 171If 172.Va devd_enable 173is set to 174.Dq Li YES , 175these are the flags to pass to the 176.Xr devd 8 177daemon. 178.It Va powerd_enable 179.Pq Vt bool 180Set to 181.Dq Li NO 182by default. 183Setting this to 184.Dq Li YES 185enables 186.Xr powerd 8 , 187a CPU speed control daemon. 188.It Va powerd_flags 189.Pq Vt str 190Empty by default. 191Additional flags passed to the 192.Xr powerd 8 193program. 194.Pp 195If you are running a serial port at 115200 baud we recommend setting 196the flags to "-l 1500" as lower frequencies will cause characters to 197drop. 198.It Va sensorsd_enable 199.Pq Vt bool 200Set to 201.Dq Li NO 202by default. 203Setting this to 204.Dq Li YES 205enables 206.Xr sensorsd 8 , 207a sensors monitoring and logging daemon. 208.It Va sensorsd_flags 209.Pq Vt str 210Empty by default. 211Additional flags passed to the 212.Xr sensorsd 8 213program. 214.It Va sysvipcd_enable 215.Pq Vt bool 216Set to 217.Dq Li NO 218by default. 219Setting this to 220.Dq Li YES 221enables 222.Xr sysvipcd 8 , 223a daemon needed for the userspace implementation of the XSI Interprocess 224Communication functions. 225.It Va sysvipcd_flags 226.Pq Vt str 227Empty by default. 228Additional flags passed to the 229.Xr sysvipcd 8 230program. 231.It Va hotplugd_enable 232.Pq Vt bool 233Set to 234.Dq Li NO 235by default. 236Setting this to 237.Dq Li YES 238enables 239.Xr hotplugd 8 , 240a devices hot plugging monitoring daemon. 241.It Va hotplugd_flags 242.Pq Vt str 243Empty by default. 244Additional flags passed to the 245.Xr hotplugd 8 246program. 247.It Va pccard_ifconfig 248.Pq Vt str 249List of arguments to be passed to 250.Xr ifconfig 8 251at boot time or on insertion of the card (e.g.\& 252.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 253for a fixed address or 254.Dq Li DHCP 255for a DHCP client). 256.It Va removable_interfaces 257.Pq Vt str 258List of removable network interfaces to be supported by 259.Pa /etc/pccard_ether . 260.It Va local_startup 261.Pq Vt str 262List of directories to search for startup script files. 263.It Va script_name_sep 264.Pq Vt str 265The field separator to use for breaking down the list of startup script files 266into individual filenames. 267The default is a space. 268It is not necessary to change this unless there are startup scripts with names 269containing spaces. 270.It Va hostname 271.Pq Vt str 272The fully qualified domain name (FQDN) of this host on the network. 273This should almost certainly be set to something meaningful, even if 274there is no network connection. 275If DHCP is used to set the hostname, 276this variable should be set to an empty string. 277.It Va ipv6_enable 278.Pq Vt bool 279Enable support for IPv6 networking. 280Note that this requires that the kernel have been compiled with 281.Cd "options INET6" . 282.It Va nisdomainname 283.Pq Vt str 284The NIS domain name of this host, or 285.Dq Li NO 286if NIS is not used. 287.It Va dhcp_client 288.Pq Vt str 289Set the rc script that is called to start the DHCP client. 290This can be set to 291.Dq Li dhclient 292(default) or 293.Dq Li dhcpcd . 294.It Va dhclient_program 295.Pq Vt str 296Path to the 297.Xr dhclient 8 298program (default 299.Pa /sbin/dhclient ) . 300.It Va dhclient_flags 301.Pq Vt str 302Additional flags to pass to the 303.Xr dhclient 8 304program. 305.It Va dhcpcd_enable 306.Pq Vt bool 307Set to 308.Dq Li YES 309to run 310.Xr dhcpcd 8 311in master mode (i.e., configure all available Ethernet interfaces) at startup. 312.It Va dhcpcd_program 313.Pq Vt str 314Path to the 315.Xr dhcpcd 8 316program (default 317.Pa /sbin/dhcpcd ) . 318.It Va dhcpcd_flags 319.Pq Vt str 320Additional flags to pass to the 321.Xr dhcpcd 8 322program. 323The default value is 324.Fl b , 325i.e., tell 326.Xr dhcpcd 8 327to go to background immediately. 328.It Va pf_enable 329.Pq Vt bool 330Set to 331.Dq Li YES 332to load 333.Xr pf 4 334at startup. 335If the kernel was not built with 336.Cd "device pf" , 337the 338.Pa pf.ko 339kernel module will be loaded. 340See also 341.Va firewall_enable . 342.It Va pf_rules 343.Pq Vt str 344Path to the 345.Xr pf 4 346ruleset definition file. 347.It Va pf_program 348.Pq Vt str 349Path to 350.Xr pfctl 8 . 351.It Va pf_flags 352.Pq Vt str 353If 354.Va pf_enable 355is set to 356.Dq Li YES , 357these are the flags to pass to 358.Xr pfctl 8 359when loading the ruleset. 360.It Va pflog_enable 361.Pq Vt bool 362Set this to 363.Dq Li YES 364to enable 365.Xr pflogd 8 366which logs packets from 367.Xr pf 4 . 368.It Va pflog_logfile 369.Pq Vt str 370If 371.Va pflog_enable 372is set to 373.Dq Li YES 374this specifies the path of the log file. 375.It Va pflog_program 376.Pq Vt str 377Path to 378.Xr pflogd 8 . 379.It Va pflog_flags 380.Pq Vt str 381If 382.Va pflog_enable 383is set to 384.Dq Li YES , 385these are the flags to pass to 386.Xr pflogd 8 . 387.It Va firewall_enable 388.Pq Vt bool 389Set to 390.Dq Li YES 391to load firewall rules at startup. 392If the kernel was not built with 393.Cd "options IPFIREWALL" , 394the 395.Pa ipfw.ko 396kernel module will be loaded. 397See also 398.Va pf_enable . 399.It Va ipv6_firewall_enable 400.Pq Vt bool 401The IPv6 equivalent of 402.Va firewall_enable . 403Set to 404.Dq Li YES 405to load IPv6 firewall rules at startup. 406If the kernel was not built with 407.Cd "options IPV6FIREWALL" , 408the 409.Pa ip6fw.ko 410kernel module will be loaded. 411.It Va firewall_script 412.Pq Vt str 413The full path to the firewall script to run 414(default 415.Pa /etc/rc.firewall ) . 416.It Va ipv6_firewall_script 417.Pq Vt str 418The IPv6 equivalent of 419.Va firewall_script . 420.It Va firewall_type 421.Pq Vt str 422Names the firewall type from the selection in 423.Pa /etc/rc.firewall , 424or the file which contains the local firewall ruleset. 425Valid selections from 426.Pa /etc/rc.firewall 427are: 428.Pp 429.Bl -tag -width ".Li simple" -compact 430.It Li open 431unrestricted IP access 432.It Li closed 433all IP services disabled, except via 434.Dq Li lo0 435.It Li client 436basic protection for a workstation on a LAN 437.It Li simple 438alias for 439.Li client . 440.El 441.Pp 442If a filename is specified, the full path must be given. 443.It Va firewall_trusted_nets 444.Pq Vt str 445List of trusted networks (if 446.Va firewall_type 447is set to 448.Li client ) . 449.It Va firewall_trusted_interfaces 450.Pq Vt str 451List of trusted network interfaces (if 452.Va firewall_type 453is set to 454.Li client ) . 455.It Va firewall_allowed_icmp_types 456.Pq Vt str 457List of allowed ICMP types (if 458.Va firewall_type 459is set to 460.Li client ) . 461.It Va firewall_open_tcp_ports 462.Pq Vt str 463List of TCP ports to open (if 464.Va firewall_type 465is set to 466.Li client ) . 467.It Va firewall_open_udp_ports 468.Pq Vt str 469List of UDP ports to open (if 470.Va firewall_type 471is set to 472.Li client ) . 473.It Va ipv6_firewall_type 474.Pq Vt str 475The IPv6 equivalent of 476.Va firewall_type . 477.It Va firewall_quiet 478.Pq Vt bool 479Set to 480.Dq Li YES 481to disable the display of firewall rules on the console during boot. 482.It Va ipv6_firewall_quiet 483.Pq Vt bool 484The IPv6 equivalent of 485.Va firewall_quiet . 486.It Va firewall_logging 487.Pq Vt bool 488Set to 489.Dq Li YES 490to enable firewall event logging. 491This is equivalent to the 492.Dv IPFIREWALL_VERBOSE 493kernel option. 494.It Va ipv6_firewall_logging 495.Pq Vt bool 496The IPv6 equivalent of 497.Va firewall_logging . 498.It Va firewall_flags 499.Pq Vt str 500Flags passed to 501.Xr ipfw 8 502if 503.Va firewall_type 504specifies a filename. 505.It Va ipv6_firewall_flags 506.Pq Vt str 507The IPv6 equivalent of 508.Va firewall_flags . 509.It Va ipfw3_enable 510.Pq Vt bool 511Set to 512.Dq Li YES 513to enable 514.Xr ipfw3 8 . 515.It Va ipfw3_program 516.Pq Vt str 517Path to 518.Xr ipfw3 8 . 519.It Va ipfw3_script 520.Pq Vt str 521The full path to the shell script to run to set up the ipfw3 522firewall rules (default 523.Pa /etc/ipfw3.rules ) . 524.It Va ipfw3_modules 525.Pq Vt str 526List of ipfw3 modules to be loaded before executing the above 527.Va ipfw3_script . 528(default 529.Dq Li ipfw3 ipfw3_basic ) . 530.It Va natd_program 531.Pq Vt str 532Path to 533.Xr natd 8 . 534.It Va natd_enable 535.Pq Vt bool 536Set to 537.Dq Li YES 538to enable 539.Xr natd 8 . 540.Va firewall_enable 541must also be set to 542.Dq Li YES , 543and 544.Xr divert 4 545sockets must be enabled in the kernel. 546.It Va natd_interface 547.Pq Vt str 548This is the name of the public interface on which 549.Xr natd 8 550should run. 551The interface may be given as an interface name or as an IP address. 552.It Va natd_flags 553.Pq Vt str 554Additional 555.Xr natd 8 556flags should be placed here. 557The 558.Fl n 559or 560.Fl a 561flag is automatically added with the above 562.Va natd_interface 563as an argument. 564.It Va tcp_extensions 565.Pq Vt bool 566Set to 567.Dq Li YES 568by default. 569Setting this to 570.Dq Li NO 571disables certain TCP options as described by 572.Rs 573.%T "RFC 1323" 574.Re 575Setting this to 576.Dq Li NO 577might help remedy such problems with connections as randomly hanging 578or other weird behavior. 579Some network devices are known to be broken with respect to these options. 580.It Va log_in_vain 581.Pq Vt int 582Set to 0 by default. 583The 584.Xr sysctl 8 585variables, 586.Va net.inet.tcp.log_in_vain 587and 588.Va net.inet.udp.log_in_vain , 589as described in 590.Xr tcp 4 591and 592.Xr udp 4 , 593are set to the given value. 594.It Va tcp_keepalive 595.Pq Vt bool 596Set to 597.Dq Li YES 598by default. 599Setting to 600.Dq Li NO 601will disable probing idle TCP connections to verify that the 602peer is still up and reachable. 603.It Va tcp_drop_synfin 604.Pq Vt bool 605Set to 606.Dq Li NO 607by default. 608Setting to 609.Dq Li YES 610will cause the kernel to ignore TCP frames that have both 611the SYN and FIN flags set. 612This prevents OS fingerprinting, but may break some legitimate applications. 613This option is only available if the kernel was built with the 614.Dv TCP_DROP_SYNFIN 615option. 616.It Va icmp_drop_redirect 617.Pq Vt bool 618Set to 619.Dq Li NO 620by default. 621Setting to 622.Dq Li YES 623will cause the kernel to ignore ICMP REDIRECT packets. 624Refer to 625.Xr icmp 4 626for more information. 627.It Va icmp_log_redirect 628.Pq Vt bool 629Set to 630.Dq Li NO 631by default. 632Setting to 633.Dq Li YES 634will cause the kernel to log ICMP REDIRECT packets. 635Note that 636the log messages are not rate-limited, so this option should only be used 637for troubleshooting networks. 638Refer to 639.Xr icmp 4 640for more information. 641.It Va icmp_bmcastecho 642.Pq Vt bool 643Set to 644.Dq Li YES 645to respond to broadcast or multicast ICMP ping packets. 646Refer to 647.Xr icmp 4 648for more information. 649.It Va ip_portrange_first 650.Pq Vt int 651If not set to 652.Dq Li NO , 653this is the first port in the default portrange. 654Refer to 655.Xr ip 4 656for more information. 657.It Va ip_portrange_last 658.Pq Vt int 659If not set to 660.Dq Li NO , 661this is the last port in the default portrange. 662Refer to 663.Xr ip 4 664for more information. 665.\" 666.It Va ifconfig_ Ns Aq Ar interface 667.Pq Vt str 668Configuration for 669.Dq interface . 670Typically includes IP address. 671Assuming that the interface in question was 672.Li ed0 , 673it might look something like this: 674.Bd -literal 675ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 676.Ed 677.Pp 678If the 679.Pa /etc/start_if. Ns Aq Ar interface 680file is present, it is read and executed by the 681.Xr sh 1 682interpreter before configuring the interface as specified in the 683.Va ifconfig_ Ns Aq Ar interface 684and 685.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 686variables. 687.Pp 688It is possible to bring up an interface with DHCP by adding 689.Dq Li DHCP 690to the 691.Va ifconfig_ Ns Aq Ar interface 692variable. 693For instance, to initialize the 694.Li ed0 695device via DHCP, it is possible to use something like: 696.Bd -literal 697ifconfig_ed0="DHCP" 698.Ed 699.Pp 700If a 701.Va vlans_ Ns Aq Ar interface 702variable is set, 703a 704.Xr vlan 4 705interface will be created for each item in the list with the 706.Ar vlandev 707argument set to 708.Ar interface . 709If a vlan interface's name is a number, 710then that number is used as the vlan tag and the new vlan interface is 711named 712.Ar interface . Ns Ar tag . 713Otherwise, 714the vlan tag must be specified via a 715.Va vlan 716parameter in the 717.Va create_args_ Ns Aq Ar interface 718variable. 719.Pp 720To create a vlan device named 721.Li em0.101 722on 723.Li em0 724with the vlan tag 101 and the optional the IPv4 address 192.0.2.1/24: 725.Bd -literal 726vlans_em0="101" 727ifconfig_em0_101="inet 192.0.2.1/24" 728.Ed 729.Pp 730To create a vlan device named 731.Li myvlan 732on 733.Li em0 734with the vlan tag 102: 735.Bd -literal 736vlans_em0="myvlan" 737create_args_myvlan="vlan 102" 738.Ed 739.Pp 740If a 741.Va wlans_ Ns Aq Ar interface 742variable is set, 743an 744.Xr wlan 4 745interface will be created for each item in the list with the 746.Ar wlandev 747argument set to 748.Ar interface . 749Further wlan cloning arguments may be passed to the 750.Xr ifconfig 8 751.Cm create 752command by setting the 753.Va create_args_ Ns Aq Ar interface 754variable. 755One or more 756.Xr wlan 4 757devices must be created for each wireless devices as of 758.Dx 2.5 . 759Debugging flags for 760.Xr wlan 4 761devices as set by 762.Xr wlandebug 8 763may be specified with an 764.Va wlandebug_ Ns Aq Ar interface 765variable. 766The contents of this variable will be passed directly to 767.Xr wlandebug 8 . 768.Pp 769Also, if your interface needs WPA authentication, it is possible to add 770.Dq Li WPA 771to the 772.Va ifconfig_ Ns Aq Ar interface 773variable. 774This will start 775.Xr wpa_supplicant 8 . 776See 777.Xr wpa_supplicant.conf 5 778for configuring authentication information. 779But see also 780.Va wpa_supplicant_enable . 781.Pp 782Finally, you can add 783.Xr ifconfig 8 784options in this variable, in addition to the 785.Pa /etc/start_if. Ns Aq Ar interface 786file. 787For instance, to initialize the 788.Li wi0 789device via DHCP, using WPA authentication and 802.11b mode, it is 790possible to use something like: 791.Bd -literal 792wlans_wi0="wlan0" 793ifconfig_wlan0="up DHCP WPA mode 11b" 794.Ed 795.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 796.Pq Vt str 797Configuration to establish an additional network address for 798.Dq interface . 799Assuming that the interface in question was 800.Li ed0 , 801it might look something like this: 802.Bd -literal 803ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 804ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 805.Ed 806.Pp 807And so on. 808For each 809.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 810entry that is found, its contents are passed to 811.Xr ifconfig 8 . 812Execution stops at the first unsuccessful access, so if 813something like this is present: 814.Bd -literal 815ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 816ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 817ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 818ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 819.Ed 820.Pp 821Then note that alias4 would 822.Em not 823be added since the search would stop with the missing alias3 entry. 824.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 825.Pq Vt str 826New name for 827.Dq interface . 828It is possible to rename interface by doing: 829.Bd -literal 830ifconfig_ed0_name="net0" 831ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 832.Ed 833.It Va netif_enable 834.Pq Vt bool 835Set to 836.Dq Li YES 837by default. 838Setting to 839.Dq Li NO 840will disable the configuration of network interfaces. 841.It Va network_interfaces 842.Pq Vt str 843The list of network interfaces to configure on this host, 844or 845.Dq Li auto 846to configure all network interfaces 847(default 848.Dq Li auto ) . 849For example, if the only network devices to be configured are the loopback device 850.Pq Li lo0 851and a NIC using the 852.Xr em 4 853driver, this could be set to 854.Dq Li "lo0 em0" . 855An 856.Va ifconfig_ Ns Aq Ar interface 857variable is assumed to exist for each value of 858.Ar interface . 859.It Va ipv6_network_interfaces 860.Pq Vt str 861This is the IPv6 equivalent of 862.Va network_interfaces . 863Instead of setting the ifconfig variables as 864.Va ifconfig_ Ns Aq Ar interface 865they should be set as 866.Va ipv6_ifconfig_ Ns Aq Ar interface . 867Aliases should be set as 868.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 869Interfaces that do not have a 870.Va ipv6_ifconfig_ Ns Aq Ar interface 871setting will be auto configured by 872.Xr rtsol 8 873if the 874.Va ipv6_gateway_enable 875is set to 876.Dq Li NO . 877Note that the IPv6 networking code does not support the 878.Pa /etc/start_if. Ns Aq Ar interface 879files. 880.It Va ipv6_prefix_ Ns Aq Ar interface 881.Pq Vt str 882Assign prefix to 883.Ar interface , 884prefixlen 64 is used. 885.It Va ipv6_default_interface 886.Pq Vt str 887If not set to 888.Dq Li NO , 889this is the default output interface for scoped addresses. 890Now this works only for IPv6 link local multicast addresses. 891.It Va ip6addrctl_enable 892.Pq Vt bool 893This variable is to enable configuring the default address selection policy table 894.Pq RFC 3484 . 895The default value is 896.Dq Li YES , 897and the policy table to be installed is specified by the 898.Va ip6addrctl_policy 899variable below. 900.It Va ip6addrctl_policy 901.Pq Vt str 902This variable specifies the policy table to be installed, 903and can be one of the following keywords: 904.Dq Li ipv4_prefer , 905.Dq Li ipv6_prefer , 906or 907.Dq Li AUTO 908(default). 909.Pp 910If 911.Dq Li ipv4_prefer 912or 913.Dq Li ipv6_prefer 914is specified, 915.Xr ip6addrctl 8 916installs a pre-defined policy table described in Section 2.1 917.Pq IPv6-preferred 918or 10.3 919.Pq IPv4-preferred 920of RFC 3484. 921.Pp 922If 923.Dq Li AUTO 924is specified, it attempts to read a file 925.Pa /etc/ip6addrctl.conf 926first. 927If this file is found, 928.Xr ip6addrctl 8 929reads and installs it. 930If not found, a policy is automatically set 931according to 932.Va ipv6_enable 933variable; if the variable is set to 934.Dq Li YES 935the IPv6-preferred one is used. 936Otherwise IPv4-preferred. 937.It Va ip6addrctl_verbose 938.Pq Vt bool 939If set to 940.Dq Li YES , 941print the installed policy table after configuring. 942The default value is 943.Dq Li NO . 944.It Va cloned_interfaces 945.Pq Vt str 946Set to the list of clonable network interfaces to create on this host. 947Entries in 948.Va cloned_interfaces 949are automatically appended to 950.Va network_interfaces 951for configuration. 952.It Va gif_interfaces 953.Pq Vt str 954Set to the list of 955.Xr gif 4 956tunnel interfaces to configure on this host. 957A 958.Va gifconfig_ Ns Aq Ar interface 959variable is assumed to exist for each value of 960.Ar interface . 961The value of this variable is used to configure the link layer of the 962tunnel according to the syntax of the 963.Cm tunnel 964option to 965.Xr ifconfig 8 . 966Additionally, this option ensures that each listed interface is created via the 967.Cm create 968option to 969.Xr ifconfig 8 970before attempting to configure it. 971.It Va sppp_interfaces 972.Pq Vt str 973Set to the list of 974.Xr sppp 4 975interfaces to configure on this host. 976A 977.Va spppconfig_ Ns Aq Ar interface 978variable is assumed to exist for each value of 979.Ar interface . 980Each interface should also be configured by a general 981.Va ifconfig_ Ns Aq Ar interface 982setting. 983Refer to 984.Xr spppcontrol 8 985for more information about available options. 986.It Va ppp_enable 987.Pq Vt bool 988If set to 989.Dq Li YES , 990run the 991.Xr ppp 8 992daemon. 993.It Va ppp_mode 994.Pq Vt str 995Mode in which to run the 996.Xr ppp 8 997daemon. 998Accepted modes are 999.Dq Li auto , 1000.Dq Li ddial , 1001.Dq Li direct 1002and 1003.Dq Li dedicated . 1004See the manual for a full description. 1005.It Va ppp_nat 1006.Pq Vt bool 1007If set to 1008.Dq Li YES , 1009enables network address translation. 1010Used in conjunction with 1011.Va gateway_enable 1012allows hosts on private network addresses access to the Internet using 1013this host as a network address translating router. 1014.It Va ppp_profile 1015.Pq Vt str 1016The name of the profile to use from 1017.Pa /etc/ppp/ppp.conf . 1018Also used for per-profile overrides of 1019.Va ppp_ Ns Ao Ar profile Ac Ns _unit . 1020Where the profile contains any of the characters 1021.Dq Li .-/+ 1022they are translated to 1023.Dq Li _ 1024for the purposes of the override variable names. 1025.It Va ppp_ Ns Ao Ar profile Ac Ns _unit 1026.Pq Vt int 1027Set the unit number to be used for this profile. 1028See the manual description of 1029.Fl unit Ns Ar N 1030in 1031.Xr ppp 8 1032for details. 1033.It Va ppp_user 1034.Pq Vt str 1035The name of the user under which 1036.Xr ppp 8 1037should be started. 1038By default, 1039.Xr ppp 8 1040is started as 1041.Dq Li root . 1042.It Va wg_enable 1043.Pq Vt bool 1044Set to 1045.Dq Li YES 1046to configure the 1047.Xr wg 4 1048interfaces specified in 1049.Va wg_interfaces 1050below. 1051.It Va wg_interfaces 1052.Pq Vt str 1053Specify the list of 1054.Xr wg 4 1055interfaces to configure. 1056Each listed interface is configured according to its config file at 1057.Pa /etc/wireguard/ Ns Ao Ar interface Ac Ns Pa .conf . 1058Refer to 1059.Xr wg.conf 5 1060for more information. 1061.It Va wg_config_dir 1062.Pq Vt str 1063Specify the directory to find the config files for the 1064.Xr wg 4 1065interfaces listed in 1066.Va wg_interfaces . 1067The default is 1068.Pa /etc/wireguard . 1069.It Va fsck_y_enable 1070.Pq Vt bool 1071If set to 1072.Dq Li YES , 1073.Xr fsck 8 1074will be run with the 1075.Fl y 1076flag if the initial preen of the file systems fails. 1077.It Va netfs_types 1078.Pq Vt str 1079List of file system types that are network-based. 1080This list should generally not be modified by end users. 1081Use 1082.Va extra_netfs_types 1083instead. 1084.It Va extra_netfs_types 1085.Pq Vt str 1086If set to something other than 1087.Dq Li NO 1088(the default), this variable extends the list of file system types 1089for which automatic mounting at startup by 1090.Xr rc 8 1091should be delayed until the network is initialized. 1092It should contain 1093a whitespace-separated list of network file system descriptor pairs, 1094each consisting of a file system type as passed to 1095.Xr mount 8 1096and a human-readable, one-word description, joined with a colon 1097.Pq Ql \&: . 1098Extending the default list in this way is only necessary 1099when third party file system types are used. 1100.It Va devfs_config_files 1101.Pq Vt str 1102This option is used to specify a list of configuration files containing 1103.Xr devfs 5 1104rules that will be applied by 1105.Xr devfsctl 8 1106in the order in which they are specified and must include the full path 1107to the file. 1108.It Va tmpfs_var_run 1109.Pq Vt bool 1110If set to 1111.Dq Li YES , 1112a 1113.Xr tmpfs 5 1114will be mounted at 1115.Pa /var/run . 1116Necessary directories under there will be automatically created. 1117.It Va tmpfs_tmp 1118.Pq Vt bool 1119If set to 1120.Dq Li YES , 1121a 1122.Xr tmpfs 5 1123will be mounted at 1124.Pa /tmp . 1125.It Va syslogd_enable 1126.Pq Vt bool 1127If set to 1128.Dq Li YES , 1129run the 1130.Xr syslogd 8 1131daemon. 1132.It Va syslogd_program 1133.Pq Vt str 1134Path to 1135.Xr syslogd 8 1136(default 1137.Pa /usr/sbin/syslogd ) . 1138.It Va syslogd_flags 1139.Pq Vt str 1140If 1141.Va syslogd_enable 1142is set to 1143.Dq Li YES , 1144these are the flags to pass to 1145.Xr syslogd 8 . 1146.It Va inetd_enable 1147.Pq Vt bool 1148If set to 1149.Dq Li YES , 1150run the 1151.Xr inetd 8 1152daemon. 1153.It Va inetd_program 1154.Pq Vt str 1155Path to 1156.Xr inetd 8 1157(default 1158.Pa /usr/sbin/inetd ) . 1159.It Va inetd_flags 1160.Pq Vt str 1161If 1162.Va inetd_enable 1163is set to 1164.Dq Li YES , 1165these are the flags to pass to 1166.Xr inetd 8 . 1167.It Va rwhod_enable 1168.Pq Vt bool 1169If set to 1170.Dq Li YES , 1171run the 1172.Xr rwhod 8 1173daemon at boot time. 1174.It Va rwhod_flags 1175.Pq Vt str 1176If 1177.Va rwhod_enable 1178is set to 1179.Dq Li YES , 1180these are the flags to pass to it. 1181.It Va update_motd 1182.Pq Vt bool 1183If set to 1184.Dq Li YES , 1185.Pa /etc/motd 1186will be updated at boot time to reflect the kernel release being run. 1187If set to 1188.Dq Li NO , 1189.Pa /etc/motd 1190will not be updated. 1191.It Va nfs_client_enable 1192.Pq Vt bool 1193If set to 1194.Dq Li YES , 1195setup NFS client parameters at boot time. 1196.It Va nfs_access_cache 1197.Pq Vt int 1198If 1199.Va nfs_client_enable 1200is set to 1201.Dq Li YES , 1202this can be set to 1203.Dq Li 0 1204to disable NFS ACCESS RPC caching, or to the number of seconds for which 1205NFS ACCESS results should be cached. 1206A value of 2-10 seconds will substantially reduce network traffic for 1207many NFS operations. 1208The default is 5 seconds. 1209Note that the attribute cache holds stat information only. 1210The NFS data cache is independent of the attribute cache and is only 1211invalidated when the client detects that the server has modified the 1212underlying file. 1213This value specifies a maximum timeout. 1214The NFS client will automatically use a shorter timeout for files which 1215have been recently modified. 1216.It Va nfs_neg_cache 1217.Pq Vt int 1218If 1219.Va nfs_client_enable 1220is set to 1221.Dq Li YES , 1222this can be set to 1223.Dq Li 0 1224to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1225filenames), or to the number of seconds for which negative lookups should 1226be cached. 1227A value of 2-10 seconds will substantially reduce network 1228traffic for many NFS operations, especially source code builds. 1229The default is 3 seconds. 1230.It Va nfs_server_enable 1231.Pq Vt bool 1232If set to 1233.Dq Li YES , 1234run the NFS server daemons at boot time. 1235.It Va nfs_server_flags 1236.Pq Vt str 1237If 1238.Va nfs_server_enable 1239is set to 1240.Dq Li YES , 1241these are the flags to pass to the 1242.Xr nfsd 8 1243daemon. 1244.It Va mountd_enable 1245.Pq Vt bool 1246If set to 1247.Dq Li YES , 1248and no 1249.Va nfs_server_enable 1250is set, start 1251.Xr mountd 8 , 1252but not 1253.Xr nfsd 8 1254daemon. 1255It is commonly needed to run CFS without real NFS used. 1256.It Va mountd_flags 1257.Pq Vt str 1258If 1259.Va mountd_enable 1260is set to 1261.Dq Li YES , 1262these are the flags to pass to the 1263.Xr mountd 8 1264daemon. 1265.It Va weak_mountd_authentication 1266.Pq Vt bool 1267If set to 1268.Dq Li YES , 1269allow services like PCNFSD to make non-privileged mount requests. 1270.It Va nfs_reserved_port_only 1271.Pq Vt bool 1272If set to 1273.Dq Li YES , 1274provide NFS services only on a secure port. 1275.It Va nfs_bufpackets 1276.Pq Vt int 1277If set to a number, indicates the number of packets worth of 1278socket buffer space to reserve on an NFS client. 1279The kernel default is typically 4. 1280Using a higher number may be useful on gigabit networks to improve performance. 1281The minimum value is 2 and the maximum is 64. 1282.It Va rpc_umntall_enable 1283.Pq Vt bool 1284If set to 1285.Dq Li YES 1286(default) and we are also an NFS client, run 1287.Xr rpc.umntall 8 1288at boot time to clear out old mounts on remote servers. 1289If set to 1290.Dq Li NO 1291then 1292.Xr rpc.umntall 8 1293will not be run at boot time. 1294.It Va rpc_lockd_enable 1295.Pq Vt bool 1296If set to 1297.Dq Li YES 1298and also an NFS server, run 1299.Xr rpc.lockd 8 1300at boot time. 1301.It Va rpc_lockd_flags 1302.Pq Vt str 1303If 1304.Va rpc_lockd_enable 1305is set to 1306.Dq Li YES , 1307these are the flags to pass to 1308.Xr rpc.lockd 8 . 1309.It Va rpc_statd_enable 1310.Pq Vt bool 1311If set to 1312.Dq Li YES 1313and also an NFS server, run 1314.Xr rpc.statd 8 1315at boot time. 1316.It Va rpc_statd_flags 1317.Pq Vt str 1318If 1319.Va rpc_statd_enable 1320is set to 1321.Dq Li YES , 1322these are the flags to pass to 1323.Xr rpc.statd 8 . 1324.It Va rpcbind_program 1325.Pq Vt str 1326Path to program for rpcbind daemon 1327(default 1328.Pa /usr/sbin/rpcbind ) . 1329.It Va rpcbind_enable 1330.Pq Vt bool 1331If set to 1332.Dq Li YES , 1333run 1334.Va rpcbind_program 1335at boot time. 1336.It Va rpcbind_flags 1337.Pq Vt str 1338If 1339.Va rpcbind_enable 1340is set to 1341.Dq Li YES , 1342these are the flags to pass to 1343.Va rpcbind_program . 1344.It Va keyserv_enable 1345.Pq Vt bool 1346If set to 1347.Dq Li YES , 1348run the 1349.Xr keyserv 8 1350daemon on boot for running Secure RPC. 1351.It Va keyserv_flags 1352.Pq Vt str 1353If 1354.Va keyserv_enable 1355is set to 1356.Dq Li YES , 1357these are the flags to pass to 1358.Xr keyserv 8 1359daemon. 1360.It Va pppoed_enable 1361.Pq Vt bool 1362If set to 1363.Dq Li YES , 1364run the 1365.Xr pppoed 8 1366daemon at boot time to provide PPP over Ethernet services. 1367.It Va pppoed_provider 1368.Pq Vt str 1369.Xr pppoed 8 1370listens to requests to this provider and ultimately runs 1371.Xr ppp 8 1372with a 1373.Ar system 1374argument of the same name. 1375.It Va pppoed_flags 1376.Pq Vt str 1377Additional flags to pass to 1378.Xr pppoed 8 . 1379.It Va pppoed_interface 1380.Pq Vt str 1381The network interface to run 1382.Xr pppoed 8 1383on. 1384This is mandatory when 1385.Va pppoed_enable 1386is set to 1387.Dq Li YES . 1388.It Va dntpd_enable 1389.Pq Vt bool 1390If set to 1391.Dq Li YES , 1392run 1393.Xr dntpd 8 1394at system boot time. 1395.It Va dntpd_program 1396.Pq Vt str 1397Path to 1398.Xr dntpd 8 1399(default 1400.Pa /usr/sbin/dntpd ) . 1401.It Va dntpd_flags 1402.Pq Vt str 1403If 1404.Va dntpd_enable 1405is set to 1406.Dq Li YES , 1407these are the flags to pass to the 1408.Xr dntpd 8 1409daemon. 1410.It Va btconfig_enable 1411.Pq Vt bool 1412If set to 1413.Dq Li YES , 1414configure Bluetooth devices via 1415.Xr btconfig 8 1416at system boot time. 1417.It Va btconfig_devices 1418.Pq Vt str 1419If 1420.Va btconfig_enable 1421is set to 1422.Dq Li YES , 1423this is the list of Bluetooth devices to configure. 1424If 1425.Va btconfig_devices 1426is not specified, all devices known to the system will be configured. 1427A 1428.Va btconfig_ Ns Aq Ar device 1429variable can be set to specify parameters to be passed to 1430.Ar device . 1431.It Va btconfig_args 1432.Pq Vt str 1433If 1434.Va btconfig_enable 1435is set to 1436.Dq Li YES , 1437this is the list of configuration parameters to pass to all Bluetooth 1438devices. 1439.It Va sdpd_enable 1440.Pq Vt bool 1441If set to 1442.Dq Li YES , 1443run the Service Discovery Profile daemon 1444.Xr ( sdpd 8 ) 1445at system boot time. 1446.It Va sdpd_flags 1447.Pq Vt str 1448If 1449.Va sdpd_enable 1450is set to 1451.Dq Li YES , 1452these are the flags to pass to the 1453.Xr sdpd 8 1454daemon. 1455.It Va bthcid_enable 1456.Pq Vt bool 1457If set to 1458.Dq Li YES , 1459run the Bluetooth Link Key/PIN Code Manager daemon 1460.Xr ( bthcid 8 ) 1461at system boot time. 1462.It Va bthcid_flags 1463.Pq Vt str 1464If 1465.Va bthcid_enable 1466is set to 1467.Dq Li YES , 1468these are the flags to pass to the 1469.Xr bthcid 8 1470daemon. 1471.It Va nis_client_enable 1472.Pq Vt bool 1473If set to 1474.Dq Li YES , 1475run the 1476.Xr ypbind 8 1477service at system boot time. 1478.It Va nis_client_flags 1479.Pq Vt str 1480If 1481.Va nis_client_enable 1482is set to 1483.Dq Li YES , 1484these are the flags to pass to the 1485.Xr ypbind 8 1486service. 1487.It Va nis_ypset_enable 1488.Pq Vt bool 1489If set to 1490.Dq Li YES , 1491run the 1492.Xr ypset 8 1493daemon at system boot time. 1494.It Va nis_ypset_flags 1495.Pq Vt str 1496If 1497.Va nis_ypset_enable 1498is set to 1499.Dq Li YES , 1500these are the flags to pass to the 1501.Xr ypset 8 1502daemon. 1503.It Va nis_server_enable 1504.Pq Vt bool 1505If set to 1506.Dq Li YES , 1507run the 1508.Xr ypserv 8 1509daemon at system boot time. 1510.It Va nis_server_flags 1511.Pq Vt str 1512If 1513.Va nis_server_enable 1514is set to 1515.Dq Li YES , 1516these are the flags to pass to the 1517.Xr ypserv 8 1518daemon. 1519.It Va nis_ypxfrd_enable 1520.Pq Vt bool 1521If set to 1522.Dq Li YES , 1523run the 1524.Xr rpc.ypxfrd 8 1525daemon at system boot time. 1526.It Va nis_ypxfrd_flags 1527.Pq Vt str 1528If 1529.Va nis_ypxfrd_enable 1530is set to 1531.Dq Li YES , 1532these are the flags to pass to the 1533.Xr rpc.ypxfrd 8 1534daemon. 1535.It Va nis_yppasswdd_enable 1536.Pq Vt bool 1537If set to 1538.Dq Li YES , 1539run the 1540.Xr rpc.yppasswdd 8 1541daemon at system boot time. 1542.It Va nis_yppasswdd_flags 1543.Pq Vt str 1544If 1545.Va nis_yppasswdd_enable 1546is set to 1547.Dq Li YES , 1548these are the flags to pass to the 1549.Xr rpc.yppasswdd 8 1550daemon. 1551.It Va rpc_ypupdated_enable 1552.Pq Vt bool 1553If set to 1554.Dq Li YES , 1555run the 1556.Nm rpc.ypupdated 1557daemon at system boot time. 1558.It Va defaultrouter 1559.Pq Vt str 1560If not set to 1561.Dq Li NO , 1562create a default route to this host name or IP address 1563(use an IP address if this router is also required to get to the 1564name server!). 1565.It Va ipv6_defaultrouter 1566.Pq Vt str 1567The IPv6 equivalent of 1568.Va defaultrouter . 1569.It Va static_routes 1570.Pq Vt str 1571Set to the list of static routes that are to be added at system boot time. 1572If not set to 1573.Dq Li NO 1574then for each whitespace separated 1575.Ar element 1576in the value, a 1577.Va route_ Ns Aq Ar element 1578variable is assumed to exist whose contents will later be passed to a 1579.Dq Nm route Cm add 1580operation. 1581.It Va change_routes 1582.Pq Vt str 1583Set to the list of static routes that are to be changed at system boot time 1584(such as those added by the kernel). 1585If not set to 1586.Dq Li NO 1587then for each whitespace separated 1588.Ar element 1589in the value, a 1590.Va change_route_ Ns Aq Ar element 1591variable is assumed to exist whose contents will later be passed to a 1592.Dq Nm route Cm change 1593operation. 1594.It Va ipv6_static_routes 1595.Pq Vt str 1596The IPv6 equivalent of 1597.Va static_routes . 1598If not set to 1599.Dq Li NO 1600then for each whitespace separated 1601.Ar element 1602in the value, a 1603.Va ipv6_route_ Ns Aq Ar element 1604variable is assumed to exist whose contents will later be passed to a 1605.Dq Nm route Cm add Fl inet6 1606operation. 1607.It Va gateway_enable 1608.Pq Vt bool 1609If set to 1610.Dq Li YES , 1611configure host to act as an IP router, e.g. to forward packets 1612between interfaces. 1613.It Va ipv6_gateway_enable 1614.Pq Vt bool 1615The IPv6 equivalent of 1616.Va gateway_enable . 1617.It Va router_enable 1618.Pq Vt bool 1619If set to 1620.Dq Li YES , 1621run a routing daemon of some sort, based on the settings of 1622.Va router_program 1623and 1624.Va router_flags . 1625.It Va ipv6_router_enable 1626.Pq Vt bool 1627The IPv6 equivalent of 1628.Va router_enable . 1629If set to 1630.Dq Li YES , 1631run a routing daemon of some sort, based on the settings of 1632.Va ipv6_router_program 1633and 1634.Va ipv6_router_flags . 1635.It Va router_program 1636.Pq Vt str 1637If 1638.Va router_enable 1639is set to 1640.Dq Li YES , 1641this is the name of the routing daemon to use 1642(default 1643.Pa /sbin/routed ) . 1644.It Va ipv6_router_program 1645.Pq Vt str 1646The IPv6 equivalent of 1647.Va router_program 1648(default 1649.Pa /sbin/route6d ) . 1650.It Va router_flags 1651.Pq Vt str 1652If 1653.Va router_enable 1654is set to 1655.Dq Li YES , 1656these are the flags to pass to the routing daemon. 1657.It Va ipv6_router_flags 1658.Pq Vt str 1659The IPv6 equivalent of 1660.Va router_flags . 1661.It Va rtadvd_enable 1662.Pq Vt bool 1663If set to 1664.Dq Li YES , 1665run the 1666.Xr rtadvd 8 1667daemon at boot time. 1668.Xr rtadvd 8 1669will only run if 1670.Va ipv6_gateway_enable 1671is also set to 1672.Dq Li YES . 1673The 1674.Xr rtadvd 8 1675utility sends router advertisement packets to the interfaces specified in 1676.Va rtadvd_interfaces . 1677.Xr rtadvd 8 1678and should only be enabled with great care. 1679You may want to fine-tune 1680.Xr rtadvd.conf 5 . 1681.It Va rtadvd_interfaces 1682.Pq Vt str 1683If 1684.Va rtadvd_enable 1685is set to 1686.Dq Li YES 1687this is the list of interfaces to use. 1688.It Va rtsold_enable 1689.Pq Vt bool 1690If set to 1691.Dq Li YES , 1692run the 1693.Xr rtsold 8 1694daemon at boot time. 1695The 1696.Xr rtsold 8 1697daemon is used for automatic discovery of non-link local addresses. 1698.It Va rtsold_flags 1699.Pq Vt str 1700If 1701.Va rtsold_enable 1702is set to 1703.Dq Li YES , 1704these are the flags to pass to the 1705.Xr rtsold 8 1706daemon. 1707.It Va arpproxy_all 1708.Pq Vt bool 1709If set to 1710.Dq Li YES , 1711enable global proxy ARP. 1712.It Va forward_sourceroute 1713.Pq Vt bool 1714If set to 1715.Dq Li YES 1716and 1717.Va gateway_enable 1718is also set to 1719.Dq Li YES , 1720source-routed packets are forwarded. 1721.It Va accept_sourceroute 1722.Pq Vt bool 1723If set to 1724.Dq Li YES , 1725the system will accept source-routed packets directed at it. 1726.It Va rarpd_enable 1727.Pq Vt bool 1728If set to 1729.Dq Li YES , 1730run the 1731.Xr rarpd 8 1732daemon at system boot time. 1733.It Va rarpd_flags 1734.Pq Vt str 1735If 1736.Va rarpd_enable 1737is set to 1738.Dq Li YES , 1739these are the flags to pass to the 1740.Xr rarpd 8 1741daemon. 1742.It Va wpa_supplicant_enable 1743.Pq Vt bool 1744If set to 1745.Dq Li YES , 1746run the 1747.Xr wpa_supplicant 8 1748daemon in 1749.Dq interface matching mode 1750at system boot time. 1751.It Va wpa_supplicant_program 1752.Pq Vt str 1753Path to 1754.Xr wpa_supplicant 8 . 1755.It Va wpa_supplicant_flags 1756.Pq Vt str 1757If 1758.Va wpa_supplicant_enable 1759is set to 1760.Dq Li YES , 1761these are the flags to pass to the 1762.Xr wpa_supplicant 8 1763daemon. 1764.It Va bootparamd_enable 1765.Pq Vt bool 1766If set to 1767.Dq Li YES , 1768run the 1769.Xr bootparamd 8 1770daemon at system boot time. 1771.It Va bootparamd_flags 1772.Pq Vt str 1773If 1774.Va bootparamd_enable 1775is set to 1776.Dq Li YES , 1777these are the flags to pass to the 1778.Xr bootparamd 8 1779daemon. 1780.It Va stf_interface_ipv4addr 1781.Pq Vt str 1782If not set to 1783.Dq Li NO , 1784this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1785Specify this entry to enable the 6to4 interface. 1786.It Va stf_interface_ipv4plen 1787.Pq Vt int 1788Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1789An effective value is 0-31. 1790.It Va stf_interface_ipv6_ifid 1791.Pq Vt str 1792IPv6 interface ID for 1793.Xr stf 4 . 1794This can be set to 1795.Dq Li AUTO . 1796.It Va stf_interface_ipv6_slaid 1797.Pq Vt str 1798IPv6 Site Level Aggregator for 1799.Xr stf 4 . 1800.It Va keybell 1801.Pq Vt str 1802The keyboard bell sound. 1803Set to 1804.Dq Li normal , 1805.Dq Li visual , 1806.Dq Li off , 1807or 1808.Dq Li NO 1809if the default behavior is desired. 1810For details, refer to the 1811.Xr kbdcontrol 1 1812manpage. 1813.It Va keymap 1814.Pq Vt str 1815If set to 1816.Dq Li NO , 1817no keymap is installed, otherwise the value is used to install 1818the keymap file in 1819.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1820.It Va keyrate 1821.Pq Vt str 1822The keyboard repeat speed. 1823Set to 1824.Dq Li slow , 1825.Dq Li normal , 1826.Dq Li fast , 1827or 1828.Dq Li NO 1829if the default behavior is desired. 1830.It Va keychange 1831.Pq Vt str 1832If not set to 1833.Dq Li NO , 1834attempt to program the function keys with the value. 1835The value should be a single string of the form: 1836.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 1837.It Va cursor 1838.Pq Vt str 1839Can be set to the value of 1840.Dq Li normal , 1841.Dq Li blink , 1842.Dq Li destructive , 1843or 1844.Dq Li NO 1845to set the cursor behavior explicitly or choose the default behavior. 1846.It Va scrnmap 1847.Pq Vt str 1848If set to 1849.Dq Li NO , 1850no screen map is installed, otherwise the value is used to install 1851the screen map file in 1852.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 1853.It Va font8x16 1854.Pq Vt str 1855If set to 1856.Dq Li NO , 1857the default 8x16 font value is used for screen size requests, otherwise 1858the value in 1859.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1860is used. 1861.It Va font8x14 1862.Pq Vt str 1863If set to 1864.Dq Li NO , 1865the default 8x14 font value is used for screen size requests, otherwise 1866the value in 1867.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1868is used. 1869.It Va font8x8 1870.Pq Vt str 1871If set to 1872.Dq Li NO , 1873the default 8x8 font value is used for screen size requests, otherwise 1874the value in 1875.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1876is used. 1877.It Va blanktime 1878.Pq Vt int 1879If set to 1880.Dq Li NO , 1881the default screen blanking interval is used, otherwise it is set to 1882.Ar value 1883seconds. 1884.It Va saver 1885.Pq Vt str 1886If not set to 1887.Dq Li NO , 1888this is the actual screen saver to use 1889.Li ( blank , snake , daemon , 1890etc). 1891.It Va moused_nondefault_enable 1892.Pq Vt str 1893If set to 1894.Dq Li NO , 1895the mouse device specified on 1896the command line is not automatically treated as enabled by the 1897.Pa /etc/rc.d/moused 1898script. 1899Having this variable set to 1900.Dq Li YES 1901allows a 1902.Xr usb 4 1903mouse, 1904for example, 1905to be enabled as soon as it is plugged in. 1906.It Va moused_enable 1907.Pq Vt str 1908If set to 1909.Dq Li YES , 1910the 1911.Xr moused 8 1912daemon is started for doing cut/paste selection on the console. 1913.It Va moused_type 1914.Pq Vt str 1915If 1916.Va moused_enable 1917is set to 1918.Dq Li YES , 1919this is the protocol type of the mouse connected to this host. 1920The default type is 1921.Dq Li auto . 1922The 1923.Xr moused 8 1924daemon 1925is able to detect the appropriate mouse type automatically in many cases. 1926Leave this variable at the default 1927.Dq Li auto 1928to let the daemon detect it, or 1929select one from the following list if the automatic detection fails. 1930.Pp 1931If the mouse is attached to the PS/2 mouse port, leave the variable at the 1932default 1933.Dq Li auto 1934or set it to 1935.Dq Li ps/2 , 1936regardless of the brand and model of the mouse. 1937Likewise, if the mouse is attached to the bus mouse port, leave it at 1938.Dq Li auto 1939or set it to 1940.Dq Li busmouse . 1941All other protocols are for serial mice and will not work with 1942the PS/2 and bus mice. 1943If this is a USB mouse, 1944.Dq Li auto 1945is the only protocol type which will work. 1946.Pp 1947.Bl -tag -width ".Li x10mouseremote" -compact 1948.It Li microsoft 1949Microsoft mouse (serial) 1950.It Li intellimouse 1951Microsoft IntelliMouse (serial) 1952.It Li mousesystems 1953Mouse systems Corp. mouse (serial) 1954.It Li mmseries 1955MM Series mouse (serial) 1956.It Li logitech 1957Logitech mouse (serial) 1958.It Li busmouse 1959A bus mouse 1960.It Li mouseman 1961Logitech MouseMan and TrackMan (serial) 1962.It Li glidepoint 1963ALPS GlidePoint (serial) 1964.It Li thinkingmouse 1965Kensington ThinkingMouse (serial) 1966.It Li ps/2 1967PS/2 mouse 1968.It Li mmhittab 1969MM HitTablet (serial) 1970.It Li x10mouseremote 1971X10 MouseRemote (serial) 1972.It Li versapad 1973Interlink VersaPad (serial) 1974.El 1975.Pp 1976Even if the mouse is not in the above list, it may be compatible 1977with one in the list. 1978Refer to the man page for 1979.Xr moused 8 1980for compatibility information. 1981.Pp 1982It should also be noted that while this is enabled, any 1983other client of the mouse (such as an X server) should access 1984the mouse through the virtual mouse device, 1985.Pa /dev/sysmouse , 1986and configure it as a 1987.Dq Li sysmouse 1988type mouse, since all 1989mouse data is converted to this single canonical format when using 1990.Xr moused 8 . 1991If the client program does not support the 1992.Dq Li sysmouse 1993type, specify the 1994.Dq Li mousesystems 1995type. 1996It is the second preferred type. 1997.It Va moused_port 1998.Pq Vt str 1999If 2000.Va moused_enable 2001is set to 2002.Dq Li YES , 2003this is the actual port the mouse is on. 2004It might be 2005.Pa /dev/cuaa0 2006for a COM1 serial mouse or 2007.Pa /dev/psm0 2008for a PS/2 mouse, for example. 2009.It Va moused_flags 2010.Pq Vt str 2011If 2012.Va moused_type 2013is set, these are the additional flags to pass to the 2014.Xr moused 8 2015daemon. 2016.It Va mousechar_start 2017.Pq Vt int 2018If set to 2019.Dq Li NO , 2020the default mouse cursor character range 2021.Li 0xd0 Ns - Ns Li 0xd3 2022is used, otherwise the range start is set to 2023.Ar value 2024character, see 2025.Xr vidcontrol 1 . 2026Use if the default range is occupied in the language code table. 2027.It Va vidhistory 2028.Pq Vt int 2029Set the size of the history (scrollback) buffer in lines. 2030.It Va allscreens_flags 2031.Pq Vt str 2032If set, 2033.Xr vidcontrol 1 2034is run with these options for each of the virtual terminals 2035.Pq Pa /dev/ttyv* . 2036For example, 2037.Dq Fl m Cm on 2038will enable the mouse pointer on all virtual terminals if 2039.Va moused_enable 2040is set to 2041.Dq Li YES . 2042.It Va allscreens_kbdflags 2043.Pq Vt str 2044If set, 2045.Xr kbdcontrol 1 2046is run with these options for each of the virtual terminals 2047.Pq Pa /dev/ttyv* . 2048For example, 2049.Dq Fl h Li 200 2050will set the 2051.Xr syscons 4 2052scrollback (history) buffer to 200 lines. 2053.It Va cron_enable 2054.Pq Vt bool 2055If set to 2056.Dq Li YES , 2057run the 2058.Xr cron 8 2059daemon at system boot time. 2060.It Va cron_program 2061.Pq Vt str 2062Path to 2063.Xr cron 8 2064(default 2065.Pa /usr/sbin/cron ) . 2066.It Va cron_flags 2067.Pq Vt str 2068If 2069.Va cron_enable 2070is set to 2071.Dq Li YES , 2072these are the flags to pass to 2073.Xr cron 8 . 2074.It Va lpd_program 2075.Pq Vt str 2076Path to 2077.Xr lpd 8 2078(default 2079.Pa /usr/sbin/lpd ) . 2080.It Va lpd_enable 2081.Pq Vt bool 2082If set to 2083.Dq Li YES , 2084run the 2085.Xr lpd 8 2086daemon at system boot time. 2087.It Va lpd_flags 2088.Pq Vt str 2089If 2090.Va lpd_enable 2091is set to 2092.Dq Li YES , 2093these are the flags to pass to the 2094.Xr lpd 8 2095daemon. 2096.It Va nscd_enable 2097.Pq Vt bool 2098If set to 2099.Dq Li YES , 2100run the 2101.Xr nscd 8 2102daemon at system boot time. 2103.It Va mixer_enable 2104.Pq Vt bool 2105If set to 2106.Dq Li YES , 2107preserve 2108.Xr mixer 8 2109settings across reboots. 2110.It Va mta_start_script 2111.Pq Vt str 2112The full path to the script to run to start 2113a mail transfer agent. 2114The default is 2115.Pa /etc/rc.sendmail . 2116The 2117.Va sendmail_* 2118variables which 2119.Pa /etc/rc.sendmail 2120uses are documented in the 2121.Xr rc.sendmail 8 2122man page. 2123.It Va fixbootfile 2124.Pq Vt bool 2125In a 2126.Sq HAMMER ROOT with UFS /boot 2127setup, the boot loader will not set up the 2128.Va kern.bootfile 2129sysctl correctly. 2130The system will attempt to fix this on its own. 2131Set this variable to 2132.Dq Li NO 2133to turn this behavior off. 2134.It Va dumpdev 2135.Pq Vt str 2136Indicates the device (usually a swap partition) to which a crash dump 2137should be written in the event of a system crash. 2138The value of this variable is passed as the argument to 2139.Xr dumpon 8 2140and 2141.Xr savecore 8 . 2142To disable crash dumps, set this variable to 2143.Dq Li NO . 2144.It Va dumpdir 2145.Pq Vt str 2146When the system reboots after a crash and a crash dump is found on the 2147device specified by the 2148.Va dumpdev 2149variable, 2150.Xr savecore 8 2151will save that crash dump and a copy of the kernel to the directory 2152specified by the 2153.Va dumpdir 2154variable. 2155The default value is 2156.Pa /var/crash . 2157Set to 2158.Dq Li NO 2159to not run 2160.Xr savecore 8 2161at boot time when 2162.Va dumpdir 2163is set. 2164.It Va savecore_flags 2165.Pq Vt str 2166If crash dumps are enabled, these are the flags to pass to the 2167.Xr savecore 8 2168utility. 2169.It Va crashinfo_enable 2170.Pq Vt bool 2171Set to 2172.Dq Li YES 2173to turn on automatic crash dump summary generation using the utility 2174specified by the 2175.Va crashinfo_program 2176variable. 2177.It Va crashinfo_program 2178.Pq Vt str 2179Program to run to generate a crash dump summary if the variable 2180.Va crashinfo_enable 2181is set to 2182.Dq Li YES . 2183The default value is 2184.Pa /usr/sbin/crashinfo . 2185.It Va enable_quotas 2186.Pq Vt bool 2187Set to 2188.Dq Li YES 2189to turn on user disk quotas on system startup via the 2190.Xr quotaon 8 2191command. 2192.It Va check_quotas 2193.Pq Vt bool 2194Set to 2195.Dq Li YES 2196to enable user disk quota checking via the 2197.Xr quotacheck 8 2198command. 2199.It Va accounting_enable 2200.Pq Vt bool 2201Set to 2202.Dq Li YES 2203to enable system accounting through the 2204.Xr accton 8 2205facility. 2206.\" ----- cleanvar_enable setting-------------------------------- 2207.It Va cleanvar_enable 2208.Pq Vt bool 2209Set to 2210.Dq Li YES 2211to have 2212.Pa /var/run , 2213.Pa /var/spool/lock 2214and 2215.Pa /var/spool/uucp/.Temp/* 2216cleaned at startup. 2217.\" ----- clear_tmp_enable setting------------------------------- 2218.It Va clear_tmp_enable 2219.Pq Vt bool 2220Set to 2221.Dq Li YES 2222to have 2223.Pa /tmp 2224cleaned at startup. 2225.\" ----- ldconfig_paths setting -------------------------------- 2226.It Va ldconfig_paths 2227.Pq Vt str 2228Set to the list of shared library paths to use with 2229.Xr ldconfig 8 . 2230NOTE: 2231.Pa /usr/lib 2232will always be added first, so it need not appear in this list. 2233.It Va ldconfig_insecure 2234.Pq Vt bool 2235The 2236.Xr ldconfig 8 2237utility normally refuses to use directories 2238which are writable by anyone except root. 2239Set this variable to 2240.Dq Li YES 2241to disable that security check during system startup. 2242.It Va ldconfig_local_dirs 2243.Pq Vt str 2244Set to the list of local 2245.Xr ldconfig 8 2246directories. 2247The names of all files in the directories listed will be 2248passed as arguments to 2249.Xr ldconfig 8 . 2250.It Va kern_securelevel 2251.Pq Vt int 2252The kernel security level to set at startup. 2253The allowed range of 2254.Ar value 2255ranges from \-1 (the compile time default) to 3 (the most secure). 2256See 2257.Xr init 8 2258for the list of possible security levels and their effect on system operation. 2259.It Va start_vinum 2260.Pq Vt bool 2261Set to 2262.Dq Li YES 2263to start 2264.Xr vinum 8 2265at system boot time. 2266.It Va sshd_enable 2267.Pq Vt bool 2268Set to 2269.Dq Li YES 2270to start 2271.Xr sshd 8 2272at system boot time. 2273.It Va sshd_program 2274.Pq Vt str 2275Path to the SSH server program 2276(default 2277.Pa /usr/sbin/sshd ) . 2278.It Va sshd_flags 2279.Pq Vt str 2280If 2281.Va sshd_enable 2282is set to 2283.Dq Li YES , 2284these are the flags to pass to the 2285.Xr sshd 8 2286daemon. 2287.It Va ftpd_enable 2288.Pq Vt bool 2289Set to 2290.Dq Li YES 2291to start 2292.Xr ftpd 8 2293at system boot time. 2294.It Va ftpd_flags 2295.Pq Vt str 2296If 2297.Va ftpd_enable 2298is set to 2299.Dq Li YES , 2300these are the flags to pass to the 2301.Xr ftpd 8 2302daemon. 2303.It Va watchdogd_enable 2304.Pq Vt bool 2305If set to 2306.Dq Li YES , 2307start the 2308.Xr watchdogd 8 2309daemon at boot time. 2310.It Va jail_enable 2311.Pq Vt bool 2312If set to 2313.Dq Li NO , 2314any configured jails will not be started. 2315.It Va jail_list 2316.Pq Vt str 2317A space separated list of names for jails. 2318This is purely a configuration aid to help identify and 2319configure multiple jails. 2320The names specified in this list will be used to 2321identify settings common to an instance of a jail. 2322Assuming that the jail in question was named 2323.Li vjail , 2324you would have the following dependent variables: 2325.Bd -literal 2326jail_vjail_hostname="jail.example.com" 2327jail_vjail_ip="192.168.1.100" 2328jail_vjail_rootdir="/var/jails/vjail/root" 2329.Ed 2330.It Va jail_flags 2331.Pq Vt str 2332Unset by default. 2333When set, use as default value for 2334.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2335for every jail in 2336.Va jail_list . 2337.It Va jail_interface 2338.Pq Vt str 2339Unset by default. 2340When set, use as default value for 2341.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2342for every jail in 2343.Va jail_list . 2344.It Va jail_fstab 2345.Pq Vt str 2346Unset by default. 2347When set, use as default value for 2348.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2349for every jail in 2350.Va jail_list . 2351.It Va jail_mount_enable 2352.Pq Vt bool 2353Set to 2354.Dq Li NO 2355by default. 2356When set to 2357.Dq Li YES , 2358sets 2359.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2360to 2361.Dq Li YES 2362by default for every jail in 2363.Va jail_list . 2364.It Va jail_procfs_enable 2365.Pq Vt bool 2366Set to 2367.Dq Li NO 2368by default. 2369When set to 2370.Dq Li YES , 2371sets 2372.Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2373to 2374.Dq Li YES 2375by default for every jail in 2376.Va jail_list . 2377.It Va jail_devfs_enable 2378.Pq Vt bool 2379Set to 2380.Dq Li NO 2381by default. 2382When set to 2383.Dq Li YES , 2384sets 2385.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2386to 2387.Dq Li YES 2388by default for every jail in 2389.Va jail_list . 2390.It Va jail_exec_start 2391.Pq Vt str 2392Unset by default. 2393When set, use as default value for 2394.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2395for every jail in 2396.Va jail_list . 2397.It Va jail_exec_stop 2398Unset by default. 2399When set, use as default value for 2400.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2401for every jail in 2402.Va jail_list . 2403.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2404.Pq Vt str 2405Unset by default. 2406Set to the root directory used by jail 2407.Va jname . 2408.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2409.Pq Vt str 2410Unset by default. 2411Set to the fully qualified domain name (FQDN) assigned to jail 2412.Va jname . 2413.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2414.Pq Vt str 2415Unset by default. 2416Set to the IP address assigned to jail 2417.Va jname . 2418.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2419.Pq Vt str 2420Set to 2421.Dq Li -l -U root 2422by default. 2423These are flags to pass to 2424.Xr jail 8 . 2425.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2426.Pq Vt str 2427Unset by default. 2428When set, sets the interface to use when setting IP address alias. 2429Note that the alias is created at jail startup and removed at jail shutdown. 2430.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2431.Pq Vt str 2432Set to 2433.Pa /etc/fstab. Ns Aq Ar jname 2434by default. 2435This is the file system information file to use for jail 2436.Va jname . 2437.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2438.Pq Vt bool 2439Set to 2440.Dq Li NO 2441by default. 2442When set to 2443.Dq Li YES , 2444mount all file systems from 2445.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2446at jail startup. 2447.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2448.Pq Vt bool 2449Set to 2450.Dq Li NO 2451by default. 2452When set to 2453.Dq Li YES , 2454mount the process file system inside jail 2455.Ar jname 2456at jail startup. 2457.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2458.Pq Vt bool 2459Set to 2460.Dq Li NO 2461by default. 2462When set to 2463.Dq Li YES , 2464mount the device file system inside jail 2465.Ar jname 2466at jail startup. 2467.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2468.Pq Vt str 2469Set to 2470.Dq Li /bin/sh /etc/rc 2471by default. 2472This is the command executed at jail startup. 2473.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2474.Pq Vt str 2475Set to 2476.Dq Li /bin/sh /etc/rc.shutdown 2477by default. 2478This is the command executed at jail shutdown. 2479.It Va jail_default_set_hostname_allow 2480.Pq Vt bool 2481If set to 2482.Dq Li NO , 2483do not allow the root user in a jail to set its hostname. 2484.It Va jail_default_socket_unixiproute_only 2485.Pq Vt bool 2486If set to 2487.Dq Li YES , 2488do not allow any sockets, 2489besides UNIX/IP/route sockets, 2490to be used within a jail. 2491.It Va jail_default_sysvipc_allow 2492.Pq Vt bool 2493If set to 2494.Dq Li YES , 2495allow applications within a jail to use System V IPC. 2496.It Va jail_default_chflags_allow 2497.Pq Vt bool 2498If set to 2499.Dq Li YES , 2500allow applications within a jail to alter system file flags. 2501.It Va jail_default_raw_sockets_allow 2502.Pq Vt bool 2503If set to 2504.Dq Li YES , 2505allow applications within a jail to user raw sockets. 2506.It Va jail_default_allow_listen_override 2507.Pq Vt bool 2508If set to 2509.Dq Li YES , 2510 allows both wildcard and non-wildcard listen sockets in the jail to 2511override wildcard listen sockets on the host. 2512.It Va lvm_enable 2513.Pq Vt bool 2514If set to 2515.Dq Li YES 2516LVM volumes will be discovered and configured on boot. 2517.It Va newsyslog_enable 2518.Pq Vt bool 2519If set to 2520.Dq Li YES , 2521run 2522.Xr newsyslog 8 2523before syslogd starts. 2524.It Va newsyslog_flags 2525.Pq Vt str 2526If 2527.Va newsyslog_enable 2528is set to 2529.Dq Li YES , 2530these are the flags passed to 2531.Xr newsyslog 8 . 2532.It Va resident_enable 2533.Pq Vt bool 2534If set to 2535.Dq Li YES , 2536make the dynamic binaries listed in 2537.Pa /etc/resident.conf 2538resident. 2539.It Va varsym_enable 2540.Pq Vt bool 2541If set to 2542.Dq Li YES , 2543process 2544.Pa /etc/varsym.conf 2545to set system-wide variables for variant symlinks. 2546.It Va rand_irqs 2547.Pq Vt str 2548Set either to 2549.Dq Li NO 2550or a whitespace separated list of IRQ numbers which will be used as a source of 2551randomness. 2552.\" ----------------------------------------------------- 2553.It Va entropy_dir 2554.Pq Vt str 2555Set to 2556.Dq Li NO 2557to disable caching entropy via 2558.Xr cron 8 . 2559Otherwise set to the directory used to store entropy files in. 2560.It Va entropy_file 2561.Pq Vt str 2562Set to 2563.Dq Li NO 2564to disable caching entropy through reboots. 2565Otherwise set to the filename used to store cached entropy through reboots. 2566This file should be located on the root file system to seed the 2567.Xr random 4 2568device as early as possible in the boot process. 2569.It Va entropy_save_sz 2570.Pq Vt int 2571Determines the size of the entropy cache files used for entropy cached 2572through reboots and also entropy cached via 2573.Xr cron 8 . 2574The entropy is fed to the system in blocks of 512 bytes, so this number 2575should be large enough to fill as many of the entropy pools in the kernel 2576CSPRNG as possible. 2577By default, it is set to 16384, which should be able to seed all 32 entropy 2578pools in the Fortuna CSPRNG. 2579.It Va dmesg_enable 2580.Pq Vt bool 2581Set to 2582.Dq Li YES 2583to save 2584.Xr dmesg 8 2585to 2586.Pa /var/run/dmesg.boot 2587on boot. 2588.It Va rcshutdown_timeout 2589.Pq Vt int 2590If set, start a watchdog timer in the background which will terminate 2591.Pa rc.shutdown 2592if 2593.Xr shutdown 8 2594has not completed within the specified time (in seconds). 2595Notice that in addition to this soft timeout, 2596.Xr init 8 2597also applies a hard timeout for the execution of 2598.Pa rc.shutdown . 2599This is configured via 2600.Xr sysctl 8 2601variable 2602.Va kern.init_shutdown_timeout 2603and defaults to 120 seconds. Setting the value of 2604.Va rcshutdown_timeout 2605to more than 120 seconds will have no effect until the 2606.Xr sysctl 8 2607variable 2608.Va kern.init_shutdown_timeout 2609is also increased. 2610.It Va udevd_enable 2611.Pq Vt bool 2612If set to 2613.Dq Li YES , 2614the udevd daemon will be started on boot. 2615.It Va vfs_quota_enable 2616.Pq Vt bool 2617If set to 2618.Dq Li YES , 2619vfs quota rc.d scripts will be run on boot. 2620.It Va vfs_quota_sync 2621.Pq Vt str 2622List of mount points whose counters are to be synchronized with on-disk 2623usage during system startup. 2624See also 2625.Xr vquota 8 . 2626.It Va vknetd_enable 2627.Pq Vt bool 2628If set to 2629.Dq Li YES , 2630.Xr vknetd 8 2631will be started on boot. 2632.It Va vknetd_flags 2633.Pq Vt bool 2634Additional flags passed to 2635.Xr vknetd 8 . 2636Usually address/cidrbits is specified here. 2637When no flags are passed, default option 2638.Fl U 2639will be used. 2640.It Va vkernel_enable 2641.Pq Vt bool 2642If set to 2643.Dq Li NO , 2644any configured vkernels will not be started. 2645.It Va vkernel_kill_timeout 2646.Pq Vt int 2647This defines the default number of seconds that we will wait for the 2648vkernel to shut down on its own. 2649If after this time it's still alive, 2650it will be killed with SIGKILL. 2651.It Va vkernel_bin 2652.Pq Vt str 2653Defines the default path to the vkernel binary. 2654.It Va vkernel_list 2655.Pq Vt str 2656A space separated list of names for vkernels. 2657This is purely a configuration aid to help identify and 2658configure multiple vkernels. 2659The names specified in this list will be used to 2660identify settings common to a vkernel instance. 2661Assuming that the vkernel in question was named 2662.Li example , 2663you would have the following dependent variables 2664(filled with reference values in this text): 2665.Bd -literal 2666vkernel_example_bin="/usr/obj/usr/src/sys/VKERNEL64/kernel.debug" 2667vkernel_example_memsize="64m" 2668vkernel_example_rootimg_list="/var/vkernel/rootimg.01" 2669vkernel_example_memimg="/var/vkernel/memimg.000001" 2670vkernel_example_user="myuser" 2671vkernel_example_iface_list="auto:bridge0" 2672vkernel_example_logfile="/dev/null" 2673vkernel_example_flags="-U" 2674vkernel_example_kill_timeout="45" 2675.Ed 2676.Pp 2677The last six are optional. 2678They default to an empty string if not set, except for logfile which defaults to 2679.Pa /dev/null 2680if it is not set. 2681.Pp 2682Note that in case 2683.Va vkernel_memimg 2684is not set, the 2685.Pa rc.d 2686script will create 2687.Pa /var/vkernel , 2688which is the vkernel's default directory for memory images, 2689with permissions of 1777, i.e. world writable with the sticky bit set 2690(see 2691.Xr sticky 8 ) . 2692.It Va autofs_enable 2693.Pq Vt bool 2694If set to 2695.Dq Li YES , 2696start the 2697.Xr automount 8 2698utility and the 2699.Xr automountd 8 2700and 2701.Xr autounmountd 8 2702daemons at boot time. 2703.It Va automount_flags 2704.Pq Vt str 2705If 2706.Va autofs_enable 2707is set to 2708.Dq Li YES , 2709these are the flags to pass to the 2710.Xr automount 8 2711program. 2712By default no flags are passed. 2713.It Va automountd_flags 2714.Pq Vt str 2715If 2716.Va autofs_enable 2717is set to 2718.Dq Li YES , 2719these are the flags to pass to the 2720.Xr automountd 8 2721daemon. 2722By default no flags are passed. 2723.It Va autounmountd_flags 2724.Pq Vt str 2725If 2726.Va autofs_enable 2727is set to 2728.Dq Li YES , 2729these are the flags to pass to the 2730.Xr autounmountd 8 2731daemon. 2732By default no flags are passed. 2733.El 2734.Sh FILES 2735.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2736.It Pa /etc/defaults/rc.conf 2737.It Pa /etc/rc.conf 2738.It Pa /etc/rc.conf.local 2739.It Pa /etc/start_if. Ns Aq Ar interface 2740.El 2741.Sh SEE ALSO 2742.Xr gdb 1 , 2743.Xr info 1 , 2744.Xr kbdcontrol 1 , 2745.Xr varsym 1 , 2746.Xr vidcontrol 1 , 2747.Xr ip 4 , 2748.Xr ipfw 4 , 2749.Xr kld 4 , 2750.Xr pf 4 , 2751.Xr tcp 4 , 2752.Xr udp 4 , 2753.Xr vlan 4 , 2754.Xr wg 4 , 2755.Xr autofs 5 , 2756.Xr auto_master 5 , 2757.Xr exports 5 , 2758.Xr motd 5 , 2759.Xr resident.conf 5 , 2760.Xr varsym.conf 5 , 2761.Xr accton 8 , 2762.Xr automount 8 , 2763.Xr automountd 8 , 2764.Xr autounmountd 8 , 2765.Xr btconfig 8 , 2766.Xr bthcid 8 , 2767.Xr cron 8 , 2768.Xr devd 8 , 2769.Xr dhclient 8 , 2770.Xr dhcpcd 8 , 2771.Xr dntpd 8 , 2772.Xr ftpd 8 , 2773.Xr ifconfig 8 , 2774.Xr inetd 8 , 2775.Xr ip6addrctl 8 , 2776.Xr jail 8 , 2777.Xr lpd 8 , 2778.Xr makewhatis 8 , 2779.Xr mixer 8 , 2780.Xr mountd 8 , 2781.Xr moused 8 , 2782.Xr nfsd 8 , 2783.Xr pcnfsd 8 , 2784.Xr pfctl 8 , 2785.Xr pflogd 8 , 2786.Xr quotacheck 8 , 2787.Xr quotaon 8 , 2788.Xr rc 8 , 2789.Xr rc.sendmail 8 , 2790.Xr resident 8 , 2791.Xr rndcontrol 8 , 2792.Xr route 8 , 2793.Xr routed 8 , 2794.Xr rpcbind 8 , 2795.Xr rpc.lockd 8 , 2796.Xr rpc.statd 8 , 2797.Xr rtadvd 8 , 2798.Xr rtsold 8 , 2799.Xr rwhod 8 , 2800.Xr savecore 8 , 2801.Xr sdpd 8 , 2802.Xr sensorsd 8 , 2803.Xr sshd 8 , 2804.Xr swapon 8 , 2805.Xr sysctl 8 , 2806.Xr syslogd 8 , 2807.Xr sysvipcd 8 , 2808.Xr vinum 8 , 2809.Xr wpa_supplicant 8 , 2810.Xr yp 8 , 2811.Xr ypbind 8 , 2812.Xr ypserv 8 , 2813.Xr ypset 8 2814.Sh HISTORY 2815The 2816.Nm 2817file appeared in 2818.Fx 2.2.2 . 2819.Sh AUTHORS 2820.An Jordan K. Hubbard . 2821