1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" $DragonFly: src/share/man/man5/rc.conf.5,v 1.57 2008/02/17 19:51:53 swildner Exp $ 27.Dd January 30, 2008 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/rc.conf 53file is included from the file 54.Pa /etc/defaults/rc.conf , 55which specifies the default settings for all the available options. 56Options need only be specified in 57.Pa /etc/rc.conf 58when the system administrator wishes to override these defaults. 59The file 60.Pa /etc/rc.conf.local 61is used to override settings in 62.Pa /etc/rc.conf 63for historical reasons. 64See the 65.Va rc_conf_files 66variable below. 67.Pp 68The following list provides a name and short description for each 69variable that can be set in the 70.Nm 71file. 72To set a variable of 73.Vt bool 74type, specify either 75.Dq Li YES , 76.Dq Li TRUE , 77.Dq Li ON , 78or 79.Dq Li 1 . 80To unset, specify 81.Dq Li NO , 82.Dq Li FALSE , 83.Dq Li OFF , 84or 85.Dq Li 0 . 86These values are case insensitive. 87The 88.Va _enable 89postfix in the name of a variables for starting a service can be 90omitted (as in 91.Nx ) . 92.Bl -tag -width indent-two 93.It Va rc_debug 94.Pq Vt bool 95If set to 96.Dq Li YES , 97enable output of debug messages from rc scripts. 98This variable can be helpful in diagnosing mistakes when 99editing or integrating new scripts. 100Beware that this produces copious output to the terminal and 101.Xr syslog 3 . 102.It Va rc_info 103.Pq Vt bool 104If set to 105.Dq Li NO , 106disable informational messages from the rc scripts. 107Informational messages are displayed when 108a condition that is not serious enough to warrant a warning or an error occurs. 109.It Va swapfile 110.Pq Vt str 111If set to 112.Dq Li NO , 113no swapfile is installed, otherwise the value is used as the full 114pathname to a file to use for additional swap space. 115.It Va apm_enable 116.Pq Vt bool 117If set to 118.Dq Li YES , 119enable support for Automatic Power Management with the 120.Xr apm 8 121command. 122.It Va apmd_enable 123.Pq Vt bool 124Run 125.Xr apmd 8 126to handle APM event from userland. 127This also enables support for APM. 128.It Va apmd_flags 129.Pq Vt str 130If 131.Va apmd_enable 132is set to 133.Dq Li YES , 134these are the flags to pass to the 135.Xr apmd 8 136daemon. 137.It Va battd_enable 138Enable 139.Xr battd 8 140to monitor the status of batteries present in the system. 141This also enables support for APM. 142.It Va battd_flags 143.Pq Vt str 144If 145.Va battd_enable 146is set to 147.Dq Li YES , 148these are the flags to pass to the 149.Xr battd 8 150daemon. 151.It Va sensorsd_enable 152.Pq Vt bool 153Set to 154.Dq Li NO 155by default. 156Setting this to 157.Dq Li YES 158enables 159.Xr sensorsd 8 , 160a sensors monitoring and logging daemon. 161.It Va sensorsd_flags 162.Pq Vt str 163Empty by default. 164This variable contains additional flags passed to the 165.Xr sensorsd 8 166program. 167.It Va pccard_ifconfig 168.Pq Vt str 169List of arguments to be passed to 170.Xr ifconfig 8 171at boot time or on insertion of the card (e.g.\& 172.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 173for a fixed address or 174.Dq Li DHCP 175for a DHCP client). 176.It Va pccard_ether_delay 177.Pq Vt str 178Set the delay before starting 179.Xr dhclient 8 180in the 181.Pa /etc/pccard_ether 182script. 183This defaults to 5 seconds to work around a bug in the 184.Xr ed 4 185driver which can lead to system hangs when using some newer 186.Xr ed 4 187based cards. 188.It Va removable_interfaces 189.Pq Vt str 190List of removable network interfaces to be supported by 191.Pa /etc/pccard_ether . 192.It Va local_startup 193.Pq Vt str 194List of directories to search for startup script files. 195.It Va script_name_sep 196.Pq Vt str 197The field separator to use for breaking down the list of startup script files 198into individual filenames. 199The default is a space. 200It is not necessary to change this unless there are startup scripts with names 201containing spaces. 202.It Va hostapd_enable 203.Pq Vt bool 204Set to 205.Dq Li YES 206to start 207.Xr hostapd 8 208at system boot time. 209.It Va hostname 210.Pq Vt str 211The fully qualified domain name (FQDN) of this host on the network. 212This should almost certainly be set to something meaningful, even if 213there is no network connection. 214If 215.Xr dhclient 8 216is used to set the hostname via DHCP, 217this variable should be set to an empty string. 218.It Va ipv6_enable 219.Pq Vt bool 220Enable support for IPv6 networking. 221Note that this requires that the kernel have been compiled with 222.Cd "options INET6" . 223.It Va nisdomainname 224.Pq Vt str 225The NIS domain name of this host, or 226.Dq Li NO 227if NIS is not used. 228.It Va dhclient_program 229.Pq Vt str 230Path to the DHCP client program 231.Pa ( /sbin/dhclient , 232the ISC DHCP client, is the default). 233.It Va dhclient_flags 234.Pq Vt str 235Additional flags to pass to the DHCP client program. 236For the ISC DHCP client, see the 237.Xr dhclient 8 238manpage for a description of the command line options available. 239.\".It Va background_dhclient 240.\".Pq Vt bool 241.\"Set to 242.\".Dq Li YES 243.\"to start the DHCP client in background. 244.\"This can cause trouble with applications depending on 245.\"a working network, but it will provide a faster startup in many cases. 246.It Va dhcpd_enable 247.Pq Vt bool 248Set to 249.Dq Li YES 250to run 251.Xr dhcpd 8 252at system boot time. 253.It Va dhcrelay_enable 254.Pq Vt bool 255Set to 256.Dq Li YES 257to run 258.Xr dhcrelay 8 259.It Va pf_enable 260.Pq Vt bool 261Set to 262.Dq Li YES 263to load 264.Xr pf 4 265at startup. 266If the kernel was not built with 267.Cd "device pf" , 268the 269.Pa pf.ko 270kernel module will be loaded. 271See also 272.Va firewall_enable 273and 274.Va ipfilter_enable . 275.It Va pf_rules 276.Pq Vt str 277Path to the 278.Xr pf 4 279ruleset definition file. 280.It Va pf_program 281.Pq Vt str 282Path to 283.Xr pfctl 8 . 284.It Va pf_flags 285.Pq Vt str 286If 287.Va pf_enable 288is set to 289.Dq Li YES , 290these are the flags to pass to 291.Xr pfctl 8 292when loading the ruleset. 293.It Va pflog_enable 294.Pq Vt bool 295Set this to 296.Dq Li YES 297to enable 298.Xr pflogd 8 299which logs packets from 300.Xr pf 4 . 301.It Va pflog_logfile 302.Pq Vt str 303If 304.Va pflog_enable 305is set to 306.Dq Li YES 307this specifies the path of the log file. 308.It Va pflog_program 309.Pq Vt str 310Path to 311.Xr pflogd 8 . 312.It Va pflog_flags 313.Pq Vt str 314If 315.Va pflog_enable 316is set to 317.Dq Li YES , 318these are the flags to pass to 319.Xr pflogd 8 . 320.It Va firewall_enable 321.Pq Vt bool 322Set to 323.Dq Li YES 324to load firewall rules at startup. 325If the kernel was not built with 326.Cd "options IPFIREWALL" , 327the 328.Pa ipfw.ko 329kernel module will be loaded. 330See also 331.Va pf_enable 332and 333.Va ipfilter_enable . 334.It Va ipv6_firewall_enable 335.Pq Vt bool 336The IPv6 equivalent of 337.Va firewall_enable . 338Set to 339.Dq Li YES 340to load IPv6 firewall rules at startup. 341If the kernel was not built with 342.Cd "options IPV6FIREWALL" , 343the 344.Pa ip6fw.ko 345kernel module will be loaded. 346.It Va firewall_script 347.Pq Vt str 348This variable specifies the full path to the firewall script to run. 349The default is 350.Pa /etc/rc.firewall . 351.It Va ipv6_firewall_script 352.Pq Vt str 353The IPv6 equivalent of 354.Va firewall_script . 355.It Va firewall_type 356.Pq Vt str 357Names the firewall type from the selection in 358.Pa /etc/rc.firewall , 359or the file which contains the local firewall ruleset. 360Valid selections from 361.Pa /etc/rc.firewall 362are: 363.Pp 364.Bl -tag -width ".Li simple" -compact 365.It Li open 366unrestricted IP access 367.It Li closed 368all IP services disabled, except via 369.Dq Li lo0 370.It Li client 371basic protection for a workstation on a LAN 372.It Li simple 373alias for 374.Li client . 375.El 376.Pp 377If a filename is specified, the full path must be given. 378.It Va firewall_trusted_nets 379.Pq Vt str 380List of trusted networks (if 381.Va firewall_type 382is set to 383.Li client ) . 384.It Va firewall_trusted_interfaces 385.Pq Vt str 386List of trusted network interfaces (if 387.Va firewall_type 388is set to 389.Li client ) . 390.It Va firewall_allowed_icmp_types 391.Pq Vt str 392List of allowed ICMP types (if 393.Va firewall_type 394is set to 395.Li client ) . 396.It Va firewall_open_tcp_ports 397.Pq Vt str 398List of TCP ports to open (if 399.Va firewall_type 400is set to 401.Li client ) . 402.It Va firewall_open_udp_ports 403.Pq Vt str 404List of UDP ports to open (if 405.Va firewall_type 406is set to 407.Li client ) . 408.It Va ipv6_firewall_type 409.Pq Vt str 410The IPv6 equivalent of 411.Va firewall_type . 412.It Va firewall_quiet 413.Pq Vt bool 414Set to 415.Dq Li YES 416to disable the display of firewall rules on the console during boot. 417.It Va ipv6_firewall_quiet 418.Pq Vt bool 419The IPv6 equivalent of 420.Va firewall_quiet . 421.It Va firewall_logging 422.Pq Vt bool 423Set to 424.Dq Li YES 425to enable firewall event logging. 426This is equivalent to the 427.Dv IPFIREWALL_VERBOSE 428kernel option. 429.It Va ipv6_firewall_logging 430.Pq Vt bool 431The IPv6 equivalent of 432.Va firewall_logging . 433.It Va firewall_flags 434.Pq Vt str 435Flags passed to 436.Xr ipfw 8 437if 438.Va firewall_type 439specifies a filename. 440.It Va ipv6_firewall_flags 441.Pq Vt str 442The IPv6 equivalent of 443.Va firewall_flags . 444.It Va natd_program 445.Pq Vt str 446Path to 447.Xr natd 8 . 448.It Va natd_enable 449.Pq Vt bool 450Set to 451.Dq Li YES 452to enable 453.Xr natd 8 . 454.Va firewall_enable 455must also be set to 456.Dq Li YES , 457and 458.Xr divert 4 459sockets must be enabled in the kernel. 460.It Va natd_interface 461.Pq Vt str 462This is the name of the public interface on which 463.Xr natd 8 464should run. 465The interface may be given as an interface name or as an IP address. 466.It Va natd_flags 467.Pq Vt str 468Additional 469.Xr natd 8 470flags should be placed here. 471The 472.Fl n 473or 474.Fl a 475flag is automatically added with the above 476.Va natd_interface 477as an argument. 478.\" ----- ipfilter_enable setting -------------------------------- 479.It Va ipfilter_enable 480.Pq Vt bool 481Set to 482.Dq Li NO 483by default. 484Setting this to 485.Dq Li YES 486enables 487.Xr ipf 8 488packet filtering. 489.Pp 490Typical usage will require putting 491.Bd -literal 492ipfilter_enable="YES" 493ipnat_enable="YES" 494ipmon_enable="YES" 495ipfs_enable="YES" 496.Ed 497.Pp 498into 499.Pa /etc/rc.conf 500and editing 501.Pa /etc/ipf.rules 502and 503.Pa /etc/ipnat.rules 504appropriately. 505.Pp 506Note that 507.Va ipfilter_enable 508and 509.Va ipnat_enable 510can be enabled independently. 511.Va ipmon_enable 512and 513.Va ipfs_enable 514both require at least one of 515.Va ipfilter_enable 516and 517.Va ipnat_enable 518to be enabled. 519.Pp 520Having 521.Bd -literal 522options IPFILTER 523options IPFILTER_LOG 524options IPFILTER_DEFAULT_BLOCK 525.Ed 526.Pp 527in the kernel configuration file is a good idea, too. 528See also 529.Va pf_enable 530and 531.Va firewall_enable . 532.\" ----- ipfilter_program setting ------------------------------ 533.It Va ipfilter_program 534.Pq Vt str 535Path to 536.Xr ipf 8 537(default 538.Pa /sbin/ipf ) . 539.\" ----- ipfilter_rules setting -------------------------------- 540.It Va ipfilter_rules 541.Pq Vt str 542Set to 543.Pa /etc/ipf.rules 544by default. 545This variable contains the name of the filter rule definition file. 546The file is expected to be readable for the 547.Xr ipf 8 548command to execute. 549.\" ----- ipv6_ipfilter_rules setting --------------------------- 550.It Va ipv6_ipfilter_rules 551.Pq Vt str 552Set to 553.Pa /etc/ipf6.rules 554by default. 555This variable contains the IPv6 filter rule definition file. 556The file is expected to be readable for the 557.Xr ipf 8 558command to execute. 559.\" ----- ipfilter_flags setting -------------------------------- 560.It Va ipfilter_flags 561.Pq Vt str 562Empty by default. 563This variable contains flags passed to the 564.Xr ipf 8 565program. 566.\" ----- ipnat_enable setting ---------------------------------- 567.It Va ipnat_enable 568.Pq Vt bool 569Set to 570.Dq Li NO 571by default. 572Set it to 573.Dq Li YES 574to enable 575.Xr ipnat 8 576network address translation. 577See 578.Va ipfilter_enable 579for a detailed discussion. 580.\" ----- ipnat_program setting --------------------------------- 581.It Va ipnat_program 582.Pq Vt str 583Path to 584.Xr ipnat 8 585(default 586.Pa /sbin/ipnat ) . 587.\" ----- ipnat_rules setting ----------------------------------- 588.It Va ipnat_rules 589.Pq Vt str 590Set to 591.Pa /etc/ipnat.rules 592by default. 593This variable contains the name of the file 594holding the network address translation definition. 595This file is expected to be readable for the 596.Xr ipnat 8 597command to execute. 598.\" ----- ipnat_flags setting ----------------------------------- 599.It Va ipnat_flags 600.Pq Vt str 601Empty by default. 602This variable contains flags passed to the 603.Xr ipnat 8 604program. 605.\" ----- ipmon_enable setting ---------------------------------- 606.It Va ipmon_enable 607.Pq Vt bool 608Set to 609.Dq Li NO 610by default. 611Set it to 612.Dq Li YES 613to enable 614.Xr ipmon 8 615monitoring (logging 616.Xr ipf 8 617and 618.Xr ipnat 8 619events). 620Setting this variable needs setting 621.Va ipfilter_enable 622or 623.Va ipnat_enable 624too. 625See 626.Va ipfilter_enable 627for a detailed discussion. 628.\" ----- ipmon_program setting --------------------------------- 629.It Va ipmon_program 630.Pq Vt str 631Path to 632.Xr ipmon 8 633(default 634.Pa /sbin/ipmon ) . 635.\" ----- ipmon_flags setting ----------------------------------- 636.It Va ipmon_flags 637.Pq Vt str 638Set to 639.Dq Li -Ds 640by default. 641This variable contains flags passed to the 642.Xr ipmon 8 643program. 644Another typical example would be 645.Dq Fl D Pa /var/log/ipflog 646to have 647.Xr ipmon 8 648log directly to a file bypassing 649.Xr syslogd 8 . 650Make sure to adjust 651.Pa /etc/newsyslog.conf 652in such case like this: 653.Bd -literal 654/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 655.Ed 656.\" ----- ipfs_enable setting ----------------------------------- 657.It Va ipfs_enable 658.Pq Vt bool 659Set to 660.Dq Li NO 661by default. 662Set it to 663.Dq Li YES 664to enable 665.Xr ipfs 8 666saving the filter and NAT state tables during shutdown 667and reloading them during startup again. 668Setting this variable needs setting 669.Va ipfilter_enable 670or 671.Va ipnat_enable 672to 673.Dq Li YES 674too. 675See 676.Va ipfilter_enable 677for a detailed discussion. 678Note that if 679.Va kern_securelevel 680is set to 3, 681.Va ipfs_enable 682cannot be used because the raised securelevel will prevent 683.Xr ipfs 8 684from saving the state tables at shutdown time. 685.\" ----- ipfs_program setting ---------------------------------- 686.It Va ipfs_program 687.Pq Vt str 688Path to 689.Xr ipfs 8 690(default 691.Pa /sbin/ipfs ) . 692.\" ----- ipfs_flags setting ------------------------------------ 693.It Va ipfs_flags 694.Pq Vt str 695Empty by default. 696This variable contains flags passed to the 697.Xr ipfs 8 698program. 699.\" ----- end of added ipf hook --------------------------------- 700.It Va tcp_extensions 701.Pq Vt bool 702Set to 703.Dq Li YES 704by default. 705Setting this to 706.Dq Li NO 707disables certain TCP options as described by 708.Rs 709.%T "RFC 1323" 710.Re 711Setting this to 712.Dq Li NO 713might help remedy such problems with connections as randomly hanging 714or other weird behavior. 715Some network devices are known to be broken with respect to these options. 716.It Va log_in_vain 717.Pq Vt int 718Set to 0 by default. 719The 720.Xr sysctl 8 721variables, 722.Va net.inet.tcp.log_in_vain 723and 724.Va net.inet.udp.log_in_vain , 725as described in 726.Xr tcp 4 727and 728.Xr udp 4 , 729are set to the given value. 730.It Va tcp_keepalive 731.Pq Vt bool 732Set to 733.Dq Li YES 734by default. 735Setting to 736.Dq Li NO 737will disable probing idle TCP connections to verify that the 738peer is still up and reachable. 739.It Va tcp_drop_synfin 740.Pq Vt bool 741Set to 742.Dq Li NO 743by default. 744Setting to 745.Dq Li YES 746will cause the kernel to ignore TCP frames that have both 747the SYN and FIN flags set. 748This prevents OS fingerprinting, but may break some legitimate applications. 749This option is only available if the kernel was built with the 750.Dv TCP_DROP_SYNFIN 751option. 752.It Va icmp_drop_redirect 753.Pq Vt bool 754Set to 755.Dq Li NO 756by default. 757Setting to 758.Dq Li YES 759will cause the kernel to ignore ICMP REDIRECT packets. 760Refer to 761.Xr icmp 4 762for more information. 763.It Va icmp_log_redirect 764.Pq Vt bool 765Set to 766.Dq Li NO 767by default. 768Setting to 769.Dq Li YES 770will cause the kernel to log ICMP REDIRECT packets. 771Note that 772the log messages are not rate-limited, so this option should only be used 773for troubleshooting networks. 774Refer to 775.Xr icmp 4 776for more information. 777.It Va icmp_bmcastecho 778.Pq Vt bool 779Set to 780.Dq Li YES 781to respond to broadcast or multicast ICMP ping packets. 782Refer to 783.Xr icmp 4 784for more information. 785.It Va ip_portrange_first 786.Pq Vt int 787If not set to 788.Dq Li NO , 789this is the first port in the default portrange. 790Refer to 791.Xr ip 4 792for more information. 793.It Va ip_portrange_last 794.Pq Vt int 795If not set to 796.Dq Li NO , 797this is the last port in the default portrange. 798Refer to 799.Xr ip 4 800for more information. 801.It Va network_interfaces 802.Pq Vt str 803Set to the list of network interfaces to configure on this host. 804For example, if the only network devices in the system are the loopback device 805.Pq Li lo0 806and a NIC using the 807.Xr ed 4 808driver, this could be set to 809.Dq Li "lo0 ed0" . 810An 811.Va ifconfig_ Ns Aq Ar interface 812variable is also assumed to exist for each value of 813.Ar interface . 814It is also possible to add IP alias entries here in cases where 815multiple IP addresses registered against a single interface are desired. 816Assuming that the interface in question was 817.Li ed0 , 818it might look something like this: 819.Bd -literal 820ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 821ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 822.Ed 823.Pp 824And so on. 825For each 826.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 827entry that is found, its contents are passed to 828.Xr ifconfig 8 . 829Execution stops at the first unsuccessful access, so if 830something like this is present: 831.Bd -literal 832ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 833ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 834ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 835ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 836.Ed 837.Pp 838Then note that alias4 would 839.Em not 840be added since the search would stop with the missing alias3 entry. 841.Pp 842If the 843.Pa /etc/start_if. Ns Aq Ar interface 844file is present, it is read and executed by the 845.Xr sh 1 846interpreter before configuring the interface as specified in the 847.Va ifconfig_ Ns Aq Ar interface 848and 849.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 850variables. 851.Pp 852It is possible to bring up an interface with DHCP by adding 853.Dq Li DHCP 854to the 855.Va ifconfig_ Ns Aq Ar interface 856variable. 857For instance, to initialize the 858.Li ed0 859device via DHCP, it is possible to use something like: 860.Bd -literal 861ifconfig_ed0="DHCP" 862.Ed 863.Pp 864Also, if your interface needs WPA authentication, it is possible to add 865.Dq Li WPA 866to the 867.Va ifconfig_ Ns Aq Ar interface 868variable. 869This will start 870.Xr wpa_supplicant 8 . 871See 872.Xr wpa_supplicant.conf 5 873for configuring authentication information. 874.Pp 875Finally, you can add 876.Xr ifconfig 8 877options in this variable, in addition to the 878.Pa /etc/start_if. Ns Aq Ar interface 879file. 880For instance, to initialize the 881.Li wi0 882device via DHCP, using WPA authentication and 802.11b mode, it is 883possible to use something like: 884.Bd -literal 885ifconfig_wi0="up DHCP WPA mode 11b" 886.Ed 887.Pp 888It is also possible to rename interface by doing: 889.Bd -literal 890ifconfig_ed0_name="net0" 891ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 892.Ed 893.It Va ipv6_network_interfaces 894.Pq Vt str 895This is the IPv6 equivalent of 896.Va network_interfaces . 897Instead of setting the ifconfig variables as 898.Va ifconfig_ Ns Aq Ar interface 899they should be set as 900.Va ipv6_ifconfig_ Ns Aq Ar interface . 901Aliases should be set as 902.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 903.Va ipv6_prefix_ Ns Aq Ar interface 904does something. 905Interfaces that do not have a 906.Va ipv6_ifconfig_ Ns Aq Ar interface 907setting will be auto configured by 908.Xr rtsol 8 909if the 910.Va ipv6_gateway_enable 911is set to 912.Dq Li NO . 913Note that the IPv6 networking code does not support the 914.Pa /etc/start_if. Ns Aq Ar interface 915files. 916.It Va ipv6_default_interface 917.Pq Vt str 918If not set to 919.Dq Li NO , 920this is the default output interface for scoped addresses. 921Now this works only for IPv6 link local multicast addresses. 922.It Va cloned_interfaces 923.Pq Vt str 924Set to the list of clonable network interfaces to create on this host. 925Entries in 926.Va cloned_interfaces 927are automatically appended to 928.Va network_interfaces 929for configuration. 930.It Va gif_interfaces 931.Pq Vt str 932Set to the list of 933.Xr gif 4 934tunnel interfaces to configure on this host. 935A 936.Va gifconfig_ Ns Aq Ar interface 937variable is assumed to exist for each value of 938.Ar interface . 939The value of this variable is used to configure the link layer of the 940tunnel according to the syntax of the 941.Cm tunnel 942option to 943.Xr ifconfig 8 . 944Additionally, this option ensures that each listed interface is created via the 945.Cm create 946option to 947.Xr ifconfig 8 948before attempting to configure it. 949.It Va sppp_interfaces 950.Pq Vt str 951Set to the list of 952.Xr sppp 4 953interfaces to configure on this host. 954A 955.Va spppconfig_ Ns Aq Ar interface 956variable is assumed to exist for each value of 957.Ar interface . 958Each interface should also be configured by a general 959.Va ifconfig_ Ns Aq Ar interface 960setting. 961Refer to 962.Xr spppcontrol 8 963for more information about available options. 964.It Va ppp_enable 965.Pq Vt bool 966If set to 967.Dq Li YES , 968run the 969.Xr ppp 8 970daemon. 971.It Va ppp_mode 972.Pq Vt str 973Mode in which to run the 974.Xr ppp 8 975daemon. 976Accepted modes are 977.Dq Li auto , 978.Dq Li ddial , 979.Dq Li direct 980and 981.Dq Li dedicated . 982See the manual for a full description. 983.It Va ppp_nat 984.Pq Vt bool 985If set to 986.Dq Li YES , 987enables network address translation. 988Used in conjunction with 989.Va gateway_enable 990allows hosts on private network addresses access to the Internet using 991this host as a network address translating router. 992.It Va ppp_profile 993.Pq Vt str 994The name of the profile to use from 995.Pa /etc/ppp/ppp.conf . 996.It Va ppp_user 997.Pq Vt str 998The name of the user under which 999.Xr ppp 8 1000should be started. 1001By default, 1002.Xr ppp 8 1003is started as 1004.Dq Li root . 1005.It Va rc_conf_files 1006.Pq Vt str 1007This option is used to specify a list of files that will override 1008the settings in 1009.Pa /etc/defaults/rc.conf . 1010The files will be read in the order in which they are specified and should 1011include the full path to the file. 1012By default, the files specified are 1013.Pa /etc/rc.conf 1014and 1015.Pa /etc/rc.conf.local 1016.It Va fsck_y_enable 1017.Pq Vt bool 1018If set to 1019.Dq Li YES , 1020.Xr fsck 8 1021will be run with the 1022.Fl y 1023flag if the initial preen of the file systems fails. 1024.It Va netfs_types 1025.Pq Vt str 1026List of file system types that are network-based. 1027This list should generally not be modified by end users. 1028Use 1029.Va extra_netfs_types 1030instead. 1031.It Va extra_netfs_types 1032.Pq Vt str 1033If set to something other than 1034.Dq Li NO 1035(the default), this variable extends the list of file system types 1036for which automatic mounting at startup by 1037.Xr rc 8 1038should be delayed until the network is initialized. 1039It should contain 1040a whitespace-separated list of network file system descriptor pairs, 1041each consisting of a file system type as passed to 1042.Xr mount 8 1043and a human-readable, one-word description, joined with a colon 1044.Pq Ql \&: . 1045Extending the default list in this way is only necessary 1046when third party file system types are used. 1047.It Va syslogd_enable 1048.Pq Vt bool 1049If set to 1050.Dq Li YES , 1051run the 1052.Xr syslogd 8 1053daemon. 1054.It Va syslogd_program 1055.Pq Vt str 1056Path to 1057.Xr syslogd 8 1058(default 1059.Pa /usr/sbin/syslogd ) . 1060.It Va syslogd_flags 1061.Pq Vt str 1062If 1063.Va syslogd_enable 1064is set to 1065.Dq Li YES , 1066these are the flags to pass to 1067.Xr syslogd 8 . 1068.It Va inetd_enable 1069.Pq Vt bool 1070If set to 1071.Dq Li YES , 1072run the 1073.Xr inetd 8 1074daemon. 1075.It Va inetd_program 1076.Pq Vt str 1077Path to 1078.Xr inetd 8 1079(default 1080.Pa /usr/sbin/inetd ) . 1081.It Va inetd_flags 1082.Pq Vt str 1083If 1084.Va inetd_enable 1085is set to 1086.Dq Li YES , 1087these are the flags to pass to 1088.Xr inetd 8 . 1089.It Va named_enable 1090.Pq Vt bool 1091If set to 1092.Dq Li YES , 1093run the 1094.Xr named 8 1095daemon. 1096.It Va named_program 1097.Pq Vt str 1098Path to 1099.Xr named 8 1100(default 1101.Pa /usr/sbin/named ) . 1102.It Va named_flags 1103.Pq Vt str 1104If 1105.Va named_enable 1106is set to 1107.Dq Li YES , 1108these are the flags to pass to 1109.Xr named 8 . 1110.It Va named_pidfile 1111.Pq Vt str 1112This is the default path to the 1113.Xr named 8 1114daemon's PID file. 1115Change it if you change the location in 1116.Pa /etc/namedb/named.conf . 1117.It Va named_chrootdir 1118.Pq Vt str 1119The root directory for a name server run in a 1120.Xr chroot 8 1121environment. 1122If left empty 1123.Xr named 8 1124will not be run in a 1125.Xr chroot 8 1126environment. 1127.It Va kerberos5_server_enable 1128.Pq Vt bool 1129Set to 1130.Dq Li YES 1131to start a Kerberos 5 authentication server at boot time. 1132.It Va kerberos5_server_program 1133.Pq Vt str 1134If 1135.Va kerberos5_server_enable 1136is set to 1137.Dq Li YES 1138this is the path to Kerberos 5 Authentication Server. 1139.It Va kadmind5_server_enable 1140.Pq Vt bool 1141Set to 1142.Dq Li YES 1143to start 1144.Xr kadmind 8 , 1145the Kerberos 5 Administration Daemon; set to 1146.Dq Li NO 1147on a slave server. 1148.It Va kadmind5_server_program 1149.Pq Vt str 1150If 1151.Va kadmind5_server_enable 1152is set to 1153.Dq Li YES 1154this is the path to Kerberos 5 Administration Daemon. 1155.It Va kpasswdd_server_enable 1156.Pq Vt bool 1157Set to 1158.Dq Li YES 1159to start 1160.Xr kpasswdd 8 , 1161the Kerberos 5 Password-Changing Daemon; set to 1162.Dq Li NO 1163on a slave server. 1164.It Va kpasswdd_server_program 1165.Pq Vt str 1166If 1167.Va kpasswdd_server_enable 1168is set to 1169.Dq Li YES 1170this is the path to Kerberos 5 Password-Changing Daemon. 1171.It Va rwhod_enable 1172.Pq Vt bool 1173If set to 1174.Dq Li YES , 1175run the 1176.Xr rwhod 8 1177daemon at boot time. 1178.It Va rwhod_flags 1179.Pq Vt str 1180If 1181.Va rwhod_enable 1182is set to 1183.Dq Li YES , 1184these are the flags to pass to it. 1185.It Va amd_enable 1186.Pq Vt bool 1187If set to 1188.Dq Li YES , 1189run the 1190.Xr amd 8 1191daemon at boot time. 1192.It Va amd_flags 1193.Pq Vt str 1194If 1195.Va amd_enable 1196is set to 1197.Dq Li YES , 1198these are the flags to pass to it. 1199See the 1200.Xr amd 8 1201manpage for more information. 1202.It Va amd_map_program 1203.Pq Vt str 1204If set, the specified program is run to get the list of 1205.Xr amd 8 1206maps. 1207For example, if the 1208.Xr amd 8 1209maps are stored in NIS, one can set this to run 1210.Xr ypcat 1 1211to get a list of 1212.Xr amd 8 1213maps from the 1214.Pa amd.master 1215NIS map. 1216.It Va update_motd 1217.Pq Vt bool 1218If set to 1219.Dq Li YES , 1220.Pa /etc/motd 1221will be updated at boot time to reflect the kernel release being run. 1222If set to 1223.Dq Li NO , 1224.Pa /etc/motd 1225will not be updated. 1226.It Va nfs_client_enable 1227.Pq Vt bool 1228If set to 1229.Dq Li YES , 1230run the NFS client daemons at boot time. 1231.It Va nfs_client_flags 1232.Pq Vt str 1233If 1234.Va nfs_client_enable 1235is set to 1236.Dq Li YES , 1237these are the flags to pass to the 1238.Xr nfsiod 8 1239daemon. 1240.It Va nfs_access_cache 1241.Pq Vt int 1242If 1243.Va nfs_client_enable 1244is set to 1245.Dq Li YES , 1246this can be set to 1247.Dq Li 0 1248to disable NFS ACCESS RPC caching, or to the number of seconds for which 1249NFS ACCESS results should be cached. 1250A value of 2-10 seconds will substantially reduce network traffic for 1251many NFS operations. 1252The default is 5 seconds. 1253Note that the attribute cache holds stat information only. 1254The NFS data cache is independent of the attribute cache and is only 1255invalidated when the client detects that the server has modified the 1256underlying file. 1257This value specifies a maximum timeout. 1258The NFS client will automatically use a shorter timeout for files which 1259have been recently modified. 1260.It Va nfs_neg_cache 1261.Pq Vt int 1262If 1263.Va nfs_client_enable 1264is set to 1265.Dq Li YES , 1266this can be set to 1267.Dq Li 0 1268to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1269filenames), or to the number of seconds for which negative lookups should 1270be cached. 1271A value of 2-10 seconds will substantially reduce network 1272traffic for many NFS operations, especially source code builds. 1273The default is 3 seconds. 1274.It Va nfs_server_enable 1275.Pq Vt bool 1276If set to 1277.Dq Li YES , 1278run the NFS server daemons at boot time. 1279.It Va nfs_server_flags 1280.Pq Vt str 1281If 1282.Va nfs_server_enable 1283is set to 1284.Dq Li YES , 1285these are the flags to pass to the 1286.Xr nfsd 8 1287daemon. 1288.It Va mountd_enable 1289.Pq Vt bool 1290If set to 1291.Dq Li YES , 1292and no 1293.Va nfs_server_enable 1294is set, start 1295.Xr mountd 8 , 1296but not 1297.Xr nfsd 8 1298daemon. 1299It is commonly needed to run CFS without real NFS used. 1300.It Va mountd_flags 1301.Pq Vt str 1302If 1303.Va mountd_enable 1304is set to 1305.Dq Li YES , 1306these are the flags to pass to the 1307.Xr mountd 8 1308daemon. 1309.It Va weak_mountd_authentication 1310.Pq Vt bool 1311If set to 1312.Dq Li YES , 1313allow services like PCNFSD to make non-privileged mount requests. 1314.It Va nfs_reserved_port_only 1315.Pq Vt bool 1316If set to 1317.Dq Li YES , 1318provide NFS services only on a secure port. 1319.It Va nfs_bufpackets 1320.Pq Vt int 1321If set to a number, indicates the number of packets worth of 1322socket buffer space to reserve on an NFS client. 1323The kernel default is typically 4. 1324Using a higher number may be useful on gigabit networks to improve performance. 1325The minimum value is 2 and the maximum is 64. 1326.It Va rpc_umntall_enable 1327.Pq Vt bool 1328If set to 1329.Dq Li YES 1330(default) and we are also an NFS client, run 1331.Xr rpc.umntall 8 1332at boot time to clear out old mounts on remote servers. 1333If set to 1334.Dq Li NO 1335then 1336.Xr rpc.umntall 8 1337will not be run at boot time. 1338.It Va rpc_lockd_enable 1339.Pq Vt bool 1340If set to 1341.Dq Li YES 1342and also an NFS server, run 1343.Xr rpc.lockd 8 1344at boot time. 1345.It Va rpc_statd_enable 1346.Pq Vt bool 1347If set to 1348.Dq Li YES 1349and also an NFS server, run 1350.Xr rpc.statd 8 1351at boot time. 1352.It Va rpcbind_program 1353.Pq Vt str 1354Path to 1355.Xr rpcbind 8 1356(default 1357.Pa /usr/sbin/rpcbind ) . 1358.It Va rpcbind_enable 1359.Pq Vt bool 1360If set to 1361.Dq Li YES , 1362run the 1363.Xr rpcbind 8 1364service at boot time. 1365.It Va rpcbind_flags 1366.Pq Vt str 1367If 1368.Va rpcbind_enable 1369is set to 1370.Dq Li YES , 1371these are the flags to pass to the 1372.Xr rpcbind 8 1373daemon. 1374.It Va keyserv_enable 1375.Pq Vt bool 1376If set to 1377.Dq Li YES , 1378run the 1379.Xr keyserv 8 1380daemon on boot for running Secure RPC. 1381.It Va keyserv_flags 1382.Pq Vt str 1383If 1384.Va keyserv_enable 1385is set to 1386.Dq Li YES , 1387these are the flags to pass to 1388.Xr keyserv 8 1389daemon. 1390.It Va pppoed_enable 1391.Pq Vt bool 1392If set to 1393.Dq Li YES , 1394run the 1395.Xr pppoed 8 1396daemon at boot time to provide PPP over Ethernet services. 1397.It Va pppoed_provider 1398.Pq Vt str 1399.Xr pppoed 8 1400listens to requests to this provider and ultimately runs 1401.Xr ppp 8 1402with a 1403.Ar system 1404argument of the same name. 1405.It Va pppoed_flags 1406.Pq Vt str 1407Additional flags to pass to 1408.Xr pppoed 8 . 1409.It Va pppoed_interface 1410.Pq Vt str 1411The network interface to run 1412.Xr pppoed 8 1413on. 1414This is mandatory when 1415.Va pppoed_enable 1416is set to 1417.Dq Li YES . 1418.It Va timed_enable 1419.Pq Vt bool 1420If set to 1421.Dq Li YES , 1422run the 1423.Xr timed 8 1424service at boot time. 1425This command is intended for networks of machines where a consistent 1426.Dq "network time" 1427for all hosts must be established. 1428This is often useful in large NFS environments where time stamps on 1429files are expected to be consistent network-wide. 1430.It Va timed_flags 1431.Pq Vt str 1432If 1433.Va timed_enable 1434is set to 1435.Dq Li YES , 1436these are the flags to pass to the 1437.Xr timed 8 1438service. 1439.It Va dntpd_enable 1440.Pq Vt bool 1441If set to 1442.Dq Li YES , 1443run 1444.Xr dntpd 8 1445at system boot time. 1446.It Va dntpd_program 1447.Pq Vt str 1448Path to 1449.Xr dntpd 8 1450(default 1451.Pa /usr/sbin/dntpd ) . 1452.It Va dntpd_flags 1453.Pq Vt str 1454If 1455.Va dntpd_enable 1456is set to 1457.Dq Li YES , 1458these are the flags to pass to the 1459.Xr dntpd 8 1460daemon. 1461.It Va btconfig_enable 1462.Pq Vt bool 1463If set to 1464.Dq Li YES , 1465configure Bluetooth devices via 1466.Xr btconfig 8 1467at system boot time. 1468.It Va btconfig_devices 1469.Pq Vt str 1470If 1471.Va btconfig_enable 1472is set to 1473.Dq Li YES , 1474this is the list of Bluetooth devices to configure. 1475If 1476.Va btconfig_devices 1477is not specified, all devices known to the system will be configured. 1478A 1479.Va btconfig_ Ns Aq Ar device 1480variable can be set to specify parameters to be passed to 1481.Ar device . 1482.It Va btconfig_args 1483.Pq Vt str 1484If 1485.Va btconfig_enable 1486is set to 1487.Dq Li YES , 1488this is the list of configuration parameters to pass to all Bluetooth 1489devices. 1490.It Va sdpd_enable 1491.Pq Vt bool 1492If set to 1493.Dq Li YES , 1494run the Service Discovery Profile daemon 1495.Xr ( sdpd 8 ) 1496at system boot time. 1497.It Va sdpd_flags 1498.Pq Vt str 1499If 1500.Va sdpd_enable 1501is set to 1502.Dq Li YES , 1503these are the flags to pass to the 1504.Xr sdpd 8 1505daemon. 1506.It Va bthcid_enable 1507.Pq Vt bool 1508If set to 1509.Dq Li YES , 1510run the Bluetooth Link Key/PIN Code Manager daemon 1511.Xr ( bthcid 8 ) 1512at system boot time. 1513.It Va bthcid_flags 1514.Pq Vt str 1515If 1516.Va bthcid_enable 1517is set to 1518.Dq Li YES , 1519these are the flags to pass to the 1520.Xr bthcid 8 1521daemon. 1522.It Va nis_client_enable 1523.Pq Vt bool 1524If set to 1525.Dq Li YES , 1526run the 1527.Xr ypbind 8 1528service at system boot time. 1529.It Va nis_client_flags 1530.Pq Vt str 1531If 1532.Va nis_client_enable 1533is set to 1534.Dq Li YES , 1535these are the flags to pass to the 1536.Xr ypbind 8 1537service. 1538.It Va nis_ypset_enable 1539.Pq Vt bool 1540If set to 1541.Dq Li YES , 1542run the 1543.Xr ypset 8 1544daemon at system boot time. 1545.It Va nis_ypset_flags 1546.Pq Vt str 1547If 1548.Va nis_ypset_enable 1549is set to 1550.Dq Li YES , 1551these are the flags to pass to the 1552.Xr ypset 8 1553daemon. 1554.It Va nis_server_enable 1555.Pq Vt bool 1556If set to 1557.Dq Li YES , 1558run the 1559.Xr ypserv 8 1560daemon at system boot time. 1561.It Va nis_server_flags 1562.Pq Vt str 1563If 1564.Va nis_server_enable 1565is set to 1566.Dq Li YES , 1567these are the flags to pass to the 1568.Xr ypserv 8 1569daemon. 1570.It Va nis_ypxfrd_enable 1571.Pq Vt bool 1572If set to 1573.Dq Li YES , 1574run the 1575.Xr rpc.ypxfrd 8 1576daemon at system boot time. 1577.It Va nis_ypxfrd_flags 1578.Pq Vt str 1579If 1580.Va nis_ypxfrd_enable 1581is set to 1582.Dq Li YES , 1583these are the flags to pass to the 1584.Xr rpc.ypxfrd 8 1585daemon. 1586.It Va nis_yppasswdd_enable 1587.Pq Vt bool 1588If set to 1589.Dq Li YES , 1590run the 1591.Xr rpc.yppasswdd 8 1592daemon at system boot time. 1593.It Va nis_yppasswdd_flags 1594.Pq Vt str 1595If 1596.Va nis_yppasswdd_enable 1597is set to 1598.Dq Li YES , 1599these are the flags to pass to the 1600.Xr rpc.yppasswdd 8 1601daemon. 1602.It Va rpc_ypupdated_enable 1603.Pq Vt bool 1604If set to 1605.Dq Li YES , 1606run the 1607.Nm rpc.ypupdated 1608daemon at system boot time. 1609.It Va defaultrouter 1610.Pq Vt str 1611If not set to 1612.Dq Li NO , 1613create a default route to this host name or IP address 1614(use an IP address if this router is also required to get to the 1615name server!). 1616.It Va ipv6_defaultrouter 1617.Pq Vt str 1618The IPv6 equivalent of 1619.Va defaultrouter . 1620.It Va static_routes 1621.Pq Vt str 1622Set to the list of static routes that are to be added at system boot time. 1623If not set to 1624.Dq Li NO 1625then for each whitespace separated 1626.Ar element 1627in the value, a 1628.Va route_ Ns Aq Ar element 1629variable is assumed to exist whose contents will later be passed to a 1630.Dq Nm route Cm add 1631operation. 1632.It Va ipv6_static_routes 1633.Pq Vt str 1634The IPv6 equivalent of 1635.Va static_routes . 1636If not set to 1637.Dq Li NO 1638then for each whitespace separated 1639.Ar element 1640in the value, a 1641.Va ipv6_route_ Ns Aq Ar element 1642variable is assumed to exist whose contents will later be passed to a 1643.Dq Nm route Cm add Fl inet6 1644operation. 1645.It Va gateway_enable 1646.Pq Vt bool 1647If set to 1648.Dq Li YES , 1649configure host to act as an IP router, e.g. to forward packets 1650between interfaces. 1651.It Va ipv6_gateway_enable 1652.Pq Vt bool 1653The IPv6 equivalent of 1654.Va gateway_enable . 1655.It Va router_enable 1656.Pq Vt bool 1657If set to 1658.Dq Li YES , 1659run a routing daemon of some sort, based on the settings of 1660.Va router_program 1661and 1662.Va router_flags . 1663.It Va ipv6_router_enable 1664.Pq Vt bool 1665The IPv6 equivalent of 1666.Va router_enable . 1667If set to 1668.Dq Li YES , 1669run a routing daemon of some sort, based on the settings of 1670.Va ipv6_router_program 1671and 1672.Va ipv6_router_flags . 1673.It Va router_program 1674.Pq Vt str 1675If 1676.Va router_enable 1677is set to 1678.Dq Li YES , 1679this is the name of the routing daemon to use. 1680.It Va ipv6_router_program 1681.Pq Vt str 1682The IPv6 equivalent of 1683.Va router_program . 1684.It Va router_flags 1685.Pq Vt str 1686If 1687.Va router_enable 1688is set to 1689.Dq Li YES , 1690these are the flags to pass to the routing daemon. 1691.It Va ipv6_router_flags 1692.Pq Vt str 1693The IPv6 equivalent of 1694.Va router_flags . 1695.It Va mrouted_enable 1696.Pq Vt bool 1697If set to 1698.Dq Li YES , 1699run the multicast routing daemon, 1700.Xr mrouted 8 . 1701.It Va mroute6d_enable 1702.Pq Vt bool 1703The IPv6 equivalent of 1704.Va mrouted_enable . 1705If set to 1706.Dq Li YES , 1707run the IPv6 multicast routing daemon. 1708Note that no IPv6 multicast routing daemon is included in the 1709.Dx 1710base system but 1711.Xr pim6dd 8 1712can be installed from the 1713.Xr pkgsrc 7 1714collection. 1715.It Va mrouted_flags 1716.Pq Vt str 1717If 1718.Va mrouted_enable 1719is set to 1720.Dq Li YES , 1721these are the flags to pass to the 1722.Xr mrouted 8 1723daemon. 1724.It Va mroute6d_flags 1725.Pq Vt str 1726The IPv6 equivalent of 1727.Va mrouted_flags . 1728If 1729.Va mroute6d_enable 1730is set to 1731.Dq Li YES , 1732these are the flags passed to the IPv6 multicast routing daemon. 1733.It Va mroute6d_program 1734.Pq Vt str 1735If 1736.Va mroute6d_enable 1737is set to 1738.Dq Li YES , 1739this is the path to the IPv6 multicast routing daemon. 1740.It Va rtadvd_enable 1741.Pq Vt bool 1742If set to 1743.Dq Li YES , 1744run the 1745.Xr rtadvd 8 1746daemon at boot time. 1747.Xr rtadvd 8 1748will only run if 1749.Va ipv6_gateway_enable 1750is also set to 1751.Dq Li YES . 1752The 1753.Xr rtadvd 8 1754utility sends router advertisement packets to the interfaces specified in 1755.Va rtadvd_interfaces . 1756.Xr rtadvd 8 1757and should only be enabled with great care. 1758You may want to fine-tune 1759.Xr rtadvd.conf 5 . 1760.It Va rtadvd_interfaces 1761.Pq Vt str 1762If 1763.Va rtadvd_enable 1764is set to 1765.Dq Li YES 1766this is the list of interfaces to use. 1767.It Va rtsold_enable 1768.Pq Vt bool 1769If set to 1770.Dq Li YES , 1771run the 1772.Xr rtsold 8 1773daemon at boot time. 1774The 1775.Xr rtsold 8 1776daemon is used for automatic discovery of non-link local addresses. 1777.It Va rtsold_flags 1778.Pq Vt str 1779If 1780.Va rtsold_enable 1781is set to 1782.Dq Li YES , 1783these are the flags to pass to the 1784.Xr rtsold 8 1785daemon. 1786.It Va ipxgateway_enable 1787.Pq Vt bool 1788If set to 1789.Dq Li YES , 1790enable the routing of IPX traffic. 1791.It Va ipxrouted_enable 1792.Pq Vt bool 1793If set to 1794.Dq Li YES , 1795run the 1796.Xr IPXrouted 8 1797daemon at system boot time. 1798.It Va ipxrouted_flags 1799.Pq Vt str 1800If 1801.Va ipxrouted_enable 1802is set to 1803.Dq Li YES , 1804these are the flags to pass to the 1805.Xr IPXrouted 8 1806daemon. 1807.It Va arpproxy_all 1808.Pq Vt bool 1809If set to 1810.Dq Li YES , 1811enable global proxy ARP. 1812.It Va forward_sourceroute 1813.Pq Vt bool 1814If set to 1815.Dq Li YES 1816and 1817.Va gateway_enable 1818is also set to 1819.Dq Li YES , 1820source-routed packets are forwarded. 1821.It Va accept_sourceroute 1822.Pq Vt bool 1823If set to 1824.Dq Li YES , 1825the system will accept source-routed packets directed at it. 1826.It Va rarpd_enable 1827.Pq Vt bool 1828If set to 1829.Dq Li YES , 1830run the 1831.Xr rarpd 8 1832daemon at system boot time. 1833.It Va rarpd_flags 1834.Pq Vt str 1835If 1836.Va rarpd_enable 1837is set to 1838.Dq Li YES , 1839these are the flags to pass to the 1840.Xr rarpd 8 1841daemon. 1842.It Va bootparamd_enable 1843.Pq Vt bool 1844If set to 1845.Dq Li YES , 1846run the 1847.Xr bootparamd 8 1848daemon at system boot time. 1849.It Va bootparamd_flags 1850.Pq Vt str 1851If 1852.Va bootparamd_enable 1853is set to 1854.Dq Li YES , 1855these are the flags to pass to the 1856.Xr bootparamd 8 1857daemon. 1858.It Va stf_interface_ipv4addr 1859.Pq Vt str 1860If not set to 1861.Dq Li NO , 1862this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1863Specify this entry to enable the 6to4 interface. 1864.It Va stf_interface_ipv4plen 1865.Pq Vt int 1866Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1867An effective value is 0-31. 1868.It Va stf_interface_ipv6_ifid 1869.Pq Vt str 1870IPv6 interface ID for 1871.Xr stf 4 . 1872This can be set to 1873.Dq Li AUTO . 1874.It Va stf_interface_ipv6_slaid 1875.Pq Vt str 1876IPv6 Site Level Aggregator for 1877.Xr stf 4 . 1878.It Va ipv6_faith_prefix 1879.Pq Vt str 1880If not set to 1881.Dq Li NO , 1882this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP translator. 1883You also need 1884.Xr faithd 8 1885setup. 1886.It Va ipv6_ipv4mapping 1887.Pq Vt bool 1888If set to 1889.Dq Li YES 1890this enables IPv4 mapped IPv6 address communication (like 1891.Li ::ffff:a.b.c.d ) . 1892.It Va atm_enable 1893.Pq Vt bool 1894Set to 1895.Dq Li YES 1896to enable the configuration of ATM interfaces at system boot time. 1897For all of the ATM variables described below, please refer to the 1898.Xr atm 8 1899man page for further details on the available command parameters. 1900Also refer to the files in 1901.Pa /usr/share/examples/atm 1902for more detailed configuration information. 1903.It Va atm_netif_ Ns Aq Ar intf 1904.Pq Vt str 1905For the ATM physical interface 1906.Ar intf , 1907this variable defines the name prefix and count for the ATM network 1908interfaces to be created. 1909The value will be passed as the parameters of an 1910.Dq Nm atm Cm "set netif" Ar intf 1911command. 1912.It Va atm_sigmgr_ Ns Aq Ar intf 1913.Pq Vt str 1914For the ATM physical interface 1915.Ar intf , 1916this variable defines the ATM signalling manager to be used. 1917The value will be passed as the parameters of an 1918.Dq Nm atm Cm attach Ar intf 1919command. 1920.It Va atm_prefix_ Ns Aq Ar intf 1921.Pq Vt str 1922For the ATM physical interface 1923.Ar intf , 1924this variable defines the NSAP prefix for interfaces using a UNI signalling 1925manager. 1926If set to 1927.Dq Li ILMI , 1928the prefix will automatically be set via the 1929.Xr ilmid 8 1930daemon. 1931Otherwise, the value will be passed as the parameters of an 1932.Dq Nm atm Cm "set prefix" Ar intf 1933command. 1934.It Va atm_macaddr_ Ns Aq Ar intf 1935.Pq Vt str 1936For the ATM physical interface 1937.Ar intf , 1938this variable defines the MAC address for interfaces using a UNI signalling 1939manager. 1940If set to 1941.Dq Li NO , 1942the hardware MAC address contained in the ATM interface card will be used. 1943Otherwise, the value will be passed as the parameters of an 1944.Dq Nm atm Cm "set mac" Ar intf 1945command. 1946.It Va atm_arpserver_ Ns Aq Ar netif 1947.Pq Vt str 1948For the ATM network interface 1949.Ar netif , 1950this variable defines the ATM address for a host which is to provide ATMARP 1951service. 1952This variable is only applicable to interfaces using a UNI signalling manager. 1953If set to 1954.Dq Li local , 1955this host will become an ATMARP server. 1956The value will be passed as the parameters of an 1957.Dq Nm atm Cm "set arpserver" Ar netif 1958command. 1959.It Va atm_scsparp_ Ns Aq Ar netif 1960.Pq Vt bool 1961If set to 1962.Dq Li YES , 1963SCSP/ATMARP service for the network interface 1964.Ar netif 1965will be initiated using the 1966.Xr scspd 8 1967and 1968.Xr atmarpd 8 1969daemons. 1970This variable is only applicable if 1971.Va atm_arpserver_ Ns Aq Ar netif 1972is set to 1973.Dq Li local . 1974.It Va atm_arps 1975.Pq Vt str 1976Set to the list of permanent ATM ARP entries to be added at system boot time. 1977For each whitespace separated 1978.Ar element 1979in the value, an 1980.Va atm_arp_ Ns Aq Ar element 1981variable is assumed to exist. 1982The value of each of these variables will be passed as the parameters of an 1983.Dq Nm atm Cm "add arp" 1984command. 1985.It Va keybell 1986.Pq Vt str 1987The keyboard bell sound. 1988Set to 1989.Dq Li normal , 1990.Dq Li visual , 1991.Dq Li off , 1992or 1993.Dq Li NO 1994if the default behavior is desired. 1995For details, refer to the 1996.Xr kbdcontrol 1 1997manpage. 1998.It Va keymap 1999.Pq Vt str 2000If set to 2001.Dq Li NO , 2002no keymap is installed, otherwise the value is used to install 2003the keymap file in 2004.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2005.It Va keyrate 2006.Pq Vt str 2007The keyboard repeat speed. 2008Set to 2009.Dq Li slow , 2010.Dq Li normal , 2011.Dq Li fast , 2012or 2013.Dq Li NO 2014if the default behavior is desired. 2015.It Va keychange 2016.Pq Vt str 2017If not set to 2018.Dq Li NO , 2019attempt to program the function keys with the value. 2020The value should be a single string of the form: 2021.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2022.It Va cursor 2023.Pq Vt str 2024Can be set to the value of 2025.Dq Li normal , 2026.Dq Li blink , 2027.Dq Li destructive , 2028or 2029.Dq Li NO 2030to set the cursor behavior explicitly or choose the default behavior. 2031.It Va scrnmap 2032.Pq Vt str 2033If set to 2034.Dq Li NO , 2035no screen map is installed, otherwise the value is used to install 2036the screen map file in 2037.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2038.It Va font8x16 2039.Pq Vt str 2040If set to 2041.Dq Li NO , 2042the default 8x16 font value is used for screen size requests, otherwise 2043the value in 2044.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2045is used. 2046.It Va font8x14 2047.Pq Vt str 2048If set to 2049.Dq Li NO , 2050the default 8x14 font value is used for screen size requests, otherwise 2051the value in 2052.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2053is used. 2054.It Va font8x8 2055.Pq Vt str 2056If set to 2057.Dq Li NO , 2058the default 8x8 font value is used for screen size requests, otherwise 2059the value in 2060.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2061is used. 2062.It Va blanktime 2063.Pq Vt int 2064If set to 2065.Dq Li NO , 2066the default screen blanking interval is used, otherwise it is set to 2067.Ar value 2068seconds. 2069.It Va saver 2070.Pq Vt str 2071If not set to 2072.Dq Li NO , 2073this is the actual screen saver to use 2074.Li ( blank , snake , daemon , 2075etc). 2076.It Va moused_enable 2077.Pq Vt str 2078If set to 2079.Dq Li YES , 2080the 2081.Xr moused 8 2082daemon is started for doing cut/paste selection on the console. 2083.It Va moused_type 2084.Pq Vt str 2085This is the protocol type of the mouse connected to this host. 2086This variable must be set if 2087.Va moused_enable 2088is set to 2089.Dq Li YES . 2090The 2091.Xr moused 8 2092daemon 2093is able to detect the appropriate mouse type automatically in many cases. 2094Set this variable to 2095.Dq Li auto 2096to let the daemon detect it, or 2097select one from the following list if the automatic detection fails. 2098.Pp 2099If the mouse is attached to the PS/2 mouse port, choose 2100.Dq Li auto 2101or 2102.Dq Li ps/2 , 2103regardless of the brand and model of the mouse. 2104Likewise, if the mouse is attached to the bus mouse port, choose 2105.Dq Li auto 2106or 2107.Dq Li busmouse . 2108All other protocols are for serial mice and will not work with 2109the PS/2 and bus mice. 2110If this is a USB mouse, 2111.Dq Li auto 2112is the only protocol type which will work. 2113.Pp 2114.Bl -tag -width ".Li x10mouseremote" -compact 2115.It Li microsoft 2116Microsoft mouse (serial) 2117.It Li intellimouse 2118Microsoft IntelliMouse (serial) 2119.It Li mousesystems 2120Mouse systems Corp. mouse (serial) 2121.It Li mmseries 2122MM Series mouse (serial) 2123.It Li logitech 2124Logitech mouse (serial) 2125.It Li busmouse 2126A bus mouse 2127.It Li mouseman 2128Logitech MouseMan and TrackMan (serial) 2129.It Li glidepoint 2130ALPS GlidePoint (serial) 2131.It Li thinkingmouse 2132Kensington ThinkingMouse (serial) 2133.It Li ps/2 2134PS/2 mouse 2135.It Li mmhittab 2136MM HitTablet (serial) 2137.It Li x10mouseremote 2138X10 MouseRemote (serial) 2139.It Li versapad 2140Interlink VersaPad (serial) 2141.El 2142.Pp 2143Even if the mouse is not in the above list, it may be compatible 2144with one in the list. 2145Refer to the man page for 2146.Xr moused 8 2147for compatibility information. 2148.Pp 2149It should also be noted that while this is enabled, any 2150other client of the mouse (such as an X server) should access 2151the mouse through the virtual mouse device, 2152.Pa /dev/sysmouse , 2153and configure it as a 2154.Dq Li sysmouse 2155type mouse, since all 2156mouse data is converted to this single canonical format when using 2157.Xr moused 8 . 2158If the client program does not support the 2159.Dq Li sysmouse 2160type, specify the 2161.Dq Li mousesystems 2162type. 2163It is the second preferred type. 2164.It Va moused_port 2165.Pq Vt str 2166If 2167.Va moused_enable 2168is set to 2169.Dq Li YES , 2170this is the actual port the mouse is on. 2171It might be 2172.Pa /dev/cuaa0 2173for a COM1 serial mouse, 2174.Pa /dev/psm0 2175for a PS/2 mouse or 2176.Pa /dev/mse0 2177for a bus mouse, for example. 2178.It Va moused_flags 2179.Pq Vt str 2180If 2181.Va moused_type 2182is set, these are the additional flags to pass to the 2183.Xr moused 8 2184daemon. 2185.It Va mousechar_start 2186.Pq Vt int 2187If set to 2188.Dq Li NO , 2189the default mouse cursor character range 2190.Li 0xd0 Ns - Ns Li 0xd3 2191is used, otherwise the range start is set to 2192.Ar value 2193character, see 2194.Xr vidcontrol 1 . 2195Use if the default range is occupied in the language code table. 2196.It Va vidhistory 2197.Pq Vt int 2198Set the size of the history (scrollback) buffer in lines. 2199.It Va allscreens_flags 2200.Pq Vt str 2201If set, 2202.Xr vidcontrol 1 2203is run with these options for each of the virtual terminals 2204.Pq Pa /dev/ttyv* . 2205For example, 2206.Dq Fl m Cm on 2207will enable the mouse pointer on all virtual terminals if 2208.Va moused_enable 2209is set to 2210.Dq Li YES . 2211.It Va allscreens_kbdflags 2212.Pq Vt str 2213If set, 2214.Xr kbdcontrol 1 2215is run with these options for each of the virtual terminals 2216.Pq Pa /dev/ttyv* . 2217For example, 2218.Dq Fl h Li 200 2219will set the 2220.Xr syscons 4 2221scrollback (history) buffer to 200 lines. 2222.It Va cron_enable 2223.Pq Vt bool 2224If set to 2225.Dq Li YES , 2226run the 2227.Xr cron 8 2228daemon at system boot time. 2229.It Va cron_program 2230.Pq Vt str 2231Path to 2232.Xr cron 8 2233(default 2234.Pa /usr/sbin/cron ) . 2235.It Va cron_flags 2236.Pq Vt str 2237If 2238.Va cron_enable 2239is set to 2240.Dq Li YES , 2241these are the flags to pass to 2242.Xr cron 8 . 2243.It Va lpd_program 2244.Pq Vt str 2245Path to 2246.Xr lpd 8 2247(default 2248.Pa /usr/sbin/lpd ) . 2249.It Va lpd_enable 2250.Pq Vt bool 2251If set to 2252.Dq Li YES , 2253run the 2254.Xr lpd 8 2255daemon at system boot time. 2256.It Va lpd_flags 2257.Pq Vt str 2258If 2259.Va lpd_enable 2260is set to 2261.Dq Li YES , 2262these are the flags to pass to the 2263.Xr lpd 8 2264daemon. 2265.It Va mixer_enable 2266.Pq Vt bool 2267If set to 2268.Dq Li YES , 2269preserve 2270.Xr mixer 8 2271settings across reboots. 2272.It Va mta_start_script 2273.Pq Vt str 2274This variable specifies the full path to the script to run to start 2275a mail transfer agent. 2276The default is 2277.Pa /etc/rc.sendmail . 2278The 2279.Va sendmail_* 2280variables which 2281.Pa /etc/rc.sendmail 2282uses are documented in the 2283.Xr rc.sendmail 8 2284man page. 2285.It Va dumpdev 2286.Pq Vt str 2287Indicates the device (usually a swap partition) to which a crash dump 2288should be written in the event of a system crash. 2289The value of this variable is passed as the argument to 2290.Xr dumpon 8 . 2291To disable crash dumps, set this variable to 2292.Dq Li NO . 2293.It Va dumpdir 2294.Pq Vt str 2295When the system reboots after a crash and a crash dump is found on the 2296device specified by the 2297.Va dumpdev 2298variable, 2299.Xr savecore 8 2300will save that crash dump and a copy of the kernel to the directory 2301specified by the 2302.Va dumpdir 2303variable. 2304The default value is 2305.Pa /var/crash . 2306Set to 2307.Dq Li NO 2308to not run 2309.Xr savecore 8 2310at boot time when 2311.Va dumpdir 2312is set. 2313.It Va savecore_flags 2314.Pq Vt str 2315If crash dumps are enabled, these are the flags to pass to the 2316.Xr savecore 8 2317utility. 2318.It Va enable_quotas 2319.Pq Vt bool 2320Set to 2321.Dq Li YES 2322to turn on user disk quotas on system startup via the 2323.Xr quotaon 8 2324command. 2325.It Va check_quotas 2326.Pq Vt bool 2327Set to 2328.Dq Li YES 2329to enable user disk quota checking via the 2330.Xr quotacheck 8 2331command. 2332.It Va accounting_enable 2333.Pq Vt bool 2334Set to 2335.Dq Li YES 2336to enable system accounting through the 2337.Xr accton 8 2338facility. 2339.It Va linux_enable 2340.Pq Vt bool 2341Set to 2342.Dq Li YES 2343to enable Linux/ELF binary emulation at system initial boot time. 2344.It Va sysvipc_enable 2345.Pq Vt bool 2346If set to 2347.Dq Li YES , 2348load System V IPC primitives at boot time. 2349.\" ----- cleanvar_enable setting-------------------------------- 2350.It Va cleanvar_enable 2351.Pq Vt bool 2352Set to 2353.Dq Li YES 2354to have 2355.Pa /var/run , 2356.Pa /var/spool/lock 2357and 2358.Pa /var/spool/uucp/.Temp/* 2359cleaned at startup. 2360.\" ----- clear_tmp_enable setting------------------------------- 2361.It Va clear_tmp_enable 2362.Pq Vt bool 2363Set to 2364.Dq Li YES 2365to have 2366.Pa /tmp 2367cleaned at startup. 2368.\" ----- ldconfig_paths setting -------------------------------- 2369.It Va ldconfig_paths 2370.Pq Vt str 2371Set to the list of shared library paths to use with 2372.Xr ldconfig 8 . 2373NOTE: 2374.Pa /usr/lib 2375will always be added first, so it need not appear in this list. 2376.It Va ldconfig_insecure 2377.Pq Vt bool 2378The 2379.Xr ldconfig 8 2380utility normally refuses to use directories 2381which are writable by anyone except root. 2382Set this variable to 2383.Dq Li YES 2384to disable that security check during system startup. 2385.It Va kern_securelevel 2386.Pq Vt int 2387The kernel security level to set at startup. 2388The allowed range of 2389.Ar value 2390ranges from \-1 (the compile time default) to 3 (the most secure). 2391See 2392.Xr init 8 2393for the list of possible security levels and their effect on system operation. 2394.It Va start_vinum 2395.Pq Vt bool 2396Set to 2397.Dq Li YES 2398to start 2399.Xr vinum 8 2400at system boot time. 2401.It Va sshd_enable 2402.Pq Vt bool 2403Set to 2404.Dq Li YES 2405to start 2406.Xr sshd 8 2407at system boot time. 2408.It Va sshd_program 2409.Pq Vt str 2410Path to the SSH server program 2411.Pa ( /usr/sbin/sshd 2412is the default). 2413.It Va sshd_flags 2414.Pq Vt str 2415If 2416.Va sshd_enable 2417is set to 2418.Dq Li YES , 2419these are the flags to pass to the 2420.Xr sshd 8 2421daemon. 2422.It Va ftpd_enable 2423.Pq Vt bool 2424Set to 2425.Dq Li YES 2426to start 2427.Xr ftpd 8 2428at system boot time. 2429.It Va ftpd_flags 2430.Pq Vt str 2431If 2432.Va ftpd_enable 2433is set to 2434.Dq Li YES , 2435these are the flags to pass to the 2436.Xr ftpd 8 2437daemon. 2438.It Va usbd_enable 2439.Pq Vt bool 2440If set to 2441.Dq Li YES , 2442run the 2443.Xr usbd 8 2444daemon at boot time. 2445.It Va usbd_flags 2446.Pq Vt str 2447If 2448.Va usbd_enable 2449is set to 2450.Dq Li YES , 2451these are the flags passed to 2452.Xr usbd 8 2453daemon. 2454.It Va watchdogd_enable 2455.Pq Vt bool 2456If set to 2457.Dq Li YES , 2458start the 2459.Xr watchdogd 8 2460daemon at boot time. 2461This requires that the kernel have been compiled with 2462.Cd "options WATCHDOG" . 2463.It Va jail_enable 2464.Pq Vt bool 2465If set to 2466.Dq Li NO , 2467any configured jails will not be started. 2468.It Va jail_list 2469.Pq Vt str 2470A space separated list of names for jails. 2471This is purely a configuration aid to help identify and 2472configure multiple jails. 2473The names specified in this list will be used to 2474identify settings common to an instance of a jail. 2475Assuming that the jail in question was named 2476.Li vjail , 2477you would have the following dependent variables: 2478.Bd -literal 2479jail_vjail_hostname="jail.example.com" 2480jail_vjail_ip="192.168.1.100" 2481jail_vjail_rootdir="/var/jails/vjail/root" 2482.Ed 2483.Pp 2484.It Va jail_flags 2485.Pq Vt str 2486Unset by default. 2487When set, use as default value for 2488.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2489for every jail in 2490.Va jail_list . 2491.It Va jail_interface 2492.Pq Vt str 2493Unset by default. 2494When set, use as default value for 2495.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2496for every jail in 2497.Va jail_list . 2498.It Va jail_fstab 2499.Pq Vt str 2500Unset by default. 2501When set, use as default value for 2502.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2503for every jail in 2504.Va jail_list . 2505.It Va jail_mount_enable 2506.Pq Vt bool 2507Set to 2508.Dq Li NO 2509by default. 2510When set to 2511.Dq Li YES , 2512sets 2513.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2514to 2515.Dq Li YES 2516by default for every jail in 2517.Va jail_list . 2518.It Va jail_fdesc_enable 2519.Pq Vt bool 2520Set to 2521.Dq Li NO 2522by default. 2523When set to 2524.Dq Li YES , 2525sets 2526.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2527to 2528.Dq Li YES 2529by default for every jail in 2530.Va jail_list . 2531.It Va jail_procfs_enable 2532.Pq Vt bool 2533Set to 2534.Dq Li NO 2535by default. 2536When set to 2537.Dq Li YES , 2538sets 2539.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2540to 2541.Dq Li YES 2542by default for every jail in 2543.Va jail_list . 2544.It Va jail_exec_start 2545.Pq Vt str 2546Unset by default. 2547When set, use as default value for 2548.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2549for every jail in 2550.Va jail_list . 2551.It Va jail_exec_stop 2552Unset by default. 2553When set, use as default value for 2554.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2555for every jail in 2556.Va jail_list . 2557.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2558.Pq Vt str 2559Unset by default. 2560Set to the root directory used by jail 2561.Va jname . 2562.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2563.Pq Vt str 2564Unset by default. 2565Set to the fully qualified domain name (FQDN) assigned to jail 2566.Va jname . 2567.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2568.Pq Vt str 2569Unset by default. 2570Set to the IP address assigned to jail 2571.Va jname . 2572.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2573.Pq Vt str 2574Set to 2575.Dq Li -l -U root 2576by default. 2577These are flags to pass to 2578.Xr jail 8 . 2579.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2580.Pq Vt str 2581Unset by default. 2582When set, sets the interface to use when setting IP address alias. 2583Note that the alias is created at jail startup and removed at jail shutdown. 2584.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2585.Pq Vt str 2586Set to 2587.Pa /etc/fstab. Ns Aq Ar jname 2588by default. 2589This is the file system information file to use for jail 2590.Va jname . 2591.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2592.Pq Vt bool 2593Set to 2594.Dq Li NO 2595by default. 2596When set to 2597.Dq Li YES , 2598mount all file systems from 2599.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2600at jail startup. 2601.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2602.Pq Vt bool 2603Set to 2604.Dq Li NO 2605by default. 2606When set to 2607.Dq Li YES , 2608mount the file-descriptor file system inside jail 2609.Ar jname 2610at jail startup. 2611.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2612.Pq Vt bool 2613Set to 2614.Dq Li NO 2615by default. 2616When set to 2617.Dq Li YES , 2618mount the process file system inside jail 2619.Ar jname 2620at jail startup. 2621.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2622.Pq Vt str 2623Set to 2624.Dq Li /bin/sh /etc/rc 2625by default. 2626This is the command executed at jail startup. 2627.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2628.Pq Vt str 2629Set to 2630.Dq Li /bin/sh /etc/rc.shutdown 2631by default. 2632This is the command executed at jail shutdown. 2633.It Va jail_set_hostname_allow 2634.Pq Vt bool 2635If set to 2636.Dq Li NO , 2637do not allow the root user in a jail to set its hostname. 2638.It Va jail_socket_unixiproute_only 2639.Pq Vt bool 2640If set to 2641.Dq Li YES , 2642do not allow any sockets, 2643besides UNIX/IP/route sockets, 2644to be used within a jail. 2645.It Va jail_sysvipc_allow 2646.Pq Vt bool 2647If set to 2648.Dq Li YES , 2649allow applications within a jail to use System V IPC. 2650.It Va newsyslog_enable 2651.Pq Vt bool 2652If set to 2653.Dq Li YES , 2654run 2655.Xr newsyslog 8 2656before syslogd starts. 2657.It Va newsyslog_flags 2658.Pq Vt str 2659If 2660.Va newsyslog_enable 2661is set to 2662.Dq Li YES , 2663these are the flags passed to 2664.Xr newsyslog 8 . 2665.It Va resident_enable 2666.Pq Vt bool 2667If set to 2668.Dq Li YES , 2669make the dynamic binaries listed in 2670.Pa /etc/resident.conf 2671resident. 2672.It Va varsym_enable 2673.Pq Vt bool 2674If set to 2675.Dq Li YES , 2676process 2677.Pa /etc/varsym.conf 2678to set system-wide variables for variant symlinks. 2679.It Va rand_irqs 2680.Pq Vt str 2681Set either to 2682.Dq Li NO 2683or a whitespace separated list of IRQ numbers which will be used as a source of 2684randomness. 2685.\" ----- isdn settings --------------------------------- 2686.It Va isdn_enable 2687.Pq Vt bool 2688Set to 2689.Dq Li NO 2690by default. 2691When set to 2692.Dq Li YES , 2693starts the 2694.Xr isdnd 8 2695daemon at system boot time. 2696.It Va isdn_flags 2697.Pq Vt str 2698Set to 2699.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2700by default. 2701Additional flags to pass to 2702.Xr isdnd 8 2703(but see 2704.Va isdn_fsdev 2705and 2706.Va isdn_ttype 2707for certain tunable parameters). 2708.It Va isdn_ttype 2709.Pq Vt str 2710Set to 2711.Dq Li cons25 2712by default. 2713The terminal type of the output device when 2714.Xr isdnd 8 2715operates in full-screen mode. 2716.It Va isdn_screenflags 2717.Pq Vt str 2718Set to 2719.Dq Li NO 2720by default. 2721The video mode for full-screen mode (only for 2722.Xr syscons 4 2723console driver, see 2724.Xr vidcontrol 1 2725for valid modes). 2726.It Va isdn_fsdev 2727.Pq Vt str 2728Set to 2729.Dq Li NO 2730by default. 2731The output device for 2732.Xr isdnd 8 2733in full-screen mode (or 2734.Dq Li NO 2735for daemon mode). 2736.It Va isdn_trace 2737.Pq Vt bool 2738Set to 2739.Dq Li NO 2740by default. 2741When set to 2742.Dq Li YES , 2743enables the ISDN protocol trace utility 2744.Xr isdntrace 8 2745at system boot time. 2746.It Va isdn_traceflags 2747.Pq Vt str 2748Set to 2749.Dq Fl f Pa /var/tmp/isdntrace0 2750by default. 2751Flags for 2752.Xr isdntrace 8 . 2753.\" ----------------------------------------------------- 2754.It Va entropy_dir 2755.Pq Vt str 2756Set to 2757.Dq Li NO 2758to disable caching entropy via 2759.Xr cron 8 . 2760Otherwise set to the directory used to store entropy files in. 2761.It Va entropy_file 2762.Pq Vt str 2763Set to 2764.Dq Li NO 2765to disable caching entropy through reboots. 2766Otherwise set to the filename used to store cached entropy through reboots. 2767This file should be located on the root file system to seed the 2768.Xr random 4 2769device as early as possible in the boot process. 2770.It Va ipsec_enable 2771.Pq Vt bool 2772Set to 2773.Dq Li YES 2774to run 2775.Xr setkey 8 2776on 2777.Va ipsec_file 2778at boot time. 2779.It Va ipsec_file 2780.Pq Vt str 2781Configuration file for 2782.Xr setkey 8 . 2783.It Va dmesg_enable 2784.Pq Vt bool 2785Set to 2786.Dq Li YES 2787to save 2788.Xr dmesg 8 2789to 2790.Pa /var/run/dmesg.boot 2791on boot. 2792.It Va rcshutdown_timeout 2793.Pq Vt int 2794If set, start a watchdog timer in the background which will terminate 2795.Pa rc.shutdown 2796if 2797.Xr shutdown 8 2798has not completed within the specified time (in seconds). 2799.El 2800.Sh FILES 2801.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 2802.It Pa /etc/defaults/rc.conf 2803.It Pa /etc/rc.conf 2804.It Pa /etc/rc.conf.local 2805.El 2806.Sh SEE ALSO 2807.Xr catman 1 , 2808.Xr gdb 1 , 2809.Xr info 1 , 2810.Xr kbdcontrol 1 , 2811.Xr varsym 1 , 2812.Xr vidcontrol 1 , 2813.Xr ip 4 , 2814.Xr ipf 4 , 2815.Xr ipfw 4 , 2816.Xr kld 4 , 2817.Xr pf 4 , 2818.Xr tcp 4 , 2819.Xr udp 4 , 2820.Xr exports 5 , 2821.Xr motd 5 , 2822.Xr resident.conf 5 , 2823.Xr varsym.conf 5 , 2824.Xr accton 8 , 2825.Xr amd 8 , 2826.Xr apm 8 , 2827.Xr atm 8 , 2828.Xr btconfig 8 , 2829.Xr bthcid 8 , 2830.Xr cron 8 , 2831.Xr dhclient 8 , 2832.Xr dhcpd 8 , 2833.Xr dhcrelay 8 , 2834.Xr dntpd 8 , 2835.Xr ftpd 8 , 2836.Xr ifconfig 8 , 2837.Xr inetd 8 , 2838.Xr isdnd 8 , 2839.Xr isdntrace 8 , 2840.Xr jail 8 , 2841.Xr lpd 8 , 2842.Xr makewhatis 8 , 2843.Xr mdconfig 8 , 2844.Xr mixer 8 , 2845.Xr mountd 8 , 2846.Xr moused 8 , 2847.Xr mrouted 8 , 2848.Xr named 8 , 2849.Xr nfsd 8 , 2850.Xr pcnfsd 8 , 2851.Xr pfctl 8 , 2852.Xr pflogd 8 , 2853.Xr quotacheck 8 , 2854.Xr quotaon 8 , 2855.Xr rc 8 , 2856.Xr rc.sendmail 8 , 2857.Xr resident 8 , 2858.Xr rndcontrol 8 , 2859.Xr route 8 , 2860.Xr routed 8 , 2861.Xr rpc.lockd 8 , 2862.Xr rpc.statd 8 , 2863.Xr rpcbind 8 , 2864.Xr rtsold 8 , 2865.Xr rwhod 8 , 2866.Xr savecore 8 , 2867.Xr sdpd 8 , 2868.Xr sensorsd 8 , 2869.Xr sshd 8 , 2870.Xr swapon 8 , 2871.Xr sysctl 8 , 2872.Xr syslogd 8 , 2873.Xr timed 8 , 2874.Xr usbd 8 , 2875.Xr vinum 8 , 2876.Xr yp 8 , 2877.Xr ypbind 8 , 2878.Xr ypserv 8 , 2879.Xr ypset 8 2880.Sh HISTORY 2881The 2882.Nm 2883file appeared in 2884.Fx 2.2.2 . 2885.Sh AUTHORS 2886.An Jordan K. Hubbard . 2887