1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" $DragonFly: src/share/man/man5/rc.conf.5,v 1.46 2007/10/02 12:57:00 hasso Exp $ 27.Dd August 10, 2007 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/rc.conf 53file is included from the file 54.Pa /etc/defaults/rc.conf , 55which specifies the default settings for all the available options. 56Options need only be specified in 57.Pa /etc/rc.conf 58when the system administrator wishes to override these defaults. 59The file 60.Pa /etc/rc.conf.local 61is used to override settings in 62.Pa /etc/rc.conf 63for historical reasons. 64See the 65.Va rc_conf_files 66variable below. 67.Pp 68The following list provides a name and short description for each 69variable that can be set in the 70.Nm 71file: 72.Bl -tag -width indent-two 73.It Va rc_debug 74.Pq Vt bool 75If set to 76.Dq Li YES , 77enable output of debug messages from rc scripts. 78This variable can be helpful in diagnosing mistakes when 79editing or integrating new scripts. 80Beware that this produces copious output to the terminal and 81.Xr syslog 3 . 82.It Va rc_info 83.Pq Vt bool 84If set to 85.Dq Li NO , 86disable informational messages from the rc scripts. 87Informational messages are displayed when 88a condition that is not serious enough to warrant a warning or an error occurs. 89.It Va swapfile 90.Pq Vt str 91If set to 92.Dq Li NO , 93no swapfile is installed, otherwise the value is used as the full 94pathname to a file to use for additional swap space. 95.It Va apm_enable 96.Pq Vt bool 97If set to 98.Dq Li YES , 99enable support for Automatic Power Management with the 100.Xr apm 8 101command. 102.It Va apmd_enable 103.Pq Vt bool 104Run 105.Xr apmd 8 106to handle APM event from userland. 107This also enables support for APM. 108.It Va apmd_flags 109.Pq Vt str 110If 111.Va apmd_enable 112is set to 113.Dq Li YES , 114these are the flags to pass to the 115.Xr apmd 8 116daemon. 117.It Va battd_enable 118Enable 119.Xr battd 8 120to monitor the status of batteries present in the system. 121This also enables support for APM. 122.It Va battd_flags 123.Pq Vt str 124If 125.Va battd_enable 126is set to 127.Dq Li YES , 128these are the flags to pass to the 129.Xr battd 8 130daemon. 131.It Va sensorsd_enable 132.Pq Vt bool 133Set to 134.Dq Li NO 135by default. 136Setting this to 137.Dq Li YES 138enables 139.Xr sensorsd 8 , 140a sensors monitoring and logging daemon. 141.It Va sensorsd_flags 142.Pq Vt str 143Empty by default. 144This variable contains additional flags passed to the 145.Xr sensorsd 8 146program. 147.It Va pccard_ifconfig 148.Pq Vt str 149List of arguments to be passed to 150.Xr ifconfig 8 151at boot time or on insertion of the card (e.g.\& 152.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 153for a fixed address or 154.Dq Li DHCP 155for a DHCP client). 156.It Va pccard_ether_delay 157.Pq Vt str 158Set the delay before starting 159.Xr dhclient 8 160in the 161.Pa /etc/pccard_ether 162script. 163This defaults to 5 seconds to work around a bug in the 164.Xr ed 4 165driver which can lead to system hangs when using some newer 166.Xr ed 4 167based cards. 168.It Va removable_interfaces 169.Pq Vt str 170List of removable network interfaces to be supported by 171.Pa /etc/pccard_ether . 172.It Va local_startup 173.Pq Vt str 174List of directories to search for startup script files. 175.It Va script_name_sep 176.Pq Vt str 177The field separator to use for breaking down the list of startup script files 178into individual filenames. 179The default is a space. 180It is not necessary to change this unless there are startup scripts with names 181containing spaces. 182.It Va hostapd_enable 183.Pq Vt bool 184Set to 185.Dq Li YES 186to start 187.Xr hostapd 8 188at system boot time. 189.It Va hostname 190.Pq Vt str 191The fully qualified domain name (FQDN) of this host on the network. 192This should almost certainly be set to something meaningful, even if 193there is no network connection. 194If 195.Xr dhclient 8 196is used to set the hostname via DHCP, 197this variable should be set to an empty string. 198.It Va ipv6_enable 199.Pq Vt bool 200Enable support for IPv6 networking. 201Note that this requires that the kernel have been compiled with 202.Cd "options INET6" . 203.It Va nisdomainname 204.Pq Vt str 205The NIS domain name of this host, or 206.Dq Li NO 207if NIS is not used. 208.It Va dhclient_program 209.Pq Vt str 210Path to the DHCP client program 211.Pa ( /sbin/dhclient , 212the ISC DHCP client, is the default). 213.It Va dhclient_flags 214.Pq Vt str 215Additional flags to pass to the DHCP client program. 216For the ISC DHCP client, see the 217.Xr dhclient 8 218manpage for a description of the command line options available. 219.\".It Va background_dhclient 220.\".Pq Vt bool 221.\"Set to 222.\".Dq Li YES 223.\"to start the DHCP client in background. 224.\"This can cause trouble with applications depending on 225.\"a working network, but it will provide a faster startup in many cases. 226.It Va dhcpd_enable 227.Pq Vt bool 228Set to 229.Dq Li YES 230to run 231.Xr dhcpd 8 232at system boot time. 233.It Va dhcrelay_enable 234.Pq Vt bool 235Set to 236.Dq Li YES 237to run 238.Xr dhcrelay 8 239.It Va pf_enable 240.Pq Vt bool 241Set to 242.Dq Li YES 243to load 244.Xr pf 4 245at startup. 246If the kernel was not built with 247.Cd "device pf" , 248the 249.Pa pf.ko 250kernel module will be loaded. 251See also 252.Va firewall_enable 253and 254.Va ipfilter_enable . 255.It Va pf_rules 256.Pq Vt str 257Path to the 258.Xr pf 4 259ruleset definition file. 260.It Va pf_program 261.Pq Vt str 262Path to 263.Xr pfctl 8 . 264.It Va pf_flags 265.Pq Vt str 266If 267.Va pf_enable 268is set to 269.Dq Li YES , 270these are the flags to pass to 271.Xr pfctl 8 272when loading the ruleset. 273.It Va pflog_enable 274.Pq Vt bool 275Set this to 276.Dq Li YES 277to enable 278.Xr pflogd 8 279which logs packets from 280.Xr pf 4 . 281.It Va pflog_logfile 282.Pq Vt str 283If 284.Va pflog_enable 285is set to 286.Dq Li YES 287this specifies the path of the log file. 288.It Va pflog_program 289.Pq Vt str 290Path to 291.Xr pflogd 8 . 292.It Va pflog_flags 293.Pq Vt str 294If 295.Va pflog_enable 296is set to 297.Dq Li YES , 298these are the flags to pass to 299.Xr pflogd 8 . 300.It Va firewall_enable 301.Pq Vt bool 302Set to 303.Dq Li YES 304to load firewall rules at startup. 305If the kernel was not built with 306.Cd "options IPFIREWALL" , 307the 308.Pa ipfw.ko 309kernel module will be loaded. 310See also 311.Va pf_enable 312and 313.Va ipfilter_enable . 314.It Va ipv6_firewall_enable 315.Pq Vt bool 316The IPv6 equivalent of 317.Va firewall_enable . 318Set to 319.Dq Li YES 320to load IPv6 firewall rules at startup. 321If the kernel was not built with 322.Cd "options IPV6FIREWALL" , 323the 324.Pa ip6fw.ko 325kernel module will be loaded. 326.It Va firewall_script 327.Pq Vt str 328This variable specifies the full path to the firewall script to run. 329The default is 330.Pa /etc/rc.firewall . 331.It Va ipv6_firewall_script 332.Pq Vt str 333The IPv6 equivalent of 334.Va firewall_script . 335.It Va firewall_type 336.Pq Vt str 337Names the firewall type from the selection in 338.Pa /etc/rc.firewall , 339or the file which contains the local firewall ruleset. 340Valid selections from 341.Pa /etc/rc.firewall 342are: 343.Pp 344.Bl -tag -width ".Li simple" -compact 345.It Li open 346unrestricted IP access 347.It Li closed 348all IP services disabled, except via 349.Dq Li lo0 350.It Li client 351basic protection for a workstation on a LAN 352.It Li simple 353alias for 354.Li client . 355.El 356.Pp 357If a filename is specified, the full path must be given. 358.It Va firewall_trusted_nets 359.Pq Vt str 360List of trusted networks (if 361.Va firewall_type 362is set to 363.Li client ) . 364.It Va firewall_trusted_interfaces 365.Pq Vt str 366List of trusted network interfaces (if 367.Va firewall_type 368is set to 369.Li client ) . 370.It Va firewall_allowed_icmp_types 371.Pq Vt str 372List of allowed ICMP types (if 373.Va firewall_type 374is set to 375.Li client ) . 376.It Va firewall_open_tcp_ports 377.Pq Vt str 378List of TCP ports to open (if 379.Va firewall_type 380is set to 381.Li client ) . 382.It Va firewall_open_udp_ports 383.Pq Vt str 384List of UDP ports to open (if 385.Va firewall_type 386is set to 387.Li client ) . 388.It Va ipv6_firewall_type 389.Pq Vt str 390The IPv6 equivalent of 391.Va firewall_type . 392.It Va firewall_quiet 393.Pq Vt bool 394Set to 395.Dq Li YES 396to disable the display of firewall rules on the console during boot. 397.It Va ipv6_firewall_quiet 398.Pq Vt bool 399The IPv6 equivalent of 400.Va firewall_quiet . 401.It Va firewall_logging 402.Pq Vt bool 403Set to 404.Dq Li YES 405to enable firewall event logging. 406This is equivalent to the 407.Dv IPFIREWALL_VERBOSE 408kernel option. 409.It Va ipv6_firewall_logging 410.Pq Vt bool 411The IPv6 equivalent of 412.Va firewall_logging . 413.It Va firewall_flags 414.Pq Vt str 415Flags passed to 416.Xr ipfw 8 417if 418.Va firewall_type 419specifies a filename. 420.It Va ipv6_firewall_flags 421.Pq Vt str 422The IPv6 equivalent of 423.Va firewall_flags . 424.It Va natd_program 425.Pq Vt str 426Path to 427.Xr natd 8 . 428.It Va natd_enable 429.Pq Vt bool 430Set to 431.Dq Li YES 432to enable 433.Xr natd 8 . 434.Va firewall_enable 435must also be set to 436.Dq Li YES , 437and 438.Xr divert 4 439sockets must be enabled in the kernel. 440.It Va natd_interface 441.Pq Vt str 442This is the name of the public interface on which 443.Xr natd 8 444should run. 445The interface may be given as an interface name or as an IP address. 446.It Va natd_flags 447.Pq Vt str 448Additional 449.Xr natd 8 450flags should be placed here. 451The 452.Fl n 453or 454.Fl a 455flag is automatically added with the above 456.Va natd_interface 457as an argument. 458.\" ----- ipfilter_enable setting -------------------------------- 459.It Va ipfilter_enable 460.Pq Vt bool 461Set to 462.Dq Li NO 463by default. 464Setting this to 465.Dq Li YES 466enables 467.Xr ipf 8 468packet filtering. 469.Pp 470Typical usage will require putting 471.Bd -literal 472ipfilter_enable="YES" 473ipnat_enable="YES" 474ipmon_enable="YES" 475ipfs_enable="YES" 476.Ed 477.Pp 478into 479.Pa /etc/rc.conf 480and editing 481.Pa /etc/ipf.rules 482and 483.Pa /etc/ipnat.rules 484appropriately. 485.Pp 486Note that 487.Va ipfilter_enable 488and 489.Va ipnat_enable 490can be enabled independently. 491.Va ipmon_enable 492and 493.Va ipfs_enable 494both require at least one of 495.Va ipfilter_enable 496and 497.Va ipnat_enable 498to be enabled. 499.Pp 500Having 501.Bd -literal 502options IPFILTER 503options IPFILTER_LOG 504options IPFILTER_DEFAULT_BLOCK 505.Ed 506.Pp 507in the kernel configuration file is a good idea, too. 508See also 509.Va pf_enable 510and 511.Va firewall_enable . 512.\" ----- ipfilter_program setting ------------------------------ 513.It Va ipfilter_program 514.Pq Vt str 515Path to 516.Xr ipf 8 517(default 518.Pa /sbin/ipf ) . 519.\" ----- ipfilter_rules setting -------------------------------- 520.It Va ipfilter_rules 521.Pq Vt str 522Set to 523.Pa /etc/ipf.rules 524by default. 525This variable contains the name of the filter rule definition file. 526The file is expected to be readable for the 527.Xr ipf 8 528command to execute. 529.\" ----- ipv6_ipfilter_rules setting --------------------------- 530.It Va ipv6_ipfilter_rules 531.Pq Vt str 532Set to 533.Pa /etc/ipf6.rules 534by default. 535This variable contains the IPv6 filter rule definition file. 536The file is expected to be readable for the 537.Xr ipf 8 538command to execute. 539.\" ----- ipfilter_flags setting -------------------------------- 540.It Va ipfilter_flags 541.Pq Vt str 542Empty by default. 543This variable contains flags passed to the 544.Xr ipf 8 545program. 546.\" ----- ipnat_enable setting ---------------------------------- 547.It Va ipnat_enable 548.Pq Vt bool 549Set to 550.Dq Li NO 551by default. 552Set it to 553.Dq Li YES 554to enable 555.Xr ipnat 8 556network address translation. 557See 558.Va ipfilter_enable 559for a detailed discussion. 560.\" ----- ipnat_program setting --------------------------------- 561.It Va ipnat_program 562.Pq Vt str 563Path to 564.Xr ipnat 8 565(default 566.Pa /sbin/ipnat ) . 567.\" ----- ipnat_rules setting ----------------------------------- 568.It Va ipnat_rules 569.Pq Vt str 570Set to 571.Pa /etc/ipnat.rules 572by default. 573This variable contains the name of the file 574holding the network address translation definition. 575This file is expected to be readable for the 576.Xr ipnat 8 577command to execute. 578.\" ----- ipnat_flags setting ----------------------------------- 579.It Va ipnat_flags 580.Pq Vt str 581Empty by default. 582This variable contains flags passed to the 583.Xr ipnat 8 584program. 585.\" ----- ipmon_enable setting ---------------------------------- 586.It Va ipmon_enable 587.Pq Vt bool 588Set to 589.Dq Li NO 590by default. 591Set it to 592.Dq Li YES 593to enable 594.Xr ipmon 8 595monitoring (logging 596.Xr ipf 8 597and 598.Xr ipnat 8 599events). 600Setting this variable needs setting 601.Va ipfilter_enable 602or 603.Va ipnat_enable 604too. 605See 606.Va ipfilter_enable 607for a detailed discussion. 608.\" ----- ipmon_program setting --------------------------------- 609.It Va ipmon_program 610.Pq Vt str 611Path to 612.Xr ipmon 8 613(default 614.Pa /sbin/ipmon ) . 615.\" ----- ipmon_flags setting ----------------------------------- 616.It Va ipmon_flags 617.Pq Vt str 618Set to 619.Dq Li -Ds 620by default. 621This variable contains flags passed to the 622.Xr ipmon 8 623program. 624Another typical example would be 625.Dq Fl D Pa /var/log/ipflog 626to have 627.Xr ipmon 8 628log directly to a file bypassing 629.Xr syslogd 8 . 630Make sure to adjust 631.Pa /etc/newsyslog.conf 632in such case like this: 633.Bd -literal 634/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 635.Ed 636.\" ----- ipfs_enable setting ----------------------------------- 637.It Va ipfs_enable 638.Pq Vt bool 639Set to 640.Dq Li NO 641by default. 642Set it to 643.Dq Li YES 644to enable 645.Xr ipfs 8 646saving the filter and NAT state tables during shutdown 647and reloading them during startup again. 648Setting this variable needs setting 649.Va ipfilter_enable 650or 651.Va ipnat_enable 652to 653.Dq Li YES 654too. 655See 656.Va ipfilter_enable 657for a detailed discussion. 658Note that if 659.Va kern_securelevel 660is set to 3, 661.Va ipfs_enable 662cannot be used because the raised securelevel will prevent 663.Xr ipfs 8 664from saving the state tables at shutdown time. 665.\" ----- ipfs_program setting ---------------------------------- 666.It Va ipfs_program 667.Pq Vt str 668Path to 669.Xr ipfs 8 670(default 671.Pa /sbin/ipfs ) . 672.\" ----- ipfs_flags setting ------------------------------------ 673.It Va ipfs_flags 674.Pq Vt str 675Empty by default. 676This variable contains flags passed to the 677.Xr ipfs 8 678program. 679.\" ----- end of added ipf hook --------------------------------- 680.It Va tcp_extensions 681.Pq Vt bool 682Set to 683.Dq Li YES 684by default. 685Setting this to 686.Dq Li NO 687disables certain TCP options as described by 688.Rs 689.%T "RFC 1323" 690.Re 691Setting this to 692.Dq Li NO 693might help remedy such problems with connections as randomly hanging 694or other weird behavior. 695Some network devices are known to be broken with respect to these options. 696.It Va log_in_vain 697.Pq Vt int 698Set to 0 by default. 699The 700.Xr sysctl 8 701variables, 702.Va net.inet.tcp.log_in_vain 703and 704.Va net.inet.udp.log_in_vain , 705as described in 706.Xr tcp 4 707and 708.Xr udp 4 , 709are set to the given value. 710.It Va tcp_keepalive 711.Pq Vt bool 712Set to 713.Dq Li YES 714by default. 715Setting to 716.Dq Li NO 717will disable probing idle TCP connections to verify that the 718peer is still up and reachable. 719.It Va tcp_drop_synfin 720.Pq Vt bool 721Set to 722.Dq Li NO 723by default. 724Setting to 725.Dq Li YES 726will cause the kernel to ignore TCP frames that have both 727the SYN and FIN flags set. 728This prevents OS fingerprinting, but may break some legitimate applications. 729This option is only available if the kernel was built with the 730.Dv TCP_DROP_SYNFIN 731option. 732.It Va icmp_drop_redirect 733.Pq Vt bool 734Set to 735.Dq Li NO 736by default. 737Setting to 738.Dq Li YES 739will cause the kernel to ignore ICMP REDIRECT packets. 740Refer to 741.Xr icmp 4 742for more information. 743.It Va icmp_log_redirect 744.Pq Vt bool 745Set to 746.Dq Li NO 747by default. 748Setting to 749.Dq Li YES 750will cause the kernel to log ICMP REDIRECT packets. 751Note that 752the log messages are not rate-limited, so this option should only be used 753for troubleshooting networks. 754Refer to 755.Xr icmp 4 756for more information. 757.It Va icmp_bmcastecho 758.Pq Vt bool 759Set to 760.Dq Li YES 761to respond to broadcast or multicast ICMP ping packets. 762Refer to 763.Xr icmp 4 764for more information. 765.It Va ip_portrange_first 766.Pq Vt int 767If not set to 768.Dq Li NO , 769this is the first port in the default portrange. 770Refer to 771.Xr ip 4 772for more information. 773.It Va ip_portrange_last 774.Pq Vt int 775If not set to 776.Dq Li NO , 777this is the last port in the default portrange. 778Refer to 779.Xr ip 4 780for more information. 781.It Va network_interfaces 782.Pq Vt str 783Set to the list of network interfaces to configure on this host. 784For example, if the only network devices in the system are the loopback device 785.Pq Li lo0 786and a NIC using the 787.Xr ed 4 788driver, this could be set to 789.Dq Li "lo0 ed0" . 790An 791.Va ifconfig_ Ns Aq Ar interface 792variable is also assumed to exist for each value of 793.Ar interface . 794It is also possible to add IP alias entries here in cases where 795multiple IP addresses registered against a single interface are desired. 796Assuming that the interface in question was 797.Li ed0 , 798it might look something like this: 799.Bd -literal 800ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 801ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 802.Ed 803.Pp 804And so on. 805For each 806.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 807entry that is found, its contents are passed to 808.Xr ifconfig 8 . 809Execution stops at the first unsuccessful access, so if 810something like this is present: 811.Bd -literal 812ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 813ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 814ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 815ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 816.Ed 817.Pp 818Then note that alias4 would 819.Em not 820be added since the search would stop with the missing alias3 entry. 821.Pp 822If the 823.Pa /etc/start_if. Ns Aq Ar interface 824file is present, it is read and executed by the 825.Xr sh 1 826interpreter before configuring the interface as specified in the 827.Va ifconfig_ Ns Aq Ar interface 828and 829.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 830variables. 831.Pp 832It is possible to bring up an interface with DHCP by adding 833.Dq Li DHCP 834to the 835.Va ifconfig_ Ns Aq Ar interface 836variable. 837For instance, to initialize the 838.Li ed0 839device via DHCP, it is possible to use something like: 840.Bd -literal 841ifconfig_ed0="DHCP" 842.Ed 843.Pp 844Also, if your interface needs WPA authentication, it is possible to add 845.Dq Li WPA 846to the 847.Va ifconfig_ Ns Aq Ar interface 848variable. 849.Pp 850Finally, you can add 851.Xr ifconfig 8 852options in this variable, in addition to the 853.Pa /etc/start_if. Ns Aq Ar interface 854file. 855For instance, to initialize the 856.Li wi0 857device via DHCP, using WPA authentication and 802.11b mode, it is 858possible to use something like: 859.Bd -literal 860ifconfig_wi0="up DHCP WPA mode 11b" 861.Ed 862.Pp 863It is also possible to rename interface by doing: 864.Bd -literal 865ifconfig_ed0_name="net0" 866ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 867.Ed 868.It Va ipv6_network_interfaces 869.Pq Vt str 870This is the IPv6 equivalent of 871.Va network_interfaces . 872Instead of setting the ifconfig variables as 873.Va ifconfig_ Ns Aq Ar interface 874they should be set as 875.Va ipv6_ifconfig_ Ns Aq Ar interface . 876Aliases should be set as 877.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 878.Va ipv6_prefix_ Ns Aq Ar interface 879does something. 880Interfaces that do not have a 881.Va ipv6_ifconfig_ Ns Aq Ar interface 882setting will be auto configured by 883.Xr rtsol 8 884if the 885.Va ipv6_gateway_enable 886is set to 887.Dq Li NO . 888Note that the IPv6 networking code does not support the 889.Pa /etc/start_if. Ns Aq Ar interface 890files. 891.It Va ipv6_default_interface 892.Pq Vt str 893If not set to 894.Dq Li NO , 895this is the default output interface for scoped addresses. 896Now this works only for IPv6 link local multicast addresses. 897.It Va cloned_interfaces 898.Pq Vt str 899Set to the list of clonable network interfaces to create on this host. 900Entries in 901.Va cloned_interfaces 902are automatically appended to 903.Va network_interfaces 904for configuration. 905.It Va gif_interfaces 906.Pq Vt str 907Set to the list of 908.Xr gif 4 909tunnel interfaces to configure on this host. 910A 911.Va gifconfig_ Ns Aq Ar interface 912variable is assumed to exist for each value of 913.Ar interface . 914The value of this variable is used to configure the link layer of the 915tunnel according to the syntax of the 916.Cm tunnel 917option to 918.Xr ifconfig 8 . 919Additionally, this option ensures that each listed interface is created via the 920.Cm create 921option to 922.Xr ifconfig 8 923before attempting to configure it. 924.It Va sppp_interfaces 925.Pq Vt str 926Set to the list of 927.Xr sppp 4 928interfaces to configure on this host. 929A 930.Va spppconfig_ Ns Aq Ar interface 931variable is assumed to exist for each value of 932.Ar interface . 933Each interface should also be configured by a general 934.Va ifconfig_ Ns Aq Ar interface 935setting. 936Refer to 937.Xr spppcontrol 8 938for more information about available options. 939.It Va ppp_enable 940.Pq Vt bool 941If set to 942.Dq Li YES , 943run the 944.Xr ppp 8 945daemon. 946.It Va ppp_mode 947.Pq Vt str 948Mode in which to run the 949.Xr ppp 8 950daemon. 951Accepted modes are 952.Dq Li auto , 953.Dq Li ddial , 954.Dq Li direct 955and 956.Dq Li dedicated . 957See the manual for a full description. 958.It Va ppp_nat 959.Pq Vt bool 960If set to 961.Dq Li YES , 962enables network address translation. 963Used in conjunction with 964.Va gateway_enable 965allows hosts on private network addresses access to the Internet using 966this host as a network address translating router. 967.It Va ppp_profile 968.Pq Vt str 969The name of the profile to use from 970.Pa /etc/ppp/ppp.conf . 971.It Va ppp_user 972.Pq Vt str 973The name of the user under which 974.Xr ppp 8 975should be started. 976By default, 977.Xr ppp 8 978is started as 979.Dq Li root . 980.It Va rc_conf_files 981.Pq Vt str 982This option is used to specify a list of files that will override 983the settings in 984.Pa /etc/defaults/rc.conf . 985The files will be read in the order in which they are specified and should 986include the full path to the file. 987By default, the files specified are 988.Pa /etc/rc.conf 989and 990.Pa /etc/rc.conf.local 991.It Va fsck_y_enable 992.Pq Vt bool 993If set to 994.Dq Li YES , 995.Xr fsck 8 996will be run with the 997.Fl y 998flag if the initial preen of the file systems fails. 999.It Va netfs_types 1000.Pq Vt str 1001List of file system types that are network-based. 1002This list should generally not be modified by end users. 1003Use 1004.Va extra_netfs_types 1005instead. 1006.It Va extra_netfs_types 1007.Pq Vt str 1008If set to something other than 1009.Dq Li NO 1010(the default), this variable extends the list of file system types 1011for which automatic mounting at startup by 1012.Xr rc 8 1013should be delayed until the network is initialized. 1014It should contain 1015a whitespace-separated list of network file system descriptor pairs, 1016each consisting of a file system type as passed to 1017.Xr mount 8 1018and a human-readable, one-word description, joined with a colon 1019.Pq Ql \&: . 1020Extending the default list in this way is only necessary 1021when third party file system types are used. 1022.It Va syslogd_enable 1023.Pq Vt bool 1024If set to 1025.Dq Li YES , 1026run the 1027.Xr syslogd 8 1028daemon. 1029.It Va syslogd_program 1030.Pq Vt str 1031Path to 1032.Xr syslogd 8 1033(default 1034.Pa /usr/sbin/syslogd ) . 1035.It Va syslogd_flags 1036.Pq Vt str 1037If 1038.Va syslogd_enable 1039is set to 1040.Dq Li YES , 1041these are the flags to pass to 1042.Xr syslogd 8 . 1043.It Va inetd_enable 1044.Pq Vt bool 1045If set to 1046.Dq Li YES , 1047run the 1048.Xr inetd 8 1049daemon. 1050.It Va inetd_program 1051.Pq Vt str 1052Path to 1053.Xr inetd 8 1054(default 1055.Pa /usr/sbin/inetd ) . 1056.It Va inetd_flags 1057.Pq Vt str 1058If 1059.Va inetd_enable 1060is set to 1061.Dq Li YES , 1062these are the flags to pass to 1063.Xr inetd 8 . 1064.It Va named_enable 1065.Pq Vt bool 1066If set to 1067.Dq Li YES , 1068run the 1069.Xr named 8 1070daemon. 1071.It Va named_program 1072.Pq Vt str 1073Path to 1074.Xr named 8 1075(default 1076.Pa /usr/sbin/named ) . 1077.It Va named_flags 1078.Pq Vt str 1079If 1080.Va named_enable 1081is set to 1082.Dq Li YES , 1083these are the flags to pass to 1084.Xr named 8 . 1085.It Va named_pidfile 1086.Pq Vt str 1087This is the default path to the 1088.Xr named 8 1089daemon's PID file. 1090Change it if you change the location in 1091.Pa /etc/namedb/named.conf . 1092.It Va named_chrootdir 1093.Pq Vt str 1094The root directory for a name server run in a 1095.Xr chroot 8 1096environment. 1097If left empty 1098.Xr named 8 1099will not be run in a 1100.Xr chroot 8 1101environment. 1102.It Va kerberos5_server_enable 1103.Pq Vt bool 1104Set to 1105.Dq Li YES 1106to start a Kerberos 5 authentication server at boot time. 1107.It Va kerberos5_server_program 1108.Pq Vt str 1109If 1110.Va kerberos5_server_enable 1111is set to 1112.Dq Li YES 1113this is the path to Kerberos 5 Authentication Server. 1114.It Va kadmind5_server_enable 1115.Pq Vt bool 1116Set to 1117.Dq Li YES 1118to start 1119.Xr kadmind 8 , 1120the Kerberos 5 Administration Daemon; set to 1121.Dq Li NO 1122on a slave server. 1123.It Va kadmind5_server_program 1124.Pq Vt str 1125If 1126.Va kadmind5_server_enable 1127is set to 1128.Dq Li YES 1129this is the path to Kerberos 5 Administration Daemon. 1130.It Va kpasswdd_server_enable 1131.Pq Vt bool 1132Set to 1133.Dq Li YES 1134to start 1135.Xr kpasswdd 8 , 1136the Kerberos 5 Password-Changing Daemon; set to 1137.Dq Li NO 1138on a slave server. 1139.It Va kpasswdd_server_program 1140.Pq Vt str 1141If 1142.Va kpasswdd_server_enable 1143is set to 1144.Dq Li YES 1145this is the path to Kerberos 5 Password-Changing Daemon. 1146.It Va rwhod_enable 1147.Pq Vt bool 1148If set to 1149.Dq Li YES , 1150run the 1151.Xr rwhod 8 1152daemon at boot time. 1153.It Va rwhod_flags 1154.Pq Vt str 1155If 1156.Va rwhod_enable 1157is set to 1158.Dq Li YES , 1159these are the flags to pass to it. 1160.It Va amd_enable 1161.Pq Vt bool 1162If set to 1163.Dq Li YES , 1164run the 1165.Xr amd 8 1166daemon at boot time. 1167.It Va amd_flags 1168.Pq Vt str 1169If 1170.Va amd_enable 1171is set to 1172.Dq Li YES , 1173these are the flags to pass to it. 1174See the 1175.Xr amd 8 1176manpage for more information. 1177.It Va amd_map_program 1178.Pq Vt str 1179If set, the specified program is run to get the list of 1180.Xr amd 8 1181maps. 1182For example, if the 1183.Xr amd 8 1184maps are stored in NIS, one can set this to run 1185.Xr ypcat 1 1186to get a list of 1187.Xr amd 8 1188maps from the 1189.Pa amd.master 1190NIS map. 1191.It Va update_motd 1192.Pq Vt bool 1193If set to 1194.Dq Li YES , 1195.Pa /etc/motd 1196will be updated at boot time to reflect the kernel release being run. 1197If set to 1198.Dq Li NO , 1199.Pa /etc/motd 1200will not be updated. 1201.It Va nfs_client_enable 1202.Pq Vt bool 1203If set to 1204.Dq Li YES , 1205run the NFS client daemons at boot time. 1206.It Va nfs_client_flags 1207.Pq Vt str 1208If 1209.Va nfs_client_enable 1210is set to 1211.Dq Li YES , 1212these are the flags to pass to the 1213.Xr nfsiod 8 1214daemon. 1215.It Va nfs_access_cache 1216.Pq Vt int 1217If 1218.Va nfs_client_enable 1219is set to 1220.Dq Li YES , 1221this can be set to 1222.Dq Li 0 1223to disable NFS ACCESS RPC caching, or to the number of seconds for which 1224NFS ACCESS results should be cached. 1225A value of 2-10 seconds will substantially reduce network traffic for 1226many NFS operations. 1227The default is 5 seconds. 1228Note that the attribute cache holds stat information only. 1229The NFS data cache is independent of the attribute cache and is only 1230invalidated when the client detects that the server has modified the 1231underlying file. 1232This value specifies a maximum timeout. 1233The NFS client will automatically use a shorter timeout for files which 1234have been recently modified. 1235.It Va nfs_neg_cache 1236.Pq Vt int 1237If 1238.Va nfs_client_enable 1239is set to 1240.Dq Li YES , 1241this can be set to 1242.Dq Li 0 1243to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1244filenames), or to the number of seconds for which negative lookups should 1245be cached. 1246A value of 2-10 seconds will substantially reduce network 1247traffic for many NFS operations, especially source code builds. 1248The default is 3 seconds. 1249.It Va nfs_server_enable 1250.Pq Vt bool 1251If set to 1252.Dq Li YES , 1253run the NFS server daemons at boot time. 1254.It Va nfs_server_flags 1255.Pq Vt str 1256If 1257.Va nfs_server_enable 1258is set to 1259.Dq Li YES , 1260these are the flags to pass to the 1261.Xr nfsd 8 1262daemon. 1263.It Va mountd_enable 1264.Pq Vt bool 1265If set to 1266.Dq Li YES , 1267and no 1268.Va nfs_server_enable 1269is set, start 1270.Xr mountd 8 , 1271but not 1272.Xr nfsd 8 1273daemon. 1274It is commonly needed to run CFS without real NFS used. 1275.It Va mountd_flags 1276.Pq Vt str 1277If 1278.Va mountd_enable 1279is set to 1280.Dq Li YES , 1281these are the flags to pass to the 1282.Xr mountd 8 1283daemon. 1284.It Va weak_mountd_authentication 1285.Pq Vt bool 1286If set to 1287.Dq Li YES , 1288allow services like PCNFSD to make non-privileged mount requests. 1289.It Va nfs_reserved_port_only 1290.Pq Vt bool 1291If set to 1292.Dq Li YES , 1293provide NFS services only on a secure port. 1294.It Va nfs_bufpackets 1295.Pq Vt int 1296If set to a number, indicates the number of packets worth of 1297socket buffer space to reserve on an NFS client. 1298The kernel default is typically 4. 1299Using a higher number may be useful on gigabit networks to improve performance. 1300The minimum value is 2 and the maximum is 64. 1301.It Va rpc_umntall_enable 1302.Pq Vt bool 1303If set to 1304.Dq Li YES 1305(default) and we are also an NFS client, run 1306.Xr rpc.umntall 8 1307at boot time to clear out old mounts on remote servers. 1308If set to 1309.Dq Li NO 1310then 1311.Xr rpc.umntall 8 1312will not be run at boot time. 1313.It Va rpc_lockd_enable 1314.Pq Vt bool 1315If set to 1316.Dq Li YES 1317and also an NFS server, run 1318.Xr rpc.lockd 8 1319at boot time. 1320.It Va rpc_statd_enable 1321.Pq Vt bool 1322If set to 1323.Dq Li YES 1324and also an NFS server, run 1325.Xr rpc.statd 8 1326at boot time. 1327.It Va rpcbind_program 1328.Pq Vt str 1329Path to 1330.Xr rpcbind 8 1331(default 1332.Pa /usr/sbin/rpcbind ) . 1333.It Va rpcbind_enable 1334.Pq Vt bool 1335If set to 1336.Dq Li YES , 1337run the 1338.Xr rpcbind 8 1339service at boot time. 1340.It Va rpcbind_flags 1341.Pq Vt str 1342If 1343.Va rpcbind_enable 1344is set to 1345.Dq Li YES , 1346these are the flags to pass to the 1347.Xr rpcbind 8 1348daemon. 1349.It Va keyserv_enable 1350.Pq Vt bool 1351If set to 1352.Dq Li YES , 1353run the 1354.Xr keyserv 8 1355daemon on boot for running Secure RPC. 1356.It Va keyserv_flags 1357.Pq Vt str 1358If 1359.Va keyserv_enable 1360is set to 1361.Dq Li YES , 1362these are the flags to pass to 1363.Xr keyserv 8 1364daemon. 1365.It Va pppoed_enable 1366.Pq Vt bool 1367If set to 1368.Dq Li YES , 1369run the 1370.Xr pppoed 8 1371daemon at boot time to provide PPP over Ethernet services. 1372.It Va pppoed_provider 1373.Pq Vt str 1374.Xr pppoed 8 1375listens to requests to this provider and ultimately runs 1376.Xr ppp 8 1377with a 1378.Ar system 1379argument of the same name. 1380.It Va pppoed_flags 1381.Pq Vt str 1382Additional flags to pass to 1383.Xr pppoed 8 . 1384.It Va pppoed_interface 1385.Pq Vt str 1386The network interface to run 1387.Xr pppoed 8 1388on. 1389This is mandatory when 1390.Va pppoed_enable 1391is set to 1392.Dq Li YES . 1393.It Va timed_enable 1394.Pq Vt bool 1395If set to 1396.Dq Li YES , 1397run the 1398.Xr timed 8 1399service at boot time. 1400This command is intended for networks of machines where a consistent 1401.Dq "network time" 1402for all hosts must be established. 1403This is often useful in large NFS environments where time stamps on 1404files are expected to be consistent network-wide. 1405.It Va timed_flags 1406.Pq Vt str 1407If 1408.Va timed_enable 1409is set to 1410.Dq Li YES , 1411these are the flags to pass to the 1412.Xr timed 8 1413service. 1414.It Va ntpd_enable 1415.Pq Vt bool 1416If set to 1417.Dq Li YES , 1418run the 1419.Xr ntpd 8 1420command at boot time. 1421.It Va ntpd_program 1422.Pq Vt str 1423Path to 1424.Xr ntpd 8 1425(default 1426.Pa /usr/sbin/ntpd ) . 1427.It Va ntpd_flags 1428.Pq Vt str 1429If 1430.Va ntpd_enable 1431is set to 1432.Dq Li YES , 1433these are the flags to pass to the 1434.Xr ntpd 8 1435daemon. 1436Set to 1437.Dq Li -s 1438by default which sets the time immediately at startup if the 1439local clock is off by more than 180 seconds. 1440To prevent 1441.Xr ntpd 8 1442from doing this, set 1443.Va ntpd_flags 1444to 1445.Dq Li -S . 1446.It Va dntpd_enable 1447.Pq Vt bool 1448If set to 1449.Dq Li YES , 1450run 1451.Xr dntpd 8 1452at system boot time. 1453.It Va dntpd_program 1454.Pq Vt str 1455Path to 1456.Xr dntpd 8 1457(default 1458.Pa /usr/sbin/dntpd ) . 1459.It Va dntpd_flags 1460.Pq Vt str 1461If 1462.Va dntpd_enable 1463is set to 1464.Dq Li YES , 1465these are the flags to pass to the 1466.Xr dntpd 8 1467daemon. 1468.It Va nis_client_enable 1469.Pq Vt bool 1470If set to 1471.Dq Li YES , 1472run the 1473.Xr ypbind 8 1474service at system boot time. 1475.It Va nis_client_flags 1476.Pq Vt str 1477If 1478.Va nis_client_enable 1479is set to 1480.Dq Li YES , 1481these are the flags to pass to the 1482.Xr ypbind 8 1483service. 1484.It Va nis_ypset_enable 1485.Pq Vt bool 1486If set to 1487.Dq Li YES , 1488run the 1489.Xr ypset 8 1490daemon at system boot time. 1491.It Va nis_ypset_flags 1492.Pq Vt str 1493If 1494.Va nis_ypset_enable 1495is set to 1496.Dq Li YES , 1497these are the flags to pass to the 1498.Xr ypset 8 1499daemon. 1500.It Va nis_server_enable 1501.Pq Vt bool 1502If set to 1503.Dq Li YES , 1504run the 1505.Xr ypserv 8 1506daemon at system boot time. 1507.It Va nis_server_flags 1508.Pq Vt str 1509If 1510.Va nis_server_enable 1511is set to 1512.Dq Li YES , 1513these are the flags to pass to the 1514.Xr ypserv 8 1515daemon. 1516.It Va nis_ypxfrd_enable 1517.Pq Vt bool 1518If set to 1519.Dq Li YES , 1520run the 1521.Xr rpc.ypxfrd 8 1522daemon at system boot time. 1523.It Va nis_ypxfrd_flags 1524.Pq Vt str 1525If 1526.Va nis_ypxfrd_enable 1527is set to 1528.Dq Li YES , 1529these are the flags to pass to the 1530.Xr rpc.ypxfrd 8 1531daemon. 1532.It Va nis_yppasswdd_enable 1533.Pq Vt bool 1534If set to 1535.Dq Li YES , 1536run the 1537.Xr rpc.yppasswdd 8 1538daemon at system boot time. 1539.It Va nis_yppasswdd_flags 1540.Pq Vt str 1541If 1542.Va nis_yppasswdd_enable 1543is set to 1544.Dq Li YES , 1545these are the flags to pass to the 1546.Xr rpc.yppasswdd 8 1547daemon. 1548.It Va rpc_ypupdated_enable 1549.Pq Vt bool 1550If set to 1551.Dq Li YES , 1552run the 1553.Nm rpc.ypupdated 1554daemon at system boot time. 1555.It Va defaultrouter 1556.Pq Vt str 1557If not set to 1558.Dq Li NO , 1559create a default route to this host name or IP address 1560(use an IP address if this router is also required to get to the 1561name server!). 1562.It Va ipv6_defaultrouter 1563.Pq Vt str 1564The IPv6 equivalent of 1565.Va defaultrouter . 1566.It Va static_routes 1567.Pq Vt str 1568Set to the list of static routes that are to be added at system boot time. 1569If not set to 1570.Dq Li NO 1571then for each whitespace separated 1572.Ar element 1573in the value, a 1574.Va route_ Ns Aq Ar element 1575variable is assumed to exist whose contents will later be passed to a 1576.Dq Nm route Cm add 1577operation. 1578.It Va ipv6_static_routes 1579.Pq Vt str 1580The IPv6 equivalent of 1581.Va static_routes . 1582If not set to 1583.Dq Li NO 1584then for each whitespace separated 1585.Ar element 1586in the value, a 1587.Va ipv6_route_ Ns Aq Ar element 1588variable is assumed to exist whose contents will later be passed to a 1589.Dq Nm route Cm add Fl inet6 1590operation. 1591.It Va gateway_enable 1592.Pq Vt bool 1593If set to 1594.Dq Li YES , 1595configure host to act as an IP router, e.g. to forward packets 1596between interfaces. 1597.It Va ipv6_gateway_enable 1598.Pq Vt bool 1599The IPv6 equivalent of 1600.Va gateway_enable . 1601.It Va router_enable 1602.Pq Vt bool 1603If set to 1604.Dq Li YES , 1605run a routing daemon of some sort, based on the settings of 1606.Va router_program 1607and 1608.Va router_flags . 1609.It Va ipv6_router_enable 1610.Pq Vt bool 1611The IPv6 equivalent of 1612.Va router_enable . 1613If set to 1614.Dq Li YES , 1615run a routing daemon of some sort, based on the settings of 1616.Va ipv6_router_program 1617and 1618.Va ipv6_router_flags . 1619.It Va router_program 1620.Pq Vt str 1621If 1622.Va router_enable 1623is set to 1624.Dq Li YES , 1625this is the name of the routing daemon to use. 1626.It Va ipv6_router_program 1627.Pq Vt str 1628The IPv6 equivalent of 1629.Va router_program . 1630.It Va router_flags 1631.Pq Vt str 1632If 1633.Va router_enable 1634is set to 1635.Dq Li YES , 1636these are the flags to pass to the routing daemon. 1637.It Va ipv6_router_flags 1638.Pq Vt str 1639The IPv6 equivalent of 1640.Va router_flags . 1641.It Va mrouted_enable 1642.Pq Vt bool 1643If set to 1644.Dq Li YES , 1645run the multicast routing daemon, 1646.Xr mrouted 8 . 1647.It Va mroute6d_enable 1648.Pq Vt bool 1649The IPv6 equivalent of 1650.Va mrouted_enable . 1651If set to 1652.Dq Li YES , 1653run the IPv6 multicast routing daemon. 1654Note that no IPv6 multicast routing daemon is included in the 1655.Dx 1656base system but 1657.Xr pim6dd 8 1658can be installed from the 1659.Xr pkgsrc 7 1660collection. 1661.It Va mrouted_flags 1662.Pq Vt str 1663If 1664.Va mrouted_enable 1665is set to 1666.Dq Li YES , 1667these are the flags to pass to the 1668.Xr mrouted 8 1669daemon. 1670.It Va mroute6d_flags 1671.Pq Vt str 1672The IPv6 equivalent of 1673.Va mrouted_flags . 1674If 1675.Va mroute6d_enable 1676is set to 1677.Dq Li YES , 1678these are the flags passed to the IPv6 multicast routing daemon. 1679.It Va mroute6d_program 1680.Pq Vt str 1681If 1682.Va mroute6d_enable 1683is set to 1684.Dq Li YES , 1685this is the path to the IPv6 multicast routing daemon. 1686.It Va rtadvd_enable 1687.Pq Vt bool 1688If set to 1689.Dq Li YES , 1690run the 1691.Xr rtadvd 8 1692daemon at boot time. 1693.Xr rtadvd 8 1694will only run if 1695.Va ipv6_gateway_enable 1696is also set to 1697.Dq Li YES . 1698The 1699.Xr rtadvd 8 1700utility sends router advertisement packets to the interfaces specified in 1701.Va rtadvd_interfaces . 1702.Xr rtadvd 8 1703and should only be enabled with great care. 1704You may want to fine-tune 1705.Xr rtadvd.conf 5 . 1706.It Va rtadvd_interfaces 1707.Pq Vt str 1708If 1709.Va rtadvd_enable 1710is set to 1711.Dq Li YES 1712this is the list of interfaces to use. 1713.It Va rtsold_enable 1714.Pq Vt bool 1715If set to 1716.Dq Li YES , 1717run the 1718.Xr rtsold 8 1719daemon at boot time. 1720The 1721.Xr rtsold 8 1722daemon is used for automatic discovery of non-link local addresses. 1723.It Va rtsold_flags 1724.Pq Vt str 1725If 1726.Va rtsold_enable 1727is set to 1728.Dq Li YES , 1729these are the flags to pass to the 1730.Xr rtsold 8 1731daemon. 1732.It Va ipxgateway_enable 1733.Pq Vt bool 1734If set to 1735.Dq Li YES , 1736enable the routing of IPX traffic. 1737.It Va ipxrouted_enable 1738.Pq Vt bool 1739If set to 1740.Dq Li YES , 1741run the 1742.Xr IPXrouted 8 1743daemon at system boot time. 1744.It Va ipxrouted_flags 1745.Pq Vt str 1746If 1747.Va ipxrouted_enable 1748is set to 1749.Dq Li YES , 1750these are the flags to pass to the 1751.Xr IPXrouted 8 1752daemon. 1753.It Va arpproxy_all 1754.Pq Vt bool 1755If set to 1756.Dq Li YES , 1757enable global proxy ARP. 1758.It Va forward_sourceroute 1759.Pq Vt bool 1760If set to 1761.Dq Li YES 1762and 1763.Va gateway_enable 1764is also set to 1765.Dq Li YES , 1766source-routed packets are forwarded. 1767.It Va accept_sourceroute 1768.Pq Vt bool 1769If set to 1770.Dq Li YES , 1771the system will accept source-routed packets directed at it. 1772.It Va rarpd_enable 1773.Pq Vt bool 1774If set to 1775.Dq Li YES , 1776run the 1777.Xr rarpd 8 1778daemon at system boot time. 1779.It Va rarpd_flags 1780.Pq Vt str 1781If 1782.Va rarpd_enable 1783is set to 1784.Dq Li YES , 1785these are the flags to pass to the 1786.Xr rarpd 8 1787daemon. 1788.It Va bootparamd_enable 1789.Pq Vt bool 1790If set to 1791.Dq Li YES , 1792run the 1793.Xr bootparamd 8 1794daemon at system boot time. 1795.It Va bootparamd_flags 1796.Pq Vt str 1797If 1798.Va bootparamd_enable 1799is set to 1800.Dq Li YES , 1801these are the flags to pass to the 1802.Xr bootparamd 8 1803daemon. 1804.It Va stf_interface_ipv4addr 1805.Pq Vt str 1806If not set to 1807.Dq Li NO , 1808this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1809Specify this entry to enable the 6to4 interface. 1810.It Va stf_interface_ipv4plen 1811.Pq Vt int 1812Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1813An effective value is 0-31. 1814.It Va stf_interface_ipv6_ifid 1815.Pq Vt str 1816IPv6 interface ID for 1817.Xr stf 4 . 1818This can be set to 1819.Dq Li AUTO . 1820.It Va stf_interface_ipv6_slaid 1821.Pq Vt str 1822IPv6 Site Level Aggregator for 1823.Xr stf 4 . 1824.It Va ipv6_faith_prefix 1825.Pq Vt str 1826If not set to 1827.Dq Li NO , 1828this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP translator. 1829You also need 1830.Xr faithd 8 1831setup. 1832.It Va ipv6_ipv4mapping 1833.Pq Vt bool 1834If set to 1835.Dq Li YES 1836this enables IPv4 mapped IPv6 address communication (like 1837.Li ::ffff:a.b.c.d ) . 1838.It Va atm_enable 1839.Pq Vt bool 1840Set to 1841.Dq Li YES 1842to enable the configuration of ATM interfaces at system boot time. 1843For all of the ATM variables described below, please refer to the 1844.Xr atm 8 1845man page for further details on the available command parameters. 1846Also refer to the files in 1847.Pa /usr/share/examples/atm 1848for more detailed configuration information. 1849.It Va atm_netif_ Ns Aq Ar intf 1850.Pq Vt str 1851For the ATM physical interface 1852.Ar intf , 1853this variable defines the name prefix and count for the ATM network 1854interfaces to be created. 1855The value will be passed as the parameters of an 1856.Dq Nm atm Cm "set netif" Ar intf 1857command. 1858.It Va atm_sigmgr_ Ns Aq Ar intf 1859.Pq Vt str 1860For the ATM physical interface 1861.Ar intf , 1862this variable defines the ATM signalling manager to be used. 1863The value will be passed as the parameters of an 1864.Dq Nm atm Cm attach Ar intf 1865command. 1866.It Va atm_prefix_ Ns Aq Ar intf 1867.Pq Vt str 1868For the ATM physical interface 1869.Ar intf , 1870this variable defines the NSAP prefix for interfaces using a UNI signalling 1871manager. 1872If set to 1873.Dq Li ILMI , 1874the prefix will automatically be set via the 1875.Xr ilmid 8 1876daemon. 1877Otherwise, the value will be passed as the parameters of an 1878.Dq Nm atm Cm "set prefix" Ar intf 1879command. 1880.It Va atm_macaddr_ Ns Aq Ar intf 1881.Pq Vt str 1882For the ATM physical interface 1883.Ar intf , 1884this variable defines the MAC address for interfaces using a UNI signalling 1885manager. 1886If set to 1887.Dq Li NO , 1888the hardware MAC address contained in the ATM interface card will be used. 1889Otherwise, the value will be passed as the parameters of an 1890.Dq Nm atm Cm "set mac" Ar intf 1891command. 1892.It Va atm_arpserver_ Ns Aq Ar netif 1893.Pq Vt str 1894For the ATM network interface 1895.Ar netif , 1896this variable defines the ATM address for a host which is to provide ATMARP 1897service. 1898This variable is only applicable to interfaces using a UNI signalling manager. 1899If set to 1900.Dq Li local , 1901this host will become an ATMARP server. 1902The value will be passed as the parameters of an 1903.Dq Nm atm Cm "set arpserver" Ar netif 1904command. 1905.It Va atm_scsparp_ Ns Aq Ar netif 1906.Pq Vt bool 1907If set to 1908.Dq Li YES , 1909SCSP/ATMARP service for the network interface 1910.Ar netif 1911will be initiated using the 1912.Xr scspd 8 1913and 1914.Xr atmarpd 8 1915daemons. 1916This variable is only applicable if 1917.Va atm_arpserver_ Ns Aq Ar netif 1918is set to 1919.Dq Li local . 1920.It Va atm_arps 1921.Pq Vt str 1922Set to the list of permanent ATM ARP entries to be added at system boot time. 1923For each whitespace separated 1924.Ar element 1925in the value, an 1926.Va atm_arp_ Ns Aq Ar element 1927variable is assumed to exist. 1928The value of each of these variables will be passed as the parameters of an 1929.Dq Nm atm Cm "add arp" 1930command. 1931.It Va keybell 1932.Pq Vt str 1933The keyboard bell sound. 1934Set to 1935.Dq Li normal , 1936.Dq Li visual , 1937.Dq Li off , 1938or 1939.Dq Li NO 1940if the default behavior is desired. 1941For details, refer to the 1942.Xr kbdcontrol 1 1943manpage. 1944.It Va keymap 1945.Pq Vt str 1946If set to 1947.Dq Li NO , 1948no keymap is installed, otherwise the value is used to install 1949the keymap file in 1950.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1951.It Va keyrate 1952.Pq Vt str 1953The keyboard repeat speed. 1954Set to 1955.Dq Li slow , 1956.Dq Li normal , 1957.Dq Li fast , 1958or 1959.Dq Li NO 1960if the default behavior is desired. 1961.It Va keychange 1962.Pq Vt str 1963If not set to 1964.Dq Li NO , 1965attempt to program the function keys with the value. 1966The value should be a single string of the form: 1967.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 1968.It Va cursor 1969.Pq Vt str 1970Can be set to the value of 1971.Dq Li normal , 1972.Dq Li blink , 1973.Dq Li destructive , 1974or 1975.Dq Li NO 1976to set the cursor behavior explicitly or choose the default behavior. 1977.It Va scrnmap 1978.Pq Vt str 1979If set to 1980.Dq Li NO , 1981no screen map is installed, otherwise the value is used to install 1982the screen map file in 1983.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 1984.It Va font8x16 1985.Pq Vt str 1986If set to 1987.Dq Li NO , 1988the default 8x16 font value is used for screen size requests, otherwise 1989the value in 1990.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1991is used. 1992.It Va font8x14 1993.Pq Vt str 1994If set to 1995.Dq Li NO , 1996the default 8x14 font value is used for screen size requests, otherwise 1997the value in 1998.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1999is used. 2000.It Va font8x8 2001.Pq Vt str 2002If set to 2003.Dq Li NO , 2004the default 8x8 font value is used for screen size requests, otherwise 2005the value in 2006.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2007is used. 2008.It Va blanktime 2009.Pq Vt int 2010If set to 2011.Dq Li NO , 2012the default screen blanking interval is used, otherwise it is set to 2013.Ar value 2014seconds. 2015.It Va saver 2016.Pq Vt str 2017If not set to 2018.Dq Li NO , 2019this is the actual screen saver to use 2020.Li ( blank , snake , daemon , 2021etc). 2022.It Va moused_enable 2023.Pq Vt str 2024If set to 2025.Dq Li YES , 2026the 2027.Xr moused 8 2028daemon is started for doing cut/paste selection on the console. 2029.It Va moused_type 2030.Pq Vt str 2031This is the protocol type of the mouse connected to this host. 2032This variable must be set if 2033.Va moused_enable 2034is set to 2035.Dq Li YES . 2036The 2037.Xr moused 8 2038daemon 2039is able to detect the appropriate mouse type automatically in many cases. 2040Set this variable to 2041.Dq Li auto 2042to let the daemon detect it, or 2043select one from the following list if the automatic detection fails. 2044.Pp 2045If the mouse is attached to the PS/2 mouse port, choose 2046.Dq Li auto 2047or 2048.Dq Li ps/2 , 2049regardless of the brand and model of the mouse. 2050Likewise, if the mouse is attached to the bus mouse port, choose 2051.Dq Li auto 2052or 2053.Dq Li busmouse . 2054All other protocols are for serial mice and will not work with 2055the PS/2 and bus mice. 2056If this is a USB mouse, 2057.Dq Li auto 2058is the only protocol type which will work. 2059.Pp 2060.Bl -tag -width ".Li x10mouseremote" -compact 2061.It Li microsoft 2062Microsoft mouse (serial) 2063.It Li intellimouse 2064Microsoft IntelliMouse (serial) 2065.It Li mousesystems 2066Mouse systems Corp. mouse (serial) 2067.It Li mmseries 2068MM Series mouse (serial) 2069.It Li logitech 2070Logitech mouse (serial) 2071.It Li busmouse 2072A bus mouse 2073.It Li mouseman 2074Logitech MouseMan and TrackMan (serial) 2075.It Li glidepoint 2076ALPS GlidePoint (serial) 2077.It Li thinkingmouse 2078Kensington ThinkingMouse (serial) 2079.It Li ps/2 2080PS/2 mouse 2081.It Li mmhittab 2082MM HitTablet (serial) 2083.It Li x10mouseremote 2084X10 MouseRemote (serial) 2085.It Li versapad 2086Interlink VersaPad (serial) 2087.El 2088.Pp 2089Even if the mouse is not in the above list, it may be compatible 2090with one in the list. 2091Refer to the man page for 2092.Xr moused 8 2093for compatibility information. 2094.Pp 2095It should also be noted that while this is enabled, any 2096other client of the mouse (such as an X server) should access 2097the mouse through the virtual mouse device, 2098.Pa /dev/sysmouse , 2099and configure it as a 2100.Dq Li sysmouse 2101type mouse, since all 2102mouse data is converted to this single canonical format when using 2103.Xr moused 8 . 2104If the client program does not support the 2105.Dq Li sysmouse 2106type, specify the 2107.Dq Li mousesystems 2108type. 2109It is the second preferred type. 2110.It Va moused_port 2111.Pq Vt str 2112If 2113.Va moused_enable 2114is set to 2115.Dq Li YES , 2116this is the actual port the mouse is on. 2117It might be 2118.Pa /dev/cuaa0 2119for a COM1 serial mouse, 2120.Pa /dev/psm0 2121for a PS/2 mouse or 2122.Pa /dev/mse0 2123for a bus mouse, for example. 2124.It Va moused_flags 2125.Pq Vt str 2126If 2127.Va moused_type 2128is set, these are the additional flags to pass to the 2129.Xr moused 8 2130daemon. 2131.It Va mousechar_start 2132.Pq Vt int 2133If set to 2134.Dq Li NO , 2135the default mouse cursor character range 2136.Li 0xd0 Ns - Ns Li 0xd3 2137is used, otherwise the range start is set to 2138.Ar value 2139character, see 2140.Xr vidcontrol 1 . 2141Use if the default range is occupied in the language code table. 2142.It Va vidhistory 2143.Pq Vt int 2144Set the size of the history (scrollback) buffer in lines. 2145.It Va allscreens_flags 2146.Pq Vt str 2147If set, 2148.Xr vidcontrol 1 2149is run with these options for each of the virtual terminals 2150.Pq Pa /dev/ttyv* . 2151For example, 2152.Dq Fl m Cm on 2153will enable the mouse pointer on all virtual terminals if 2154.Va moused_enable 2155is set to 2156.Dq Li YES . 2157.It Va allscreens_kbdflags 2158.Pq Vt str 2159If set, 2160.Xr kbdcontrol 1 2161is run with these options for each of the virtual terminals 2162.Pq Pa /dev/ttyv* . 2163For example, 2164.Dq Fl h Li 200 2165will set the 2166.Xr syscons 4 2167scrollback (history) buffer to 200 lines. 2168.It Va cron_enable 2169.Pq Vt bool 2170If set to 2171.Dq Li YES , 2172run the 2173.Xr cron 8 2174daemon at system boot time. 2175.It Va cron_program 2176.Pq Vt str 2177Path to 2178.Xr cron 8 2179(default 2180.Pa /usr/sbin/cron ) . 2181.It Va cron_flags 2182.Pq Vt str 2183If 2184.Va cron_enable 2185is set to 2186.Dq Li YES , 2187these are the flags to pass to 2188.Xr cron 8 . 2189.It Va lpd_program 2190.Pq Vt str 2191Path to 2192.Xr lpd 8 2193(default 2194.Pa /usr/sbin/lpd ) . 2195.It Va lpd_enable 2196.Pq Vt bool 2197If set to 2198.Dq Li YES , 2199run the 2200.Xr lpd 8 2201daemon at system boot time. 2202.It Va lpd_flags 2203.Pq Vt str 2204If 2205.Va lpd_enable 2206is set to 2207.Dq Li YES , 2208these are the flags to pass to the 2209.Xr lpd 8 2210daemon. 2211.It Va mixer_enable 2212.Pq Vt bool 2213If set to 2214.Dq Li YES , 2215preserve 2216.Xr mixer 8 2217settings across reboots. 2218.It Va mta_start_script 2219.Pq Vt str 2220This variable specifies the full path to the script to run to start 2221a mail transfer agent. 2222The default is 2223.Pa /etc/rc.sendmail . 2224The 2225.Va sendmail_* 2226variables which 2227.Pa /etc/rc.sendmail 2228uses are documented in the 2229.Xr rc.sendmail 8 2230man page. 2231.It Va dumpdev 2232.Pq Vt str 2233Indicates the device (usually a swap partition) to which a crash dump 2234should be written in the event of a system crash. 2235The value of this variable is passed as the argument to 2236.Xr dumpon 8 . 2237To disable crash dumps, set this variable to 2238.Dq Li NO . 2239.It Va dumpdir 2240.Pq Vt str 2241When the system reboots after a crash and a crash dump is found on the 2242device specified by the 2243.Va dumpdev 2244variable, 2245.Xr savecore 8 2246will save that crash dump and a copy of the kernel to the directory 2247specified by the 2248.Va dumpdir 2249variable. 2250The default value is 2251.Pa /var/crash . 2252Set to 2253.Dq Li NO 2254to not run 2255.Xr savecore 8 2256at boot time when 2257.Va dumpdir 2258is set. 2259.It Va savecore_flags 2260.Pq Vt str 2261If crash dumps are enabled, these are the flags to pass to the 2262.Xr savecore 8 2263utility. 2264.It Va enable_quotas 2265.Pq Vt bool 2266Set to 2267.Dq Li YES 2268to turn on user disk quotas on system startup via the 2269.Xr quotaon 8 2270command. 2271.It Va check_quotas 2272.Pq Vt bool 2273Set to 2274.Dq Li YES 2275to enable user disk quota checking via the 2276.Xr quotacheck 8 2277command. 2278.It Va accounting_enable 2279.Pq Vt bool 2280Set to 2281.Dq Li YES 2282to enable system accounting through the 2283.Xr accton 8 2284facility. 2285.It Va linux_enable 2286.Pq Vt bool 2287Set to 2288.Dq Li YES 2289to enable Linux/ELF binary emulation at system initial boot time. 2290.It Va sysvipc_enable 2291.Pq Vt bool 2292If set to 2293.Dq Li YES , 2294load System V IPC primitives at boot time. 2295.\" ----- cleanvar_enable setting-------------------------------- 2296.It Va cleanvar_enable 2297.Pq Vt bool 2298Set to 2299.Dq Li YES 2300to have 2301.Pa /var/run , 2302.Pa /var/spool/lock 2303and 2304.Pa /var/spool/uucp/.Temp/* 2305cleaned at startup. 2306.\" ----- clear_tmp_enable setting------------------------------- 2307.It Va clear_tmp_enable 2308.Pq Vt bool 2309Set to 2310.Dq Li YES 2311to have 2312.Pa /tmp 2313cleaned at startup. 2314.\" ----- ldconfig_paths setting -------------------------------- 2315.It Va ldconfig_paths 2316.Pq Vt str 2317Set to the list of shared library paths to use with 2318.Xr ldconfig 8 . 2319NOTE: 2320.Pa /usr/lib 2321will always be added first, so it need not appear in this list. 2322.It Va ldconfig_insecure 2323.Pq Vt bool 2324The 2325.Xr ldconfig 8 2326utility normally refuses to use directories 2327which are writable by anyone except root. 2328Set this variable to 2329.Dq Li YES 2330to disable that security check during system startup. 2331.It Va kern_securelevel 2332.Pq Vt int 2333The kernel security level to set at startup. 2334The allowed range of 2335.Ar value 2336ranges from \-1 (the compile time default) to 3 (the most secure). 2337See 2338.Xr init 8 2339for the list of possible security levels and their effect on system operation. 2340.It Va start_vinum 2341.Pq Vt bool 2342Set to 2343.Dq Li YES 2344to start 2345.Xr vinum 8 2346at system boot time. 2347.It Va sshd_enable 2348.Pq Vt bool 2349Set to 2350.Dq Li YES 2351to start 2352.Xr sshd 8 2353at system boot time. 2354.It Va sshd_program 2355.Pq Vt str 2356Path to the SSH server program 2357.Pa ( /usr/sbin/sshd 2358is the default). 2359.It Va sshd_flags 2360.Pq Vt str 2361If 2362.Va sshd_enable 2363is set to 2364.Dq Li YES , 2365these are the flags to pass to the 2366.Xr sshd 8 2367daemon. 2368.It Va ftpd_enable 2369.Pq Vt bool 2370Set to 2371.Dq Li YES 2372to start 2373.Xr ftpd 8 2374at system boot time. 2375.It Va ftpd_flags 2376.Pq Vt str 2377If 2378.Va ftpd_enable 2379is set to 2380.Dq Li YES , 2381these are the flags to pass to the 2382.Xr ftpd 8 2383daemon. 2384.It Va usbd_enable 2385.Pq Vt bool 2386If set to 2387.Dq Li YES , 2388run the 2389.Xr usbd 8 2390daemon at boot time. 2391.It Va usbd_flags 2392.Pq Vt str 2393If 2394.Va usbd_enable 2395is set to 2396.Dq Li YES , 2397these are the flags passed to 2398.Xr usbd 8 2399daemon. 2400.It Va watchdogd_enable 2401.Pq Vt bool 2402If set to 2403.Dq Li YES , 2404start the 2405.Xr watchdogd 8 2406daemon at boot time. 2407This requires that the kernel have been compiled with 2408.Cd "options WATCHDOG" . 2409.It Va jail_enable 2410.Pq Vt bool 2411If set to 2412.Dq Li NO , 2413any configured jails will not be started. 2414.It Va jail_list 2415.Pq Vt str 2416A space separated list of names for jails. 2417This is purely a configuration aid to help identify and 2418configure multiple jails. 2419The names specified in this list will be used to 2420identify settings common to an instance of a jail. 2421Assuming that the jail in question was named 2422.Li vjail , 2423you would have the following dependent variables: 2424.Bd -literal 2425jail_vjail_hostname="jail.example.com" 2426jail_vjail_ip="192.168.1.100" 2427jail_vjail_rootdir="/var/jails/vjail/root" 2428.Ed 2429.Pp 2430.It Va jail_flags 2431.Pq Vt str 2432Unset by default. 2433When set, use as default value for 2434.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2435for every jail in 2436.Va jail_list . 2437.It Va jail_interface 2438.Pq Vt str 2439Unset by default. 2440When set, use as default value for 2441.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2442for every jail in 2443.Va jail_list . 2444.It Va jail_fstab 2445.Pq Vt str 2446Unset by default. 2447When set, use as default value for 2448.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2449for every jail in 2450.Va jail_list . 2451.It Va jail_mount_enable 2452.Pq Vt bool 2453Set to 2454.Dq Li NO 2455by default. 2456When set to 2457.Dq Li YES , 2458sets 2459.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2460to 2461.Dq Li YES 2462by default for every jail in 2463.Va jail_list . 2464.It Va jail_fdesc_enable 2465.Pq Vt bool 2466Set to 2467.Dq Li NO 2468by default. 2469When set to 2470.Dq Li YES , 2471sets 2472.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2473to 2474.Dq Li YES 2475by default for every jail in 2476.Va jail_list . 2477.It Va jail_procfs_enable 2478.Pq Vt bool 2479Set to 2480.Dq Li NO 2481by default. 2482When set to 2483.Dq Li YES , 2484sets 2485.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2486to 2487.Dq Li YES 2488by default for every jail in 2489.Va jail_list . 2490.It Va jail_exec_start 2491.Pq Vt str 2492Unset by default. 2493When set, use as default value for 2494.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2495for every jail in 2496.Va jail_list . 2497.It Va jail_exec_stop 2498Unset by default. 2499When set, use as default value for 2500.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2501for every jail in 2502.Va jail_list . 2503.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2504.Pq Vt str 2505Unset by default. 2506Set to the root directory used by jail 2507.Va jname . 2508.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2509.Pq Vt str 2510Unset by default. 2511Set to the fully qualified domain name (FQDN) assigned to jail 2512.Va jname . 2513.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2514.Pq Vt str 2515Unset by default. 2516Set to the IP address assigned to jail 2517.Va jname . 2518.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2519.Pq Vt str 2520Set to 2521.Dq Li -l -U root 2522by default. 2523These are flags to pass to 2524.Xr jail 8 . 2525.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2526.Pq Vt str 2527Unset by default. 2528When set, sets the interface to use when setting IP address alias. 2529Note that the alias is created at jail startup and removed at jail shutdown. 2530.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2531.Pq Vt str 2532Set to 2533.Pa /etc/fstab. Ns Aq Ar jname 2534by default. 2535This is the file system information file to use for jail 2536.Va jname . 2537.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2538.Pq Vt bool 2539Set to 2540.Dq Li NO 2541by default. 2542When set to 2543.Dq Li YES , 2544mount all file systems from 2545.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2546at jail startup. 2547.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2548.Pq Vt bool 2549Set to 2550.Dq Li NO 2551by default. 2552When set to 2553.Dq Li YES , 2554mount the file-descriptor file system inside jail 2555.Ar jname 2556at jail startup. 2557.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2558.Pq Vt bool 2559Set to 2560.Dq Li NO 2561by default. 2562When set to 2563.Dq Li YES , 2564mount the process file system inside jail 2565.Ar jname 2566at jail startup. 2567.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2568.Pq Vt str 2569Set to 2570.Dq Li /bin/sh /etc/rc 2571by default. 2572This is the command executed at jail startup. 2573.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2574.Pq Vt str 2575Set to 2576.Dq Li /bin/sh /etc/rc.shutdown 2577by default. 2578This is the command executed at jail shutdown. 2579.It Va jail_set_hostname_allow 2580.Pq Vt bool 2581If set to 2582.Dq Li NO , 2583do not allow the root user in a jail to set its hostname. 2584.It Va jail_socket_unixiproute_only 2585.Pq Vt bool 2586If set to 2587.Dq Li YES , 2588do not allow any sockets, 2589besides UNIX/IP/route sockets, 2590to be used within a jail. 2591.It Va jail_sysvipc_allow 2592.Pq Vt bool 2593If set to 2594.Dq Li YES , 2595allow applications within a jail to use System V IPC. 2596.It Va resident_enable 2597.Pq Vt bool 2598If set to 2599.Dq Li YES , 2600make the dynamic binaries listed in 2601.Pa /etc/resident.conf 2602resident. 2603.It Va varsym_enable 2604.Pq Vt bool 2605If set to 2606.Dq Li YES , 2607process 2608.Pa /etc/varsym.conf 2609to set system-wide variables for variant symlinks. 2610.It Va rand_irqs 2611.Pq Vt str 2612Set either to 2613.Dq Li NO 2614or a whitespace separated list of IRQ numbers which will be used as a source of 2615randomness. 2616.\" ----- isdn settings --------------------------------- 2617.It Va isdn_enable 2618.Pq Vt bool 2619Set to 2620.Dq Li NO 2621by default. 2622When set to 2623.Dq Li YES , 2624starts the 2625.Xr isdnd 8 2626daemon at system boot time. 2627.It Va isdn_flags 2628.Pq Vt str 2629Set to 2630.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2631by default. 2632Additional flags to pass to 2633.Xr isdnd 8 2634(but see 2635.Va isdn_fsdev 2636and 2637.Va isdn_ttype 2638for certain tunable parameters). 2639.It Va isdn_ttype 2640.Pq Vt str 2641Set to 2642.Dq Li cons25 2643by default. 2644The terminal type of the output device when 2645.Xr isdnd 8 2646operates in full-screen mode. 2647.It Va isdn_screenflags 2648.Pq Vt str 2649Set to 2650.Dq Li NO 2651by default. 2652The video mode for full-screen mode (only for 2653.Xr syscons 4 2654console driver, see 2655.Xr vidcontrol 1 2656for valid modes). 2657.It Va isdn_fsdev 2658.Pq Vt str 2659Set to 2660.Dq Li NO 2661by default. 2662The output device for 2663.Xr isdnd 8 2664in full-screen mode (or 2665.Dq Li NO 2666for daemon mode). 2667.It Va isdn_trace 2668.Pq Vt bool 2669Set to 2670.Dq Li NO 2671by default. 2672When set to 2673.Dq Li YES , 2674enables the ISDN protocol trace utility 2675.Xr isdntrace 8 2676at system boot time. 2677.It Va isdn_traceflags 2678.Pq Vt str 2679Set to 2680.Dq Fl f Pa /var/tmp/isdntrace0 2681by default. 2682Flags for 2683.Xr isdntrace 8 . 2684.\" ----------------------------------------------------- 2685.It Va entropy_dir 2686.Pq Vt str 2687Set to 2688.Dq Li NO 2689to disable caching entropy via 2690.Xr cron 8 . 2691Otherwise set to the directory used to store entropy files in. 2692.It Va entropy_file 2693.Pq Vt str 2694Set to 2695.Dq Li NO 2696to disable caching entropy through reboots. 2697Otherwise set to the filename used to store cached entropy through reboots. 2698This file should be located on the root file system to seed the 2699.Xr random 4 2700device as early as possible in the boot process. 2701.It Va entropy_save_sz 2702.Pq Vt int 2703Size of the entropy cache files saved by 2704.Nm save-entropy 2705periodically. 2706.It Va entropy_save_num 2707.Pq Vt int 2708Number of entropy cache files to save by 2709.Nm save-entropy 2710periodically. 2711.It Va ipsec_enable 2712.Pq Vt bool 2713Set to 2714.Dq Li YES 2715to run 2716.Xr setkey 8 2717on 2718.Va ipsec_file 2719at boot time. 2720.It Va ipsec_file 2721.Pq Vt str 2722Configuration file for 2723.Xr setkey 8 . 2724.It Va dmesg_enable 2725.Pq Vt bool 2726Set to 2727.Dq Li YES 2728to save 2729.Xr dmesg 8 2730to 2731.Pa /var/run/dmesg.boot 2732on boot. 2733.It Va rcshutdown_timeout 2734.Pq Vt int 2735If set, start a watchdog timer in the background which will terminate 2736.Pa rc.shutdown 2737if 2738.Xr shutdown 8 2739has not completed within the specified time (in seconds). 2740.El 2741.Sh FILES 2742.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 2743.It Pa /etc/defaults/rc.conf 2744.It Pa /etc/rc.conf 2745.It Pa /etc/rc.conf.local 2746.El 2747.Sh SEE ALSO 2748.Xr catman 1 , 2749.Xr gdb 1 , 2750.Xr info 1 , 2751.Xr kbdcontrol 1 , 2752.Xr varsym 1 , 2753.Xr vidcontrol 1 , 2754.Xr ip 4 , 2755.Xr ipf 4 , 2756.Xr ipfw 4 , 2757.Xr kld 4 , 2758.Xr pf 4 , 2759.Xr tcp 4 , 2760.Xr udp 4 , 2761.Xr exports 5 , 2762.Xr motd 5 , 2763.Xr resident.conf 5 , 2764.Xr varsym.conf 5 , 2765.Xr accton 8 , 2766.Xr amd 8 , 2767.Xr apm 8 , 2768.Xr atm 8 , 2769.Xr cron 8 , 2770.Xr dhclient 8 , 2771.Xr dhcpd 8 , 2772.Xr dhcrelay 8 , 2773.Xr dntpd 8 , 2774.Xr ftpd 8 , 2775.Xr ifconfig 8 , 2776.Xr inetd 8 , 2777.Xr isdnd 8 , 2778.Xr isdntrace 8 , 2779.Xr jail 8 , 2780.Xr kldxref 8 , 2781.Xr lpd 8 , 2782.Xr makewhatis 8 , 2783.Xr mdconfig 8 , 2784.Xr mixer 8 , 2785.Xr mountd 8 , 2786.Xr moused 8 , 2787.Xr mrouted 8 , 2788.Xr named 8 , 2789.Xr nfsd 8 , 2790.Xr ntpd 8 , 2791.Xr pcnfsd 8 , 2792.Xr pfctl 8 , 2793.Xr pflogd 8 , 2794.Xr quotacheck 8 , 2795.Xr quotaon 8 , 2796.Xr rc 8 , 2797.Xr rc.sendmail 8 , 2798.Xr resident 8 , 2799.Xr rndcontrol 8 , 2800.Xr route 8 , 2801.Xr routed 8 , 2802.Xr rpc.lockd 8 , 2803.Xr rpc.statd 8 , 2804.Xr rpcbind 8 , 2805.Xr rtsold 8 , 2806.Xr rwhod 8 , 2807.Xr savecore 8 , 2808.Xr sensorsd 8 , 2809.Xr sshd 8 , 2810.Xr swapon 8 , 2811.Xr sysctl 8 , 2812.Xr syslogd 8 , 2813.Xr timed 8 , 2814.Xr usbd 8 , 2815.Xr vinum 8 , 2816.Xr yp 8 , 2817.Xr ypbind 8 , 2818.Xr ypserv 8 , 2819.Xr ypset 8 2820.Sh HISTORY 2821The 2822.Nm 2823file appeared in 2824.Fx 2.2.2 . 2825.Sh AUTHORS 2826.An Jordan K. Hubbard . 2827