1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" $DragonFly: src/share/man/man5/rc.conf.5,v 1.58 2008/07/28 00:08:56 thomas Exp $ 27.Dd January 30, 2008 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65See the 66.Va rc_conf_files 67variable below. 68.Pp 69The following list provides a name and short description for each 70variable that can be set in the 71.Nm 72file. 73To set a variable of 74.Vt bool 75type, specify either 76.Dq Li YES , 77.Dq Li TRUE , 78.Dq Li ON , 79or 80.Dq Li 1 . 81To unset, specify 82.Dq Li NO , 83.Dq Li FALSE , 84.Dq Li OFF , 85or 86.Dq Li 0 . 87These values are case insensitive. 88The 89.Va _enable 90postfix in the name of a variables for starting a service can be 91omitted (as in 92.Nx ) . 93.Bl -tag -width indent-two 94.It Va rc_debug 95.Pq Vt bool 96If set to 97.Dq Li YES , 98enable output of debug messages from rc scripts. 99This variable can be helpful in diagnosing mistakes when 100editing or integrating new scripts. 101Beware that this produces copious output to the terminal and 102.Xr syslog 3 . 103.It Va rc_info 104.Pq Vt bool 105If set to 106.Dq Li NO , 107disable informational messages from the rc scripts. 108Informational messages are displayed when 109a condition that is not serious enough to warrant a warning or an error occurs. 110.It Va swapfile 111.Pq Vt str 112If set to 113.Dq Li NO , 114no swapfile is installed, otherwise the value is used as the full 115pathname to a file to use for additional swap space. 116.It Va apm_enable 117.Pq Vt bool 118If set to 119.Dq Li YES , 120enable support for Automatic Power Management with the 121.Xr apm 8 122command. 123.It Va apmd_enable 124.Pq Vt bool 125Run 126.Xr apmd 8 127to handle APM event from userland. 128This also enables support for APM. 129.It Va apmd_flags 130.Pq Vt str 131If 132.Va apmd_enable 133is set to 134.Dq Li YES , 135these are the flags to pass to the 136.Xr apmd 8 137daemon. 138.It Va battd_enable 139Enable 140.Xr battd 8 141to monitor the status of batteries present in the system. 142This also enables support for APM. 143.It Va battd_flags 144.Pq Vt str 145If 146.Va battd_enable 147is set to 148.Dq Li YES , 149these are the flags to pass to the 150.Xr battd 8 151daemon. 152.It Va sensorsd_enable 153.Pq Vt bool 154Set to 155.Dq Li NO 156by default. 157Setting this to 158.Dq Li YES 159enables 160.Xr sensorsd 8 , 161a sensors monitoring and logging daemon. 162.It Va sensorsd_flags 163.Pq Vt str 164Empty by default. 165Additional flags passed to the 166.Xr sensorsd 8 167program. 168.It Va pccard_ifconfig 169.Pq Vt str 170List of arguments to be passed to 171.Xr ifconfig 8 172at boot time or on insertion of the card (e.g.\& 173.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 174for a fixed address or 175.Dq Li DHCP 176for a DHCP client). 177.It Va pccard_ether_delay 178.Pq Vt str 179Set the delay before starting 180.Xr dhclient 8 181in the 182.Pa /etc/pccard_ether 183script. 184This defaults to 5 seconds to work around a bug in the 185.Xr ed 4 186driver which can lead to system hangs when using some newer 187.Xr ed 4 188based cards. 189.It Va removable_interfaces 190.Pq Vt str 191List of removable network interfaces to be supported by 192.Pa /etc/pccard_ether . 193.It Va local_startup 194.Pq Vt str 195List of directories to search for startup script files. 196.It Va script_name_sep 197.Pq Vt str 198The field separator to use for breaking down the list of startup script files 199into individual filenames. 200The default is a space. 201It is not necessary to change this unless there are startup scripts with names 202containing spaces. 203.It Va hostapd_enable 204.Pq Vt bool 205Set to 206.Dq Li YES 207to start 208.Xr hostapd 8 209at system boot time. 210.It Va hostname 211.Pq Vt str 212The fully qualified domain name (FQDN) of this host on the network. 213This should almost certainly be set to something meaningful, even if 214there is no network connection. 215If 216.Xr dhclient 8 217is used to set the hostname via DHCP, 218this variable should be set to an empty string. 219.It Va ipv6_enable 220.Pq Vt bool 221Enable support for IPv6 networking. 222Note that this requires that the kernel have been compiled with 223.Cd "options INET6" . 224.It Va nisdomainname 225.Pq Vt str 226The NIS domain name of this host, or 227.Dq Li NO 228if NIS is not used. 229.It Va dhclient_program 230.Pq Vt str 231Path to the DHCP client program 232(default 233.Pa /sbin/dhclient ) . 234.It Va dhclient_flags 235.Pq Vt str 236Additional flags to pass to the DHCP client program. 237.It Va dhcpd_enable 238.Pq Vt bool 239Set to 240.Dq Li YES 241to run 242.Xr dhcpd 8 243at system boot time. 244.It Va dhcrelay_enable 245.Pq Vt bool 246Set to 247.Dq Li YES 248to run 249.Xr dhcrelay 8 250.It Va pf_enable 251.Pq Vt bool 252Set to 253.Dq Li YES 254to load 255.Xr pf 4 256at startup. 257If the kernel was not built with 258.Cd "device pf" , 259the 260.Pa pf.ko 261kernel module will be loaded. 262See also 263.Va firewall_enable 264and 265.Va ipfilter_enable . 266.It Va pf_rules 267.Pq Vt str 268Path to the 269.Xr pf 4 270ruleset definition file. 271.It Va pf_program 272.Pq Vt str 273Path to 274.Xr pfctl 8 . 275.It Va pf_flags 276.Pq Vt str 277If 278.Va pf_enable 279is set to 280.Dq Li YES , 281these are the flags to pass to 282.Xr pfctl 8 283when loading the ruleset. 284.It Va pflog_enable 285.Pq Vt bool 286Set this to 287.Dq Li YES 288to enable 289.Xr pflogd 8 290which logs packets from 291.Xr pf 4 . 292.It Va pflog_logfile 293.Pq Vt str 294If 295.Va pflog_enable 296is set to 297.Dq Li YES 298this specifies the path of the log file. 299.It Va pflog_program 300.Pq Vt str 301Path to 302.Xr pflogd 8 . 303.It Va pflog_flags 304.Pq Vt str 305If 306.Va pflog_enable 307is set to 308.Dq Li YES , 309these are the flags to pass to 310.Xr pflogd 8 . 311.It Va firewall_enable 312.Pq Vt bool 313Set to 314.Dq Li YES 315to load firewall rules at startup. 316If the kernel was not built with 317.Cd "options IPFIREWALL" , 318the 319.Pa ipfw.ko 320kernel module will be loaded. 321See also 322.Va pf_enable 323and 324.Va ipfilter_enable . 325.It Va ipv6_firewall_enable 326.Pq Vt bool 327The IPv6 equivalent of 328.Va firewall_enable . 329Set to 330.Dq Li YES 331to load IPv6 firewall rules at startup. 332If the kernel was not built with 333.Cd "options IPV6FIREWALL" , 334the 335.Pa ip6fw.ko 336kernel module will be loaded. 337.It Va firewall_script 338.Pq Vt str 339The full path to the firewall script to run 340(default 341.Pa /etc/rc.firewall ) . 342.It Va ipv6_firewall_script 343.Pq Vt str 344The IPv6 equivalent of 345.Va firewall_script . 346.It Va firewall_type 347.Pq Vt str 348Names the firewall type from the selection in 349.Pa /etc/rc.firewall , 350or the file which contains the local firewall ruleset. 351Valid selections from 352.Pa /etc/rc.firewall 353are: 354.Pp 355.Bl -tag -width ".Li simple" -compact 356.It Li open 357unrestricted IP access 358.It Li closed 359all IP services disabled, except via 360.Dq Li lo0 361.It Li client 362basic protection for a workstation on a LAN 363.It Li simple 364alias for 365.Li client . 366.El 367.Pp 368If a filename is specified, the full path must be given. 369.It Va firewall_trusted_nets 370.Pq Vt str 371List of trusted networks (if 372.Va firewall_type 373is set to 374.Li client ) . 375.It Va firewall_trusted_interfaces 376.Pq Vt str 377List of trusted network interfaces (if 378.Va firewall_type 379is set to 380.Li client ) . 381.It Va firewall_allowed_icmp_types 382.Pq Vt str 383List of allowed ICMP types (if 384.Va firewall_type 385is set to 386.Li client ) . 387.It Va firewall_open_tcp_ports 388.Pq Vt str 389List of TCP ports to open (if 390.Va firewall_type 391is set to 392.Li client ) . 393.It Va firewall_open_udp_ports 394.Pq Vt str 395List of UDP ports to open (if 396.Va firewall_type 397is set to 398.Li client ) . 399.It Va ipv6_firewall_type 400.Pq Vt str 401The IPv6 equivalent of 402.Va firewall_type . 403.It Va firewall_quiet 404.Pq Vt bool 405Set to 406.Dq Li YES 407to disable the display of firewall rules on the console during boot. 408.It Va ipv6_firewall_quiet 409.Pq Vt bool 410The IPv6 equivalent of 411.Va firewall_quiet . 412.It Va firewall_logging 413.Pq Vt bool 414Set to 415.Dq Li YES 416to enable firewall event logging. 417This is equivalent to the 418.Dv IPFIREWALL_VERBOSE 419kernel option. 420.It Va ipv6_firewall_logging 421.Pq Vt bool 422The IPv6 equivalent of 423.Va firewall_logging . 424.It Va firewall_flags 425.Pq Vt str 426Flags passed to 427.Xr ipfw 8 428if 429.Va firewall_type 430specifies a filename. 431.It Va ipv6_firewall_flags 432.Pq Vt str 433The IPv6 equivalent of 434.Va firewall_flags . 435.It Va natd_program 436.Pq Vt str 437Path to 438.Xr natd 8 . 439.It Va natd_enable 440.Pq Vt bool 441Set to 442.Dq Li YES 443to enable 444.Xr natd 8 . 445.Va firewall_enable 446must also be set to 447.Dq Li YES , 448and 449.Xr divert 4 450sockets must be enabled in the kernel. 451.It Va natd_interface 452.Pq Vt str 453This is the name of the public interface on which 454.Xr natd 8 455should run. 456The interface may be given as an interface name or as an IP address. 457.It Va natd_flags 458.Pq Vt str 459Additional 460.Xr natd 8 461flags should be placed here. 462The 463.Fl n 464or 465.Fl a 466flag is automatically added with the above 467.Va natd_interface 468as an argument. 469.\" ----- ipfilter_enable setting -------------------------------- 470.It Va ipfilter_enable 471.Pq Vt bool 472Set to 473.Dq Li NO 474by default. 475Setting this to 476.Dq Li YES 477enables 478.Xr ipf 8 479packet filtering. 480.Pp 481Typical usage will require putting 482.Bd -literal 483ipfilter_enable="YES" 484ipnat_enable="YES" 485ipmon_enable="YES" 486ipfs_enable="YES" 487.Ed 488.Pp 489into 490.Pa /etc/rc.conf 491and editing 492.Pa /etc/ipf.rules 493and 494.Pa /etc/ipnat.rules 495appropriately. 496.Pp 497Note that 498.Va ipfilter_enable 499and 500.Va ipnat_enable 501can be enabled independently. 502.Va ipmon_enable 503and 504.Va ipfs_enable 505both require at least one of 506.Va ipfilter_enable 507and 508.Va ipnat_enable 509to be enabled. 510.Pp 511Having 512.Bd -literal 513options IPFILTER 514options IPFILTER_LOG 515options IPFILTER_DEFAULT_BLOCK 516.Ed 517.Pp 518in the kernel configuration file is a good idea, too. 519See also 520.Va pf_enable 521and 522.Va firewall_enable . 523.\" ----- ipfilter_program setting ------------------------------ 524.It Va ipfilter_program 525.Pq Vt str 526Path to 527.Xr ipf 8 528(default 529.Pa /sbin/ipf ) . 530.\" ----- ipfilter_rules setting -------------------------------- 531.It Va ipfilter_rules 532.Pq Vt str 533Set to 534.Pa /etc/ipf.rules 535by default. 536The name of the filter rule definition file. 537The file is expected to be readable for the 538.Xr ipf 8 539command to execute. 540.\" ----- ipv6_ipfilter_rules setting --------------------------- 541.It Va ipv6_ipfilter_rules 542.Pq Vt str 543Set to 544.Pa /etc/ipf6.rules 545by default. 546The name of the IPv6 filter rule definition file. 547The file is expected to be readable for the 548.Xr ipf 8 549command to execute. 550.\" ----- ipfilter_flags setting -------------------------------- 551.It Va ipfilter_flags 552.Pq Vt str 553Empty by default. 554Flags passed to the 555.Xr ipf 8 556program. 557.\" ----- ipnat_enable setting ---------------------------------- 558.It Va ipnat_enable 559.Pq Vt bool 560Set to 561.Dq Li NO 562by default. 563Set it to 564.Dq Li YES 565to enable 566.Xr ipnat 8 567network address translation. 568See 569.Va ipfilter_enable 570for a detailed discussion. 571.\" ----- ipnat_program setting --------------------------------- 572.It Va ipnat_program 573.Pq Vt str 574Path to 575.Xr ipnat 8 576(default 577.Pa /sbin/ipnat ) . 578.\" ----- ipnat_rules setting ----------------------------------- 579.It Va ipnat_rules 580.Pq Vt str 581Set to 582.Pa /etc/ipnat.rules 583by default. 584The name of the file 585holding the network address translation definition. 586This file is expected to be readable for the 587.Xr ipnat 8 588command to execute. 589.\" ----- ipnat_flags setting ----------------------------------- 590.It Va ipnat_flags 591.Pq Vt str 592Empty by default. 593Flags passed to the 594.Xr ipnat 8 595program. 596.\" ----- ipmon_enable setting ---------------------------------- 597.It Va ipmon_enable 598.Pq Vt bool 599Set to 600.Dq Li NO 601by default. 602Set it to 603.Dq Li YES 604to enable 605.Xr ipmon 8 606monitoring (logging 607.Xr ipf 8 608and 609.Xr ipnat 8 610events). 611Setting this variable needs setting 612.Va ipfilter_enable 613or 614.Va ipnat_enable 615too. 616See 617.Va ipfilter_enable 618for a detailed discussion. 619.\" ----- ipmon_program setting --------------------------------- 620.It Va ipmon_program 621.Pq Vt str 622Path to 623.Xr ipmon 8 624(default 625.Pa /sbin/ipmon ) . 626.\" ----- ipmon_flags setting ----------------------------------- 627.It Va ipmon_flags 628.Pq Vt str 629Set to 630.Dq Li -Ds 631by default. 632Flags passed to the 633.Xr ipmon 8 634program. 635Another typical example would be 636.Dq Fl D Pa /var/log/ipflog 637to have 638.Xr ipmon 8 639log directly to a file bypassing 640.Xr syslogd 8 . 641Make sure to adjust 642.Pa /etc/newsyslog.conf 643in such case like this: 644.Bd -literal 645/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 646.Ed 647.\" ----- ipfs_enable setting ----------------------------------- 648.It Va ipfs_enable 649.Pq Vt bool 650Set to 651.Dq Li NO 652by default. 653Set it to 654.Dq Li YES 655to enable 656.Xr ipfs 8 657saving the filter and NAT state tables during shutdown 658and reloading them during startup again. 659Setting this variable needs setting 660.Va ipfilter_enable 661or 662.Va ipnat_enable 663to 664.Dq Li YES 665too. 666See 667.Va ipfilter_enable 668for a detailed discussion. 669Note that if 670.Va kern_securelevel 671is set to 3, 672.Va ipfs_enable 673cannot be used because the raised securelevel will prevent 674.Xr ipfs 8 675from saving the state tables at shutdown time. 676.\" ----- ipfs_program setting ---------------------------------- 677.It Va ipfs_program 678.Pq Vt str 679Path to 680.Xr ipfs 8 681(default 682.Pa /sbin/ipfs ) . 683.\" ----- ipfs_flags setting ------------------------------------ 684.It Va ipfs_flags 685.Pq Vt str 686Empty by default. 687Flags passed to the 688.Xr ipfs 8 689program. 690.\" ----- end of added ipf hook --------------------------------- 691.It Va tcp_extensions 692.Pq Vt bool 693Set to 694.Dq Li YES 695by default. 696Setting this to 697.Dq Li NO 698disables certain TCP options as described by 699.Rs 700.%T "RFC 1323" 701.Re 702Setting this to 703.Dq Li NO 704might help remedy such problems with connections as randomly hanging 705or other weird behavior. 706Some network devices are known to be broken with respect to these options. 707.It Va log_in_vain 708.Pq Vt int 709Set to 0 by default. 710The 711.Xr sysctl 8 712variables, 713.Va net.inet.tcp.log_in_vain 714and 715.Va net.inet.udp.log_in_vain , 716as described in 717.Xr tcp 4 718and 719.Xr udp 4 , 720are set to the given value. 721.It Va tcp_keepalive 722.Pq Vt bool 723Set to 724.Dq Li YES 725by default. 726Setting to 727.Dq Li NO 728will disable probing idle TCP connections to verify that the 729peer is still up and reachable. 730.It Va tcp_drop_synfin 731.Pq Vt bool 732Set to 733.Dq Li NO 734by default. 735Setting to 736.Dq Li YES 737will cause the kernel to ignore TCP frames that have both 738the SYN and FIN flags set. 739This prevents OS fingerprinting, but may break some legitimate applications. 740This option is only available if the kernel was built with the 741.Dv TCP_DROP_SYNFIN 742option. 743.It Va icmp_drop_redirect 744.Pq Vt bool 745Set to 746.Dq Li NO 747by default. 748Setting to 749.Dq Li YES 750will cause the kernel to ignore ICMP REDIRECT packets. 751Refer to 752.Xr icmp 4 753for more information. 754.It Va icmp_log_redirect 755.Pq Vt bool 756Set to 757.Dq Li NO 758by default. 759Setting to 760.Dq Li YES 761will cause the kernel to log ICMP REDIRECT packets. 762Note that 763the log messages are not rate-limited, so this option should only be used 764for troubleshooting networks. 765Refer to 766.Xr icmp 4 767for more information. 768.It Va icmp_bmcastecho 769.Pq Vt bool 770Set to 771.Dq Li YES 772to respond to broadcast or multicast ICMP ping packets. 773Refer to 774.Xr icmp 4 775for more information. 776.It Va ip_portrange_first 777.Pq Vt int 778If not set to 779.Dq Li NO , 780this is the first port in the default portrange. 781Refer to 782.Xr ip 4 783for more information. 784.It Va ip_portrange_last 785.Pq Vt int 786If not set to 787.Dq Li NO , 788this is the last port in the default portrange. 789Refer to 790.Xr ip 4 791for more information. 792.\" 793.It Va ifconfig_ Ns Aq Ar interface 794.Pq Vt str 795Configuration for 796.Dq interface . 797Typically includes IP address. 798Assuming that the interface in question was 799.Li ed0 , 800it might look something like this: 801.Bd -literal 802ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 803.Ed 804.Pp 805If the 806.Pa /etc/start_if. Ns Aq Ar interface 807file is present, it is read and executed by the 808.Xr sh 1 809interpreter before configuring the interface as specified in the 810.Va ifconfig_ Ns Aq Ar interface 811and 812.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 813variables. 814.Pp 815It is possible to bring up an interface with DHCP by adding 816.Dq Li DHCP 817to the 818.Va ifconfig_ Ns Aq Ar interface 819variable. 820For instance, to initialize the 821.Li ed0 822device via DHCP, it is possible to use something like: 823.Bd -literal 824ifconfig_ed0="DHCP" 825.Ed 826.Pp 827Also, if your interface needs WPA authentication, it is possible to add 828.Dq Li WPA 829to the 830.Va ifconfig_ Ns Aq Ar interface 831variable. 832This will start 833.Xr wpa_supplicant 8 . 834See 835.Xr wpa_supplicant.conf 5 836for configuring authentication information. 837.Pp 838Finally, you can add 839.Xr ifconfig 8 840options in this variable, in addition to the 841.Pa /etc/start_if. Ns Aq Ar interface 842file. 843For instance, to initialize the 844.Li wi0 845device via DHCP, using WPA authentication and 802.11b mode, it is 846possible to use something like: 847.Bd -literal 848ifconfig_wi0="up DHCP WPA mode 11b" 849.Ed 850.Pp 851.\" 852.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 853.Pq Vt str 854Configuration to establish an additional network address for 855.Dq interface . 856Assuming that the interface in question was 857.Li ed0 , 858it might look something like this: 859.Bd -literal 860ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 861ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 862.Ed 863.Pp 864And so on. 865For each 866.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 867entry that is found, its contents are passed to 868.Xr ifconfig 8 . 869Execution stops at the first unsuccessful access, so if 870something like this is present: 871.Bd -literal 872ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 873ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 874ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 875ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 876.Ed 877.Pp 878Then note that alias4 would 879.Em not 880be added since the search would stop with the missing alias3 entry. 881.Pp 882.\" 883.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 884.Pq Vt str 885New name for 886.Dq interface . 887It is possible to rename interface by doing: 888.Bd -literal 889ifconfig_ed0_name="net0" 890ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 891.Ed 892.It Va network_interfaces 893.Pq Vt str 894The list of network interfaces to configure on this host, 895or 896.Dq Li auto 897to configure all network interfaces 898(default 899.Dq Li auto ) . 900For example, if the only network devices to be configured are the loopback device 901.Pq Li lo0 902and a NIC using the 903.Xr ed 4 904driver, this could be set to 905.Dq Li "lo0 ed0" . 906An 907.Va ifconfig_ Ns Aq Ar interface 908variable is assumed to exist for each value of 909.Ar interface . 910.It Va ipv6_network_interfaces 911.Pq Vt str 912This is the IPv6 equivalent of 913.Va network_interfaces . 914Instead of setting the ifconfig variables as 915.Va ifconfig_ Ns Aq Ar interface 916they should be set as 917.Va ipv6_ifconfig_ Ns Aq Ar interface . 918Aliases should be set as 919.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 920Interfaces that do not have a 921.Va ipv6_ifconfig_ Ns Aq Ar interface 922setting will be auto configured by 923.Xr rtsol 8 924if the 925.Va ipv6_gateway_enable 926is set to 927.Dq Li NO . 928Note that the IPv6 networking code does not support the 929.Pa /etc/start_if. Ns Aq Ar interface 930files. 931.It Va ipv6_prefix_ Ns Aq Ar interface 932.Pq Vt str 933Assign prefix to 934.Ar interface , 935prefixlen 64 is used. 936.It Va ipv6_default_interface 937.Pq Vt str 938If not set to 939.Dq Li NO , 940this is the default output interface for scoped addresses. 941Now this works only for IPv6 link local multicast addresses. 942.It Va cloned_interfaces 943.Pq Vt str 944Set to the list of clonable network interfaces to create on this host. 945Entries in 946.Va cloned_interfaces 947are automatically appended to 948.Va network_interfaces 949for configuration. 950.It Va gif_interfaces 951.Pq Vt str 952Set to the list of 953.Xr gif 4 954tunnel interfaces to configure on this host. 955A 956.Va gifconfig_ Ns Aq Ar interface 957variable is assumed to exist for each value of 958.Ar interface . 959The value of this variable is used to configure the link layer of the 960tunnel according to the syntax of the 961.Cm tunnel 962option to 963.Xr ifconfig 8 . 964Additionally, this option ensures that each listed interface is created via the 965.Cm create 966option to 967.Xr ifconfig 8 968before attempting to configure it. 969.It Va sppp_interfaces 970.Pq Vt str 971Set to the list of 972.Xr sppp 4 973interfaces to configure on this host. 974A 975.Va spppconfig_ Ns Aq Ar interface 976variable is assumed to exist for each value of 977.Ar interface . 978Each interface should also be configured by a general 979.Va ifconfig_ Ns Aq Ar interface 980setting. 981Refer to 982.Xr spppcontrol 8 983for more information about available options. 984.It Va ppp_enable 985.Pq Vt bool 986If set to 987.Dq Li YES , 988run the 989.Xr ppp 8 990daemon. 991.It Va ppp_mode 992.Pq Vt str 993Mode in which to run the 994.Xr ppp 8 995daemon. 996Accepted modes are 997.Dq Li auto , 998.Dq Li ddial , 999.Dq Li direct 1000and 1001.Dq Li dedicated . 1002See the manual for a full description. 1003.It Va ppp_nat 1004.Pq Vt bool 1005If set to 1006.Dq Li YES , 1007enables network address translation. 1008Used in conjunction with 1009.Va gateway_enable 1010allows hosts on private network addresses access to the Internet using 1011this host as a network address translating router. 1012.It Va ppp_profile 1013.Pq Vt str 1014The name of the profile to use from 1015.Pa /etc/ppp/ppp.conf . 1016.It Va ppp_user 1017.Pq Vt str 1018The name of the user under which 1019.Xr ppp 8 1020should be started. 1021By default, 1022.Xr ppp 8 1023is started as 1024.Dq Li root . 1025.It Va rc_conf_files 1026.Pq Vt str 1027This option is used to specify a list of files that will override 1028the settings in 1029.Pa /etc/defaults/rc.conf . 1030The files will be read in the order in which they are specified and should 1031include the full path to the file. 1032By default, the files specified are 1033.Pa /etc/rc.conf 1034and 1035.Pa /etc/rc.conf.local 1036.It Va fsck_y_enable 1037.Pq Vt bool 1038If set to 1039.Dq Li YES , 1040.Xr fsck 8 1041will be run with the 1042.Fl y 1043flag if the initial preen of the file systems fails. 1044.It Va netfs_types 1045.Pq Vt str 1046List of file system types that are network-based. 1047This list should generally not be modified by end users. 1048Use 1049.Va extra_netfs_types 1050instead. 1051.It Va extra_netfs_types 1052.Pq Vt str 1053If set to something other than 1054.Dq Li NO 1055(the default), this variable extends the list of file system types 1056for which automatic mounting at startup by 1057.Xr rc 8 1058should be delayed until the network is initialized. 1059It should contain 1060a whitespace-separated list of network file system descriptor pairs, 1061each consisting of a file system type as passed to 1062.Xr mount 8 1063and a human-readable, one-word description, joined with a colon 1064.Pq Ql \&: . 1065Extending the default list in this way is only necessary 1066when third party file system types are used. 1067.It Va syslogd_enable 1068.Pq Vt bool 1069If set to 1070.Dq Li YES , 1071run the 1072.Xr syslogd 8 1073daemon. 1074.It Va syslogd_program 1075.Pq Vt str 1076Path to 1077.Xr syslogd 8 1078(default 1079.Pa /usr/sbin/syslogd ) . 1080.It Va syslogd_flags 1081.Pq Vt str 1082If 1083.Va syslogd_enable 1084is set to 1085.Dq Li YES , 1086these are the flags to pass to 1087.Xr syslogd 8 . 1088.It Va inetd_enable 1089.Pq Vt bool 1090If set to 1091.Dq Li YES , 1092run the 1093.Xr inetd 8 1094daemon. 1095.It Va inetd_program 1096.Pq Vt str 1097Path to 1098.Xr inetd 8 1099(default 1100.Pa /usr/sbin/inetd ) . 1101.It Va inetd_flags 1102.Pq Vt str 1103If 1104.Va inetd_enable 1105is set to 1106.Dq Li YES , 1107these are the flags to pass to 1108.Xr inetd 8 . 1109.It Va named_enable 1110.Pq Vt bool 1111If set to 1112.Dq Li YES , 1113run the 1114.Xr named 8 1115daemon. 1116.It Va named_program 1117.Pq Vt str 1118Path to 1119.Xr named 8 1120(default 1121.Pa /usr/sbin/named ) . 1122.It Va named_flags 1123.Pq Vt str 1124If 1125.Va named_enable 1126is set to 1127.Dq Li YES , 1128these are the flags to pass to 1129.Xr named 8 . 1130.It Va named_pidfile 1131.Pq Vt str 1132This is the default path to the 1133.Xr named 8 1134daemon's PID file. 1135Change it if you change the location in 1136.Pa /etc/namedb/named.conf . 1137.It Va named_chrootdir 1138.Pq Vt str 1139The root directory for a name server run in a 1140.Xr chroot 8 1141environment. 1142If left empty 1143.Xr named 8 1144will not be run in a 1145.Xr chroot 8 1146environment. 1147.It Va kerberos5_server_enable 1148.Pq Vt bool 1149Set to 1150.Dq Li YES 1151to start a Kerberos 5 authentication server at boot time. 1152.It Va kerberos5_server_program 1153.Pq Vt str 1154If 1155.Va kerberos5_server_enable 1156is set to 1157.Dq Li YES 1158this is the path to Kerberos 5 Authentication Server. 1159.It Va kadmind5_server_enable 1160.Pq Vt bool 1161Set to 1162.Dq Li YES 1163to start 1164.Xr kadmind 8 , 1165the Kerberos 5 Administration Daemon; set to 1166.Dq Li NO 1167on a slave server. 1168.It Va kadmind5_server_program 1169.Pq Vt str 1170If 1171.Va kadmind5_server_enable 1172is set to 1173.Dq Li YES 1174this is the path to Kerberos 5 Administration Daemon. 1175.It Va kpasswdd_server_enable 1176.Pq Vt bool 1177Set to 1178.Dq Li YES 1179to start 1180.Xr kpasswdd 8 , 1181the Kerberos 5 Password-Changing Daemon; set to 1182.Dq Li NO 1183on a slave server. 1184.It Va kpasswdd_server_program 1185.Pq Vt str 1186If 1187.Va kpasswdd_server_enable 1188is set to 1189.Dq Li YES 1190this is the path to Kerberos 5 Password-Changing Daemon. 1191.It Va rwhod_enable 1192.Pq Vt bool 1193If set to 1194.Dq Li YES , 1195run the 1196.Xr rwhod 8 1197daemon at boot time. 1198.It Va rwhod_flags 1199.Pq Vt str 1200If 1201.Va rwhod_enable 1202is set to 1203.Dq Li YES , 1204these are the flags to pass to it. 1205.It Va amd_enable 1206.Pq Vt bool 1207If set to 1208.Dq Li YES , 1209run the 1210.Xr amd 8 1211daemon at boot time. 1212.It Va amd_flags 1213.Pq Vt str 1214If 1215.Va amd_enable 1216is set to 1217.Dq Li YES , 1218these are the flags to pass to it. 1219See the 1220.Xr amd 8 1221manpage for more information. 1222.It Va amd_map_program 1223.Pq Vt str 1224If set, the specified program is run to get the list of 1225.Xr amd 8 1226maps. 1227For example, if the 1228.Xr amd 8 1229maps are stored in NIS, one can set this to run 1230.Xr ypcat 1 1231to get a list of 1232.Xr amd 8 1233maps from the 1234.Pa amd.master 1235NIS map. 1236.It Va update_motd 1237.Pq Vt bool 1238If set to 1239.Dq Li YES , 1240.Pa /etc/motd 1241will be updated at boot time to reflect the kernel release being run. 1242If set to 1243.Dq Li NO , 1244.Pa /etc/motd 1245will not be updated. 1246.It Va nfs_client_enable 1247.Pq Vt bool 1248If set to 1249.Dq Li YES , 1250run the NFS client daemons at boot time. 1251.It Va nfs_client_flags 1252.Pq Vt str 1253If 1254.Va nfs_client_enable 1255is set to 1256.Dq Li YES , 1257these are the flags to pass to the 1258.Xr nfsiod 8 1259daemon. 1260.It Va nfs_access_cache 1261.Pq Vt int 1262If 1263.Va nfs_client_enable 1264is set to 1265.Dq Li YES , 1266this can be set to 1267.Dq Li 0 1268to disable NFS ACCESS RPC caching, or to the number of seconds for which 1269NFS ACCESS results should be cached. 1270A value of 2-10 seconds will substantially reduce network traffic for 1271many NFS operations. 1272The default is 5 seconds. 1273Note that the attribute cache holds stat information only. 1274The NFS data cache is independent of the attribute cache and is only 1275invalidated when the client detects that the server has modified the 1276underlying file. 1277This value specifies a maximum timeout. 1278The NFS client will automatically use a shorter timeout for files which 1279have been recently modified. 1280.It Va nfs_neg_cache 1281.Pq Vt int 1282If 1283.Va nfs_client_enable 1284is set to 1285.Dq Li YES , 1286this can be set to 1287.Dq Li 0 1288to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1289filenames), or to the number of seconds for which negative lookups should 1290be cached. 1291A value of 2-10 seconds will substantially reduce network 1292traffic for many NFS operations, especially source code builds. 1293The default is 3 seconds. 1294.It Va nfs_server_enable 1295.Pq Vt bool 1296If set to 1297.Dq Li YES , 1298run the NFS server daemons at boot time. 1299.It Va nfs_server_flags 1300.Pq Vt str 1301If 1302.Va nfs_server_enable 1303is set to 1304.Dq Li YES , 1305these are the flags to pass to the 1306.Xr nfsd 8 1307daemon. 1308.It Va mountd_enable 1309.Pq Vt bool 1310If set to 1311.Dq Li YES , 1312and no 1313.Va nfs_server_enable 1314is set, start 1315.Xr mountd 8 , 1316but not 1317.Xr nfsd 8 1318daemon. 1319It is commonly needed to run CFS without real NFS used. 1320.It Va mountd_flags 1321.Pq Vt str 1322If 1323.Va mountd_enable 1324is set to 1325.Dq Li YES , 1326these are the flags to pass to the 1327.Xr mountd 8 1328daemon. 1329.It Va weak_mountd_authentication 1330.Pq Vt bool 1331If set to 1332.Dq Li YES , 1333allow services like PCNFSD to make non-privileged mount requests. 1334.It Va nfs_reserved_port_only 1335.Pq Vt bool 1336If set to 1337.Dq Li YES , 1338provide NFS services only on a secure port. 1339.It Va nfs_bufpackets 1340.Pq Vt int 1341If set to a number, indicates the number of packets worth of 1342socket buffer space to reserve on an NFS client. 1343The kernel default is typically 4. 1344Using a higher number may be useful on gigabit networks to improve performance. 1345The minimum value is 2 and the maximum is 64. 1346.It Va rpc_umntall_enable 1347.Pq Vt bool 1348If set to 1349.Dq Li YES 1350(default) and we are also an NFS client, run 1351.Xr rpc.umntall 8 1352at boot time to clear out old mounts on remote servers. 1353If set to 1354.Dq Li NO 1355then 1356.Xr rpc.umntall 8 1357will not be run at boot time. 1358.It Va rpc_lockd_enable 1359.Pq Vt bool 1360If set to 1361.Dq Li YES 1362and also an NFS server, run 1363.Xr rpc.lockd 8 1364at boot time. 1365.It Va rpc_statd_enable 1366.Pq Vt bool 1367If set to 1368.Dq Li YES 1369and also an NFS server, run 1370.Xr rpc.statd 8 1371at boot time. 1372.It Va rpcbind_program 1373.Pq Vt str 1374Path to program for rpcbind daemon 1375(default 1376.Pa /usr/sbin/portmap ) . 1377.It Va rpcbind_enable 1378.Pq Vt bool 1379If set to 1380.Dq Li YES , 1381run 1382.Va rpcbind_program 1383at boot time. 1384.It Va rpcbind_flags 1385.Pq Vt str 1386If 1387.Va rpcbind_enable 1388is set to 1389.Dq Li YES , 1390these are the flags to pass to 1391.Va rpcbind_program . 1392.It Va keyserv_enable 1393.Pq Vt bool 1394If set to 1395.Dq Li YES , 1396run the 1397.Xr keyserv 8 1398daemon on boot for running Secure RPC. 1399.It Va keyserv_flags 1400.Pq Vt str 1401If 1402.Va keyserv_enable 1403is set to 1404.Dq Li YES , 1405these are the flags to pass to 1406.Xr keyserv 8 1407daemon. 1408.It Va pppoed_enable 1409.Pq Vt bool 1410If set to 1411.Dq Li YES , 1412run the 1413.Xr pppoed 8 1414daemon at boot time to provide PPP over Ethernet services. 1415.It Va pppoed_provider 1416.Pq Vt str 1417.Xr pppoed 8 1418listens to requests to this provider and ultimately runs 1419.Xr ppp 8 1420with a 1421.Ar system 1422argument of the same name. 1423.It Va pppoed_flags 1424.Pq Vt str 1425Additional flags to pass to 1426.Xr pppoed 8 . 1427.It Va pppoed_interface 1428.Pq Vt str 1429The network interface to run 1430.Xr pppoed 8 1431on. 1432This is mandatory when 1433.Va pppoed_enable 1434is set to 1435.Dq Li YES . 1436.It Va timed_enable 1437.Pq Vt bool 1438If set to 1439.Dq Li YES , 1440run the 1441.Xr timed 8 1442service at boot time. 1443This command is intended for networks of machines where a consistent 1444.Dq "network time" 1445for all hosts must be established. 1446This is often useful in large NFS environments where time stamps on 1447files are expected to be consistent network-wide. 1448.It Va timed_flags 1449.Pq Vt str 1450If 1451.Va timed_enable 1452is set to 1453.Dq Li YES , 1454these are the flags to pass to the 1455.Xr timed 8 1456service. 1457.It Va dntpd_enable 1458.Pq Vt bool 1459If set to 1460.Dq Li YES , 1461run 1462.Xr dntpd 8 1463at system boot time. 1464.It Va dntpd_program 1465.Pq Vt str 1466Path to 1467.Xr dntpd 8 1468(default 1469.Pa /usr/sbin/dntpd ) . 1470.It Va dntpd_flags 1471.Pq Vt str 1472If 1473.Va dntpd_enable 1474is set to 1475.Dq Li YES , 1476these are the flags to pass to the 1477.Xr dntpd 8 1478daemon. 1479.It Va btconfig_enable 1480.Pq Vt bool 1481If set to 1482.Dq Li YES , 1483configure Bluetooth devices via 1484.Xr btconfig 8 1485at system boot time. 1486.It Va btconfig_devices 1487.Pq Vt str 1488If 1489.Va btconfig_enable 1490is set to 1491.Dq Li YES , 1492this is the list of Bluetooth devices to configure. 1493If 1494.Va btconfig_devices 1495is not specified, all devices known to the system will be configured. 1496A 1497.Va btconfig_ Ns Aq Ar device 1498variable can be set to specify parameters to be passed to 1499.Ar device . 1500.It Va btconfig_args 1501.Pq Vt str 1502If 1503.Va btconfig_enable 1504is set to 1505.Dq Li YES , 1506this is the list of configuration parameters to pass to all Bluetooth 1507devices. 1508.It Va sdpd_enable 1509.Pq Vt bool 1510If set to 1511.Dq Li YES , 1512run the Service Discovery Profile daemon 1513.Xr ( sdpd 8 ) 1514at system boot time. 1515.It Va sdpd_flags 1516.Pq Vt str 1517If 1518.Va sdpd_enable 1519is set to 1520.Dq Li YES , 1521these are the flags to pass to the 1522.Xr sdpd 8 1523daemon. 1524.It Va bthcid_enable 1525.Pq Vt bool 1526If set to 1527.Dq Li YES , 1528run the Bluetooth Link Key/PIN Code Manager daemon 1529.Xr ( bthcid 8 ) 1530at system boot time. 1531.It Va bthcid_flags 1532.Pq Vt str 1533If 1534.Va bthcid_enable 1535is set to 1536.Dq Li YES , 1537these are the flags to pass to the 1538.Xr bthcid 8 1539daemon. 1540.It Va nis_client_enable 1541.Pq Vt bool 1542If set to 1543.Dq Li YES , 1544run the 1545.Xr ypbind 8 1546service at system boot time. 1547.It Va nis_client_flags 1548.Pq Vt str 1549If 1550.Va nis_client_enable 1551is set to 1552.Dq Li YES , 1553these are the flags to pass to the 1554.Xr ypbind 8 1555service. 1556.It Va nis_ypset_enable 1557.Pq Vt bool 1558If set to 1559.Dq Li YES , 1560run the 1561.Xr ypset 8 1562daemon at system boot time. 1563.It Va nis_ypset_flags 1564.Pq Vt str 1565If 1566.Va nis_ypset_enable 1567is set to 1568.Dq Li YES , 1569these are the flags to pass to the 1570.Xr ypset 8 1571daemon. 1572.It Va nis_server_enable 1573.Pq Vt bool 1574If set to 1575.Dq Li YES , 1576run the 1577.Xr ypserv 8 1578daemon at system boot time. 1579.It Va nis_server_flags 1580.Pq Vt str 1581If 1582.Va nis_server_enable 1583is set to 1584.Dq Li YES , 1585these are the flags to pass to the 1586.Xr ypserv 8 1587daemon. 1588.It Va nis_ypxfrd_enable 1589.Pq Vt bool 1590If set to 1591.Dq Li YES , 1592run the 1593.Xr rpc.ypxfrd 8 1594daemon at system boot time. 1595.It Va nis_ypxfrd_flags 1596.Pq Vt str 1597If 1598.Va nis_ypxfrd_enable 1599is set to 1600.Dq Li YES , 1601these are the flags to pass to the 1602.Xr rpc.ypxfrd 8 1603daemon. 1604.It Va nis_yppasswdd_enable 1605.Pq Vt bool 1606If set to 1607.Dq Li YES , 1608run the 1609.Xr rpc.yppasswdd 8 1610daemon at system boot time. 1611.It Va nis_yppasswdd_flags 1612.Pq Vt str 1613If 1614.Va nis_yppasswdd_enable 1615is set to 1616.Dq Li YES , 1617these are the flags to pass to the 1618.Xr rpc.yppasswdd 8 1619daemon. 1620.It Va rpc_ypupdated_enable 1621.Pq Vt bool 1622If set to 1623.Dq Li YES , 1624run the 1625.Nm rpc.ypupdated 1626daemon at system boot time. 1627.It Va defaultrouter 1628.Pq Vt str 1629If not set to 1630.Dq Li NO , 1631create a default route to this host name or IP address 1632(use an IP address if this router is also required to get to the 1633name server!). 1634.It Va ipv6_defaultrouter 1635.Pq Vt str 1636The IPv6 equivalent of 1637.Va defaultrouter . 1638.It Va static_routes 1639.Pq Vt str 1640Set to the list of static routes that are to be added at system boot time. 1641If not set to 1642.Dq Li NO 1643then for each whitespace separated 1644.Ar element 1645in the value, a 1646.Va route_ Ns Aq Ar element 1647variable is assumed to exist whose contents will later be passed to a 1648.Dq Nm route Cm add 1649operation. 1650.It Va ipv6_static_routes 1651.Pq Vt str 1652The IPv6 equivalent of 1653.Va static_routes . 1654If not set to 1655.Dq Li NO 1656then for each whitespace separated 1657.Ar element 1658in the value, a 1659.Va ipv6_route_ Ns Aq Ar element 1660variable is assumed to exist whose contents will later be passed to a 1661.Dq Nm route Cm add Fl inet6 1662operation. 1663.It Va gateway_enable 1664.Pq Vt bool 1665If set to 1666.Dq Li YES , 1667configure host to act as an IP router, e.g. to forward packets 1668between interfaces. 1669.It Va ipv6_gateway_enable 1670.Pq Vt bool 1671The IPv6 equivalent of 1672.Va gateway_enable . 1673.It Va router_enable 1674.Pq Vt bool 1675If set to 1676.Dq Li YES , 1677run a routing daemon of some sort, based on the settings of 1678.Va router_program 1679and 1680.Va router_flags . 1681.It Va ipv6_router_enable 1682.Pq Vt bool 1683The IPv6 equivalent of 1684.Va router_enable . 1685If set to 1686.Dq Li YES , 1687run a routing daemon of some sort, based on the settings of 1688.Va ipv6_router_program 1689and 1690.Va ipv6_router_flags . 1691.It Va router_program 1692.Pq Vt str 1693If 1694.Va router_enable 1695is set to 1696.Dq Li YES , 1697this is the name of the routing daemon to use 1698(default 1699.Pa /sbin/routed ) . 1700.It Va ipv6_router_program 1701.Pq Vt str 1702The IPv6 equivalent of 1703.Va router_program 1704(default 1705.Pa /sbin/route6d ) . 1706.It Va router_flags 1707.Pq Vt str 1708If 1709.Va router_enable 1710is set to 1711.Dq Li YES , 1712these are the flags to pass to the routing daemon. 1713.It Va ipv6_router_flags 1714.Pq Vt str 1715The IPv6 equivalent of 1716.Va router_flags . 1717.It Va mrouted_enable 1718.Pq Vt bool 1719If set to 1720.Dq Li YES , 1721run the multicast routing daemon, 1722.Xr mrouted 8 . 1723.It Va mroute6d_enable 1724.Pq Vt bool 1725The IPv6 equivalent of 1726.Va mrouted_enable . 1727If set to 1728.Dq Li YES , 1729run the IPv6 multicast routing daemon. 1730Note that no IPv6 multicast routing daemon is included in the 1731.Dx 1732base system but 1733.Xr pim6dd 8 1734can be installed from the 1735.Xr pkgsrc 7 1736collection. 1737.It Va mrouted_flags 1738.Pq Vt str 1739If 1740.Va mrouted_enable 1741is set to 1742.Dq Li YES , 1743these are the flags to pass to the 1744.Xr mrouted 8 1745daemon. 1746.It Va mroute6d_flags 1747.Pq Vt str 1748The IPv6 equivalent of 1749.Va mrouted_flags . 1750If 1751.Va mroute6d_enable 1752is set to 1753.Dq Li YES , 1754these are the flags passed to the IPv6 multicast routing daemon. 1755.It Va mroute6d_program 1756.Pq Vt str 1757If 1758.Va mroute6d_enable 1759is set to 1760.Dq Li YES , 1761this is the path to the IPv6 multicast routing daemon. 1762.It Va rtadvd_enable 1763.Pq Vt bool 1764If set to 1765.Dq Li YES , 1766run the 1767.Xr rtadvd 8 1768daemon at boot time. 1769.Xr rtadvd 8 1770will only run if 1771.Va ipv6_gateway_enable 1772is also set to 1773.Dq Li YES . 1774The 1775.Xr rtadvd 8 1776utility sends router advertisement packets to the interfaces specified in 1777.Va rtadvd_interfaces . 1778.Xr rtadvd 8 1779and should only be enabled with great care. 1780You may want to fine-tune 1781.Xr rtadvd.conf 5 . 1782.It Va rtadvd_interfaces 1783.Pq Vt str 1784If 1785.Va rtadvd_enable 1786is set to 1787.Dq Li YES 1788this is the list of interfaces to use. 1789.It Va rtsold_enable 1790.Pq Vt bool 1791If set to 1792.Dq Li YES , 1793run the 1794.Xr rtsold 8 1795daemon at boot time. 1796The 1797.Xr rtsold 8 1798daemon is used for automatic discovery of non-link local addresses. 1799.It Va rtsold_flags 1800.Pq Vt str 1801If 1802.Va rtsold_enable 1803is set to 1804.Dq Li YES , 1805these are the flags to pass to the 1806.Xr rtsold 8 1807daemon. 1808.It Va ipxgateway_enable 1809.Pq Vt bool 1810If set to 1811.Dq Li YES , 1812enable the routing of IPX traffic. 1813.It Va ipxrouted_enable 1814.Pq Vt bool 1815If set to 1816.Dq Li YES , 1817run the 1818.Xr IPXrouted 8 1819daemon at system boot time. 1820.It Va ipxrouted_flags 1821.Pq Vt str 1822If 1823.Va ipxrouted_enable 1824is set to 1825.Dq Li YES , 1826these are the flags to pass to the 1827.Xr IPXrouted 8 1828daemon. 1829.It Va arpproxy_all 1830.Pq Vt bool 1831If set to 1832.Dq Li YES , 1833enable global proxy ARP. 1834.It Va forward_sourceroute 1835.Pq Vt bool 1836If set to 1837.Dq Li YES 1838and 1839.Va gateway_enable 1840is also set to 1841.Dq Li YES , 1842source-routed packets are forwarded. 1843.It Va accept_sourceroute 1844.Pq Vt bool 1845If set to 1846.Dq Li YES , 1847the system will accept source-routed packets directed at it. 1848.It Va rarpd_enable 1849.Pq Vt bool 1850If set to 1851.Dq Li YES , 1852run the 1853.Xr rarpd 8 1854daemon at system boot time. 1855.It Va rarpd_flags 1856.Pq Vt str 1857If 1858.Va rarpd_enable 1859is set to 1860.Dq Li YES , 1861these are the flags to pass to the 1862.Xr rarpd 8 1863daemon. 1864.It Va bootparamd_enable 1865.Pq Vt bool 1866If set to 1867.Dq Li YES , 1868run the 1869.Xr bootparamd 8 1870daemon at system boot time. 1871.It Va bootparamd_flags 1872.Pq Vt str 1873If 1874.Va bootparamd_enable 1875is set to 1876.Dq Li YES , 1877these are the flags to pass to the 1878.Xr bootparamd 8 1879daemon. 1880.It Va stf_interface_ipv4addr 1881.Pq Vt str 1882If not set to 1883.Dq Li NO , 1884this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1885Specify this entry to enable the 6to4 interface. 1886.It Va stf_interface_ipv4plen 1887.Pq Vt int 1888Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1889An effective value is 0-31. 1890.It Va stf_interface_ipv6_ifid 1891.Pq Vt str 1892IPv6 interface ID for 1893.Xr stf 4 . 1894This can be set to 1895.Dq Li AUTO . 1896.It Va stf_interface_ipv6_slaid 1897.Pq Vt str 1898IPv6 Site Level Aggregator for 1899.Xr stf 4 . 1900.It Va ipv6_faith_prefix 1901.Pq Vt str 1902If not set to 1903.Dq Li NO , 1904this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP translator. 1905You also need 1906.Xr faithd 8 1907setup. 1908.It Va ipv6_ipv4mapping 1909.Pq Vt bool 1910If set to 1911.Dq Li YES 1912this enables IPv4 mapped IPv6 address communication (like 1913.Li ::ffff:a.b.c.d ) . 1914.It Va atm_enable 1915.Pq Vt bool 1916Set to 1917.Dq Li YES 1918to enable the configuration of ATM interfaces at system boot time. 1919For all of the ATM variables described below, please refer to the 1920.Xr atm 8 1921man page for further details on the available command parameters. 1922Also refer to the files in 1923.Pa /usr/share/examples/atm 1924for more detailed configuration information. 1925.It Va atm_netif_ Ns Aq Ar intf 1926.Pq Vt str 1927For the ATM physical interface 1928.Ar intf , 1929this variable defines the name prefix and count for the ATM network 1930interfaces to be created. 1931The value will be passed as the parameters of an 1932.Dq Nm atm Cm "set netif" Ar intf 1933command. 1934.It Va atm_sigmgr_ Ns Aq Ar intf 1935.Pq Vt str 1936For the ATM physical interface 1937.Ar intf , 1938this variable defines the ATM signalling manager to be used. 1939The value will be passed as the parameters of an 1940.Dq Nm atm Cm attach Ar intf 1941command. 1942.It Va atm_prefix_ Ns Aq Ar intf 1943.Pq Vt str 1944For the ATM physical interface 1945.Ar intf , 1946this variable defines the NSAP prefix for interfaces using a UNI signalling 1947manager. 1948If set to 1949.Dq Li ILMI , 1950the prefix will automatically be set via the 1951.Xr ilmid 8 1952daemon. 1953Otherwise, the value will be passed as the parameters of an 1954.Dq Nm atm Cm "set prefix" Ar intf 1955command. 1956.It Va atm_macaddr_ Ns Aq Ar intf 1957.Pq Vt str 1958For the ATM physical interface 1959.Ar intf , 1960this variable defines the MAC address for interfaces using a UNI signalling 1961manager. 1962If set to 1963.Dq Li NO , 1964the hardware MAC address contained in the ATM interface card will be used. 1965Otherwise, the value will be passed as the parameters of an 1966.Dq Nm atm Cm "set mac" Ar intf 1967command. 1968.It Va atm_arpserver_ Ns Aq Ar netif 1969.Pq Vt str 1970For the ATM network interface 1971.Ar netif , 1972this variable defines the ATM address for a host which is to provide ATMARP 1973service. 1974This variable is only applicable to interfaces using a UNI signalling manager. 1975If set to 1976.Dq Li local , 1977this host will become an ATMARP server. 1978The value will be passed as the parameters of an 1979.Dq Nm atm Cm "set arpserver" Ar netif 1980command. 1981.It Va atm_scsparp_ Ns Aq Ar netif 1982.Pq Vt bool 1983If set to 1984.Dq Li YES , 1985SCSP/ATMARP service for the network interface 1986.Ar netif 1987will be initiated using the 1988.Xr scspd 8 1989and 1990.Xr atmarpd 8 1991daemons. 1992This variable is only applicable if 1993.Va atm_arpserver_ Ns Aq Ar netif 1994is set to 1995.Dq Li local . 1996.It Va atm_arps 1997.Pq Vt str 1998Set to the list of permanent ATM ARP entries to be added at system boot time. 1999For each whitespace separated 2000.Ar element 2001in the value, an 2002.Va atm_arp_ Ns Aq Ar element 2003variable is assumed to exist. 2004The value of each of these variables will be passed as the parameters of an 2005.Dq Nm atm Cm "add arp" 2006command. 2007.It Va keybell 2008.Pq Vt str 2009The keyboard bell sound. 2010Set to 2011.Dq Li normal , 2012.Dq Li visual , 2013.Dq Li off , 2014or 2015.Dq Li NO 2016if the default behavior is desired. 2017For details, refer to the 2018.Xr kbdcontrol 1 2019manpage. 2020.It Va keymap 2021.Pq Vt str 2022If set to 2023.Dq Li NO , 2024no keymap is installed, otherwise the value is used to install 2025the keymap file in 2026.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2027.It Va keyrate 2028.Pq Vt str 2029The keyboard repeat speed. 2030Set to 2031.Dq Li slow , 2032.Dq Li normal , 2033.Dq Li fast , 2034or 2035.Dq Li NO 2036if the default behavior is desired. 2037.It Va keychange 2038.Pq Vt str 2039If not set to 2040.Dq Li NO , 2041attempt to program the function keys with the value. 2042The value should be a single string of the form: 2043.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2044.It Va cursor 2045.Pq Vt str 2046Can be set to the value of 2047.Dq Li normal , 2048.Dq Li blink , 2049.Dq Li destructive , 2050or 2051.Dq Li NO 2052to set the cursor behavior explicitly or choose the default behavior. 2053.It Va scrnmap 2054.Pq Vt str 2055If set to 2056.Dq Li NO , 2057no screen map is installed, otherwise the value is used to install 2058the screen map file in 2059.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2060.It Va font8x16 2061.Pq Vt str 2062If set to 2063.Dq Li NO , 2064the default 8x16 font value is used for screen size requests, otherwise 2065the value in 2066.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2067is used. 2068.It Va font8x14 2069.Pq Vt str 2070If set to 2071.Dq Li NO , 2072the default 8x14 font value is used for screen size requests, otherwise 2073the value in 2074.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2075is used. 2076.It Va font8x8 2077.Pq Vt str 2078If set to 2079.Dq Li NO , 2080the default 8x8 font value is used for screen size requests, otherwise 2081the value in 2082.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2083is used. 2084.It Va blanktime 2085.Pq Vt int 2086If set to 2087.Dq Li NO , 2088the default screen blanking interval is used, otherwise it is set to 2089.Ar value 2090seconds. 2091.It Va saver 2092.Pq Vt str 2093If not set to 2094.Dq Li NO , 2095this is the actual screen saver to use 2096.Li ( blank , snake , daemon , 2097etc). 2098.It Va moused_enable 2099.Pq Vt str 2100If set to 2101.Dq Li YES , 2102the 2103.Xr moused 8 2104daemon is started for doing cut/paste selection on the console. 2105.It Va moused_type 2106.Pq Vt str 2107This is the protocol type of the mouse connected to this host. 2108This variable must be set if 2109.Va moused_enable 2110is set to 2111.Dq Li YES . 2112The 2113.Xr moused 8 2114daemon 2115is able to detect the appropriate mouse type automatically in many cases. 2116Set this variable to 2117.Dq Li auto 2118to let the daemon detect it, or 2119select one from the following list if the automatic detection fails. 2120.Pp 2121If the mouse is attached to the PS/2 mouse port, choose 2122.Dq Li auto 2123or 2124.Dq Li ps/2 , 2125regardless of the brand and model of the mouse. 2126Likewise, if the mouse is attached to the bus mouse port, choose 2127.Dq Li auto 2128or 2129.Dq Li busmouse . 2130All other protocols are for serial mice and will not work with 2131the PS/2 and bus mice. 2132If this is a USB mouse, 2133.Dq Li auto 2134is the only protocol type which will work. 2135.Pp 2136.Bl -tag -width ".Li x10mouseremote" -compact 2137.It Li microsoft 2138Microsoft mouse (serial) 2139.It Li intellimouse 2140Microsoft IntelliMouse (serial) 2141.It Li mousesystems 2142Mouse systems Corp. mouse (serial) 2143.It Li mmseries 2144MM Series mouse (serial) 2145.It Li logitech 2146Logitech mouse (serial) 2147.It Li busmouse 2148A bus mouse 2149.It Li mouseman 2150Logitech MouseMan and TrackMan (serial) 2151.It Li glidepoint 2152ALPS GlidePoint (serial) 2153.It Li thinkingmouse 2154Kensington ThinkingMouse (serial) 2155.It Li ps/2 2156PS/2 mouse 2157.It Li mmhittab 2158MM HitTablet (serial) 2159.It Li x10mouseremote 2160X10 MouseRemote (serial) 2161.It Li versapad 2162Interlink VersaPad (serial) 2163.El 2164.Pp 2165Even if the mouse is not in the above list, it may be compatible 2166with one in the list. 2167Refer to the man page for 2168.Xr moused 8 2169for compatibility information. 2170.Pp 2171It should also be noted that while this is enabled, any 2172other client of the mouse (such as an X server) should access 2173the mouse through the virtual mouse device, 2174.Pa /dev/sysmouse , 2175and configure it as a 2176.Dq Li sysmouse 2177type mouse, since all 2178mouse data is converted to this single canonical format when using 2179.Xr moused 8 . 2180If the client program does not support the 2181.Dq Li sysmouse 2182type, specify the 2183.Dq Li mousesystems 2184type. 2185It is the second preferred type. 2186.It Va moused_port 2187.Pq Vt str 2188If 2189.Va moused_enable 2190is set to 2191.Dq Li YES , 2192this is the actual port the mouse is on. 2193It might be 2194.Pa /dev/cuaa0 2195for a COM1 serial mouse, 2196.Pa /dev/psm0 2197for a PS/2 mouse or 2198.Pa /dev/mse0 2199for a bus mouse, for example. 2200.It Va moused_flags 2201.Pq Vt str 2202If 2203.Va moused_type 2204is set, these are the additional flags to pass to the 2205.Xr moused 8 2206daemon. 2207.It Va mousechar_start 2208.Pq Vt int 2209If set to 2210.Dq Li NO , 2211the default mouse cursor character range 2212.Li 0xd0 Ns - Ns Li 0xd3 2213is used, otherwise the range start is set to 2214.Ar value 2215character, see 2216.Xr vidcontrol 1 . 2217Use if the default range is occupied in the language code table. 2218.It Va vidhistory 2219.Pq Vt int 2220Set the size of the history (scrollback) buffer in lines. 2221.It Va allscreens_flags 2222.Pq Vt str 2223If set, 2224.Xr vidcontrol 1 2225is run with these options for each of the virtual terminals 2226.Pq Pa /dev/ttyv* . 2227For example, 2228.Dq Fl m Cm on 2229will enable the mouse pointer on all virtual terminals if 2230.Va moused_enable 2231is set to 2232.Dq Li YES . 2233.It Va allscreens_kbdflags 2234.Pq Vt str 2235If set, 2236.Xr kbdcontrol 1 2237is run with these options for each of the virtual terminals 2238.Pq Pa /dev/ttyv* . 2239For example, 2240.Dq Fl h Li 200 2241will set the 2242.Xr syscons 4 2243scrollback (history) buffer to 200 lines. 2244.It Va cron_enable 2245.Pq Vt bool 2246If set to 2247.Dq Li YES , 2248run the 2249.Xr cron 8 2250daemon at system boot time. 2251.It Va cron_program 2252.Pq Vt str 2253Path to 2254.Xr cron 8 2255(default 2256.Pa /usr/sbin/cron ) . 2257.It Va cron_flags 2258.Pq Vt str 2259If 2260.Va cron_enable 2261is set to 2262.Dq Li YES , 2263these are the flags to pass to 2264.Xr cron 8 . 2265.It Va lpd_program 2266.Pq Vt str 2267Path to 2268.Xr lpd 8 2269(default 2270.Pa /usr/sbin/lpd ) . 2271.It Va lpd_enable 2272.Pq Vt bool 2273If set to 2274.Dq Li YES , 2275run the 2276.Xr lpd 8 2277daemon at system boot time. 2278.It Va lpd_flags 2279.Pq Vt str 2280If 2281.Va lpd_enable 2282is set to 2283.Dq Li YES , 2284these are the flags to pass to the 2285.Xr lpd 8 2286daemon. 2287.It Va mixer_enable 2288.Pq Vt bool 2289If set to 2290.Dq Li YES , 2291preserve 2292.Xr mixer 8 2293settings across reboots. 2294.It Va mta_start_script 2295.Pq Vt str 2296The full path to the script to run to start 2297a mail transfer agent. 2298The default is 2299.Pa /etc/rc.sendmail . 2300The 2301.Va sendmail_* 2302variables which 2303.Pa /etc/rc.sendmail 2304uses are documented in the 2305.Xr rc.sendmail 8 2306man page. 2307.It Va dumpdev 2308.Pq Vt str 2309Indicates the device (usually a swap partition) to which a crash dump 2310should be written in the event of a system crash. 2311The value of this variable is passed as the argument to 2312.Xr dumpon 8 . 2313To disable crash dumps, set this variable to 2314.Dq Li NO . 2315.It Va dumpdir 2316.Pq Vt str 2317When the system reboots after a crash and a crash dump is found on the 2318device specified by the 2319.Va dumpdev 2320variable, 2321.Xr savecore 8 2322will save that crash dump and a copy of the kernel to the directory 2323specified by the 2324.Va dumpdir 2325variable. 2326The default value is 2327.Pa /var/crash . 2328Set to 2329.Dq Li NO 2330to not run 2331.Xr savecore 8 2332at boot time when 2333.Va dumpdir 2334is set. 2335.It Va savecore_flags 2336.Pq Vt str 2337If crash dumps are enabled, these are the flags to pass to the 2338.Xr savecore 8 2339utility. 2340.It Va enable_quotas 2341.Pq Vt bool 2342Set to 2343.Dq Li YES 2344to turn on user disk quotas on system startup via the 2345.Xr quotaon 8 2346command. 2347.It Va check_quotas 2348.Pq Vt bool 2349Set to 2350.Dq Li YES 2351to enable user disk quota checking via the 2352.Xr quotacheck 8 2353command. 2354.It Va accounting_enable 2355.Pq Vt bool 2356Set to 2357.Dq Li YES 2358to enable system accounting through the 2359.Xr accton 8 2360facility. 2361.It Va linux_enable 2362.Pq Vt bool 2363Set to 2364.Dq Li YES 2365to enable Linux/ELF binary emulation at system initial boot time. 2366.It Va sysvipc_enable 2367.Pq Vt bool 2368If set to 2369.Dq Li YES , 2370load System V IPC primitives at boot time. 2371.\" ----- cleanvar_enable setting-------------------------------- 2372.It Va cleanvar_enable 2373.Pq Vt bool 2374Set to 2375.Dq Li YES 2376to have 2377.Pa /var/run , 2378.Pa /var/spool/lock 2379and 2380.Pa /var/spool/uucp/.Temp/* 2381cleaned at startup. 2382.\" ----- clear_tmp_enable setting------------------------------- 2383.It Va clear_tmp_enable 2384.Pq Vt bool 2385Set to 2386.Dq Li YES 2387to have 2388.Pa /tmp 2389cleaned at startup. 2390.\" ----- ldconfig_paths setting -------------------------------- 2391.It Va ldconfig_paths 2392.Pq Vt str 2393Set to the list of shared library paths to use with 2394.Xr ldconfig 8 . 2395NOTE: 2396.Pa /usr/lib 2397will always be added first, so it need not appear in this list. 2398.It Va ldconfig_insecure 2399.Pq Vt bool 2400The 2401.Xr ldconfig 8 2402utility normally refuses to use directories 2403which are writable by anyone except root. 2404Set this variable to 2405.Dq Li YES 2406to disable that security check during system startup. 2407.It Va kern_securelevel 2408.Pq Vt int 2409The kernel security level to set at startup. 2410The allowed range of 2411.Ar value 2412ranges from \-1 (the compile time default) to 3 (the most secure). 2413See 2414.Xr init 8 2415for the list of possible security levels and their effect on system operation. 2416.It Va start_vinum 2417.Pq Vt bool 2418Set to 2419.Dq Li YES 2420to start 2421.Xr vinum 8 2422at system boot time. 2423.It Va sshd_enable 2424.Pq Vt bool 2425Set to 2426.Dq Li YES 2427to start 2428.Xr sshd 8 2429at system boot time. 2430.It Va sshd_program 2431.Pq Vt str 2432Path to the SSH server program 2433(default 2434.Pa /usr/sbin/sshd ) . 2435.It Va sshd_flags 2436.Pq Vt str 2437If 2438.Va sshd_enable 2439is set to 2440.Dq Li YES , 2441these are the flags to pass to the 2442.Xr sshd 8 2443daemon. 2444.It Va ftpd_enable 2445.Pq Vt bool 2446Set to 2447.Dq Li YES 2448to start 2449.Xr ftpd 8 2450at system boot time. 2451.It Va ftpd_flags 2452.Pq Vt str 2453If 2454.Va ftpd_enable 2455is set to 2456.Dq Li YES , 2457these are the flags to pass to the 2458.Xr ftpd 8 2459daemon. 2460.It Va usbd_enable 2461.Pq Vt bool 2462If set to 2463.Dq Li YES , 2464run the 2465.Xr usbd 8 2466daemon at boot time. 2467.It Va usbd_flags 2468.Pq Vt str 2469If 2470.Va usbd_enable 2471is set to 2472.Dq Li YES , 2473these are the flags passed to 2474.Xr usbd 8 2475daemon. 2476.It Va watchdogd_enable 2477.Pq Vt bool 2478If set to 2479.Dq Li YES , 2480start the 2481.Xr watchdogd 8 2482daemon at boot time. 2483This requires that the kernel have been compiled with 2484.Cd "options WATCHDOG" . 2485.It Va jail_enable 2486.Pq Vt bool 2487If set to 2488.Dq Li NO , 2489any configured jails will not be started. 2490.It Va jail_list 2491.Pq Vt str 2492A space separated list of names for jails. 2493This is purely a configuration aid to help identify and 2494configure multiple jails. 2495The names specified in this list will be used to 2496identify settings common to an instance of a jail. 2497Assuming that the jail in question was named 2498.Li vjail , 2499you would have the following dependent variables: 2500.Bd -literal 2501jail_vjail_hostname="jail.example.com" 2502jail_vjail_ip="192.168.1.100" 2503jail_vjail_rootdir="/var/jails/vjail/root" 2504.Ed 2505.Pp 2506.It Va jail_flags 2507.Pq Vt str 2508Unset by default. 2509When set, use as default value for 2510.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2511for every jail in 2512.Va jail_list . 2513.It Va jail_interface 2514.Pq Vt str 2515Unset by default. 2516When set, use as default value for 2517.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2518for every jail in 2519.Va jail_list . 2520.It Va jail_fstab 2521.Pq Vt str 2522Unset by default. 2523When set, use as default value for 2524.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2525for every jail in 2526.Va jail_list . 2527.It Va jail_mount_enable 2528.Pq Vt bool 2529Set to 2530.Dq Li NO 2531by default. 2532When set to 2533.Dq Li YES , 2534sets 2535.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2536to 2537.Dq Li YES 2538by default for every jail in 2539.Va jail_list . 2540.It Va jail_fdesc_enable 2541.Pq Vt bool 2542Set to 2543.Dq Li NO 2544by default. 2545When set to 2546.Dq Li YES , 2547sets 2548.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2549to 2550.Dq Li YES 2551by default for every jail in 2552.Va jail_list . 2553.It Va jail_procfs_enable 2554.Pq Vt bool 2555Set to 2556.Dq Li NO 2557by default. 2558When set to 2559.Dq Li YES , 2560sets 2561.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2562to 2563.Dq Li YES 2564by default for every jail in 2565.Va jail_list . 2566.It Va jail_exec_start 2567.Pq Vt str 2568Unset by default. 2569When set, use as default value for 2570.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2571for every jail in 2572.Va jail_list . 2573.It Va jail_exec_stop 2574Unset by default. 2575When set, use as default value for 2576.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2577for every jail in 2578.Va jail_list . 2579.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2580.Pq Vt str 2581Unset by default. 2582Set to the root directory used by jail 2583.Va jname . 2584.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2585.Pq Vt str 2586Unset by default. 2587Set to the fully qualified domain name (FQDN) assigned to jail 2588.Va jname . 2589.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2590.Pq Vt str 2591Unset by default. 2592Set to the IP address assigned to jail 2593.Va jname . 2594.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2595.Pq Vt str 2596Set to 2597.Dq Li -l -U root 2598by default. 2599These are flags to pass to 2600.Xr jail 8 . 2601.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2602.Pq Vt str 2603Unset by default. 2604When set, sets the interface to use when setting IP address alias. 2605Note that the alias is created at jail startup and removed at jail shutdown. 2606.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2607.Pq Vt str 2608Set to 2609.Pa /etc/fstab. Ns Aq Ar jname 2610by default. 2611This is the file system information file to use for jail 2612.Va jname . 2613.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2614.Pq Vt bool 2615Set to 2616.Dq Li NO 2617by default. 2618When set to 2619.Dq Li YES , 2620mount all file systems from 2621.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2622at jail startup. 2623.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2624.Pq Vt bool 2625Set to 2626.Dq Li NO 2627by default. 2628When set to 2629.Dq Li YES , 2630mount the file-descriptor file system inside jail 2631.Ar jname 2632at jail startup. 2633.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2634.Pq Vt bool 2635Set to 2636.Dq Li NO 2637by default. 2638When set to 2639.Dq Li YES , 2640mount the process file system inside jail 2641.Ar jname 2642at jail startup. 2643.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2644.Pq Vt str 2645Set to 2646.Dq Li /bin/sh /etc/rc 2647by default. 2648This is the command executed at jail startup. 2649.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2650.Pq Vt str 2651Set to 2652.Dq Li /bin/sh /etc/rc.shutdown 2653by default. 2654This is the command executed at jail shutdown. 2655.It Va jail_set_hostname_allow 2656.Pq Vt bool 2657If set to 2658.Dq Li NO , 2659do not allow the root user in a jail to set its hostname. 2660.It Va jail_socket_unixiproute_only 2661.Pq Vt bool 2662If set to 2663.Dq Li YES , 2664do not allow any sockets, 2665besides UNIX/IP/route sockets, 2666to be used within a jail. 2667.It Va jail_sysvipc_allow 2668.Pq Vt bool 2669If set to 2670.Dq Li YES , 2671allow applications within a jail to use System V IPC. 2672.It Va newsyslog_enable 2673.Pq Vt bool 2674If set to 2675.Dq Li YES , 2676run 2677.Xr newsyslog 8 2678before syslogd starts. 2679.It Va newsyslog_flags 2680.Pq Vt str 2681If 2682.Va newsyslog_enable 2683is set to 2684.Dq Li YES , 2685these are the flags passed to 2686.Xr newsyslog 8 . 2687.It Va resident_enable 2688.Pq Vt bool 2689If set to 2690.Dq Li YES , 2691make the dynamic binaries listed in 2692.Pa /etc/resident.conf 2693resident. 2694.It Va varsym_enable 2695.Pq Vt bool 2696If set to 2697.Dq Li YES , 2698process 2699.Pa /etc/varsym.conf 2700to set system-wide variables for variant symlinks. 2701.It Va rand_irqs 2702.Pq Vt str 2703Set either to 2704.Dq Li NO 2705or a whitespace separated list of IRQ numbers which will be used as a source of 2706randomness. 2707.\" ----- isdn settings --------------------------------- 2708.It Va isdn_enable 2709.Pq Vt bool 2710Set to 2711.Dq Li NO 2712by default. 2713When set to 2714.Dq Li YES , 2715starts the 2716.Xr isdnd 8 2717daemon at system boot time. 2718.It Va isdn_flags 2719.Pq Vt str 2720Set to 2721.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2722by default. 2723Additional flags to pass to 2724.Xr isdnd 8 2725(but see 2726.Va isdn_fsdev 2727and 2728.Va isdn_ttype 2729for certain tunable parameters). 2730.It Va isdn_ttype 2731.Pq Vt str 2732Set to 2733.Dq Li cons25 2734by default. 2735The terminal type of the output device when 2736.Xr isdnd 8 2737operates in full-screen mode. 2738.It Va isdn_screenflags 2739.Pq Vt str 2740Set to 2741.Dq Li NO 2742by default. 2743The video mode for full-screen mode (only for 2744.Xr syscons 4 2745console driver, see 2746.Xr vidcontrol 1 2747for valid modes). 2748.It Va isdn_fsdev 2749.Pq Vt str 2750Set to 2751.Dq Li NO 2752by default. 2753The output device for 2754.Xr isdnd 8 2755in full-screen mode (or 2756.Dq Li NO 2757for daemon mode). 2758.It Va isdn_trace 2759.Pq Vt bool 2760Set to 2761.Dq Li NO 2762by default. 2763When set to 2764.Dq Li YES , 2765enables the ISDN protocol trace utility 2766.Xr isdntrace 8 2767at system boot time. 2768.It Va isdn_traceflags 2769.Pq Vt str 2770Set to 2771.Dq Fl f Pa /var/tmp/isdntrace0 2772by default. 2773Flags for 2774.Xr isdntrace 8 . 2775.\" ----------------------------------------------------- 2776.It Va entropy_dir 2777.Pq Vt str 2778Set to 2779.Dq Li NO 2780to disable caching entropy via 2781.Xr cron 8 . 2782Otherwise set to the directory used to store entropy files in. 2783.It Va entropy_file 2784.Pq Vt str 2785Set to 2786.Dq Li NO 2787to disable caching entropy through reboots. 2788Otherwise set to the filename used to store cached entropy through reboots. 2789This file should be located on the root file system to seed the 2790.Xr random 4 2791device as early as possible in the boot process. 2792.It Va ipsec_enable 2793.Pq Vt bool 2794Set to 2795.Dq Li YES 2796to run 2797.Xr setkey 8 2798on 2799.Va ipsec_file 2800at boot time. 2801.It Va ipsec_file 2802.Pq Vt str 2803Configuration file for 2804.Xr setkey 8 . 2805.It Va dmesg_enable 2806.Pq Vt bool 2807Set to 2808.Dq Li YES 2809to save 2810.Xr dmesg 8 2811to 2812.Pa /var/run/dmesg.boot 2813on boot. 2814.It Va rcshutdown_timeout 2815.Pq Vt int 2816If set, start a watchdog timer in the background which will terminate 2817.Pa rc.shutdown 2818if 2819.Xr shutdown 8 2820has not completed within the specified time (in seconds). 2821.El 2822.Sh FILES 2823.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2824.It Pa /etc/defaults/rc.conf 2825.It Pa /etc/rc.conf 2826.It Pa /etc/rc.conf.local 2827.It Pa /etc/start_if. Ns Aq Ar interface 2828.El 2829.Sh SEE ALSO 2830.Xr catman 1 , 2831.Xr gdb 1 , 2832.Xr info 1 , 2833.Xr kbdcontrol 1 , 2834.Xr varsym 1 , 2835.Xr vidcontrol 1 , 2836.Xr ip 4 , 2837.Xr ipf 4 , 2838.Xr ipfw 4 , 2839.Xr kld 4 , 2840.Xr pf 4 , 2841.Xr tcp 4 , 2842.Xr udp 4 , 2843.Xr exports 5 , 2844.Xr motd 5 , 2845.Xr resident.conf 5 , 2846.Xr varsym.conf 5 , 2847.Xr accton 8 , 2848.Xr amd 8 , 2849.Xr apm 8 , 2850.Xr atm 8 , 2851.Xr btconfig 8 , 2852.Xr bthcid 8 , 2853.Xr cron 8 , 2854.Xr dhclient 8 , 2855.Xr dhcpd 8 , 2856.Xr dhcrelay 8 , 2857.Xr dntpd 8 , 2858.Xr ftpd 8 , 2859.Xr ifconfig 8 , 2860.Xr inetd 8 , 2861.Xr isdnd 8 , 2862.Xr isdntrace 8 , 2863.Xr jail 8 , 2864.Xr lpd 8 , 2865.Xr makewhatis 8 , 2866.Xr mdconfig 8 , 2867.Xr mixer 8 , 2868.Xr mountd 8 , 2869.Xr moused 8 , 2870.Xr mrouted 8 , 2871.Xr named 8 , 2872.Xr nfsd 8 , 2873.Xr pcnfsd 8 , 2874.Xr pfctl 8 , 2875.Xr pflogd 8 , 2876.Xr portmap 8 , 2877.Xr quotacheck 8 , 2878.Xr quotaon 8 , 2879.Xr rc 8 , 2880.Xr rc.sendmail 8 , 2881.Xr resident 8 , 2882.Xr rndcontrol 8 , 2883.Xr route 8 , 2884.Xr routed 8 , 2885.Xr rpc.lockd 8 , 2886.Xr rpc.statd 8 , 2887.Xr rtadvd 8 , 2888.Xr rtsold 8 , 2889.Xr rwhod 8 , 2890.Xr savecore 8 , 2891.Xr sdpd 8 , 2892.Xr sensorsd 8 , 2893.Xr sshd 8 , 2894.Xr swapon 8 , 2895.Xr sysctl 8 , 2896.Xr syslogd 8 , 2897.Xr timed 8 , 2898.Xr usbd 8 , 2899.Xr vinum 8 , 2900.Xr yp 8 , 2901.Xr ypbind 8 , 2902.Xr ypserv 8 , 2903.Xr ypset 8 2904.Sh HISTORY 2905The 2906.Nm 2907file appeared in 2908.Fx 2.2.2 . 2909.Sh AUTHORS 2910.An Jordan K. Hubbard . 2911