1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" $DragonFly: src/share/man/man5/rc.conf.5,v 1.61 2008/10/20 07:35:08 swildner Exp $ 27.Dd October 3, 2008 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65See the 66.Va rc_conf_files 67variable below. 68.Pp 69The following list provides a name and short description for each 70variable that can be set in the 71.Nm 72file. 73To set a variable of 74.Vt bool 75type, specify either 76.Dq Li YES , 77.Dq Li TRUE , 78.Dq Li ON , 79or 80.Dq Li 1 . 81To unset, specify 82.Dq Li NO , 83.Dq Li FALSE , 84.Dq Li OFF , 85or 86.Dq Li 0 . 87These values are case insensitive. 88The 89.Va _enable 90postfix in the name of a variable for starting a service can be 91omitted (as in 92.Nx ) . 93.Bl -tag -width indent-two 94.It Va rc_debug 95.Pq Vt bool 96If set to 97.Dq Li YES , 98enable output of debug messages from rc scripts. 99This variable can be helpful in diagnosing mistakes when 100editing or integrating new scripts. 101Beware that this produces copious output to the terminal and 102.Xr syslog 3 . 103.It Va rc_info 104.Pq Vt bool 105If set to 106.Dq Li NO , 107disable informational messages from the rc scripts. 108Informational messages are displayed when 109a condition that is not serious enough to warrant a warning or an error occurs. 110.It Va swapfile 111.Pq Vt str 112If set to 113.Dq Li NO , 114no swapfile is installed, otherwise the value is used as the full 115pathname to a file to use for additional swap space. 116.It Va apm_enable 117.Pq Vt bool 118If set to 119.Dq Li YES , 120enable support for Automatic Power Management with the 121.Xr apm 8 122command. 123.It Va apmd_enable 124.Pq Vt bool 125Run 126.Xr apmd 8 127to handle APM event from userland. 128This also enables support for APM. 129.It Va apmd_flags 130.Pq Vt str 131If 132.Va apmd_enable 133is set to 134.Dq Li YES , 135these are the flags to pass to the 136.Xr apmd 8 137daemon. 138.It Va battd_enable 139Enable 140.Xr battd 8 141to monitor the status of batteries present in the system. 142This also enables support for APM. 143.It Va battd_flags 144.Pq Vt str 145If 146.Va battd_enable 147is set to 148.Dq Li YES , 149these are the flags to pass to the 150.Xr battd 8 151daemon. 152.It Va devd_enable 153.Pq Vt bool 154Run 155.Xr devd 8 156to handle device added, removed or unknown events from the kernel. 157.It Va devd_flags 158.Pq Vt str 159If 160.Va devd_enable 161is set to 162.Dq Li YES , 163these are the flags to pass to the 164.Xr devd 8 165daemon. 166.It Va sensorsd_enable 167.Pq Vt bool 168Set to 169.Dq Li NO 170by default. 171Setting this to 172.Dq Li YES 173enables 174.Xr sensorsd 8 , 175a sensors monitoring and logging daemon. 176.It Va sensorsd_flags 177.Pq Vt str 178Empty by default. 179Additional flags passed to the 180.Xr sensorsd 8 181program. 182.It Va pccard_ifconfig 183.Pq Vt str 184List of arguments to be passed to 185.Xr ifconfig 8 186at boot time or on insertion of the card (e.g.\& 187.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 188for a fixed address or 189.Dq Li DHCP 190for a DHCP client). 191.It Va pccard_ether_delay 192.Pq Vt str 193Set the delay before starting 194.Xr dhclient 8 195in the 196.Pa /etc/pccard_ether 197script. 198This defaults to 5 seconds to work around a bug in the 199.Xr ed 4 200driver which can lead to system hangs when using some newer 201.Xr ed 4 202based cards. 203.It Va removable_interfaces 204.Pq Vt str 205List of removable network interfaces to be supported by 206.Pa /etc/pccard_ether . 207.It Va local_startup 208.Pq Vt str 209List of directories to search for startup script files. 210.It Va script_name_sep 211.Pq Vt str 212The field separator to use for breaking down the list of startup script files 213into individual filenames. 214The default is a space. 215It is not necessary to change this unless there are startup scripts with names 216containing spaces. 217.It Va hostapd_enable 218.Pq Vt bool 219Set to 220.Dq Li YES 221to start 222.Xr hostapd 8 223at system boot time. 224.It Va hostname 225.Pq Vt str 226The fully qualified domain name (FQDN) of this host on the network. 227This should almost certainly be set to something meaningful, even if 228there is no network connection. 229If 230.Xr dhclient 8 231is used to set the hostname via DHCP, 232this variable should be set to an empty string. 233.It Va ipv6_enable 234.Pq Vt bool 235Enable support for IPv6 networking. 236Note that this requires that the kernel have been compiled with 237.Cd "options INET6" . 238.It Va nisdomainname 239.Pq Vt str 240The NIS domain name of this host, or 241.Dq Li NO 242if NIS is not used. 243.It Va dhclient_program 244.Pq Vt str 245Path to the DHCP client program 246(default 247.Pa /sbin/dhclient ) . 248.It Va dhclient_flags 249.Pq Vt str 250Additional flags to pass to the DHCP client program. 251.It Va pf_enable 252.Pq Vt bool 253Set to 254.Dq Li YES 255to load 256.Xr pf 4 257at startup. 258If the kernel was not built with 259.Cd "device pf" , 260the 261.Pa pf.ko 262kernel module will be loaded. 263See also 264.Va firewall_enable 265and 266.Va ipfilter_enable . 267.It Va pf_rules 268.Pq Vt str 269Path to the 270.Xr pf 4 271ruleset definition file. 272.It Va pf_program 273.Pq Vt str 274Path to 275.Xr pfctl 8 . 276.It Va pf_flags 277.Pq Vt str 278If 279.Va pf_enable 280is set to 281.Dq Li YES , 282these are the flags to pass to 283.Xr pfctl 8 284when loading the ruleset. 285.It Va pflog_enable 286.Pq Vt bool 287Set this to 288.Dq Li YES 289to enable 290.Xr pflogd 8 291which logs packets from 292.Xr pf 4 . 293.It Va pflog_logfile 294.Pq Vt str 295If 296.Va pflog_enable 297is set to 298.Dq Li YES 299this specifies the path of the log file. 300.It Va pflog_program 301.Pq Vt str 302Path to 303.Xr pflogd 8 . 304.It Va pflog_flags 305.Pq Vt str 306If 307.Va pflog_enable 308is set to 309.Dq Li YES , 310these are the flags to pass to 311.Xr pflogd 8 . 312.It Va firewall_enable 313.Pq Vt bool 314Set to 315.Dq Li YES 316to load firewall rules at startup. 317If the kernel was not built with 318.Cd "options IPFIREWALL" , 319the 320.Pa ipfw.ko 321kernel module will be loaded. 322See also 323.Va pf_enable 324and 325.Va ipfilter_enable . 326.It Va ipv6_firewall_enable 327.Pq Vt bool 328The IPv6 equivalent of 329.Va firewall_enable . 330Set to 331.Dq Li YES 332to load IPv6 firewall rules at startup. 333If the kernel was not built with 334.Cd "options IPV6FIREWALL" , 335the 336.Pa ip6fw.ko 337kernel module will be loaded. 338.It Va firewall_script 339.Pq Vt str 340The full path to the firewall script to run 341(default 342.Pa /etc/rc.firewall ) . 343.It Va ipv6_firewall_script 344.Pq Vt str 345The IPv6 equivalent of 346.Va firewall_script . 347.It Va firewall_type 348.Pq Vt str 349Names the firewall type from the selection in 350.Pa /etc/rc.firewall , 351or the file which contains the local firewall ruleset. 352Valid selections from 353.Pa /etc/rc.firewall 354are: 355.Pp 356.Bl -tag -width ".Li simple" -compact 357.It Li open 358unrestricted IP access 359.It Li closed 360all IP services disabled, except via 361.Dq Li lo0 362.It Li client 363basic protection for a workstation on a LAN 364.It Li simple 365alias for 366.Li client . 367.El 368.Pp 369If a filename is specified, the full path must be given. 370.It Va firewall_trusted_nets 371.Pq Vt str 372List of trusted networks (if 373.Va firewall_type 374is set to 375.Li client ) . 376.It Va firewall_trusted_interfaces 377.Pq Vt str 378List of trusted network interfaces (if 379.Va firewall_type 380is set to 381.Li client ) . 382.It Va firewall_allowed_icmp_types 383.Pq Vt str 384List of allowed ICMP types (if 385.Va firewall_type 386is set to 387.Li client ) . 388.It Va firewall_open_tcp_ports 389.Pq Vt str 390List of TCP ports to open (if 391.Va firewall_type 392is set to 393.Li client ) . 394.It Va firewall_open_udp_ports 395.Pq Vt str 396List of UDP ports to open (if 397.Va firewall_type 398is set to 399.Li client ) . 400.It Va ipv6_firewall_type 401.Pq Vt str 402The IPv6 equivalent of 403.Va firewall_type . 404.It Va firewall_quiet 405.Pq Vt bool 406Set to 407.Dq Li YES 408to disable the display of firewall rules on the console during boot. 409.It Va ipv6_firewall_quiet 410.Pq Vt bool 411The IPv6 equivalent of 412.Va firewall_quiet . 413.It Va firewall_logging 414.Pq Vt bool 415Set to 416.Dq Li YES 417to enable firewall event logging. 418This is equivalent to the 419.Dv IPFIREWALL_VERBOSE 420kernel option. 421.It Va ipv6_firewall_logging 422.Pq Vt bool 423The IPv6 equivalent of 424.Va firewall_logging . 425.It Va firewall_flags 426.Pq Vt str 427Flags passed to 428.Xr ipfw 8 429if 430.Va firewall_type 431specifies a filename. 432.It Va ipv6_firewall_flags 433.Pq Vt str 434The IPv6 equivalent of 435.Va firewall_flags . 436.It Va natd_program 437.Pq Vt str 438Path to 439.Xr natd 8 . 440.It Va natd_enable 441.Pq Vt bool 442Set to 443.Dq Li YES 444to enable 445.Xr natd 8 . 446.Va firewall_enable 447must also be set to 448.Dq Li YES , 449and 450.Xr divert 4 451sockets must be enabled in the kernel. 452.It Va natd_interface 453.Pq Vt str 454This is the name of the public interface on which 455.Xr natd 8 456should run. 457The interface may be given as an interface name or as an IP address. 458.It Va natd_flags 459.Pq Vt str 460Additional 461.Xr natd 8 462flags should be placed here. 463The 464.Fl n 465or 466.Fl a 467flag is automatically added with the above 468.Va natd_interface 469as an argument. 470.\" ----- ipfilter_enable setting -------------------------------- 471.It Va ipfilter_enable 472.Pq Vt bool 473Set to 474.Dq Li NO 475by default. 476Setting this to 477.Dq Li YES 478enables 479.Xr ipf 8 480packet filtering. 481.Pp 482Typical usage will require putting 483.Bd -literal 484ipfilter_enable="YES" 485ipnat_enable="YES" 486ipmon_enable="YES" 487ipfs_enable="YES" 488.Ed 489.Pp 490into 491.Pa /etc/rc.conf 492and editing 493.Pa /etc/ipf.rules 494and 495.Pa /etc/ipnat.rules 496appropriately. 497.Pp 498Note that 499.Va ipfilter_enable 500and 501.Va ipnat_enable 502can be enabled independently. 503.Va ipmon_enable 504and 505.Va ipfs_enable 506both require at least one of 507.Va ipfilter_enable 508and 509.Va ipnat_enable 510to be enabled. 511.Pp 512Having 513.Bd -literal 514options IPFILTER 515options IPFILTER_LOG 516options IPFILTER_DEFAULT_BLOCK 517.Ed 518.Pp 519in the kernel configuration file is a good idea, too. 520See also 521.Va pf_enable 522and 523.Va firewall_enable . 524.\" ----- ipfilter_program setting ------------------------------ 525.It Va ipfilter_program 526.Pq Vt str 527Path to 528.Xr ipf 8 529(default 530.Pa /sbin/ipf ) . 531.\" ----- ipfilter_rules setting -------------------------------- 532.It Va ipfilter_rules 533.Pq Vt str 534Set to 535.Pa /etc/ipf.rules 536by default. 537The name of the filter rule definition file. 538The file is expected to be readable for the 539.Xr ipf 8 540command to execute. 541.\" ----- ipv6_ipfilter_rules setting --------------------------- 542.It Va ipv6_ipfilter_rules 543.Pq Vt str 544Set to 545.Pa /etc/ipf6.rules 546by default. 547The name of the IPv6 filter rule definition file. 548The file is expected to be readable for the 549.Xr ipf 8 550command to execute. 551.\" ----- ipfilter_flags setting -------------------------------- 552.It Va ipfilter_flags 553.Pq Vt str 554Empty by default. 555Flags passed to the 556.Xr ipf 8 557program. 558.\" ----- ipnat_enable setting ---------------------------------- 559.It Va ipnat_enable 560.Pq Vt bool 561Set to 562.Dq Li NO 563by default. 564Set it to 565.Dq Li YES 566to enable 567.Xr ipnat 8 568network address translation. 569See 570.Va ipfilter_enable 571for a detailed discussion. 572.\" ----- ipnat_program setting --------------------------------- 573.It Va ipnat_program 574.Pq Vt str 575Path to 576.Xr ipnat 8 577(default 578.Pa /sbin/ipnat ) . 579.\" ----- ipnat_rules setting ----------------------------------- 580.It Va ipnat_rules 581.Pq Vt str 582Set to 583.Pa /etc/ipnat.rules 584by default. 585The name of the file 586holding the network address translation definition. 587This file is expected to be readable for the 588.Xr ipnat 8 589command to execute. 590.\" ----- ipnat_flags setting ----------------------------------- 591.It Va ipnat_flags 592.Pq Vt str 593Empty by default. 594Flags passed to the 595.Xr ipnat 8 596program. 597.\" ----- ipmon_enable setting ---------------------------------- 598.It Va ipmon_enable 599.Pq Vt bool 600Set to 601.Dq Li NO 602by default. 603Set it to 604.Dq Li YES 605to enable 606.Xr ipmon 8 607monitoring (logging 608.Xr ipf 8 609and 610.Xr ipnat 8 611events). 612Setting this variable needs setting 613.Va ipfilter_enable 614or 615.Va ipnat_enable 616too. 617See 618.Va ipfilter_enable 619for a detailed discussion. 620.\" ----- ipmon_program setting --------------------------------- 621.It Va ipmon_program 622.Pq Vt str 623Path to 624.Xr ipmon 8 625(default 626.Pa /sbin/ipmon ) . 627.\" ----- ipmon_flags setting ----------------------------------- 628.It Va ipmon_flags 629.Pq Vt str 630Set to 631.Dq Li -Ds 632by default. 633Flags passed to the 634.Xr ipmon 8 635program. 636Another typical example would be 637.Dq Fl D Pa /var/log/ipflog 638to have 639.Xr ipmon 8 640log directly to a file bypassing 641.Xr syslogd 8 . 642Make sure to adjust 643.Pa /etc/newsyslog.conf 644in such case like this: 645.Bd -literal 646/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 647.Ed 648.\" ----- ipfs_enable setting ----------------------------------- 649.It Va ipfs_enable 650.Pq Vt bool 651Set to 652.Dq Li NO 653by default. 654Set it to 655.Dq Li YES 656to enable 657.Xr ipfs 8 658saving the filter and NAT state tables during shutdown 659and reloading them during startup again. 660Setting this variable needs setting 661.Va ipfilter_enable 662or 663.Va ipnat_enable 664to 665.Dq Li YES 666too. 667See 668.Va ipfilter_enable 669for a detailed discussion. 670Note that if 671.Va kern_securelevel 672is set to 3, 673.Va ipfs_enable 674cannot be used because the raised securelevel will prevent 675.Xr ipfs 8 676from saving the state tables at shutdown time. 677.\" ----- ipfs_program setting ---------------------------------- 678.It Va ipfs_program 679.Pq Vt str 680Path to 681.Xr ipfs 8 682(default 683.Pa /sbin/ipfs ) . 684.\" ----- ipfs_flags setting ------------------------------------ 685.It Va ipfs_flags 686.Pq Vt str 687Empty by default. 688Flags passed to the 689.Xr ipfs 8 690program. 691.\" ----- end of added ipf hook --------------------------------- 692.It Va tcp_extensions 693.Pq Vt bool 694Set to 695.Dq Li YES 696by default. 697Setting this to 698.Dq Li NO 699disables certain TCP options as described by 700.Rs 701.%T "RFC 1323" 702.Re 703Setting this to 704.Dq Li NO 705might help remedy such problems with connections as randomly hanging 706or other weird behavior. 707Some network devices are known to be broken with respect to these options. 708.It Va log_in_vain 709.Pq Vt int 710Set to 0 by default. 711The 712.Xr sysctl 8 713variables, 714.Va net.inet.tcp.log_in_vain 715and 716.Va net.inet.udp.log_in_vain , 717as described in 718.Xr tcp 4 719and 720.Xr udp 4 , 721are set to the given value. 722.It Va tcp_keepalive 723.Pq Vt bool 724Set to 725.Dq Li YES 726by default. 727Setting to 728.Dq Li NO 729will disable probing idle TCP connections to verify that the 730peer is still up and reachable. 731.It Va tcp_drop_synfin 732.Pq Vt bool 733Set to 734.Dq Li NO 735by default. 736Setting to 737.Dq Li YES 738will cause the kernel to ignore TCP frames that have both 739the SYN and FIN flags set. 740This prevents OS fingerprinting, but may break some legitimate applications. 741This option is only available if the kernel was built with the 742.Dv TCP_DROP_SYNFIN 743option. 744.It Va icmp_drop_redirect 745.Pq Vt bool 746Set to 747.Dq Li NO 748by default. 749Setting to 750.Dq Li YES 751will cause the kernel to ignore ICMP REDIRECT packets. 752Refer to 753.Xr icmp 4 754for more information. 755.It Va icmp_log_redirect 756.Pq Vt bool 757Set to 758.Dq Li NO 759by default. 760Setting to 761.Dq Li YES 762will cause the kernel to log ICMP REDIRECT packets. 763Note that 764the log messages are not rate-limited, so this option should only be used 765for troubleshooting networks. 766Refer to 767.Xr icmp 4 768for more information. 769.It Va icmp_bmcastecho 770.Pq Vt bool 771Set to 772.Dq Li YES 773to respond to broadcast or multicast ICMP ping packets. 774Refer to 775.Xr icmp 4 776for more information. 777.It Va ip_portrange_first 778.Pq Vt int 779If not set to 780.Dq Li NO , 781this is the first port in the default portrange. 782Refer to 783.Xr ip 4 784for more information. 785.It Va ip_portrange_last 786.Pq Vt int 787If not set to 788.Dq Li NO , 789this is the last port in the default portrange. 790Refer to 791.Xr ip 4 792for more information. 793.\" 794.It Va ifconfig_ Ns Aq Ar interface 795.Pq Vt str 796Configuration for 797.Dq interface . 798Typically includes IP address. 799Assuming that the interface in question was 800.Li ed0 , 801it might look something like this: 802.Bd -literal 803ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 804.Ed 805.Pp 806If the 807.Pa /etc/start_if. Ns Aq Ar interface 808file is present, it is read and executed by the 809.Xr sh 1 810interpreter before configuring the interface as specified in the 811.Va ifconfig_ Ns Aq Ar interface 812and 813.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 814variables. 815.Pp 816It is possible to bring up an interface with DHCP by adding 817.Dq Li DHCP 818to the 819.Va ifconfig_ Ns Aq Ar interface 820variable. 821For instance, to initialize the 822.Li ed0 823device via DHCP, it is possible to use something like: 824.Bd -literal 825ifconfig_ed0="DHCP" 826.Ed 827.Pp 828Also, if your interface needs WPA authentication, it is possible to add 829.Dq Li WPA 830to the 831.Va ifconfig_ Ns Aq Ar interface 832variable. 833This will start 834.Xr wpa_supplicant 8 . 835See 836.Xr wpa_supplicant.conf 5 837for configuring authentication information. 838.Pp 839Finally, you can add 840.Xr ifconfig 8 841options in this variable, in addition to the 842.Pa /etc/start_if. Ns Aq Ar interface 843file. 844For instance, to initialize the 845.Li wi0 846device via DHCP, using WPA authentication and 802.11b mode, it is 847possible to use something like: 848.Bd -literal 849ifconfig_wi0="up DHCP WPA mode 11b" 850.Ed 851.Pp 852.\" 853.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 854.Pq Vt str 855Configuration to establish an additional network address for 856.Dq interface . 857Assuming that the interface in question was 858.Li ed0 , 859it might look something like this: 860.Bd -literal 861ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 862ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 863.Ed 864.Pp 865And so on. 866For each 867.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 868entry that is found, its contents are passed to 869.Xr ifconfig 8 . 870Execution stops at the first unsuccessful access, so if 871something like this is present: 872.Bd -literal 873ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 874ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 875ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 876ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 877.Ed 878.Pp 879Then note that alias4 would 880.Em not 881be added since the search would stop with the missing alias3 entry. 882.Pp 883.\" 884.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 885.Pq Vt str 886New name for 887.Dq interface . 888It is possible to rename interface by doing: 889.Bd -literal 890ifconfig_ed0_name="net0" 891ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 892.Ed 893.It Va network_interfaces 894.Pq Vt str 895The list of network interfaces to configure on this host, 896or 897.Dq Li auto 898to configure all network interfaces 899(default 900.Dq Li auto ) . 901For example, if the only network devices to be configured are the loopback device 902.Pq Li lo0 903and a NIC using the 904.Xr ed 4 905driver, this could be set to 906.Dq Li "lo0 ed0" . 907An 908.Va ifconfig_ Ns Aq Ar interface 909variable is assumed to exist for each value of 910.Ar interface . 911.It Va ipv6_network_interfaces 912.Pq Vt str 913This is the IPv6 equivalent of 914.Va network_interfaces . 915Instead of setting the ifconfig variables as 916.Va ifconfig_ Ns Aq Ar interface 917they should be set as 918.Va ipv6_ifconfig_ Ns Aq Ar interface . 919Aliases should be set as 920.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 921Interfaces that do not have a 922.Va ipv6_ifconfig_ Ns Aq Ar interface 923setting will be auto configured by 924.Xr rtsol 8 925if the 926.Va ipv6_gateway_enable 927is set to 928.Dq Li NO . 929Note that the IPv6 networking code does not support the 930.Pa /etc/start_if. Ns Aq Ar interface 931files. 932.It Va ipv6_prefix_ Ns Aq Ar interface 933.Pq Vt str 934Assign prefix to 935.Ar interface , 936prefixlen 64 is used. 937.It Va ipv6_default_interface 938.Pq Vt str 939If not set to 940.Dq Li NO , 941this is the default output interface for scoped addresses. 942Now this works only for IPv6 link local multicast addresses. 943.It Va cloned_interfaces 944.Pq Vt str 945Set to the list of clonable network interfaces to create on this host. 946Entries in 947.Va cloned_interfaces 948are automatically appended to 949.Va network_interfaces 950for configuration. 951.It Va gif_interfaces 952.Pq Vt str 953Set to the list of 954.Xr gif 4 955tunnel interfaces to configure on this host. 956A 957.Va gifconfig_ Ns Aq Ar interface 958variable is assumed to exist for each value of 959.Ar interface . 960The value of this variable is used to configure the link layer of the 961tunnel according to the syntax of the 962.Cm tunnel 963option to 964.Xr ifconfig 8 . 965Additionally, this option ensures that each listed interface is created via the 966.Cm create 967option to 968.Xr ifconfig 8 969before attempting to configure it. 970.It Va sppp_interfaces 971.Pq Vt str 972Set to the list of 973.Xr sppp 4 974interfaces to configure on this host. 975A 976.Va spppconfig_ Ns Aq Ar interface 977variable is assumed to exist for each value of 978.Ar interface . 979Each interface should also be configured by a general 980.Va ifconfig_ Ns Aq Ar interface 981setting. 982Refer to 983.Xr spppcontrol 8 984for more information about available options. 985.It Va ppp_enable 986.Pq Vt bool 987If set to 988.Dq Li YES , 989run the 990.Xr ppp 8 991daemon. 992.It Va ppp_mode 993.Pq Vt str 994Mode in which to run the 995.Xr ppp 8 996daemon. 997Accepted modes are 998.Dq Li auto , 999.Dq Li ddial , 1000.Dq Li direct 1001and 1002.Dq Li dedicated . 1003See the manual for a full description. 1004.It Va ppp_nat 1005.Pq Vt bool 1006If set to 1007.Dq Li YES , 1008enables network address translation. 1009Used in conjunction with 1010.Va gateway_enable 1011allows hosts on private network addresses access to the Internet using 1012this host as a network address translating router. 1013.It Va ppp_profile 1014.Pq Vt str 1015The name of the profile to use from 1016.Pa /etc/ppp/ppp.conf . 1017.It Va ppp_user 1018.Pq Vt str 1019The name of the user under which 1020.Xr ppp 8 1021should be started. 1022By default, 1023.Xr ppp 8 1024is started as 1025.Dq Li root . 1026.It Va rc_conf_files 1027.Pq Vt str 1028This option is used to specify a list of files that will override 1029the settings in 1030.Pa /etc/defaults/rc.conf . 1031The files will be read in the order in which they are specified and should 1032include the full path to the file. 1033By default, the files specified are 1034.Pa /etc/rc.conf 1035and 1036.Pa /etc/rc.conf.local 1037.It Va fsck_y_enable 1038.Pq Vt bool 1039If set to 1040.Dq Li YES , 1041.Xr fsck 8 1042will be run with the 1043.Fl y 1044flag if the initial preen of the file systems fails. 1045.It Va netfs_types 1046.Pq Vt str 1047List of file system types that are network-based. 1048This list should generally not be modified by end users. 1049Use 1050.Va extra_netfs_types 1051instead. 1052.It Va extra_netfs_types 1053.Pq Vt str 1054If set to something other than 1055.Dq Li NO 1056(the default), this variable extends the list of file system types 1057for which automatic mounting at startup by 1058.Xr rc 8 1059should be delayed until the network is initialized. 1060It should contain 1061a whitespace-separated list of network file system descriptor pairs, 1062each consisting of a file system type as passed to 1063.Xr mount 8 1064and a human-readable, one-word description, joined with a colon 1065.Pq Ql \&: . 1066Extending the default list in this way is only necessary 1067when third party file system types are used. 1068.It Va syslogd_enable 1069.Pq Vt bool 1070If set to 1071.Dq Li YES , 1072run the 1073.Xr syslogd 8 1074daemon. 1075.It Va syslogd_program 1076.Pq Vt str 1077Path to 1078.Xr syslogd 8 1079(default 1080.Pa /usr/sbin/syslogd ) . 1081.It Va syslogd_flags 1082.Pq Vt str 1083If 1084.Va syslogd_enable 1085is set to 1086.Dq Li YES , 1087these are the flags to pass to 1088.Xr syslogd 8 . 1089.It Va inetd_enable 1090.Pq Vt bool 1091If set to 1092.Dq Li YES , 1093run the 1094.Xr inetd 8 1095daemon. 1096.It Va inetd_program 1097.Pq Vt str 1098Path to 1099.Xr inetd 8 1100(default 1101.Pa /usr/sbin/inetd ) . 1102.It Va inetd_flags 1103.Pq Vt str 1104If 1105.Va inetd_enable 1106is set to 1107.Dq Li YES , 1108these are the flags to pass to 1109.Xr inetd 8 . 1110.It Va named_enable 1111.Pq Vt bool 1112If set to 1113.Dq Li YES , 1114run the 1115.Xr named 8 1116daemon. 1117.It Va named_program 1118.Pq Vt str 1119Path to 1120.Xr named 8 1121(default 1122.Pa /usr/sbin/named ) . 1123.It Va named_flags 1124.Pq Vt str 1125If 1126.Va named_enable 1127is set to 1128.Dq Li YES , 1129these are the flags to pass to 1130.Xr named 8 . 1131.It Va named_pidfile 1132.Pq Vt str 1133This is the default path to the 1134.Xr named 8 1135daemon's PID file. 1136Change it if you change the location in 1137.Pa /etc/namedb/named.conf . 1138.It Va named_chrootdir 1139.Pq Vt str 1140The root directory for a name server run in a 1141.Xr chroot 8 1142environment. 1143If left empty 1144.Xr named 8 1145will not be run in a 1146.Xr chroot 8 1147environment. 1148.It Va kerberos5_server_enable 1149.Pq Vt bool 1150Set to 1151.Dq Li YES 1152to start a Kerberos 5 authentication server at boot time. 1153.It Va kerberos5_server_program 1154.Pq Vt str 1155If 1156.Va kerberos5_server_enable 1157is set to 1158.Dq Li YES 1159this is the path to Kerberos 5 Authentication Server. 1160.It Va kadmind5_server_enable 1161.Pq Vt bool 1162Set to 1163.Dq Li YES 1164to start 1165.Xr kadmind 8 , 1166the Kerberos 5 Administration Daemon; set to 1167.Dq Li NO 1168on a slave server. 1169.It Va kadmind5_server_program 1170.Pq Vt str 1171If 1172.Va kadmind5_server_enable 1173is set to 1174.Dq Li YES 1175this is the path to Kerberos 5 Administration Daemon. 1176.It Va kpasswdd_server_enable 1177.Pq Vt bool 1178Set to 1179.Dq Li YES 1180to start 1181.Xr kpasswdd 8 , 1182the Kerberos 5 Password-Changing Daemon; set to 1183.Dq Li NO 1184on a slave server. 1185.It Va kpasswdd_server_program 1186.Pq Vt str 1187If 1188.Va kpasswdd_server_enable 1189is set to 1190.Dq Li YES 1191this is the path to Kerberos 5 Password-Changing Daemon. 1192.It Va rwhod_enable 1193.Pq Vt bool 1194If set to 1195.Dq Li YES , 1196run the 1197.Xr rwhod 8 1198daemon at boot time. 1199.It Va rwhod_flags 1200.Pq Vt str 1201If 1202.Va rwhod_enable 1203is set to 1204.Dq Li YES , 1205these are the flags to pass to it. 1206.It Va amd_enable 1207.Pq Vt bool 1208If set to 1209.Dq Li YES , 1210run the 1211.Xr amd 8 1212daemon at boot time. 1213.It Va amd_flags 1214.Pq Vt str 1215If 1216.Va amd_enable 1217is set to 1218.Dq Li YES , 1219these are the flags to pass to it. 1220See the 1221.Xr amd 8 1222manpage for more information. 1223.It Va amd_map_program 1224.Pq Vt str 1225If set, the specified program is run to get the list of 1226.Xr amd 8 1227maps. 1228For example, if the 1229.Xr amd 8 1230maps are stored in NIS, one can set this to run 1231.Xr ypcat 1 1232to get a list of 1233.Xr amd 8 1234maps from the 1235.Pa amd.master 1236NIS map. 1237.It Va update_motd 1238.Pq Vt bool 1239If set to 1240.Dq Li YES , 1241.Pa /etc/motd 1242will be updated at boot time to reflect the kernel release being run. 1243If set to 1244.Dq Li NO , 1245.Pa /etc/motd 1246will not be updated. 1247.It Va nfs_client_enable 1248.Pq Vt bool 1249If set to 1250.Dq Li YES , 1251run the NFS client daemons at boot time. 1252.It Va nfs_client_flags 1253.Pq Vt str 1254If 1255.Va nfs_client_enable 1256is set to 1257.Dq Li YES , 1258these are the flags to pass to the 1259.Xr nfsiod 8 1260daemon. 1261.It Va nfs_access_cache 1262.Pq Vt int 1263If 1264.Va nfs_client_enable 1265is set to 1266.Dq Li YES , 1267this can be set to 1268.Dq Li 0 1269to disable NFS ACCESS RPC caching, or to the number of seconds for which 1270NFS ACCESS results should be cached. 1271A value of 2-10 seconds will substantially reduce network traffic for 1272many NFS operations. 1273The default is 5 seconds. 1274Note that the attribute cache holds stat information only. 1275The NFS data cache is independent of the attribute cache and is only 1276invalidated when the client detects that the server has modified the 1277underlying file. 1278This value specifies a maximum timeout. 1279The NFS client will automatically use a shorter timeout for files which 1280have been recently modified. 1281.It Va nfs_neg_cache 1282.Pq Vt int 1283If 1284.Va nfs_client_enable 1285is set to 1286.Dq Li YES , 1287this can be set to 1288.Dq Li 0 1289to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1290filenames), or to the number of seconds for which negative lookups should 1291be cached. 1292A value of 2-10 seconds will substantially reduce network 1293traffic for many NFS operations, especially source code builds. 1294The default is 3 seconds. 1295.It Va nfs_server_enable 1296.Pq Vt bool 1297If set to 1298.Dq Li YES , 1299run the NFS server daemons at boot time. 1300.It Va nfs_server_flags 1301.Pq Vt str 1302If 1303.Va nfs_server_enable 1304is set to 1305.Dq Li YES , 1306these are the flags to pass to the 1307.Xr nfsd 8 1308daemon. 1309.It Va mountd_enable 1310.Pq Vt bool 1311If set to 1312.Dq Li YES , 1313and no 1314.Va nfs_server_enable 1315is set, start 1316.Xr mountd 8 , 1317but not 1318.Xr nfsd 8 1319daemon. 1320It is commonly needed to run CFS without real NFS used. 1321.It Va mountd_flags 1322.Pq Vt str 1323If 1324.Va mountd_enable 1325is set to 1326.Dq Li YES , 1327these are the flags to pass to the 1328.Xr mountd 8 1329daemon. 1330.It Va weak_mountd_authentication 1331.Pq Vt bool 1332If set to 1333.Dq Li YES , 1334allow services like PCNFSD to make non-privileged mount requests. 1335.It Va nfs_reserved_port_only 1336.Pq Vt bool 1337If set to 1338.Dq Li YES , 1339provide NFS services only on a secure port. 1340.It Va nfs_bufpackets 1341.Pq Vt int 1342If set to a number, indicates the number of packets worth of 1343socket buffer space to reserve on an NFS client. 1344The kernel default is typically 4. 1345Using a higher number may be useful on gigabit networks to improve performance. 1346The minimum value is 2 and the maximum is 64. 1347.It Va rpc_umntall_enable 1348.Pq Vt bool 1349If set to 1350.Dq Li YES 1351(default) and we are also an NFS client, run 1352.Xr rpc.umntall 8 1353at boot time to clear out old mounts on remote servers. 1354If set to 1355.Dq Li NO 1356then 1357.Xr rpc.umntall 8 1358will not be run at boot time. 1359.It Va rpc_lockd_enable 1360.Pq Vt bool 1361If set to 1362.Dq Li YES 1363and also an NFS server, run 1364.Xr rpc.lockd 8 1365at boot time. 1366.It Va rpc_statd_enable 1367.Pq Vt bool 1368If set to 1369.Dq Li YES 1370and also an NFS server, run 1371.Xr rpc.statd 8 1372at boot time. 1373.It Va rpcbind_program 1374.Pq Vt str 1375Path to program for rpcbind daemon 1376(default 1377.Pa /usr/sbin/portmap ) . 1378.It Va rpcbind_enable 1379.Pq Vt bool 1380If set to 1381.Dq Li YES , 1382run 1383.Va rpcbind_program 1384at boot time. 1385.It Va rpcbind_flags 1386.Pq Vt str 1387If 1388.Va rpcbind_enable 1389is set to 1390.Dq Li YES , 1391these are the flags to pass to 1392.Va rpcbind_program . 1393.It Va keyserv_enable 1394.Pq Vt bool 1395If set to 1396.Dq Li YES , 1397run the 1398.Xr keyserv 8 1399daemon on boot for running Secure RPC. 1400.It Va keyserv_flags 1401.Pq Vt str 1402If 1403.Va keyserv_enable 1404is set to 1405.Dq Li YES , 1406these are the flags to pass to 1407.Xr keyserv 8 1408daemon. 1409.It Va pppoed_enable 1410.Pq Vt bool 1411If set to 1412.Dq Li YES , 1413run the 1414.Xr pppoed 8 1415daemon at boot time to provide PPP over Ethernet services. 1416.It Va pppoed_provider 1417.Pq Vt str 1418.Xr pppoed 8 1419listens to requests to this provider and ultimately runs 1420.Xr ppp 8 1421with a 1422.Ar system 1423argument of the same name. 1424.It Va pppoed_flags 1425.Pq Vt str 1426Additional flags to pass to 1427.Xr pppoed 8 . 1428.It Va pppoed_interface 1429.Pq Vt str 1430The network interface to run 1431.Xr pppoed 8 1432on. 1433This is mandatory when 1434.Va pppoed_enable 1435is set to 1436.Dq Li YES . 1437.It Va timed_enable 1438.Pq Vt bool 1439If set to 1440.Dq Li YES , 1441run the 1442.Xr timed 8 1443service at boot time. 1444This command is intended for networks of machines where a consistent 1445.Dq "network time" 1446for all hosts must be established. 1447This is often useful in large NFS environments where time stamps on 1448files are expected to be consistent network-wide. 1449.It Va timed_flags 1450.Pq Vt str 1451If 1452.Va timed_enable 1453is set to 1454.Dq Li YES , 1455these are the flags to pass to the 1456.Xr timed 8 1457service. 1458.It Va dntpd_enable 1459.Pq Vt bool 1460If set to 1461.Dq Li YES , 1462run 1463.Xr dntpd 8 1464at system boot time. 1465.It Va dntpd_program 1466.Pq Vt str 1467Path to 1468.Xr dntpd 8 1469(default 1470.Pa /usr/sbin/dntpd ) . 1471.It Va dntpd_flags 1472.Pq Vt str 1473If 1474.Va dntpd_enable 1475is set to 1476.Dq Li YES , 1477these are the flags to pass to the 1478.Xr dntpd 8 1479daemon. 1480.It Va btconfig_enable 1481.Pq Vt bool 1482If set to 1483.Dq Li YES , 1484configure Bluetooth devices via 1485.Xr btconfig 8 1486at system boot time. 1487.It Va btconfig_devices 1488.Pq Vt str 1489If 1490.Va btconfig_enable 1491is set to 1492.Dq Li YES , 1493this is the list of Bluetooth devices to configure. 1494If 1495.Va btconfig_devices 1496is not specified, all devices known to the system will be configured. 1497A 1498.Va btconfig_ Ns Aq Ar device 1499variable can be set to specify parameters to be passed to 1500.Ar device . 1501.It Va btconfig_args 1502.Pq Vt str 1503If 1504.Va btconfig_enable 1505is set to 1506.Dq Li YES , 1507this is the list of configuration parameters to pass to all Bluetooth 1508devices. 1509.It Va sdpd_enable 1510.Pq Vt bool 1511If set to 1512.Dq Li YES , 1513run the Service Discovery Profile daemon 1514.Xr ( sdpd 8 ) 1515at system boot time. 1516.It Va sdpd_flags 1517.Pq Vt str 1518If 1519.Va sdpd_enable 1520is set to 1521.Dq Li YES , 1522these are the flags to pass to the 1523.Xr sdpd 8 1524daemon. 1525.It Va bthcid_enable 1526.Pq Vt bool 1527If set to 1528.Dq Li YES , 1529run the Bluetooth Link Key/PIN Code Manager daemon 1530.Xr ( bthcid 8 ) 1531at system boot time. 1532.It Va bthcid_flags 1533.Pq Vt str 1534If 1535.Va bthcid_enable 1536is set to 1537.Dq Li YES , 1538these are the flags to pass to the 1539.Xr bthcid 8 1540daemon. 1541.It Va nis_client_enable 1542.Pq Vt bool 1543If set to 1544.Dq Li YES , 1545run the 1546.Xr ypbind 8 1547service at system boot time. 1548.It Va nis_client_flags 1549.Pq Vt str 1550If 1551.Va nis_client_enable 1552is set to 1553.Dq Li YES , 1554these are the flags to pass to the 1555.Xr ypbind 8 1556service. 1557.It Va nis_ypset_enable 1558.Pq Vt bool 1559If set to 1560.Dq Li YES , 1561run the 1562.Xr ypset 8 1563daemon at system boot time. 1564.It Va nis_ypset_flags 1565.Pq Vt str 1566If 1567.Va nis_ypset_enable 1568is set to 1569.Dq Li YES , 1570these are the flags to pass to the 1571.Xr ypset 8 1572daemon. 1573.It Va nis_server_enable 1574.Pq Vt bool 1575If set to 1576.Dq Li YES , 1577run the 1578.Xr ypserv 8 1579daemon at system boot time. 1580.It Va nis_server_flags 1581.Pq Vt str 1582If 1583.Va nis_server_enable 1584is set to 1585.Dq Li YES , 1586these are the flags to pass to the 1587.Xr ypserv 8 1588daemon. 1589.It Va nis_ypxfrd_enable 1590.Pq Vt bool 1591If set to 1592.Dq Li YES , 1593run the 1594.Xr rpc.ypxfrd 8 1595daemon at system boot time. 1596.It Va nis_ypxfrd_flags 1597.Pq Vt str 1598If 1599.Va nis_ypxfrd_enable 1600is set to 1601.Dq Li YES , 1602these are the flags to pass to the 1603.Xr rpc.ypxfrd 8 1604daemon. 1605.It Va nis_yppasswdd_enable 1606.Pq Vt bool 1607If set to 1608.Dq Li YES , 1609run the 1610.Xr rpc.yppasswdd 8 1611daemon at system boot time. 1612.It Va nis_yppasswdd_flags 1613.Pq Vt str 1614If 1615.Va nis_yppasswdd_enable 1616is set to 1617.Dq Li YES , 1618these are the flags to pass to the 1619.Xr rpc.yppasswdd 8 1620daemon. 1621.It Va rpc_ypupdated_enable 1622.Pq Vt bool 1623If set to 1624.Dq Li YES , 1625run the 1626.Nm rpc.ypupdated 1627daemon at system boot time. 1628.It Va defaultrouter 1629.Pq Vt str 1630If not set to 1631.Dq Li NO , 1632create a default route to this host name or IP address 1633(use an IP address if this router is also required to get to the 1634name server!). 1635.It Va ipv6_defaultrouter 1636.Pq Vt str 1637The IPv6 equivalent of 1638.Va defaultrouter . 1639.It Va static_routes 1640.Pq Vt str 1641Set to the list of static routes that are to be added at system boot time. 1642If not set to 1643.Dq Li NO 1644then for each whitespace separated 1645.Ar element 1646in the value, a 1647.Va route_ Ns Aq Ar element 1648variable is assumed to exist whose contents will later be passed to a 1649.Dq Nm route Cm add 1650operation. 1651.It Va ipv6_static_routes 1652.Pq Vt str 1653The IPv6 equivalent of 1654.Va static_routes . 1655If not set to 1656.Dq Li NO 1657then for each whitespace separated 1658.Ar element 1659in the value, a 1660.Va ipv6_route_ Ns Aq Ar element 1661variable is assumed to exist whose contents will later be passed to a 1662.Dq Nm route Cm add Fl inet6 1663operation. 1664.It Va gateway_enable 1665.Pq Vt bool 1666If set to 1667.Dq Li YES , 1668configure host to act as an IP router, e.g. to forward packets 1669between interfaces. 1670.It Va ipv6_gateway_enable 1671.Pq Vt bool 1672The IPv6 equivalent of 1673.Va gateway_enable . 1674.It Va router_enable 1675.Pq Vt bool 1676If set to 1677.Dq Li YES , 1678run a routing daemon of some sort, based on the settings of 1679.Va router_program 1680and 1681.Va router_flags . 1682.It Va ipv6_router_enable 1683.Pq Vt bool 1684The IPv6 equivalent of 1685.Va router_enable . 1686If set to 1687.Dq Li YES , 1688run a routing daemon of some sort, based on the settings of 1689.Va ipv6_router_program 1690and 1691.Va ipv6_router_flags . 1692.It Va router_program 1693.Pq Vt str 1694If 1695.Va router_enable 1696is set to 1697.Dq Li YES , 1698this is the name of the routing daemon to use 1699(default 1700.Pa /sbin/routed ) . 1701.It Va ipv6_router_program 1702.Pq Vt str 1703The IPv6 equivalent of 1704.Va router_program 1705(default 1706.Pa /sbin/route6d ) . 1707.It Va router_flags 1708.Pq Vt str 1709If 1710.Va router_enable 1711is set to 1712.Dq Li YES , 1713these are the flags to pass to the routing daemon. 1714.It Va ipv6_router_flags 1715.Pq Vt str 1716The IPv6 equivalent of 1717.Va router_flags . 1718.It Va mrouted_enable 1719.Pq Vt bool 1720If set to 1721.Dq Li YES , 1722run the multicast routing daemon, 1723.Xr mrouted 8 . 1724.It Va mroute6d_enable 1725.Pq Vt bool 1726The IPv6 equivalent of 1727.Va mrouted_enable . 1728If set to 1729.Dq Li YES , 1730run the IPv6 multicast routing daemon. 1731Note that no IPv6 multicast routing daemon is included in the 1732.Dx 1733base system but 1734.Xr pim6dd 8 1735can be installed from the 1736.Xr pkgsrc 7 1737collection. 1738.It Va mrouted_flags 1739.Pq Vt str 1740If 1741.Va mrouted_enable 1742is set to 1743.Dq Li YES , 1744these are the flags to pass to the 1745.Xr mrouted 8 1746daemon. 1747.It Va mroute6d_flags 1748.Pq Vt str 1749The IPv6 equivalent of 1750.Va mrouted_flags . 1751If 1752.Va mroute6d_enable 1753is set to 1754.Dq Li YES , 1755these are the flags passed to the IPv6 multicast routing daemon. 1756.It Va mroute6d_program 1757.Pq Vt str 1758If 1759.Va mroute6d_enable 1760is set to 1761.Dq Li YES , 1762this is the path to the IPv6 multicast routing daemon. 1763.It Va rtadvd_enable 1764.Pq Vt bool 1765If set to 1766.Dq Li YES , 1767run the 1768.Xr rtadvd 8 1769daemon at boot time. 1770.Xr rtadvd 8 1771will only run if 1772.Va ipv6_gateway_enable 1773is also set to 1774.Dq Li YES . 1775The 1776.Xr rtadvd 8 1777utility sends router advertisement packets to the interfaces specified in 1778.Va rtadvd_interfaces . 1779.Xr rtadvd 8 1780and should only be enabled with great care. 1781You may want to fine-tune 1782.Xr rtadvd.conf 5 . 1783.It Va rtadvd_interfaces 1784.Pq Vt str 1785If 1786.Va rtadvd_enable 1787is set to 1788.Dq Li YES 1789this is the list of interfaces to use. 1790.It Va rtsold_enable 1791.Pq Vt bool 1792If set to 1793.Dq Li YES , 1794run the 1795.Xr rtsold 8 1796daemon at boot time. 1797The 1798.Xr rtsold 8 1799daemon is used for automatic discovery of non-link local addresses. 1800.It Va rtsold_flags 1801.Pq Vt str 1802If 1803.Va rtsold_enable 1804is set to 1805.Dq Li YES , 1806these are the flags to pass to the 1807.Xr rtsold 8 1808daemon. 1809.It Va ipxgateway_enable 1810.Pq Vt bool 1811If set to 1812.Dq Li YES , 1813enable the routing of IPX traffic. 1814.It Va ipxrouted_enable 1815.Pq Vt bool 1816If set to 1817.Dq Li YES , 1818run the 1819.Xr IPXrouted 8 1820daemon at system boot time. 1821.It Va ipxrouted_flags 1822.Pq Vt str 1823If 1824.Va ipxrouted_enable 1825is set to 1826.Dq Li YES , 1827these are the flags to pass to the 1828.Xr IPXrouted 8 1829daemon. 1830.It Va arpproxy_all 1831.Pq Vt bool 1832If set to 1833.Dq Li YES , 1834enable global proxy ARP. 1835.It Va forward_sourceroute 1836.Pq Vt bool 1837If set to 1838.Dq Li YES 1839and 1840.Va gateway_enable 1841is also set to 1842.Dq Li YES , 1843source-routed packets are forwarded. 1844.It Va accept_sourceroute 1845.Pq Vt bool 1846If set to 1847.Dq Li YES , 1848the system will accept source-routed packets directed at it. 1849.It Va rarpd_enable 1850.Pq Vt bool 1851If set to 1852.Dq Li YES , 1853run the 1854.Xr rarpd 8 1855daemon at system boot time. 1856.It Va rarpd_flags 1857.Pq Vt str 1858If 1859.Va rarpd_enable 1860is set to 1861.Dq Li YES , 1862these are the flags to pass to the 1863.Xr rarpd 8 1864daemon. 1865.It Va bootparamd_enable 1866.Pq Vt bool 1867If set to 1868.Dq Li YES , 1869run the 1870.Xr bootparamd 8 1871daemon at system boot time. 1872.It Va bootparamd_flags 1873.Pq Vt str 1874If 1875.Va bootparamd_enable 1876is set to 1877.Dq Li YES , 1878these are the flags to pass to the 1879.Xr bootparamd 8 1880daemon. 1881.It Va stf_interface_ipv4addr 1882.Pq Vt str 1883If not set to 1884.Dq Li NO , 1885this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1886Specify this entry to enable the 6to4 interface. 1887.It Va stf_interface_ipv4plen 1888.Pq Vt int 1889Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1890An effective value is 0-31. 1891.It Va stf_interface_ipv6_ifid 1892.Pq Vt str 1893IPv6 interface ID for 1894.Xr stf 4 . 1895This can be set to 1896.Dq Li AUTO . 1897.It Va stf_interface_ipv6_slaid 1898.Pq Vt str 1899IPv6 Site Level Aggregator for 1900.Xr stf 4 . 1901.It Va ipv6_faith_prefix 1902.Pq Vt str 1903If not set to 1904.Dq Li NO , 1905this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP translator. 1906You also need 1907.Xr faithd 8 1908setup. 1909.It Va ipv6_ipv4mapping 1910.Pq Vt bool 1911If set to 1912.Dq Li YES 1913this enables IPv4 mapped IPv6 address communication (like 1914.Li ::ffff:a.b.c.d ) . 1915.It Va atm_enable 1916.Pq Vt bool 1917Set to 1918.Dq Li YES 1919to enable the configuration of ATM interfaces at system boot time. 1920For all of the ATM variables described below, please refer to the 1921.Xr atm 8 1922man page for further details on the available command parameters. 1923Also refer to the files in 1924.Pa /usr/share/examples/atm 1925for more detailed configuration information. 1926.It Va atm_netif_ Ns Aq Ar intf 1927.Pq Vt str 1928For the ATM physical interface 1929.Ar intf , 1930this variable defines the name prefix and count for the ATM network 1931interfaces to be created. 1932The value will be passed as the parameters of an 1933.Dq Nm atm Cm "set netif" Ar intf 1934command. 1935.It Va atm_sigmgr_ Ns Aq Ar intf 1936.Pq Vt str 1937For the ATM physical interface 1938.Ar intf , 1939this variable defines the ATM signalling manager to be used. 1940The value will be passed as the parameters of an 1941.Dq Nm atm Cm attach Ar intf 1942command. 1943.It Va atm_prefix_ Ns Aq Ar intf 1944.Pq Vt str 1945For the ATM physical interface 1946.Ar intf , 1947this variable defines the NSAP prefix for interfaces using a UNI signalling 1948manager. 1949If set to 1950.Dq Li ILMI , 1951the prefix will automatically be set via the 1952.Xr ilmid 8 1953daemon. 1954Otherwise, the value will be passed as the parameters of an 1955.Dq Nm atm Cm "set prefix" Ar intf 1956command. 1957.It Va atm_macaddr_ Ns Aq Ar intf 1958.Pq Vt str 1959For the ATM physical interface 1960.Ar intf , 1961this variable defines the MAC address for interfaces using a UNI signalling 1962manager. 1963If set to 1964.Dq Li NO , 1965the hardware MAC address contained in the ATM interface card will be used. 1966Otherwise, the value will be passed as the parameters of an 1967.Dq Nm atm Cm "set mac" Ar intf 1968command. 1969.It Va atm_arpserver_ Ns Aq Ar netif 1970.Pq Vt str 1971For the ATM network interface 1972.Ar netif , 1973this variable defines the ATM address for a host which is to provide ATMARP 1974service. 1975This variable is only applicable to interfaces using a UNI signalling manager. 1976If set to 1977.Dq Li local , 1978this host will become an ATMARP server. 1979The value will be passed as the parameters of an 1980.Dq Nm atm Cm "set arpserver" Ar netif 1981command. 1982.It Va atm_scsparp_ Ns Aq Ar netif 1983.Pq Vt bool 1984If set to 1985.Dq Li YES , 1986SCSP/ATMARP service for the network interface 1987.Ar netif 1988will be initiated using the 1989.Xr scspd 8 1990and 1991.Xr atmarpd 8 1992daemons. 1993This variable is only applicable if 1994.Va atm_arpserver_ Ns Aq Ar netif 1995is set to 1996.Dq Li local . 1997.It Va atm_arps 1998.Pq Vt str 1999Set to the list of permanent ATM ARP entries to be added at system boot time. 2000For each whitespace separated 2001.Ar element 2002in the value, an 2003.Va atm_arp_ Ns Aq Ar element 2004variable is assumed to exist. 2005The value of each of these variables will be passed as the parameters of an 2006.Dq Nm atm Cm "add arp" 2007command. 2008.It Va keybell 2009.Pq Vt str 2010The keyboard bell sound. 2011Set to 2012.Dq Li normal , 2013.Dq Li visual , 2014.Dq Li off , 2015or 2016.Dq Li NO 2017if the default behavior is desired. 2018For details, refer to the 2019.Xr kbdcontrol 1 2020manpage. 2021.It Va keymap 2022.Pq Vt str 2023If set to 2024.Dq Li NO , 2025no keymap is installed, otherwise the value is used to install 2026the keymap file in 2027.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2028.It Va keyrate 2029.Pq Vt str 2030The keyboard repeat speed. 2031Set to 2032.Dq Li slow , 2033.Dq Li normal , 2034.Dq Li fast , 2035or 2036.Dq Li NO 2037if the default behavior is desired. 2038.It Va keychange 2039.Pq Vt str 2040If not set to 2041.Dq Li NO , 2042attempt to program the function keys with the value. 2043The value should be a single string of the form: 2044.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2045.It Va cursor 2046.Pq Vt str 2047Can be set to the value of 2048.Dq Li normal , 2049.Dq Li blink , 2050.Dq Li destructive , 2051or 2052.Dq Li NO 2053to set the cursor behavior explicitly or choose the default behavior. 2054.It Va scrnmap 2055.Pq Vt str 2056If set to 2057.Dq Li NO , 2058no screen map is installed, otherwise the value is used to install 2059the screen map file in 2060.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2061.It Va font8x16 2062.Pq Vt str 2063If set to 2064.Dq Li NO , 2065the default 8x16 font value is used for screen size requests, otherwise 2066the value in 2067.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2068is used. 2069.It Va font8x14 2070.Pq Vt str 2071If set to 2072.Dq Li NO , 2073the default 8x14 font value is used for screen size requests, otherwise 2074the value in 2075.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2076is used. 2077.It Va font8x8 2078.Pq Vt str 2079If set to 2080.Dq Li NO , 2081the default 8x8 font value is used for screen size requests, otherwise 2082the value in 2083.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2084is used. 2085.It Va blanktime 2086.Pq Vt int 2087If set to 2088.Dq Li NO , 2089the default screen blanking interval is used, otherwise it is set to 2090.Ar value 2091seconds. 2092.It Va saver 2093.Pq Vt str 2094If not set to 2095.Dq Li NO , 2096this is the actual screen saver to use 2097.Li ( blank , snake , daemon , 2098etc). 2099.It Va moused_enable 2100.Pq Vt str 2101If set to 2102.Dq Li YES , 2103the 2104.Xr moused 8 2105daemon is started for doing cut/paste selection on the console. 2106.It Va moused_type 2107.Pq Vt str 2108This is the protocol type of the mouse connected to this host. 2109This variable must be set if 2110.Va moused_enable 2111is set to 2112.Dq Li YES . 2113The 2114.Xr moused 8 2115daemon 2116is able to detect the appropriate mouse type automatically in many cases. 2117Set this variable to 2118.Dq Li auto 2119to let the daemon detect it, or 2120select one from the following list if the automatic detection fails. 2121.Pp 2122If the mouse is attached to the PS/2 mouse port, choose 2123.Dq Li auto 2124or 2125.Dq Li ps/2 , 2126regardless of the brand and model of the mouse. 2127Likewise, if the mouse is attached to the bus mouse port, choose 2128.Dq Li auto 2129or 2130.Dq Li busmouse . 2131All other protocols are for serial mice and will not work with 2132the PS/2 and bus mice. 2133If this is a USB mouse, 2134.Dq Li auto 2135is the only protocol type which will work. 2136.Pp 2137.Bl -tag -width ".Li x10mouseremote" -compact 2138.It Li microsoft 2139Microsoft mouse (serial) 2140.It Li intellimouse 2141Microsoft IntelliMouse (serial) 2142.It Li mousesystems 2143Mouse systems Corp. mouse (serial) 2144.It Li mmseries 2145MM Series mouse (serial) 2146.It Li logitech 2147Logitech mouse (serial) 2148.It Li busmouse 2149A bus mouse 2150.It Li mouseman 2151Logitech MouseMan and TrackMan (serial) 2152.It Li glidepoint 2153ALPS GlidePoint (serial) 2154.It Li thinkingmouse 2155Kensington ThinkingMouse (serial) 2156.It Li ps/2 2157PS/2 mouse 2158.It Li mmhittab 2159MM HitTablet (serial) 2160.It Li x10mouseremote 2161X10 MouseRemote (serial) 2162.It Li versapad 2163Interlink VersaPad (serial) 2164.El 2165.Pp 2166Even if the mouse is not in the above list, it may be compatible 2167with one in the list. 2168Refer to the man page for 2169.Xr moused 8 2170for compatibility information. 2171.Pp 2172It should also be noted that while this is enabled, any 2173other client of the mouse (such as an X server) should access 2174the mouse through the virtual mouse device, 2175.Pa /dev/sysmouse , 2176and configure it as a 2177.Dq Li sysmouse 2178type mouse, since all 2179mouse data is converted to this single canonical format when using 2180.Xr moused 8 . 2181If the client program does not support the 2182.Dq Li sysmouse 2183type, specify the 2184.Dq Li mousesystems 2185type. 2186It is the second preferred type. 2187.It Va moused_port 2188.Pq Vt str 2189If 2190.Va moused_enable 2191is set to 2192.Dq Li YES , 2193this is the actual port the mouse is on. 2194It might be 2195.Pa /dev/cuaa0 2196for a COM1 serial mouse, 2197.Pa /dev/psm0 2198for a PS/2 mouse or 2199.Pa /dev/mse0 2200for a bus mouse, for example. 2201.It Va moused_flags 2202.Pq Vt str 2203If 2204.Va moused_type 2205is set, these are the additional flags to pass to the 2206.Xr moused 8 2207daemon. 2208.It Va mousechar_start 2209.Pq Vt int 2210If set to 2211.Dq Li NO , 2212the default mouse cursor character range 2213.Li 0xd0 Ns - Ns Li 0xd3 2214is used, otherwise the range start is set to 2215.Ar value 2216character, see 2217.Xr vidcontrol 1 . 2218Use if the default range is occupied in the language code table. 2219.It Va vidhistory 2220.Pq Vt int 2221Set the size of the history (scrollback) buffer in lines. 2222.It Va allscreens_flags 2223.Pq Vt str 2224If set, 2225.Xr vidcontrol 1 2226is run with these options for each of the virtual terminals 2227.Pq Pa /dev/ttyv* . 2228For example, 2229.Dq Fl m Cm on 2230will enable the mouse pointer on all virtual terminals if 2231.Va moused_enable 2232is set to 2233.Dq Li YES . 2234.It Va allscreens_kbdflags 2235.Pq Vt str 2236If set, 2237.Xr kbdcontrol 1 2238is run with these options for each of the virtual terminals 2239.Pq Pa /dev/ttyv* . 2240For example, 2241.Dq Fl h Li 200 2242will set the 2243.Xr syscons 4 2244scrollback (history) buffer to 200 lines. 2245.It Va cron_enable 2246.Pq Vt bool 2247If set to 2248.Dq Li YES , 2249run the 2250.Xr cron 8 2251daemon at system boot time. 2252.It Va cron_program 2253.Pq Vt str 2254Path to 2255.Xr cron 8 2256(default 2257.Pa /usr/sbin/cron ) . 2258.It Va cron_flags 2259.Pq Vt str 2260If 2261.Va cron_enable 2262is set to 2263.Dq Li YES , 2264these are the flags to pass to 2265.Xr cron 8 . 2266.It Va lpd_program 2267.Pq Vt str 2268Path to 2269.Xr lpd 8 2270(default 2271.Pa /usr/sbin/lpd ) . 2272.It Va lpd_enable 2273.Pq Vt bool 2274If set to 2275.Dq Li YES , 2276run the 2277.Xr lpd 8 2278daemon at system boot time. 2279.It Va lpd_flags 2280.Pq Vt str 2281If 2282.Va lpd_enable 2283is set to 2284.Dq Li YES , 2285these are the flags to pass to the 2286.Xr lpd 8 2287daemon. 2288.It Va mixer_enable 2289.Pq Vt bool 2290If set to 2291.Dq Li YES , 2292preserve 2293.Xr mixer 8 2294settings across reboots. 2295.It Va mta_start_script 2296.Pq Vt str 2297The full path to the script to run to start 2298a mail transfer agent. 2299The default is 2300.Pa /etc/rc.sendmail . 2301The 2302.Va sendmail_* 2303variables which 2304.Pa /etc/rc.sendmail 2305uses are documented in the 2306.Xr rc.sendmail 8 2307man page. 2308.It Va dumpdev 2309.Pq Vt str 2310Indicates the device (usually a swap partition) to which a crash dump 2311should be written in the event of a system crash. 2312The value of this variable is passed as the argument to 2313.Xr dumpon 8 . 2314To disable crash dumps, set this variable to 2315.Dq Li NO . 2316.It Va dumpdir 2317.Pq Vt str 2318When the system reboots after a crash and a crash dump is found on the 2319device specified by the 2320.Va dumpdev 2321variable, 2322.Xr savecore 8 2323will save that crash dump and a copy of the kernel to the directory 2324specified by the 2325.Va dumpdir 2326variable. 2327The default value is 2328.Pa /var/crash . 2329Set to 2330.Dq Li NO 2331to not run 2332.Xr savecore 8 2333at boot time when 2334.Va dumpdir 2335is set. 2336.It Va savecore_flags 2337.Pq Vt str 2338If crash dumps are enabled, these are the flags to pass to the 2339.Xr savecore 8 2340utility. 2341.It Va enable_quotas 2342.Pq Vt bool 2343Set to 2344.Dq Li YES 2345to turn on user disk quotas on system startup via the 2346.Xr quotaon 8 2347command. 2348.It Va check_quotas 2349.Pq Vt bool 2350Set to 2351.Dq Li YES 2352to enable user disk quota checking via the 2353.Xr quotacheck 8 2354command. 2355.It Va accounting_enable 2356.Pq Vt bool 2357Set to 2358.Dq Li YES 2359to enable system accounting through the 2360.Xr accton 8 2361facility. 2362.It Va linux_enable 2363.Pq Vt bool 2364Set to 2365.Dq Li YES 2366to enable Linux/ELF binary emulation at system initial boot time. 2367.It Va sysvipc_enable 2368.Pq Vt bool 2369If set to 2370.Dq Li YES , 2371load System V IPC primitives at boot time. 2372.\" ----- cleanvar_enable setting-------------------------------- 2373.It Va cleanvar_enable 2374.Pq Vt bool 2375Set to 2376.Dq Li YES 2377to have 2378.Pa /var/run , 2379.Pa /var/spool/lock 2380and 2381.Pa /var/spool/uucp/.Temp/* 2382cleaned at startup. 2383.\" ----- clear_tmp_enable setting------------------------------- 2384.It Va clear_tmp_enable 2385.Pq Vt bool 2386Set to 2387.Dq Li YES 2388to have 2389.Pa /tmp 2390cleaned at startup. 2391.\" ----- ldconfig_paths setting -------------------------------- 2392.It Va ldconfig_paths 2393.Pq Vt str 2394Set to the list of shared library paths to use with 2395.Xr ldconfig 8 . 2396NOTE: 2397.Pa /usr/lib 2398will always be added first, so it need not appear in this list. 2399.It Va ldconfig_insecure 2400.Pq Vt bool 2401The 2402.Xr ldconfig 8 2403utility normally refuses to use directories 2404which are writable by anyone except root. 2405Set this variable to 2406.Dq Li YES 2407to disable that security check during system startup. 2408.It Va kern_securelevel 2409.Pq Vt int 2410The kernel security level to set at startup. 2411The allowed range of 2412.Ar value 2413ranges from \-1 (the compile time default) to 3 (the most secure). 2414See 2415.Xr init 8 2416for the list of possible security levels and their effect on system operation. 2417.It Va start_vinum 2418.Pq Vt bool 2419Set to 2420.Dq Li YES 2421to start 2422.Xr vinum 8 2423at system boot time. 2424.It Va sshd_enable 2425.Pq Vt bool 2426Set to 2427.Dq Li YES 2428to start 2429.Xr sshd 8 2430at system boot time. 2431.It Va sshd_program 2432.Pq Vt str 2433Path to the SSH server program 2434(default 2435.Pa /usr/sbin/sshd ) . 2436.It Va sshd_flags 2437.Pq Vt str 2438If 2439.Va sshd_enable 2440is set to 2441.Dq Li YES , 2442these are the flags to pass to the 2443.Xr sshd 8 2444daemon. 2445.It Va ftpd_enable 2446.Pq Vt bool 2447Set to 2448.Dq Li YES 2449to start 2450.Xr ftpd 8 2451at system boot time. 2452.It Va ftpd_flags 2453.Pq Vt str 2454If 2455.Va ftpd_enable 2456is set to 2457.Dq Li YES , 2458these are the flags to pass to the 2459.Xr ftpd 8 2460daemon. 2461.It Va usbd_enable 2462.Pq Vt bool 2463If set to 2464.Dq Li YES , 2465run the 2466.Xr usbd 8 2467daemon at boot time. 2468.It Va usbd_flags 2469.Pq Vt str 2470If 2471.Va usbd_enable 2472is set to 2473.Dq Li YES , 2474these are the flags passed to 2475.Xr usbd 8 2476daemon. 2477.It Va watchdogd_enable 2478.Pq Vt bool 2479If set to 2480.Dq Li YES , 2481start the 2482.Xr watchdogd 8 2483daemon at boot time. 2484This requires that the kernel have been compiled with 2485.Cd "options WATCHDOG" . 2486.It Va jail_enable 2487.Pq Vt bool 2488If set to 2489.Dq Li NO , 2490any configured jails will not be started. 2491.It Va jail_list 2492.Pq Vt str 2493A space separated list of names for jails. 2494This is purely a configuration aid to help identify and 2495configure multiple jails. 2496The names specified in this list will be used to 2497identify settings common to an instance of a jail. 2498Assuming that the jail in question was named 2499.Li vjail , 2500you would have the following dependent variables: 2501.Bd -literal 2502jail_vjail_hostname="jail.example.com" 2503jail_vjail_ip="192.168.1.100" 2504jail_vjail_rootdir="/var/jails/vjail/root" 2505.Ed 2506.Pp 2507.It Va jail_flags 2508.Pq Vt str 2509Unset by default. 2510When set, use as default value for 2511.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2512for every jail in 2513.Va jail_list . 2514.It Va jail_interface 2515.Pq Vt str 2516Unset by default. 2517When set, use as default value for 2518.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2519for every jail in 2520.Va jail_list . 2521.It Va jail_fstab 2522.Pq Vt str 2523Unset by default. 2524When set, use as default value for 2525.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2526for every jail in 2527.Va jail_list . 2528.It Va jail_mount_enable 2529.Pq Vt bool 2530Set to 2531.Dq Li NO 2532by default. 2533When set to 2534.Dq Li YES , 2535sets 2536.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2537to 2538.Dq Li YES 2539by default for every jail in 2540.Va jail_list . 2541.It Va jail_fdesc_enable 2542.Pq Vt bool 2543Set to 2544.Dq Li NO 2545by default. 2546When set to 2547.Dq Li YES , 2548sets 2549.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2550to 2551.Dq Li YES 2552by default for every jail in 2553.Va jail_list . 2554.It Va jail_procfs_enable 2555.Pq Vt bool 2556Set to 2557.Dq Li NO 2558by default. 2559When set to 2560.Dq Li YES , 2561sets 2562.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2563to 2564.Dq Li YES 2565by default for every jail in 2566.Va jail_list . 2567.It Va jail_exec_start 2568.Pq Vt str 2569Unset by default. 2570When set, use as default value for 2571.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2572for every jail in 2573.Va jail_list . 2574.It Va jail_exec_stop 2575Unset by default. 2576When set, use as default value for 2577.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2578for every jail in 2579.Va jail_list . 2580.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2581.Pq Vt str 2582Unset by default. 2583Set to the root directory used by jail 2584.Va jname . 2585.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2586.Pq Vt str 2587Unset by default. 2588Set to the fully qualified domain name (FQDN) assigned to jail 2589.Va jname . 2590.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2591.Pq Vt str 2592Unset by default. 2593Set to the IP address assigned to jail 2594.Va jname . 2595.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2596.Pq Vt str 2597Set to 2598.Dq Li -l -U root 2599by default. 2600These are flags to pass to 2601.Xr jail 8 . 2602.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2603.Pq Vt str 2604Unset by default. 2605When set, sets the interface to use when setting IP address alias. 2606Note that the alias is created at jail startup and removed at jail shutdown. 2607.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2608.Pq Vt str 2609Set to 2610.Pa /etc/fstab. Ns Aq Ar jname 2611by default. 2612This is the file system information file to use for jail 2613.Va jname . 2614.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2615.Pq Vt bool 2616Set to 2617.Dq Li NO 2618by default. 2619When set to 2620.Dq Li YES , 2621mount all file systems from 2622.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2623at jail startup. 2624.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2625.Pq Vt bool 2626Set to 2627.Dq Li NO 2628by default. 2629When set to 2630.Dq Li YES , 2631mount the file-descriptor file system inside jail 2632.Ar jname 2633at jail startup. 2634.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2635.Pq Vt bool 2636Set to 2637.Dq Li NO 2638by default. 2639When set to 2640.Dq Li YES , 2641mount the process file system inside jail 2642.Ar jname 2643at jail startup. 2644.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2645.Pq Vt str 2646Set to 2647.Dq Li /bin/sh /etc/rc 2648by default. 2649This is the command executed at jail startup. 2650.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2651.Pq Vt str 2652Set to 2653.Dq Li /bin/sh /etc/rc.shutdown 2654by default. 2655This is the command executed at jail shutdown. 2656.It Va jail_set_hostname_allow 2657.Pq Vt bool 2658If set to 2659.Dq Li NO , 2660do not allow the root user in a jail to set its hostname. 2661.It Va jail_socket_unixiproute_only 2662.Pq Vt bool 2663If set to 2664.Dq Li YES , 2665do not allow any sockets, 2666besides UNIX/IP/route sockets, 2667to be used within a jail. 2668.It Va jail_sysvipc_allow 2669.Pq Vt bool 2670If set to 2671.Dq Li YES , 2672allow applications within a jail to use System V IPC. 2673.It Va newsyslog_enable 2674.Pq Vt bool 2675If set to 2676.Dq Li YES , 2677run 2678.Xr newsyslog 8 2679before syslogd starts. 2680.It Va newsyslog_flags 2681.Pq Vt str 2682If 2683.Va newsyslog_enable 2684is set to 2685.Dq Li YES , 2686these are the flags passed to 2687.Xr newsyslog 8 . 2688.It Va resident_enable 2689.Pq Vt bool 2690If set to 2691.Dq Li YES , 2692make the dynamic binaries listed in 2693.Pa /etc/resident.conf 2694resident. 2695.It Va varsym_enable 2696.Pq Vt bool 2697If set to 2698.Dq Li YES , 2699process 2700.Pa /etc/varsym.conf 2701to set system-wide variables for variant symlinks. 2702.It Va rand_irqs 2703.Pq Vt str 2704Set either to 2705.Dq Li NO 2706or a whitespace separated list of IRQ numbers which will be used as a source of 2707randomness. 2708.\" ----- isdn settings --------------------------------- 2709.It Va isdn_enable 2710.Pq Vt bool 2711Set to 2712.Dq Li NO 2713by default. 2714When set to 2715.Dq Li YES , 2716starts the 2717.Xr isdnd 8 2718daemon at system boot time. 2719.It Va isdn_flags 2720.Pq Vt str 2721Set to 2722.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2723by default. 2724Additional flags to pass to 2725.Xr isdnd 8 2726(but see 2727.Va isdn_fsdev 2728and 2729.Va isdn_ttype 2730for certain tunable parameters). 2731.It Va isdn_ttype 2732.Pq Vt str 2733Set to 2734.Dq Li cons25 2735by default. 2736The terminal type of the output device when 2737.Xr isdnd 8 2738operates in full-screen mode. 2739.It Va isdn_screenflags 2740.Pq Vt str 2741Set to 2742.Dq Li NO 2743by default. 2744The video mode for full-screen mode (only for 2745.Xr syscons 4 2746console driver, see 2747.Xr vidcontrol 1 2748for valid modes). 2749.It Va isdn_fsdev 2750.Pq Vt str 2751Set to 2752.Dq Li NO 2753by default. 2754The output device for 2755.Xr isdnd 8 2756in full-screen mode (or 2757.Dq Li NO 2758for daemon mode). 2759.It Va isdn_trace 2760.Pq Vt bool 2761Set to 2762.Dq Li NO 2763by default. 2764When set to 2765.Dq Li YES , 2766enables the ISDN protocol trace utility 2767.Xr isdntrace 8 2768at system boot time. 2769.It Va isdn_traceflags 2770.Pq Vt str 2771Set to 2772.Dq Fl f Pa /var/tmp/isdntrace0 2773by default. 2774Flags for 2775.Xr isdntrace 8 . 2776.\" ----------------------------------------------------- 2777.It Va entropy_dir 2778.Pq Vt str 2779Set to 2780.Dq Li NO 2781to disable caching entropy via 2782.Xr cron 8 . 2783Otherwise set to the directory used to store entropy files in. 2784.It Va entropy_file 2785.Pq Vt str 2786Set to 2787.Dq Li NO 2788to disable caching entropy through reboots. 2789Otherwise set to the filename used to store cached entropy through reboots. 2790This file should be located on the root file system to seed the 2791.Xr random 4 2792device as early as possible in the boot process. 2793.It Va ipsec_enable 2794.Pq Vt bool 2795Set to 2796.Dq Li YES 2797to run 2798.Xr setkey 8 2799on 2800.Va ipsec_file 2801at boot time. 2802.It Va ipsec_file 2803.Pq Vt str 2804Configuration file for 2805.Xr setkey 8 . 2806.It Va dmesg_enable 2807.Pq Vt bool 2808Set to 2809.Dq Li YES 2810to save 2811.Xr dmesg 8 2812to 2813.Pa /var/run/dmesg.boot 2814on boot. 2815.It Va rcshutdown_timeout 2816.Pq Vt int 2817If set, start a watchdog timer in the background which will terminate 2818.Pa rc.shutdown 2819if 2820.Xr shutdown 8 2821has not completed within the specified time (in seconds). 2822.El 2823.Sh FILES 2824.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2825.It Pa /etc/defaults/rc.conf 2826.It Pa /etc/rc.conf 2827.It Pa /etc/rc.conf.local 2828.It Pa /etc/start_if. Ns Aq Ar interface 2829.El 2830.Sh SEE ALSO 2831.Xr catman 1 , 2832.Xr gdb 1 , 2833.Xr info 1 , 2834.Xr kbdcontrol 1 , 2835.Xr varsym 1 , 2836.Xr vidcontrol 1 , 2837.Xr ip 4 , 2838.Xr ipf 4 , 2839.Xr ipfw 4 , 2840.Xr kld 4 , 2841.Xr pf 4 , 2842.Xr tcp 4 , 2843.Xr udp 4 , 2844.Xr exports 5 , 2845.Xr motd 5 , 2846.Xr resident.conf 5 , 2847.Xr varsym.conf 5 , 2848.Xr accton 8 , 2849.Xr amd 8 , 2850.Xr apm 8 , 2851.Xr atm 8 , 2852.Xr btconfig 8 , 2853.Xr bthcid 8 , 2854.Xr cron 8 , 2855.Xr devd 8 , 2856.Xr dhclient 8 , 2857.Xr dntpd 8 , 2858.Xr ftpd 8 , 2859.Xr ifconfig 8 , 2860.Xr inetd 8 , 2861.Xr isdnd 8 , 2862.Xr isdntrace 8 , 2863.Xr jail 8 , 2864.Xr lpd 8 , 2865.Xr makewhatis 8 , 2866.Xr mdconfig 8 , 2867.Xr mixer 8 , 2868.Xr mountd 8 , 2869.Xr moused 8 , 2870.Xr mrouted 8 , 2871.Xr named 8 , 2872.Xr nfsd 8 , 2873.Xr pcnfsd 8 , 2874.Xr pfctl 8 , 2875.Xr pflogd 8 , 2876.Xr portmap 8 , 2877.Xr quotacheck 8 , 2878.Xr quotaon 8 , 2879.Xr rc 8 , 2880.Xr rc.sendmail 8 , 2881.Xr resident 8 , 2882.Xr rndcontrol 8 , 2883.Xr route 8 , 2884.Xr routed 8 , 2885.Xr rpc.lockd 8 , 2886.Xr rpc.statd 8 , 2887.Xr rtadvd 8 , 2888.Xr rtsold 8 , 2889.Xr rwhod 8 , 2890.Xr savecore 8 , 2891.Xr sdpd 8 , 2892.Xr sensorsd 8 , 2893.Xr sshd 8 , 2894.Xr swapon 8 , 2895.Xr sysctl 8 , 2896.Xr syslogd 8 , 2897.Xr timed 8 , 2898.Xr usbd 8 , 2899.Xr vinum 8 , 2900.Xr yp 8 , 2901.Xr ypbind 8 , 2902.Xr ypserv 8 , 2903.Xr ypset 8 2904.Sh HISTORY 2905The 2906.Nm 2907file appeared in 2908.Fx 2.2.2 . 2909.Sh AUTHORS 2910.An Jordan K. Hubbard . 2911