1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" 27.Dd August 29, 2014 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65In addition to 66.Pa /etc/rc.conf.local 67you can also place smaller configuration files for each 68.Xr rc 8 69script in the 70.Pa /etc/rc.conf.d 71directory, which will be included by the 72.Va load_rc_config 73function. 74For jail configurations you could use the file 75.Pa /etc/rc.conf.d/jail 76to store jail specific configuration options. 77Also see the 78.Va rc_conf_files 79variable below. 80.Pp 81The following list provides a name and short description for each 82variable that can be set in the 83.Nm 84file. 85To set a variable of 86.Vt bool 87type, specify either 88.Dq Li YES , 89.Dq Li TRUE , 90.Dq Li ON , 91or 92.Dq Li 1 . 93To unset, specify 94.Dq Li NO , 95.Dq Li FALSE , 96.Dq Li OFF , 97or 98.Dq Li 0 . 99These values are case insensitive. 100The 101.Va _enable 102postfix in the name of a variable for starting a service can be 103omitted (as in 104.Nx ) . 105.Bl -tag -width indent-two 106.It Va rc_debug 107.Pq Vt bool 108If set to 109.Dq Li YES , 110enable output of debug messages from rc scripts. 111This variable can be helpful in diagnosing mistakes when 112editing or integrating new scripts. 113Beware that this produces copious output to the terminal and 114.Xr syslog 3 . 115.It Va rc_info 116.Pq Vt bool 117If set to 118.Dq Li NO , 119disable informational messages from the rc scripts. 120Informational messages are displayed when 121a condition that is not serious enough to warrant a warning or an error occurs. 122.It Va rc_startmsgs 123.Pq Vt bool 124If set to 125.Dq Li YES , 126show 127.Dq Starting foo: 128when faststart is used (e.g., at boot time). 129.It Va swapfile 130.Pq Vt str 131If set to 132.Dq Li NO , 133no swapfile is installed, otherwise the value is used as the full 134pathname to a file to use for additional swap space. 135The 136.Xr vn 4 137driver is needed for a swapfile and will be loaded if it is not 138already compiled into the kernel or loaded via 139.Xr loader.conf 5 . 140.It Va apm_enable 141.Pq Vt bool 142If set to 143.Dq Li YES , 144enable support for Automatic Power Management with the 145.Xr apm 8 146command. 147.It Va apmd_enable 148.Pq Vt bool 149Run 150.Xr apmd 8 151to handle APM event from userland. 152This also enables support for APM. 153.It Va apmd_flags 154.Pq Vt str 155If 156.Va apmd_enable 157is set to 158.Dq Li YES , 159these are the flags to pass to the 160.Xr apmd 8 161daemon. 162.It Va battd_enable 163Enable 164.Xr battd 8 165to monitor the status of batteries present in the system. 166This also enables support for APM. 167.It Va battd_flags 168.Pq Vt str 169If 170.Va battd_enable 171is set to 172.Dq Li YES , 173these are the flags to pass to the 174.Xr battd 8 175daemon. 176.It Va devd_enable 177.Pq Vt bool 178Run 179.Xr devd 8 180to handle device added, removed or unknown events from the kernel. 181.It Va devd_flags 182.Pq Vt str 183If 184.Va devd_enable 185is set to 186.Dq Li YES , 187these are the flags to pass to the 188.Xr devd 8 189daemon. 190.It Va powerd_enable 191.Pq Vt bool 192Set to 193.Dq Li NO 194by default. 195Setting this to 196.Dq Li YES 197enables 198.Xr powerd 8 , 199a CPU speed control daemon. 200.It Va sensorsd_enable 201.Pq Vt bool 202Set to 203.Dq Li NO 204by default. 205Setting this to 206.Dq Li YES 207enables 208.Xr sensorsd 8 , 209a sensors monitoring and logging daemon. 210.It Va sensorsd_flags 211.Pq Vt str 212Empty by default. 213Additional flags passed to the 214.Xr sensorsd 8 215program. 216.It Va sysvipcd_enable 217.Pq Vt bool 218Set to 219.Dq Li NO 220by default. 221Setting this to 222.Dq Li YES 223enables 224.Xr sysvipcd 8 , 225a sensors monitoring and logging daemon. 226.It Va sysvipcd_flags 227.Pq Vt str 228Empty by default. 229Additional flags passed to the 230.Xr sysvipcd 8 231program. 232.It Va hotplugd_enable 233.Pq Vt bool 234Set to 235.Dq Li NO 236by default. 237Setting this to 238.Dq Li YES 239enables 240.Xr hotplugd 8 , 241a devices hot plugging monitoring daemon. 242.It Va hotplugd_flags 243.Pq Vt str 244Empty by default. 245Additional flags passed to the 246.Xr hotplugd 8 247program. 248.It Va pccard_ifconfig 249.Pq Vt str 250List of arguments to be passed to 251.Xr ifconfig 8 252at boot time or on insertion of the card (e.g.\& 253.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 254for a fixed address or 255.Dq Li DHCP 256for a DHCP client). 257.It Va pccard_ether_delay 258.Pq Vt str 259Set the delay before starting 260.Xr dhclient 8 261in the 262.Pa /etc/pccard_ether 263script. 264This defaults to 5 seconds to work around a bug in the 265.Xr ed 4 266driver which can lead to system hangs when using some newer 267.Xr ed 4 268based cards. 269.It Va removable_interfaces 270.Pq Vt str 271List of removable network interfaces to be supported by 272.Pa /etc/pccard_ether . 273.It Va local_startup 274.Pq Vt str 275List of directories to search for startup script files. 276.It Va script_name_sep 277.Pq Vt str 278The field separator to use for breaking down the list of startup script files 279into individual filenames. 280The default is a space. 281It is not necessary to change this unless there are startup scripts with names 282containing spaces. 283.It Va hostapd_enable 284.Pq Vt bool 285Set to 286.Dq Li YES 287to start 288.Xr hostapd 8 289at system boot time. 290.It Va hostname 291.Pq Vt str 292The fully qualified domain name (FQDN) of this host on the network. 293This should almost certainly be set to something meaningful, even if 294there is no network connection. 295If 296.Xr dhclient 8 297is used to set the hostname via DHCP, 298this variable should be set to an empty string. 299.It Va ipv6_enable 300.Pq Vt bool 301Enable support for IPv6 networking. 302Note that this requires that the kernel have been compiled with 303.Cd "options INET6" . 304.It Va nisdomainname 305.Pq Vt str 306The NIS domain name of this host, or 307.Dq Li NO 308if NIS is not used. 309.It Va dhclient_program 310.Pq Vt str 311Path to the DHCP client program 312(default 313.Pa /sbin/dhclient ) . 314.It Va dhclient_flags 315.Pq Vt str 316Additional flags to pass to the DHCP client program. 317.It Va pf_enable 318.Pq Vt bool 319Set to 320.Dq Li YES 321to load 322.Xr pf 4 323at startup. 324If the kernel was not built with 325.Cd "device pf" , 326the 327.Pa pf.ko 328kernel module will be loaded. 329See also 330.Va firewall_enable . 331.It Va pf_rules 332.Pq Vt str 333Path to the 334.Xr pf 4 335ruleset definition file. 336.It Va pf_program 337.Pq Vt str 338Path to 339.Xr pfctl 8 . 340.It Va pf_flags 341.Pq Vt str 342If 343.Va pf_enable 344is set to 345.Dq Li YES , 346these are the flags to pass to 347.Xr pfctl 8 348when loading the ruleset. 349.It Va pflog_enable 350.Pq Vt bool 351Set this to 352.Dq Li YES 353to enable 354.Xr pflogd 8 355which logs packets from 356.Xr pf 4 . 357.It Va pflog_logfile 358.Pq Vt str 359If 360.Va pflog_enable 361is set to 362.Dq Li YES 363this specifies the path of the log file. 364.It Va pflog_program 365.Pq Vt str 366Path to 367.Xr pflogd 8 . 368.It Va pflog_flags 369.Pq Vt str 370If 371.Va pflog_enable 372is set to 373.Dq Li YES , 374these are the flags to pass to 375.Xr pflogd 8 . 376.It Va firewall_enable 377.Pq Vt bool 378Set to 379.Dq Li YES 380to load firewall rules at startup. 381If the kernel was not built with 382.Cd "options IPFIREWALL" , 383the 384.Pa ipfw.ko 385kernel module will be loaded. 386See also 387.Va pf_enable . 388.It Va ipv6_firewall_enable 389.Pq Vt bool 390The IPv6 equivalent of 391.Va firewall_enable . 392Set to 393.Dq Li YES 394to load IPv6 firewall rules at startup. 395If the kernel was not built with 396.Cd "options IPV6FIREWALL" , 397the 398.Pa ip6fw.ko 399kernel module will be loaded. 400.It Va firewall_script 401.Pq Vt str 402The full path to the firewall script to run 403(default 404.Pa /etc/rc.firewall ) . 405.It Va ipv6_firewall_script 406.Pq Vt str 407The IPv6 equivalent of 408.Va firewall_script . 409.It Va firewall_type 410.Pq Vt str 411Names the firewall type from the selection in 412.Pa /etc/rc.firewall , 413or the file which contains the local firewall ruleset. 414Valid selections from 415.Pa /etc/rc.firewall 416are: 417.Pp 418.Bl -tag -width ".Li simple" -compact 419.It Li open 420unrestricted IP access 421.It Li closed 422all IP services disabled, except via 423.Dq Li lo0 424.It Li client 425basic protection for a workstation on a LAN 426.It Li simple 427alias for 428.Li client . 429.El 430.Pp 431If a filename is specified, the full path must be given. 432.It Va firewall_trusted_nets 433.Pq Vt str 434List of trusted networks (if 435.Va firewall_type 436is set to 437.Li client ) . 438.It Va firewall_trusted_interfaces 439.Pq Vt str 440List of trusted network interfaces (if 441.Va firewall_type 442is set to 443.Li client ) . 444.It Va firewall_allowed_icmp_types 445.Pq Vt str 446List of allowed ICMP types (if 447.Va firewall_type 448is set to 449.Li client ) . 450.It Va firewall_open_tcp_ports 451.Pq Vt str 452List of TCP ports to open (if 453.Va firewall_type 454is set to 455.Li client ) . 456.It Va firewall_open_udp_ports 457.Pq Vt str 458List of UDP ports to open (if 459.Va firewall_type 460is set to 461.Li client ) . 462.It Va ipv6_firewall_type 463.Pq Vt str 464The IPv6 equivalent of 465.Va firewall_type . 466.It Va firewall_quiet 467.Pq Vt bool 468Set to 469.Dq Li YES 470to disable the display of firewall rules on the console during boot. 471.It Va ipv6_firewall_quiet 472.Pq Vt bool 473The IPv6 equivalent of 474.Va firewall_quiet . 475.It Va firewall_logging 476.Pq Vt bool 477Set to 478.Dq Li YES 479to enable firewall event logging. 480This is equivalent to the 481.Dv IPFIREWALL_VERBOSE 482kernel option. 483.It Va ipv6_firewall_logging 484.Pq Vt bool 485The IPv6 equivalent of 486.Va firewall_logging . 487.It Va firewall_flags 488.Pq Vt str 489Flags passed to 490.Xr ipfw 8 491if 492.Va firewall_type 493specifies a filename. 494.It Va ipv6_firewall_flags 495.Pq Vt str 496The IPv6 equivalent of 497.Va firewall_flags . 498.It Va natd_program 499.Pq Vt str 500Path to 501.Xr natd 8 . 502.It Va natd_enable 503.Pq Vt bool 504Set to 505.Dq Li YES 506to enable 507.Xr natd 8 . 508.Va firewall_enable 509must also be set to 510.Dq Li YES , 511and 512.Xr divert 4 513sockets must be enabled in the kernel. 514.It Va natd_interface 515.Pq Vt str 516This is the name of the public interface on which 517.Xr natd 8 518should run. 519The interface may be given as an interface name or as an IP address. 520.It Va natd_flags 521.Pq Vt str 522Additional 523.Xr natd 8 524flags should be placed here. 525The 526.Fl n 527or 528.Fl a 529flag is automatically added with the above 530.Va natd_interface 531as an argument. 532.It Va tcp_extensions 533.Pq Vt bool 534Set to 535.Dq Li YES 536by default. 537Setting this to 538.Dq Li NO 539disables certain TCP options as described by 540.Rs 541.%T "RFC 1323" 542.Re 543Setting this to 544.Dq Li NO 545might help remedy such problems with connections as randomly hanging 546or other weird behavior. 547Some network devices are known to be broken with respect to these options. 548.It Va log_in_vain 549.Pq Vt int 550Set to 0 by default. 551The 552.Xr sysctl 8 553variables, 554.Va net.inet.tcp.log_in_vain 555and 556.Va net.inet.udp.log_in_vain , 557as described in 558.Xr tcp 4 559and 560.Xr udp 4 , 561are set to the given value. 562.It Va tcp_keepalive 563.Pq Vt bool 564Set to 565.Dq Li YES 566by default. 567Setting to 568.Dq Li NO 569will disable probing idle TCP connections to verify that the 570peer is still up and reachable. 571.It Va tcp_drop_synfin 572.Pq Vt bool 573Set to 574.Dq Li NO 575by default. 576Setting to 577.Dq Li YES 578will cause the kernel to ignore TCP frames that have both 579the SYN and FIN flags set. 580This prevents OS fingerprinting, but may break some legitimate applications. 581This option is only available if the kernel was built with the 582.Dv TCP_DROP_SYNFIN 583option. 584.It Va icmp_drop_redirect 585.Pq Vt bool 586Set to 587.Dq Li NO 588by default. 589Setting to 590.Dq Li YES 591will cause the kernel to ignore ICMP REDIRECT packets. 592Refer to 593.Xr icmp 4 594for more information. 595.It Va icmp_log_redirect 596.Pq Vt bool 597Set to 598.Dq Li NO 599by default. 600Setting to 601.Dq Li YES 602will cause the kernel to log ICMP REDIRECT packets. 603Note that 604the log messages are not rate-limited, so this option should only be used 605for troubleshooting networks. 606Refer to 607.Xr icmp 4 608for more information. 609.It Va icmp_bmcastecho 610.Pq Vt bool 611Set to 612.Dq Li YES 613to respond to broadcast or multicast ICMP ping packets. 614Refer to 615.Xr icmp 4 616for more information. 617.It Va ip_portrange_first 618.Pq Vt int 619If not set to 620.Dq Li NO , 621this is the first port in the default portrange. 622Refer to 623.Xr ip 4 624for more information. 625.It Va ip_portrange_last 626.Pq Vt int 627If not set to 628.Dq Li NO , 629this is the last port in the default portrange. 630Refer to 631.Xr ip 4 632for more information. 633.\" 634.It Va ifconfig_ Ns Aq Ar interface 635.Pq Vt str 636Configuration for 637.Dq interface . 638Typically includes IP address. 639Assuming that the interface in question was 640.Li ed0 , 641it might look something like this: 642.Bd -literal 643ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 644.Ed 645.Pp 646If the 647.Pa /etc/start_if. Ns Aq Ar interface 648file is present, it is read and executed by the 649.Xr sh 1 650interpreter before configuring the interface as specified in the 651.Va ifconfig_ Ns Aq Ar interface 652and 653.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 654variables. 655.Pp 656It is possible to bring up an interface with DHCP by adding 657.Dq Li DHCP 658to the 659.Va ifconfig_ Ns Aq Ar interface 660variable. 661For instance, to initialize the 662.Li ed0 663device via DHCP, it is possible to use something like: 664.Bd -literal 665ifconfig_ed0="DHCP" 666.Ed 667.Pp 668If a 669.Va vlans_ Ns Aq Ar interface 670variable is set, 671a 672.Xr vlan 4 673interface will be created for each item in the list with the 674.Ar vlandev 675argument set to 676.Ar interface . 677If a vlan interface's name is a number, 678then that number is used as the vlan tag and the new vlan interface is 679named 680.Ar interface . Ns Ar tag . 681Otherwise, 682the vlan tag must be specified via a 683.Va vlan 684parameter in the 685.Va create_args_ Ns Aq Ar interface 686variable. 687.Pp 688To create a vlan device named 689.Li em0.101 690on 691.Li em0 692with the vlan tag 101 and the optional the IPv4 address 192.0.2.1/24: 693.Bd -literal 694vlans_em0="101" 695ifconfig_em0_101="inet 192.0.2.1/24" 696.Ed 697.Pp 698To create a vlan device named 699.Li myvlan 700on 701.Li em0 702with the vlan tag 102: 703.Bd -literal 704vlans_em0="myvlan" 705create_args_myvlan="vlan 102" 706.Ed 707.Pp 708If a 709.Va wlans_ Ns Aq Ar interface 710variable is set, 711an 712.Xr wlan 4 713interface will be created for each item in the list with the 714.Ar wlandev 715argument set to 716.Ar interface . 717Further wlan cloning arguments may be passed to the 718.Xr ifconfig 8 719.Cm create 720command by setting the 721.Va create_args_ Ns Aq Ar interface 722variable. 723One or more 724.Xr wlan 4 725devices must be created for each wireless devices as of 726.Dx 2.5 . 727Debugging flags for 728.Xr wlan 4 729devices as set by 730.Xr wlandebug 8 731may be specified with an 732.Va wlandebug_ Ns Aq Ar interface 733variable. 734The contents of this variable will be passed directly to 735.Xr wlandebug 8 . 736.Pp 737Also, if your interface needs WPA authentication, it is possible to add 738.Dq Li WPA 739to the 740.Va ifconfig_ Ns Aq Ar interface 741variable. 742This will start 743.Xr wpa_supplicant 8 . 744See 745.Xr wpa_supplicant.conf 5 746for configuring authentication information. 747.Pp 748Finally, you can add 749.Xr ifconfig 8 750options in this variable, in addition to the 751.Pa /etc/start_if. Ns Aq Ar interface 752file. 753For instance, to initialize the 754.Li wi0 755device via DHCP, using WPA authentication and 802.11b mode, it is 756possible to use something like: 757.Bd -literal 758wlans_wi0="wlan0" 759ifconfig_wlan0="up DHCP WPA mode 11b" 760.Ed 761.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 762.Pq Vt str 763Configuration to establish an additional network address for 764.Dq interface . 765Assuming that the interface in question was 766.Li ed0 , 767it might look something like this: 768.Bd -literal 769ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 770ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 771.Ed 772.Pp 773And so on. 774For each 775.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 776entry that is found, its contents are passed to 777.Xr ifconfig 8 . 778Execution stops at the first unsuccessful access, so if 779something like this is present: 780.Bd -literal 781ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 782ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 783ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 784ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 785.Ed 786.Pp 787Then note that alias4 would 788.Em not 789be added since the search would stop with the missing alias3 entry. 790.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 791.Pq Vt str 792New name for 793.Dq interface . 794It is possible to rename interface by doing: 795.Bd -literal 796ifconfig_ed0_name="net0" 797ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 798.Ed 799.It Va network_interfaces 800.Pq Vt str 801The list of network interfaces to configure on this host, 802or 803.Dq Li auto 804to configure all network interfaces 805(default 806.Dq Li auto ) . 807For example, if the only network devices to be configured are the loopback device 808.Pq Li lo0 809and a NIC using the 810.Xr ed 4 811driver, this could be set to 812.Dq Li "lo0 ed0" . 813An 814.Va ifconfig_ Ns Aq Ar interface 815variable is assumed to exist for each value of 816.Ar interface . 817.It Va ipv6_network_interfaces 818.Pq Vt str 819This is the IPv6 equivalent of 820.Va network_interfaces . 821Instead of setting the ifconfig variables as 822.Va ifconfig_ Ns Aq Ar interface 823they should be set as 824.Va ipv6_ifconfig_ Ns Aq Ar interface . 825Aliases should be set as 826.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 827Interfaces that do not have a 828.Va ipv6_ifconfig_ Ns Aq Ar interface 829setting will be auto configured by 830.Xr rtsol 8 831if the 832.Va ipv6_gateway_enable 833is set to 834.Dq Li NO . 835Note that the IPv6 networking code does not support the 836.Pa /etc/start_if. Ns Aq Ar interface 837files. 838.It Va ipv6_prefix_ Ns Aq Ar interface 839.Pq Vt str 840Assign prefix to 841.Ar interface , 842prefixlen 64 is used. 843.It Va ipv6_default_interface 844.Pq Vt str 845If not set to 846.Dq Li NO , 847this is the default output interface for scoped addresses. 848Now this works only for IPv6 link local multicast addresses. 849.It Va cloned_interfaces 850.Pq Vt str 851Set to the list of clonable network interfaces to create on this host. 852Entries in 853.Va cloned_interfaces 854are automatically appended to 855.Va network_interfaces 856for configuration. 857.It Va gif_interfaces 858.Pq Vt str 859Set to the list of 860.Xr gif 4 861tunnel interfaces to configure on this host. 862A 863.Va gifconfig_ Ns Aq Ar interface 864variable is assumed to exist for each value of 865.Ar interface . 866The value of this variable is used to configure the link layer of the 867tunnel according to the syntax of the 868.Cm tunnel 869option to 870.Xr ifconfig 8 . 871Additionally, this option ensures that each listed interface is created via the 872.Cm create 873option to 874.Xr ifconfig 8 875before attempting to configure it. 876.It Va sppp_interfaces 877.Pq Vt str 878Set to the list of 879.Xr sppp 4 880interfaces to configure on this host. 881A 882.Va spppconfig_ Ns Aq Ar interface 883variable is assumed to exist for each value of 884.Ar interface . 885Each interface should also be configured by a general 886.Va ifconfig_ Ns Aq Ar interface 887setting. 888Refer to 889.Xr spppcontrol 8 890for more information about available options. 891.It Va ppp_enable 892.Pq Vt bool 893If set to 894.Dq Li YES , 895run the 896.Xr ppp 8 897daemon. 898.It Va ppp_mode 899.Pq Vt str 900Mode in which to run the 901.Xr ppp 8 902daemon. 903Accepted modes are 904.Dq Li auto , 905.Dq Li ddial , 906.Dq Li direct 907and 908.Dq Li dedicated . 909See the manual for a full description. 910.It Va ppp_nat 911.Pq Vt bool 912If set to 913.Dq Li YES , 914enables network address translation. 915Used in conjunction with 916.Va gateway_enable 917allows hosts on private network addresses access to the Internet using 918this host as a network address translating router. 919.It Va ppp_profile 920.Pq Vt str 921The name of the profile to use from 922.Pa /etc/ppp/ppp.conf . 923Also used for per-profile overrides of 924.Va ppp_ Ns Ao Ar profile Ac Ns _unit . 925Where the profile contains any of the characters 926.Dq Li .-/+ 927they are translated to 928.Dq Li _ 929for the purposes of the override variable names. 930.It Va ppp_ Ns Ao Ar profile Ac Ns _unit 931.Pq Vt int 932Set the unit number to be used for this profile. 933See the manual description of 934.Fl unit Ns Ar N 935in 936.Xr ppp 8 937for details. 938.It Va ppp_user 939.Pq Vt str 940The name of the user under which 941.Xr ppp 8 942should be started. 943By default, 944.Xr ppp 8 945is started as 946.Dq Li root . 947.It Va rc_conf_files 948.Pq Vt str 949This option is used to specify a list of files that will override 950the settings in 951.Pa /etc/defaults/rc.conf . 952The files will be read in the order in which they are specified and should 953include the full path to the file. 954By default, the files specified are 955.Pa /etc/rc.conf 956and 957.Pa /etc/rc.conf.local 958.It Va fsck_y_enable 959.Pq Vt bool 960If set to 961.Dq Li YES , 962.Xr fsck 8 963will be run with the 964.Fl y 965flag if the initial preen of the file systems fails. 966.It Va netfs_types 967.Pq Vt str 968List of file system types that are network-based. 969This list should generally not be modified by end users. 970Use 971.Va extra_netfs_types 972instead. 973.It Va extra_netfs_types 974.Pq Vt str 975If set to something other than 976.Dq Li NO 977(the default), this variable extends the list of file system types 978for which automatic mounting at startup by 979.Xr rc 8 980should be delayed until the network is initialized. 981It should contain 982a whitespace-separated list of network file system descriptor pairs, 983each consisting of a file system type as passed to 984.Xr mount 8 985and a human-readable, one-word description, joined with a colon 986.Pq Ql \&: . 987Extending the default list in this way is only necessary 988when third party file system types are used. 989.It Va devfs_config_files 990.Pq Vt str 991This option is used to specify a list of configuration files containing 992.Xr devfs 5 993rules that will be applied by 994.Xr devfsctl 8 995in the order in which they are specified and must include the full path 996to the file. 997.It Va syslogd_enable 998.Pq Vt bool 999If set to 1000.Dq Li YES , 1001run the 1002.Xr syslogd 8 1003daemon. 1004.It Va syslogd_program 1005.Pq Vt str 1006Path to 1007.Xr syslogd 8 1008(default 1009.Pa /usr/sbin/syslogd ) . 1010.It Va syslogd_flags 1011.Pq Vt str 1012If 1013.Va syslogd_enable 1014is set to 1015.Dq Li YES , 1016these are the flags to pass to 1017.Xr syslogd 8 . 1018.It Va inetd_enable 1019.Pq Vt bool 1020If set to 1021.Dq Li YES , 1022run the 1023.Xr inetd 8 1024daemon. 1025.It Va inetd_program 1026.Pq Vt str 1027Path to 1028.Xr inetd 8 1029(default 1030.Pa /usr/sbin/inetd ) . 1031.It Va inetd_flags 1032.Pq Vt str 1033If 1034.Va inetd_enable 1035is set to 1036.Dq Li YES , 1037these are the flags to pass to 1038.Xr inetd 8 . 1039.It Va rwhod_enable 1040.Pq Vt bool 1041If set to 1042.Dq Li YES , 1043run the 1044.Xr rwhod 8 1045daemon at boot time. 1046.It Va rwhod_flags 1047.Pq Vt str 1048If 1049.Va rwhod_enable 1050is set to 1051.Dq Li YES , 1052these are the flags to pass to it. 1053.It Va amd_enable 1054.Pq Vt bool 1055If set to 1056.Dq Li YES , 1057run the 1058.Xr amd 8 1059daemon at boot time. 1060.It Va amd_flags 1061.Pq Vt str 1062If 1063.Va amd_enable 1064is set to 1065.Dq Li YES , 1066these are the flags to pass to it. 1067See the 1068.Xr amd 8 1069manpage for more information. 1070.It Va amd_map_program 1071.Pq Vt str 1072If set, the specified program is run to get the list of 1073.Xr amd 8 1074maps. 1075For example, if the 1076.Xr amd 8 1077maps are stored in NIS, one can set this to run 1078.Xr ypcat 1 1079to get a list of 1080.Xr amd 8 1081maps from the 1082.Pa amd.master 1083NIS map. 1084.It Va update_motd 1085.Pq Vt bool 1086If set to 1087.Dq Li YES , 1088.Pa /etc/motd 1089will be updated at boot time to reflect the kernel release being run. 1090If set to 1091.Dq Li NO , 1092.Pa /etc/motd 1093will not be updated. 1094.It Va nfs_client_enable 1095.Pq Vt bool 1096If set to 1097.Dq Li YES , 1098setup NFS client parameters at boot time. 1099.It Va nfs_access_cache 1100.Pq Vt int 1101If 1102.Va nfs_client_enable 1103is set to 1104.Dq Li YES , 1105this can be set to 1106.Dq Li 0 1107to disable NFS ACCESS RPC caching, or to the number of seconds for which 1108NFS ACCESS results should be cached. 1109A value of 2-10 seconds will substantially reduce network traffic for 1110many NFS operations. 1111The default is 5 seconds. 1112Note that the attribute cache holds stat information only. 1113The NFS data cache is independent of the attribute cache and is only 1114invalidated when the client detects that the server has modified the 1115underlying file. 1116This value specifies a maximum timeout. 1117The NFS client will automatically use a shorter timeout for files which 1118have been recently modified. 1119.It Va nfs_neg_cache 1120.Pq Vt int 1121If 1122.Va nfs_client_enable 1123is set to 1124.Dq Li YES , 1125this can be set to 1126.Dq Li 0 1127to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1128filenames), or to the number of seconds for which negative lookups should 1129be cached. 1130A value of 2-10 seconds will substantially reduce network 1131traffic for many NFS operations, especially source code builds. 1132The default is 3 seconds. 1133.It Va nfs_server_enable 1134.Pq Vt bool 1135If set to 1136.Dq Li YES , 1137run the NFS server daemons at boot time. 1138.It Va nfs_server_flags 1139.Pq Vt str 1140If 1141.Va nfs_server_enable 1142is set to 1143.Dq Li YES , 1144these are the flags to pass to the 1145.Xr nfsd 8 1146daemon. 1147.It Va mountd_enable 1148.Pq Vt bool 1149If set to 1150.Dq Li YES , 1151and no 1152.Va nfs_server_enable 1153is set, start 1154.Xr mountd 8 , 1155but not 1156.Xr nfsd 8 1157daemon. 1158It is commonly needed to run CFS without real NFS used. 1159.It Va mountd_flags 1160.Pq Vt str 1161If 1162.Va mountd_enable 1163is set to 1164.Dq Li YES , 1165these are the flags to pass to the 1166.Xr mountd 8 1167daemon. 1168.It Va weak_mountd_authentication 1169.Pq Vt bool 1170If set to 1171.Dq Li YES , 1172allow services like PCNFSD to make non-privileged mount requests. 1173.It Va nfs_reserved_port_only 1174.Pq Vt bool 1175If set to 1176.Dq Li YES , 1177provide NFS services only on a secure port. 1178.It Va nfs_bufpackets 1179.Pq Vt int 1180If set to a number, indicates the number of packets worth of 1181socket buffer space to reserve on an NFS client. 1182The kernel default is typically 4. 1183Using a higher number may be useful on gigabit networks to improve performance. 1184The minimum value is 2 and the maximum is 64. 1185.It Va rpc_umntall_enable 1186.Pq Vt bool 1187If set to 1188.Dq Li YES 1189(default) and we are also an NFS client, run 1190.Xr rpc.umntall 8 1191at boot time to clear out old mounts on remote servers. 1192If set to 1193.Dq Li NO 1194then 1195.Xr rpc.umntall 8 1196will not be run at boot time. 1197.It Va rpc_lockd_enable 1198.Pq Vt bool 1199If set to 1200.Dq Li YES 1201and also an NFS server, run 1202.Xr rpc.lockd 8 1203at boot time. 1204.It Va rpc_lockd_flags 1205.Pq Vt str 1206If 1207.Va rpc_lockd_enable 1208is set to 1209.Dq Li YES , 1210these are the flags to pass to 1211.Xr rpc.lockd 8 . 1212.It Va rpc_statd_enable 1213.Pq Vt bool 1214If set to 1215.Dq Li YES 1216and also an NFS server, run 1217.Xr rpc.statd 8 1218at boot time. 1219.It Va rpc_statd_flags 1220.Pq Vt str 1221If 1222.Va rpc_statd_enable 1223is set to 1224.Dq Li YES , 1225these are the flags to pass to 1226.Xr rpc.statd 8 . 1227.It Va rpcbind_program 1228.Pq Vt str 1229Path to program for rpcbind daemon 1230(default 1231.Pa /usr/sbin/rpcbind ) . 1232.It Va rpcbind_enable 1233.Pq Vt bool 1234If set to 1235.Dq Li YES , 1236run 1237.Va rpcbind_program 1238at boot time. 1239.It Va rpcbind_flags 1240.Pq Vt str 1241If 1242.Va rpcbind_enable 1243is set to 1244.Dq Li YES , 1245these are the flags to pass to 1246.Va rpcbind_program . 1247.It Va keyserv_enable 1248.Pq Vt bool 1249If set to 1250.Dq Li YES , 1251run the 1252.Xr keyserv 8 1253daemon on boot for running Secure RPC. 1254.It Va keyserv_flags 1255.Pq Vt str 1256If 1257.Va keyserv_enable 1258is set to 1259.Dq Li YES , 1260these are the flags to pass to 1261.Xr keyserv 8 1262daemon. 1263.It Va pppoed_enable 1264.Pq Vt bool 1265If set to 1266.Dq Li YES , 1267run the 1268.Xr pppoed 8 1269daemon at boot time to provide PPP over Ethernet services. 1270.It Va pppoed_provider 1271.Pq Vt str 1272.Xr pppoed 8 1273listens to requests to this provider and ultimately runs 1274.Xr ppp 8 1275with a 1276.Ar system 1277argument of the same name. 1278.It Va pppoed_flags 1279.Pq Vt str 1280Additional flags to pass to 1281.Xr pppoed 8 . 1282.It Va pppoed_interface 1283.Pq Vt str 1284The network interface to run 1285.Xr pppoed 8 1286on. 1287This is mandatory when 1288.Va pppoed_enable 1289is set to 1290.Dq Li YES . 1291.It Va timed_enable 1292.Pq Vt bool 1293If set to 1294.Dq Li YES , 1295run the 1296.Xr timed 8 1297service at boot time. 1298This command is intended for networks of machines where a consistent 1299.Dq "network time" 1300for all hosts must be established. 1301This is often useful in large NFS environments where time stamps on 1302files are expected to be consistent network-wide. 1303.It Va timed_flags 1304.Pq Vt str 1305If 1306.Va timed_enable 1307is set to 1308.Dq Li YES , 1309these are the flags to pass to the 1310.Xr timed 8 1311service. 1312.It Va dntpd_enable 1313.Pq Vt bool 1314If set to 1315.Dq Li YES , 1316run 1317.Xr dntpd 8 1318at system boot time. 1319.It Va dntpd_program 1320.Pq Vt str 1321Path to 1322.Xr dntpd 8 1323(default 1324.Pa /usr/sbin/dntpd ) . 1325.It Va dntpd_flags 1326.Pq Vt str 1327If 1328.Va dntpd_enable 1329is set to 1330.Dq Li YES , 1331these are the flags to pass to the 1332.Xr dntpd 8 1333daemon. 1334.It Va btconfig_enable 1335.Pq Vt bool 1336If set to 1337.Dq Li YES , 1338configure Bluetooth devices via 1339.Xr btconfig 8 1340at system boot time. 1341.It Va btconfig_devices 1342.Pq Vt str 1343If 1344.Va btconfig_enable 1345is set to 1346.Dq Li YES , 1347this is the list of Bluetooth devices to configure. 1348If 1349.Va btconfig_devices 1350is not specified, all devices known to the system will be configured. 1351A 1352.Va btconfig_ Ns Aq Ar device 1353variable can be set to specify parameters to be passed to 1354.Ar device . 1355.It Va btconfig_args 1356.Pq Vt str 1357If 1358.Va btconfig_enable 1359is set to 1360.Dq Li YES , 1361this is the list of configuration parameters to pass to all Bluetooth 1362devices. 1363.It Va sdpd_enable 1364.Pq Vt bool 1365If set to 1366.Dq Li YES , 1367run the Service Discovery Profile daemon 1368.Xr ( sdpd 8 ) 1369at system boot time. 1370.It Va sdpd_flags 1371.Pq Vt str 1372If 1373.Va sdpd_enable 1374is set to 1375.Dq Li YES , 1376these are the flags to pass to the 1377.Xr sdpd 8 1378daemon. 1379.It Va bthcid_enable 1380.Pq Vt bool 1381If set to 1382.Dq Li YES , 1383run the Bluetooth Link Key/PIN Code Manager daemon 1384.Xr ( bthcid 8 ) 1385at system boot time. 1386.It Va bthcid_flags 1387.Pq Vt str 1388If 1389.Va bthcid_enable 1390is set to 1391.Dq Li YES , 1392these are the flags to pass to the 1393.Xr bthcid 8 1394daemon. 1395.It Va nis_client_enable 1396.Pq Vt bool 1397If set to 1398.Dq Li YES , 1399run the 1400.Xr ypbind 8 1401service at system boot time. 1402.It Va nis_client_flags 1403.Pq Vt str 1404If 1405.Va nis_client_enable 1406is set to 1407.Dq Li YES , 1408these are the flags to pass to the 1409.Xr ypbind 8 1410service. 1411.It Va nis_ypset_enable 1412.Pq Vt bool 1413If set to 1414.Dq Li YES , 1415run the 1416.Xr ypset 8 1417daemon at system boot time. 1418.It Va nis_ypset_flags 1419.Pq Vt str 1420If 1421.Va nis_ypset_enable 1422is set to 1423.Dq Li YES , 1424these are the flags to pass to the 1425.Xr ypset 8 1426daemon. 1427.It Va nis_server_enable 1428.Pq Vt bool 1429If set to 1430.Dq Li YES , 1431run the 1432.Xr ypserv 8 1433daemon at system boot time. 1434.It Va nis_server_flags 1435.Pq Vt str 1436If 1437.Va nis_server_enable 1438is set to 1439.Dq Li YES , 1440these are the flags to pass to the 1441.Xr ypserv 8 1442daemon. 1443.It Va nis_ypxfrd_enable 1444.Pq Vt bool 1445If set to 1446.Dq Li YES , 1447run the 1448.Xr rpc.ypxfrd 8 1449daemon at system boot time. 1450.It Va nis_ypxfrd_flags 1451.Pq Vt str 1452If 1453.Va nis_ypxfrd_enable 1454is set to 1455.Dq Li YES , 1456these are the flags to pass to the 1457.Xr rpc.ypxfrd 8 1458daemon. 1459.It Va nis_yppasswdd_enable 1460.Pq Vt bool 1461If set to 1462.Dq Li YES , 1463run the 1464.Xr rpc.yppasswdd 8 1465daemon at system boot time. 1466.It Va nis_yppasswdd_flags 1467.Pq Vt str 1468If 1469.Va nis_yppasswdd_enable 1470is set to 1471.Dq Li YES , 1472these are the flags to pass to the 1473.Xr rpc.yppasswdd 8 1474daemon. 1475.It Va rpc_ypupdated_enable 1476.Pq Vt bool 1477If set to 1478.Dq Li YES , 1479run the 1480.Nm rpc.ypupdated 1481daemon at system boot time. 1482.It Va defaultrouter 1483.Pq Vt str 1484If not set to 1485.Dq Li NO , 1486create a default route to this host name or IP address 1487(use an IP address if this router is also required to get to the 1488name server!). 1489.It Va ipv6_defaultrouter 1490.Pq Vt str 1491The IPv6 equivalent of 1492.Va defaultrouter . 1493.It Va static_routes 1494.Pq Vt str 1495Set to the list of static routes that are to be added at system boot time. 1496If not set to 1497.Dq Li NO 1498then for each whitespace separated 1499.Ar element 1500in the value, a 1501.Va route_ Ns Aq Ar element 1502variable is assumed to exist whose contents will later be passed to a 1503.Dq Nm route Cm add 1504operation. 1505.It Va change_routes 1506.Pq Vt str 1507Set to the list of static routes that are to be changed at system boot time 1508(such as those added by the kernel). 1509If not set to 1510.Dq Li NO 1511then for each whitespace separated 1512.Ar element 1513in the value, a 1514.Va change_route_ Ns Aq Ar element 1515variable is assumed to exist whose contents will later be passed to a 1516.Dq Nm route Cm change 1517operation. 1518.It Va ipv6_static_routes 1519.Pq Vt str 1520The IPv6 equivalent of 1521.Va static_routes . 1522If not set to 1523.Dq Li NO 1524then for each whitespace separated 1525.Ar element 1526in the value, a 1527.Va ipv6_route_ Ns Aq Ar element 1528variable is assumed to exist whose contents will later be passed to a 1529.Dq Nm route Cm add Fl inet6 1530operation. 1531.It Va gateway_enable 1532.Pq Vt bool 1533If set to 1534.Dq Li YES , 1535configure host to act as an IP router, e.g. to forward packets 1536between interfaces. 1537.It Va ipv6_gateway_enable 1538.Pq Vt bool 1539The IPv6 equivalent of 1540.Va gateway_enable . 1541.It Va router_enable 1542.Pq Vt bool 1543If set to 1544.Dq Li YES , 1545run a routing daemon of some sort, based on the settings of 1546.Va router_program 1547and 1548.Va router_flags . 1549.It Va ipv6_router_enable 1550.Pq Vt bool 1551The IPv6 equivalent of 1552.Va router_enable . 1553If set to 1554.Dq Li YES , 1555run a routing daemon of some sort, based on the settings of 1556.Va ipv6_router_program 1557and 1558.Va ipv6_router_flags . 1559.It Va router_program 1560.Pq Vt str 1561If 1562.Va router_enable 1563is set to 1564.Dq Li YES , 1565this is the name of the routing daemon to use 1566(default 1567.Pa /sbin/routed ) . 1568.It Va ipv6_router_program 1569.Pq Vt str 1570The IPv6 equivalent of 1571.Va router_program 1572(default 1573.Pa /sbin/route6d ) . 1574.It Va router_flags 1575.Pq Vt str 1576If 1577.Va router_enable 1578is set to 1579.Dq Li YES , 1580these are the flags to pass to the routing daemon. 1581.It Va ipv6_router_flags 1582.Pq Vt str 1583The IPv6 equivalent of 1584.Va router_flags . 1585.It Va mrouted_enable 1586.Pq Vt bool 1587If set to 1588.Dq Li YES , 1589run the multicast routing daemon, 1590.Xr mrouted 8 . 1591.It Va mroute6d_enable 1592.Pq Vt bool 1593The IPv6 equivalent of 1594.Va mrouted_enable . 1595If set to 1596.Dq Li YES , 1597run the IPv6 multicast routing daemon. 1598Note that no IPv6 multicast routing daemon is included in the 1599.Dx 1600base system but 1601.Xr pim6dd 8 1602can be installed from the 1603.Xr dports 7 1604collection 1605.Pa ( net/mcast-tools ) . 1606.It Va mrouted_flags 1607.Pq Vt str 1608If 1609.Va mrouted_enable 1610is set to 1611.Dq Li YES , 1612these are the flags to pass to the 1613.Xr mrouted 8 1614daemon. 1615.It Va mroute6d_flags 1616.Pq Vt str 1617The IPv6 equivalent of 1618.Va mrouted_flags . 1619If 1620.Va mroute6d_enable 1621is set to 1622.Dq Li YES , 1623these are the flags passed to the IPv6 multicast routing daemon. 1624.It Va mroute6d_program 1625.Pq Vt str 1626If 1627.Va mroute6d_enable 1628is set to 1629.Dq Li YES , 1630this is the path to the IPv6 multicast routing daemon. 1631.It Va rtadvd_enable 1632.Pq Vt bool 1633If set to 1634.Dq Li YES , 1635run the 1636.Xr rtadvd 8 1637daemon at boot time. 1638.Xr rtadvd 8 1639will only run if 1640.Va ipv6_gateway_enable 1641is also set to 1642.Dq Li YES . 1643The 1644.Xr rtadvd 8 1645utility sends router advertisement packets to the interfaces specified in 1646.Va rtadvd_interfaces . 1647.Xr rtadvd 8 1648and should only be enabled with great care. 1649You may want to fine-tune 1650.Xr rtadvd.conf 5 . 1651.It Va rtadvd_interfaces 1652.Pq Vt str 1653If 1654.Va rtadvd_enable 1655is set to 1656.Dq Li YES 1657this is the list of interfaces to use. 1658.It Va rtsold_enable 1659.Pq Vt bool 1660If set to 1661.Dq Li YES , 1662run the 1663.Xr rtsold 8 1664daemon at boot time. 1665The 1666.Xr rtsold 8 1667daemon is used for automatic discovery of non-link local addresses. 1668.It Va rtsold_flags 1669.Pq Vt str 1670If 1671.Va rtsold_enable 1672is set to 1673.Dq Li YES , 1674these are the flags to pass to the 1675.Xr rtsold 8 1676daemon. 1677.It Va arpproxy_all 1678.Pq Vt bool 1679If set to 1680.Dq Li YES , 1681enable global proxy ARP. 1682.It Va forward_sourceroute 1683.Pq Vt bool 1684If set to 1685.Dq Li YES 1686and 1687.Va gateway_enable 1688is also set to 1689.Dq Li YES , 1690source-routed packets are forwarded. 1691.It Va accept_sourceroute 1692.Pq Vt bool 1693If set to 1694.Dq Li YES , 1695the system will accept source-routed packets directed at it. 1696.It Va rarpd_enable 1697.Pq Vt bool 1698If set to 1699.Dq Li YES , 1700run the 1701.Xr rarpd 8 1702daemon at system boot time. 1703.It Va rarpd_flags 1704.Pq Vt str 1705If 1706.Va rarpd_enable 1707is set to 1708.Dq Li YES , 1709these are the flags to pass to the 1710.Xr rarpd 8 1711daemon. 1712.It Va bootparamd_enable 1713.Pq Vt bool 1714If set to 1715.Dq Li YES , 1716run the 1717.Xr bootparamd 8 1718daemon at system boot time. 1719.It Va bootparamd_flags 1720.Pq Vt str 1721If 1722.Va bootparamd_enable 1723is set to 1724.Dq Li YES , 1725these are the flags to pass to the 1726.Xr bootparamd 8 1727daemon. 1728.It Va stf_interface_ipv4addr 1729.Pq Vt str 1730If not set to 1731.Dq Li NO , 1732this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1733Specify this entry to enable the 6to4 interface. 1734.It Va stf_interface_ipv4plen 1735.Pq Vt int 1736Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1737An effective value is 0-31. 1738.It Va stf_interface_ipv6_ifid 1739.Pq Vt str 1740IPv6 interface ID for 1741.Xr stf 4 . 1742This can be set to 1743.Dq Li AUTO . 1744.It Va stf_interface_ipv6_slaid 1745.Pq Vt str 1746IPv6 Site Level Aggregator for 1747.Xr stf 4 . 1748.It Va ipv6_faith_prefix 1749.Pq Vt str 1750If not set to 1751.Dq Li NO , 1752this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP translator. 1753You also need 1754.Xr faithd 8 1755setup. 1756.It Va ipv6_ipv4mapping 1757.Pq Vt bool 1758If set to 1759.Dq Li YES 1760this enables IPv4 mapped IPv6 address communication (like 1761.Li ::ffff:a.b.c.d ) . 1762.It Va keybell 1763.Pq Vt str 1764The keyboard bell sound. 1765Set to 1766.Dq Li normal , 1767.Dq Li visual , 1768.Dq Li off , 1769or 1770.Dq Li NO 1771if the default behavior is desired. 1772For details, refer to the 1773.Xr kbdcontrol 1 1774manpage. 1775.It Va keymap 1776.Pq Vt str 1777If set to 1778.Dq Li NO , 1779no keymap is installed, otherwise the value is used to install 1780the keymap file in 1781.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1782.It Va keyrate 1783.Pq Vt str 1784The keyboard repeat speed. 1785Set to 1786.Dq Li slow , 1787.Dq Li normal , 1788.Dq Li fast , 1789or 1790.Dq Li NO 1791if the default behavior is desired. 1792.It Va keychange 1793.Pq Vt str 1794If not set to 1795.Dq Li NO , 1796attempt to program the function keys with the value. 1797The value should be a single string of the form: 1798.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 1799.It Va cursor 1800.Pq Vt str 1801Can be set to the value of 1802.Dq Li normal , 1803.Dq Li blink , 1804.Dq Li destructive , 1805or 1806.Dq Li NO 1807to set the cursor behavior explicitly or choose the default behavior. 1808.It Va scrnmap 1809.Pq Vt str 1810If set to 1811.Dq Li NO , 1812no screen map is installed, otherwise the value is used to install 1813the screen map file in 1814.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 1815.It Va font8x16 1816.Pq Vt str 1817If set to 1818.Dq Li NO , 1819the default 8x16 font value is used for screen size requests, otherwise 1820the value in 1821.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1822is used. 1823.It Va font8x14 1824.Pq Vt str 1825If set to 1826.Dq Li NO , 1827the default 8x14 font value is used for screen size requests, otherwise 1828the value in 1829.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1830is used. 1831.It Va font8x8 1832.Pq Vt str 1833If set to 1834.Dq Li NO , 1835the default 8x8 font value is used for screen size requests, otherwise 1836the value in 1837.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1838is used. 1839.It Va blanktime 1840.Pq Vt int 1841If set to 1842.Dq Li NO , 1843the default screen blanking interval is used, otherwise it is set to 1844.Ar value 1845seconds. 1846.It Va saver 1847.Pq Vt str 1848If not set to 1849.Dq Li NO , 1850this is the actual screen saver to use 1851.Li ( blank , snake , daemon , 1852etc). 1853.It Va moused_nondefault_enable 1854.Pq Vt str 1855If set to 1856.Dq Li NO , 1857the mouse device specified on 1858the command line is not automatically treated as enabled by the 1859.Pa /etc/rc.d/moused 1860script. 1861Having this variable set to 1862.Dq Li YES 1863allows a 1864.Xr usb 4 1865mouse, 1866for example, 1867to be enabled as soon as it is plugged in. 1868.It Va moused_enable 1869.Pq Vt str 1870If set to 1871.Dq Li YES , 1872the 1873.Xr moused 8 1874daemon is started for doing cut/paste selection on the console. 1875.It Va moused_type 1876.Pq Vt str 1877This is the protocol type of the mouse connected to this host. 1878This variable must be set if 1879.Va moused_enable 1880is set to 1881.Dq Li YES . 1882The 1883.Xr moused 8 1884daemon 1885is able to detect the appropriate mouse type automatically in many cases. 1886Set this variable to 1887.Dq Li auto 1888to let the daemon detect it, or 1889select one from the following list if the automatic detection fails. 1890.Pp 1891If the mouse is attached to the PS/2 mouse port, choose 1892.Dq Li auto 1893or 1894.Dq Li ps/2 , 1895regardless of the brand and model of the mouse. 1896Likewise, if the mouse is attached to the bus mouse port, choose 1897.Dq Li auto 1898or 1899.Dq Li busmouse . 1900All other protocols are for serial mice and will not work with 1901the PS/2 and bus mice. 1902If this is a USB mouse, 1903.Dq Li auto 1904is the only protocol type which will work. 1905.Pp 1906.Bl -tag -width ".Li x10mouseremote" -compact 1907.It Li microsoft 1908Microsoft mouse (serial) 1909.It Li intellimouse 1910Microsoft IntelliMouse (serial) 1911.It Li mousesystems 1912Mouse systems Corp. mouse (serial) 1913.It Li mmseries 1914MM Series mouse (serial) 1915.It Li logitech 1916Logitech mouse (serial) 1917.It Li busmouse 1918A bus mouse 1919.It Li mouseman 1920Logitech MouseMan and TrackMan (serial) 1921.It Li glidepoint 1922ALPS GlidePoint (serial) 1923.It Li thinkingmouse 1924Kensington ThinkingMouse (serial) 1925.It Li ps/2 1926PS/2 mouse 1927.It Li mmhittab 1928MM HitTablet (serial) 1929.It Li x10mouseremote 1930X10 MouseRemote (serial) 1931.It Li versapad 1932Interlink VersaPad (serial) 1933.El 1934.Pp 1935Even if the mouse is not in the above list, it may be compatible 1936with one in the list. 1937Refer to the man page for 1938.Xr moused 8 1939for compatibility information. 1940.Pp 1941It should also be noted that while this is enabled, any 1942other client of the mouse (such as an X server) should access 1943the mouse through the virtual mouse device, 1944.Pa /dev/sysmouse , 1945and configure it as a 1946.Dq Li sysmouse 1947type mouse, since all 1948mouse data is converted to this single canonical format when using 1949.Xr moused 8 . 1950If the client program does not support the 1951.Dq Li sysmouse 1952type, specify the 1953.Dq Li mousesystems 1954type. 1955It is the second preferred type. 1956.It Va moused_port 1957.Pq Vt str 1958If 1959.Va moused_enable 1960is set to 1961.Dq Li YES , 1962this is the actual port the mouse is on. 1963It might be 1964.Pa /dev/cuaa0 1965for a COM1 serial mouse or 1966.Pa /dev/psm0 1967for a PS/2 mouse, for example. 1968.It Va moused_flags 1969.Pq Vt str 1970If 1971.Va moused_type 1972is set, these are the additional flags to pass to the 1973.Xr moused 8 1974daemon. 1975.It Va mousechar_start 1976.Pq Vt int 1977If set to 1978.Dq Li NO , 1979the default mouse cursor character range 1980.Li 0xd0 Ns - Ns Li 0xd3 1981is used, otherwise the range start is set to 1982.Ar value 1983character, see 1984.Xr vidcontrol 1 . 1985Use if the default range is occupied in the language code table. 1986.It Va vidhistory 1987.Pq Vt int 1988Set the size of the history (scrollback) buffer in lines. 1989.It Va allscreens_flags 1990.Pq Vt str 1991If set, 1992.Xr vidcontrol 1 1993is run with these options for each of the virtual terminals 1994.Pq Pa /dev/ttyv* . 1995For example, 1996.Dq Fl m Cm on 1997will enable the mouse pointer on all virtual terminals if 1998.Va moused_enable 1999is set to 2000.Dq Li YES . 2001.It Va allscreens_kbdflags 2002.Pq Vt str 2003If set, 2004.Xr kbdcontrol 1 2005is run with these options for each of the virtual terminals 2006.Pq Pa /dev/ttyv* . 2007For example, 2008.Dq Fl h Li 200 2009will set the 2010.Xr syscons 4 2011scrollback (history) buffer to 200 lines. 2012.It Va cron_enable 2013.Pq Vt bool 2014If set to 2015.Dq Li YES , 2016run the 2017.Xr cron 8 2018daemon at system boot time. 2019.It Va cron_program 2020.Pq Vt str 2021Path to 2022.Xr cron 8 2023(default 2024.Pa /usr/sbin/cron ) . 2025.It Va cron_flags 2026.Pq Vt str 2027If 2028.Va cron_enable 2029is set to 2030.Dq Li YES , 2031these are the flags to pass to 2032.Xr cron 8 . 2033.It Va lpd_program 2034.Pq Vt str 2035Path to 2036.Xr lpd 8 2037(default 2038.Pa /usr/sbin/lpd ) . 2039.It Va lpd_enable 2040.Pq Vt bool 2041If set to 2042.Dq Li YES , 2043run the 2044.Xr lpd 8 2045daemon at system boot time. 2046.It Va lpd_flags 2047.Pq Vt str 2048If 2049.Va lpd_enable 2050is set to 2051.Dq Li YES , 2052these are the flags to pass to the 2053.Xr lpd 8 2054daemon. 2055.It Va nscd_enable 2056.Pq Vt bool 2057If set to 2058.Dq Li YES , 2059run the 2060.Xr nscd 8 2061daemon at system boot time. 2062.It Va mixer_enable 2063.Pq Vt bool 2064If set to 2065.Dq Li YES , 2066preserve 2067.Xr mixer 8 2068settings across reboots. 2069.It Va mta_start_script 2070.Pq Vt str 2071The full path to the script to run to start 2072a mail transfer agent. 2073The default is 2074.Pa /etc/rc.sendmail . 2075The 2076.Va sendmail_* 2077variables which 2078.Pa /etc/rc.sendmail 2079uses are documented in the 2080.Xr rc.sendmail 8 2081man page. 2082.It Va fixbootfile 2083.Pq Vt bool 2084In a 2085.Sq HAMMER ROOT with UFS /boot 2086setup, the boot loader will not set up the 2087.Va kern.bootfile 2088sysctl correctly. 2089The system will attempt to fix this on its own. 2090Set this variable to 2091.Dq Li NO 2092to turn this behavior off. 2093.It Va dumpdev 2094.Pq Vt str 2095Indicates the device (usually a swap partition) to which a crash dump 2096should be written in the event of a system crash. 2097The value of this variable is passed as the argument to 2098.Xr dumpon 8 2099and 2100.Xr savecore 8 . 2101To disable crash dumps, set this variable to 2102.Dq Li NO . 2103.It Va dumpdir 2104.Pq Vt str 2105When the system reboots after a crash and a crash dump is found on the 2106device specified by the 2107.Va dumpdev 2108variable, 2109.Xr savecore 8 2110will save that crash dump and a copy of the kernel to the directory 2111specified by the 2112.Va dumpdir 2113variable. 2114The default value is 2115.Pa /var/crash . 2116Set to 2117.Dq Li NO 2118to not run 2119.Xr savecore 8 2120at boot time when 2121.Va dumpdir 2122is set. 2123.It Va savecore_flags 2124.Pq Vt str 2125If crash dumps are enabled, these are the flags to pass to the 2126.Xr savecore 8 2127utility. 2128.It Va crashinfo_enable 2129.Pq Vt bool 2130Set to 2131.Dq Li YES 2132to turn on automatic crash dump summary generation using the utility 2133specified by the 2134.Va crashinfo_program 2135variable. 2136.It Va crashinfo_program 2137.Pq Vt str 2138Program to run to generate a crash dump summary if the variable 2139.Va crashinfo_enable 2140is set to 2141.Dq Li YES . 2142The default value is 2143.Pa /usr/sbin/crashinfo . 2144.It Va enable_quotas 2145.Pq Vt bool 2146Set to 2147.Dq Li YES 2148to turn on user disk quotas on system startup via the 2149.Xr quotaon 8 2150command. 2151.It Va check_quotas 2152.Pq Vt bool 2153Set to 2154.Dq Li YES 2155to enable user disk quota checking via the 2156.Xr quotacheck 8 2157command. 2158.It Va accounting_enable 2159.Pq Vt bool 2160Set to 2161.Dq Li YES 2162to enable system accounting through the 2163.Xr accton 8 2164facility. 2165.It Va linux_enable 2166.Pq Vt bool 2167Set to 2168.Dq Li YES 2169to enable Linux/ELF binary emulation at system initial boot time. 2170.\" ----- cleanvar_enable setting-------------------------------- 2171.It Va cleanvar_enable 2172.Pq Vt bool 2173Set to 2174.Dq Li YES 2175to have 2176.Pa /var/run , 2177.Pa /var/spool/lock 2178and 2179.Pa /var/spool/uucp/.Temp/* 2180cleaned at startup. 2181.\" ----- clear_tmp_enable setting------------------------------- 2182.It Va clear_tmp_enable 2183.Pq Vt bool 2184Set to 2185.Dq Li YES 2186to have 2187.Pa /tmp 2188cleaned at startup. 2189.\" ----- ldconfig_paths setting -------------------------------- 2190.It Va ldconfig_paths 2191.Pq Vt str 2192Set to the list of shared library paths to use with 2193.Xr ldconfig 8 . 2194NOTE: 2195.Pa /usr/lib 2196will always be added first, so it need not appear in this list. 2197.It Va ldconfig_insecure 2198.Pq Vt bool 2199The 2200.Xr ldconfig 8 2201utility normally refuses to use directories 2202which are writable by anyone except root. 2203Set this variable to 2204.Dq Li YES 2205to disable that security check during system startup. 2206.It Va ldconfig_local_dirs 2207.Pq Vt str 2208Set to the list of local 2209.Xr ldconfig 8 2210directories. 2211The names of all files in the directories listed will be 2212passed as arguments to 2213.Xr ldconfig 8 . 2214.It Va kern_securelevel 2215.Pq Vt int 2216The kernel security level to set at startup. 2217The allowed range of 2218.Ar value 2219ranges from \-1 (the compile time default) to 3 (the most secure). 2220See 2221.Xr init 8 2222for the list of possible security levels and their effect on system operation. 2223.It Va start_vinum 2224.Pq Vt bool 2225Set to 2226.Dq Li YES 2227to start 2228.Xr vinum 8 2229at system boot time. 2230.It Va sshd_enable 2231.Pq Vt bool 2232Set to 2233.Dq Li YES 2234to start 2235.Xr sshd 8 2236at system boot time. 2237.It Va sshd_program 2238.Pq Vt str 2239Path to the SSH server program 2240(default 2241.Pa /usr/sbin/sshd ) . 2242.It Va sshd_flags 2243.Pq Vt str 2244If 2245.Va sshd_enable 2246is set to 2247.Dq Li YES , 2248these are the flags to pass to the 2249.Xr sshd 8 2250daemon. 2251.It Va ftpd_enable 2252.Pq Vt bool 2253Set to 2254.Dq Li YES 2255to start 2256.Xr ftpd 8 2257at system boot time. 2258.It Va ftpd_flags 2259.Pq Vt str 2260If 2261.Va ftpd_enable 2262is set to 2263.Dq Li YES , 2264these are the flags to pass to the 2265.Xr ftpd 8 2266daemon. 2267.It Va watchdogd_enable 2268.Pq Vt bool 2269If set to 2270.Dq Li YES , 2271start the 2272.Xr watchdogd 8 2273daemon at boot time. 2274This requires that the kernel have been compiled with 2275.Cd "options WATCHDOG" . 2276.It Va jail_enable 2277.Pq Vt bool 2278If set to 2279.Dq Li NO , 2280any configured jails will not be started. 2281.It Va jail_list 2282.Pq Vt str 2283A space separated list of names for jails. 2284This is purely a configuration aid to help identify and 2285configure multiple jails. 2286The names specified in this list will be used to 2287identify settings common to an instance of a jail. 2288Assuming that the jail in question was named 2289.Li vjail , 2290you would have the following dependent variables: 2291.Bd -literal 2292jail_vjail_hostname="jail.example.com" 2293jail_vjail_ip="192.168.1.100" 2294jail_vjail_rootdir="/var/jails/vjail/root" 2295.Ed 2296.It Va jail_flags 2297.Pq Vt str 2298Unset by default. 2299When set, use as default value for 2300.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2301for every jail in 2302.Va jail_list . 2303.It Va jail_interface 2304.Pq Vt str 2305Unset by default. 2306When set, use as default value for 2307.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2308for every jail in 2309.Va jail_list . 2310.It Va jail_fstab 2311.Pq Vt str 2312Unset by default. 2313When set, use as default value for 2314.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2315for every jail in 2316.Va jail_list . 2317.It Va jail_mount_enable 2318.Pq Vt bool 2319Set to 2320.Dq Li NO 2321by default. 2322When set to 2323.Dq Li YES , 2324sets 2325.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2326to 2327.Dq Li YES 2328by default for every jail in 2329.Va jail_list . 2330.It Va jail_fdesc_enable 2331.Pq Vt bool 2332Set to 2333.Dq Li NO 2334by default. 2335When set to 2336.Dq Li YES , 2337sets 2338.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2339to 2340.Dq Li YES 2341by default for every jail in 2342.Va jail_list . 2343.It Va jail_procfs_enable 2344.Pq Vt bool 2345Set to 2346.Dq Li NO 2347by default. 2348When set to 2349.Dq Li YES , 2350sets 2351.Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2352to 2353.Dq Li YES 2354by default for every jail in 2355.Va jail_list . 2356.It Va jail_devfs_enable 2357.Pq Vt bool 2358Set to 2359.Dq Li NO 2360by default. 2361When set to 2362.Dq Li YES , 2363sets 2364.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2365to 2366.Dq Li YES 2367by default for every jail in 2368.Va jail_list . 2369.It Va jail_exec_start 2370.Pq Vt str 2371Unset by default. 2372When set, use as default value for 2373.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2374for every jail in 2375.Va jail_list . 2376.It Va jail_exec_stop 2377Unset by default. 2378When set, use as default value for 2379.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2380for every jail in 2381.Va jail_list . 2382.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2383.Pq Vt str 2384Unset by default. 2385Set to the root directory used by jail 2386.Va jname . 2387.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2388.Pq Vt str 2389Unset by default. 2390Set to the fully qualified domain name (FQDN) assigned to jail 2391.Va jname . 2392.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2393.Pq Vt str 2394Unset by default. 2395Set to the IP address assigned to jail 2396.Va jname . 2397.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2398.Pq Vt str 2399Set to 2400.Dq Li -l -U root 2401by default. 2402These are flags to pass to 2403.Xr jail 8 . 2404.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2405.Pq Vt str 2406Unset by default. 2407When set, sets the interface to use when setting IP address alias. 2408Note that the alias is created at jail startup and removed at jail shutdown. 2409.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2410.Pq Vt str 2411Set to 2412.Pa /etc/fstab. Ns Aq Ar jname 2413by default. 2414This is the file system information file to use for jail 2415.Va jname . 2416.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2417.Pq Vt bool 2418Set to 2419.Dq Li NO 2420by default. 2421When set to 2422.Dq Li YES , 2423mount all file systems from 2424.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2425at jail startup. 2426.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2427.Pq Vt bool 2428Set to 2429.Dq Li NO 2430by default. 2431When set to 2432.Dq Li YES , 2433mount the file-descriptor file system inside jail 2434.Ar jname 2435at jail startup. 2436.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2437.Pq Vt bool 2438Set to 2439.Dq Li NO 2440by default. 2441When set to 2442.Dq Li YES , 2443mount the process file system inside jail 2444.Ar jname 2445at jail startup. 2446.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2447.Pq Vt bool 2448Set to 2449.Dq Li NO 2450by default. 2451When set to 2452.Dq Li YES , 2453mount the device file system inside jail 2454.Ar jname 2455at jail startup. 2456.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2457.Pq Vt str 2458Set to 2459.Dq Li /bin/sh /etc/rc 2460by default. 2461This is the command executed at jail startup. 2462.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2463.Pq Vt str 2464Set to 2465.Dq Li /bin/sh /etc/rc.shutdown 2466by default. 2467This is the command executed at jail shutdown. 2468.It Va jail_set_hostname_allow 2469.Pq Vt bool 2470If set to 2471.Dq Li NO , 2472do not allow the root user in a jail to set its hostname. 2473.It Va jail_socket_unixiproute_only 2474.Pq Vt bool 2475If set to 2476.Dq Li YES , 2477do not allow any sockets, 2478besides UNIX/IP/route sockets, 2479to be used within a jail. 2480.It Va jail_sysvipc_allow 2481.Pq Vt bool 2482If set to 2483.Dq Li YES , 2484allow applications within a jail to use System V IPC. 2485.It Va lvm_enable 2486.Pq Vt bool 2487If set to 2488.Dq Li YES 2489LVM volumes will be discovered and configured on boot. 2490.It Va newsyslog_enable 2491.Pq Vt bool 2492If set to 2493.Dq Li YES , 2494run 2495.Xr newsyslog 8 2496before syslogd starts. 2497.It Va newsyslog_flags 2498.Pq Vt str 2499If 2500.Va newsyslog_enable 2501is set to 2502.Dq Li YES , 2503these are the flags passed to 2504.Xr newsyslog 8 . 2505.It Va resident_enable 2506.Pq Vt bool 2507If set to 2508.Dq Li YES , 2509make the dynamic binaries listed in 2510.Pa /etc/resident.conf 2511resident. 2512.It Va varsym_enable 2513.Pq Vt bool 2514If set to 2515.Dq Li YES , 2516process 2517.Pa /etc/varsym.conf 2518to set system-wide variables for variant symlinks. 2519.It Va rand_irqs 2520.Pq Vt str 2521Set either to 2522.Dq Li NO 2523or a whitespace separated list of IRQ numbers which will be used as a source of 2524randomness. 2525.\" ----------------------------------------------------- 2526.It Va entropy_dir 2527.Pq Vt str 2528Set to 2529.Dq Li NO 2530to disable caching entropy via 2531.Xr cron 8 . 2532Otherwise set to the directory used to store entropy files in. 2533.It Va entropy_file 2534.Pq Vt str 2535Set to 2536.Dq Li NO 2537to disable caching entropy through reboots. 2538Otherwise set to the filename used to store cached entropy through reboots. 2539This file should be located on the root file system to seed the 2540.Xr random 4 2541device as early as possible in the boot process. 2542.It Va entropy_save_sz 2543.Pq Vt int 2544Determines the size of the entropy cache files used for entropy cached 2545through reboots and also entropy cached via 2546.Xr cron 8 . 2547The entropy is fed to the system in blocks of 512 bytes, so this number 2548should be large enough to fill as many of the entropy pools in the kernel 2549CSPRNG as possible. 2550By default, it is set to 16384, which should be able to seed all 32 entropy 2551pools in the Fortuna CSPRNG. 2552.It Va ipsec_enable 2553.Pq Vt bool 2554Set to 2555.Dq Li YES 2556to run 2557.Xr setkey 8 2558on 2559.Va ipsec_file 2560at boot time. 2561.It Va ipsec_file 2562.Pq Vt str 2563Configuration file for 2564.Xr setkey 8 . 2565.It Va dmesg_enable 2566.Pq Vt bool 2567Set to 2568.Dq Li YES 2569to save 2570.Xr dmesg 8 2571to 2572.Pa /var/run/dmesg.boot 2573on boot. 2574.It Va rcshutdown_timeout 2575.Pq Vt int 2576If set, start a watchdog timer in the background which will terminate 2577.Pa rc.shutdown 2578if 2579.Xr shutdown 8 2580has not completed within the specified time (in seconds). 2581Notice that in addition to this soft timeout, 2582.Xr init 8 2583also applies a hard timeout for the execution of 2584.Pa rc.shutdown . 2585This is configured via 2586.Xr sysctl 8 2587variable 2588.Va kern.init_shutdown_timeout 2589and defaults to 120 seconds. Setting the value of 2590.Va rcshutdown_timeout 2591to more than 120 seconds will have no effect until the 2592.Xr sysctl 8 2593variable 2594.Va kern.init_shutdown_timeout 2595is also increased. 2596.It Va udevd_enable 2597.Pq Vt bool 2598If set to 2599.Dq Li YES , 2600the udevd daemon will be started on boot. 2601.It Va vfs_quota_enable 2602.Pq Vt bool 2603If set to 2604.Dq Li YES , 2605vfs quota rc.d scripts will be run on boot. 2606.It Va vfs_quota_sync 2607.Pq Vt str 2608List of mount points whose counters are to be synchronized with on-disk 2609usage during system startup. See also 2610.Xr vquota 8 . 2611.It Va vknetd_enable 2612.Pq Vt bool 2613If set to 2614.Dq Li YES , 2615.Xr vknetd 8 2616will be started on boot. 2617.It Va vknetd_flags 2618.Pq Vt bool 2619Additional flags passed to 2620.Xr vknetd 8 . 2621Usually address/cidrbits is specified here. 2622When no flags are passed, default option 2623.Fl U 2624will be used. 2625.It Va vkernel_enable 2626.Pq Vt bool 2627If set to 2628.Dq Li NO , 2629any configured vkernels will not be started. 2630.It Va vkernel_kill_timeout 2631.Pq Vt int 2632This defines the default number of seconds that we will wait for the 2633vkernel to shut down on it's own. If after this time it's still alive, 2634it will be killed with SIGKILL. 2635.It Va vkernel_bin 2636.Pq Vt str 2637Defines the default path to the vkernel binary. 2638.It Va vkernel_list 2639.Pq Vt str 2640A space separated list of names for vkernels. 2641This is purely a configuration aid to help identify and 2642configure multiple vkernels. 2643The names specified in this list will be used to 2644identify settings common to a vkernel instance. 2645Assuming that the vkernel in question was named 2646.Li example , 2647you would have the following dependent variables 2648(filled with reference values in this text): 2649.Bd -literal 2650vkernel_example_bin="/usr/obj/usr/src/sys/VKERNEL/kernel.debug" 2651vkernel_example_memsize="64m" 2652vkernel_example_rootimg_list="/var/vkernel/rootimg.01" 2653vkernel_example_iface_list="auto:bridge0" 2654vkernel_example_logfile="/dev/null" 2655vkernel_example_flags="-U" 2656vkernel_example_kill_timeout="45" 2657.Ed 2658.Pp 2659The last five are optional. 2660They default to an empty string if not set, except for logfile which defaults to 2661.Pa /dev/null 2662if it is not set. 2663.El 2664.Sh FILES 2665.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2666.It Pa /etc/defaults/rc.conf 2667.It Pa /etc/rc.conf 2668.It Pa /etc/rc.conf.local 2669.It Pa /etc/start_if. Ns Aq Ar interface 2670.El 2671.Sh SEE ALSO 2672.Xr catman 1 , 2673.Xr gdb 1 , 2674.Xr info 1 , 2675.Xr kbdcontrol 1 , 2676.Xr varsym 1 , 2677.Xr vidcontrol 1 , 2678.Xr ip 4 , 2679.Xr ipfw 4 , 2680.Xr kld 4 , 2681.Xr pf 4 , 2682.Xr tcp 4 , 2683.Xr udp 4 , 2684.Xr vlan 4 , 2685.Xr exports 5 , 2686.Xr motd 5 , 2687.Xr resident.conf 5 , 2688.Xr varsym.conf 5 , 2689.Xr accton 8 , 2690.Xr amd 8 , 2691.Xr apm 8 , 2692.Xr btconfig 8 , 2693.Xr bthcid 8 , 2694.Xr cron 8 , 2695.Xr devd 8 , 2696.Xr dhclient 8 , 2697.Xr dntpd 8 , 2698.Xr ftpd 8 , 2699.Xr ifconfig 8 , 2700.Xr inetd 8 , 2701.Xr jail 8 , 2702.Xr lpd 8 , 2703.Xr makewhatis 8 , 2704.Xr mixer 8 , 2705.Xr mountd 8 , 2706.Xr moused 8 , 2707.Xr mrouted 8 , 2708.Xr named 8 , 2709.Xr nfsd 8 , 2710.Xr pcnfsd 8 , 2711.Xr pfctl 8 , 2712.Xr pflogd 8 , 2713.Xr quotacheck 8 , 2714.Xr quotaon 8 , 2715.Xr rc 8 , 2716.Xr rc.sendmail 8 , 2717.Xr resident 8 , 2718.Xr rndcontrol 8 , 2719.Xr route 8 , 2720.Xr routed 8 , 2721.Xr rpcbind 8 , 2722.Xr rpc.lockd 8 , 2723.Xr rpc.statd 8 , 2724.Xr rtadvd 8 , 2725.Xr rtsold 8 , 2726.Xr rwhod 8 , 2727.Xr savecore 8 , 2728.Xr sdpd 8 , 2729.Xr sensorsd 8 , 2730.Xr sshd 8 , 2731.Xr swapon 8 , 2732.Xr sysctl 8 , 2733.Xr syslogd 8 , 2734.Xr sysvipcd 8 , 2735.Xr timed 8 , 2736.Xr vinum 8 , 2737.Xr yp 8 , 2738.Xr ypbind 8 , 2739.Xr ypserv 8 , 2740.Xr ypset 8 2741.Sh HISTORY 2742The 2743.Nm 2744file appeared in 2745.Fx 2.2.2 . 2746.Sh AUTHORS 2747.An Jordan K. Hubbard . 2748