1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" $DragonFly: src/share/man/man5/rc.conf.5,v 1.61 2008/10/20 07:35:08 swildner Exp $ 27.Dd June 26, 2009 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65See the 66.Va rc_conf_files 67variable below. 68.Pp 69The following list provides a name and short description for each 70variable that can be set in the 71.Nm 72file. 73To set a variable of 74.Vt bool 75type, specify either 76.Dq Li YES , 77.Dq Li TRUE , 78.Dq Li ON , 79or 80.Dq Li 1 . 81To unset, specify 82.Dq Li NO , 83.Dq Li FALSE , 84.Dq Li OFF , 85or 86.Dq Li 0 . 87These values are case insensitive. 88The 89.Va _enable 90postfix in the name of a variable for starting a service can be 91omitted (as in 92.Nx ) . 93.Bl -tag -width indent-two 94.It Va rc_debug 95.Pq Vt bool 96If set to 97.Dq Li YES , 98enable output of debug messages from rc scripts. 99This variable can be helpful in diagnosing mistakes when 100editing or integrating new scripts. 101Beware that this produces copious output to the terminal and 102.Xr syslog 3 . 103.It Va rc_info 104.Pq Vt bool 105If set to 106.Dq Li NO , 107disable informational messages from the rc scripts. 108Informational messages are displayed when 109a condition that is not serious enough to warrant a warning or an error occurs. 110.It Va swapfile 111.Pq Vt str 112If set to 113.Dq Li NO , 114no swapfile is installed, otherwise the value is used as the full 115pathname to a file to use for additional swap space. 116.It Va apm_enable 117.Pq Vt bool 118If set to 119.Dq Li YES , 120enable support for Automatic Power Management with the 121.Xr apm 8 122command. 123.It Va apmd_enable 124.Pq Vt bool 125Run 126.Xr apmd 8 127to handle APM event from userland. 128This also enables support for APM. 129.It Va apmd_flags 130.Pq Vt str 131If 132.Va apmd_enable 133is set to 134.Dq Li YES , 135these are the flags to pass to the 136.Xr apmd 8 137daemon. 138.It Va battd_enable 139Enable 140.Xr battd 8 141to monitor the status of batteries present in the system. 142This also enables support for APM. 143.It Va battd_flags 144.Pq Vt str 145If 146.Va battd_enable 147is set to 148.Dq Li YES , 149these are the flags to pass to the 150.Xr battd 8 151daemon. 152.It Va devd_enable 153.Pq Vt bool 154Run 155.Xr devd 8 156to handle device added, removed or unknown events from the kernel. 157.It Va devd_flags 158.Pq Vt str 159If 160.Va devd_enable 161is set to 162.Dq Li YES , 163these are the flags to pass to the 164.Xr devd 8 165daemon. 166.It Va sensorsd_enable 167.Pq Vt bool 168Set to 169.Dq Li NO 170by default. 171Setting this to 172.Dq Li YES 173enables 174.Xr sensorsd 8 , 175a sensors monitoring and logging daemon. 176.It Va sensorsd_flags 177.Pq Vt str 178Empty by default. 179Additional flags passed to the 180.Xr sensorsd 8 181program. 182.It Va pccard_ifconfig 183.Pq Vt str 184List of arguments to be passed to 185.Xr ifconfig 8 186at boot time or on insertion of the card (e.g.\& 187.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 188for a fixed address or 189.Dq Li DHCP 190for a DHCP client). 191.It Va pccard_ether_delay 192.Pq Vt str 193Set the delay before starting 194.Xr dhclient 8 195in the 196.Pa /etc/pccard_ether 197script. 198This defaults to 5 seconds to work around a bug in the 199.Xr ed 4 200driver which can lead to system hangs when using some newer 201.Xr ed 4 202based cards. 203.It Va removable_interfaces 204.Pq Vt str 205List of removable network interfaces to be supported by 206.Pa /etc/pccard_ether . 207.It Va local_startup 208.Pq Vt str 209List of directories to search for startup script files. 210.It Va script_name_sep 211.Pq Vt str 212The field separator to use for breaking down the list of startup script files 213into individual filenames. 214The default is a space. 215It is not necessary to change this unless there are startup scripts with names 216containing spaces. 217.It Va hostapd_enable 218.Pq Vt bool 219Set to 220.Dq Li YES 221to start 222.Xr hostapd 8 223at system boot time. 224.It Va hostname 225.Pq Vt str 226The fully qualified domain name (FQDN) of this host on the network. 227This should almost certainly be set to something meaningful, even if 228there is no network connection. 229If 230.Xr dhclient 8 231is used to set the hostname via DHCP, 232this variable should be set to an empty string. 233.It Va ipv6_enable 234.Pq Vt bool 235Enable support for IPv6 networking. 236Note that this requires that the kernel have been compiled with 237.Cd "options INET6" . 238.It Va nisdomainname 239.Pq Vt str 240The NIS domain name of this host, or 241.Dq Li NO 242if NIS is not used. 243.It Va dhclient_program 244.Pq Vt str 245Path to the DHCP client program 246(default 247.Pa /sbin/dhclient ) . 248.It Va dhclient_flags 249.Pq Vt str 250Additional flags to pass to the DHCP client program. 251.It Va pf_enable 252.Pq Vt bool 253Set to 254.Dq Li YES 255to load 256.Xr pf 4 257at startup. 258If the kernel was not built with 259.Cd "device pf" , 260the 261.Pa pf.ko 262kernel module will be loaded. 263See also 264.Va firewall_enable 265and 266.Va ipfilter_enable . 267.It Va pf_rules 268.Pq Vt str 269Path to the 270.Xr pf 4 271ruleset definition file. 272.It Va pf_program 273.Pq Vt str 274Path to 275.Xr pfctl 8 . 276.It Va pf_flags 277.Pq Vt str 278If 279.Va pf_enable 280is set to 281.Dq Li YES , 282these are the flags to pass to 283.Xr pfctl 8 284when loading the ruleset. 285.It Va pflog_enable 286.Pq Vt bool 287Set this to 288.Dq Li YES 289to enable 290.Xr pflogd 8 291which logs packets from 292.Xr pf 4 . 293.It Va pflog_logfile 294.Pq Vt str 295If 296.Va pflog_enable 297is set to 298.Dq Li YES 299this specifies the path of the log file. 300.It Va pflog_program 301.Pq Vt str 302Path to 303.Xr pflogd 8 . 304.It Va pflog_flags 305.Pq Vt str 306If 307.Va pflog_enable 308is set to 309.Dq Li YES , 310these are the flags to pass to 311.Xr pflogd 8 . 312.It Va firewall_enable 313.Pq Vt bool 314Set to 315.Dq Li YES 316to load firewall rules at startup. 317If the kernel was not built with 318.Cd "options IPFIREWALL" , 319the 320.Pa ipfw.ko 321kernel module will be loaded. 322See also 323.Va pf_enable 324and 325.Va ipfilter_enable . 326.It Va ipv6_firewall_enable 327.Pq Vt bool 328The IPv6 equivalent of 329.Va firewall_enable . 330Set to 331.Dq Li YES 332to load IPv6 firewall rules at startup. 333If the kernel was not built with 334.Cd "options IPV6FIREWALL" , 335the 336.Pa ip6fw.ko 337kernel module will be loaded. 338.It Va firewall_script 339.Pq Vt str 340The full path to the firewall script to run 341(default 342.Pa /etc/rc.firewall ) . 343.It Va ipv6_firewall_script 344.Pq Vt str 345The IPv6 equivalent of 346.Va firewall_script . 347.It Va firewall_type 348.Pq Vt str 349Names the firewall type from the selection in 350.Pa /etc/rc.firewall , 351or the file which contains the local firewall ruleset. 352Valid selections from 353.Pa /etc/rc.firewall 354are: 355.Pp 356.Bl -tag -width ".Li simple" -compact 357.It Li open 358unrestricted IP access 359.It Li closed 360all IP services disabled, except via 361.Dq Li lo0 362.It Li client 363basic protection for a workstation on a LAN 364.It Li simple 365alias for 366.Li client . 367.El 368.Pp 369If a filename is specified, the full path must be given. 370.It Va firewall_trusted_nets 371.Pq Vt str 372List of trusted networks (if 373.Va firewall_type 374is set to 375.Li client ) . 376.It Va firewall_trusted_interfaces 377.Pq Vt str 378List of trusted network interfaces (if 379.Va firewall_type 380is set to 381.Li client ) . 382.It Va firewall_allowed_icmp_types 383.Pq Vt str 384List of allowed ICMP types (if 385.Va firewall_type 386is set to 387.Li client ) . 388.It Va firewall_open_tcp_ports 389.Pq Vt str 390List of TCP ports to open (if 391.Va firewall_type 392is set to 393.Li client ) . 394.It Va firewall_open_udp_ports 395.Pq Vt str 396List of UDP ports to open (if 397.Va firewall_type 398is set to 399.Li client ) . 400.It Va ipv6_firewall_type 401.Pq Vt str 402The IPv6 equivalent of 403.Va firewall_type . 404.It Va firewall_quiet 405.Pq Vt bool 406Set to 407.Dq Li YES 408to disable the display of firewall rules on the console during boot. 409.It Va ipv6_firewall_quiet 410.Pq Vt bool 411The IPv6 equivalent of 412.Va firewall_quiet . 413.It Va firewall_logging 414.Pq Vt bool 415Set to 416.Dq Li YES 417to enable firewall event logging. 418This is equivalent to the 419.Dv IPFIREWALL_VERBOSE 420kernel option. 421.It Va ipv6_firewall_logging 422.Pq Vt bool 423The IPv6 equivalent of 424.Va firewall_logging . 425.It Va firewall_flags 426.Pq Vt str 427Flags passed to 428.Xr ipfw 8 429if 430.Va firewall_type 431specifies a filename. 432.It Va ipv6_firewall_flags 433.Pq Vt str 434The IPv6 equivalent of 435.Va firewall_flags . 436.It Va natd_program 437.Pq Vt str 438Path to 439.Xr natd 8 . 440.It Va natd_enable 441.Pq Vt bool 442Set to 443.Dq Li YES 444to enable 445.Xr natd 8 . 446.Va firewall_enable 447must also be set to 448.Dq Li YES , 449and 450.Xr divert 4 451sockets must be enabled in the kernel. 452.It Va natd_interface 453.Pq Vt str 454This is the name of the public interface on which 455.Xr natd 8 456should run. 457The interface may be given as an interface name or as an IP address. 458.It Va natd_flags 459.Pq Vt str 460Additional 461.Xr natd 8 462flags should be placed here. 463The 464.Fl n 465or 466.Fl a 467flag is automatically added with the above 468.Va natd_interface 469as an argument. 470.\" ----- ipfilter_enable setting -------------------------------- 471.It Va ipfilter_enable 472.Pq Vt bool 473Set to 474.Dq Li NO 475by default. 476Setting this to 477.Dq Li YES 478enables 479.Xr ipf 8 480packet filtering. 481.Pp 482Typical usage will require putting 483.Bd -literal 484ipfilter_enable="YES" 485ipnat_enable="YES" 486ipmon_enable="YES" 487ipfs_enable="YES" 488.Ed 489.Pp 490into 491.Pa /etc/rc.conf 492and editing 493.Pa /etc/ipf.rules 494and 495.Pa /etc/ipnat.rules 496appropriately. 497.Pp 498Note that 499.Va ipfilter_enable 500and 501.Va ipnat_enable 502can be enabled independently. 503.Va ipmon_enable 504and 505.Va ipfs_enable 506both require at least one of 507.Va ipfilter_enable 508and 509.Va ipnat_enable 510to be enabled. 511.Pp 512Having 513.Bd -literal 514options IPFILTER 515options IPFILTER_LOG 516options IPFILTER_DEFAULT_BLOCK 517.Ed 518.Pp 519in the kernel configuration file is a good idea, too. 520See also 521.Va pf_enable 522and 523.Va firewall_enable . 524.\" ----- ipfilter_program setting ------------------------------ 525.It Va ipfilter_program 526.Pq Vt str 527Path to 528.Xr ipf 8 529(default 530.Pa /sbin/ipf ) . 531.\" ----- ipfilter_rules setting -------------------------------- 532.It Va ipfilter_rules 533.Pq Vt str 534Set to 535.Pa /etc/ipf.rules 536by default. 537The name of the filter rule definition file. 538The file is expected to be readable for the 539.Xr ipf 8 540command to execute. 541.\" ----- ipv6_ipfilter_rules setting --------------------------- 542.It Va ipv6_ipfilter_rules 543.Pq Vt str 544Set to 545.Pa /etc/ipf6.rules 546by default. 547The name of the IPv6 filter rule definition file. 548The file is expected to be readable for the 549.Xr ipf 8 550command to execute. 551.\" ----- ipfilter_flags setting -------------------------------- 552.It Va ipfilter_flags 553.Pq Vt str 554Empty by default. 555Flags passed to the 556.Xr ipf 8 557program. 558.\" ----- ipnat_enable setting ---------------------------------- 559.It Va ipnat_enable 560.Pq Vt bool 561Set to 562.Dq Li NO 563by default. 564Set it to 565.Dq Li YES 566to enable 567.Xr ipnat 8 568network address translation. 569See 570.Va ipfilter_enable 571for a detailed discussion. 572.\" ----- ipnat_program setting --------------------------------- 573.It Va ipnat_program 574.Pq Vt str 575Path to 576.Xr ipnat 8 577(default 578.Pa /sbin/ipnat ) . 579.\" ----- ipnat_rules setting ----------------------------------- 580.It Va ipnat_rules 581.Pq Vt str 582Set to 583.Pa /etc/ipnat.rules 584by default. 585The name of the file 586holding the network address translation definition. 587This file is expected to be readable for the 588.Xr ipnat 8 589command to execute. 590.\" ----- ipnat_flags setting ----------------------------------- 591.It Va ipnat_flags 592.Pq Vt str 593Empty by default. 594Flags passed to the 595.Xr ipnat 8 596program. 597.\" ----- ipmon_enable setting ---------------------------------- 598.It Va ipmon_enable 599.Pq Vt bool 600Set to 601.Dq Li NO 602by default. 603Set it to 604.Dq Li YES 605to enable 606.Xr ipmon 8 607monitoring (logging 608.Xr ipf 8 609and 610.Xr ipnat 8 611events). 612Setting this variable needs setting 613.Va ipfilter_enable 614or 615.Va ipnat_enable 616too. 617See 618.Va ipfilter_enable 619for a detailed discussion. 620.\" ----- ipmon_program setting --------------------------------- 621.It Va ipmon_program 622.Pq Vt str 623Path to 624.Xr ipmon 8 625(default 626.Pa /sbin/ipmon ) . 627.\" ----- ipmon_flags setting ----------------------------------- 628.It Va ipmon_flags 629.Pq Vt str 630Set to 631.Dq Li -Ds 632by default. 633Flags passed to the 634.Xr ipmon 8 635program. 636Another typical example would be 637.Dq Fl D Pa /var/log/ipflog 638to have 639.Xr ipmon 8 640log directly to a file bypassing 641.Xr syslogd 8 . 642Make sure to adjust 643.Pa /etc/newsyslog.conf 644in such case like this: 645.Bd -literal 646/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 647.Ed 648.\" ----- ipfs_enable setting ----------------------------------- 649.It Va ipfs_enable 650.Pq Vt bool 651Set to 652.Dq Li NO 653by default. 654Set it to 655.Dq Li YES 656to enable 657.Xr ipfs 8 658saving the filter and NAT state tables during shutdown 659and reloading them during startup again. 660Setting this variable needs setting 661.Va ipfilter_enable 662or 663.Va ipnat_enable 664to 665.Dq Li YES 666too. 667See 668.Va ipfilter_enable 669for a detailed discussion. 670Note that if 671.Va kern_securelevel 672is set to 3, 673.Va ipfs_enable 674cannot be used because the raised securelevel will prevent 675.Xr ipfs 8 676from saving the state tables at shutdown time. 677.\" ----- ipfs_program setting ---------------------------------- 678.It Va ipfs_program 679.Pq Vt str 680Path to 681.Xr ipfs 8 682(default 683.Pa /sbin/ipfs ) . 684.\" ----- ipfs_flags setting ------------------------------------ 685.It Va ipfs_flags 686.Pq Vt str 687Empty by default. 688Flags passed to the 689.Xr ipfs 8 690program. 691.\" ----- end of added ipf hook --------------------------------- 692.It Va tcp_extensions 693.Pq Vt bool 694Set to 695.Dq Li YES 696by default. 697Setting this to 698.Dq Li NO 699disables certain TCP options as described by 700.Rs 701.%T "RFC 1323" 702.Re 703Setting this to 704.Dq Li NO 705might help remedy such problems with connections as randomly hanging 706or other weird behavior. 707Some network devices are known to be broken with respect to these options. 708.It Va log_in_vain 709.Pq Vt int 710Set to 0 by default. 711The 712.Xr sysctl 8 713variables, 714.Va net.inet.tcp.log_in_vain 715and 716.Va net.inet.udp.log_in_vain , 717as described in 718.Xr tcp 4 719and 720.Xr udp 4 , 721are set to the given value. 722.It Va tcp_keepalive 723.Pq Vt bool 724Set to 725.Dq Li YES 726by default. 727Setting to 728.Dq Li NO 729will disable probing idle TCP connections to verify that the 730peer is still up and reachable. 731.It Va tcp_drop_synfin 732.Pq Vt bool 733Set to 734.Dq Li NO 735by default. 736Setting to 737.Dq Li YES 738will cause the kernel to ignore TCP frames that have both 739the SYN and FIN flags set. 740This prevents OS fingerprinting, but may break some legitimate applications. 741This option is only available if the kernel was built with the 742.Dv TCP_DROP_SYNFIN 743option. 744.It Va icmp_drop_redirect 745.Pq Vt bool 746Set to 747.Dq Li NO 748by default. 749Setting to 750.Dq Li YES 751will cause the kernel to ignore ICMP REDIRECT packets. 752Refer to 753.Xr icmp 4 754for more information. 755.It Va icmp_log_redirect 756.Pq Vt bool 757Set to 758.Dq Li NO 759by default. 760Setting to 761.Dq Li YES 762will cause the kernel to log ICMP REDIRECT packets. 763Note that 764the log messages are not rate-limited, so this option should only be used 765for troubleshooting networks. 766Refer to 767.Xr icmp 4 768for more information. 769.It Va icmp_bmcastecho 770.Pq Vt bool 771Set to 772.Dq Li YES 773to respond to broadcast or multicast ICMP ping packets. 774Refer to 775.Xr icmp 4 776for more information. 777.It Va ip_portrange_first 778.Pq Vt int 779If not set to 780.Dq Li NO , 781this is the first port in the default portrange. 782Refer to 783.Xr ip 4 784for more information. 785.It Va ip_portrange_last 786.Pq Vt int 787If not set to 788.Dq Li NO , 789this is the last port in the default portrange. 790Refer to 791.Xr ip 4 792for more information. 793.\" 794.It Va ifconfig_ Ns Aq Ar interface 795.Pq Vt str 796Configuration for 797.Dq interface . 798Typically includes IP address. 799Assuming that the interface in question was 800.Li ed0 , 801it might look something like this: 802.Bd -literal 803ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 804.Ed 805.Pp 806If the 807.Pa /etc/start_if. Ns Aq Ar interface 808file is present, it is read and executed by the 809.Xr sh 1 810interpreter before configuring the interface as specified in the 811.Va ifconfig_ Ns Aq Ar interface 812and 813.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 814variables. 815.Pp 816It is possible to bring up an interface with DHCP by adding 817.Dq Li DHCP 818to the 819.Va ifconfig_ Ns Aq Ar interface 820variable. 821For instance, to initialize the 822.Li ed0 823device via DHCP, it is possible to use something like: 824.Bd -literal 825ifconfig_ed0="DHCP" 826.Ed 827.Pp 828Also, if your interface needs WPA authentication, it is possible to add 829.Dq Li WPA 830to the 831.Va ifconfig_ Ns Aq Ar interface 832variable. 833This will start 834.Xr wpa_supplicant 8 . 835See 836.Xr wpa_supplicant.conf 5 837for configuring authentication information. 838.Pp 839Finally, you can add 840.Xr ifconfig 8 841options in this variable, in addition to the 842.Pa /etc/start_if. Ns Aq Ar interface 843file. 844For instance, to initialize the 845.Li wi0 846device via DHCP, using WPA authentication and 802.11b mode, it is 847possible to use something like: 848.Bd -literal 849ifconfig_wi0="up DHCP WPA mode 11b" 850.Ed 851.Pp 852.\" 853.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 854.Pq Vt str 855Configuration to establish an additional network address for 856.Dq interface . 857Assuming that the interface in question was 858.Li ed0 , 859it might look something like this: 860.Bd -literal 861ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 862ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 863.Ed 864.Pp 865And so on. 866For each 867.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 868entry that is found, its contents are passed to 869.Xr ifconfig 8 . 870Execution stops at the first unsuccessful access, so if 871something like this is present: 872.Bd -literal 873ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 874ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 875ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 876ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 877.Ed 878.Pp 879Then note that alias4 would 880.Em not 881be added since the search would stop with the missing alias3 entry. 882.Pp 883.\" 884.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 885.Pq Vt str 886New name for 887.Dq interface . 888It is possible to rename interface by doing: 889.Bd -literal 890ifconfig_ed0_name="net0" 891ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 892.Ed 893.It Va network_interfaces 894.Pq Vt str 895The list of network interfaces to configure on this host, 896or 897.Dq Li auto 898to configure all network interfaces 899(default 900.Dq Li auto ) . 901For example, if the only network devices to be configured are the loopback device 902.Pq Li lo0 903and a NIC using the 904.Xr ed 4 905driver, this could be set to 906.Dq Li "lo0 ed0" . 907An 908.Va ifconfig_ Ns Aq Ar interface 909variable is assumed to exist for each value of 910.Ar interface . 911.It Va ipv6_network_interfaces 912.Pq Vt str 913This is the IPv6 equivalent of 914.Va network_interfaces . 915Instead of setting the ifconfig variables as 916.Va ifconfig_ Ns Aq Ar interface 917they should be set as 918.Va ipv6_ifconfig_ Ns Aq Ar interface . 919Aliases should be set as 920.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 921Interfaces that do not have a 922.Va ipv6_ifconfig_ Ns Aq Ar interface 923setting will be auto configured by 924.Xr rtsol 8 925if the 926.Va ipv6_gateway_enable 927is set to 928.Dq Li NO . 929Note that the IPv6 networking code does not support the 930.Pa /etc/start_if. Ns Aq Ar interface 931files. 932.It Va ipv6_prefix_ Ns Aq Ar interface 933.Pq Vt str 934Assign prefix to 935.Ar interface , 936prefixlen 64 is used. 937.It Va ipv6_default_interface 938.Pq Vt str 939If not set to 940.Dq Li NO , 941this is the default output interface for scoped addresses. 942Now this works only for IPv6 link local multicast addresses. 943.It Va cloned_interfaces 944.Pq Vt str 945Set to the list of clonable network interfaces to create on this host. 946Entries in 947.Va cloned_interfaces 948are automatically appended to 949.Va network_interfaces 950for configuration. 951.It Va gif_interfaces 952.Pq Vt str 953Set to the list of 954.Xr gif 4 955tunnel interfaces to configure on this host. 956A 957.Va gifconfig_ Ns Aq Ar interface 958variable is assumed to exist for each value of 959.Ar interface . 960The value of this variable is used to configure the link layer of the 961tunnel according to the syntax of the 962.Cm tunnel 963option to 964.Xr ifconfig 8 . 965Additionally, this option ensures that each listed interface is created via the 966.Cm create 967option to 968.Xr ifconfig 8 969before attempting to configure it. 970.It Va sppp_interfaces 971.Pq Vt str 972Set to the list of 973.Xr sppp 4 974interfaces to configure on this host. 975A 976.Va spppconfig_ Ns Aq Ar interface 977variable is assumed to exist for each value of 978.Ar interface . 979Each interface should also be configured by a general 980.Va ifconfig_ Ns Aq Ar interface 981setting. 982Refer to 983.Xr spppcontrol 8 984for more information about available options. 985.It Va ppp_enable 986.Pq Vt bool 987If set to 988.Dq Li YES , 989run the 990.Xr ppp 8 991daemon. 992.It Va ppp_mode 993.Pq Vt str 994Mode in which to run the 995.Xr ppp 8 996daemon. 997Accepted modes are 998.Dq Li auto , 999.Dq Li ddial , 1000.Dq Li direct 1001and 1002.Dq Li dedicated . 1003See the manual for a full description. 1004.It Va ppp_nat 1005.Pq Vt bool 1006If set to 1007.Dq Li YES , 1008enables network address translation. 1009Used in conjunction with 1010.Va gateway_enable 1011allows hosts on private network addresses access to the Internet using 1012this host as a network address translating router. 1013.It Va ppp_profile 1014.Pq Vt str 1015The name of the profile to use from 1016.Pa /etc/ppp/ppp.conf . 1017.It Va ppp_user 1018.Pq Vt str 1019The name of the user under which 1020.Xr ppp 8 1021should be started. 1022By default, 1023.Xr ppp 8 1024is started as 1025.Dq Li root . 1026.It Va rc_conf_files 1027.Pq Vt str 1028This option is used to specify a list of files that will override 1029the settings in 1030.Pa /etc/defaults/rc.conf . 1031The files will be read in the order in which they are specified and should 1032include the full path to the file. 1033By default, the files specified are 1034.Pa /etc/rc.conf 1035and 1036.Pa /etc/rc.conf.local 1037.It Va fsck_y_enable 1038.Pq Vt bool 1039If set to 1040.Dq Li YES , 1041.Xr fsck 8 1042will be run with the 1043.Fl y 1044flag if the initial preen of the file systems fails. 1045.It Va netfs_types 1046.Pq Vt str 1047List of file system types that are network-based. 1048This list should generally not be modified by end users. 1049Use 1050.Va extra_netfs_types 1051instead. 1052.It Va extra_netfs_types 1053.Pq Vt str 1054If set to something other than 1055.Dq Li NO 1056(the default), this variable extends the list of file system types 1057for which automatic mounting at startup by 1058.Xr rc 8 1059should be delayed until the network is initialized. 1060It should contain 1061a whitespace-separated list of network file system descriptor pairs, 1062each consisting of a file system type as passed to 1063.Xr mount 8 1064and a human-readable, one-word description, joined with a colon 1065.Pq Ql \&: . 1066Extending the default list in this way is only necessary 1067when third party file system types are used. 1068.It Va syslogd_enable 1069.Pq Vt bool 1070If set to 1071.Dq Li YES , 1072run the 1073.Xr syslogd 8 1074daemon. 1075.It Va syslogd_program 1076.Pq Vt str 1077Path to 1078.Xr syslogd 8 1079(default 1080.Pa /usr/sbin/syslogd ) . 1081.It Va syslogd_flags 1082.Pq Vt str 1083If 1084.Va syslogd_enable 1085is set to 1086.Dq Li YES , 1087these are the flags to pass to 1088.Xr syslogd 8 . 1089.It Va inetd_enable 1090.Pq Vt bool 1091If set to 1092.Dq Li YES , 1093run the 1094.Xr inetd 8 1095daemon. 1096.It Va inetd_program 1097.Pq Vt str 1098Path to 1099.Xr inetd 8 1100(default 1101.Pa /usr/sbin/inetd ) . 1102.It Va inetd_flags 1103.Pq Vt str 1104If 1105.Va inetd_enable 1106is set to 1107.Dq Li YES , 1108these are the flags to pass to 1109.Xr inetd 8 . 1110.It Va named_enable 1111.Pq Vt bool 1112If set to 1113.Dq Li YES , 1114run the 1115.Xr named 8 1116daemon. 1117.It Va named_program 1118.Pq Vt str 1119Path to 1120.Xr named 8 1121(default 1122.Pa /usr/sbin/named ) . 1123.It Va named_flags 1124.Pq Vt str 1125If 1126.Va named_enable 1127is set to 1128.Dq Li YES , 1129these are the flags to pass to 1130.Xr named 8 . 1131.It Va named_pidfile 1132.Pq Vt str 1133This is the default path to the 1134.Xr named 8 1135daemon's PID file. 1136Change it if you change the location in 1137.Pa /etc/namedb/named.conf . 1138.It Va named_chrootdir 1139.Pq Vt str 1140The root directory for a name server run in a 1141.Xr chroot 8 1142environment. 1143If left empty 1144.Xr named 8 1145will not be run in a 1146.Xr chroot 8 1147environment. 1148.It Va kerberos5_server_enable 1149.Pq Vt bool 1150Set to 1151.Dq Li YES 1152to start a Kerberos 5 authentication server at boot time. 1153.It Va kerberos5_server_program 1154.Pq Vt str 1155If 1156.Va kerberos5_server_enable 1157is set to 1158.Dq Li YES 1159this is the path to Kerberos 5 Authentication Server. 1160.It Va kadmind5_server_enable 1161.Pq Vt bool 1162Set to 1163.Dq Li YES 1164to start 1165.Xr kadmind 8 , 1166the Kerberos 5 Administration Daemon; set to 1167.Dq Li NO 1168on a slave server. 1169.It Va kadmind5_server_program 1170.Pq Vt str 1171If 1172.Va kadmind5_server_enable 1173is set to 1174.Dq Li YES 1175this is the path to Kerberos 5 Administration Daemon. 1176.It Va kpasswdd_server_enable 1177.Pq Vt bool 1178Set to 1179.Dq Li YES 1180to start 1181.Xr kpasswdd 8 , 1182the Kerberos 5 Password-Changing Daemon; set to 1183.Dq Li NO 1184on a slave server. 1185.It Va kpasswdd_server_program 1186.Pq Vt str 1187If 1188.Va kpasswdd_server_enable 1189is set to 1190.Dq Li YES 1191this is the path to Kerberos 5 Password-Changing Daemon. 1192.It Va rwhod_enable 1193.Pq Vt bool 1194If set to 1195.Dq Li YES , 1196run the 1197.Xr rwhod 8 1198daemon at boot time. 1199.It Va rwhod_flags 1200.Pq Vt str 1201If 1202.Va rwhod_enable 1203is set to 1204.Dq Li YES , 1205these are the flags to pass to it. 1206.It Va amd_enable 1207.Pq Vt bool 1208If set to 1209.Dq Li YES , 1210run the 1211.Xr amd 8 1212daemon at boot time. 1213.It Va amd_flags 1214.Pq Vt str 1215If 1216.Va amd_enable 1217is set to 1218.Dq Li YES , 1219these are the flags to pass to it. 1220See the 1221.Xr amd 8 1222manpage for more information. 1223.It Va amd_map_program 1224.Pq Vt str 1225If set, the specified program is run to get the list of 1226.Xr amd 8 1227maps. 1228For example, if the 1229.Xr amd 8 1230maps are stored in NIS, one can set this to run 1231.Xr ypcat 1 1232to get a list of 1233.Xr amd 8 1234maps from the 1235.Pa amd.master 1236NIS map. 1237.It Va update_motd 1238.Pq Vt bool 1239If set to 1240.Dq Li YES , 1241.Pa /etc/motd 1242will be updated at boot time to reflect the kernel release being run. 1243If set to 1244.Dq Li NO , 1245.Pa /etc/motd 1246will not be updated. 1247.It Va nfs_client_enable 1248.Pq Vt bool 1249If set to 1250.Dq Li YES , 1251run the NFS client daemons at boot time. 1252.It Va nfs_client_flags 1253.Pq Vt str 1254If 1255.Va nfs_client_enable 1256is set to 1257.Dq Li YES , 1258these are the flags to pass to the 1259.Xr nfsiod 8 1260daemon. 1261.It Va nfs_access_cache 1262.Pq Vt int 1263If 1264.Va nfs_client_enable 1265is set to 1266.Dq Li YES , 1267this can be set to 1268.Dq Li 0 1269to disable NFS ACCESS RPC caching, or to the number of seconds for which 1270NFS ACCESS results should be cached. 1271A value of 2-10 seconds will substantially reduce network traffic for 1272many NFS operations. 1273The default is 5 seconds. 1274Note that the attribute cache holds stat information only. 1275The NFS data cache is independent of the attribute cache and is only 1276invalidated when the client detects that the server has modified the 1277underlying file. 1278This value specifies a maximum timeout. 1279The NFS client will automatically use a shorter timeout for files which 1280have been recently modified. 1281.It Va nfs_neg_cache 1282.Pq Vt int 1283If 1284.Va nfs_client_enable 1285is set to 1286.Dq Li YES , 1287this can be set to 1288.Dq Li 0 1289to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1290filenames), or to the number of seconds for which negative lookups should 1291be cached. 1292A value of 2-10 seconds will substantially reduce network 1293traffic for many NFS operations, especially source code builds. 1294The default is 3 seconds. 1295.It Va nfs_server_enable 1296.Pq Vt bool 1297If set to 1298.Dq Li YES , 1299run the NFS server daemons at boot time. 1300.It Va nfs_server_flags 1301.Pq Vt str 1302If 1303.Va nfs_server_enable 1304is set to 1305.Dq Li YES , 1306these are the flags to pass to the 1307.Xr nfsd 8 1308daemon. 1309.It Va mountd_enable 1310.Pq Vt bool 1311If set to 1312.Dq Li YES , 1313and no 1314.Va nfs_server_enable 1315is set, start 1316.Xr mountd 8 , 1317but not 1318.Xr nfsd 8 1319daemon. 1320It is commonly needed to run CFS without real NFS used. 1321.It Va mountd_flags 1322.Pq Vt str 1323If 1324.Va mountd_enable 1325is set to 1326.Dq Li YES , 1327these are the flags to pass to the 1328.Xr mountd 8 1329daemon. 1330.It Va weak_mountd_authentication 1331.Pq Vt bool 1332If set to 1333.Dq Li YES , 1334allow services like PCNFSD to make non-privileged mount requests. 1335.It Va nfs_reserved_port_only 1336.Pq Vt bool 1337If set to 1338.Dq Li YES , 1339provide NFS services only on a secure port. 1340.It Va nfs_bufpackets 1341.Pq Vt int 1342If set to a number, indicates the number of packets worth of 1343socket buffer space to reserve on an NFS client. 1344The kernel default is typically 4. 1345Using a higher number may be useful on gigabit networks to improve performance. 1346The minimum value is 2 and the maximum is 64. 1347.It Va rpc_umntall_enable 1348.Pq Vt bool 1349If set to 1350.Dq Li YES 1351(default) and we are also an NFS client, run 1352.Xr rpc.umntall 8 1353at boot time to clear out old mounts on remote servers. 1354If set to 1355.Dq Li NO 1356then 1357.Xr rpc.umntall 8 1358will not be run at boot time. 1359.It Va rpc_lockd_enable 1360.Pq Vt bool 1361If set to 1362.Dq Li YES 1363and also an NFS server, run 1364.Xr rpc.lockd 8 1365at boot time. 1366.It Va rpc_lockd_flags 1367.Pq Vt str 1368If 1369.Va rpc_lockd_enable 1370is set to 1371.Dq Li YES , 1372these are the flags to pass to 1373.Xr rpc.lockd 8 . 1374.It Va rpc_statd_enable 1375.Pq Vt bool 1376If set to 1377.Dq Li YES 1378and also an NFS server, run 1379.Xr rpc.statd 8 1380at boot time. 1381.It Va rpc_statd_flags 1382.Pq Vt str 1383If 1384.Va rpc_statd_enable 1385is set to 1386.Dq Li YES , 1387these are the flags to pass to 1388.Xr rpc.statd 8 . 1389.It Va rpcbind_program 1390.Pq Vt str 1391Path to program for rpcbind daemon 1392(default 1393.Pa /usr/sbin/rpcbind ) . 1394.It Va rpcbind_enable 1395.Pq Vt bool 1396If set to 1397.Dq Li YES , 1398run 1399.Va rpcbind_program 1400at boot time. 1401.It Va rpcbind_flags 1402.Pq Vt str 1403If 1404.Va rpcbind_enable 1405is set to 1406.Dq Li YES , 1407these are the flags to pass to 1408.Va rpcbind_program . 1409.It Va keyserv_enable 1410.Pq Vt bool 1411If set to 1412.Dq Li YES , 1413run the 1414.Xr keyserv 8 1415daemon on boot for running Secure RPC. 1416.It Va keyserv_flags 1417.Pq Vt str 1418If 1419.Va keyserv_enable 1420is set to 1421.Dq Li YES , 1422these are the flags to pass to 1423.Xr keyserv 8 1424daemon. 1425.It Va pppoed_enable 1426.Pq Vt bool 1427If set to 1428.Dq Li YES , 1429run the 1430.Xr pppoed 8 1431daemon at boot time to provide PPP over Ethernet services. 1432.It Va pppoed_provider 1433.Pq Vt str 1434.Xr pppoed 8 1435listens to requests to this provider and ultimately runs 1436.Xr ppp 8 1437with a 1438.Ar system 1439argument of the same name. 1440.It Va pppoed_flags 1441.Pq Vt str 1442Additional flags to pass to 1443.Xr pppoed 8 . 1444.It Va pppoed_interface 1445.Pq Vt str 1446The network interface to run 1447.Xr pppoed 8 1448on. 1449This is mandatory when 1450.Va pppoed_enable 1451is set to 1452.Dq Li YES . 1453.It Va timed_enable 1454.Pq Vt bool 1455If set to 1456.Dq Li YES , 1457run the 1458.Xr timed 8 1459service at boot time. 1460This command is intended for networks of machines where a consistent 1461.Dq "network time" 1462for all hosts must be established. 1463This is often useful in large NFS environments where time stamps on 1464files are expected to be consistent network-wide. 1465.It Va timed_flags 1466.Pq Vt str 1467If 1468.Va timed_enable 1469is set to 1470.Dq Li YES , 1471these are the flags to pass to the 1472.Xr timed 8 1473service. 1474.It Va dntpd_enable 1475.Pq Vt bool 1476If set to 1477.Dq Li YES , 1478run 1479.Xr dntpd 8 1480at system boot time. 1481.It Va dntpd_program 1482.Pq Vt str 1483Path to 1484.Xr dntpd 8 1485(default 1486.Pa /usr/sbin/dntpd ) . 1487.It Va dntpd_flags 1488.Pq Vt str 1489If 1490.Va dntpd_enable 1491is set to 1492.Dq Li YES , 1493these are the flags to pass to the 1494.Xr dntpd 8 1495daemon. 1496.It Va btconfig_enable 1497.Pq Vt bool 1498If set to 1499.Dq Li YES , 1500configure Bluetooth devices via 1501.Xr btconfig 8 1502at system boot time. 1503.It Va btconfig_devices 1504.Pq Vt str 1505If 1506.Va btconfig_enable 1507is set to 1508.Dq Li YES , 1509this is the list of Bluetooth devices to configure. 1510If 1511.Va btconfig_devices 1512is not specified, all devices known to the system will be configured. 1513A 1514.Va btconfig_ Ns Aq Ar device 1515variable can be set to specify parameters to be passed to 1516.Ar device . 1517.It Va btconfig_args 1518.Pq Vt str 1519If 1520.Va btconfig_enable 1521is set to 1522.Dq Li YES , 1523this is the list of configuration parameters to pass to all Bluetooth 1524devices. 1525.It Va sdpd_enable 1526.Pq Vt bool 1527If set to 1528.Dq Li YES , 1529run the Service Discovery Profile daemon 1530.Xr ( sdpd 8 ) 1531at system boot time. 1532.It Va sdpd_flags 1533.Pq Vt str 1534If 1535.Va sdpd_enable 1536is set to 1537.Dq Li YES , 1538these are the flags to pass to the 1539.Xr sdpd 8 1540daemon. 1541.It Va bthcid_enable 1542.Pq Vt bool 1543If set to 1544.Dq Li YES , 1545run the Bluetooth Link Key/PIN Code Manager daemon 1546.Xr ( bthcid 8 ) 1547at system boot time. 1548.It Va bthcid_flags 1549.Pq Vt str 1550If 1551.Va bthcid_enable 1552is set to 1553.Dq Li YES , 1554these are the flags to pass to the 1555.Xr bthcid 8 1556daemon. 1557.It Va nis_client_enable 1558.Pq Vt bool 1559If set to 1560.Dq Li YES , 1561run the 1562.Xr ypbind 8 1563service at system boot time. 1564.It Va nis_client_flags 1565.Pq Vt str 1566If 1567.Va nis_client_enable 1568is set to 1569.Dq Li YES , 1570these are the flags to pass to the 1571.Xr ypbind 8 1572service. 1573.It Va nis_ypset_enable 1574.Pq Vt bool 1575If set to 1576.Dq Li YES , 1577run the 1578.Xr ypset 8 1579daemon at system boot time. 1580.It Va nis_ypset_flags 1581.Pq Vt str 1582If 1583.Va nis_ypset_enable 1584is set to 1585.Dq Li YES , 1586these are the flags to pass to the 1587.Xr ypset 8 1588daemon. 1589.It Va nis_server_enable 1590.Pq Vt bool 1591If set to 1592.Dq Li YES , 1593run the 1594.Xr ypserv 8 1595daemon at system boot time. 1596.It Va nis_server_flags 1597.Pq Vt str 1598If 1599.Va nis_server_enable 1600is set to 1601.Dq Li YES , 1602these are the flags to pass to the 1603.Xr ypserv 8 1604daemon. 1605.It Va nis_ypxfrd_enable 1606.Pq Vt bool 1607If set to 1608.Dq Li YES , 1609run the 1610.Xr rpc.ypxfrd 8 1611daemon at system boot time. 1612.It Va nis_ypxfrd_flags 1613.Pq Vt str 1614If 1615.Va nis_ypxfrd_enable 1616is set to 1617.Dq Li YES , 1618these are the flags to pass to the 1619.Xr rpc.ypxfrd 8 1620daemon. 1621.It Va nis_yppasswdd_enable 1622.Pq Vt bool 1623If set to 1624.Dq Li YES , 1625run the 1626.Xr rpc.yppasswdd 8 1627daemon at system boot time. 1628.It Va nis_yppasswdd_flags 1629.Pq Vt str 1630If 1631.Va nis_yppasswdd_enable 1632is set to 1633.Dq Li YES , 1634these are the flags to pass to the 1635.Xr rpc.yppasswdd 8 1636daemon. 1637.It Va rpc_ypupdated_enable 1638.Pq Vt bool 1639If set to 1640.Dq Li YES , 1641run the 1642.Nm rpc.ypupdated 1643daemon at system boot time. 1644.It Va defaultrouter 1645.Pq Vt str 1646If not set to 1647.Dq Li NO , 1648create a default route to this host name or IP address 1649(use an IP address if this router is also required to get to the 1650name server!). 1651.It Va ipv6_defaultrouter 1652.Pq Vt str 1653The IPv6 equivalent of 1654.Va defaultrouter . 1655.It Va static_routes 1656.Pq Vt str 1657Set to the list of static routes that are to be added at system boot time. 1658If not set to 1659.Dq Li NO 1660then for each whitespace separated 1661.Ar element 1662in the value, a 1663.Va route_ Ns Aq Ar element 1664variable is assumed to exist whose contents will later be passed to a 1665.Dq Nm route Cm add 1666operation. 1667.It Va ipv6_static_routes 1668.Pq Vt str 1669The IPv6 equivalent of 1670.Va static_routes . 1671If not set to 1672.Dq Li NO 1673then for each whitespace separated 1674.Ar element 1675in the value, a 1676.Va ipv6_route_ Ns Aq Ar element 1677variable is assumed to exist whose contents will later be passed to a 1678.Dq Nm route Cm add Fl inet6 1679operation. 1680.It Va gateway_enable 1681.Pq Vt bool 1682If set to 1683.Dq Li YES , 1684configure host to act as an IP router, e.g. to forward packets 1685between interfaces. 1686.It Va ipv6_gateway_enable 1687.Pq Vt bool 1688The IPv6 equivalent of 1689.Va gateway_enable . 1690.It Va router_enable 1691.Pq Vt bool 1692If set to 1693.Dq Li YES , 1694run a routing daemon of some sort, based on the settings of 1695.Va router_program 1696and 1697.Va router_flags . 1698.It Va ipv6_router_enable 1699.Pq Vt bool 1700The IPv6 equivalent of 1701.Va router_enable . 1702If set to 1703.Dq Li YES , 1704run a routing daemon of some sort, based on the settings of 1705.Va ipv6_router_program 1706and 1707.Va ipv6_router_flags . 1708.It Va router_program 1709.Pq Vt str 1710If 1711.Va router_enable 1712is set to 1713.Dq Li YES , 1714this is the name of the routing daemon to use 1715(default 1716.Pa /sbin/routed ) . 1717.It Va ipv6_router_program 1718.Pq Vt str 1719The IPv6 equivalent of 1720.Va router_program 1721(default 1722.Pa /sbin/route6d ) . 1723.It Va router_flags 1724.Pq Vt str 1725If 1726.Va router_enable 1727is set to 1728.Dq Li YES , 1729these are the flags to pass to the routing daemon. 1730.It Va ipv6_router_flags 1731.Pq Vt str 1732The IPv6 equivalent of 1733.Va router_flags . 1734.It Va mrouted_enable 1735.Pq Vt bool 1736If set to 1737.Dq Li YES , 1738run the multicast routing daemon, 1739.Xr mrouted 8 . 1740.It Va mroute6d_enable 1741.Pq Vt bool 1742The IPv6 equivalent of 1743.Va mrouted_enable . 1744If set to 1745.Dq Li YES , 1746run the IPv6 multicast routing daemon. 1747Note that no IPv6 multicast routing daemon is included in the 1748.Dx 1749base system but 1750.Xr pim6dd 8 1751can be installed from the 1752.Xr pkgsrc 7 1753collection. 1754.It Va mrouted_flags 1755.Pq Vt str 1756If 1757.Va mrouted_enable 1758is set to 1759.Dq Li YES , 1760these are the flags to pass to the 1761.Xr mrouted 8 1762daemon. 1763.It Va mroute6d_flags 1764.Pq Vt str 1765The IPv6 equivalent of 1766.Va mrouted_flags . 1767If 1768.Va mroute6d_enable 1769is set to 1770.Dq Li YES , 1771these are the flags passed to the IPv6 multicast routing daemon. 1772.It Va mroute6d_program 1773.Pq Vt str 1774If 1775.Va mroute6d_enable 1776is set to 1777.Dq Li YES , 1778this is the path to the IPv6 multicast routing daemon. 1779.It Va rtadvd_enable 1780.Pq Vt bool 1781If set to 1782.Dq Li YES , 1783run the 1784.Xr rtadvd 8 1785daemon at boot time. 1786.Xr rtadvd 8 1787will only run if 1788.Va ipv6_gateway_enable 1789is also set to 1790.Dq Li YES . 1791The 1792.Xr rtadvd 8 1793utility sends router advertisement packets to the interfaces specified in 1794.Va rtadvd_interfaces . 1795.Xr rtadvd 8 1796and should only be enabled with great care. 1797You may want to fine-tune 1798.Xr rtadvd.conf 5 . 1799.It Va rtadvd_interfaces 1800.Pq Vt str 1801If 1802.Va rtadvd_enable 1803is set to 1804.Dq Li YES 1805this is the list of interfaces to use. 1806.It Va rtsold_enable 1807.Pq Vt bool 1808If set to 1809.Dq Li YES , 1810run the 1811.Xr rtsold 8 1812daemon at boot time. 1813The 1814.Xr rtsold 8 1815daemon is used for automatic discovery of non-link local addresses. 1816.It Va rtsold_flags 1817.Pq Vt str 1818If 1819.Va rtsold_enable 1820is set to 1821.Dq Li YES , 1822these are the flags to pass to the 1823.Xr rtsold 8 1824daemon. 1825.It Va ipxgateway_enable 1826.Pq Vt bool 1827If set to 1828.Dq Li YES , 1829enable the routing of IPX traffic. 1830.It Va ipxrouted_enable 1831.Pq Vt bool 1832If set to 1833.Dq Li YES , 1834run the 1835.Xr IPXrouted 8 1836daemon at system boot time. 1837.It Va ipxrouted_flags 1838.Pq Vt str 1839If 1840.Va ipxrouted_enable 1841is set to 1842.Dq Li YES , 1843these are the flags to pass to the 1844.Xr IPXrouted 8 1845daemon. 1846.It Va arpproxy_all 1847.Pq Vt bool 1848If set to 1849.Dq Li YES , 1850enable global proxy ARP. 1851.It Va forward_sourceroute 1852.Pq Vt bool 1853If set to 1854.Dq Li YES 1855and 1856.Va gateway_enable 1857is also set to 1858.Dq Li YES , 1859source-routed packets are forwarded. 1860.It Va accept_sourceroute 1861.Pq Vt bool 1862If set to 1863.Dq Li YES , 1864the system will accept source-routed packets directed at it. 1865.It Va rarpd_enable 1866.Pq Vt bool 1867If set to 1868.Dq Li YES , 1869run the 1870.Xr rarpd 8 1871daemon at system boot time. 1872.It Va rarpd_flags 1873.Pq Vt str 1874If 1875.Va rarpd_enable 1876is set to 1877.Dq Li YES , 1878these are the flags to pass to the 1879.Xr rarpd 8 1880daemon. 1881.It Va bootparamd_enable 1882.Pq Vt bool 1883If set to 1884.Dq Li YES , 1885run the 1886.Xr bootparamd 8 1887daemon at system boot time. 1888.It Va bootparamd_flags 1889.Pq Vt str 1890If 1891.Va bootparamd_enable 1892is set to 1893.Dq Li YES , 1894these are the flags to pass to the 1895.Xr bootparamd 8 1896daemon. 1897.It Va stf_interface_ipv4addr 1898.Pq Vt str 1899If not set to 1900.Dq Li NO , 1901this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1902Specify this entry to enable the 6to4 interface. 1903.It Va stf_interface_ipv4plen 1904.Pq Vt int 1905Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1906An effective value is 0-31. 1907.It Va stf_interface_ipv6_ifid 1908.Pq Vt str 1909IPv6 interface ID for 1910.Xr stf 4 . 1911This can be set to 1912.Dq Li AUTO . 1913.It Va stf_interface_ipv6_slaid 1914.Pq Vt str 1915IPv6 Site Level Aggregator for 1916.Xr stf 4 . 1917.It Va ipv6_faith_prefix 1918.Pq Vt str 1919If not set to 1920.Dq Li NO , 1921this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP translator. 1922You also need 1923.Xr faithd 8 1924setup. 1925.It Va ipv6_ipv4mapping 1926.Pq Vt bool 1927If set to 1928.Dq Li YES 1929this enables IPv4 mapped IPv6 address communication (like 1930.Li ::ffff:a.b.c.d ) . 1931.It Va atm_enable 1932.Pq Vt bool 1933Set to 1934.Dq Li YES 1935to enable the configuration of ATM interfaces at system boot time. 1936For all of the ATM variables described below, please refer to the 1937.Xr atm 8 1938man page for further details on the available command parameters. 1939Also refer to the files in 1940.Pa /usr/share/examples/atm 1941for more detailed configuration information. 1942.It Va atm_netif_ Ns Aq Ar intf 1943.Pq Vt str 1944For the ATM physical interface 1945.Ar intf , 1946this variable defines the name prefix and count for the ATM network 1947interfaces to be created. 1948The value will be passed as the parameters of an 1949.Dq Nm atm Cm "set netif" Ar intf 1950command. 1951.It Va atm_sigmgr_ Ns Aq Ar intf 1952.Pq Vt str 1953For the ATM physical interface 1954.Ar intf , 1955this variable defines the ATM signalling manager to be used. 1956The value will be passed as the parameters of an 1957.Dq Nm atm Cm attach Ar intf 1958command. 1959.It Va atm_prefix_ Ns Aq Ar intf 1960.Pq Vt str 1961For the ATM physical interface 1962.Ar intf , 1963this variable defines the NSAP prefix for interfaces using a UNI signalling 1964manager. 1965If set to 1966.Dq Li ILMI , 1967the prefix will automatically be set via the 1968.Xr ilmid 8 1969daemon. 1970Otherwise, the value will be passed as the parameters of an 1971.Dq Nm atm Cm "set prefix" Ar intf 1972command. 1973.It Va atm_macaddr_ Ns Aq Ar intf 1974.Pq Vt str 1975For the ATM physical interface 1976.Ar intf , 1977this variable defines the MAC address for interfaces using a UNI signalling 1978manager. 1979If set to 1980.Dq Li NO , 1981the hardware MAC address contained in the ATM interface card will be used. 1982Otherwise, the value will be passed as the parameters of an 1983.Dq Nm atm Cm "set mac" Ar intf 1984command. 1985.It Va atm_arpserver_ Ns Aq Ar netif 1986.Pq Vt str 1987For the ATM network interface 1988.Ar netif , 1989this variable defines the ATM address for a host which is to provide ATMARP 1990service. 1991This variable is only applicable to interfaces using a UNI signalling manager. 1992If set to 1993.Dq Li local , 1994this host will become an ATMARP server. 1995The value will be passed as the parameters of an 1996.Dq Nm atm Cm "set arpserver" Ar netif 1997command. 1998.It Va atm_scsparp_ Ns Aq Ar netif 1999.Pq Vt bool 2000If set to 2001.Dq Li YES , 2002SCSP/ATMARP service for the network interface 2003.Ar netif 2004will be initiated using the 2005.Xr scspd 8 2006and 2007.Xr atmarpd 8 2008daemons. 2009This variable is only applicable if 2010.Va atm_arpserver_ Ns Aq Ar netif 2011is set to 2012.Dq Li local . 2013.It Va atm_arps 2014.Pq Vt str 2015Set to the list of permanent ATM ARP entries to be added at system boot time. 2016For each whitespace separated 2017.Ar element 2018in the value, an 2019.Va atm_arp_ Ns Aq Ar element 2020variable is assumed to exist. 2021The value of each of these variables will be passed as the parameters of an 2022.Dq Nm atm Cm "add arp" 2023command. 2024.It Va keybell 2025.Pq Vt str 2026The keyboard bell sound. 2027Set to 2028.Dq Li normal , 2029.Dq Li visual , 2030.Dq Li off , 2031or 2032.Dq Li NO 2033if the default behavior is desired. 2034For details, refer to the 2035.Xr kbdcontrol 1 2036manpage. 2037.It Va keymap 2038.Pq Vt str 2039If set to 2040.Dq Li NO , 2041no keymap is installed, otherwise the value is used to install 2042the keymap file in 2043.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2044.It Va keyrate 2045.Pq Vt str 2046The keyboard repeat speed. 2047Set to 2048.Dq Li slow , 2049.Dq Li normal , 2050.Dq Li fast , 2051or 2052.Dq Li NO 2053if the default behavior is desired. 2054.It Va keychange 2055.Pq Vt str 2056If not set to 2057.Dq Li NO , 2058attempt to program the function keys with the value. 2059The value should be a single string of the form: 2060.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2061.It Va cursor 2062.Pq Vt str 2063Can be set to the value of 2064.Dq Li normal , 2065.Dq Li blink , 2066.Dq Li destructive , 2067or 2068.Dq Li NO 2069to set the cursor behavior explicitly or choose the default behavior. 2070.It Va scrnmap 2071.Pq Vt str 2072If set to 2073.Dq Li NO , 2074no screen map is installed, otherwise the value is used to install 2075the screen map file in 2076.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2077.It Va font8x16 2078.Pq Vt str 2079If set to 2080.Dq Li NO , 2081the default 8x16 font value is used for screen size requests, otherwise 2082the value in 2083.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2084is used. 2085.It Va font8x14 2086.Pq Vt str 2087If set to 2088.Dq Li NO , 2089the default 8x14 font value is used for screen size requests, otherwise 2090the value in 2091.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2092is used. 2093.It Va font8x8 2094.Pq Vt str 2095If set to 2096.Dq Li NO , 2097the default 8x8 font value is used for screen size requests, otherwise 2098the value in 2099.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2100is used. 2101.It Va blanktime 2102.Pq Vt int 2103If set to 2104.Dq Li NO , 2105the default screen blanking interval is used, otherwise it is set to 2106.Ar value 2107seconds. 2108.It Va saver 2109.Pq Vt str 2110If not set to 2111.Dq Li NO , 2112this is the actual screen saver to use 2113.Li ( blank , snake , daemon , 2114etc). 2115.It Va moused_enable 2116.Pq Vt str 2117If set to 2118.Dq Li YES , 2119the 2120.Xr moused 8 2121daemon is started for doing cut/paste selection on the console. 2122.It Va moused_type 2123.Pq Vt str 2124This is the protocol type of the mouse connected to this host. 2125This variable must be set if 2126.Va moused_enable 2127is set to 2128.Dq Li YES . 2129The 2130.Xr moused 8 2131daemon 2132is able to detect the appropriate mouse type automatically in many cases. 2133Set this variable to 2134.Dq Li auto 2135to let the daemon detect it, or 2136select one from the following list if the automatic detection fails. 2137.Pp 2138If the mouse is attached to the PS/2 mouse port, choose 2139.Dq Li auto 2140or 2141.Dq Li ps/2 , 2142regardless of the brand and model of the mouse. 2143Likewise, if the mouse is attached to the bus mouse port, choose 2144.Dq Li auto 2145or 2146.Dq Li busmouse . 2147All other protocols are for serial mice and will not work with 2148the PS/2 and bus mice. 2149If this is a USB mouse, 2150.Dq Li auto 2151is the only protocol type which will work. 2152.Pp 2153.Bl -tag -width ".Li x10mouseremote" -compact 2154.It Li microsoft 2155Microsoft mouse (serial) 2156.It Li intellimouse 2157Microsoft IntelliMouse (serial) 2158.It Li mousesystems 2159Mouse systems Corp. mouse (serial) 2160.It Li mmseries 2161MM Series mouse (serial) 2162.It Li logitech 2163Logitech mouse (serial) 2164.It Li busmouse 2165A bus mouse 2166.It Li mouseman 2167Logitech MouseMan and TrackMan (serial) 2168.It Li glidepoint 2169ALPS GlidePoint (serial) 2170.It Li thinkingmouse 2171Kensington ThinkingMouse (serial) 2172.It Li ps/2 2173PS/2 mouse 2174.It Li mmhittab 2175MM HitTablet (serial) 2176.It Li x10mouseremote 2177X10 MouseRemote (serial) 2178.It Li versapad 2179Interlink VersaPad (serial) 2180.El 2181.Pp 2182Even if the mouse is not in the above list, it may be compatible 2183with one in the list. 2184Refer to the man page for 2185.Xr moused 8 2186for compatibility information. 2187.Pp 2188It should also be noted that while this is enabled, any 2189other client of the mouse (such as an X server) should access 2190the mouse through the virtual mouse device, 2191.Pa /dev/sysmouse , 2192and configure it as a 2193.Dq Li sysmouse 2194type mouse, since all 2195mouse data is converted to this single canonical format when using 2196.Xr moused 8 . 2197If the client program does not support the 2198.Dq Li sysmouse 2199type, specify the 2200.Dq Li mousesystems 2201type. 2202It is the second preferred type. 2203.It Va moused_port 2204.Pq Vt str 2205If 2206.Va moused_enable 2207is set to 2208.Dq Li YES , 2209this is the actual port the mouse is on. 2210It might be 2211.Pa /dev/cuaa0 2212for a COM1 serial mouse, 2213.Pa /dev/psm0 2214for a PS/2 mouse or 2215.Pa /dev/mse0 2216for a bus mouse, for example. 2217.It Va moused_flags 2218.Pq Vt str 2219If 2220.Va moused_type 2221is set, these are the additional flags to pass to the 2222.Xr moused 8 2223daemon. 2224.It Va mousechar_start 2225.Pq Vt int 2226If set to 2227.Dq Li NO , 2228the default mouse cursor character range 2229.Li 0xd0 Ns - Ns Li 0xd3 2230is used, otherwise the range start is set to 2231.Ar value 2232character, see 2233.Xr vidcontrol 1 . 2234Use if the default range is occupied in the language code table. 2235.It Va vidhistory 2236.Pq Vt int 2237Set the size of the history (scrollback) buffer in lines. 2238.It Va allscreens_flags 2239.Pq Vt str 2240If set, 2241.Xr vidcontrol 1 2242is run with these options for each of the virtual terminals 2243.Pq Pa /dev/ttyv* . 2244For example, 2245.Dq Fl m Cm on 2246will enable the mouse pointer on all virtual terminals if 2247.Va moused_enable 2248is set to 2249.Dq Li YES . 2250.It Va allscreens_kbdflags 2251.Pq Vt str 2252If set, 2253.Xr kbdcontrol 1 2254is run with these options for each of the virtual terminals 2255.Pq Pa /dev/ttyv* . 2256For example, 2257.Dq Fl h Li 200 2258will set the 2259.Xr syscons 4 2260scrollback (history) buffer to 200 lines. 2261.It Va cron_enable 2262.Pq Vt bool 2263If set to 2264.Dq Li YES , 2265run the 2266.Xr cron 8 2267daemon at system boot time. 2268.It Va cron_program 2269.Pq Vt str 2270Path to 2271.Xr cron 8 2272(default 2273.Pa /usr/sbin/cron ) . 2274.It Va cron_flags 2275.Pq Vt str 2276If 2277.Va cron_enable 2278is set to 2279.Dq Li YES , 2280these are the flags to pass to 2281.Xr cron 8 . 2282.It Va lpd_program 2283.Pq Vt str 2284Path to 2285.Xr lpd 8 2286(default 2287.Pa /usr/sbin/lpd ) . 2288.It Va lpd_enable 2289.Pq Vt bool 2290If set to 2291.Dq Li YES , 2292run the 2293.Xr lpd 8 2294daemon at system boot time. 2295.It Va lpd_flags 2296.Pq Vt str 2297If 2298.Va lpd_enable 2299is set to 2300.Dq Li YES , 2301these are the flags to pass to the 2302.Xr lpd 8 2303daemon. 2304.It Va nscd_enable 2305.Pq Vt bool 2306If set to 2307.Dq Li YES , 2308run the 2309.Xr nscd 8 2310daemon at system boot time. 2311.It Va mixer_enable 2312.Pq Vt bool 2313If set to 2314.Dq Li YES , 2315preserve 2316.Xr mixer 8 2317settings across reboots. 2318.It Va mta_start_script 2319.Pq Vt str 2320The full path to the script to run to start 2321a mail transfer agent. 2322The default is 2323.Pa /etc/rc.sendmail . 2324The 2325.Va sendmail_* 2326variables which 2327.Pa /etc/rc.sendmail 2328uses are documented in the 2329.Xr rc.sendmail 8 2330man page. 2331.It Va fixbootfile 2332.Pq Vt bool 2333In a 2334.Sq HAMMER ROOT with UFS /boot 2335setup, the boot loader will not set up the 2336.Va kern.bootfile 2337sysctl correctly. 2338The system will attempt to fix this on its own. 2339Set this variable to 2340.Dq Li NO 2341to turn this behavior off. 2342.It Va dumpdev 2343.Pq Vt str 2344Indicates the device (usually a swap partition) to which a crash dump 2345should be written in the event of a system crash. 2346The value of this variable is passed as the argument to 2347.Xr dumpon 8 . 2348To disable crash dumps, set this variable to 2349.Dq Li NO . 2350.It Va dumpdir 2351.Pq Vt str 2352When the system reboots after a crash and a crash dump is found on the 2353device specified by the 2354.Va dumpdev 2355variable, 2356.Xr savecore 8 2357will save that crash dump and a copy of the kernel to the directory 2358specified by the 2359.Va dumpdir 2360variable. 2361The default value is 2362.Pa /var/crash . 2363Set to 2364.Dq Li NO 2365to not run 2366.Xr savecore 8 2367at boot time when 2368.Va dumpdir 2369is set. 2370.It Va savecore_flags 2371.Pq Vt str 2372If crash dumps are enabled, these are the flags to pass to the 2373.Xr savecore 8 2374utility. 2375.It Va enable_quotas 2376.Pq Vt bool 2377Set to 2378.Dq Li YES 2379to turn on user disk quotas on system startup via the 2380.Xr quotaon 8 2381command. 2382.It Va check_quotas 2383.Pq Vt bool 2384Set to 2385.Dq Li YES 2386to enable user disk quota checking via the 2387.Xr quotacheck 8 2388command. 2389.It Va accounting_enable 2390.Pq Vt bool 2391Set to 2392.Dq Li YES 2393to enable system accounting through the 2394.Xr accton 8 2395facility. 2396.It Va linux_enable 2397.Pq Vt bool 2398Set to 2399.Dq Li YES 2400to enable Linux/ELF binary emulation at system initial boot time. 2401.It Va sysvipc_enable 2402.Pq Vt bool 2403If set to 2404.Dq Li YES , 2405load System V IPC primitives at boot time. 2406.\" ----- cleanvar_enable setting-------------------------------- 2407.It Va cleanvar_enable 2408.Pq Vt bool 2409Set to 2410.Dq Li YES 2411to have 2412.Pa /var/run , 2413.Pa /var/spool/lock 2414and 2415.Pa /var/spool/uucp/.Temp/* 2416cleaned at startup. 2417.\" ----- clear_tmp_enable setting------------------------------- 2418.It Va clear_tmp_enable 2419.Pq Vt bool 2420Set to 2421.Dq Li YES 2422to have 2423.Pa /tmp 2424cleaned at startup. 2425.\" ----- ldconfig_paths setting -------------------------------- 2426.It Va ldconfig_paths 2427.Pq Vt str 2428Set to the list of shared library paths to use with 2429.Xr ldconfig 8 . 2430NOTE: 2431.Pa /usr/lib 2432will always be added first, so it need not appear in this list. 2433.It Va ldconfig_insecure 2434.Pq Vt bool 2435The 2436.Xr ldconfig 8 2437utility normally refuses to use directories 2438which are writable by anyone except root. 2439Set this variable to 2440.Dq Li YES 2441to disable that security check during system startup. 2442.It Va kern_securelevel 2443.Pq Vt int 2444The kernel security level to set at startup. 2445The allowed range of 2446.Ar value 2447ranges from \-1 (the compile time default) to 3 (the most secure). 2448See 2449.Xr init 8 2450for the list of possible security levels and their effect on system operation. 2451.It Va start_vinum 2452.Pq Vt bool 2453Set to 2454.Dq Li YES 2455to start 2456.Xr vinum 8 2457at system boot time. 2458.It Va sshd_enable 2459.Pq Vt bool 2460Set to 2461.Dq Li YES 2462to start 2463.Xr sshd 8 2464at system boot time. 2465.It Va sshd_program 2466.Pq Vt str 2467Path to the SSH server program 2468(default 2469.Pa /usr/sbin/sshd ) . 2470.It Va sshd_flags 2471.Pq Vt str 2472If 2473.Va sshd_enable 2474is set to 2475.Dq Li YES , 2476these are the flags to pass to the 2477.Xr sshd 8 2478daemon. 2479.It Va ftpd_enable 2480.Pq Vt bool 2481Set to 2482.Dq Li YES 2483to start 2484.Xr ftpd 8 2485at system boot time. 2486.It Va ftpd_flags 2487.Pq Vt str 2488If 2489.Va ftpd_enable 2490is set to 2491.Dq Li YES , 2492these are the flags to pass to the 2493.Xr ftpd 8 2494daemon. 2495.It Va usbd_enable 2496.Pq Vt bool 2497If set to 2498.Dq Li YES , 2499run the 2500.Xr usbd 8 2501daemon at boot time. 2502.It Va usbd_flags 2503.Pq Vt str 2504If 2505.Va usbd_enable 2506is set to 2507.Dq Li YES , 2508these are the flags passed to 2509.Xr usbd 8 2510daemon. 2511.It Va watchdogd_enable 2512.Pq Vt bool 2513If set to 2514.Dq Li YES , 2515start the 2516.Xr watchdogd 8 2517daemon at boot time. 2518This requires that the kernel have been compiled with 2519.Cd "options WATCHDOG" . 2520.It Va jail_enable 2521.Pq Vt bool 2522If set to 2523.Dq Li NO , 2524any configured jails will not be started. 2525.It Va jail_list 2526.Pq Vt str 2527A space separated list of names for jails. 2528This is purely a configuration aid to help identify and 2529configure multiple jails. 2530The names specified in this list will be used to 2531identify settings common to an instance of a jail. 2532Assuming that the jail in question was named 2533.Li vjail , 2534you would have the following dependent variables: 2535.Bd -literal 2536jail_vjail_hostname="jail.example.com" 2537jail_vjail_ip="192.168.1.100" 2538jail_vjail_rootdir="/var/jails/vjail/root" 2539.Ed 2540.Pp 2541.It Va jail_flags 2542.Pq Vt str 2543Unset by default. 2544When set, use as default value for 2545.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2546for every jail in 2547.Va jail_list . 2548.It Va jail_interface 2549.Pq Vt str 2550Unset by default. 2551When set, use as default value for 2552.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2553for every jail in 2554.Va jail_list . 2555.It Va jail_fstab 2556.Pq Vt str 2557Unset by default. 2558When set, use as default value for 2559.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2560for every jail in 2561.Va jail_list . 2562.It Va jail_mount_enable 2563.Pq Vt bool 2564Set to 2565.Dq Li NO 2566by default. 2567When set to 2568.Dq Li YES , 2569sets 2570.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2571to 2572.Dq Li YES 2573by default for every jail in 2574.Va jail_list . 2575.It Va jail_fdesc_enable 2576.Pq Vt bool 2577Set to 2578.Dq Li NO 2579by default. 2580When set to 2581.Dq Li YES , 2582sets 2583.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2584to 2585.Dq Li YES 2586by default for every jail in 2587.Va jail_list . 2588.It Va jail_procfs_enable 2589.Pq Vt bool 2590Set to 2591.Dq Li NO 2592by default. 2593When set to 2594.Dq Li YES , 2595sets 2596.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2597to 2598.Dq Li YES 2599by default for every jail in 2600.Va jail_list . 2601.It Va jail_exec_start 2602.Pq Vt str 2603Unset by default. 2604When set, use as default value for 2605.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2606for every jail in 2607.Va jail_list . 2608.It Va jail_exec_stop 2609Unset by default. 2610When set, use as default value for 2611.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2612for every jail in 2613.Va jail_list . 2614.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2615.Pq Vt str 2616Unset by default. 2617Set to the root directory used by jail 2618.Va jname . 2619.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2620.Pq Vt str 2621Unset by default. 2622Set to the fully qualified domain name (FQDN) assigned to jail 2623.Va jname . 2624.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2625.Pq Vt str 2626Unset by default. 2627Set to the IP address assigned to jail 2628.Va jname . 2629.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2630.Pq Vt str 2631Set to 2632.Dq Li -l -U root 2633by default. 2634These are flags to pass to 2635.Xr jail 8 . 2636.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2637.Pq Vt str 2638Unset by default. 2639When set, sets the interface to use when setting IP address alias. 2640Note that the alias is created at jail startup and removed at jail shutdown. 2641.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2642.Pq Vt str 2643Set to 2644.Pa /etc/fstab. Ns Aq Ar jname 2645by default. 2646This is the file system information file to use for jail 2647.Va jname . 2648.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2649.Pq Vt bool 2650Set to 2651.Dq Li NO 2652by default. 2653When set to 2654.Dq Li YES , 2655mount all file systems from 2656.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2657at jail startup. 2658.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2659.Pq Vt bool 2660Set to 2661.Dq Li NO 2662by default. 2663When set to 2664.Dq Li YES , 2665mount the file-descriptor file system inside jail 2666.Ar jname 2667at jail startup. 2668.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2669.Pq Vt bool 2670Set to 2671.Dq Li NO 2672by default. 2673When set to 2674.Dq Li YES , 2675mount the process file system inside jail 2676.Ar jname 2677at jail startup. 2678.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2679.Pq Vt str 2680Set to 2681.Dq Li /bin/sh /etc/rc 2682by default. 2683This is the command executed at jail startup. 2684.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2685.Pq Vt str 2686Set to 2687.Dq Li /bin/sh /etc/rc.shutdown 2688by default. 2689This is the command executed at jail shutdown. 2690.It Va jail_set_hostname_allow 2691.Pq Vt bool 2692If set to 2693.Dq Li NO , 2694do not allow the root user in a jail to set its hostname. 2695.It Va jail_socket_unixiproute_only 2696.Pq Vt bool 2697If set to 2698.Dq Li YES , 2699do not allow any sockets, 2700besides UNIX/IP/route sockets, 2701to be used within a jail. 2702.It Va jail_sysvipc_allow 2703.Pq Vt bool 2704If set to 2705.Dq Li YES , 2706allow applications within a jail to use System V IPC. 2707.It Va newsyslog_enable 2708.Pq Vt bool 2709If set to 2710.Dq Li YES , 2711run 2712.Xr newsyslog 8 2713before syslogd starts. 2714.It Va newsyslog_flags 2715.Pq Vt str 2716If 2717.Va newsyslog_enable 2718is set to 2719.Dq Li YES , 2720these are the flags passed to 2721.Xr newsyslog 8 . 2722.It Va resident_enable 2723.Pq Vt bool 2724If set to 2725.Dq Li YES , 2726make the dynamic binaries listed in 2727.Pa /etc/resident.conf 2728resident. 2729.It Va varsym_enable 2730.Pq Vt bool 2731If set to 2732.Dq Li YES , 2733process 2734.Pa /etc/varsym.conf 2735to set system-wide variables for variant symlinks. 2736.It Va rand_irqs 2737.Pq Vt str 2738Set either to 2739.Dq Li NO 2740or a whitespace separated list of IRQ numbers which will be used as a source of 2741randomness. 2742.\" ----- isdn settings --------------------------------- 2743.It Va isdn_enable 2744.Pq Vt bool 2745Set to 2746.Dq Li NO 2747by default. 2748When set to 2749.Dq Li YES , 2750starts the 2751.Xr isdnd 8 2752daemon at system boot time. 2753.It Va isdn_flags 2754.Pq Vt str 2755Set to 2756.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2757by default. 2758Additional flags to pass to 2759.Xr isdnd 8 2760(but see 2761.Va isdn_fsdev 2762and 2763.Va isdn_ttype 2764for certain tunable parameters). 2765.It Va isdn_ttype 2766.Pq Vt str 2767Set to 2768.Dq Li cons25 2769by default. 2770The terminal type of the output device when 2771.Xr isdnd 8 2772operates in full-screen mode. 2773.It Va isdn_screenflags 2774.Pq Vt str 2775Set to 2776.Dq Li NO 2777by default. 2778The video mode for full-screen mode (only for 2779.Xr syscons 4 2780console driver, see 2781.Xr vidcontrol 1 2782for valid modes). 2783.It Va isdn_fsdev 2784.Pq Vt str 2785Set to 2786.Dq Li NO 2787by default. 2788The output device for 2789.Xr isdnd 8 2790in full-screen mode (or 2791.Dq Li NO 2792for daemon mode). 2793.It Va isdn_trace 2794.Pq Vt bool 2795Set to 2796.Dq Li NO 2797by default. 2798When set to 2799.Dq Li YES , 2800enables the ISDN protocol trace utility 2801.Xr isdntrace 8 2802at system boot time. 2803.It Va isdn_traceflags 2804.Pq Vt str 2805Set to 2806.Dq Fl f Pa /var/tmp/isdntrace0 2807by default. 2808Flags for 2809.Xr isdntrace 8 . 2810.\" ----------------------------------------------------- 2811.It Va entropy_dir 2812.Pq Vt str 2813Set to 2814.Dq Li NO 2815to disable caching entropy via 2816.Xr cron 8 . 2817Otherwise set to the directory used to store entropy files in. 2818.It Va entropy_file 2819.Pq Vt str 2820Set to 2821.Dq Li NO 2822to disable caching entropy through reboots. 2823Otherwise set to the filename used to store cached entropy through reboots. 2824This file should be located on the root file system to seed the 2825.Xr random 4 2826device as early as possible in the boot process. 2827.It Va ipsec_enable 2828.Pq Vt bool 2829Set to 2830.Dq Li YES 2831to run 2832.Xr setkey 8 2833on 2834.Va ipsec_file 2835at boot time. 2836.It Va ipsec_file 2837.Pq Vt str 2838Configuration file for 2839.Xr setkey 8 . 2840.It Va dmesg_enable 2841.Pq Vt bool 2842Set to 2843.Dq Li YES 2844to save 2845.Xr dmesg 8 2846to 2847.Pa /var/run/dmesg.boot 2848on boot. 2849.It Va rcshutdown_timeout 2850.Pq Vt int 2851If set, start a watchdog timer in the background which will terminate 2852.Pa rc.shutdown 2853if 2854.Xr shutdown 8 2855has not completed within the specified time (in seconds). 2856.El 2857.Sh FILES 2858.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2859.It Pa /etc/defaults/rc.conf 2860.It Pa /etc/rc.conf 2861.It Pa /etc/rc.conf.local 2862.It Pa /etc/start_if. Ns Aq Ar interface 2863.El 2864.Sh SEE ALSO 2865.Xr catman 1 , 2866.Xr gdb 1 , 2867.Xr info 1 , 2868.Xr kbdcontrol 1 , 2869.Xr varsym 1 , 2870.Xr vidcontrol 1 , 2871.Xr ip 4 , 2872.Xr ipf 4 , 2873.Xr ipfw 4 , 2874.Xr kld 4 , 2875.Xr pf 4 , 2876.Xr tcp 4 , 2877.Xr udp 4 , 2878.Xr exports 5 , 2879.Xr motd 5 , 2880.Xr resident.conf 5 , 2881.Xr varsym.conf 5 , 2882.Xr accton 8 , 2883.Xr amd 8 , 2884.Xr apm 8 , 2885.Xr atm 8 , 2886.Xr btconfig 8 , 2887.Xr bthcid 8 , 2888.Xr cron 8 , 2889.Xr devd 8 , 2890.Xr dhclient 8 , 2891.Xr dntpd 8 , 2892.Xr ftpd 8 , 2893.Xr ifconfig 8 , 2894.Xr inetd 8 , 2895.Xr isdnd 8 , 2896.Xr isdntrace 8 , 2897.Xr jail 8 , 2898.Xr lpd 8 , 2899.Xr makewhatis 8 , 2900.Xr mdconfig 8 , 2901.Xr mixer 8 , 2902.Xr mountd 8 , 2903.Xr moused 8 , 2904.Xr mrouted 8 , 2905.Xr named 8 , 2906.Xr nfsd 8 , 2907.Xr pcnfsd 8 , 2908.Xr pfctl 8 , 2909.Xr pflogd 8 , 2910.Xr quotacheck 8 , 2911.Xr quotaon 8 , 2912.Xr rc 8 , 2913.Xr rc.sendmail 8 , 2914.Xr resident 8 , 2915.Xr rndcontrol 8 , 2916.Xr route 8 , 2917.Xr routed 8 , 2918.Xr rpcbind 8 , 2919.Xr rpc.lockd 8 , 2920.Xr rpc.statd 8 , 2921.Xr rtadvd 8 , 2922.Xr rtsold 8 , 2923.Xr rwhod 8 , 2924.Xr savecore 8 , 2925.Xr sdpd 8 , 2926.Xr sensorsd 8 , 2927.Xr sshd 8 , 2928.Xr swapon 8 , 2929.Xr sysctl 8 , 2930.Xr syslogd 8 , 2931.Xr timed 8 , 2932.Xr usbd 8 , 2933.Xr vinum 8 , 2934.Xr yp 8 , 2935.Xr ypbind 8 , 2936.Xr ypserv 8 , 2937.Xr ypset 8 2938.Sh HISTORY 2939The 2940.Nm 2941file appeared in 2942.Fx 2.2.2 . 2943.Sh AUTHORS 2944.An Jordan K. Hubbard . 2945