1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" 27.Dd June 29, 2010 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65See the 66.Va rc_conf_files 67variable below. 68.Pp 69The following list provides a name and short description for each 70variable that can be set in the 71.Nm 72file. 73To set a variable of 74.Vt bool 75type, specify either 76.Dq Li YES , 77.Dq Li TRUE , 78.Dq Li ON , 79or 80.Dq Li 1 . 81To unset, specify 82.Dq Li NO , 83.Dq Li FALSE , 84.Dq Li OFF , 85or 86.Dq Li 0 . 87These values are case insensitive. 88The 89.Va _enable 90postfix in the name of a variable for starting a service can be 91omitted (as in 92.Nx ) . 93.Bl -tag -width indent-two 94.It Va rc_debug 95.Pq Vt bool 96If set to 97.Dq Li YES , 98enable output of debug messages from rc scripts. 99This variable can be helpful in diagnosing mistakes when 100editing or integrating new scripts. 101Beware that this produces copious output to the terminal and 102.Xr syslog 3 . 103.It Va rc_info 104.Pq Vt bool 105If set to 106.Dq Li NO , 107disable informational messages from the rc scripts. 108Informational messages are displayed when 109a condition that is not serious enough to warrant a warning or an error occurs. 110.It Va swapfile 111.Pq Vt str 112If set to 113.Dq Li NO , 114no swapfile is installed, otherwise the value is used as the full 115pathname to a file to use for additional swap space. 116.It Va apm_enable 117.Pq Vt bool 118If set to 119.Dq Li YES , 120enable support for Automatic Power Management with the 121.Xr apm 8 122command. 123.It Va apmd_enable 124.Pq Vt bool 125Run 126.Xr apmd 8 127to handle APM event from userland. 128This also enables support for APM. 129.It Va apmd_flags 130.Pq Vt str 131If 132.Va apmd_enable 133is set to 134.Dq Li YES , 135these are the flags to pass to the 136.Xr apmd 8 137daemon. 138.It Va battd_enable 139Enable 140.Xr battd 8 141to monitor the status of batteries present in the system. 142This also enables support for APM. 143.It Va battd_flags 144.Pq Vt str 145If 146.Va battd_enable 147is set to 148.Dq Li YES , 149these are the flags to pass to the 150.Xr battd 8 151daemon. 152.It Va devd_enable 153.Pq Vt bool 154Run 155.Xr devd 8 156to handle device added, removed or unknown events from the kernel. 157.It Va devd_flags 158.Pq Vt str 159If 160.Va devd_enable 161is set to 162.Dq Li YES , 163these are the flags to pass to the 164.Xr devd 8 165daemon. 166.It Va powerd_enable 167.Pq Vt bool 168Set to 169.Dq Li NO 170by default. 171Setting this to 172.Dq Li YES 173enables 174.Xr powerd 8 , 175a CPU speed control daemon. 176.It Va sensorsd_enable 177.Pq Vt bool 178Set to 179.Dq Li NO 180by default. 181Setting this to 182.Dq Li YES 183enables 184.Xr sensorsd 8 , 185a sensors monitoring and logging daemon. 186.It Va sensorsd_flags 187.Pq Vt str 188Empty by default. 189Additional flags passed to the 190.Xr sensorsd 8 191program. 192.It Va hotplugd_enable 193.Pq Vt bool 194Set to 195.Dq Li NO 196by default. 197Setting this to 198.Dq Li YES 199enables 200.Xr hotplugd 8 , 201a devices hot plugging monitoring daemon. 202.It Va hotplugd_flags 203.Pq Vt str 204Empty by default. 205Additional flags passed to the 206.Xr hotplugd 8 207program. 208.It Va pccard_ifconfig 209.Pq Vt str 210List of arguments to be passed to 211.Xr ifconfig 8 212at boot time or on insertion of the card (e.g.\& 213.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 214for a fixed address or 215.Dq Li DHCP 216for a DHCP client). 217.It Va pccard_ether_delay 218.Pq Vt str 219Set the delay before starting 220.Xr dhclient 8 221in the 222.Pa /etc/pccard_ether 223script. 224This defaults to 5 seconds to work around a bug in the 225.Xr ed 4 226driver which can lead to system hangs when using some newer 227.Xr ed 4 228based cards. 229.It Va removable_interfaces 230.Pq Vt str 231List of removable network interfaces to be supported by 232.Pa /etc/pccard_ether . 233.It Va local_startup 234.Pq Vt str 235List of directories to search for startup script files. 236.It Va script_name_sep 237.Pq Vt str 238The field separator to use for breaking down the list of startup script files 239into individual filenames. 240The default is a space. 241It is not necessary to change this unless there are startup scripts with names 242containing spaces. 243.It Va hostapd_enable 244.Pq Vt bool 245Set to 246.Dq Li YES 247to start 248.Xr hostapd 8 249at system boot time. 250.It Va hostname 251.Pq Vt str 252The fully qualified domain name (FQDN) of this host on the network. 253This should almost certainly be set to something meaningful, even if 254there is no network connection. 255If 256.Xr dhclient 8 257is used to set the hostname via DHCP, 258this variable should be set to an empty string. 259.It Va ipv6_enable 260.Pq Vt bool 261Enable support for IPv6 networking. 262Note that this requires that the kernel have been compiled with 263.Cd "options INET6" . 264.It Va nisdomainname 265.Pq Vt str 266The NIS domain name of this host, or 267.Dq Li NO 268if NIS is not used. 269.It Va dhclient_program 270.Pq Vt str 271Path to the DHCP client program 272(default 273.Pa /sbin/dhclient ) . 274.It Va dhclient_flags 275.Pq Vt str 276Additional flags to pass to the DHCP client program. 277.It Va pf_enable 278.Pq Vt bool 279Set to 280.Dq Li YES 281to load 282.Xr pf 4 283at startup. 284If the kernel was not built with 285.Cd "device pf" , 286the 287.Pa pf.ko 288kernel module will be loaded. 289See also 290.Va firewall_enable 291and 292.Va ipfilter_enable . 293.It Va pf_rules 294.Pq Vt str 295Path to the 296.Xr pf 4 297ruleset definition file. 298.It Va pf_program 299.Pq Vt str 300Path to 301.Xr pfctl 8 . 302.It Va pf_flags 303.Pq Vt str 304If 305.Va pf_enable 306is set to 307.Dq Li YES , 308these are the flags to pass to 309.Xr pfctl 8 310when loading the ruleset. 311.It Va pflog_enable 312.Pq Vt bool 313Set this to 314.Dq Li YES 315to enable 316.Xr pflogd 8 317which logs packets from 318.Xr pf 4 . 319.It Va pflog_logfile 320.Pq Vt str 321If 322.Va pflog_enable 323is set to 324.Dq Li YES 325this specifies the path of the log file. 326.It Va pflog_program 327.Pq Vt str 328Path to 329.Xr pflogd 8 . 330.It Va pflog_flags 331.Pq Vt str 332If 333.Va pflog_enable 334is set to 335.Dq Li YES , 336these are the flags to pass to 337.Xr pflogd 8 . 338.It Va firewall_enable 339.Pq Vt bool 340Set to 341.Dq Li YES 342to load firewall rules at startup. 343If the kernel was not built with 344.Cd "options IPFIREWALL" , 345the 346.Pa ipfw.ko 347kernel module will be loaded. 348See also 349.Va pf_enable 350and 351.Va ipfilter_enable . 352.It Va ipv6_firewall_enable 353.Pq Vt bool 354The IPv6 equivalent of 355.Va firewall_enable . 356Set to 357.Dq Li YES 358to load IPv6 firewall rules at startup. 359If the kernel was not built with 360.Cd "options IPV6FIREWALL" , 361the 362.Pa ip6fw.ko 363kernel module will be loaded. 364.It Va firewall_script 365.Pq Vt str 366The full path to the firewall script to run 367(default 368.Pa /etc/rc.firewall ) . 369.It Va ipv6_firewall_script 370.Pq Vt str 371The IPv6 equivalent of 372.Va firewall_script . 373.It Va firewall_type 374.Pq Vt str 375Names the firewall type from the selection in 376.Pa /etc/rc.firewall , 377or the file which contains the local firewall ruleset. 378Valid selections from 379.Pa /etc/rc.firewall 380are: 381.Pp 382.Bl -tag -width ".Li simple" -compact 383.It Li open 384unrestricted IP access 385.It Li closed 386all IP services disabled, except via 387.Dq Li lo0 388.It Li client 389basic protection for a workstation on a LAN 390.It Li simple 391alias for 392.Li client . 393.El 394.Pp 395If a filename is specified, the full path must be given. 396.It Va firewall_trusted_nets 397.Pq Vt str 398List of trusted networks (if 399.Va firewall_type 400is set to 401.Li client ) . 402.It Va firewall_trusted_interfaces 403.Pq Vt str 404List of trusted network interfaces (if 405.Va firewall_type 406is set to 407.Li client ) . 408.It Va firewall_allowed_icmp_types 409.Pq Vt str 410List of allowed ICMP types (if 411.Va firewall_type 412is set to 413.Li client ) . 414.It Va firewall_open_tcp_ports 415.Pq Vt str 416List of TCP ports to open (if 417.Va firewall_type 418is set to 419.Li client ) . 420.It Va firewall_open_udp_ports 421.Pq Vt str 422List of UDP ports to open (if 423.Va firewall_type 424is set to 425.Li client ) . 426.It Va ipv6_firewall_type 427.Pq Vt str 428The IPv6 equivalent of 429.Va firewall_type . 430.It Va firewall_quiet 431.Pq Vt bool 432Set to 433.Dq Li YES 434to disable the display of firewall rules on the console during boot. 435.It Va ipv6_firewall_quiet 436.Pq Vt bool 437The IPv6 equivalent of 438.Va firewall_quiet . 439.It Va firewall_logging 440.Pq Vt bool 441Set to 442.Dq Li YES 443to enable firewall event logging. 444This is equivalent to the 445.Dv IPFIREWALL_VERBOSE 446kernel option. 447.It Va ipv6_firewall_logging 448.Pq Vt bool 449The IPv6 equivalent of 450.Va firewall_logging . 451.It Va firewall_flags 452.Pq Vt str 453Flags passed to 454.Xr ipfw 8 455if 456.Va firewall_type 457specifies a filename. 458.It Va ipv6_firewall_flags 459.Pq Vt str 460The IPv6 equivalent of 461.Va firewall_flags . 462.It Va natd_program 463.Pq Vt str 464Path to 465.Xr natd 8 . 466.It Va natd_enable 467.Pq Vt bool 468Set to 469.Dq Li YES 470to enable 471.Xr natd 8 . 472.Va firewall_enable 473must also be set to 474.Dq Li YES , 475and 476.Xr divert 4 477sockets must be enabled in the kernel. 478.It Va natd_interface 479.Pq Vt str 480This is the name of the public interface on which 481.Xr natd 8 482should run. 483The interface may be given as an interface name or as an IP address. 484.It Va natd_flags 485.Pq Vt str 486Additional 487.Xr natd 8 488flags should be placed here. 489The 490.Fl n 491or 492.Fl a 493flag is automatically added with the above 494.Va natd_interface 495as an argument. 496.\" ----- ipfilter_enable setting -------------------------------- 497.It Va ipfilter_enable 498.Pq Vt bool 499Set to 500.Dq Li NO 501by default. 502Setting this to 503.Dq Li YES 504enables 505.Xr ipf 8 506packet filtering. 507.Pp 508Typical usage will require putting 509.Bd -literal 510ipfilter_enable="YES" 511ipnat_enable="YES" 512ipmon_enable="YES" 513ipfs_enable="YES" 514.Ed 515.Pp 516into 517.Pa /etc/rc.conf 518and editing 519.Pa /etc/ipf.rules 520and 521.Pa /etc/ipnat.rules 522appropriately. 523.Pp 524Note that 525.Va ipfilter_enable 526and 527.Va ipnat_enable 528can be enabled independently. 529.Va ipmon_enable 530and 531.Va ipfs_enable 532both require at least one of 533.Va ipfilter_enable 534and 535.Va ipnat_enable 536to be enabled. 537.Pp 538Having 539.Bd -literal 540options IPFILTER 541options IPFILTER_LOG 542options IPFILTER_DEFAULT_BLOCK 543.Ed 544.Pp 545in the kernel configuration file is a good idea, too. 546See also 547.Va pf_enable 548and 549.Va firewall_enable . 550.\" ----- ipfilter_program setting ------------------------------ 551.It Va ipfilter_program 552.Pq Vt str 553Path to 554.Xr ipf 8 555(default 556.Pa /sbin/ipf ) . 557.\" ----- ipfilter_rules setting -------------------------------- 558.It Va ipfilter_rules 559.Pq Vt str 560Set to 561.Pa /etc/ipf.rules 562by default. 563The name of the filter rule definition file. 564The file is expected to be readable for the 565.Xr ipf 8 566command to execute. 567.\" ----- ipv6_ipfilter_rules setting --------------------------- 568.It Va ipv6_ipfilter_rules 569.Pq Vt str 570Set to 571.Pa /etc/ipf6.rules 572by default. 573The name of the IPv6 filter rule definition file. 574The file is expected to be readable for the 575.Xr ipf 8 576command to execute. 577.\" ----- ipfilter_flags setting -------------------------------- 578.It Va ipfilter_flags 579.Pq Vt str 580Empty by default. 581Flags passed to the 582.Xr ipf 8 583program. 584.\" ----- ipnat_enable setting ---------------------------------- 585.It Va ipnat_enable 586.Pq Vt bool 587Set to 588.Dq Li NO 589by default. 590Set it to 591.Dq Li YES 592to enable 593.Xr ipnat 8 594network address translation. 595See 596.Va ipfilter_enable 597for a detailed discussion. 598.\" ----- ipnat_program setting --------------------------------- 599.It Va ipnat_program 600.Pq Vt str 601Path to 602.Xr ipnat 8 603(default 604.Pa /sbin/ipnat ) . 605.\" ----- ipnat_rules setting ----------------------------------- 606.It Va ipnat_rules 607.Pq Vt str 608Set to 609.Pa /etc/ipnat.rules 610by default. 611The name of the file 612holding the network address translation definition. 613This file is expected to be readable for the 614.Xr ipnat 8 615command to execute. 616.\" ----- ipnat_flags setting ----------------------------------- 617.It Va ipnat_flags 618.Pq Vt str 619Empty by default. 620Flags passed to the 621.Xr ipnat 8 622program. 623.\" ----- ipmon_enable setting ---------------------------------- 624.It Va ipmon_enable 625.Pq Vt bool 626Set to 627.Dq Li NO 628by default. 629Set it to 630.Dq Li YES 631to enable 632.Xr ipmon 8 633monitoring (logging 634.Xr ipf 8 635and 636.Xr ipnat 8 637events). 638Setting this variable needs setting 639.Va ipfilter_enable 640or 641.Va ipnat_enable 642too. 643See 644.Va ipfilter_enable 645for a detailed discussion. 646.\" ----- ipmon_program setting --------------------------------- 647.It Va ipmon_program 648.Pq Vt str 649Path to 650.Xr ipmon 8 651(default 652.Pa /sbin/ipmon ) . 653.\" ----- ipmon_flags setting ----------------------------------- 654.It Va ipmon_flags 655.Pq Vt str 656Set to 657.Dq Li -Ds 658by default. 659Flags passed to the 660.Xr ipmon 8 661program. 662Another typical example would be 663.Dq Fl D Pa /var/log/ipflog 664to have 665.Xr ipmon 8 666log directly to a file bypassing 667.Xr syslogd 8 . 668Make sure to adjust 669.Pa /etc/newsyslog.conf 670in such case like this: 671.Bd -literal 672/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 673.Ed 674.\" ----- ipfs_enable setting ----------------------------------- 675.It Va ipfs_enable 676.Pq Vt bool 677Set to 678.Dq Li NO 679by default. 680Set it to 681.Dq Li YES 682to enable 683.Xr ipfs 8 684saving the filter and NAT state tables during shutdown 685and reloading them during startup again. 686Setting this variable needs setting 687.Va ipfilter_enable 688or 689.Va ipnat_enable 690to 691.Dq Li YES 692too. 693See 694.Va ipfilter_enable 695for a detailed discussion. 696Note that if 697.Va kern_securelevel 698is set to 3, 699.Va ipfs_enable 700cannot be used because the raised securelevel will prevent 701.Xr ipfs 8 702from saving the state tables at shutdown time. 703.\" ----- ipfs_program setting ---------------------------------- 704.It Va ipfs_program 705.Pq Vt str 706Path to 707.Xr ipfs 8 708(default 709.Pa /sbin/ipfs ) . 710.\" ----- ipfs_flags setting ------------------------------------ 711.It Va ipfs_flags 712.Pq Vt str 713Empty by default. 714Flags passed to the 715.Xr ipfs 8 716program. 717.\" ----- end of added ipf hook --------------------------------- 718.It Va tcp_extensions 719.Pq Vt bool 720Set to 721.Dq Li YES 722by default. 723Setting this to 724.Dq Li NO 725disables certain TCP options as described by 726.Rs 727.%T "RFC 1323" 728.Re 729Setting this to 730.Dq Li NO 731might help remedy such problems with connections as randomly hanging 732or other weird behavior. 733Some network devices are known to be broken with respect to these options. 734.It Va log_in_vain 735.Pq Vt int 736Set to 0 by default. 737The 738.Xr sysctl 8 739variables, 740.Va net.inet.tcp.log_in_vain 741and 742.Va net.inet.udp.log_in_vain , 743as described in 744.Xr tcp 4 745and 746.Xr udp 4 , 747are set to the given value. 748.It Va tcp_keepalive 749.Pq Vt bool 750Set to 751.Dq Li YES 752by default. 753Setting to 754.Dq Li NO 755will disable probing idle TCP connections to verify that the 756peer is still up and reachable. 757.It Va tcp_drop_synfin 758.Pq Vt bool 759Set to 760.Dq Li NO 761by default. 762Setting to 763.Dq Li YES 764will cause the kernel to ignore TCP frames that have both 765the SYN and FIN flags set. 766This prevents OS fingerprinting, but may break some legitimate applications. 767This option is only available if the kernel was built with the 768.Dv TCP_DROP_SYNFIN 769option. 770.It Va icmp_drop_redirect 771.Pq Vt bool 772Set to 773.Dq Li NO 774by default. 775Setting to 776.Dq Li YES 777will cause the kernel to ignore ICMP REDIRECT packets. 778Refer to 779.Xr icmp 4 780for more information. 781.It Va icmp_log_redirect 782.Pq Vt bool 783Set to 784.Dq Li NO 785by default. 786Setting to 787.Dq Li YES 788will cause the kernel to log ICMP REDIRECT packets. 789Note that 790the log messages are not rate-limited, so this option should only be used 791for troubleshooting networks. 792Refer to 793.Xr icmp 4 794for more information. 795.It Va icmp_bmcastecho 796.Pq Vt bool 797Set to 798.Dq Li YES 799to respond to broadcast or multicast ICMP ping packets. 800Refer to 801.Xr icmp 4 802for more information. 803.It Va ip_portrange_first 804.Pq Vt int 805If not set to 806.Dq Li NO , 807this is the first port in the default portrange. 808Refer to 809.Xr ip 4 810for more information. 811.It Va ip_portrange_last 812.Pq Vt int 813If not set to 814.Dq Li NO , 815this is the last port in the default portrange. 816Refer to 817.Xr ip 4 818for more information. 819.\" 820.It Va ifconfig_ Ns Aq Ar interface 821.Pq Vt str 822Configuration for 823.Dq interface . 824Typically includes IP address. 825Assuming that the interface in question was 826.Li ed0 , 827it might look something like this: 828.Bd -literal 829ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 830.Ed 831.Pp 832If the 833.Pa /etc/start_if. Ns Aq Ar interface 834file is present, it is read and executed by the 835.Xr sh 1 836interpreter before configuring the interface as specified in the 837.Va ifconfig_ Ns Aq Ar interface 838and 839.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 840variables. 841.Pp 842It is possible to bring up an interface with DHCP by adding 843.Dq Li DHCP 844to the 845.Va ifconfig_ Ns Aq Ar interface 846variable. 847For instance, to initialize the 848.Li ed0 849device via DHCP, it is possible to use something like: 850.Bd -literal 851ifconfig_ed0="DHCP" 852.Ed 853.Pp 854Also, if your interface needs WPA authentication, it is possible to add 855.Dq Li WPA 856to the 857.Va ifconfig_ Ns Aq Ar interface 858variable. 859This will start 860.Xr wpa_supplicant 8 . 861See 862.Xr wpa_supplicant.conf 5 863for configuring authentication information. 864.Pp 865Finally, you can add 866.Xr ifconfig 8 867options in this variable, in addition to the 868.Pa /etc/start_if. Ns Aq Ar interface 869file. 870For instance, to initialize the 871.Li wi0 872device via DHCP, using WPA authentication and 802.11b mode, it is 873possible to use something like: 874.Bd -literal 875ifconfig_wi0="up DHCP WPA mode 11b" 876.Ed 877.Pp 878.\" 879.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 880.Pq Vt str 881Configuration to establish an additional network address for 882.Dq interface . 883Assuming that the interface in question was 884.Li ed0 , 885it might look something like this: 886.Bd -literal 887ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 888ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 889.Ed 890.Pp 891And so on. 892For each 893.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 894entry that is found, its contents are passed to 895.Xr ifconfig 8 . 896Execution stops at the first unsuccessful access, so if 897something like this is present: 898.Bd -literal 899ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 900ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 901ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 902ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 903.Ed 904.Pp 905Then note that alias4 would 906.Em not 907be added since the search would stop with the missing alias3 entry. 908.Pp 909.\" 910.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 911.Pq Vt str 912New name for 913.Dq interface . 914It is possible to rename interface by doing: 915.Bd -literal 916ifconfig_ed0_name="net0" 917ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 918.Ed 919.It Va network_interfaces 920.Pq Vt str 921The list of network interfaces to configure on this host, 922or 923.Dq Li auto 924to configure all network interfaces 925(default 926.Dq Li auto ) . 927For example, if the only network devices to be configured are the loopback device 928.Pq Li lo0 929and a NIC using the 930.Xr ed 4 931driver, this could be set to 932.Dq Li "lo0 ed0" . 933An 934.Va ifconfig_ Ns Aq Ar interface 935variable is assumed to exist for each value of 936.Ar interface . 937.It Va ipv6_network_interfaces 938.Pq Vt str 939This is the IPv6 equivalent of 940.Va network_interfaces . 941Instead of setting the ifconfig variables as 942.Va ifconfig_ Ns Aq Ar interface 943they should be set as 944.Va ipv6_ifconfig_ Ns Aq Ar interface . 945Aliases should be set as 946.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 947Interfaces that do not have a 948.Va ipv6_ifconfig_ Ns Aq Ar interface 949setting will be auto configured by 950.Xr rtsol 8 951if the 952.Va ipv6_gateway_enable 953is set to 954.Dq Li NO . 955Note that the IPv6 networking code does not support the 956.Pa /etc/start_if. Ns Aq Ar interface 957files. 958.It Va ipv6_prefix_ Ns Aq Ar interface 959.Pq Vt str 960Assign prefix to 961.Ar interface , 962prefixlen 64 is used. 963.It Va ipv6_default_interface 964.Pq Vt str 965If not set to 966.Dq Li NO , 967this is the default output interface for scoped addresses. 968Now this works only for IPv6 link local multicast addresses. 969.It Va cloned_interfaces 970.Pq Vt str 971Set to the list of clonable network interfaces to create on this host. 972Entries in 973.Va cloned_interfaces 974are automatically appended to 975.Va network_interfaces 976for configuration. 977.It Va gif_interfaces 978.Pq Vt str 979Set to the list of 980.Xr gif 4 981tunnel interfaces to configure on this host. 982A 983.Va gifconfig_ Ns Aq Ar interface 984variable is assumed to exist for each value of 985.Ar interface . 986The value of this variable is used to configure the link layer of the 987tunnel according to the syntax of the 988.Cm tunnel 989option to 990.Xr ifconfig 8 . 991Additionally, this option ensures that each listed interface is created via the 992.Cm create 993option to 994.Xr ifconfig 8 995before attempting to configure it. 996.It Va sppp_interfaces 997.Pq Vt str 998Set to the list of 999.Xr sppp 4 1000interfaces to configure on this host. 1001A 1002.Va spppconfig_ Ns Aq Ar interface 1003variable is assumed to exist for each value of 1004.Ar interface . 1005Each interface should also be configured by a general 1006.Va ifconfig_ Ns Aq Ar interface 1007setting. 1008Refer to 1009.Xr spppcontrol 8 1010for more information about available options. 1011.It Va ppp_enable 1012.Pq Vt bool 1013If set to 1014.Dq Li YES , 1015run the 1016.Xr ppp 8 1017daemon. 1018.It Va ppp_mode 1019.Pq Vt str 1020Mode in which to run the 1021.Xr ppp 8 1022daemon. 1023Accepted modes are 1024.Dq Li auto , 1025.Dq Li ddial , 1026.Dq Li direct 1027and 1028.Dq Li dedicated . 1029See the manual for a full description. 1030.It Va ppp_nat 1031.Pq Vt bool 1032If set to 1033.Dq Li YES , 1034enables network address translation. 1035Used in conjunction with 1036.Va gateway_enable 1037allows hosts on private network addresses access to the Internet using 1038this host as a network address translating router. 1039.It Va ppp_profile 1040.Pq Vt str 1041The name of the profile to use from 1042.Pa /etc/ppp/ppp.conf . 1043.It Va ppp_user 1044.Pq Vt str 1045The name of the user under which 1046.Xr ppp 8 1047should be started. 1048By default, 1049.Xr ppp 8 1050is started as 1051.Dq Li root . 1052.It Va rc_conf_files 1053.Pq Vt str 1054This option is used to specify a list of files that will override 1055the settings in 1056.Pa /etc/defaults/rc.conf . 1057The files will be read in the order in which they are specified and should 1058include the full path to the file. 1059By default, the files specified are 1060.Pa /etc/rc.conf 1061and 1062.Pa /etc/rc.conf.local 1063.It Va fsck_y_enable 1064.Pq Vt bool 1065If set to 1066.Dq Li YES , 1067.Xr fsck 8 1068will be run with the 1069.Fl y 1070flag if the initial preen of the file systems fails. 1071.It Va netfs_types 1072.Pq Vt str 1073List of file system types that are network-based. 1074This list should generally not be modified by end users. 1075Use 1076.Va extra_netfs_types 1077instead. 1078.It Va extra_netfs_types 1079.Pq Vt str 1080If set to something other than 1081.Dq Li NO 1082(the default), this variable extends the list of file system types 1083for which automatic mounting at startup by 1084.Xr rc 8 1085should be delayed until the network is initialized. 1086It should contain 1087a whitespace-separated list of network file system descriptor pairs, 1088each consisting of a file system type as passed to 1089.Xr mount 8 1090and a human-readable, one-word description, joined with a colon 1091.Pq Ql \&: . 1092Extending the default list in this way is only necessary 1093when third party file system types are used. 1094.It Va devfs_config_files 1095.Pq Vt str 1096This option is used to specify a list of configuration files containing 1097.Xr devfs 5 1098rules that will be applied by 1099.Xr devfsctl 8 1100in the order in which they are specified and must include the full path 1101to the file. 1102.It Va syslogd_enable 1103.Pq Vt bool 1104If set to 1105.Dq Li YES , 1106run the 1107.Xr syslogd 8 1108daemon. 1109.It Va syslogd_program 1110.Pq Vt str 1111Path to 1112.Xr syslogd 8 1113(default 1114.Pa /usr/sbin/syslogd ) . 1115.It Va syslogd_flags 1116.Pq Vt str 1117If 1118.Va syslogd_enable 1119is set to 1120.Dq Li YES , 1121these are the flags to pass to 1122.Xr syslogd 8 . 1123.It Va inetd_enable 1124.Pq Vt bool 1125If set to 1126.Dq Li YES , 1127run the 1128.Xr inetd 8 1129daemon. 1130.It Va inetd_program 1131.Pq Vt str 1132Path to 1133.Xr inetd 8 1134(default 1135.Pa /usr/sbin/inetd ) . 1136.It Va inetd_flags 1137.Pq Vt str 1138If 1139.Va inetd_enable 1140is set to 1141.Dq Li YES , 1142these are the flags to pass to 1143.Xr inetd 8 . 1144.It Va rwhod_enable 1145.Pq Vt bool 1146If set to 1147.Dq Li YES , 1148run the 1149.Xr rwhod 8 1150daemon at boot time. 1151.It Va rwhod_flags 1152.Pq Vt str 1153If 1154.Va rwhod_enable 1155is set to 1156.Dq Li YES , 1157these are the flags to pass to it. 1158.It Va amd_enable 1159.Pq Vt bool 1160If set to 1161.Dq Li YES , 1162run the 1163.Xr amd 8 1164daemon at boot time. 1165.It Va amd_flags 1166.Pq Vt str 1167If 1168.Va amd_enable 1169is set to 1170.Dq Li YES , 1171these are the flags to pass to it. 1172See the 1173.Xr amd 8 1174manpage for more information. 1175.It Va amd_map_program 1176.Pq Vt str 1177If set, the specified program is run to get the list of 1178.Xr amd 8 1179maps. 1180For example, if the 1181.Xr amd 8 1182maps are stored in NIS, one can set this to run 1183.Xr ypcat 1 1184to get a list of 1185.Xr amd 8 1186maps from the 1187.Pa amd.master 1188NIS map. 1189.It Va update_motd 1190.Pq Vt bool 1191If set to 1192.Dq Li YES , 1193.Pa /etc/motd 1194will be updated at boot time to reflect the kernel release being run. 1195If set to 1196.Dq Li NO , 1197.Pa /etc/motd 1198will not be updated. 1199.It Va nfs_client_enable 1200.Pq Vt bool 1201If set to 1202.Dq Li YES , 1203setup NFS client parameters at boot time. 1204.It Va nfs_access_cache 1205.Pq Vt int 1206If 1207.Va nfs_client_enable 1208is set to 1209.Dq Li YES , 1210this can be set to 1211.Dq Li 0 1212to disable NFS ACCESS RPC caching, or to the number of seconds for which 1213NFS ACCESS results should be cached. 1214A value of 2-10 seconds will substantially reduce network traffic for 1215many NFS operations. 1216The default is 5 seconds. 1217Note that the attribute cache holds stat information only. 1218The NFS data cache is independent of the attribute cache and is only 1219invalidated when the client detects that the server has modified the 1220underlying file. 1221This value specifies a maximum timeout. 1222The NFS client will automatically use a shorter timeout for files which 1223have been recently modified. 1224.It Va nfs_neg_cache 1225.Pq Vt int 1226If 1227.Va nfs_client_enable 1228is set to 1229.Dq Li YES , 1230this can be set to 1231.Dq Li 0 1232to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1233filenames), or to the number of seconds for which negative lookups should 1234be cached. 1235A value of 2-10 seconds will substantially reduce network 1236traffic for many NFS operations, especially source code builds. 1237The default is 3 seconds. 1238.It Va nfs_server_enable 1239.Pq Vt bool 1240If set to 1241.Dq Li YES , 1242run the NFS server daemons at boot time. 1243.It Va nfs_server_flags 1244.Pq Vt str 1245If 1246.Va nfs_server_enable 1247is set to 1248.Dq Li YES , 1249these are the flags to pass to the 1250.Xr nfsd 8 1251daemon. 1252.It Va mountd_enable 1253.Pq Vt bool 1254If set to 1255.Dq Li YES , 1256and no 1257.Va nfs_server_enable 1258is set, start 1259.Xr mountd 8 , 1260but not 1261.Xr nfsd 8 1262daemon. 1263It is commonly needed to run CFS without real NFS used. 1264.It Va mountd_flags 1265.Pq Vt str 1266If 1267.Va mountd_enable 1268is set to 1269.Dq Li YES , 1270these are the flags to pass to the 1271.Xr mountd 8 1272daemon. 1273.It Va weak_mountd_authentication 1274.Pq Vt bool 1275If set to 1276.Dq Li YES , 1277allow services like PCNFSD to make non-privileged mount requests. 1278.It Va nfs_reserved_port_only 1279.Pq Vt bool 1280If set to 1281.Dq Li YES , 1282provide NFS services only on a secure port. 1283.It Va nfs_bufpackets 1284.Pq Vt int 1285If set to a number, indicates the number of packets worth of 1286socket buffer space to reserve on an NFS client. 1287The kernel default is typically 4. 1288Using a higher number may be useful on gigabit networks to improve performance. 1289The minimum value is 2 and the maximum is 64. 1290.It Va rpc_umntall_enable 1291.Pq Vt bool 1292If set to 1293.Dq Li YES 1294(default) and we are also an NFS client, run 1295.Xr rpc.umntall 8 1296at boot time to clear out old mounts on remote servers. 1297If set to 1298.Dq Li NO 1299then 1300.Xr rpc.umntall 8 1301will not be run at boot time. 1302.It Va rpc_lockd_enable 1303.Pq Vt bool 1304If set to 1305.Dq Li YES 1306and also an NFS server, run 1307.Xr rpc.lockd 8 1308at boot time. 1309.It Va rpc_lockd_flags 1310.Pq Vt str 1311If 1312.Va rpc_lockd_enable 1313is set to 1314.Dq Li YES , 1315these are the flags to pass to 1316.Xr rpc.lockd 8 . 1317.It Va rpc_statd_enable 1318.Pq Vt bool 1319If set to 1320.Dq Li YES 1321and also an NFS server, run 1322.Xr rpc.statd 8 1323at boot time. 1324.It Va rpc_statd_flags 1325.Pq Vt str 1326If 1327.Va rpc_statd_enable 1328is set to 1329.Dq Li YES , 1330these are the flags to pass to 1331.Xr rpc.statd 8 . 1332.It Va rpcbind_program 1333.Pq Vt str 1334Path to program for rpcbind daemon 1335(default 1336.Pa /usr/sbin/rpcbind ) . 1337.It Va rpcbind_enable 1338.Pq Vt bool 1339If set to 1340.Dq Li YES , 1341run 1342.Va rpcbind_program 1343at boot time. 1344.It Va rpcbind_flags 1345.Pq Vt str 1346If 1347.Va rpcbind_enable 1348is set to 1349.Dq Li YES , 1350these are the flags to pass to 1351.Va rpcbind_program . 1352.It Va keyserv_enable 1353.Pq Vt bool 1354If set to 1355.Dq Li YES , 1356run the 1357.Xr keyserv 8 1358daemon on boot for running Secure RPC. 1359.It Va keyserv_flags 1360.Pq Vt str 1361If 1362.Va keyserv_enable 1363is set to 1364.Dq Li YES , 1365these are the flags to pass to 1366.Xr keyserv 8 1367daemon. 1368.It Va pppoed_enable 1369.Pq Vt bool 1370If set to 1371.Dq Li YES , 1372run the 1373.Xr pppoed 8 1374daemon at boot time to provide PPP over Ethernet services. 1375.It Va pppoed_provider 1376.Pq Vt str 1377.Xr pppoed 8 1378listens to requests to this provider and ultimately runs 1379.Xr ppp 8 1380with a 1381.Ar system 1382argument of the same name. 1383.It Va pppoed_flags 1384.Pq Vt str 1385Additional flags to pass to 1386.Xr pppoed 8 . 1387.It Va pppoed_interface 1388.Pq Vt str 1389The network interface to run 1390.Xr pppoed 8 1391on. 1392This is mandatory when 1393.Va pppoed_enable 1394is set to 1395.Dq Li YES . 1396.It Va timed_enable 1397.Pq Vt bool 1398If set to 1399.Dq Li YES , 1400run the 1401.Xr timed 8 1402service at boot time. 1403This command is intended for networks of machines where a consistent 1404.Dq "network time" 1405for all hosts must be established. 1406This is often useful in large NFS environments where time stamps on 1407files are expected to be consistent network-wide. 1408.It Va timed_flags 1409.Pq Vt str 1410If 1411.Va timed_enable 1412is set to 1413.Dq Li YES , 1414these are the flags to pass to the 1415.Xr timed 8 1416service. 1417.It Va dntpd_enable 1418.Pq Vt bool 1419If set to 1420.Dq Li YES , 1421run 1422.Xr dntpd 8 1423at system boot time. 1424.It Va dntpd_program 1425.Pq Vt str 1426Path to 1427.Xr dntpd 8 1428(default 1429.Pa /usr/sbin/dntpd ) . 1430.It Va dntpd_flags 1431.Pq Vt str 1432If 1433.Va dntpd_enable 1434is set to 1435.Dq Li YES , 1436these are the flags to pass to the 1437.Xr dntpd 8 1438daemon. 1439.It Va btconfig_enable 1440.Pq Vt bool 1441If set to 1442.Dq Li YES , 1443configure Bluetooth devices via 1444.Xr btconfig 8 1445at system boot time. 1446.It Va btconfig_devices 1447.Pq Vt str 1448If 1449.Va btconfig_enable 1450is set to 1451.Dq Li YES , 1452this is the list of Bluetooth devices to configure. 1453If 1454.Va btconfig_devices 1455is not specified, all devices known to the system will be configured. 1456A 1457.Va btconfig_ Ns Aq Ar device 1458variable can be set to specify parameters to be passed to 1459.Ar device . 1460.It Va btconfig_args 1461.Pq Vt str 1462If 1463.Va btconfig_enable 1464is set to 1465.Dq Li YES , 1466this is the list of configuration parameters to pass to all Bluetooth 1467devices. 1468.It Va sdpd_enable 1469.Pq Vt bool 1470If set to 1471.Dq Li YES , 1472run the Service Discovery Profile daemon 1473.Xr ( sdpd 8 ) 1474at system boot time. 1475.It Va sdpd_flags 1476.Pq Vt str 1477If 1478.Va sdpd_enable 1479is set to 1480.Dq Li YES , 1481these are the flags to pass to the 1482.Xr sdpd 8 1483daemon. 1484.It Va bthcid_enable 1485.Pq Vt bool 1486If set to 1487.Dq Li YES , 1488run the Bluetooth Link Key/PIN Code Manager daemon 1489.Xr ( bthcid 8 ) 1490at system boot time. 1491.It Va bthcid_flags 1492.Pq Vt str 1493If 1494.Va bthcid_enable 1495is set to 1496.Dq Li YES , 1497these are the flags to pass to the 1498.Xr bthcid 8 1499daemon. 1500.It Va nis_client_enable 1501.Pq Vt bool 1502If set to 1503.Dq Li YES , 1504run the 1505.Xr ypbind 8 1506service at system boot time. 1507.It Va nis_client_flags 1508.Pq Vt str 1509If 1510.Va nis_client_enable 1511is set to 1512.Dq Li YES , 1513these are the flags to pass to the 1514.Xr ypbind 8 1515service. 1516.It Va nis_ypset_enable 1517.Pq Vt bool 1518If set to 1519.Dq Li YES , 1520run the 1521.Xr ypset 8 1522daemon at system boot time. 1523.It Va nis_ypset_flags 1524.Pq Vt str 1525If 1526.Va nis_ypset_enable 1527is set to 1528.Dq Li YES , 1529these are the flags to pass to the 1530.Xr ypset 8 1531daemon. 1532.It Va nis_server_enable 1533.Pq Vt bool 1534If set to 1535.Dq Li YES , 1536run the 1537.Xr ypserv 8 1538daemon at system boot time. 1539.It Va nis_server_flags 1540.Pq Vt str 1541If 1542.Va nis_server_enable 1543is set to 1544.Dq Li YES , 1545these are the flags to pass to the 1546.Xr ypserv 8 1547daemon. 1548.It Va nis_ypxfrd_enable 1549.Pq Vt bool 1550If set to 1551.Dq Li YES , 1552run the 1553.Xr rpc.ypxfrd 8 1554daemon at system boot time. 1555.It Va nis_ypxfrd_flags 1556.Pq Vt str 1557If 1558.Va nis_ypxfrd_enable 1559is set to 1560.Dq Li YES , 1561these are the flags to pass to the 1562.Xr rpc.ypxfrd 8 1563daemon. 1564.It Va nis_yppasswdd_enable 1565.Pq Vt bool 1566If set to 1567.Dq Li YES , 1568run the 1569.Xr rpc.yppasswdd 8 1570daemon at system boot time. 1571.It Va nis_yppasswdd_flags 1572.Pq Vt str 1573If 1574.Va nis_yppasswdd_enable 1575is set to 1576.Dq Li YES , 1577these are the flags to pass to the 1578.Xr rpc.yppasswdd 8 1579daemon. 1580.It Va rpc_ypupdated_enable 1581.Pq Vt bool 1582If set to 1583.Dq Li YES , 1584run the 1585.Nm rpc.ypupdated 1586daemon at system boot time. 1587.It Va defaultrouter 1588.Pq Vt str 1589If not set to 1590.Dq Li NO , 1591create a default route to this host name or IP address 1592(use an IP address if this router is also required to get to the 1593name server!). 1594.It Va ipv6_defaultrouter 1595.Pq Vt str 1596The IPv6 equivalent of 1597.Va defaultrouter . 1598.It Va static_routes 1599.Pq Vt str 1600Set to the list of static routes that are to be added at system boot time. 1601If not set to 1602.Dq Li NO 1603then for each whitespace separated 1604.Ar element 1605in the value, a 1606.Va route_ Ns Aq Ar element 1607variable is assumed to exist whose contents will later be passed to a 1608.Dq Nm route Cm add 1609operation. 1610.It Va ipv6_static_routes 1611.Pq Vt str 1612The IPv6 equivalent of 1613.Va static_routes . 1614If not set to 1615.Dq Li NO 1616then for each whitespace separated 1617.Ar element 1618in the value, a 1619.Va ipv6_route_ Ns Aq Ar element 1620variable is assumed to exist whose contents will later be passed to a 1621.Dq Nm route Cm add Fl inet6 1622operation. 1623.It Va gateway_enable 1624.Pq Vt bool 1625If set to 1626.Dq Li YES , 1627configure host to act as an IP router, e.g. to forward packets 1628between interfaces. 1629.It Va ipv6_gateway_enable 1630.Pq Vt bool 1631The IPv6 equivalent of 1632.Va gateway_enable . 1633.It Va router_enable 1634.Pq Vt bool 1635If set to 1636.Dq Li YES , 1637run a routing daemon of some sort, based on the settings of 1638.Va router_program 1639and 1640.Va router_flags . 1641.It Va ipv6_router_enable 1642.Pq Vt bool 1643The IPv6 equivalent of 1644.Va router_enable . 1645If set to 1646.Dq Li YES , 1647run a routing daemon of some sort, based on the settings of 1648.Va ipv6_router_program 1649and 1650.Va ipv6_router_flags . 1651.It Va router_program 1652.Pq Vt str 1653If 1654.Va router_enable 1655is set to 1656.Dq Li YES , 1657this is the name of the routing daemon to use 1658(default 1659.Pa /sbin/routed ) . 1660.It Va ipv6_router_program 1661.Pq Vt str 1662The IPv6 equivalent of 1663.Va router_program 1664(default 1665.Pa /sbin/route6d ) . 1666.It Va router_flags 1667.Pq Vt str 1668If 1669.Va router_enable 1670is set to 1671.Dq Li YES , 1672these are the flags to pass to the routing daemon. 1673.It Va ipv6_router_flags 1674.Pq Vt str 1675The IPv6 equivalent of 1676.Va router_flags . 1677.It Va mrouted_enable 1678.Pq Vt bool 1679If set to 1680.Dq Li YES , 1681run the multicast routing daemon, 1682.Xr mrouted 8 . 1683.It Va mroute6d_enable 1684.Pq Vt bool 1685The IPv6 equivalent of 1686.Va mrouted_enable . 1687If set to 1688.Dq Li YES , 1689run the IPv6 multicast routing daemon. 1690Note that no IPv6 multicast routing daemon is included in the 1691.Dx 1692base system but 1693.Xr pim6dd 8 1694can be installed from the 1695.Xr pkgsrc 7 1696collection. 1697.It Va mrouted_flags 1698.Pq Vt str 1699If 1700.Va mrouted_enable 1701is set to 1702.Dq Li YES , 1703these are the flags to pass to the 1704.Xr mrouted 8 1705daemon. 1706.It Va mroute6d_flags 1707.Pq Vt str 1708The IPv6 equivalent of 1709.Va mrouted_flags . 1710If 1711.Va mroute6d_enable 1712is set to 1713.Dq Li YES , 1714these are the flags passed to the IPv6 multicast routing daemon. 1715.It Va mroute6d_program 1716.Pq Vt str 1717If 1718.Va mroute6d_enable 1719is set to 1720.Dq Li YES , 1721this is the path to the IPv6 multicast routing daemon. 1722.It Va rtadvd_enable 1723.Pq Vt bool 1724If set to 1725.Dq Li YES , 1726run the 1727.Xr rtadvd 8 1728daemon at boot time. 1729.Xr rtadvd 8 1730will only run if 1731.Va ipv6_gateway_enable 1732is also set to 1733.Dq Li YES . 1734The 1735.Xr rtadvd 8 1736utility sends router advertisement packets to the interfaces specified in 1737.Va rtadvd_interfaces . 1738.Xr rtadvd 8 1739and should only be enabled with great care. 1740You may want to fine-tune 1741.Xr rtadvd.conf 5 . 1742.It Va rtadvd_interfaces 1743.Pq Vt str 1744If 1745.Va rtadvd_enable 1746is set to 1747.Dq Li YES 1748this is the list of interfaces to use. 1749.It Va rtsold_enable 1750.Pq Vt bool 1751If set to 1752.Dq Li YES , 1753run the 1754.Xr rtsold 8 1755daemon at boot time. 1756The 1757.Xr rtsold 8 1758daemon is used for automatic discovery of non-link local addresses. 1759.It Va rtsold_flags 1760.Pq Vt str 1761If 1762.Va rtsold_enable 1763is set to 1764.Dq Li YES , 1765these are the flags to pass to the 1766.Xr rtsold 8 1767daemon. 1768.It Va ipxgateway_enable 1769.Pq Vt bool 1770If set to 1771.Dq Li YES , 1772enable the routing of IPX traffic. 1773.It Va ipxrouted_enable 1774.Pq Vt bool 1775If set to 1776.Dq Li YES , 1777run the 1778.Xr IPXrouted 8 1779daemon at system boot time. 1780.It Va ipxrouted_flags 1781.Pq Vt str 1782If 1783.Va ipxrouted_enable 1784is set to 1785.Dq Li YES , 1786these are the flags to pass to the 1787.Xr IPXrouted 8 1788daemon. 1789.It Va arpproxy_all 1790.Pq Vt bool 1791If set to 1792.Dq Li YES , 1793enable global proxy ARP. 1794.It Va forward_sourceroute 1795.Pq Vt bool 1796If set to 1797.Dq Li YES 1798and 1799.Va gateway_enable 1800is also set to 1801.Dq Li YES , 1802source-routed packets are forwarded. 1803.It Va accept_sourceroute 1804.Pq Vt bool 1805If set to 1806.Dq Li YES , 1807the system will accept source-routed packets directed at it. 1808.It Va rarpd_enable 1809.Pq Vt bool 1810If set to 1811.Dq Li YES , 1812run the 1813.Xr rarpd 8 1814daemon at system boot time. 1815.It Va rarpd_flags 1816.Pq Vt str 1817If 1818.Va rarpd_enable 1819is set to 1820.Dq Li YES , 1821these are the flags to pass to the 1822.Xr rarpd 8 1823daemon. 1824.It Va bootparamd_enable 1825.Pq Vt bool 1826If set to 1827.Dq Li YES , 1828run the 1829.Xr bootparamd 8 1830daemon at system boot time. 1831.It Va bootparamd_flags 1832.Pq Vt str 1833If 1834.Va bootparamd_enable 1835is set to 1836.Dq Li YES , 1837these are the flags to pass to the 1838.Xr bootparamd 8 1839daemon. 1840.It Va stf_interface_ipv4addr 1841.Pq Vt str 1842If not set to 1843.Dq Li NO , 1844this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1845Specify this entry to enable the 6to4 interface. 1846.It Va stf_interface_ipv4plen 1847.Pq Vt int 1848Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1849An effective value is 0-31. 1850.It Va stf_interface_ipv6_ifid 1851.Pq Vt str 1852IPv6 interface ID for 1853.Xr stf 4 . 1854This can be set to 1855.Dq Li AUTO . 1856.It Va stf_interface_ipv6_slaid 1857.Pq Vt str 1858IPv6 Site Level Aggregator for 1859.Xr stf 4 . 1860.It Va ipv6_faith_prefix 1861.Pq Vt str 1862If not set to 1863.Dq Li NO , 1864this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP translator. 1865You also need 1866.Xr faithd 8 1867setup. 1868.It Va ipv6_ipv4mapping 1869.Pq Vt bool 1870If set to 1871.Dq Li YES 1872this enables IPv4 mapped IPv6 address communication (like 1873.Li ::ffff:a.b.c.d ) . 1874.It Va atm_enable 1875.Pq Vt bool 1876Set to 1877.Dq Li YES 1878to enable the configuration of ATM interfaces at system boot time. 1879For all of the ATM variables described below, please refer to the 1880.Xr atm 8 1881man page for further details on the available command parameters. 1882Also refer to the files in 1883.Pa /usr/share/examples/atm 1884for more detailed configuration information. 1885.It Va atm_netif_ Ns Aq Ar intf 1886.Pq Vt str 1887For the ATM physical interface 1888.Ar intf , 1889this variable defines the name prefix and count for the ATM network 1890interfaces to be created. 1891The value will be passed as the parameters of an 1892.Dq Nm atm Cm "set netif" Ar intf 1893command. 1894.It Va atm_sigmgr_ Ns Aq Ar intf 1895.Pq Vt str 1896For the ATM physical interface 1897.Ar intf , 1898this variable defines the ATM signalling manager to be used. 1899The value will be passed as the parameters of an 1900.Dq Nm atm Cm attach Ar intf 1901command. 1902.It Va atm_prefix_ Ns Aq Ar intf 1903.Pq Vt str 1904For the ATM physical interface 1905.Ar intf , 1906this variable defines the NSAP prefix for interfaces using a UNI signalling 1907manager. 1908If set to 1909.Dq Li ILMI , 1910the prefix will automatically be set via the 1911.Xr ilmid 8 1912daemon. 1913Otherwise, the value will be passed as the parameters of an 1914.Dq Nm atm Cm "set prefix" Ar intf 1915command. 1916.It Va atm_macaddr_ Ns Aq Ar intf 1917.Pq Vt str 1918For the ATM physical interface 1919.Ar intf , 1920this variable defines the MAC address for interfaces using a UNI signalling 1921manager. 1922If set to 1923.Dq Li NO , 1924the hardware MAC address contained in the ATM interface card will be used. 1925Otherwise, the value will be passed as the parameters of an 1926.Dq Nm atm Cm "set mac" Ar intf 1927command. 1928.It Va atm_arpserver_ Ns Aq Ar netif 1929.Pq Vt str 1930For the ATM network interface 1931.Ar netif , 1932this variable defines the ATM address for a host which is to provide ATMARP 1933service. 1934This variable is only applicable to interfaces using a UNI signalling manager. 1935If set to 1936.Dq Li local , 1937this host will become an ATMARP server. 1938The value will be passed as the parameters of an 1939.Dq Nm atm Cm "set arpserver" Ar netif 1940command. 1941.It Va atm_scsparp_ Ns Aq Ar netif 1942.Pq Vt bool 1943If set to 1944.Dq Li YES , 1945SCSP/ATMARP service for the network interface 1946.Ar netif 1947will be initiated using the 1948.Xr scspd 8 1949and 1950.Xr atmarpd 8 1951daemons. 1952This variable is only applicable if 1953.Va atm_arpserver_ Ns Aq Ar netif 1954is set to 1955.Dq Li local . 1956.It Va atm_arps 1957.Pq Vt str 1958Set to the list of permanent ATM ARP entries to be added at system boot time. 1959For each whitespace separated 1960.Ar element 1961in the value, an 1962.Va atm_arp_ Ns Aq Ar element 1963variable is assumed to exist. 1964The value of each of these variables will be passed as the parameters of an 1965.Dq Nm atm Cm "add arp" 1966command. 1967.It Va keybell 1968.Pq Vt str 1969The keyboard bell sound. 1970Set to 1971.Dq Li normal , 1972.Dq Li visual , 1973.Dq Li off , 1974or 1975.Dq Li NO 1976if the default behavior is desired. 1977For details, refer to the 1978.Xr kbdcontrol 1 1979manpage. 1980.It Va keymap 1981.Pq Vt str 1982If set to 1983.Dq Li NO , 1984no keymap is installed, otherwise the value is used to install 1985the keymap file in 1986.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1987.It Va keyrate 1988.Pq Vt str 1989The keyboard repeat speed. 1990Set to 1991.Dq Li slow , 1992.Dq Li normal , 1993.Dq Li fast , 1994or 1995.Dq Li NO 1996if the default behavior is desired. 1997.It Va keychange 1998.Pq Vt str 1999If not set to 2000.Dq Li NO , 2001attempt to program the function keys with the value. 2002The value should be a single string of the form: 2003.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2004.It Va cursor 2005.Pq Vt str 2006Can be set to the value of 2007.Dq Li normal , 2008.Dq Li blink , 2009.Dq Li destructive , 2010or 2011.Dq Li NO 2012to set the cursor behavior explicitly or choose the default behavior. 2013.It Va scrnmap 2014.Pq Vt str 2015If set to 2016.Dq Li NO , 2017no screen map is installed, otherwise the value is used to install 2018the screen map file in 2019.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2020.It Va font8x16 2021.Pq Vt str 2022If set to 2023.Dq Li NO , 2024the default 8x16 font value is used for screen size requests, otherwise 2025the value in 2026.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2027is used. 2028.It Va font8x14 2029.Pq Vt str 2030If set to 2031.Dq Li NO , 2032the default 8x14 font value is used for screen size requests, otherwise 2033the value in 2034.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2035is used. 2036.It Va font8x8 2037.Pq Vt str 2038If set to 2039.Dq Li NO , 2040the default 8x8 font value is used for screen size requests, otherwise 2041the value in 2042.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2043is used. 2044.It Va blanktime 2045.Pq Vt int 2046If set to 2047.Dq Li NO , 2048the default screen blanking interval is used, otherwise it is set to 2049.Ar value 2050seconds. 2051.It Va saver 2052.Pq Vt str 2053If not set to 2054.Dq Li NO , 2055this is the actual screen saver to use 2056.Li ( blank , snake , daemon , 2057etc). 2058.It Va moused_enable 2059.Pq Vt str 2060If set to 2061.Dq Li YES , 2062the 2063.Xr moused 8 2064daemon is started for doing cut/paste selection on the console. 2065.It Va moused_type 2066.Pq Vt str 2067This is the protocol type of the mouse connected to this host. 2068This variable must be set if 2069.Va moused_enable 2070is set to 2071.Dq Li YES . 2072The 2073.Xr moused 8 2074daemon 2075is able to detect the appropriate mouse type automatically in many cases. 2076Set this variable to 2077.Dq Li auto 2078to let the daemon detect it, or 2079select one from the following list if the automatic detection fails. 2080.Pp 2081If the mouse is attached to the PS/2 mouse port, choose 2082.Dq Li auto 2083or 2084.Dq Li ps/2 , 2085regardless of the brand and model of the mouse. 2086Likewise, if the mouse is attached to the bus mouse port, choose 2087.Dq Li auto 2088or 2089.Dq Li busmouse . 2090All other protocols are for serial mice and will not work with 2091the PS/2 and bus mice. 2092If this is a USB mouse, 2093.Dq Li auto 2094is the only protocol type which will work. 2095.Pp 2096.Bl -tag -width ".Li x10mouseremote" -compact 2097.It Li microsoft 2098Microsoft mouse (serial) 2099.It Li intellimouse 2100Microsoft IntelliMouse (serial) 2101.It Li mousesystems 2102Mouse systems Corp. mouse (serial) 2103.It Li mmseries 2104MM Series mouse (serial) 2105.It Li logitech 2106Logitech mouse (serial) 2107.It Li busmouse 2108A bus mouse 2109.It Li mouseman 2110Logitech MouseMan and TrackMan (serial) 2111.It Li glidepoint 2112ALPS GlidePoint (serial) 2113.It Li thinkingmouse 2114Kensington ThinkingMouse (serial) 2115.It Li ps/2 2116PS/2 mouse 2117.It Li mmhittab 2118MM HitTablet (serial) 2119.It Li x10mouseremote 2120X10 MouseRemote (serial) 2121.It Li versapad 2122Interlink VersaPad (serial) 2123.El 2124.Pp 2125Even if the mouse is not in the above list, it may be compatible 2126with one in the list. 2127Refer to the man page for 2128.Xr moused 8 2129for compatibility information. 2130.Pp 2131It should also be noted that while this is enabled, any 2132other client of the mouse (such as an X server) should access 2133the mouse through the virtual mouse device, 2134.Pa /dev/sysmouse , 2135and configure it as a 2136.Dq Li sysmouse 2137type mouse, since all 2138mouse data is converted to this single canonical format when using 2139.Xr moused 8 . 2140If the client program does not support the 2141.Dq Li sysmouse 2142type, specify the 2143.Dq Li mousesystems 2144type. 2145It is the second preferred type. 2146.It Va moused_port 2147.Pq Vt str 2148If 2149.Va moused_enable 2150is set to 2151.Dq Li YES , 2152this is the actual port the mouse is on. 2153It might be 2154.Pa /dev/cuaa0 2155for a COM1 serial mouse, 2156.Pa /dev/psm0 2157for a PS/2 mouse or 2158.Pa /dev/mse0 2159for a bus mouse, for example. 2160.It Va moused_flags 2161.Pq Vt str 2162If 2163.Va moused_type 2164is set, these are the additional flags to pass to the 2165.Xr moused 8 2166daemon. 2167.It Va mousechar_start 2168.Pq Vt int 2169If set to 2170.Dq Li NO , 2171the default mouse cursor character range 2172.Li 0xd0 Ns - Ns Li 0xd3 2173is used, otherwise the range start is set to 2174.Ar value 2175character, see 2176.Xr vidcontrol 1 . 2177Use if the default range is occupied in the language code table. 2178.It Va vidhistory 2179.Pq Vt int 2180Set the size of the history (scrollback) buffer in lines. 2181.It Va allscreens_flags 2182.Pq Vt str 2183If set, 2184.Xr vidcontrol 1 2185is run with these options for each of the virtual terminals 2186.Pq Pa /dev/ttyv* . 2187For example, 2188.Dq Fl m Cm on 2189will enable the mouse pointer on all virtual terminals if 2190.Va moused_enable 2191is set to 2192.Dq Li YES . 2193.It Va allscreens_kbdflags 2194.Pq Vt str 2195If set, 2196.Xr kbdcontrol 1 2197is run with these options for each of the virtual terminals 2198.Pq Pa /dev/ttyv* . 2199For example, 2200.Dq Fl h Li 200 2201will set the 2202.Xr syscons 4 2203scrollback (history) buffer to 200 lines. 2204.It Va cron_enable 2205.Pq Vt bool 2206If set to 2207.Dq Li YES , 2208run the 2209.Xr cron 8 2210daemon at system boot time. 2211.It Va cron_program 2212.Pq Vt str 2213Path to 2214.Xr cron 8 2215(default 2216.Pa /usr/sbin/cron ) . 2217.It Va cron_flags 2218.Pq Vt str 2219If 2220.Va cron_enable 2221is set to 2222.Dq Li YES , 2223these are the flags to pass to 2224.Xr cron 8 . 2225.It Va lpd_program 2226.Pq Vt str 2227Path to 2228.Xr lpd 8 2229(default 2230.Pa /usr/sbin/lpd ) . 2231.It Va lpd_enable 2232.Pq Vt bool 2233If set to 2234.Dq Li YES , 2235run the 2236.Xr lpd 8 2237daemon at system boot time. 2238.It Va lpd_flags 2239.Pq Vt str 2240If 2241.Va lpd_enable 2242is set to 2243.Dq Li YES , 2244these are the flags to pass to the 2245.Xr lpd 8 2246daemon. 2247.It Va nscd_enable 2248.Pq Vt bool 2249If set to 2250.Dq Li YES , 2251run the 2252.Xr nscd 8 2253daemon at system boot time. 2254.It Va mixer_enable 2255.Pq Vt bool 2256If set to 2257.Dq Li YES , 2258preserve 2259.Xr mixer 8 2260settings across reboots. 2261.It Va mta_start_script 2262.Pq Vt str 2263The full path to the script to run to start 2264a mail transfer agent. 2265The default is 2266.Pa /etc/rc.sendmail . 2267The 2268.Va sendmail_* 2269variables which 2270.Pa /etc/rc.sendmail 2271uses are documented in the 2272.Xr rc.sendmail 8 2273man page. 2274.It Va fixbootfile 2275.Pq Vt bool 2276In a 2277.Sq HAMMER ROOT with UFS /boot 2278setup, the boot loader will not set up the 2279.Va kern.bootfile 2280sysctl correctly. 2281The system will attempt to fix this on its own. 2282Set this variable to 2283.Dq Li NO 2284to turn this behavior off. 2285.It Va dumpdev 2286.Pq Vt str 2287Indicates the device (usually a swap partition) to which a crash dump 2288should be written in the event of a system crash. 2289The value of this variable is passed as the argument to 2290.Xr dumpon 8 2291and 2292.Xr savecore 8 . 2293To disable crash dumps, set this variable to 2294.Dq Li NO . 2295.It Va dumpdir 2296.Pq Vt str 2297When the system reboots after a crash and a crash dump is found on the 2298device specified by the 2299.Va dumpdev 2300variable, 2301.Xr savecore 8 2302will save that crash dump and a copy of the kernel to the directory 2303specified by the 2304.Va dumpdir 2305variable. 2306The default value is 2307.Pa /var/crash . 2308Set to 2309.Dq Li NO 2310to not run 2311.Xr savecore 8 2312at boot time when 2313.Va dumpdir 2314is set. 2315.It Va savecore_flags 2316.Pq Vt str 2317If crash dumps are enabled, these are the flags to pass to the 2318.Xr savecore 8 2319utility. 2320.It Va enable_quotas 2321.Pq Vt bool 2322Set to 2323.Dq Li YES 2324to turn on user disk quotas on system startup via the 2325.Xr quotaon 8 2326command. 2327.It Va check_quotas 2328.Pq Vt bool 2329Set to 2330.Dq Li YES 2331to enable user disk quota checking via the 2332.Xr quotacheck 8 2333command. 2334.It Va accounting_enable 2335.Pq Vt bool 2336Set to 2337.Dq Li YES 2338to enable system accounting through the 2339.Xr accton 8 2340facility. 2341.It Va linux_enable 2342.Pq Vt bool 2343Set to 2344.Dq Li YES 2345to enable Linux/ELF binary emulation at system initial boot time. 2346.It Va sysvipc_enable 2347.Pq Vt bool 2348If set to 2349.Dq Li YES , 2350load System V IPC primitives at boot time. 2351.\" ----- cleanvar_enable setting-------------------------------- 2352.It Va cleanvar_enable 2353.Pq Vt bool 2354Set to 2355.Dq Li YES 2356to have 2357.Pa /var/run , 2358.Pa /var/spool/lock 2359and 2360.Pa /var/spool/uucp/.Temp/* 2361cleaned at startup. 2362.\" ----- clear_tmp_enable setting------------------------------- 2363.It Va clear_tmp_enable 2364.Pq Vt bool 2365Set to 2366.Dq Li YES 2367to have 2368.Pa /tmp 2369cleaned at startup. 2370.\" ----- ldconfig_paths setting -------------------------------- 2371.It Va ldconfig_paths 2372.Pq Vt str 2373Set to the list of shared library paths to use with 2374.Xr ldconfig 8 . 2375NOTE: 2376.Pa /usr/lib 2377will always be added first, so it need not appear in this list. 2378.It Va ldconfig_insecure 2379.Pq Vt bool 2380The 2381.Xr ldconfig 8 2382utility normally refuses to use directories 2383which are writable by anyone except root. 2384Set this variable to 2385.Dq Li YES 2386to disable that security check during system startup. 2387.It Va kern_securelevel 2388.Pq Vt int 2389The kernel security level to set at startup. 2390The allowed range of 2391.Ar value 2392ranges from \-1 (the compile time default) to 3 (the most secure). 2393See 2394.Xr init 8 2395for the list of possible security levels and their effect on system operation. 2396.It Va start_vinum 2397.Pq Vt bool 2398Set to 2399.Dq Li YES 2400to start 2401.Xr vinum 8 2402at system boot time. 2403.It Va sshd_enable 2404.Pq Vt bool 2405Set to 2406.Dq Li YES 2407to start 2408.Xr sshd 8 2409at system boot time. 2410.It Va sshd_program 2411.Pq Vt str 2412Path to the SSH server program 2413(default 2414.Pa /usr/sbin/sshd ) . 2415.It Va sshd_flags 2416.Pq Vt str 2417If 2418.Va sshd_enable 2419is set to 2420.Dq Li YES , 2421these are the flags to pass to the 2422.Xr sshd 8 2423daemon. 2424.It Va ftpd_enable 2425.Pq Vt bool 2426Set to 2427.Dq Li YES 2428to start 2429.Xr ftpd 8 2430at system boot time. 2431.It Va ftpd_flags 2432.Pq Vt str 2433If 2434.Va ftpd_enable 2435is set to 2436.Dq Li YES , 2437these are the flags to pass to the 2438.Xr ftpd 8 2439daemon. 2440.It Va usbd_enable 2441.Pq Vt bool 2442If set to 2443.Dq Li YES , 2444run the 2445.Xr usbd 8 2446daemon at boot time. 2447.It Va usbd_flags 2448.Pq Vt str 2449If 2450.Va usbd_enable 2451is set to 2452.Dq Li YES , 2453these are the flags passed to 2454.Xr usbd 8 2455daemon. 2456.It Va watchdogd_enable 2457.Pq Vt bool 2458If set to 2459.Dq Li YES , 2460start the 2461.Xr watchdogd 8 2462daemon at boot time. 2463This requires that the kernel have been compiled with 2464.Cd "options WATCHDOG" . 2465.It Va jail_enable 2466.Pq Vt bool 2467If set to 2468.Dq Li NO , 2469any configured jails will not be started. 2470.It Va jail_list 2471.Pq Vt str 2472A space separated list of names for jails. 2473This is purely a configuration aid to help identify and 2474configure multiple jails. 2475The names specified in this list will be used to 2476identify settings common to an instance of a jail. 2477Assuming that the jail in question was named 2478.Li vjail , 2479you would have the following dependent variables: 2480.Bd -literal 2481jail_vjail_hostname="jail.example.com" 2482jail_vjail_ip="192.168.1.100" 2483jail_vjail_rootdir="/var/jails/vjail/root" 2484.Ed 2485.Pp 2486.It Va jail_flags 2487.Pq Vt str 2488Unset by default. 2489When set, use as default value for 2490.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2491for every jail in 2492.Va jail_list . 2493.It Va jail_interface 2494.Pq Vt str 2495Unset by default. 2496When set, use as default value for 2497.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2498for every jail in 2499.Va jail_list . 2500.It Va jail_fstab 2501.Pq Vt str 2502Unset by default. 2503When set, use as default value for 2504.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2505for every jail in 2506.Va jail_list . 2507.It Va jail_mount_enable 2508.Pq Vt bool 2509Set to 2510.Dq Li NO 2511by default. 2512When set to 2513.Dq Li YES , 2514sets 2515.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2516to 2517.Dq Li YES 2518by default for every jail in 2519.Va jail_list . 2520.It Va jail_fdesc_enable 2521.Pq Vt bool 2522Set to 2523.Dq Li NO 2524by default. 2525When set to 2526.Dq Li YES , 2527sets 2528.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2529to 2530.Dq Li YES 2531by default for every jail in 2532.Va jail_list . 2533.It Va jail_procfs_enable 2534.Pq Vt bool 2535Set to 2536.Dq Li NO 2537by default. 2538When set to 2539.Dq Li YES , 2540sets 2541.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2542to 2543.Dq Li YES 2544by default for every jail in 2545.Va jail_list . 2546.It Va jail_exec_start 2547.Pq Vt str 2548Unset by default. 2549When set, use as default value for 2550.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2551for every jail in 2552.Va jail_list . 2553.It Va jail_exec_stop 2554Unset by default. 2555When set, use as default value for 2556.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2557for every jail in 2558.Va jail_list . 2559.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2560.Pq Vt str 2561Unset by default. 2562Set to the root directory used by jail 2563.Va jname . 2564.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2565.Pq Vt str 2566Unset by default. 2567Set to the fully qualified domain name (FQDN) assigned to jail 2568.Va jname . 2569.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2570.Pq Vt str 2571Unset by default. 2572Set to the IP address assigned to jail 2573.Va jname . 2574.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2575.Pq Vt str 2576Set to 2577.Dq Li -l -U root 2578by default. 2579These are flags to pass to 2580.Xr jail 8 . 2581.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2582.Pq Vt str 2583Unset by default. 2584When set, sets the interface to use when setting IP address alias. 2585Note that the alias is created at jail startup and removed at jail shutdown. 2586.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2587.Pq Vt str 2588Set to 2589.Pa /etc/fstab. Ns Aq Ar jname 2590by default. 2591This is the file system information file to use for jail 2592.Va jname . 2593.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2594.Pq Vt bool 2595Set to 2596.Dq Li NO 2597by default. 2598When set to 2599.Dq Li YES , 2600mount all file systems from 2601.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2602at jail startup. 2603.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2604.Pq Vt bool 2605Set to 2606.Dq Li NO 2607by default. 2608When set to 2609.Dq Li YES , 2610mount the file-descriptor file system inside jail 2611.Ar jname 2612at jail startup. 2613.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2614.Pq Vt bool 2615Set to 2616.Dq Li NO 2617by default. 2618When set to 2619.Dq Li YES , 2620mount the process file system inside jail 2621.Ar jname 2622at jail startup. 2623.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2624.Pq Vt str 2625Set to 2626.Dq Li /bin/sh /etc/rc 2627by default. 2628This is the command executed at jail startup. 2629.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2630.Pq Vt str 2631Set to 2632.Dq Li /bin/sh /etc/rc.shutdown 2633by default. 2634This is the command executed at jail shutdown. 2635.It Va jail_set_hostname_allow 2636.Pq Vt bool 2637If set to 2638.Dq Li NO , 2639do not allow the root user in a jail to set its hostname. 2640.It Va jail_socket_unixiproute_only 2641.Pq Vt bool 2642If set to 2643.Dq Li YES , 2644do not allow any sockets, 2645besides UNIX/IP/route sockets, 2646to be used within a jail. 2647.It Va jail_sysvipc_allow 2648.Pq Vt bool 2649If set to 2650.Dq Li YES , 2651allow applications within a jail to use System V IPC. 2652.It Va newsyslog_enable 2653.Pq Vt bool 2654If set to 2655.Dq Li YES , 2656run 2657.Xr newsyslog 8 2658before syslogd starts. 2659.It Va newsyslog_flags 2660.Pq Vt str 2661If 2662.Va newsyslog_enable 2663is set to 2664.Dq Li YES , 2665these are the flags passed to 2666.Xr newsyslog 8 . 2667.It Va resident_enable 2668.Pq Vt bool 2669If set to 2670.Dq Li YES , 2671make the dynamic binaries listed in 2672.Pa /etc/resident.conf 2673resident. 2674.It Va varsym_enable 2675.Pq Vt bool 2676If set to 2677.Dq Li YES , 2678process 2679.Pa /etc/varsym.conf 2680to set system-wide variables for variant symlinks. 2681.It Va rand_irqs 2682.Pq Vt str 2683Set either to 2684.Dq Li NO 2685or a whitespace separated list of IRQ numbers which will be used as a source of 2686randomness. 2687.\" ----- isdn settings --------------------------------- 2688.It Va isdn_enable 2689.Pq Vt bool 2690Set to 2691.Dq Li NO 2692by default. 2693When set to 2694.Dq Li YES , 2695starts the 2696.Xr isdnd 8 2697daemon at system boot time. 2698.It Va isdn_flags 2699.Pq Vt str 2700Set to 2701.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2702by default. 2703Additional flags to pass to 2704.Xr isdnd 8 2705(but see 2706.Va isdn_fsdev 2707and 2708.Va isdn_ttype 2709for certain tunable parameters). 2710.It Va isdn_ttype 2711.Pq Vt str 2712Set to 2713.Dq Li cons25 2714by default. 2715The terminal type of the output device when 2716.Xr isdnd 8 2717operates in full-screen mode. 2718.It Va isdn_screenflags 2719.Pq Vt str 2720Set to 2721.Dq Li NO 2722by default. 2723The video mode for full-screen mode (only for 2724.Xr syscons 4 2725console driver, see 2726.Xr vidcontrol 1 2727for valid modes). 2728.It Va isdn_fsdev 2729.Pq Vt str 2730Set to 2731.Dq Li NO 2732by default. 2733The output device for 2734.Xr isdnd 8 2735in full-screen mode (or 2736.Dq Li NO 2737for daemon mode). 2738.It Va isdn_trace 2739.Pq Vt bool 2740Set to 2741.Dq Li NO 2742by default. 2743When set to 2744.Dq Li YES , 2745enables the ISDN protocol trace utility 2746.Xr isdntrace 8 2747at system boot time. 2748.It Va isdn_traceflags 2749.Pq Vt str 2750Set to 2751.Dq Fl f Pa /var/tmp/isdntrace0 2752by default. 2753Flags for 2754.Xr isdntrace 8 . 2755.\" ----------------------------------------------------- 2756.It Va entropy_dir 2757.Pq Vt str 2758Set to 2759.Dq Li NO 2760to disable caching entropy via 2761.Xr cron 8 . 2762Otherwise set to the directory used to store entropy files in. 2763.It Va entropy_file 2764.Pq Vt str 2765Set to 2766.Dq Li NO 2767to disable caching entropy through reboots. 2768Otherwise set to the filename used to store cached entropy through reboots. 2769This file should be located on the root file system to seed the 2770.Xr random 4 2771device as early as possible in the boot process. 2772.It Va ipsec_enable 2773.Pq Vt bool 2774Set to 2775.Dq Li YES 2776to run 2777.Xr setkey 8 2778on 2779.Va ipsec_file 2780at boot time. 2781.It Va ipsec_file 2782.Pq Vt str 2783Configuration file for 2784.Xr setkey 8 . 2785.It Va dmesg_enable 2786.Pq Vt bool 2787Set to 2788.Dq Li YES 2789to save 2790.Xr dmesg 8 2791to 2792.Pa /var/run/dmesg.boot 2793on boot. 2794.It Va rcshutdown_timeout 2795.Pq Vt int 2796If set, start a watchdog timer in the background which will terminate 2797.Pa rc.shutdown 2798if 2799.Xr shutdown 8 2800has not completed within the specified time (in seconds). 2801.It Va vkernel_enable 2802.Pq Vt bool 2803If set to 2804.Dq Li NO , 2805any configured vkernels will not be started. 2806.It Va vkernel_list 2807.Pq Vt str 2808A space separated list of names for vkernels. 2809This is purely a configuration aid to help identify and 2810configure multiple vkernels. 2811The names specified in this list will be used to 2812identify settings common to a vkernel instance. 2813Assuming that the vkernel in question was named 2814.Li example , 2815you would have the following dependent variables 2816(filled with reference values in this text): 2817.Bd -literal 2818vkernel_example_bin="/usr/obj/usr/src/sys/VKERNEL/kernel.debug" 2819vkernel_example_memsize="64m" 2820vkernel_example_rootimg_list="/var/vkernel/rootimg.01" 2821vkernel_example_iface_list="auto:bridge0" 2822vkernel_example_logfile="/dev/null" 2823vkernel_example_flags="-U" 2824.Ed 2825.Pp 2826The last three are optional. 2827They default to an empty string if not set, except for logfile which defaults to 2828.Pa /dev/null 2829if it is not set. 2830.El 2831.Sh FILES 2832.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2833.It Pa /etc/defaults/rc.conf 2834.It Pa /etc/rc.conf 2835.It Pa /etc/rc.conf.local 2836.It Pa /etc/start_if. Ns Aq Ar interface 2837.El 2838.Sh SEE ALSO 2839.Xr catman 1 , 2840.Xr gdb 1 , 2841.Xr info 1 , 2842.Xr kbdcontrol 1 , 2843.Xr varsym 1 , 2844.Xr vidcontrol 1 , 2845.Xr ip 4 , 2846.Xr ipf 4 , 2847.Xr ipfw 4 , 2848.Xr kld 4 , 2849.Xr pf 4 , 2850.Xr tcp 4 , 2851.Xr udp 4 , 2852.Xr exports 5 , 2853.Xr motd 5 , 2854.Xr resident.conf 5 , 2855.Xr varsym.conf 5 , 2856.Xr accton 8 , 2857.Xr amd 8 , 2858.Xr apm 8 , 2859.Xr atm 8 , 2860.Xr btconfig 8 , 2861.Xr bthcid 8 , 2862.Xr cron 8 , 2863.Xr devd 8 , 2864.Xr dhclient 8 , 2865.Xr dntpd 8 , 2866.Xr ftpd 8 , 2867.Xr ifconfig 8 , 2868.Xr inetd 8 , 2869.Xr isdnd 8 , 2870.Xr isdntrace 8 , 2871.Xr jail 8 , 2872.Xr lpd 8 , 2873.Xr makewhatis 8 , 2874.Xr mixer 8 , 2875.Xr mountd 8 , 2876.Xr moused 8 , 2877.Xr mrouted 8 , 2878.Xr named 8 , 2879.Xr nfsd 8 , 2880.Xr pcnfsd 8 , 2881.Xr pfctl 8 , 2882.Xr pflogd 8 , 2883.Xr quotacheck 8 , 2884.Xr quotaon 8 , 2885.Xr rc 8 , 2886.Xr rc.sendmail 8 , 2887.Xr resident 8 , 2888.Xr rndcontrol 8 , 2889.Xr route 8 , 2890.Xr routed 8 , 2891.Xr rpcbind 8 , 2892.Xr rpc.lockd 8 , 2893.Xr rpc.statd 8 , 2894.Xr rtadvd 8 , 2895.Xr rtsold 8 , 2896.Xr rwhod 8 , 2897.Xr savecore 8 , 2898.Xr sdpd 8 , 2899.Xr sensorsd 8 , 2900.Xr sshd 8 , 2901.Xr swapon 8 , 2902.Xr sysctl 8 , 2903.Xr syslogd 8 , 2904.Xr timed 8 , 2905.Xr usbd 8 , 2906.Xr vinum 8 , 2907.Xr yp 8 , 2908.Xr ypbind 8 , 2909.Xr ypserv 8 , 2910.Xr ypset 8 2911.Sh HISTORY 2912The 2913.Nm 2914file appeared in 2915.Fx 2.2.2 . 2916.Sh AUTHORS 2917.An Jordan K. Hubbard . 2918