1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" 27.Dd July 18, 2024 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65In addition to 66.Pa /etc/rc.conf.local 67you can also place smaller configuration files for each 68.Xr rc 8 69script in the 70.Pa /etc/rc.conf.d 71directory, which will be included by the 72.Va load_rc_config 73function. 74For jail configurations you could use the file 75.Pa /etc/rc.conf.d/jail 76to store jail specific configuration options. 77Also see the 78.Va rc_conf_files 79variable below. 80.Pp 81The following list provides a name and short description for each 82variable that can be set in the 83.Nm 84file. 85To set a variable of 86.Vt bool 87type, specify either 88.Dq Li YES , 89.Dq Li TRUE , 90.Dq Li ON , 91or 92.Dq Li 1 . 93To unset, specify 94.Dq Li NO , 95.Dq Li FALSE , 96.Dq Li OFF , 97or 98.Dq Li 0 . 99These values are case insensitive. 100The 101.Va _enable 102postfix in the name of a variable for starting a service can be 103omitted (as in 104.Nx ) . 105.Bl -tag -width indent-two 106.It Va rc_conf_files 107.Pq Vt str 108This option is used to specify a list of files that will override 109the settings in 110.Pa /etc/defaults/rc.conf . 111The files will be read in the order in which they are specified and should 112include the full path to the file. 113By default, the files specified are 114.Pa /etc/rc.conf 115and 116.Pa /etc/rc.conf.local 117.It Va rc_debug 118.Pq Vt bool 119If set to 120.Dq Li YES , 121enable output of debug messages from rc scripts. 122This variable can be helpful in diagnosing mistakes when 123editing or integrating new scripts. 124Beware that this produces copious output to the terminal and 125.Xr syslog 3 . 126.It Va rc_info 127.Pq Vt bool 128If set to 129.Dq Li NO , 130disable informational messages from the rc scripts. 131Informational messages are displayed when 132a condition that is not serious enough to warrant a warning or an error occurs. 133.It Va rc_startmsgs 134.Pq Vt bool 135If set to 136.Dq Li YES , 137show 138.Dq Starting foo: 139when faststart is used (e.g., at boot time). 140.It Va swapfile 141.Pq Vt str 142If set to 143.Dq Li NO , 144no swapfile is installed, otherwise the value is used as the full 145pathname to a file to use for additional swap space. 146The 147.Xr vn 4 148driver is needed for a swapfile and will be loaded if it is not 149already compiled into the kernel or loaded via 150.Xr loader.conf 5 . 151.It Ao Ar module Ac Ns Ar _load 152.Pq Vt bool 153If set to 154.Dq YES , 155that kernel module will be loaded. 156If no 157.Ao Ar module Ac Ns Ar _name 158is defined (see below), the 159module's name is taken to be 160.Aq Ar module . 161.It Ao Ar module Ac Ns Ar _name 162.Pq Vt str 163Defines the name of the module. 164.It Va devd_enable 165.Pq Vt bool 166Run 167.Xr devd 8 168to handle device added, removed or unknown events from the kernel. 169.It Va devd_flags 170.Pq Vt str 171If 172.Va devd_enable 173is set to 174.Dq Li YES , 175these are the flags to pass to the 176.Xr devd 8 177daemon. 178.It Va powerd_enable 179.Pq Vt bool 180Set to 181.Dq Li NO 182by default. 183Setting this to 184.Dq Li YES 185enables 186.Xr powerd 8 , 187a CPU speed control daemon. 188.It Va powerd_flags 189.Pq Vt str 190Empty by default. 191Additional flags passed to the 192.Xr powerd 8 193program. 194.Pp 195If you are running a serial port at 115200 baud we recommend setting 196the flags to "-l 1500" as lower frequencies will cause characters to 197drop. 198.It Va sensorsd_enable 199.Pq Vt bool 200Set to 201.Dq Li NO 202by default. 203Setting this to 204.Dq Li YES 205enables 206.Xr sensorsd 8 , 207a sensors monitoring and logging daemon. 208.It Va sensorsd_flags 209.Pq Vt str 210Empty by default. 211Additional flags passed to the 212.Xr sensorsd 8 213program. 214.It Va sysvipcd_enable 215.Pq Vt bool 216Set to 217.Dq Li NO 218by default. 219Setting this to 220.Dq Li YES 221enables 222.Xr sysvipcd 8 , 223a daemon needed for the userspace implementation of the XSI Interprocess 224Communication functions. 225.It Va sysvipcd_flags 226.Pq Vt str 227Empty by default. 228Additional flags passed to the 229.Xr sysvipcd 8 230program. 231.It Va hotplugd_enable 232.Pq Vt bool 233Set to 234.Dq Li NO 235by default. 236Setting this to 237.Dq Li YES 238enables 239.Xr hotplugd 8 , 240a devices hot plugging monitoring daemon. 241.It Va hotplugd_flags 242.Pq Vt str 243Empty by default. 244Additional flags passed to the 245.Xr hotplugd 8 246program. 247.It Va pccard_ifconfig 248.Pq Vt str 249List of arguments to be passed to 250.Xr ifconfig 8 251at boot time or on insertion of the card (e.g.\& 252.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 253for a fixed address or 254.Dq Li DHCP 255for a DHCP client). 256.It Va removable_interfaces 257.Pq Vt str 258List of removable network interfaces to be supported by 259.Pa /etc/pccard_ether . 260.It Va local_startup 261.Pq Vt str 262List of directories to search for startup script files. 263.It Va script_name_sep 264.Pq Vt str 265The field separator to use for breaking down the list of startup script files 266into individual filenames. 267The default is a space. 268It is not necessary to change this unless there are startup scripts with names 269containing spaces. 270.It Va hostname 271.Pq Vt str 272The fully qualified domain name (FQDN) of this host on the network. 273This should almost certainly be set to something meaningful, even if 274there is no network connection. 275If DHCP is used to set the hostname, 276this variable should be set to an empty string. 277.It Va ipv6_enable 278.Pq Vt bool 279Enable support for IPv6 networking. 280Note that this requires that the kernel have been compiled with 281.Cd "options INET6" . 282.It Va nisdomainname 283.Pq Vt str 284The NIS domain name of this host, or 285.Dq Li NO 286if NIS is not used. 287.It Va dhcp_client 288.Pq Vt str 289Set the rc script that is called to start the DHCP client. 290This can be set to 291.Dq Li dhclient 292(default) or 293.Dq Li dhcpcd . 294.It Va dhclient_program 295.Pq Vt str 296Path to the 297.Xr dhclient 8 298program (default 299.Pa /sbin/dhclient ) . 300.It Va dhclient_flags 301.Pq Vt str 302Additional flags to pass to the 303.Xr dhclient 8 304program. 305.It Va dhcpcd_enable 306.Pq Vt bool 307Set to 308.Dq Li YES 309to run 310.Xr dhcpcd 8 311in master mode (i.e., configure all available Ethernet interfaces) at startup. 312.It Va dhcpcd_program 313.Pq Vt str 314Path to the 315.Xr dhcpcd 8 316program (default 317.Pa /sbin/dhcpcd ) . 318.It Va dhcpcd_flags 319.Pq Vt str 320Additional flags to pass to the 321.Xr dhcpcd 8 322program. 323The default value is 324.Fl b , 325i.e., tell 326.Xr dhcpcd 8 327to go to background immediately. 328.It Va pf_enable 329.Pq Vt bool 330Set to 331.Dq Li YES 332to load 333.Xr pf 4 334at startup. 335If the kernel was not built with 336.Cd "device pf" , 337the 338.Pa pf.ko 339kernel module will be loaded. 340See also 341.Va firewall_enable . 342.It Va pf_rules 343.Pq Vt str 344Path to the 345.Xr pf 4 346ruleset definition file. 347.It Va pf_program 348.Pq Vt str 349Path to 350.Xr pfctl 8 . 351.It Va pf_flags 352.Pq Vt str 353If 354.Va pf_enable 355is set to 356.Dq Li YES , 357these are the flags to pass to 358.Xr pfctl 8 359when loading the ruleset. 360.It Va pflog_enable 361.Pq Vt bool 362Set this to 363.Dq Li YES 364to enable 365.Xr pflogd 8 366which logs packets from 367.Xr pf 4 . 368.It Va pflog_logfile 369.Pq Vt str 370If 371.Va pflog_enable 372is set to 373.Dq Li YES 374this specifies the path of the log file. 375.It Va pflog_program 376.Pq Vt str 377Path to 378.Xr pflogd 8 . 379.It Va pflog_flags 380.Pq Vt str 381If 382.Va pflog_enable 383is set to 384.Dq Li YES , 385these are the flags to pass to 386.Xr pflogd 8 . 387.It Va firewall_enable 388.Pq Vt bool 389Set to 390.Dq Li YES 391to load firewall rules at startup. 392If the kernel was not built with 393.Cd "options IPFIREWALL" , 394the 395.Pa ipfw.ko 396kernel module will be loaded. 397See also 398.Va pf_enable . 399.It Va ipv6_firewall_enable 400.Pq Vt bool 401The IPv6 equivalent of 402.Va firewall_enable . 403Set to 404.Dq Li YES 405to load IPv6 firewall rules at startup. 406If the kernel was not built with 407.Cd "options IPV6FIREWALL" , 408the 409.Pa ip6fw.ko 410kernel module will be loaded. 411.It Va firewall_script 412.Pq Vt str 413The full path to the firewall script to run 414(default 415.Pa /etc/rc.firewall ) . 416.It Va ipv6_firewall_script 417.Pq Vt str 418The IPv6 equivalent of 419.Va firewall_script . 420.It Va firewall_type 421.Pq Vt str 422Names the firewall type from the selection in 423.Pa /etc/rc.firewall , 424or the file which contains the local firewall ruleset. 425Valid selections from 426.Pa /etc/rc.firewall 427are: 428.Pp 429.Bl -tag -width ".Li simple" -compact 430.It Li open 431unrestricted IP access 432.It Li closed 433all IP services disabled, except via 434.Dq Li lo0 435.It Li client 436basic protection for a workstation on a LAN 437.It Li simple 438alias for 439.Li client . 440.El 441.Pp 442If a filename is specified, the full path must be given. 443.It Va firewall_trusted_nets 444.Pq Vt str 445List of trusted networks (if 446.Va firewall_type 447is set to 448.Li client ) . 449.It Va firewall_trusted_interfaces 450.Pq Vt str 451List of trusted network interfaces (if 452.Va firewall_type 453is set to 454.Li client ) . 455.It Va firewall_allowed_icmp_types 456.Pq Vt str 457List of allowed ICMP types (if 458.Va firewall_type 459is set to 460.Li client ) . 461.It Va firewall_open_tcp_ports 462.Pq Vt str 463List of TCP ports to open (if 464.Va firewall_type 465is set to 466.Li client ) . 467.It Va firewall_open_udp_ports 468.Pq Vt str 469List of UDP ports to open (if 470.Va firewall_type 471is set to 472.Li client ) . 473.It Va ipv6_firewall_type 474.Pq Vt str 475The IPv6 equivalent of 476.Va firewall_type . 477.It Va firewall_quiet 478.Pq Vt bool 479Set to 480.Dq Li YES 481to disable the display of firewall rules on the console during boot. 482.It Va ipv6_firewall_quiet 483.Pq Vt bool 484The IPv6 equivalent of 485.Va firewall_quiet . 486.It Va firewall_logging 487.Pq Vt bool 488Set to 489.Dq Li YES 490to enable firewall event logging. 491This is equivalent to the 492.Dv IPFIREWALL_VERBOSE 493kernel option. 494.It Va ipv6_firewall_logging 495.Pq Vt bool 496The IPv6 equivalent of 497.Va firewall_logging . 498.It Va firewall_flags 499.Pq Vt str 500Flags passed to 501.Xr ipfw 8 502if 503.Va firewall_type 504specifies a filename. 505.It Va ipv6_firewall_flags 506.Pq Vt str 507The IPv6 equivalent of 508.Va firewall_flags . 509.It Va ipfw3_enable 510.Pq Vt bool 511Set to 512.Dq Li YES 513to enable 514.Xr ipfw3 8 . 515.It Va ipfw3_program 516.Pq Vt str 517Path to 518.Xr ipfw3 8 . 519.It Va ipfw3_script 520.Pq Vt str 521The full path to the shell script to run to set up the ipfw3 522firewall rules (default 523.Pa /etc/ipfw3.rules ) . 524.It Va ipfw3_modules 525.Pq Vt str 526List of ipfw3 modules to be loaded before executing the above 527.Va ipfw3_script . 528(default 529.Dq Li ipfw3 ipfw3_basic ) . 530.It Va natd_program 531.Pq Vt str 532Path to 533.Xr natd 8 . 534.It Va natd_enable 535.Pq Vt bool 536Set to 537.Dq Li YES 538to enable 539.Xr natd 8 . 540.Va firewall_enable 541must also be set to 542.Dq Li YES , 543and 544.Xr divert 4 545sockets must be enabled in the kernel. 546.It Va natd_interface 547.Pq Vt str 548This is the name of the public interface on which 549.Xr natd 8 550should run. 551The interface may be given as an interface name or as an IP address. 552.It Va natd_flags 553.Pq Vt str 554Additional 555.Xr natd 8 556flags should be placed here. 557The 558.Fl n 559or 560.Fl a 561flag is automatically added with the above 562.Va natd_interface 563as an argument. 564.It Va tcp_extensions 565.Pq Vt bool 566Set to 567.Dq Li YES 568by default. 569Setting this to 570.Dq Li NO 571disables certain TCP options as described by 572.Rs 573.%T "RFC 1323" 574.Re 575Setting this to 576.Dq Li NO 577might help remedy such problems with connections as randomly hanging 578or other weird behavior. 579Some network devices are known to be broken with respect to these options. 580.It Va log_in_vain 581.Pq Vt int 582Set to 0 by default. 583The 584.Xr sysctl 8 585variables, 586.Va net.inet.tcp.log_in_vain 587and 588.Va net.inet.udp.log_in_vain , 589as described in 590.Xr tcp 4 591and 592.Xr udp 4 , 593are set to the given value. 594.It Va tcp_keepalive 595.Pq Vt bool 596Set to 597.Dq Li YES 598by default. 599Setting to 600.Dq Li NO 601will disable probing idle TCP connections to verify that the 602peer is still up and reachable. 603.It Va tcp_drop_synfin 604.Pq Vt bool 605Set to 606.Dq Li NO 607by default. 608Setting to 609.Dq Li YES 610will cause the kernel to ignore TCP frames that have both 611the SYN and FIN flags set. 612This prevents OS fingerprinting, but may break some legitimate applications. 613This option is only available if the kernel was built with the 614.Dv TCP_DROP_SYNFIN 615option. 616.It Va icmp_drop_redirect 617.Pq Vt bool 618Set to 619.Dq Li NO 620by default. 621Setting to 622.Dq Li YES 623will cause the kernel to ignore ICMP REDIRECT packets. 624Refer to 625.Xr icmp 4 626for more information. 627.It Va icmp_log_redirect 628.Pq Vt bool 629Set to 630.Dq Li NO 631by default. 632Setting to 633.Dq Li YES 634will cause the kernel to log ICMP REDIRECT packets. 635Note that 636the log messages are not rate-limited, so this option should only be used 637for troubleshooting networks. 638Refer to 639.Xr icmp 4 640for more information. 641.It Va icmp_bmcastecho 642.Pq Vt bool 643Set to 644.Dq Li YES 645to respond to broadcast or multicast ICMP ping packets. 646Refer to 647.Xr icmp 4 648for more information. 649.It Va ip_portrange_first 650.Pq Vt int 651If not set to 652.Dq Li NO , 653this is the first port in the default portrange. 654Refer to 655.Xr ip 4 656for more information. 657.It Va ip_portrange_last 658.Pq Vt int 659If not set to 660.Dq Li NO , 661this is the last port in the default portrange. 662Refer to 663.Xr ip 4 664for more information. 665.\" 666.It Va ifconfig_ Ns Aq Ar interface 667.Pq Vt str 668Configuration for 669.Dq interface . 670Typically includes IP address. 671Assuming that the interface in question was 672.Li ed0 , 673it might look something like this: 674.Bd -literal 675ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 676.Ed 677.Pp 678If the 679.Pa /etc/start_if. Ns Aq Ar interface 680file is present, it is read and executed by the 681.Xr sh 1 682interpreter before configuring the interface as specified in the 683.Va ifconfig_ Ns Aq Ar interface 684and 685.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 686variables. 687.Pp 688It is possible to bring up an interface with DHCP by adding 689.Dq Li DHCP 690to the 691.Va ifconfig_ Ns Aq Ar interface 692variable. 693For instance, to initialize the 694.Li ed0 695device via DHCP, it is possible to use something like: 696.Bd -literal 697ifconfig_ed0="DHCP" 698.Ed 699.Pp 700If a 701.Va vlans_ Ns Aq Ar interface 702variable is set, 703a 704.Xr vlan 4 705interface will be created for each item in the list with the 706.Ar vlandev 707argument set to 708.Ar interface . 709If a vlan interface's name is a number, 710then that number is used as the vlan tag and the new vlan interface is 711named 712.Ar interface . Ns Ar tag . 713Otherwise, 714the vlan tag must be specified via a 715.Va vlan 716parameter in the 717.Va create_args_ Ns Aq Ar interface 718variable. 719.Pp 720To create a vlan device named 721.Li em0.101 722on 723.Li em0 724with the vlan tag 101 and the optional the IPv4 address 192.0.2.1/24: 725.Bd -literal 726vlans_em0="101" 727ifconfig_em0_101="inet 192.0.2.1/24" 728.Ed 729.Pp 730To create a vlan device named 731.Li myvlan 732on 733.Li em0 734with the vlan tag 102: 735.Bd -literal 736vlans_em0="myvlan" 737create_args_myvlan="vlan 102" 738.Ed 739.Pp 740If a 741.Va wlans_ Ns Aq Ar interface 742variable is set, 743an 744.Xr wlan 4 745interface will be created for each item in the list with the 746.Ar wlandev 747argument set to 748.Ar interface . 749Further wlan cloning arguments may be passed to the 750.Xr ifconfig 8 751.Cm create 752command by setting the 753.Va create_args_ Ns Aq Ar interface 754variable. 755One or more 756.Xr wlan 4 757devices must be created for each wireless devices as of 758.Dx 2.5 . 759Debugging flags for 760.Xr wlan 4 761devices as set by 762.Xr wlandebug 8 763may be specified with an 764.Va wlandebug_ Ns Aq Ar interface 765variable. 766The contents of this variable will be passed directly to 767.Xr wlandebug 8 . 768.Pp 769Also, if your interface needs WPA authentication, it is possible to add 770.Dq Li WPA 771to the 772.Va ifconfig_ Ns Aq Ar interface 773variable. 774This will start 775.Xr wpa_supplicant 8 . 776See 777.Xr wpa_supplicant.conf 5 778for configuring authentication information. 779But see also 780.Va wpa_supplicant_enable . 781.Pp 782Finally, you can add 783.Xr ifconfig 8 784options in this variable, in addition to the 785.Pa /etc/start_if. Ns Aq Ar interface 786file. 787For instance, to initialize the 788.Li wi0 789device via DHCP, using WPA authentication and 802.11b mode, it is 790possible to use something like: 791.Bd -literal 792wlans_wi0="wlan0" 793ifconfig_wlan0="up DHCP WPA mode 11b" 794.Ed 795.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 796.Pq Vt str 797Configuration to establish an additional network address for 798.Dq interface . 799Assuming that the interface in question was 800.Li ed0 , 801it might look something like this: 802.Bd -literal 803ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 804ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 805.Ed 806.Pp 807And so on. 808For each 809.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 810entry that is found, its contents are passed to 811.Xr ifconfig 8 . 812Execution stops at the first unsuccessful access, so if 813something like this is present: 814.Bd -literal 815ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 816ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 817ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 818ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 819.Ed 820.Pp 821Then note that alias4 would 822.Em not 823be added since the search would stop with the missing alias3 entry. 824.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 825.Pq Vt str 826New name for 827.Dq interface . 828It is possible to rename interface by doing: 829.Bd -literal 830ifconfig_ed0_name="net0" 831ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 832.Ed 833.It Va netif_enable 834.Pq Vt bool 835Set to 836.Dq Li YES 837by default. 838Setting to 839.Dq Li NO 840will disable the configuration of network interfaces. 841.It Va network_interfaces 842.Pq Vt str 843The list of network interfaces to configure on this host, 844or 845.Dq Li auto 846to configure all network interfaces 847(default 848.Dq Li auto ) . 849For example, if the only network devices to be configured are the loopback device 850.Pq Li lo0 851and a NIC using the 852.Xr em 4 853driver, this could be set to 854.Dq Li "lo0 em0" . 855An 856.Va ifconfig_ Ns Aq Ar interface 857variable is assumed to exist for each value of 858.Ar interface . 859.It Va ipv6_network_interfaces 860.Pq Vt str 861This is the IPv6 equivalent of 862.Va network_interfaces . 863Instead of setting the ifconfig variables as 864.Va ifconfig_ Ns Aq Ar interface 865they should be set as 866.Va ipv6_ifconfig_ Ns Aq Ar interface . 867Aliases should be set as 868.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 869Interfaces that do not have a 870.Va ipv6_ifconfig_ Ns Aq Ar interface 871setting will be auto configured by 872.Xr rtsol 8 873if the 874.Va ipv6_gateway_enable 875is set to 876.Dq Li NO . 877Note that the IPv6 networking code does not support the 878.Pa /etc/start_if. Ns Aq Ar interface 879files. 880.It Va ipv6_prefix_ Ns Aq Ar interface 881.Pq Vt str 882Assign prefix to 883.Ar interface , 884prefixlen 64 is used. 885.It Va ipv6_default_interface 886.Pq Vt str 887If not set to 888.Dq Li NO , 889this is the default output interface for scoped addresses. 890Now this works only for IPv6 link local multicast addresses. 891.It Va ip6addrctl_enable 892.Pq Vt bool 893This variable is to enable configuring the default address selection policy table 894.Pq RFC 3484 . 895The default value is 896.Dq Li YES , 897and the policy table to be installed is specified by the 898.Va ip6addrctl_policy 899variable below. 900.It Va ip6addrctl_policy 901.Pq Vt str 902This variable specifies the policy table to be installed, 903and can be one of the following keywords: 904.Dq Li ipv4_prefer , 905.Dq Li ipv6_prefer , 906or 907.Dq Li AUTO 908(default). 909.Pp 910If 911.Dq Li ipv4_prefer 912or 913.Dq Li ipv6_prefer 914is specified, 915.Xr ip6addrctl 8 916installs a pre-defined policy table described in Section 2.1 917.Pq IPv6-preferred 918or 10.3 919.Pq IPv4-preferred 920of RFC 3484. 921.Pp 922If 923.Dq Li AUTO 924is specified, it attempts to read a file 925.Pa /etc/ip6addrctl.conf 926first. 927If this file is found, 928.Xr ip6addrctl 8 929reads and installs it. 930If not found, a policy is automatically set 931according to 932.Va ipv6_enable 933variable; if the variable is set to 934.Dq Li YES 935the IPv6-preferred one is used. 936Otherwise IPv4-preferred. 937.It Va ip6addrctl_verbose 938.Pq Vt bool 939If set to 940.Dq Li YES , 941print the installed policy table after configuring. 942The default value is 943.Dq Li NO . 944.It Va cloned_interfaces 945.Pq Vt str 946Set to the list of clonable network interfaces to create on this host. 947Entries in 948.Va cloned_interfaces 949are automatically appended to 950.Va network_interfaces 951for configuration. 952.It Va gif_interfaces 953.Pq Vt str 954Set to the list of 955.Xr gif 4 956tunnel interfaces to configure on this host. 957A 958.Va gifconfig_ Ns Aq Ar interface 959variable is assumed to exist for each value of 960.Ar interface . 961The value of this variable is used to configure the link layer of the 962tunnel according to the syntax of the 963.Cm tunnel 964option to 965.Xr ifconfig 8 . 966Additionally, this option ensures that each listed interface is created via the 967.Cm create 968option to 969.Xr ifconfig 8 970before attempting to configure it. 971.It Va sppp_interfaces 972.Pq Vt str 973Set to the list of 974.Xr sppp 4 975interfaces to configure on this host. 976A 977.Va spppconfig_ Ns Aq Ar interface 978variable is assumed to exist for each value of 979.Ar interface . 980Each interface should also be configured by a general 981.Va ifconfig_ Ns Aq Ar interface 982setting. 983Refer to 984.Xr spppcontrol 8 985for more information about available options. 986.It Va ppp_enable 987.Pq Vt bool 988If set to 989.Dq Li YES , 990run the 991.Xr ppp 8 992daemon. 993.It Va ppp_mode 994.Pq Vt str 995Mode in which to run the 996.Xr ppp 8 997daemon. 998Accepted modes are 999.Dq Li auto , 1000.Dq Li ddial , 1001.Dq Li direct 1002and 1003.Dq Li dedicated . 1004See the manual for a full description. 1005.It Va ppp_nat 1006.Pq Vt bool 1007If set to 1008.Dq Li YES , 1009enables network address translation. 1010Used in conjunction with 1011.Va gateway_enable 1012allows hosts on private network addresses access to the Internet using 1013this host as a network address translating router. 1014.It Va ppp_profile 1015.Pq Vt str 1016The name of the profile to use from 1017.Pa /etc/ppp/ppp.conf . 1018Also used for per-profile overrides of 1019.Va ppp_ Ns Ao Ar profile Ac Ns _unit . 1020Where the profile contains any of the characters 1021.Dq Li .-/+ 1022they are translated to 1023.Dq Li _ 1024for the purposes of the override variable names. 1025.It Va ppp_ Ns Ao Ar profile Ac Ns _unit 1026.Pq Vt int 1027Set the unit number to be used for this profile. 1028See the manual description of 1029.Fl unit Ns Ar N 1030in 1031.Xr ppp 8 1032for details. 1033.It Va ppp_user 1034.Pq Vt str 1035The name of the user under which 1036.Xr ppp 8 1037should be started. 1038By default, 1039.Xr ppp 8 1040is started as 1041.Dq Li root . 1042.It Va wg_enable 1043.Pq Vt bool 1044Set to 1045.Dq Li YES 1046to configure the 1047.Xr wg 4 1048interfaces specified in 1049.Va wg_interfaces 1050below. 1051.It Va wg_interfaces 1052.Pq Vt str 1053Specify the list of 1054.Xr wg 4 1055interfaces to configure. 1056Each listed interface is configured according to its config file at 1057.Pa /etc/wireguard/ Ns Ao Ar interface Ac Ns Pa .conf . 1058Refer to 1059.Xr wg.conf 5 1060for more information. 1061.It Va wg_config_dir 1062.Pq Vt str 1063Specify the directory to find the config files for the 1064.Xr wg 4 1065interfaces listed in 1066.Va wg_interfaces . 1067The default is 1068.Pa /etc/wireguard . 1069.It Va root_rw_mount 1070.Pq Vt bool 1071Set to 1072.Dq Li YES 1073by default. 1074After the file systems are checked at boot time, the root filesystem 1075is remounted as read-write if this is set to 1076.Dq Li YES . 1077Diskless systems that mount their root filesystem from a read-only 1078remote share should set this to 1079.Dq Li NO 1080in 1081.Pa rc.conf . 1082.It Va fsck_y_enable 1083.Pq Vt bool 1084If set to 1085.Dq Li YES , 1086.Xr fsck 8 1087will be run with the 1088.Fl y 1089flag if the initial preen of the file systems fails. 1090.It Va netfs_types 1091.Pq Vt str 1092List of file system types that are network-based. 1093This list should generally not be modified by end users. 1094Use 1095.Va extra_netfs_types 1096instead. 1097.It Va extra_netfs_types 1098.Pq Vt str 1099If set to something other than 1100.Dq Li NO 1101(the default), this variable extends the list of file system types 1102for which automatic mounting at startup by 1103.Xr rc 8 1104should be delayed until the network is initialized. 1105It should contain 1106a whitespace-separated list of network file system descriptor pairs, 1107each consisting of a file system type as passed to 1108.Xr mount 8 1109and a human-readable, one-word description, joined with a colon 1110.Pq Ql \&: . 1111Extending the default list in this way is only necessary 1112when third party file system types are used. 1113.It Va devfs_config_files 1114.Pq Vt str 1115This option is used to specify a list of configuration files containing 1116.Xr devfs 5 1117rules that will be applied by 1118.Xr devfsctl 8 1119in the order in which they are specified and must include the full path 1120to the file. 1121.It Va tmpfs_var_run 1122.Pq Vt bool 1123If set to 1124.Dq Li YES , 1125a 1126.Xr tmpfs 5 1127will be mounted at 1128.Pa /var/run . 1129Necessary directories under there will be automatically created. 1130.It Va tmpfs_tmp 1131.Pq Vt bool 1132If set to 1133.Dq Li YES , 1134a 1135.Xr tmpfs 5 1136will be mounted at 1137.Pa /tmp . 1138.It Va syslogd_enable 1139.Pq Vt bool 1140If set to 1141.Dq Li YES , 1142run the 1143.Xr syslogd 8 1144daemon. 1145.It Va syslogd_program 1146.Pq Vt str 1147Path to 1148.Xr syslogd 8 1149(default 1150.Pa /usr/sbin/syslogd ) . 1151.It Va syslogd_flags 1152.Pq Vt str 1153If 1154.Va syslogd_enable 1155is set to 1156.Dq Li YES , 1157these are the flags to pass to 1158.Xr syslogd 8 . 1159.It Va inetd_enable 1160.Pq Vt bool 1161If set to 1162.Dq Li YES , 1163run the 1164.Xr inetd 8 1165daemon. 1166.It Va inetd_program 1167.Pq Vt str 1168Path to 1169.Xr inetd 8 1170(default 1171.Pa /usr/sbin/inetd ) . 1172.It Va inetd_flags 1173.Pq Vt str 1174If 1175.Va inetd_enable 1176is set to 1177.Dq Li YES , 1178these are the flags to pass to 1179.Xr inetd 8 . 1180.It Va rwhod_enable 1181.Pq Vt bool 1182If set to 1183.Dq Li YES , 1184run the 1185.Xr rwhod 8 1186daemon at boot time. 1187.It Va rwhod_flags 1188.Pq Vt str 1189If 1190.Va rwhod_enable 1191is set to 1192.Dq Li YES , 1193these are the flags to pass to it. 1194.It Va update_motd 1195.Pq Vt bool 1196If set to 1197.Dq Li YES , 1198.Pa /etc/motd 1199will be updated at boot time to reflect the kernel release being run. 1200If set to 1201.Dq Li NO , 1202.Pa /etc/motd 1203will not be updated. 1204.It Va nfs_client_enable 1205.Pq Vt bool 1206If set to 1207.Dq Li YES , 1208setup NFS client parameters at boot time. 1209.It Va nfs_access_cache 1210.Pq Vt int 1211If 1212.Va nfs_client_enable 1213is set to 1214.Dq Li YES , 1215this can be set to 1216.Dq Li 0 1217to disable NFS ACCESS RPC caching, or to the number of seconds for which 1218NFS ACCESS results should be cached. 1219A value of 2-10 seconds will substantially reduce network traffic for 1220many NFS operations. 1221The default is 5 seconds. 1222Note that the attribute cache holds stat information only. 1223The NFS data cache is independent of the attribute cache and is only 1224invalidated when the client detects that the server has modified the 1225underlying file. 1226This value specifies a maximum timeout. 1227The NFS client will automatically use a shorter timeout for files which 1228have been recently modified. 1229.It Va nfs_neg_cache 1230.Pq Vt int 1231If 1232.Va nfs_client_enable 1233is set to 1234.Dq Li YES , 1235this can be set to 1236.Dq Li 0 1237to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1238filenames), or to the number of seconds for which negative lookups should 1239be cached. 1240A value of 2-10 seconds will substantially reduce network 1241traffic for many NFS operations, especially source code builds. 1242The default is 3 seconds. 1243.It Va nfs_server_enable 1244.Pq Vt bool 1245If set to 1246.Dq Li YES , 1247run the NFS server daemons at boot time. 1248.It Va nfs_server_flags 1249.Pq Vt str 1250If 1251.Va nfs_server_enable 1252is set to 1253.Dq Li YES , 1254these are the flags to pass to the 1255.Xr nfsd 8 1256daemon. 1257.It Va mountd_enable 1258.Pq Vt bool 1259If set to 1260.Dq Li YES , 1261and no 1262.Va nfs_server_enable 1263is set, start 1264.Xr mountd 8 , 1265but not 1266.Xr nfsd 8 1267daemon. 1268It is commonly needed to run CFS without real NFS used. 1269.It Va mountd_flags 1270.Pq Vt str 1271If 1272.Va mountd_enable 1273is set to 1274.Dq Li YES , 1275these are the flags to pass to the 1276.Xr mountd 8 1277daemon. 1278.It Va weak_mountd_authentication 1279.Pq Vt bool 1280If set to 1281.Dq Li YES , 1282allow services like PCNFSD to make non-privileged mount requests. 1283.It Va nfs_reserved_port_only 1284.Pq Vt bool 1285If set to 1286.Dq Li YES , 1287provide NFS services only on a secure port. 1288.It Va nfs_bufpackets 1289.Pq Vt int 1290If set to a number, indicates the number of packets worth of 1291socket buffer space to reserve on an NFS client. 1292The kernel default is typically 4. 1293Using a higher number may be useful on gigabit networks to improve performance. 1294The minimum value is 2 and the maximum is 64. 1295.It Va rpc_umntall_enable 1296.Pq Vt bool 1297If set to 1298.Dq Li YES 1299(default) and we are also an NFS client, run 1300.Xr rpc.umntall 8 1301at boot time to clear out old mounts on remote servers. 1302If set to 1303.Dq Li NO 1304then 1305.Xr rpc.umntall 8 1306will not be run at boot time. 1307.It Va rpc_lockd_enable 1308.Pq Vt bool 1309If set to 1310.Dq Li YES 1311and also an NFS server, run 1312.Xr rpc.lockd 8 1313at boot time. 1314.It Va rpc_lockd_flags 1315.Pq Vt str 1316If 1317.Va rpc_lockd_enable 1318is set to 1319.Dq Li YES , 1320these are the flags to pass to 1321.Xr rpc.lockd 8 . 1322.It Va rpc_statd_enable 1323.Pq Vt bool 1324If set to 1325.Dq Li YES 1326and also an NFS server, run 1327.Xr rpc.statd 8 1328at boot time. 1329.It Va rpc_statd_flags 1330.Pq Vt str 1331If 1332.Va rpc_statd_enable 1333is set to 1334.Dq Li YES , 1335these are the flags to pass to 1336.Xr rpc.statd 8 . 1337.It Va rpcbind_program 1338.Pq Vt str 1339Path to program for rpcbind daemon 1340(default 1341.Pa /usr/sbin/rpcbind ) . 1342.It Va rpcbind_enable 1343.Pq Vt bool 1344If set to 1345.Dq Li YES , 1346run 1347.Va rpcbind_program 1348at boot time. 1349.It Va rpcbind_flags 1350.Pq Vt str 1351If 1352.Va rpcbind_enable 1353is set to 1354.Dq Li YES , 1355these are the flags to pass to 1356.Va rpcbind_program . 1357.It Va keyserv_enable 1358.Pq Vt bool 1359If set to 1360.Dq Li YES , 1361run the 1362.Xr keyserv 8 1363daemon on boot for running Secure RPC. 1364.It Va keyserv_flags 1365.Pq Vt str 1366If 1367.Va keyserv_enable 1368is set to 1369.Dq Li YES , 1370these are the flags to pass to 1371.Xr keyserv 8 1372daemon. 1373.It Va pppoed_enable 1374.Pq Vt bool 1375If set to 1376.Dq Li YES , 1377run the 1378.Xr pppoed 8 1379daemon at boot time to provide PPP over Ethernet services. 1380.It Va pppoed_provider 1381.Pq Vt str 1382.Xr pppoed 8 1383listens to requests to this provider and ultimately runs 1384.Xr ppp 8 1385with a 1386.Ar system 1387argument of the same name. 1388.It Va pppoed_flags 1389.Pq Vt str 1390Additional flags to pass to 1391.Xr pppoed 8 . 1392.It Va pppoed_interface 1393.Pq Vt str 1394The network interface to run 1395.Xr pppoed 8 1396on. 1397This is mandatory when 1398.Va pppoed_enable 1399is set to 1400.Dq Li YES . 1401.It Va dntpd_enable 1402.Pq Vt bool 1403If set to 1404.Dq Li YES , 1405run 1406.Xr dntpd 8 1407at system boot time. 1408.It Va dntpd_program 1409.Pq Vt str 1410Path to 1411.Xr dntpd 8 1412(default 1413.Pa /usr/sbin/dntpd ) . 1414.It Va dntpd_flags 1415.Pq Vt str 1416If 1417.Va dntpd_enable 1418is set to 1419.Dq Li YES , 1420these are the flags to pass to the 1421.Xr dntpd 8 1422daemon. 1423.It Va btconfig_enable 1424.Pq Vt bool 1425If set to 1426.Dq Li YES , 1427configure Bluetooth devices via 1428.Xr btconfig 8 1429at system boot time. 1430.It Va btconfig_devices 1431.Pq Vt str 1432If 1433.Va btconfig_enable 1434is set to 1435.Dq Li YES , 1436this is the list of Bluetooth devices to configure. 1437If 1438.Va btconfig_devices 1439is not specified, all devices known to the system will be configured. 1440A 1441.Va btconfig_ Ns Aq Ar device 1442variable can be set to specify parameters to be passed to 1443.Ar device . 1444.It Va btconfig_args 1445.Pq Vt str 1446If 1447.Va btconfig_enable 1448is set to 1449.Dq Li YES , 1450this is the list of configuration parameters to pass to all Bluetooth 1451devices. 1452.It Va sdpd_enable 1453.Pq Vt bool 1454If set to 1455.Dq Li YES , 1456run the Service Discovery Profile daemon 1457.Xr ( sdpd 8 ) 1458at system boot time. 1459.It Va sdpd_flags 1460.Pq Vt str 1461If 1462.Va sdpd_enable 1463is set to 1464.Dq Li YES , 1465these are the flags to pass to the 1466.Xr sdpd 8 1467daemon. 1468.It Va bthcid_enable 1469.Pq Vt bool 1470If set to 1471.Dq Li YES , 1472run the Bluetooth Link Key/PIN Code Manager daemon 1473.Xr ( bthcid 8 ) 1474at system boot time. 1475.It Va bthcid_flags 1476.Pq Vt str 1477If 1478.Va bthcid_enable 1479is set to 1480.Dq Li YES , 1481these are the flags to pass to the 1482.Xr bthcid 8 1483daemon. 1484.It Va nis_client_enable 1485.Pq Vt bool 1486If set to 1487.Dq Li YES , 1488run the 1489.Xr ypbind 8 1490service at system boot time. 1491.It Va nis_client_flags 1492.Pq Vt str 1493If 1494.Va nis_client_enable 1495is set to 1496.Dq Li YES , 1497these are the flags to pass to the 1498.Xr ypbind 8 1499service. 1500.It Va nis_ypset_enable 1501.Pq Vt bool 1502If set to 1503.Dq Li YES , 1504run the 1505.Xr ypset 8 1506daemon at system boot time. 1507.It Va nis_ypset_flags 1508.Pq Vt str 1509If 1510.Va nis_ypset_enable 1511is set to 1512.Dq Li YES , 1513these are the flags to pass to the 1514.Xr ypset 8 1515daemon. 1516.It Va nis_server_enable 1517.Pq Vt bool 1518If set to 1519.Dq Li YES , 1520run the 1521.Xr ypserv 8 1522daemon at system boot time. 1523.It Va nis_server_flags 1524.Pq Vt str 1525If 1526.Va nis_server_enable 1527is set to 1528.Dq Li YES , 1529these are the flags to pass to the 1530.Xr ypserv 8 1531daemon. 1532.It Va nis_ypxfrd_enable 1533.Pq Vt bool 1534If set to 1535.Dq Li YES , 1536run the 1537.Xr rpc.ypxfrd 8 1538daemon at system boot time. 1539.It Va nis_ypxfrd_flags 1540.Pq Vt str 1541If 1542.Va nis_ypxfrd_enable 1543is set to 1544.Dq Li YES , 1545these are the flags to pass to the 1546.Xr rpc.ypxfrd 8 1547daemon. 1548.It Va nis_yppasswdd_enable 1549.Pq Vt bool 1550If set to 1551.Dq Li YES , 1552run the 1553.Xr rpc.yppasswdd 8 1554daemon at system boot time. 1555.It Va nis_yppasswdd_flags 1556.Pq Vt str 1557If 1558.Va nis_yppasswdd_enable 1559is set to 1560.Dq Li YES , 1561these are the flags to pass to the 1562.Xr rpc.yppasswdd 8 1563daemon. 1564.It Va rpc_ypupdated_enable 1565.Pq Vt bool 1566If set to 1567.Dq Li YES , 1568run the 1569.Nm rpc.ypupdated 1570daemon at system boot time. 1571.It Va defaultrouter 1572.Pq Vt str 1573If not set to 1574.Dq Li NO , 1575create a default route to this host name or IP address 1576(use an IP address if this router is also required to get to the 1577name server!). 1578.It Va ipv6_defaultrouter 1579.Pq Vt str 1580The IPv6 equivalent of 1581.Va defaultrouter . 1582.It Va static_routes 1583.Pq Vt str 1584Set to the list of static routes that are to be added at system boot time. 1585If not set to 1586.Dq Li NO 1587then for each whitespace separated 1588.Ar element 1589in the value, a 1590.Va route_ Ns Aq Ar element 1591variable is assumed to exist whose contents will later be passed to a 1592.Dq Nm route Cm add 1593operation. 1594.It Va change_routes 1595.Pq Vt str 1596Set to the list of static routes that are to be changed at system boot time 1597(such as those added by the kernel). 1598If not set to 1599.Dq Li NO 1600then for each whitespace separated 1601.Ar element 1602in the value, a 1603.Va change_route_ Ns Aq Ar element 1604variable is assumed to exist whose contents will later be passed to a 1605.Dq Nm route Cm change 1606operation. 1607.It Va ipv6_static_routes 1608.Pq Vt str 1609The IPv6 equivalent of 1610.Va static_routes . 1611If not set to 1612.Dq Li NO 1613then for each whitespace separated 1614.Ar element 1615in the value, a 1616.Va ipv6_route_ Ns Aq Ar element 1617variable is assumed to exist whose contents will later be passed to a 1618.Dq Nm route Cm add Fl inet6 1619operation. 1620.It Va gateway_enable 1621.Pq Vt bool 1622If set to 1623.Dq Li YES , 1624configure host to act as an IP router, e.g. to forward packets 1625between interfaces. 1626.It Va ipv6_gateway_enable 1627.Pq Vt bool 1628The IPv6 equivalent of 1629.Va gateway_enable . 1630.It Va router_enable 1631.Pq Vt bool 1632If set to 1633.Dq Li YES , 1634run a routing daemon of some sort, based on the settings of 1635.Va router_program 1636and 1637.Va router_flags . 1638.It Va ipv6_router_enable 1639.Pq Vt bool 1640The IPv6 equivalent of 1641.Va router_enable . 1642If set to 1643.Dq Li YES , 1644run a routing daemon of some sort, based on the settings of 1645.Va ipv6_router_program 1646and 1647.Va ipv6_router_flags . 1648.It Va router_program 1649.Pq Vt str 1650If 1651.Va router_enable 1652is set to 1653.Dq Li YES , 1654this is the name of the routing daemon to use 1655(default 1656.Pa /sbin/routed ) . 1657.It Va ipv6_router_program 1658.Pq Vt str 1659The IPv6 equivalent of 1660.Va router_program 1661(default 1662.Pa /sbin/route6d ) . 1663.It Va router_flags 1664.Pq Vt str 1665If 1666.Va router_enable 1667is set to 1668.Dq Li YES , 1669these are the flags to pass to the routing daemon. 1670.It Va ipv6_router_flags 1671.Pq Vt str 1672The IPv6 equivalent of 1673.Va router_flags . 1674.It Va rtadvd_enable 1675.Pq Vt bool 1676If set to 1677.Dq Li YES , 1678run the 1679.Xr rtadvd 8 1680daemon at boot time. 1681.Xr rtadvd 8 1682will only run if 1683.Va ipv6_gateway_enable 1684is also set to 1685.Dq Li YES . 1686The 1687.Xr rtadvd 8 1688utility sends router advertisement packets to the interfaces specified in 1689.Va rtadvd_interfaces . 1690.Xr rtadvd 8 1691and should only be enabled with great care. 1692You may want to fine-tune 1693.Xr rtadvd.conf 5 . 1694.It Va rtadvd_interfaces 1695.Pq Vt str 1696If 1697.Va rtadvd_enable 1698is set to 1699.Dq Li YES 1700this is the list of interfaces to use. 1701.It Va rtsold_enable 1702.Pq Vt bool 1703If set to 1704.Dq Li YES , 1705run the 1706.Xr rtsold 8 1707daemon at boot time. 1708The 1709.Xr rtsold 8 1710daemon is used for automatic discovery of non-link local addresses. 1711.It Va rtsold_flags 1712.Pq Vt str 1713If 1714.Va rtsold_enable 1715is set to 1716.Dq Li YES , 1717these are the flags to pass to the 1718.Xr rtsold 8 1719daemon. 1720.It Va arpproxy_all 1721.Pq Vt bool 1722If set to 1723.Dq Li YES , 1724enable global proxy ARP. 1725.It Va forward_sourceroute 1726.Pq Vt bool 1727If set to 1728.Dq Li YES 1729and 1730.Va gateway_enable 1731is also set to 1732.Dq Li YES , 1733source-routed packets are forwarded. 1734.It Va accept_sourceroute 1735.Pq Vt bool 1736If set to 1737.Dq Li YES , 1738the system will accept source-routed packets directed at it. 1739.It Va rarpd_enable 1740.Pq Vt bool 1741If set to 1742.Dq Li YES , 1743run the 1744.Xr rarpd 8 1745daemon at system boot time. 1746.It Va rarpd_flags 1747.Pq Vt str 1748If 1749.Va rarpd_enable 1750is set to 1751.Dq Li YES , 1752these are the flags to pass to the 1753.Xr rarpd 8 1754daemon. 1755.It Va wpa_supplicant_enable 1756.Pq Vt bool 1757If set to 1758.Dq Li YES , 1759run the 1760.Xr wpa_supplicant 8 1761daemon in 1762.Dq interface matching mode 1763at system boot time. 1764.It Va wpa_supplicant_program 1765.Pq Vt str 1766Path to 1767.Xr wpa_supplicant 8 . 1768.It Va wpa_supplicant_flags 1769.Pq Vt str 1770If 1771.Va wpa_supplicant_enable 1772is set to 1773.Dq Li YES , 1774these are the flags to pass to the 1775.Xr wpa_supplicant 8 1776daemon. 1777.It Va bootparamd_enable 1778.Pq Vt bool 1779If set to 1780.Dq Li YES , 1781run the 1782.Xr bootparamd 8 1783daemon at system boot time. 1784.It Va bootparamd_flags 1785.Pq Vt str 1786If 1787.Va bootparamd_enable 1788is set to 1789.Dq Li YES , 1790these are the flags to pass to the 1791.Xr bootparamd 8 1792daemon. 1793.It Va stf_interface_ipv4addr 1794.Pq Vt str 1795If not set to 1796.Dq Li NO , 1797this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1798Specify this entry to enable the 6to4 interface. 1799.It Va stf_interface_ipv4plen 1800.Pq Vt int 1801Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1802An effective value is 0-31. 1803.It Va stf_interface_ipv6_ifid 1804.Pq Vt str 1805IPv6 interface ID for 1806.Xr stf 4 . 1807This can be set to 1808.Dq Li AUTO . 1809.It Va stf_interface_ipv6_slaid 1810.Pq Vt str 1811IPv6 Site Level Aggregator for 1812.Xr stf 4 . 1813.It Va keybell 1814.Pq Vt str 1815The keyboard bell sound. 1816Set to 1817.Dq Li normal , 1818.Dq Li visual , 1819.Dq Li off , 1820or 1821.Dq Li NO 1822if the default behavior is desired. 1823For details, refer to the 1824.Xr kbdcontrol 1 1825manpage. 1826.It Va keymap 1827.Pq Vt str 1828If set to 1829.Dq Li NO , 1830no keymap is installed, otherwise the value is used to install 1831the keymap file in 1832.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1833.It Va keyrate 1834.Pq Vt str 1835The keyboard repeat speed. 1836Set to 1837.Dq Li slow , 1838.Dq Li normal , 1839.Dq Li fast , 1840or 1841.Dq Li NO 1842if the default behavior is desired. 1843.It Va keychange 1844.Pq Vt str 1845If not set to 1846.Dq Li NO , 1847attempt to program the function keys with the value. 1848The value should be a single string of the form: 1849.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 1850.It Va cursor 1851.Pq Vt str 1852Can be set to the value of 1853.Dq Li normal , 1854.Dq Li blink , 1855.Dq Li destructive , 1856or 1857.Dq Li NO 1858to set the cursor behavior explicitly or choose the default behavior. 1859.It Va scrnmap 1860.Pq Vt str 1861If set to 1862.Dq Li NO , 1863no screen map is installed, otherwise the value is used to install 1864the screen map file in 1865.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 1866.It Va font8x16 1867.Pq Vt str 1868If set to 1869.Dq Li NO , 1870the default 8x16 font value is used for screen size requests, otherwise 1871the value in 1872.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1873is used. 1874.It Va font8x14 1875.Pq Vt str 1876If set to 1877.Dq Li NO , 1878the default 8x14 font value is used for screen size requests, otherwise 1879the value in 1880.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1881is used. 1882.It Va font8x8 1883.Pq Vt str 1884If set to 1885.Dq Li NO , 1886the default 8x8 font value is used for screen size requests, otherwise 1887the value in 1888.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1889is used. 1890.It Va blanktime 1891.Pq Vt int 1892If set to 1893.Dq Li NO , 1894the default screen blanking interval is used, otherwise it is set to 1895.Ar value 1896seconds. 1897.It Va saver 1898.Pq Vt str 1899If not set to 1900.Dq Li NO , 1901this is the actual screen saver to use 1902.Li ( blank , snake , daemon , 1903etc). 1904.It Va moused_nondefault_enable 1905.Pq Vt str 1906If set to 1907.Dq Li NO , 1908the mouse device specified on 1909the command line is not automatically treated as enabled by the 1910.Pa /etc/rc.d/moused 1911script. 1912Having this variable set to 1913.Dq Li YES 1914allows a 1915.Xr usb 4 1916mouse, 1917for example, 1918to be enabled as soon as it is plugged in. 1919.It Va moused_enable 1920.Pq Vt str 1921If set to 1922.Dq Li YES , 1923the 1924.Xr moused 8 1925daemon is started for doing cut/paste selection on the console. 1926.It Va moused_type 1927.Pq Vt str 1928If 1929.Va moused_enable 1930is set to 1931.Dq Li YES , 1932this is the protocol type of the mouse connected to this host. 1933The default type is 1934.Dq Li auto . 1935The 1936.Xr moused 8 1937daemon 1938is able to detect the appropriate mouse type automatically in many cases. 1939Leave this variable at the default 1940.Dq Li auto 1941to let the daemon detect it, or 1942select one from the following list if the automatic detection fails. 1943.Pp 1944If the mouse is attached to the PS/2 mouse port, leave the variable at the 1945default 1946.Dq Li auto 1947or set it to 1948.Dq Li ps/2 , 1949regardless of the brand and model of the mouse. 1950Likewise, if the mouse is attached to the bus mouse port, leave it at 1951.Dq Li auto 1952or set it to 1953.Dq Li busmouse . 1954All other protocols are for serial mice and will not work with 1955the PS/2 and bus mice. 1956If this is a USB mouse, 1957.Dq Li auto 1958is the only protocol type which will work. 1959.Pp 1960.Bl -tag -width ".Li x10mouseremote" -compact 1961.It Li microsoft 1962Microsoft mouse (serial) 1963.It Li intellimouse 1964Microsoft IntelliMouse (serial) 1965.It Li mousesystems 1966Mouse systems Corp. mouse (serial) 1967.It Li mmseries 1968MM Series mouse (serial) 1969.It Li logitech 1970Logitech mouse (serial) 1971.It Li busmouse 1972A bus mouse 1973.It Li mouseman 1974Logitech MouseMan and TrackMan (serial) 1975.It Li glidepoint 1976ALPS GlidePoint (serial) 1977.It Li thinkingmouse 1978Kensington ThinkingMouse (serial) 1979.It Li ps/2 1980PS/2 mouse 1981.It Li mmhittab 1982MM HitTablet (serial) 1983.It Li x10mouseremote 1984X10 MouseRemote (serial) 1985.It Li versapad 1986Interlink VersaPad (serial) 1987.El 1988.Pp 1989Even if the mouse is not in the above list, it may be compatible 1990with one in the list. 1991Refer to the man page for 1992.Xr moused 8 1993for compatibility information. 1994.Pp 1995It should also be noted that while this is enabled, any 1996other client of the mouse (such as an X server) should access 1997the mouse through the virtual mouse device, 1998.Pa /dev/sysmouse , 1999and configure it as a 2000.Dq Li sysmouse 2001type mouse, since all 2002mouse data is converted to this single canonical format when using 2003.Xr moused 8 . 2004If the client program does not support the 2005.Dq Li sysmouse 2006type, specify the 2007.Dq Li mousesystems 2008type. 2009It is the second preferred type. 2010.It Va moused_port 2011.Pq Vt str 2012If 2013.Va moused_enable 2014is set to 2015.Dq Li YES , 2016this is the actual port the mouse is on. 2017It might be 2018.Pa /dev/cuaa0 2019for a COM1 serial mouse or 2020.Pa /dev/psm0 2021for a PS/2 mouse, for example. 2022.It Va moused_flags 2023.Pq Vt str 2024If 2025.Va moused_type 2026is set, these are the additional flags to pass to the 2027.Xr moused 8 2028daemon. 2029.It Va mousechar_start 2030.Pq Vt int 2031If set to 2032.Dq Li NO , 2033the default mouse cursor character range 2034.Li 0xd0 Ns - Ns Li 0xd3 2035is used, otherwise the range start is set to 2036.Ar value 2037character, see 2038.Xr vidcontrol 1 . 2039Use if the default range is occupied in the language code table. 2040.It Va vidhistory 2041.Pq Vt int 2042Set the size of the history (scrollback) buffer in lines. 2043.It Va allscreens_flags 2044.Pq Vt str 2045If set, 2046.Xr vidcontrol 1 2047is run with these options for each of the virtual terminals 2048.Pq Pa /dev/ttyv* . 2049For example, 2050.Dq Fl m Cm on 2051will enable the mouse pointer on all virtual terminals if 2052.Va moused_enable 2053is set to 2054.Dq Li YES . 2055.It Va allscreens_kbdflags 2056.Pq Vt str 2057If set, 2058.Xr kbdcontrol 1 2059is run with these options for each of the virtual terminals 2060.Pq Pa /dev/ttyv* . 2061For example, 2062.Dq Fl h Li 200 2063will set the 2064.Xr syscons 4 2065scrollback (history) buffer to 200 lines. 2066.It Va cron_enable 2067.Pq Vt bool 2068If set to 2069.Dq Li YES , 2070run the 2071.Xr cron 8 2072daemon at system boot time. 2073.It Va cron_program 2074.Pq Vt str 2075Path to 2076.Xr cron 8 2077(default 2078.Pa /usr/sbin/cron ) . 2079.It Va cron_flags 2080.Pq Vt str 2081If 2082.Va cron_enable 2083is set to 2084.Dq Li YES , 2085these are the flags to pass to 2086.Xr cron 8 . 2087.It Va lpd_program 2088.Pq Vt str 2089Path to 2090.Xr lpd 8 2091(default 2092.Pa /usr/sbin/lpd ) . 2093.It Va lpd_enable 2094.Pq Vt bool 2095If set to 2096.Dq Li YES , 2097run the 2098.Xr lpd 8 2099daemon at system boot time. 2100.It Va lpd_flags 2101.Pq Vt str 2102If 2103.Va lpd_enable 2104is set to 2105.Dq Li YES , 2106these are the flags to pass to the 2107.Xr lpd 8 2108daemon. 2109.It Va nscd_enable 2110.Pq Vt bool 2111If set to 2112.Dq Li YES , 2113run the 2114.Xr nscd 8 2115daemon at system boot time. 2116.It Va mixer_enable 2117.Pq Vt bool 2118If set to 2119.Dq Li YES , 2120preserve 2121.Xr mixer 8 2122settings across reboots. 2123.It Va mta_start_script 2124.Pq Vt str 2125The full path to the script to run to start 2126a mail transfer agent. 2127The default is 2128.Pa /etc/rc.sendmail . 2129The 2130.Va sendmail_* 2131variables which 2132.Pa /etc/rc.sendmail 2133uses are documented in the 2134.Xr rc.sendmail 8 2135man page. 2136.It Va fixbootfile 2137.Pq Vt bool 2138In a 2139.Sq HAMMER ROOT with UFS /boot 2140setup, the boot loader will not set up the 2141.Va kern.bootfile 2142sysctl correctly. 2143The system will attempt to fix this on its own. 2144Set this variable to 2145.Dq Li NO 2146to turn this behavior off. 2147.It Va dumpdev 2148.Pq Vt str 2149Indicates the device (usually a swap partition) to which a crash dump 2150should be written in the event of a system crash. 2151The value of this variable is passed as the argument to 2152.Xr dumpon 8 2153and 2154.Xr savecore 8 . 2155To disable crash dumps, set this variable to 2156.Dq Li NO . 2157.It Va dumpdir 2158.Pq Vt str 2159When the system reboots after a crash and a crash dump is found on the 2160device specified by the 2161.Va dumpdev 2162variable, 2163.Xr savecore 8 2164will save that crash dump and a copy of the kernel to the directory 2165specified by the 2166.Va dumpdir 2167variable. 2168The default value is 2169.Pa /var/crash . 2170Set to 2171.Dq Li NO 2172to not run 2173.Xr savecore 8 2174at boot time when 2175.Va dumpdir 2176is set. 2177.It Va savecore_flags 2178.Pq Vt str 2179If crash dumps are enabled, these are the flags to pass to the 2180.Xr savecore 8 2181utility. 2182.It Va crashinfo_enable 2183.Pq Vt bool 2184Set to 2185.Dq Li YES 2186to turn on automatic crash dump summary generation using the utility 2187specified by the 2188.Va crashinfo_program 2189variable. 2190.It Va crashinfo_program 2191.Pq Vt str 2192Program to run to generate a crash dump summary if the variable 2193.Va crashinfo_enable 2194is set to 2195.Dq Li YES . 2196The default value is 2197.Pa /usr/sbin/crashinfo . 2198.It Va enable_quotas 2199.Pq Vt bool 2200Set to 2201.Dq Li YES 2202to turn on user disk quotas on system startup via the 2203.Xr quotaon 8 2204command. 2205.It Va check_quotas 2206.Pq Vt bool 2207Set to 2208.Dq Li YES 2209to enable user disk quota checking via the 2210.Xr quotacheck 8 2211command. 2212.It Va accounting_enable 2213.Pq Vt bool 2214Set to 2215.Dq Li YES 2216to enable system accounting through the 2217.Xr accton 8 2218facility. 2219.\" ----- cleanvar_enable setting-------------------------------- 2220.It Va cleanvar_enable 2221.Pq Vt bool 2222Set to 2223.Dq Li YES 2224to have 2225.Pa /var/run , 2226.Pa /var/spool/lock 2227and 2228.Pa /var/spool/uucp/.Temp/* 2229cleaned at startup. 2230.\" ----- clear_tmp_enable setting------------------------------- 2231.It Va clear_tmp_enable 2232.Pq Vt bool 2233Set to 2234.Dq Li YES 2235to have 2236.Pa /tmp 2237cleaned at startup. 2238.\" ----- ldconfig_paths setting -------------------------------- 2239.It Va ldconfig_paths 2240.Pq Vt str 2241Set to the list of shared library paths to use with 2242.Xr ldconfig 8 . 2243NOTE: 2244.Pa /usr/lib 2245will always be added first, so it need not appear in this list. 2246.It Va ldconfig_insecure 2247.Pq Vt bool 2248The 2249.Xr ldconfig 8 2250utility normally refuses to use directories 2251which are writable by anyone except root. 2252Set this variable to 2253.Dq Li YES 2254to disable that security check during system startup. 2255.It Va ldconfig_local_dirs 2256.Pq Vt str 2257Set to the list of local 2258.Xr ldconfig 8 2259directories. 2260The names of all files in the directories listed will be 2261passed as arguments to 2262.Xr ldconfig 8 . 2263.It Va kern_securelevel 2264.Pq Vt int 2265The kernel security level to set at startup. 2266The allowed range of 2267.Ar value 2268ranges from \-1 (the compile time default) to 3 (the most secure). 2269See 2270.Xr init 8 2271for the list of possible security levels and their effect on system operation. 2272.It Va start_vinum 2273.Pq Vt bool 2274Set to 2275.Dq Li YES 2276to start 2277.Xr vinum 8 2278at system boot time. 2279.It Va sshd_enable 2280.Pq Vt bool 2281Set to 2282.Dq Li YES 2283to start 2284.Xr sshd 8 2285at system boot time. 2286.It Va sshd_program 2287.Pq Vt str 2288Path to the SSH server program 2289(default 2290.Pa /usr/sbin/sshd ) . 2291.It Va sshd_flags 2292.Pq Vt str 2293If 2294.Va sshd_enable 2295is set to 2296.Dq Li YES , 2297these are the flags to pass to the 2298.Xr sshd 8 2299daemon. 2300.It Va ftpd_enable 2301.Pq Vt bool 2302Set to 2303.Dq Li YES 2304to start 2305.Xr ftpd 8 2306at system boot time. 2307.It Va ftpd_flags 2308.Pq Vt str 2309If 2310.Va ftpd_enable 2311is set to 2312.Dq Li YES , 2313these are the flags to pass to the 2314.Xr ftpd 8 2315daemon. 2316.It Va watchdogd_enable 2317.Pq Vt bool 2318If set to 2319.Dq Li YES , 2320start the 2321.Xr watchdogd 8 2322daemon at boot time. 2323.It Va jail_enable 2324.Pq Vt bool 2325If set to 2326.Dq Li NO , 2327any configured jails will not be started. 2328.It Va jail_list 2329.Pq Vt str 2330A space separated list of names for jails. 2331This is purely a configuration aid to help identify and 2332configure multiple jails. 2333The names specified in this list will be used to 2334identify settings common to an instance of a jail. 2335Assuming that the jail in question was named 2336.Li vjail , 2337you would have the following dependent variables: 2338.Bd -literal 2339jail_vjail_hostname="jail.example.com" 2340jail_vjail_ip="192.168.1.100" 2341jail_vjail_rootdir="/var/jails/vjail/root" 2342.Ed 2343.It Va jail_flags 2344.Pq Vt str 2345Unset by default. 2346When set, use as default value for 2347.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2348for every jail in 2349.Va jail_list . 2350.It Va jail_interface 2351.Pq Vt str 2352Unset by default. 2353When set, use as default value for 2354.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2355for every jail in 2356.Va jail_list . 2357.It Va jail_fstab 2358.Pq Vt str 2359Unset by default. 2360When set, use as default value for 2361.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2362for every jail in 2363.Va jail_list . 2364.It Va jail_mount_enable 2365.Pq Vt bool 2366Set to 2367.Dq Li NO 2368by default. 2369When set to 2370.Dq Li YES , 2371sets 2372.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2373to 2374.Dq Li YES 2375by default for every jail in 2376.Va jail_list . 2377.It Va jail_procfs_enable 2378.Pq Vt bool 2379Set to 2380.Dq Li NO 2381by default. 2382When set to 2383.Dq Li YES , 2384sets 2385.Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2386to 2387.Dq Li YES 2388by default for every jail in 2389.Va jail_list . 2390.It Va jail_devfs_enable 2391.Pq Vt bool 2392Set to 2393.Dq Li NO 2394by default. 2395When set to 2396.Dq Li YES , 2397sets 2398.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2399to 2400.Dq Li YES 2401by default for every jail in 2402.Va jail_list . 2403.It Va jail_exec_start 2404.Pq Vt str 2405Unset by default. 2406When set, use as default value for 2407.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2408for every jail in 2409.Va jail_list . 2410.It Va jail_exec_stop 2411Unset by default. 2412When set, use as default value for 2413.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2414for every jail in 2415.Va jail_list . 2416.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2417.Pq Vt str 2418Unset by default. 2419Set to the root directory used by jail 2420.Va jname . 2421.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2422.Pq Vt str 2423Unset by default. 2424Set to the fully qualified domain name (FQDN) assigned to jail 2425.Va jname . 2426.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2427.Pq Vt str 2428Unset by default. 2429Set to the IP address assigned to jail 2430.Va jname . 2431.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2432.Pq Vt str 2433Set to 2434.Dq Li -l -U root 2435by default. 2436These are flags to pass to 2437.Xr jail 8 . 2438.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2439.Pq Vt str 2440Unset by default. 2441When set, sets the interface to use when setting IP address alias. 2442Note that the alias is created at jail startup and removed at jail shutdown. 2443.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2444.Pq Vt str 2445Set to 2446.Pa /etc/fstab. Ns Aq Ar jname 2447by default. 2448This is the file system information file to use for jail 2449.Va jname . 2450.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2451.Pq Vt bool 2452Set to 2453.Dq Li NO 2454by default. 2455When set to 2456.Dq Li YES , 2457mount all file systems from 2458.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2459at jail startup. 2460.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2461.Pq Vt bool 2462Set to 2463.Dq Li NO 2464by default. 2465When set to 2466.Dq Li YES , 2467mount the process file system inside jail 2468.Ar jname 2469at jail startup. 2470.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 2471.Pq Vt bool 2472Set to 2473.Dq Li NO 2474by default. 2475When set to 2476.Dq Li YES , 2477mount the device file system inside jail 2478.Ar jname 2479at jail startup. 2480.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2481.Pq Vt str 2482Set to 2483.Dq Li /bin/sh /etc/rc 2484by default. 2485This is the command executed at jail startup. 2486.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2487.Pq Vt str 2488Set to 2489.Dq Li /bin/sh /etc/rc.shutdown 2490by default. 2491This is the command executed at jail shutdown. 2492.It Va jail_default_set_hostname_allow 2493.Pq Vt bool 2494If set to 2495.Dq Li NO , 2496do not allow the root user in a jail to set its hostname. 2497.It Va jail_default_socket_unixiproute_only 2498.Pq Vt bool 2499If set to 2500.Dq Li YES , 2501do not allow any sockets, 2502besides UNIX/IP/route sockets, 2503to be used within a jail. 2504.It Va jail_default_sysvipc_allow 2505.Pq Vt bool 2506If set to 2507.Dq Li YES , 2508allow applications within a jail to use System V IPC. 2509.It Va jail_default_chflags_allow 2510.Pq Vt bool 2511If set to 2512.Dq Li YES , 2513allow applications within a jail to alter system file flags. 2514.It Va jail_default_raw_sockets_allow 2515.Pq Vt bool 2516If set to 2517.Dq Li YES , 2518allow applications within a jail to user raw sockets. 2519.It Va jail_default_allow_listen_override 2520.Pq Vt bool 2521If set to 2522.Dq Li YES , 2523 allows both wildcard and non-wildcard listen sockets in the jail to 2524override wildcard listen sockets on the host. 2525.It Va lvm_enable 2526.Pq Vt bool 2527If set to 2528.Dq Li YES 2529LVM volumes will be discovered and configured on boot. 2530.It Va newsyslog_enable 2531.Pq Vt bool 2532If set to 2533.Dq Li YES , 2534run 2535.Xr newsyslog 8 2536before syslogd starts. 2537.It Va newsyslog_flags 2538.Pq Vt str 2539If 2540.Va newsyslog_enable 2541is set to 2542.Dq Li YES , 2543these are the flags passed to 2544.Xr newsyslog 8 . 2545.It Va resident_enable 2546.Pq Vt bool 2547If set to 2548.Dq Li YES , 2549make the dynamic binaries listed in 2550.Pa /etc/resident.conf 2551resident. 2552.It Va varsym_enable 2553.Pq Vt bool 2554If set to 2555.Dq Li YES , 2556process 2557.Pa /etc/varsym.conf 2558to set system-wide variables for variant symlinks. 2559.It Va rand_irqs 2560.Pq Vt str 2561Set either to 2562.Dq Li NO 2563or a whitespace separated list of IRQ numbers which will be used as a source of 2564randomness. 2565.\" ----------------------------------------------------- 2566.It Va entropy_dir 2567.Pq Vt str 2568Set to 2569.Dq Li NO 2570to disable caching entropy via 2571.Xr cron 8 . 2572Otherwise set to the directory used to store entropy files in. 2573.It Va entropy_file 2574.Pq Vt str 2575Set to 2576.Dq Li NO 2577to disable caching entropy through reboots. 2578Otherwise set to the filename used to store cached entropy through reboots. 2579This file should be located on the root file system to seed the 2580.Xr random 4 2581device as early as possible in the boot process. 2582.It Va entropy_save_sz 2583.Pq Vt int 2584Determines the size of the entropy cache files used for entropy cached 2585through reboots and also entropy cached via 2586.Xr cron 8 . 2587The entropy is fed to the system in blocks of 512 bytes, so this number 2588should be large enough to fill as many of the entropy pools in the kernel 2589CSPRNG as possible. 2590By default, it is set to 16384, which should be able to seed all 32 entropy 2591pools in the Fortuna CSPRNG. 2592.It Va dmesg_enable 2593.Pq Vt bool 2594Set to 2595.Dq Li YES 2596to save 2597.Xr dmesg 8 2598to 2599.Pa /var/run/dmesg.boot 2600on boot. 2601.It Va rcshutdown_timeout 2602.Pq Vt int 2603If set, start a watchdog timer in the background which will terminate 2604.Pa rc.shutdown 2605if 2606.Xr shutdown 8 2607has not completed within the specified time (in seconds). 2608Notice that in addition to this soft timeout, 2609.Xr init 8 2610also applies a hard timeout for the execution of 2611.Pa rc.shutdown . 2612This is configured via 2613.Xr sysctl 8 2614variable 2615.Va kern.init_shutdown_timeout 2616and defaults to 120 seconds. Setting the value of 2617.Va rcshutdown_timeout 2618to more than 120 seconds will have no effect until the 2619.Xr sysctl 8 2620variable 2621.Va kern.init_shutdown_timeout 2622is also increased. 2623.It Va udevd_enable 2624.Pq Vt bool 2625If set to 2626.Dq Li YES , 2627the udevd daemon will be started on boot. 2628.It Va vfs_quota_enable 2629.Pq Vt bool 2630If set to 2631.Dq Li YES , 2632vfs quota rc.d scripts will be run on boot. 2633.It Va vfs_quota_sync 2634.Pq Vt str 2635List of mount points whose counters are to be synchronized with on-disk 2636usage during system startup. 2637See also 2638.Xr vquota 8 . 2639.It Va vknetd_enable 2640.Pq Vt bool 2641If set to 2642.Dq Li YES , 2643.Xr vknetd 8 2644will be started on boot. 2645.It Va vknetd_flags 2646.Pq Vt bool 2647Additional flags passed to 2648.Xr vknetd 8 . 2649Usually address/cidrbits is specified here. 2650When no flags are passed, default option 2651.Fl U 2652will be used. 2653.It Va vkernel_enable 2654.Pq Vt bool 2655If set to 2656.Dq Li NO , 2657any configured vkernels will not be started. 2658.It Va vkernel_kill_timeout 2659.Pq Vt int 2660This defines the default number of seconds that we will wait for the 2661vkernel to shut down on its own. 2662If after this time it's still alive, 2663it will be killed with SIGKILL. 2664.It Va vkernel_bin 2665.Pq Vt str 2666Defines the default path to the vkernel binary. 2667.It Va vkernel_list 2668.Pq Vt str 2669A space separated list of names for vkernels. 2670This is purely a configuration aid to help identify and 2671configure multiple vkernels. 2672The names specified in this list will be used to 2673identify settings common to a vkernel instance. 2674Assuming that the vkernel in question was named 2675.Li example , 2676you would have the following dependent variables 2677(filled with reference values in this text): 2678.Bd -literal 2679vkernel_example_bin="/usr/obj/usr/src/sys/VKERNEL64/kernel.debug" 2680vkernel_example_memsize="64m" 2681vkernel_example_rootimg_list="/var/vkernel/rootimg.01" 2682vkernel_example_memimg="/var/vkernel/memimg.000001" 2683vkernel_example_user="myuser" 2684vkernel_example_iface_list="auto:bridge0" 2685vkernel_example_logfile="/dev/null" 2686vkernel_example_flags="-U" 2687vkernel_example_kill_timeout="45" 2688.Ed 2689.Pp 2690The last six are optional. 2691They default to an empty string if not set, except for logfile which defaults to 2692.Pa /dev/null 2693if it is not set. 2694.Pp 2695Note that in case 2696.Va vkernel_memimg 2697is not set, the 2698.Pa rc.d 2699script will create 2700.Pa /var/vkernel , 2701which is the vkernel's default directory for memory images, 2702with permissions of 1777, i.e. world writable with the sticky bit set 2703(see 2704.Xr sticky 8 ) . 2705.It Va autofs_enable 2706.Pq Vt bool 2707If set to 2708.Dq Li YES , 2709start the 2710.Xr automount 8 2711utility and the 2712.Xr automountd 8 2713and 2714.Xr autounmountd 8 2715daemons at boot time. 2716.It Va automount_flags 2717.Pq Vt str 2718If 2719.Va autofs_enable 2720is set to 2721.Dq Li YES , 2722these are the flags to pass to the 2723.Xr automount 8 2724program. 2725By default no flags are passed. 2726.It Va automountd_flags 2727.Pq Vt str 2728If 2729.Va autofs_enable 2730is set to 2731.Dq Li YES , 2732these are the flags to pass to the 2733.Xr automountd 8 2734daemon. 2735By default no flags are passed. 2736.It Va autounmountd_flags 2737.Pq Vt str 2738If 2739.Va autofs_enable 2740is set to 2741.Dq Li YES , 2742these are the flags to pass to the 2743.Xr autounmountd 8 2744daemon. 2745By default no flags are passed. 2746.El 2747.Sh FILES 2748.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2749.It Pa /etc/defaults/rc.conf 2750.It Pa /etc/rc.conf 2751.It Pa /etc/rc.conf.local 2752.It Pa /etc/start_if. Ns Aq Ar interface 2753.El 2754.Sh SEE ALSO 2755.Xr gdb 1 , 2756.Xr info 1 , 2757.Xr kbdcontrol 1 , 2758.Xr varsym 1 , 2759.Xr vidcontrol 1 , 2760.Xr ip 4 , 2761.Xr ipfw 4 , 2762.Xr kld 4 , 2763.Xr pf 4 , 2764.Xr tcp 4 , 2765.Xr udp 4 , 2766.Xr vlan 4 , 2767.Xr wg 4 , 2768.Xr autofs 5 , 2769.Xr auto_master 5 , 2770.Xr exports 5 , 2771.Xr motd 5 , 2772.Xr resident.conf 5 , 2773.Xr varsym.conf 5 , 2774.Xr accton 8 , 2775.Xr automount 8 , 2776.Xr automountd 8 , 2777.Xr autounmountd 8 , 2778.Xr btconfig 8 , 2779.Xr bthcid 8 , 2780.Xr cron 8 , 2781.Xr devd 8 , 2782.Xr dhclient 8 , 2783.Xr dhcpcd 8 , 2784.Xr dntpd 8 , 2785.Xr ftpd 8 , 2786.Xr ifconfig 8 , 2787.Xr inetd 8 , 2788.Xr ip6addrctl 8 , 2789.Xr jail 8 , 2790.Xr lpd 8 , 2791.Xr makewhatis 8 , 2792.Xr mixer 8 , 2793.Xr mountd 8 , 2794.Xr moused 8 , 2795.Xr nfsd 8 , 2796.Xr pcnfsd 8 , 2797.Xr pfctl 8 , 2798.Xr pflogd 8 , 2799.Xr quotacheck 8 , 2800.Xr quotaon 8 , 2801.Xr rc 8 , 2802.Xr rc.sendmail 8 , 2803.Xr resident 8 , 2804.Xr rndcontrol 8 , 2805.Xr route 8 , 2806.Xr routed 8 , 2807.Xr rpcbind 8 , 2808.Xr rpc.lockd 8 , 2809.Xr rpc.statd 8 , 2810.Xr rtadvd 8 , 2811.Xr rtsold 8 , 2812.Xr rwhod 8 , 2813.Xr savecore 8 , 2814.Xr sdpd 8 , 2815.Xr sensorsd 8 , 2816.Xr sshd 8 , 2817.Xr swapon 8 , 2818.Xr sysctl 8 , 2819.Xr syslogd 8 , 2820.Xr sysvipcd 8 , 2821.Xr vinum 8 , 2822.Xr wpa_supplicant 8 , 2823.Xr yp 8 , 2824.Xr ypbind 8 , 2825.Xr ypserv 8 , 2826.Xr ypset 8 2827.Sh HISTORY 2828The 2829.Nm 2830file appeared in 2831.Fx 2.2.2 . 2832.Sh AUTHORS 2833.An Jordan K. Hubbard . 2834