1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" $DragonFly: src/share/man/man5/rc.conf.5,v 1.10 2005/03/17 22:25:46 dillon Exp $ 27.Dd March 3, 2002 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67See the 68.Va rc_conf_files 69variable below. 70.Pp 71The following list provides a name and short description for each 72variable that can be set in the 73.Nm 74file: 75.Bl -tag -width indent-two 76.It Va rc_debug 77.Pq Vt bool 78If set to 79.Dq Li YES , 80enable output of debug messages from rc scripts. 81This variable can be helpful in diagnosing mistakes when 82editing or integrating new scripts. 83Beware that this produces copious output to the terminal and 84.Xr syslog 3 . 85.It Va rc_info 86.Pq Vt bool 87If set to 88.Dq Li NO , 89disable informational messages from the rc scripts. 90Informational messages are displayed when 91a condition that is not serious enough to warrant a warning or 92an error occurs. 93.It Va swapfile 94.Pq Vt str 95If set to 96.Dq Li NO , 97no swapfile is installed, otherwise the value is used as the full 98pathname to a file to use for additional swap space. 99.It Va apm_enable 100.Pq Vt bool 101If set to 102.Dq Li YES , 103enable support for Automatic Power Management with 104the 105.Xr apm 8 106command. 107.It Va apmd_enable 108.Pq Vt bool 109Run 110.Xr apmd 8 111to handle APM event from userland. 112This also enables support for APM. 113.It Va apmd_flags 114.Pq Vt str 115If 116.Va apmd_enable 117is set to 118.Dq Li YES , 119these are the flags to pass to the 120.Xr apmd 8 121daemon. 122.It Va battd_enable 123Enable 124.Xr battd 1 125to monitor the status of batteries present in the system. 126This also enables support for APM. 127.It Va battd_flags 128.Pq Vt str 129If 130.Va battd_enable 131is set to 132.Dq Li YES , 133these are the flags to pass to the 134.Xr battd 1 135daemon. 136.It Va devd_enable 137.Pq Vt bool 138Run 139.Xr devd 8 140to handle device added, removed or unknown events from the kernel. 141.It Va pccard_enable 142.Pq Vt bool 143If set to 144.Dq Li YES , 145enable PCCARD support at boot time. 146.It Va pccard_mem 147.Pq Vt str 148Set to PCCARD controller memory address or 149.Dq Li DEFAULT 150for the default value. 151.It Va pccard_ifconfig 152.Pq Vt str 153List of arguments to be passed to 154.Xr ifconfig 8 155at boot time or on 156insertion of the card (e.g.\& 157.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 158for a fixed address or 159.Dq Li DHCP 160for a DHCP client). 161.It Va pccard_beep 162.Pq Vt int 163If 0, 164set the PCCARD controller to silent mode. 165If 1, 166set it to beep mode. 167If 2, 168set it to melody mode. 169.It Va pccard_conf 170.Pq Vt str 171Path to the configuration file for the 172.Xr pccardd 8 173daemon (e.g.\& 174.Pa /etc/pccard.conf.sample ) . 175.It Va pccardd_flags 176.Pq Vt str 177If 178.Va pccard_enable 179is set to 180.Dq Li YES , 181these are the flags to pass to the 182.Xr pccardd 8 183daemon. 184.It Va pccard_ether_delay 185.Pq Vt str 186Set the delay before starting 187.Xr dhclient 8 188in the 189.Pa /etc/pccard_ether 190script. 191This defaults to 5 seconds to work around a bug in the 192.Xr ed 4 193driver which can lead to system hangs when using some newer 194.Xr ed 4 195based cards. 196.It Va removable_interfaces 197.Pq Vt str 198List of removable network interfaces to be supported by 199.Pa /etc/pccard_ether . 200.It Va local_startup 201.Pq Vt str 202List of directories to search for startup script files. 203.It Va script_name_sep 204.Pq Vt str 205The field separator to use for breaking down the list of startup script files 206into individual filenames. 207The default is a space. 208It is not necessary to change this unless there are startup scripts with names 209containing spaces. 210.It Va hostname 211.Pq Vt str 212The fully qualified domain name (FQDN) of this host on the network. 213This should almost certainly be set to something meaningful, even if 214there is no network connection. 215If 216.Xr dhclient 8 217is used to set the hostname via DHCP, 218this variable should be set to an empty string. 219.It Va ipv6_enable 220.Pq Vt bool 221Enable support for IPv6 networking. 222Note that this requires that the kernel have been compiled with 223.Cd "options INET6" . 224.It Va nisdomainname 225.Pq Vt str 226The NIS domain name of this host, or 227.Dq Li NO 228if NIS is not used. 229.It Va dhclient_program 230.Pq Vt str 231Path to the DHCP client program 232.Pa ( /sbin/dhclient , 233the ISC DHCP client, 234is the default). 235.It Va dhclient_flags 236.Pq Vt str 237Additional flags to pass to the DHCP client program. 238For the ISC DHCP client, see the 239.Xr dhclient 8 240manpage for a description of the command line options available. 241.It Va background_dhclient 242.Pq Vt bool 243Set to 244.Dq Li YES 245to start the dhcp client in background. 246This can cause trouble with applications depending on 247a working network, but it will provide a faster startup 248in many cases. 249.It Va firewall_enable 250.Pq Vt bool 251Set to 252.Dq Li YES 253to load firewall rules at startup. 254If the kernel was not built with 255.Cd "options IPFIREWALL" , 256the 257.Pa ipfw.ko 258kernel module will be loaded. 259See also 260.Va ipfilter_enable . 261.It Va ipv6_firewall_enable 262.Pq Vt bool 263The IPv6 equivalent of 264.Va firewall_enable . 265Set to 266.Dq Li YES 267to load IPv6 firewall rules at startup. 268If the kernel was not built with 269.Cd "options IPV6FIREWALL" , 270the 271.Pa ip6fw.ko 272kernel module will be loaded. 273.It Va firewall_script 274.Pq Vt str 275This variable specifies the full path to the firewall script to run. 276The default is 277.Pa /etc/rc.firewall . 278.It Va ipv6_firewall_script 279.Pq Vt str 280The IPv6 equivalent of 281.Va firewall_script . 282.It Va firewall_type 283.Pq Vt str 284Names the firewall type from the selection in 285.Pa /etc/rc.firewall , 286or the file which contains the local firewall ruleset. 287Valid selections from 288.Pa /etc/rc.firewall 289are: 290.Pp 291.Bl -tag -width ".Li simple" -compact 292.It Li open 293unrestricted IP access 294.It Li closed 295all IP services disabled, except via 296.Dq Li lo0 297.It Li client 298basic protection for a workstation 299.It Li simple 300basic protection for a LAN. 301.El 302.Pp 303If a filename is specified, the full path 304must be given. 305.It Va ipv6_firewall_type 306.Pq Vt str 307The IPv6 equivalent of 308.Va firewall_type . 309.It Va firewall_quiet 310.Pq Vt bool 311Set to 312.Dq Li YES 313to disable the display of firewall rules on the console during boot. 314.It Va ipv6_firewall_quiet 315.Pq Vt bool 316The IPv6 equivalent of 317.Va firewall_quiet . 318.It Va firewall_logging 319.Pq Vt bool 320Set to 321.Dq Li YES 322to enable firewall event logging. 323This is equivalent to the 324.Dv IPFIREWALL_VERBOSE 325kernel option. 326.It Va ipv6_firewall_logging 327.Pq Vt bool 328The IPv6 equivalent of 329.Va firewall_logging . 330.It Va firewall_flags 331.Pq Vt str 332Flags passed to 333.Xr ipfw 8 334if 335.Va firewall_type 336specifies a filename. 337.It Va ipv6_firewall_flags 338.Pq Vt str 339The IPv6 equivalent of 340.Va firewall_flags . 341.It Va natd_program 342.Pq Vt str 343Path to 344.Xr natd 8 . 345.It Va natd_enable 346.Pq Vt bool 347Set to 348.Dq Li YES 349to enable 350.Xr natd 8 . 351.Va firewall_enable 352must also be set to 353.Dq Li YES , 354and 355.Xr divert 4 356sockets must be enabled in the kernel. 357.It Va natd_interface 358.Pq Vt str 359This is the name of the public interface on which 360.Xr natd 8 361should run. 362The interface may be given as an interface name or as an IP address. 363.It Va natd_flags 364.Pq Vt str 365Additional 366.Xr natd 8 367flags should be placed here. 368The 369.Fl n 370or 371.Fl a 372flag is automatically added with the above 373.Va natd_interface 374as an argument. 375.\" ----- ipfilter_enable setting -------------------------------- 376.It Va ipfilter_enable 377.Pq Vt bool 378Set to 379.Dq Li NO 380by default. 381Setting this to 382.Dq Li YES 383enables 384.Xr ipf 8 385packet filtering. 386.Pp 387Typical usage will require putting 388.Bd -literal 389ipfilter_enable="YES" 390ipnat_enable="YES" 391ipmon_enable="YES" 392ipfs_enable="YES" 393.Ed 394.Pp 395into 396.Pa /etc/rc.conf 397and editing 398.Pa /etc/ipf.rules 399and 400.Pa /etc/ipnat.rules 401appropriately. 402.Pp 403Note that 404.Va ipfilter_enable 405and 406.Va ipnat_enable 407can be enabled independently. 408.Va ipmon_enable 409and 410.Va ipfs_enable 411both require at least one of 412.Va ipfilter_enable 413and 414.Va ipnat_enable 415to be enabled. 416.Pp 417Having 418.Bd -literal 419options IPFILTER 420options IPFILTER_LOG 421options IPFILTER_DEFAULT_BLOCK 422.Ed 423.Pp 424in the kernel configuration file is a good idea, too. 425.\" ----- ipfilter_program setting ------------------------------ 426.It Va ipfilter_program 427.Pq Vt str 428Path to 429.Xr ipf 8 430(default 431.Pa /sbin/ipf ) . 432.\" ----- ipfilter_rules setting -------------------------------- 433.It Va ipfilter_rules 434.Pq Vt str 435Set to 436.Pa /etc/ipf.rules 437by default. 438This variable contains the name of the filter rule definition file. 439The file is expected to be readable for the 440.Xr ipf 8 441command to execute. 442.\" ----- ipv6_ipfilter_rules setting --------------------------- 443.It Va ipv6_ipfilter_rules 444.Pq Vt str 445Set to 446.Pa /etc/ipf6.rules 447by default. 448This variable contains the IPv6 filter rule definition file. 449The file is expected to be readable for the 450.Xr ipf 8 451command to execute. 452.\" ----- ipfilter_flags setting -------------------------------- 453.It Va ipfilter_flags 454.Pq Vt str 455Empty by default. 456This variable contains flags passed to the 457.Xr ipf 8 458program. 459.\" ----- ipnat_enable setting ---------------------------------- 460.It Va ipnat_enable 461.Pq Vt bool 462Set to 463.Dq Li NO 464by default. 465Set it to 466.Dq Li YES 467to enable 468.Xr ipnat 1 469network address translation. 470See 471.Va ipfilter_enable 472for a detailed discussion. 473.\" ----- ipnat_program setting --------------------------------- 474.It Va ipnat_program 475.Pq Vt str 476Path to 477.Xr ipnat 1 478(default 479.Pa /sbin/ipnat ) . 480.\" ----- ipnat_rules setting ----------------------------------- 481.It Va ipnat_rules 482.Pq Vt str 483Set to 484.Pa /etc/ipnat.rules 485by default. 486This variable contains the name of the file 487holding the network address translation definition. 488This file is expected to be readable for the 489.Xr ipnat 1 490command to execute. 491.\" ----- ipnat_flags setting ----------------------------------- 492.It Va ipnat_flags 493.Pq Vt str 494Empty by default. 495This variable contains flags passed to the 496.Xr ipnat 1 497program. 498.\" ----- ipmon_enable setting ---------------------------------- 499.It Va ipmon_enable 500.Pq Vt bool 501Set to 502.Dq Li NO 503by default. 504Set it to 505.Dq Li YES 506to enable 507.Xr ipmon 8 508monitoring (logging 509.Xr ipf 8 510and 511.Xr ipnat 1 512events). 513Setting this variable needs setting 514.Va ipfilter_enable 515or 516.Va ipnat_enable 517too. 518See 519.Va ipfilter_enable 520for a detailed discussion. 521.\" ----- ipmon_program setting --------------------------------- 522.It Va ipmon_program 523.Pq Vt str 524Path to 525.Xr ipmon 8 526(default 527.Pa /sbin/ipmon ) . 528.\" ----- ipmon_flags setting ----------------------------------- 529.It Va ipmon_flags 530.Pq Vt str 531Set to 532.Dq Li -Ds 533by default. 534This variable contains flags passed to the 535.Xr ipmon 8 536program. 537Another typical example would be 538.Dq Fl D Pa /var/log/ipflog 539to have 540.Xr ipmon 8 541log directly to a file bypassing 542.Xr syslogd 8 . 543Make sure to adjust 544.Pa /etc/newsyslog.conf 545in such case like this: 546.Bd -literal 547/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 548.Ed 549.\" ----- ipfs_enable setting ----------------------------------- 550.It Va ipfs_enable 551.Pq Vt bool 552Set to 553.Dq Li NO 554by default. 555Set it to 556.Dq Li YES 557to enable 558.Xr ipfs 8 559saving the filter and NAT state tables during shutdown 560and reloading them during startup again. 561Setting this variable needs setting 562.Va ipfilter_enable 563or 564.Va ipnat_enable 565to 566.Dq Li YES 567too. 568See 569.Va ipfilter_enable 570for a detailed discussion. 571Note that if 572.Va kern_securelevel 573is set to 3, 574.Va ipfs_enable 575cannot be used 576because the raised securelevel will prevent 577.Xr ipfs 8 578from saving the state tables at shutdown time. 579.\" ----- ipfs_program setting ---------------------------------- 580.It Va ipfs_program 581.Pq Vt str 582Path to 583.Xr ipfs 8 584(default 585.Pa /sbin/ipfs ) . 586.\" ----- ipfs_flags setting ------------------------------------ 587.It Va ipfs_flags 588.Pq Vt str 589Empty by default. 590This variable contains flags passed to the 591.Xr ipfs 8 592program. 593.\" ----- end of added ipf hook --------------------------------- 594.It Va tcp_extensions 595.Pq Vt bool 596Set to 597.Dq Li YES 598by default. 599Setting this to 600.Dq Li NO 601disables certain TCP options as described by 602.Rs 603.%T "RFC 1323" 604.Re 605Setting this to 606.Dq Li NO 607might help remedy such problems with connections as randomly hanging 608or other weird behavior. 609Some network devices are known 610to be broken with respect to these options. 611.It Va log_in_vain 612.Pq Vt int 613Set to 0 by default. 614The 615.Xr sysctl 8 616variables, 617.Va net.inet.tcp.log_in_vain 618and 619.Va net.inet.udp.log_in_vain , 620as described in 621.Xr tcp 4 622and 623.Xr udp 4 , 624are set to the given value. 625.It Va tcp_keepalive 626.Pq Vt bool 627Set to 628.Dq Li YES 629by default. 630Setting to 631.Dq Li NO 632will disable probing idle TCP connections to verify that the 633peer is still up and reachable. 634.It Va tcp_drop_synfin 635.Pq Vt bool 636Set to 637.Dq Li NO 638by default. 639Setting to 640.Dq Li YES 641will cause the kernel to ignore TCP frames that have both 642the SYN and FIN flags set. 643This prevents OS fingerprinting, but may 644break some legitimate applications. 645This option is only available if the 646kernel was built with the 647.Dv TCP_DROP_SYNFIN 648option. 649.It Va icmp_drop_redirect 650.Pq Vt bool 651Set to 652.Dq Li NO 653by default. 654Setting to 655.Dq Li YES 656will cause the kernel to ignore ICMP REDIRECT packets. 657Refer to 658.Xr icmp 4 659for more information. 660.It Va icmp_log_redirect 661.Pq Vt bool 662Set to 663.Dq Li NO 664by default. 665Setting to 666.Dq Li YES 667will cause the kernel to log ICMP REDIRECT packets. 668Note that 669the log messages are not rate-limited, so this option should only be used 670for troubleshooting networks. 671Refer to 672.Xr icmp 4 673for more information. 674.It Va icmp_bmcastecho 675.Pq Vt bool 676Set to 677.Dq Li YES 678to respond to broadcast or multicast ICMP ping packets. 679Refer to 680.Xr icmp 4 681for more information. 682.It Va ip_portrange_first 683.Pq Vt int 684If not set to 685.Dq Li NO , 686this is the first port in the default portrange. 687Refer to 688.Xr ip 4 689for more information. 690.It Va ip_portrange_last 691.Pq Vt int 692If not set to 693.Dq Li NO , 694this is the last port in the default portrange. 695Refer to 696.Xr ip 4 697for more information. 698.It Va network_interfaces 699.Pq Vt str 700Set to the list of network interfaces to configure on this host. 701For example, if the only network devices in the system are the loopback 702device 703.Pq Li lo0 704and a NIC using the 705.Xr ed 4 706driver, 707this could be set to 708.Dq Li "lo0 ed0" . 709An 710.Va ifconfig_ Ns Aq Ar interface 711variable is also assumed to exist for each value of 712.Ar interface . 713It is also possible to add IP alias entries here in cases where 714multiple IP addresses registered against a single interface 715are desired. 716Assuming that the interface in question was 717.Li ed0 , 718it might look 719something like this: 720.Bd -literal 721ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 722ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 723.Ed 724.Pp 725And so on. 726For each 727.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 728entry that is found, 729its contents are passed to 730.Xr ifconfig 8 . 731Execution stops at the first unsuccessful access, so if 732something like this is present: 733.Bd -literal 734ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 735ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 736ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 737ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 738.Ed 739.Pp 740Then note that alias4 would 741.Em not 742be added since the search would 743stop with the missing alias3 entry. 744.Pp 745If the 746.Pa /etc/start_if. Ns Aq Ar interface 747file is present, it is read and executed by the 748.Xr sh 1 749interpreter 750before configuring the interface as specified in the 751.Va ifconfig_ Ns Aq Ar interface 752and 753.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 754variables. 755.Pp 756It is possible to bring up an interface with DHCP by setting the 757.Va ifconfig_ Ns Aq Ar interface 758variable to 759.Dq Li DHCP . 760For instance, to initialize the 761.Li ed0 762device via DHCP, 763it is possible to use something like: 764.Bd -literal 765ifconfig_ed0="DHCP" 766.Ed 767.It Va ipv6_network_interfaces 768.Pq Vt str 769This is the IPv6 equivalent of 770.Va network_interfaces . 771Instead of setting the ifconfig variables as 772.Va ifconfig_ Ns Aq Ar interface 773they should be set as 774.Va ipv6_ifconfig_ Ns Aq Ar interface . 775Aliases should be set as 776.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 777.Va ipv6_prefix_ Ns Aq Ar interface 778does something. 779Interfaces that do not have a 780.Va ipv6_ifconfig_ Ns Aq Ar interface 781setting will be auto configured by 782.Xr rtsol 8 783if the 784.Va ipv6_gateway_enable 785is set to 786.Dq Li NO . 787Note that the IPv6 networking code does not support the 788.Pa /etc/start_if. Ns Aq Ar interface 789files. 790.It Va ipv6_default_interface 791.Pq Vt str 792If not set to 793.Dq Li NO , 794this is the default output interface for scoped addresses. 795Now this works only for IPv6 link local multicast addresses. 796.It Va cloned_interfaces 797.Pq Vt str 798Set to the list of clonable network interfaces to create on this host. 799Entries in 800.Va cloned_interfaces 801are automatically appended to 802.Va network_interfaces 803for configuration. 804.It Va gif_interfaces 805.Pq Vt str 806Set to the list of 807.Xr gif 4 808tunnel interfaces to configure on this host. 809A 810.Va gifconfig_ Ns Aq Ar interface 811variable is assumed to exist for each value of 812.Ar interface . 813The value of this variable is used to configure the link layer of the 814tunnel according to the syntax of the 815.Cm tunnel 816option to 817.Xr ifconfig 8 . 818Additionally, this option ensures that each listed interface is created 819via the 820.Cm create 821option to 822.Xr ifconfig 8 823before attempting to configure it. 824.It Va sppp_interfaces 825.Pq Vt str 826Set to the list of 827.Xr sppp 4 828interfaces to configure on this host. 829A 830.Va spppconfig_ Ns Aq Ar interface 831variable is assumed to exist for each value of 832.Ar interface . 833Each interface should also be configured by a general 834.Va ifconfig_ Ns Aq Ar interface 835setting. 836Refer to 837.Xr spppcontrol 8 838for more information about available options. 839.It Va ppp_enable 840.Pq Vt bool 841If set to 842.Dq Li YES , 843run the 844.Xr ppp 8 845daemon. 846.It Va ppp_mode 847.Pq Vt str 848Mode in which to run the 849.Xr ppp 8 850daemon. 851Accepted modes are 852.Dq Li auto , 853.Dq Li ddial , 854.Dq Li direct 855and 856.Dq Li dedicated . 857See the manual for a full description. 858.It Va ppp_nat 859.Pq Vt bool 860If set to 861.Dq Li YES , 862enables network address translation. 863Used in conjunction with 864.Va gateway_enable 865allows hosts on private network addresses access to the Internet using 866this host as a network address translating router. 867.It Va ppp_profile 868.Pq Vt str 869The name of the profile to use from 870.Pa /etc/ppp/ppp.conf . 871.It Va ppp_user 872.Pq Vt str 873The name of the user under which 874.Xr ppp 8 875should be started. 876By 877default, 878.Xr ppp 8 879is started as 880.Dq Li root . 881.It Va rc_conf_files 882.Pq Vt str 883This option is used to specify a list of files that will override 884the settings in 885.Pa /etc/defaults/rc.conf . 886The files will be read in the order in which they are specified and should 887include the full path to the file. 888By default, the files specified are 889.Pa /etc/rc.conf 890and 891.Pa /etc/rc.conf.local 892.It Va fsck_y_enable 893.Pq Vt bool 894If set to 895.Dq Li YES , 896.Xr fsck 8 897will be run with the 898.Fl y 899flag if the initial preen 900of the file systems fails. 901.It Va netfs_types 902.Pq Vt str 903List of file system types that are network-based. 904This list should generally not be modified by end users. 905Use 906.Va extra_netfs_types 907instead. 908.It Va extra_netfs_types 909.Pq Vt str 910If set to something other than 911.Dq Li NO 912(the default), 913this variable extends the list of file system types 914for which automatic mounting at startup by 915.Xr rc 8 916should be delayed until the network is initialized. 917It should contain 918a whitespace-separated list of network file system descriptor pairs, 919each consisting of a file system type as passed to 920.Xr mount 8 921and a human-readable, one-word description, 922joined with a colon 923.Pq Ql \&: . 924Extending the default list in this way is only necessary 925when third party file system types are used. 926.It Va syslogd_enable 927.Pq Vt bool 928If set to 929.Dq Li YES , 930run the 931.Xr syslogd 8 932daemon. 933.It Va syslogd_program 934.Pq Vt str 935Path to 936.Xr syslogd 8 937(default 938.Pa /usr/sbin/syslogd ) . 939.It Va syslogd_flags 940.Pq Vt str 941If 942.Va syslogd_enable 943is set to 944.Dq Li YES , 945these are the flags to pass to 946.Xr syslogd 8 . 947.It Va inetd_enable 948.Pq Vt bool 949If set to 950.Dq Li YES , 951run the 952.Xr inetd 8 953daemon. 954.It Va inetd_program 955.Pq Vt str 956Path to 957.Xr inetd 8 958(default 959.Pa /usr/sbin/inetd ) . 960.It Va inetd_flags 961.Pq Vt str 962If 963.Va inetd_enable 964is set to 965.Dq Li YES , 966these are the flags to pass to 967.Xr inetd 8 . 968.It Va named_rcng 969.Pq Vt bool 970If set to 971.Dq Li YES 972use new functionality provided in the 973.Pa /etc/rc.d/named 974script to facilitate a 975.Xr chroot 8 976instance of 977.Xr named 8 . 978This variable is experimental. 979It may be removed or changed in the near future. 980.It Va named_enable 981.Pq Vt bool 982If set to 983.Dq Li YES , 984run the 985.Xr named 8 986daemon. 987.It Va named_program 988.Pq Vt str 989Path to 990.Xr named 8 991(default 992.Pa /usr/sbin/named ) . 993.It Va named_flags 994.Pq Vt str 995If 996.Va named_enable 997is set to 998.Dq Li YES , 999these are the flags to pass to 1000.Xr named 8 . 1001.It Va named_pidfile 1002.Pq Vt str 1003This is the default path to the 1004.Xr named 8 1005daemon's PID file. 1006Change it if you change the location in 1007.Xr named.conf 5 . 1008.It Va named_chrootdir 1009.Pq Vt str 1010The root directory for a name server run in a 1011.Xr chroot 8 1012environment. 1013If left empty 1014.Xr named 8 1015will not be run in a 1016.Xr chroot 8 1017environment. 1018This variable has no effect if 1019.Va named_rcng 1020is not enabled. 1021This variable is experimental. 1022It may be removed or changed in the near future. 1023.It Va named_chroot_autoupdate 1024.Pq Vt bool 1025Set to 1026.Dq Li NO 1027to disable automatic syncing of libraries and 1028other system files between the root file system and the 1029.Xr chroot 8 . 1030This variable has no effect if 1031.Va named_rcng 1032is not enabled. 1033This variable is experimental. 1034It may be removed or changed in the near future. 1035.It Va named_symlink_enable 1036.Pq Vt bool 1037Set to 1038.Dq Li NO 1039to disable symlinking of 1040.Va named_pidfile 1041and 1042.Pa /var/run/ndc 1043into the 1044.Xr chroot 8 1045environment in which 1046.Xr named 8 1047is running. 1048This variable has no effect if 1049.Va named_rcng 1050is not enabled. 1051This variable is experimental. 1052It may be removed or changed in the near future. 1053.It Va kerberos5_server_enable 1054.Pq Vt bool 1055Set to 1056.Dq Li YES 1057to start a Kerberos 5 authentication server 1058at boot time. 1059.It Va kerberos5_server 1060.Pq Vt str 1061If 1062.Va kerberos5_server_enable 1063is set to 1064.Dq Li YES 1065this is the path to Kerberos 5 Authentication Server. 1066.It Va kadmind5_server_enable 1067.Pq Vt bool 1068Set to 1069.Dq Li YES 1070to start 1071.Xr kadmind 8 , 1072the Kerberos 5 Administration Daemon; set to 1073.Dq Li NO 1074on a slave server. 1075.It Va kadmind5_server 1076.Pq Vt str 1077If 1078.Va kadmind5_server_enable 1079is set to 1080.Dq Li YES 1081this is the path to Kerberos 5 Administration Daemon. 1082.It Va kpasswdd_server_enable 1083.Pq Vt bool 1084Set to 1085.Dq Li YES 1086to start 1087.Xr kpasswdd 8 , 1088the Kerberos 5 Password-Changing Daemon; set to 1089.Dq Li NO 1090on a slave server. 1091.It Va kpasswdd_server 1092.Pq Vt str 1093If 1094.Va kpasswdd_server_enable 1095is set to 1096.Dq Li YES 1097this is the path to Kerberos 5 Password-Changing Daemon. 1098.It Va rwhod_enable 1099.Pq Vt bool 1100If set to 1101.Dq Li YES , 1102run the 1103.Xr rwhod 8 1104daemon at boot time. 1105.It Va rwhod_flags 1106.Pq Vt str 1107If 1108.Va rwhod_enable 1109is set to 1110.Dq Li YES , 1111these are the flags to pass to it. 1112.It Va amd_enable 1113.Pq Vt bool 1114If set to 1115.Dq Li YES , 1116run the 1117.Xr amd 8 1118daemon at boot time. 1119.It Va amd_flags 1120.Pq Vt str 1121If 1122.Va amd_enable 1123is set to 1124.Dq Li YES , 1125these are the flags to pass to it. 1126See the 1127.Xr amd 8 1128manpage for more information. 1129.It Va amd_map_program 1130.Pq Vt str 1131If set, 1132the specified program is run to get the list of 1133.Xr amd 8 1134maps. 1135For example, if the 1136.Xr amd 8 1137maps are stored in NIS, one can set this to 1138run 1139.Xr ypcat 1 1140to get a list of 1141.Xr amd 8 1142maps from the 1143.Pa amd.master 1144NIS map. 1145.It Va update_motd 1146.Pq Vt bool 1147If set to 1148.Dq Li YES , 1149.Pa /etc/motd 1150will be updated at boot time to reflect the kernel release 1151being run. 1152If set to 1153.Dq Li NO , 1154.Pa /etc/motd 1155will not be updated. 1156.It Va nfs_client_enable 1157.Pq Vt bool 1158If set to 1159.Dq Li YES , 1160run the NFS client daemons at boot time. 1161.It Va nfs_access_cache 1162.Pq Vt int 1163If 1164.Va nfs_client_enable 1165is set to 1166.Dq Li YES , 1167this can be set to 1168.Dq Li 0 1169to disable NFS ACCESS RPC caching, or to the number of seconds for which 1170NFS ACCESS 1171results should be cached. 1172A value of 2-10 seconds will substantially reduce network traffic for 1173many NFS operations. The default is 5 seconds. Note that the attribute 1174cache holds stat information only. The NFS data cache is independant 1175of the attribute cache and is only invalidated when the client detects that 1176the server has modified the underlying file. This value specifies a 1177maximum timeout. The NFS client will automatically use a shorter timeout 1178for files which have been recently modified. 1179.It Va nfs_neg_cache 1180.Pq Vt int 1181If 1182.Va nfs_client_enable 1183is set to 1184.Dq Li YES , 1185this can be set to 1186.Dq Li 0 1187to disable the caching of NEGATIVE LOOKUPS (lookups of non-existant 1188filenames), or to the number of seconds for which negative lookups should 1189be cached. 1190A value of 2-10 seconds will substantially reduce network 1191traffic for many NFS operations, especially source code builds. The 1192default is 3 seconds. 1193.It Va nfs_server_enable 1194.Pq Vt bool 1195If set to 1196.Dq Li YES , 1197run the NFS server daemons at boot time. 1198.It Va nfs_server_flags 1199.Pq Vt str 1200If 1201.Va nfs_server_enable 1202is set to 1203.Dq Li YES , 1204these are the flags to pass to the 1205.Xr nfsd 8 1206daemon. 1207.It Va mountd_enable 1208.Pq Vt bool 1209If set to 1210.Dq Li YES , 1211and no 1212.Va nfs_server_enable 1213is set, start 1214.Xr mountd 8 , 1215but not 1216.Xr nfsd 8 1217daemon. 1218It is commonly needed to run CFS without real NFS used. 1219.It Va mountd_flags 1220.Pq Vt str 1221If 1222.Va mountd_enable 1223is set to 1224.Dq Li YES , 1225these are the flags to pass to the 1226.Xr mountd 8 1227daemon. 1228.It Va weak_mountd_authentication 1229.Pq Vt bool 1230If set to 1231.Dq Li YES , 1232allow services like PCNFSD to make non-privileged mount 1233requests. 1234.It Va nfs_reserved_port_only 1235.Pq Vt bool 1236If set to 1237.Dq Li YES , 1238provide NFS services only on a secure port. 1239.It Va nfs_bufpackets 1240.Pq Vt int 1241If set to a number, indicates the number of packets worth of 1242socket buffer space to reserve on an NFS client. 1243The kernel default is typically 4. 1244Using a higher number may be 1245useful on gigabit networks to improve performance. 1246The minimum value is 12472 and the maximum is 64. 1248.It Va rpc_umntall_enable 1249.Pq Vt bool 1250If set to 1251.Dq Li YES 1252(default) and we are also an NFS client, run 1253.Xr rpc.umntall 8 1254at boot time to clear out old mounts on remote servers. 1255If set to 1256.Dq Li NO 1257then 1258.Xr rpc.umntall 8 1259will not be run at boot time. 1260.It Va rpc_lockd_enable 1261.Pq Vt bool 1262If set to 1263.Dq Li YES 1264and also an NFS server, run 1265.Xr rpc.lockd 8 1266at boot time. 1267.It Va rpc_statd_enable 1268.Pq Vt bool 1269If set to 1270.Dq Li YES 1271and also an NFS server, run 1272.Xr rpc.statd 8 1273at boot time. 1274.It Va rpcbind_program 1275.Pq Vt str 1276Path to 1277.Xr rpcbind 8 1278(default 1279.Pa /usr/sbin/rpcbind ) . 1280.It Va rpcbind_enable 1281.Pq Vt bool 1282If set to 1283.Dq Li YES , 1284run the 1285.Xr rpcbind 8 1286service at boot time. 1287.It Va rpcbind_flags 1288.Pq Vt str 1289If 1290.Va rpcbind_enable 1291is set to 1292.Dq Li YES , 1293these are the flags to pass to the 1294.Xr rpcbind 8 1295daemon. 1296.It Va keyserv_enable 1297.Pq Vt bool 1298If set to 1299.Dq Li YES , 1300run the 1301.Xr keyserv 8 1302daemon on boot for running Secure RPC. 1303.It Va keyserv_flags 1304.Pq Vt str 1305If 1306.Va keyserv_enable 1307is set to 1308.Dq Li YES , 1309these are the flags to pass to 1310.Xr keyserv 8 1311daemon. 1312.It Va pppoed_enable 1313.Pq Vt bool 1314If set to 1315.Dq Li YES , 1316run the 1317.Xr pppoed 8 1318daemon at boot time to provide PPP over Ethernet services. 1319.It Va pppoed_ Ns Ar provider 1320.Pq Vt str 1321.Xr pppoed 8 1322listens to requests to this 1323.Ar provider 1324and ultimately runs 1325.Xr ppp 8 1326with a 1327.Ar system 1328argument of the same name. 1329.It Va pppoed_flags 1330.Pq Vt str 1331Additional flags to pass to 1332.Xr pppoed 8 . 1333.It Va pppoed_interface 1334.Pq Vt str 1335The network interface to run 1336.Xr pppoed 8 1337on. 1338This is mandatory when 1339.Va pppoed_enable 1340is set to 1341.Dq Li YES . 1342.It Va timed_enable 1343.Pq Vt bool 1344If set to 1345.Dq Li YES , 1346run the 1347.Xr timed 8 1348service at boot time. 1349This command is intended for networks of 1350machines where a consistent 1351.Dq "network time" 1352for all hosts must be established. 1353This is often useful in large NFS 1354environments where time stamps on files are expected to be consistent 1355network-wide. 1356.It Va timed_flags 1357.Pq Vt str 1358If 1359.Va timed_enable 1360is set to 1361.Dq Li YES , 1362these are the flags to pass to the 1363.Xr timed 8 1364service. 1365.It Va ntpd_enable 1366.Pq Vt bool 1367If set to 1368.Dq Li YES , 1369run the 1370.Xr ntpd 8 1371command at boot time. 1372.It Va ntpd_program 1373.Pq Vt str 1374Path to 1375.Xr ntpd 8 1376(default 1377.Pa /usr/sbin/ntpd ) . 1378.It Va ntpd_flags 1379.Pq Vt str 1380If 1381.Va ntpd_enable 1382is set to 1383.Dq Li YES , 1384these are the flags to pass to the 1385.Xr ntpd 8 1386daemon. Set to 1387.Dq Li -s 1388by default which sets the time immediately at startup if the 1389local clock is off by more than 180 seconds. To prevent 1390.Xr ntpd 8 1391from doing this, set 1392.Va ntpd_flags 1393to 1394.Dq Li -S . 1395.It Va nis_client_enable 1396.Pq Vt bool 1397If set to 1398.Dq Li YES , 1399run the 1400.Xr ypbind 8 1401service at system boot time. 1402.It Va nis_client_flags 1403.Pq Vt str 1404If 1405.Va nis_client_enable 1406is set to 1407.Dq Li YES , 1408these are the flags to pass to the 1409.Xr ypbind 8 1410service. 1411.It Va nis_ypset_enable 1412.Pq Vt bool 1413If set to 1414.Dq Li YES , 1415run the 1416.Xr ypset 8 1417daemon at system boot time. 1418.It Va nis_ypset_flags 1419.Pq Vt str 1420If 1421.Va nis_ypset_enable 1422is set to 1423.Dq Li YES , 1424these are the flags to pass to the 1425.Xr ypset 8 1426daemon. 1427.It Va nis_server_enable 1428.Pq Vt bool 1429If set to 1430.Dq Li YES , 1431run the 1432.Xr ypserv 8 1433daemon at system boot time. 1434.It Va nis_server_flags 1435.Pq Vt str 1436If 1437.Va nis_server_enable 1438is set to 1439.Dq Li YES , 1440these are the flags to pass to the 1441.Xr ypserv 8 1442daemon. 1443.It Va nis_ypxfrd_enable 1444.Pq Vt bool 1445If set to 1446.Dq Li YES , 1447run the 1448.Xr rpc.ypxfrd 8 1449daemon at system boot time. 1450.It Va nis_ypxfrd_flags 1451.Pq Vt str 1452If 1453.Va nis_ypxfrd_enable 1454is set to 1455.Dq Li YES , 1456these are the flags to pass to the 1457.Xr rpc.ypxfrd 8 1458daemon. 1459.It Va nis_yppasswdd_enable 1460.Pq Vt bool 1461If set to 1462.Dq Li YES , 1463run the 1464.Xr rpc.yppasswdd 8 1465daemon at system boot time. 1466.It Va nis_yppasswdd_flags 1467.Pq Vt str 1468If 1469.Va nis_yppasswdd_enable 1470is set to 1471.Dq Li YES , 1472these are the flags to pass to the 1473.Xr rpc.yppasswdd 8 1474daemon. 1475.It Va rpc_ypupdated_enable 1476.Pq Vt bool 1477If set to 1478.Dq Li YES , 1479run the 1480.Nm rpc.ypupdated 1481daemon at system boot time. 1482.It Va defaultrouter 1483.Pq Vt str 1484If not set to 1485.Dq Li NO , 1486create a default route to this host name or IP address 1487(use an IP address if this router is also required to get to the 1488name server!). 1489.It Va ipv6_defaultrouter 1490.Pq Vt str 1491The IPv6 equivalent of 1492.Va defaultrouter . 1493.It Va static_routes 1494.Pq Vt str 1495Set to the list of static routes that are to be added at system 1496boot time. 1497If not set to 1498.Dq Li NO 1499then for each whitespace separated 1500.Ar element 1501in the value, a 1502.Va route_ Ns Aq Ar element 1503variable is assumed to exist 1504whose contents will later be passed to a 1505.Dq Nm route Cm add 1506operation. 1507.It Va ipv6_static_routes 1508.Pq Vt str 1509The IPv6 equivalent of 1510.Va static_routes . 1511If not set to 1512.Dq Li NO 1513then for each whitespace separated 1514.Ar element 1515in the value, a 1516.Va ipv6_route_ Ns Aq Ar element 1517variable is assumed to exist 1518whose contents will later be passed to a 1519.Dq Nm route Cm add Fl inet6 1520operation. 1521.It Va gateway_enable 1522.Pq Vt bool 1523If set to 1524.Dq Li YES , 1525configure host to act as an IP router, e.g. to forward packets 1526between interfaces. 1527.It Va ipv6_gateway_enable 1528.Pq Vt bool 1529The IPv6 equivalent of 1530.Va gateway_enable . 1531.It Va router_enable 1532.Pq Vt bool 1533If set to 1534.Dq Li YES , 1535run a routing daemon of some sort, based on the 1536settings of 1537.Va router 1538and 1539.Va router_flags . 1540.It Va ipv6_router_enable 1541.Pq Vt bool 1542The IPv6 equivalent of 1543.Va router_enable . 1544If set to 1545.Dq Li YES , 1546run a routing daemon of some sort, based on the 1547settings of 1548.Va ipv6_router 1549and 1550.Va ipv6_router_flags . 1551.It Va router 1552.Pq Vt str 1553If 1554.Va router_enable 1555is set to 1556.Dq Li YES , 1557this is the name of the routing daemon to use. 1558.It Va ipv6_router 1559.Pq Vt str 1560The IPv6 equivalent of 1561.Va router . 1562.It Va router_flags 1563.Pq Vt str 1564If 1565.Va router_enable 1566is set to 1567.Dq Li YES , 1568these are the flags to pass to the routing daemon. 1569.It Va ipv6_router_flags 1570.Pq Vt str 1571The IPv6 equivalent of 1572.Va router_flags . 1573.It Va mrouted_enable 1574.Pq Vt bool 1575If set to 1576.Dq Li YES , 1577run the multicast routing daemon, 1578.Xr mrouted 8 . 1579.It Va mroute6d_enable 1580.Pq Vt bool 1581The IPv6 equivalent of 1582.Va mrouted_enable . 1583If set to 1584.Dq Li YES , 1585run the IPv6 multicast routing daemon. 1586Note that no IPv6 multicast routing daemon is included in the 1587.Dx 1588base system but 1589.Xr pim6dd 8 1590can be installed from the 1591.Fx 1592Ports Collection. 1593.It Va mrouted_flags 1594.Pq Vt str 1595If 1596.Va mrouted_enable 1597is set to 1598.Dq Li YES , 1599these are the flags to pass to the 1600.Xr mrouted 8 1601daemon. 1602.It Va mroute6d_flags 1603.Pq Vt str 1604The IPv6 equivalent of 1605.Va mrouted_flags . 1606If 1607.Va mroute6d_enable 1608is set to 1609.Dq Li YES , 1610these are the flags passed to the IPv6 multicast routing daemon. 1611.It Va mroute6d_program 1612.Pq Vt str 1613If 1614.Va mroute6d_enable 1615is set to 1616.Dq Li YES , 1617this is the path to the IPv6 multicast routing daemon. 1618.It Va rtadvd_enable 1619.Pq Vt bool 1620If set to 1621.Dq Li YES , 1622run the 1623.Xr rtadvd 8 1624daemon at boot time. 1625.Xr rtadvd 8 1626will only run if 1627.Va ipv6_gateway_enable 1628is also set to 1629.Dq Li YES . 1630The 1631.Xr rtadvd 8 1632utility sends router advertisement packets to the interfaces specified in 1633.Va rtadvd_interfaces . 1634.Xr rtadvd 8 1635and should only be enabled with great care. 1636You may want to fine-tune 1637.Xr rtadvd.conf 5 . 1638.It Va rtadvd_interfaces 1639.Pq Vt str 1640If 1641.Va rtadvd_enable 1642is set to 1643.Dq Li YES 1644this is the list of interfaces to use. 1645.It Va ipxgateway_enable 1646.Pq Vt bool 1647If set to 1648.Dq Li YES , 1649enable the routing of IPX traffic. 1650.It Va ipxrouted_enable 1651.Pq Vt bool 1652If set to 1653.Dq Li YES , 1654run the 1655.Xr IPXrouted 8 1656daemon at system boot time. 1657.It Va ipxrouted_flags 1658.Pq Vt str 1659If 1660.Va ipxrouted_enable 1661is set to 1662.Dq Li YES , 1663these are the flags to pass to the 1664.Xr IPXrouted 8 1665daemon. 1666.It Va arpproxy_all 1667.Pq Vt bool 1668If set to 1669.Dq Li YES , 1670enable global proxy ARP. 1671.It Va forward_sourceroute 1672.Pq Vt bool 1673If set to 1674.Dq Li YES 1675and 1676.Va gateway_enable 1677is also set to 1678.Dq Li YES , 1679source-routed packets are forwarded. 1680.It Va accept_sourceroute 1681.Pq Vt bool 1682If set to 1683.Dq Li YES , 1684the system will accept source-routed packets directed at it. 1685.It Va rarpd_enable 1686.Pq Vt bool 1687If set to 1688.Dq Li YES , 1689run the 1690.Xr rarpd 8 1691daemon at system boot time. 1692.It Va rarpd_flags 1693.Pq Vt str 1694If 1695.Va rarpd_enable 1696is set to 1697.Dq Li YES , 1698these are the flags to pass to the 1699.Xr rarpd 8 1700daemon. 1701.It Va bootparamd_enable 1702.Pq Vt bool 1703If set to 1704.Dq Li YES , 1705run the 1706.Xr bootparamd 8 1707daemon at system boot time. 1708.It Va bootparamd_flags 1709.Pq Vt str 1710If 1711.Va bootparamd_enable 1712is set to 1713.Dq Li YES , 1714these are the flags to pass to the 1715.Xr bootparamd 8 1716daemon. 1717.It Va stf_interface_ipv4addr 1718.Pq Vt str 1719If not set to 1720.Dq Li NO , 1721this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 1722interface). 1723Specify this entry to enable the 6to4 interface. 1724.It Va stf_interface_ipv4plen 1725.Pq Vt int 1726Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1727An effective value is 0-31. 1728.It Va stf_interface_ipv6_ifid 1729.Pq Vt str 1730IPv6 interface ID for 1731.Xr stf 4 . 1732This can be set to 1733.Dq Li AUTO . 1734.It Va stf_interface_ipv6_slaid 1735.Pq Vt str 1736IPv6 Site Level Aggregator for 1737.Xr stf 4 . 1738.It Va ipv6_faith_prefix 1739.Pq Vt str 1740If not set to 1741.Dq Li NO , 1742this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 1743translator. 1744You also need 1745.Xr faithd 8 1746setup. 1747.It Va ipv6_ipv4mapping 1748.Pq Vt bool 1749If set to 1750.Dq Li YES 1751this enables IPv4 mapped IPv6 address communication (like 1752.Li ::ffff:a.b.c.d ) . 1753.It Va atm_enable 1754.Pq Vt bool 1755Set to 1756.Dq Li YES 1757to enable the configuration of ATM interfaces at system boot time. 1758For all of the ATM variables described below, please refer to the 1759.Xr atm 8 1760man page for further details on the available command parameters. 1761Also refer to the files in 1762.Pa /usr/share/examples/atm 1763for more detailed configuration information. 1764.It Va atm_load 1765.Pq Vt str 1766This is a list of physical ATM interface drivers to load. Typical values are 1767.Dq Li hfa_pci 1768and/or 1769.Dq Li hea_pci . 1770.It Va atm_netif_ Ns Aq Ar intf 1771.Pq Vt str 1772For the ATM physical interface 1773.Ar intf , 1774this variable defines the name prefix and count for the ATM network 1775interfaces to be created. 1776The value will be passed as the parameters of an 1777.Dq Nm atm Cm "set netif" Ar intf 1778command. 1779.It Va atm_sigmgr_ Ns Aq Ar intf 1780.Pq Vt str 1781For the ATM physical interface 1782.Ar intf , 1783this variable defines the ATM signalling manager to be used. 1784The value will be passed as the parameters of an 1785.Dq Nm atm Cm attach Ar intf 1786command. 1787.It Va atm_prefix_ Ns Aq Ar intf 1788.Pq Vt str 1789For the ATM physical interface 1790.Ar intf , 1791this variable defines the NSAP prefix for interfaces using a UNI signalling 1792manager. 1793If set to 1794.Dq Li ILMI , 1795the prefix will automatically be set via the 1796.Xr ilmid 8 1797daemon. 1798Otherwise, the value will be passed as the parameters of an 1799.Dq Nm atm Cm "set prefix" Ar intf 1800command. 1801.It Va atm_macaddr_ Ns Aq Ar intf 1802.Pq Vt str 1803For the ATM physical interface 1804.Ar intf , 1805this variable defines the MAC address for interfaces using a UNI signalling 1806manager. 1807If set to 1808.Dq Li NO , 1809the hardware MAC address contained in the ATM interface card will be used. 1810Otherwise, the value will be passed as the parameters of an 1811.Dq Nm atm Cm "set mac" Ar intf 1812command. 1813.It Va atm_arpserver_ Ns Aq Ar netif 1814.Pq Vt str 1815For the ATM network interface 1816.Ar netif , 1817this variable defines the ATM address for a host which is to provide ATMARP 1818service. 1819This variable is only applicable to interfaces using a UNI signalling 1820manager. 1821If set to 1822.Dq Li local , 1823this host will become an ATMARP server. 1824The value will be passed as the parameters of an 1825.Dq Nm atm Cm "set arpserver" Ar netif 1826command. 1827.It Va atm_scsparp_ Ns Aq Ar netif 1828.Pq Vt bool 1829If set to 1830.Dq Li YES , 1831SCSP/ATMARP service for the network interface 1832.Ar netif 1833will be initiated using the 1834.Xr scspd 8 1835and 1836.Xr atmarpd 8 1837daemons. 1838This variable is only applicable if 1839.Va atm_arpserver_ Ns Aq Ar netif 1840is set to 1841.Dq Li local . 1842.It Va atm_pvcs 1843.Pq Vt str 1844Set to the list of ATM PVCs to be added at system 1845boot time. 1846For each whitespace separated 1847.Ar element 1848in the value, an 1849.Va atm_pvc_ Ns Aq Ar element 1850variable is assumed to exist. 1851The value of each of these variables 1852will be passed as the parameters of an 1853.Dq Nm atm Cm "add pvc" 1854command. 1855.It Va atm_arps 1856.Pq Vt str 1857Set to the list of permanent ATM ARP entries to be added 1858at system boot time. 1859For each whitespace separated 1860.Ar element 1861in the value, an 1862.Va atm_arp_ Ns Aq Ar element 1863variable is assumed to exist. 1864The value of each of these variables 1865will be passed as the parameters of an 1866.Dq Nm atm Cm "add arp" 1867command. 1868.It Va natm_interfaces 1869.Pq Vt str 1870Set to the list of 1871.Xr natm 4 1872interfaces that will also be used for HARP through 1873.Xr harp 4 . 1874If this list is not empty all interfaces in the list will be brought up 1875with 1876.Xr ifconfig 9 1877and 1878.Xr harp 4 1879will be loaded. 1880For this to work the interface drivers must be either compiled into the 1881kernel or must reside on the root partition. 1882.It Va keybell 1883.Pq Vt str 1884The keyboard bell sound. 1885Set to 1886.Dq Li normal , 1887.Dq Li visual , 1888.Dq Li off , 1889or 1890.Dq Li NO 1891if the default behavior is desired. 1892For details, refer to the 1893.Xr kbdcontrol 1 1894manpage. 1895.It Va keymap 1896.Pq Vt str 1897If set to 1898.Dq Li NO , 1899no keymap is installed, otherwise the value is used to install 1900the keymap file in 1901.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1902.It Va keyrate 1903.Pq Vt str 1904The keyboard repeat speed. 1905Set to 1906.Dq Li slow , 1907.Dq Li normal , 1908.Dq Li fast , 1909or 1910.Dq Li NO 1911if the default behavior is desired. 1912.It Va keychange 1913.Pq Vt str 1914If not set to 1915.Dq Li NO , 1916attempt to program the function keys with the value. 1917The value should 1918be a single string of the form: 1919.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 1920.It Va cursor 1921.Pq Vt str 1922Can be set to the value of 1923.Dq Li normal , 1924.Dq Li blink , 1925.Dq Li destructive , 1926or 1927.Dq Li NO 1928to set the cursor behavior explicitly or choose the default behavior. 1929.It Va scrnmap 1930.Pq Vt str 1931If set to 1932.Dq Li NO , 1933no screen map is installed, otherwise the value is used to install 1934the screen map file in 1935.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 1936.It Va font8x16 1937.Pq Vt str 1938If set to 1939.Dq Li NO , 1940the default 8x16 font value is used for screen size requests, otherwise 1941the value in 1942.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1943is used. 1944.It Va font8x14 1945.Pq Vt str 1946If set to 1947.Dq Li NO , 1948the default 8x14 font value is used for screen size requests, otherwise 1949the value in 1950.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1951is used. 1952.It Va font8x8 1953.Pq Vt str 1954If set to 1955.Dq Li NO , 1956the default 8x8 font value is used for screen size requests, otherwise 1957the value in 1958.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1959is used. 1960.It Va blanktime 1961.Pq Vt int 1962If set to 1963.Dq Li NO , 1964the default screen blanking interval is used, otherwise it is set 1965to 1966.Ar value 1967seconds. 1968.It Va saver 1969.Pq Vt str 1970If not set to 1971.Dq Li NO , 1972this is the actual screen saver to use 1973.Li ( blank , snake , daemon , 1974etc). 1975.It Va moused_enable 1976.Pq Vt str 1977If set to 1978.Dq Li YES , 1979the 1980.Xr moused 8 1981daemon is started for doing cut/paste selection on the console. 1982.It Va moused_type 1983.Pq Vt str 1984This is the protocol type of the mouse connected to this host. 1985This variable must be set if 1986.Va moused_enable 1987is set to 1988.Dq Li YES . 1989The 1990.Xr moused 8 1991daemon 1992is able to detect the appropriate mouse type automatically in many cases. 1993Set this variable to 1994.Dq Li auto 1995to let the daemon detect it, or 1996select one from the following list if the automatic detection fails. 1997.Pp 1998If the mouse is attached to the PS/2 mouse port, choose 1999.Dq Li auto 2000or 2001.Dq Li ps/2 , 2002regardless of the brand and model of the mouse. 2003Likewise, if the 2004mouse is attached to the bus mouse port, choose 2005.Dq Li auto 2006or 2007.Dq Li busmouse . 2008All other protocols are for serial mice and will not work with 2009the PS/2 and bus mice. 2010If this is a USB mouse, 2011.Dq Li auto 2012is the only protocol type which will work. 2013.Pp 2014.Bl -tag -width ".Li x10mouseremote" -compact 2015.It Li microsoft 2016Microsoft mouse (serial) 2017.It Li intellimouse 2018Microsoft IntelliMouse (serial) 2019.It Li mousesystems 2020Mouse systems Corp. mouse (serial) 2021.It Li mmseries 2022MM Series mouse (serial) 2023.It Li logitech 2024Logitech mouse (serial) 2025.It Li busmouse 2026A bus mouse 2027.It Li mouseman 2028Logitech MouseMan and TrackMan (serial) 2029.It Li glidepoint 2030ALPS GlidePoint (serial) 2031.It Li thinkingmouse 2032Kensington ThinkingMouse (serial) 2033.It Li ps/2 2034PS/2 mouse 2035.It Li mmhittab 2036MM HitTablet (serial) 2037.It Li x10mouseremote 2038X10 MouseRemote (serial) 2039.It Li versapad 2040Interlink VersaPad (serial) 2041.El 2042.Pp 2043Even if the mouse is not in the above list, it may be compatible 2044with one in the list. 2045Refer to the man page for 2046.Xr moused 8 2047for compatibility information. 2048.Pp 2049It should also be noted that while this is enabled, any 2050other client of the mouse (such as an X server) should access 2051the mouse through the virtual mouse device, 2052.Pa /dev/sysmouse , 2053and configure it as a 2054.Dq Li sysmouse 2055type mouse, since all 2056mouse data is converted to this single canonical format when 2057using 2058.Xr moused 8 . 2059If the client program does not support the 2060.Dq Li sysmouse 2061type, 2062specify the 2063.Dq Li mousesystems 2064type. 2065It is the second preferred type. 2066.It Va moused_port 2067.Pq Vt str 2068If 2069.Va moused_enable 2070is set to 2071.Dq Li YES , 2072this is the actual port the mouse is on. 2073It might be 2074.Pa /dev/cuaa0 2075for a COM1 serial mouse, 2076.Pa /dev/psm0 2077for a PS/2 mouse or 2078.Pa /dev/mse0 2079for a bus mouse, for example. 2080.It Va moused_flags 2081.Pq Vt str 2082If 2083.Va moused_type 2084is set, these are the additional flags to pass to the 2085.Xr moused 8 2086daemon. 2087.It Va mousechar_start 2088.Pq Vt int 2089If set to 2090.Dq Li NO , 2091the default mouse cursor character range 2092.Li 0xd0 Ns - Ns Li 0xd3 2093is used, 2094otherwise the range start is set 2095to 2096.Ar value 2097character, see 2098.Xr vidcontrol 1 . 2099Use if the default range is occupied in the language code table. 2100.It Va allscreens_flags 2101.Pq Vt str 2102If set, 2103.Xr vidcontrol 1 2104is run with these options for each of the virtual terminals 2105.Pq Pa /dev/ttyv* . 2106For example, 2107.Dq Fl m Cm on 2108will enable the mouse pointer on all virtual terminals 2109if 2110.Va moused_enable 2111is set to 2112.Dq Li YES . 2113.It Va allscreens_kbdflags 2114.Pq Vt str 2115If set, 2116.Xr kbdcontrol 1 2117is run with these options for each of the virtual terminals 2118.Pq Pa /dev/ttyv* . 2119For example, 2120.Dq Fl h Li 200 2121will set the 2122.Xr syscons 4 2123scrollback (history) buffer to 200 lines. 2124.It Va cron_enable 2125.Pq Vt bool 2126If set to 2127.Dq Li YES , 2128run the 2129.Xr cron 8 2130daemon at system boot time. 2131.It Va cron_program 2132.Pq Vt str 2133Path to 2134.Xr cron 8 2135(default 2136.Pa /usr/sbin/cron ) . 2137.It Va cron_flags 2138.Pq Vt str 2139If 2140.Va cron_enable 2141is set to 2142.Dq Li YES , 2143these are the flags to pass to 2144.Xr cron 8 . 2145.It Va lpd_program 2146.Pq Vt str 2147Path to 2148.Xr lpd 8 2149(default 2150.Pa /usr/sbin/lpd ) . 2151.It Va lpd_enable 2152.Pq Vt bool 2153If set to 2154.Dq Li YES , 2155run the 2156.Xr lpd 8 2157daemon at system boot time. 2158.It Va lpd_flags 2159.Pq Vt str 2160If 2161.Va lpd_enable 2162is set to 2163.Dq Li YES , 2164these are the flags to pass to the 2165.Xr lpd 8 2166daemon. 2167.It Va mta_start_script 2168.Pq Vt str 2169This variable specifies the full path to the script to run to start 2170a mail transfer agent. 2171The default is 2172.Pa /etc/rc.sendmail . 2173The 2174.Va sendmail_* 2175variables which 2176.Pa /etc/rc.sendmail 2177uses are documented in the 2178.Xr rc.sendmail 8 2179man page. 2180.It Va dumpdev 2181.Pq Vt str 2182Indicates the device (usually a swap partition) to which a crash dump 2183should be written in the event of a system crash. 2184The value of this variable is passed as the argument to 2185.Xr dumpon 8 . 2186To disable crash dumps, set this variable to 2187.Dq Li NO . 2188.It Va dumpdir 2189.Pq Vt str 2190When the system reboots after a crash and a crash dump is found on the 2191device specified by the 2192.Va dumpdev 2193variable, 2194.Xr savecore 8 2195will save that crash dump and a copy of the kernel to the directory 2196specified by the 2197.Va dumpdir 2198variable. 2199The default value is 2200.Pa /var/crash . 2201Set to 2202.Dq Li NO 2203to not run 2204.Xr savecore 8 2205at boot time when 2206.Va dumpdir 2207is set. 2208.It Va savecore_flags 2209.Pq Vt str 2210If crash dumps are enabled, these are the flags to pass to the 2211.Xr savecore 8 2212utility. 2213.It Va enable_quotas 2214.Pq Vt bool 2215Set to 2216.Dq Li YES 2217to turn on user disk quotas on system startup via the 2218.Xr quotaon 8 2219command. 2220.It Va check_quotas 2221.Pq Vt bool 2222Set to 2223.Dq Li YES 2224to enable user disk quota checking via the 2225.Xr quotacheck 8 2226command. 2227.It Va accounting_enable 2228.Pq Vt bool 2229Set to 2230.Dq Li YES 2231to enable system accounting through the 2232.Xr accton 8 2233facility. 2234.It Va ibcs2_enable 2235.Pq Vt bool 2236Set to 2237.Dq Li YES 2238to enable iBCS2 (SCO) binary emulation at system initial boot 2239time. 2240.It Va ibcs2_loaders 2241.Pq Vt str 2242If not set to 2243.Dq Li NO 2244and if 2245.Va ibcs2_enable 2246is set to 2247.Dq Li YES , 2248this specifies a list of additional iBCS2 loaders to enable. 2249.It Va linux_enable 2250.Pq Vt bool 2251Set to 2252.Dq Li YES 2253to enable Linux/ELF binary emulation at system initial 2254boot time. 2255.It Va osf1_enable 2256.Pq Vt bool 2257Set to 2258.Dq Li YES 2259to enable OSF/1 (Digital UNIX) binary emulation at system 2260initial boot time. 2261(alpha) 2262.It Va svr4_enable 2263.Pq Vt bool 2264If set to 2265.Dq Li YES , 2266enable SysVR4 emulation at boot time. 2267.It Va sysvipc_enable 2268.Pq Vt bool 2269If set to 2270.Dq Li YES , 2271load System V IPC primitives at boot time. 2272.It Va clear_tmp_enable 2273.Pq Vt bool 2274Set to 2275.Dq Li YES 2276to have 2277.Pa /tmp 2278cleaned at startup. 2279.It Va ldconfig_paths 2280.Pq Vt str 2281Set to the list of shared library paths to use with 2282.Xr ldconfig 8 . 2283NOTE: 2284.Pa /usr/lib 2285will always be added first, so it need not appear in this list. 2286.It Va ldconfig_paths_aout 2287.Pq Vt str 2288Set to the list of shared library paths to use with 2289.Xr ldconfig 8 2290legacy 2291.Xr a.out 5 2292support. 2293.It Va ldconfig_insecure 2294.Pq Vt bool 2295The 2296.Xr ldconfig 8 2297utility normally refuses to use directories 2298which are writable by anyone except root. 2299Set this variable to 2300.Dq Li YES 2301to disable that security check during system startup. 2302.It Va kern_securelevel_enable 2303.Pq Vt bool 2304Set to 2305.Dq Li YES 2306to set the kernel security level at system startup. 2307.It Va kern_securelevel 2308.Pq Vt int 2309The kernel security level to set at startup. 2310The allowed range of 2311.Ar value 2312ranges from \-1 (the compile time default) to 3 (the 2313most secure). 2314See 2315.Xr init 8 2316for the list of possible security levels and their effect 2317on system operation. 2318.It Va lomac_enable 2319.Pq Vt bool 2320Set to 2321.Dq Li YES 2322to enable Low Watermark Mandatory Access Control (LOMAC) at boot time. 2323This security model enforces integrity constraints for system processes; 2324see 2325.Xr lomac 4 2326for a complete description of the LOMAC model, as well as its impact 2327on system operation. 2328.It Va start_vinum 2329.Pq Vt bool 2330Set to 2331.Dq Li YES 2332to start 2333.Xr vinum 8 2334at system boot time. 2335.It Va sshd_program 2336.Pq Vt str 2337Path to the SSH server program 2338.Pa ( /usr/sbin/sshd 2339is the default). 2340.It Va sshd_enable 2341.Pq Vt bool 2342Set to 2343.Dq Li YES 2344to start 2345.Xr sshd 8 2346at system boot time. 2347.It Va sshd_flags 2348.Pq Vt str 2349If 2350.Va sshd_enable 2351is set to 2352.Dq Li YES , 2353these are the flags to pass to the 2354.Xr sshd 8 2355daemon. 2356.It Va usbd_enable 2357.Pq Vt bool 2358If set to 2359.Dq Li YES , 2360run the 2361.Xr usbd 8 2362daemon at boot time. 2363.It Va usbd_flags 2364.Pq Vt str 2365If 2366.Va usbd_enable 2367is set to 2368.Dq Li YES , 2369these are the flags passed to 2370.Xr usbd 8 2371daemon. 2372.It Va watchdogd_enable 2373.Pq Vt bool 2374If set to 2375.Dq Li YES , 2376start the 2377.Xr watchdogd 8 2378daemon at boot time. 2379This requires that the kernel have been compiled with 2380.Cd "options WATCHDOG" . 2381.It Va jail_enable 2382.Pq Vt bool 2383If set to 2384.Dq Li NO , 2385any configured jails will not be started. 2386.It Va jail_list 2387.Pq Vt str 2388A space separated list of names for jails. 2389This is purely a configuration aid to help identify and 2390configure multiple jails. 2391The names specified in this list will be used to 2392identify settings common to an instance of a jail. 2393Assuming that the jail in question was named 2394.Li vjail , 2395you would have the following dependant variables: 2396.Bd -literal 2397jail_vjail_hostname="jail.example.com" 2398jail_vjail_ip="192.168.1.100" 2399jail_vjail_rootdir="/var/jails/vjail/root" 2400jail_vjail_exec="/bin/sh /etc/rc" 2401.Ed 2402.Pp 2403The last one is optional. 2404It defaults to 2405.Pa /etc/rc 2406if it is not set. 2407.It Va jail_set_hostname_allow 2408.Pq Vt bool 2409If set to 2410.Dq Li NO , 2411do not allow the root user in a jail to set its hostname. 2412.It Va jail_socket_unixiproute_only 2413.Pq Vt bool 2414If set to 2415.Dq Li NO , 2416do not allow any protocol, 2417besides TCP/IP, 2418to be used within a jail. 2419.It Va jail_sysvipc_allow 2420.Pq Vt bool 2421If set to 2422.Dq Li YES , 2423allow applications within a jail to use System V IPC. 2424.It Va unaligned_print 2425.Pq Vt bool 2426If set to 2427.Dq Li NO , 2428unaligned access warnings will not be printed. 2429(alpha) 2430.\" ----- isdn settings --------------------------------- 2431.It Va isdn_enable 2432.Pq Vt bool 2433Set to 2434.Dq Li NO 2435by default. 2436When set to 2437.Dq Li YES , 2438starts the 2439.Xr isdnd 8 2440daemon 2441at system boot time. 2442.It Va isdn_flags 2443.Pq Vt str 2444Set to 2445.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2446by default. 2447Additional flags to pass to 2448.Xr isdnd 8 2449(but see 2450.Va isdn_fsdev 2451and 2452.Va isdn_ttype 2453for certain tunable parameters). 2454.It Va isdn_ttype 2455.Pq Vt str 2456Set to 2457.Dq Li cons25 2458by default. 2459The terminal type of the output device when 2460.Xr isdnd 8 2461operates in full-screen mode. 2462.It Va isdn_screenflags 2463.Pq Vt str 2464Set to 2465.Dq Li NO 2466by default. 2467The video mode for full-screen mode (only for 2468.Xr syscons 4 2469console driver, see 2470.Xr vidcontrol 1 2471for valid modes). 2472.It Va isdn_fsdev 2473.Pq Vt str 2474Set to 2475.Dq Li NO 2476by default. 2477The output device for 2478.Xr isdnd 8 2479in full-screen mode (or 2480.Dq Li NO 2481for daemon mode). 2482.It Va isdn_trace 2483.Pq Vt bool 2484Set to 2485.Dq Li NO 2486by default. 2487When set to 2488.Dq Li YES , 2489enables the ISDN protocol trace utility 2490.Xr isdntrace 8 2491at system boot time. 2492.It Va isdn_traceflags 2493.Pq Vt str 2494Set to 2495.Dq Fl f Pa /var/tmp/isdntrace0 2496by default. 2497Flags for 2498.Xr isdntrace 8 . 2499.\" ----------------------------------------------------- 2500.It Va pcvt_verbose 2501.Pq Vt bool 2502Set to 2503.Dq Li NO 2504by default. 2505When set to 2506.Dq Li YES , 2507verbose messages about the actions done by the start script are displayed. 2508.Em Note : 2509the 2510.Xr pcvt 4 2511driver must be compiled into the kernel before the 2512.Xr pcvt 4 2513related 2514options described here take any effect. 2515.It Va pcvt_keymap 2516.Pq Vt str 2517Set to 2518.Dq Li NO 2519by default. 2520Use this to configure a national keyboard mapping found in the 2521.Pa /usr/share/misc/keycap.pcvt 2522file of keyboard mappings. 2523(See also the manual pages 2524.Xr keycap 5 2525and 2526.Xr keycap 3 2527for usage of 2528.Xr pcvt 4 Ns 's 2529keycap database and the manual page 2530.Xr kcon 1 2531option 2532.Fl m 2533for national keyboard mapping configuration.) 2534.It Va pcvt_keydel 2535.Pq Vt int 2536Set to 2537.Dq Li NO 2538by default. 2539Used to set the keyboard key repeat delay value. 2540Valid values are 2541in the range 0..3 for delay values of 250, 500, 750 and 1000 msec. 2542(See also the 2543.Xr kcon 1 2544manual page.) 2545.It Va pcvt_keyrate 2546.Pq Vt int 2547Set to 2548.Dq Li NO 2549by default. 2550Used to set the keyboard key repetition rate value. 2551Valid values are 2552in the range 0..31 for repetition values of 2..30 characters per second. 2553.It Va pcvt_keyrepeat 2554.Pq Vt bool 2555Set to 2556.Dq Li NO 2557by default. 2558Set to 2559.Dq Li YES 2560to enable automatic keyboard key repeating. 2561.It Va pcvt_force24 2562.Pq Vt bool 2563Set to 2564.Dq Li NO 2565by default. 2566Set to 2567.Dq Li YES 2568to force 2569.Xr pcvt 4 2570to use 24 lines only (in 25 lines mode) for compatibility 2571with the original 2572.Tn VT220 2573terminal. 2574.It Va pcvt_hpext 2575.Pq Vt bool 2576Set to 2577.Dq Li NO 2578by default. 2579Set to 2580.Dq Li YES 2581to enable the display and functionality of function key labels (as found 2582on 2583.Tn Hewlett-Packard 2584terminals such as the 2585.Tn HP2392A 2586and the 2587.Tn HP700/92 2588in 2589.Tn ANSI 2590mode). 2591.It Va pcvt_lines 2592.Pq Vt int 2593Set to 2594.Dq Li NO 2595by default resulting in a value of 25. 2596Used to set the number of lines on the screen. 2597For VGA displays, valid 2598values are 25, 28, 40 and 50 lines. 2599(See also the 2600.Xr scon 1 2601manual page.) 2602.It Va pcvt_blanktime 2603.Pq Vt int 2604Set to 2605.Dq Li NO 2606by default. 2607Used to set the screen saver timeout in seconds for values greater than 2608zero. 2609.It Va pcvt_cursorh 2610.Pq Vt int 2611Set to 2612.Dq Li NO 2613by default. 2614Used to set the cursor top scanline. 2615(See also the 2616.Xr cursor 1 2617manual page.) 2618.It Va pcvt_cursorl 2619.Pq Vt int 2620Set to 2621.Dq Li NO 2622by default. 2623Used to set the cursor bottom scanline. 2624.It Va pcvt_monohigh 2625.Pq Vt bool 2626Set to 2627.Dq Li NO 2628by default. 2629Set to 2630.Dq Li YES 2631to set intensity to high on monochrome monitors. 2632(See also the 2633.Xr scon 1 2634manual page, option 2635.Fl p , 2636for more information on changing VGA palette 2637values.) 2638.It Va harvest_interrupt 2639.Pq Vt bool 2640Set to 2641.Dq Li YES 2642to use hardware interrupts as an entropy source. 2643Refer to 2644.Xr random 4 2645for more information. 2646.It Va harvest_ethernet 2647.Pq Vt bool 2648Set to 2649.Dq Li YES 2650to use LAN traffic as an entropy source. 2651Refer to 2652.Xr random 4 2653for more information. 2654.It Va harvest_p_to_p 2655.Pq Vt bool 2656Set to 2657.Dq Li YES 2658to use serial line traffic as an entropy source. 2659Refer to 2660.Xr random 4 2661for more information. 2662.It Va entropy_dir 2663.Pq Vt str 2664Set to 2665.Dq Li NO 2666to disable caching entropy via 2667.Xr cron 8 . 2668Otherwise set to the directory used to store entropy files in. 2669.It Va entropy_file 2670.Pq Vt str 2671Set to 2672.Dq Li NO 2673to disable caching entropy through reboots. 2674Otherwise set to the filename used to store cached entropy through 2675reboots. 2676This file should be located on the root file system to seed the 2677.Xr random 4 2678device as early as possible in the boot process. 2679.It Va entropy_save_sz 2680.Pq Vt int 2681Size of the entropy cache files saved by 2682.Nm save-entropy 2683periodically. 2684.It Va entropy_save_num 2685.Pq Vt int 2686Number of entropy cache files to save by 2687.Nm save-entropy 2688periodically. 2689.It Va ipsec_enable 2690.Pq Vt bool 2691Set to 2692.Dq Li YES 2693to run 2694.Xr setkey 8 2695on 2696.Va ipsec_file 2697at boot time. 2698.It Va ipsec_file 2699.Pq Vt str 2700Configuration file for 2701.Xr setkey 8 . 2702.It Va dmesg_enable 2703.Pq Vt bool 2704Set to 2705.Dq Li YES 2706to save 2707.Xr dmesg 8 2708to 2709.Pa /var/run/dmesg.boot 2710on boot. 2711.It Va rcshutdown_timeout 2712.Pq Vt int 2713If set, start a watchdog timer in the background which will terminate 2714.Pa rc.shutdown 2715if 2716.Xr shutdown 8 2717has not completed within the specified time (in seconds). 2718.El 2719.Sh FILES 2720.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 2721.It Pa /etc/defaults/rc.conf 2722.It Pa /etc/rc.conf 2723.It Pa /etc/rc.conf.local 2724.El 2725.Sh SEE ALSO 2726.Xr catman 1 , 2727.Xr gdb 1 , 2728.Xr info 1 , 2729.Xr kbdcontrol 1 , 2730.Xr makewhatis 8 , 2731.Xr vidcontrol 1 , 2732.Xr ip 4 , 2733.Xr kld 4 , 2734.Xr tcp 4 , 2735.Xr udp 4 , 2736.Xr exports 5 , 2737.Xr motd 5 , 2738.Xr accton 8 , 2739.Xr amd 8 , 2740.Xr apm 8 , 2741.Xr atm 8 , 2742.Xr cron 8 , 2743.Xr dhclient 8 , 2744.Xr ifconfig 8 , 2745.Xr inetd 8 , 2746.Xr isdnd 8 , 2747.Xr isdntrace 8 , 2748.Xr kldxref 8 , 2749.Xr lpd 8 , 2750.Xr mdconfig 8 , 2751.Xr mountd 8 , 2752.Xr moused 8 , 2753.Xr mrouted 8 , 2754.Xr named 8 , 2755.Xr nfsd 8 , 2756.Xr ntpd 8 , 2757.Xr pcnfsd 8 , 2758.Xr quotacheck 8 , 2759.Xr quotaon 8 , 2760.Xr rc 8 , 2761.Xr rc.sendmail 8 , 2762.Xr route 8 , 2763.Xr routed 8 , 2764.Xr rpc.lockd 8 , 2765.Xr rpc.statd 8 , 2766.Xr rpcbind 8 , 2767.Xr rwhod 8 , 2768.Xr savecore 8 , 2769.Xr sshd 8 , 2770.Xr swapon 8 , 2771.Xr sysctl 8 , 2772.Xr syslogd 8 , 2773.Xr timed 8 , 2774.Xr usbd 8 , 2775.Xr vinum 8 , 2776.Xr yp 8 , 2777.Xr ypbind 8 , 2778.Xr ypserv 8 , 2779.Xr ypset 8 2780.Sh HISTORY 2781The 2782.Nm 2783file appeared in 2784.Fx 2.2.2 . 2785.Sh AUTHORS 2786.An Jordan K. Hubbard . 2787