1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" $DragonFly: src/share/man/man5/rc.conf.5,v 1.9 2005/02/17 22:44:39 liamfoy Exp $ 27.Dd March 3, 2002 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67See the 68.Va rc_conf_files 69variable below. 70.Pp 71The following list provides a name and short description for each 72variable that can be set in the 73.Nm 74file: 75.Bl -tag -width indent-two 76.It Va rc_debug 77.Pq Vt bool 78If set to 79.Dq Li YES , 80enable output of debug messages from rc scripts. 81This variable can be helpful in diagnosing mistakes when 82editing or integrating new scripts. 83Beware that this produces copious output to the terminal and 84.Xr syslog 3 . 85.It Va rc_info 86.Pq Vt bool 87If set to 88.Dq Li NO , 89disable informational messages from the rc scripts. 90Informational messages are displayed when 91a condition that is not serious enough to warrant a warning or 92an error occurs. 93.It Va swapfile 94.Pq Vt str 95If set to 96.Dq Li NO , 97no swapfile is installed, otherwise the value is used as the full 98pathname to a file to use for additional swap space. 99.It Va apm_enable 100.Pq Vt bool 101If set to 102.Dq Li YES , 103enable support for Automatic Power Management with 104the 105.Xr apm 8 106command. 107.It Va apmd_enable 108.Pq Vt bool 109Run 110.Xr apmd 8 111to handle APM event from userland. 112This also enables support for APM. 113.It Va apmd_flags 114.Pq Vt str 115If 116.Va apmd_enable 117is set to 118.Dq Li YES , 119these are the flags to pass to the 120.Xr apmd 8 121daemon. 122.It Va battd_enable 123Enable 124.Xr battd 1 125to monitor the status of batteries present in the system. 126This also enables support for APM. 127.It Va battd_flags 128.Pq Vt str 129If 130.Va battd_enable 131is set to 132.Dq Li YES , 133these are the flags to pass to the 134.Xr battd 1 135daemon. 136.It Va devd_enable 137.Pq Vt bool 138Run 139.Xr devd 8 140to handle device added, removed or unknown events from the kernel. 141.It Va pccard_enable 142.Pq Vt bool 143If set to 144.Dq Li YES , 145enable PCCARD support at boot time. 146.It Va pccard_mem 147.Pq Vt str 148Set to PCCARD controller memory address or 149.Dq Li DEFAULT 150for the default value. 151.It Va pccard_ifconfig 152.Pq Vt str 153List of arguments to be passed to 154.Xr ifconfig 8 155at boot time or on 156insertion of the card (e.g.\& 157.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 158for a fixed address or 159.Dq Li DHCP 160for a DHCP client). 161.It Va pccard_beep 162.Pq Vt int 163If 0, 164set the PCCARD controller to silent mode. 165If 1, 166set it to beep mode. 167If 2, 168set it to melody mode. 169.It Va pccard_conf 170.Pq Vt str 171Path to the configuration file for the 172.Xr pccardd 8 173daemon (e.g.\& 174.Pa /etc/pccard.conf.sample ) . 175.It Va pccardd_flags 176.Pq Vt str 177If 178.Va pccard_enable 179is set to 180.Dq Li YES , 181these are the flags to pass to the 182.Xr pccardd 8 183daemon. 184.It Va pccard_ether_delay 185.Pq Vt str 186Set the delay before starting 187.Xr dhclient 8 188in the 189.Pa /etc/pccard_ether 190script. 191This defaults to 5 seconds to work around a bug in the 192.Xr ed 4 193driver which can lead to system hangs when using some newer 194.Xr ed 4 195based cards. 196.It Va removable_interfaces 197.Pq Vt str 198List of removable network interfaces to be supported by 199.Pa /etc/pccard_ether . 200.It Va local_startup 201.Pq Vt str 202List of directories to search for startup script files. 203.It Va script_name_sep 204.Pq Vt str 205The field separator to use for breaking down the list of startup script files 206into individual filenames. 207The default is a space. 208It is not necessary to change this unless there are startup scripts with names 209containing spaces. 210.It Va hostname 211.Pq Vt str 212The fully qualified domain name (FQDN) of this host on the network. 213This should almost certainly be set to something meaningful, even if 214there is no network connection. 215If 216.Xr dhclient 8 217is used to set the hostname via DHCP, 218this variable should be set to an empty string. 219.It Va ipv6_enable 220.Pq Vt bool 221Enable support for IPv6 networking. 222Note that this requires that the kernel have been compiled with 223.Cd "options INET6" . 224.It Va nisdomainname 225.Pq Vt str 226The NIS domain name of this host, or 227.Dq Li NO 228if NIS is not used. 229.It Va dhclient_program 230.Pq Vt str 231Path to the DHCP client program 232.Pa ( /sbin/dhclient , 233the ISC DHCP client, 234is the default). 235.It Va dhclient_flags 236.Pq Vt str 237Additional flags to pass to the DHCP client program. 238For the ISC DHCP client, see the 239.Xr dhclient 8 240manpage for a description of the command line options available. 241.It Va background_dhclient 242.Pq Vt bool 243Set to 244.Dq Li YES 245to start the dhcp client in background. 246This can cause trouble with applications depending on 247a working network, but it will provide a faster startup 248in many cases. 249.It Va firewall_enable 250.Pq Vt bool 251Set to 252.Dq Li YES 253to load firewall rules at startup. 254If the kernel was not built with 255.Cd "options IPFIREWALL" , 256the 257.Pa ipfw.ko 258kernel module will be loaded. 259See also 260.Va ipfilter_enable . 261.It Va ipv6_firewall_enable 262.Pq Vt bool 263The IPv6 equivalent of 264.Va firewall_enable . 265Set to 266.Dq Li YES 267to load IPv6 firewall rules at startup. 268If the kernel was not built with 269.Cd "options IPV6FIREWALL" , 270the 271.Pa ip6fw.ko 272kernel module will be loaded. 273.It Va firewall_script 274.Pq Vt str 275This variable specifies the full path to the firewall script to run. 276The default is 277.Pa /etc/rc.firewall . 278.It Va ipv6_firewall_script 279.Pq Vt str 280The IPv6 equivalent of 281.Va firewall_script . 282.It Va firewall_type 283.Pq Vt str 284Names the firewall type from the selection in 285.Pa /etc/rc.firewall , 286or the file which contains the local firewall ruleset. 287Valid selections from 288.Pa /etc/rc.firewall 289are: 290.Pp 291.Bl -tag -width ".Li simple" -compact 292.It Li open 293unrestricted IP access 294.It Li closed 295all IP services disabled, except via 296.Dq Li lo0 297.It Li client 298basic protection for a workstation 299.It Li simple 300basic protection for a LAN. 301.El 302.Pp 303If a filename is specified, the full path 304must be given. 305.It Va ipv6_firewall_type 306.Pq Vt str 307The IPv6 equivalent of 308.Va firewall_type . 309.It Va firewall_quiet 310.Pq Vt bool 311Set to 312.Dq Li YES 313to disable the display of firewall rules on the console during boot. 314.It Va ipv6_firewall_quiet 315.Pq Vt bool 316The IPv6 equivalent of 317.Va firewall_quiet . 318.It Va firewall_logging 319.Pq Vt bool 320Set to 321.Dq Li YES 322to enable firewall event logging. 323This is equivalent to the 324.Dv IPFIREWALL_VERBOSE 325kernel option. 326.It Va ipv6_firewall_logging 327.Pq Vt bool 328The IPv6 equivalent of 329.Va firewall_logging . 330.It Va firewall_flags 331.Pq Vt str 332Flags passed to 333.Xr ipfw 8 334if 335.Va firewall_type 336specifies a filename. 337.It Va ipv6_firewall_flags 338.Pq Vt str 339The IPv6 equivalent of 340.Va firewall_flags . 341.It Va natd_program 342.Pq Vt str 343Path to 344.Xr natd 8 . 345.It Va natd_enable 346.Pq Vt bool 347Set to 348.Dq Li YES 349to enable 350.Xr natd 8 . 351.Va firewall_enable 352must also be set to 353.Dq Li YES , 354and 355.Xr divert 4 356sockets must be enabled in the kernel. 357.It Va natd_interface 358.Pq Vt str 359This is the name of the public interface on which 360.Xr natd 8 361should run. 362The interface may be given as an interface name or as an IP address. 363.It Va natd_flags 364.Pq Vt str 365Additional 366.Xr natd 8 367flags should be placed here. 368The 369.Fl n 370or 371.Fl a 372flag is automatically added with the above 373.Va natd_interface 374as an argument. 375.\" ----- ipfilter_enable setting -------------------------------- 376.It Va ipfilter_enable 377.Pq Vt bool 378Set to 379.Dq Li NO 380by default. 381Setting this to 382.Dq Li YES 383enables 384.Xr ipf 8 385packet filtering. 386.Pp 387Typical usage will require putting 388.Bd -literal 389ipfilter_enable="YES" 390ipnat_enable="YES" 391ipmon_enable="YES" 392ipfs_enable="YES" 393.Ed 394.Pp 395into 396.Pa /etc/rc.conf 397and editing 398.Pa /etc/ipf.rules 399and 400.Pa /etc/ipnat.rules 401appropriately. 402.Pp 403Note that 404.Va ipfilter_enable 405and 406.Va ipnat_enable 407can be enabled independently. 408.Va ipmon_enable 409and 410.Va ipfs_enable 411both require at least one of 412.Va ipfilter_enable 413and 414.Va ipnat_enable 415to be enabled. 416.Pp 417Having 418.Bd -literal 419options IPFILTER 420options IPFILTER_LOG 421options IPFILTER_DEFAULT_BLOCK 422.Ed 423.Pp 424in the kernel configuration file is a good idea, too. 425.\" ----- ipfilter_program setting ------------------------------ 426.It Va ipfilter_program 427.Pq Vt str 428Path to 429.Xr ipf 8 430(default 431.Pa /sbin/ipf ) . 432.\" ----- ipfilter_rules setting -------------------------------- 433.It Va ipfilter_rules 434.Pq Vt str 435Set to 436.Pa /etc/ipf.rules 437by default. 438This variable contains the name of the filter rule definition file. 439The file is expected to be readable for the 440.Xr ipf 8 441command to execute. 442.\" ----- ipv6_ipfilter_rules setting --------------------------- 443.It Va ipv6_ipfilter_rules 444.Pq Vt str 445Set to 446.Pa /etc/ipf6.rules 447by default. 448This variable contains the IPv6 filter rule definition file. 449The file is expected to be readable for the 450.Xr ipf 8 451command to execute. 452.\" ----- ipfilter_flags setting -------------------------------- 453.It Va ipfilter_flags 454.Pq Vt str 455Empty by default. 456This variable contains flags passed to the 457.Xr ipf 8 458program. 459.\" ----- ipnat_enable setting ---------------------------------- 460.It Va ipnat_enable 461.Pq Vt bool 462Set to 463.Dq Li NO 464by default. 465Set it to 466.Dq Li YES 467to enable 468.Xr ipnat 1 469network address translation. 470See 471.Va ipfilter_enable 472for a detailed discussion. 473.\" ----- ipnat_program setting --------------------------------- 474.It Va ipnat_program 475.Pq Vt str 476Path to 477.Xr ipnat 1 478(default 479.Pa /sbin/ipnat ) . 480.\" ----- ipnat_rules setting ----------------------------------- 481.It Va ipnat_rules 482.Pq Vt str 483Set to 484.Pa /etc/ipnat.rules 485by default. 486This variable contains the name of the file 487holding the network address translation definition. 488This file is expected to be readable for the 489.Xr ipnat 1 490command to execute. 491.\" ----- ipnat_flags setting ----------------------------------- 492.It Va ipnat_flags 493.Pq Vt str 494Empty by default. 495This variable contains flags passed to the 496.Xr ipnat 1 497program. 498.\" ----- ipmon_enable setting ---------------------------------- 499.It Va ipmon_enable 500.Pq Vt bool 501Set to 502.Dq Li NO 503by default. 504Set it to 505.Dq Li YES 506to enable 507.Xr ipmon 8 508monitoring (logging 509.Xr ipf 8 510and 511.Xr ipnat 1 512events). 513Setting this variable needs setting 514.Va ipfilter_enable 515or 516.Va ipnat_enable 517too. 518See 519.Va ipfilter_enable 520for a detailed discussion. 521.\" ----- ipmon_program setting --------------------------------- 522.It Va ipmon_program 523.Pq Vt str 524Path to 525.Xr ipmon 8 526(default 527.Pa /sbin/ipmon ) . 528.\" ----- ipmon_flags setting ----------------------------------- 529.It Va ipmon_flags 530.Pq Vt str 531Set to 532.Dq Li -Ds 533by default. 534This variable contains flags passed to the 535.Xr ipmon 8 536program. 537Another typical example would be 538.Dq Fl D Pa /var/log/ipflog 539to have 540.Xr ipmon 8 541log directly to a file bypassing 542.Xr syslogd 8 . 543Make sure to adjust 544.Pa /etc/newsyslog.conf 545in such case like this: 546.Bd -literal 547/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 548.Ed 549.\" ----- ipfs_enable setting ----------------------------------- 550.It Va ipfs_enable 551.Pq Vt bool 552Set to 553.Dq Li NO 554by default. 555Set it to 556.Dq Li YES 557to enable 558.Xr ipfs 8 559saving the filter and NAT state tables during shutdown 560and reloading them during startup again. 561Setting this variable needs setting 562.Va ipfilter_enable 563or 564.Va ipnat_enable 565to 566.Dq Li YES 567too. 568See 569.Va ipfilter_enable 570for a detailed discussion. 571Note that if 572.Va kern_securelevel 573is set to 3, 574.Va ipfs_enable 575cannot be used 576because the raised securelevel will prevent 577.Xr ipfs 8 578from saving the state tables at shutdown time. 579.\" ----- ipfs_program setting ---------------------------------- 580.It Va ipfs_program 581.Pq Vt str 582Path to 583.Xr ipfs 8 584(default 585.Pa /sbin/ipfs ) . 586.\" ----- ipfs_flags setting ------------------------------------ 587.It Va ipfs_flags 588.Pq Vt str 589Empty by default. 590This variable contains flags passed to the 591.Xr ipfs 8 592program. 593.\" ----- end of added ipf hook --------------------------------- 594.It Va tcp_extensions 595.Pq Vt bool 596Set to 597.Dq Li YES 598by default. 599Setting this to 600.Dq Li NO 601disables certain TCP options as described by 602.Rs 603.%T "RFC 1323" 604.Re 605Setting this to 606.Dq Li NO 607might help remedy such problems with connections as randomly hanging 608or other weird behavior. 609Some network devices are known 610to be broken with respect to these options. 611.It Va log_in_vain 612.Pq Vt int 613Set to 0 by default. 614The 615.Xr sysctl 8 616variables, 617.Va net.inet.tcp.log_in_vain 618and 619.Va net.inet.udp.log_in_vain , 620as described in 621.Xr tcp 4 622and 623.Xr udp 4 , 624are set to the given value. 625.It Va tcp_keepalive 626.Pq Vt bool 627Set to 628.Dq Li YES 629by default. 630Setting to 631.Dq Li NO 632will disable probing idle TCP connections to verify that the 633peer is still up and reachable. 634.It Va tcp_drop_synfin 635.Pq Vt bool 636Set to 637.Dq Li NO 638by default. 639Setting to 640.Dq Li YES 641will cause the kernel to ignore TCP frames that have both 642the SYN and FIN flags set. 643This prevents OS fingerprinting, but may 644break some legitimate applications. 645This option is only available if the 646kernel was built with the 647.Dv TCP_DROP_SYNFIN 648option. 649.It Va icmp_drop_redirect 650.Pq Vt bool 651Set to 652.Dq Li NO 653by default. 654Setting to 655.Dq Li YES 656will cause the kernel to ignore ICMP REDIRECT packets. 657Refer to 658.Xr icmp 4 659for more information. 660.It Va icmp_log_redirect 661.Pq Vt bool 662Set to 663.Dq Li NO 664by default. 665Setting to 666.Dq Li YES 667will cause the kernel to log ICMP REDIRECT packets. 668Note that 669the log messages are not rate-limited, so this option should only be used 670for troubleshooting networks. 671Refer to 672.Xr icmp 4 673for more information. 674.It Va icmp_bmcastecho 675.Pq Vt bool 676Set to 677.Dq Li YES 678to respond to broadcast or multicast ICMP ping packets. 679Refer to 680.Xr icmp 4 681for more information. 682.It Va ip_portrange_first 683.Pq Vt int 684If not set to 685.Dq Li NO , 686this is the first port in the default portrange. 687Refer to 688.Xr ip 4 689for more information. 690.It Va ip_portrange_last 691.Pq Vt int 692If not set to 693.Dq Li NO , 694this is the last port in the default portrange. 695Refer to 696.Xr ip 4 697for more information. 698.It Va network_interfaces 699.Pq Vt str 700Set to the list of network interfaces to configure on this host. 701For example, if the only network devices in the system are the loopback 702device 703.Pq Li lo0 704and a NIC using the 705.Xr ed 4 706driver, 707this could be set to 708.Dq Li "lo0 ed0" . 709An 710.Va ifconfig_ Ns Aq Ar interface 711variable is also assumed to exist for each value of 712.Ar interface . 713It is also possible to add IP alias entries here in cases where 714multiple IP addresses registered against a single interface 715are desired. 716Assuming that the interface in question was 717.Li ed0 , 718it might look 719something like this: 720.Bd -literal 721ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 722ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 723.Ed 724.Pp 725And so on. 726For each 727.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 728entry that is found, 729its contents are passed to 730.Xr ifconfig 8 . 731Execution stops at the first unsuccessful access, so if 732something like this is present: 733.Bd -literal 734ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 735ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 736ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 737ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 738.Ed 739.Pp 740Then note that alias4 would 741.Em not 742be added since the search would 743stop with the missing alias3 entry. 744.Pp 745If the 746.Pa /etc/start_if. Ns Aq Ar interface 747file is present, it is read and executed by the 748.Xr sh 1 749interpreter 750before configuring the interface as specified in the 751.Va ifconfig_ Ns Aq Ar interface 752and 753.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 754variables. 755.Pp 756It is possible to bring up an interface with DHCP by setting the 757.Va ifconfig_ Ns Aq Ar interface 758variable to 759.Dq Li DHCP . 760For instance, to initialize the 761.Li ed0 762device via DHCP, 763it is possible to use something like: 764.Bd -literal 765ifconfig_ed0="DHCP" 766.Ed 767.It Va ipv6_network_interfaces 768.Pq Vt str 769This is the IPv6 equivalent of 770.Va network_interfaces . 771Instead of setting the ifconfig variables as 772.Va ifconfig_ Ns Aq Ar interface 773they should be set as 774.Va ipv6_ifconfig_ Ns Aq Ar interface . 775Aliases should be set as 776.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 777.Va ipv6_prefix_ Ns Aq Ar interface 778does something. 779Interfaces that do not have a 780.Va ipv6_ifconfig_ Ns Aq Ar interface 781setting will be auto configured by 782.Xr rtsol 8 783if the 784.Va ipv6_gateway_enable 785is set to 786.Dq Li NO . 787Note that the IPv6 networking code does not support the 788.Pa /etc/start_if. Ns Aq Ar interface 789files. 790.It Va ipv6_default_interface 791.Pq Vt str 792If not set to 793.Dq Li NO , 794this is the default output interface for scoped addresses. 795Now this works only for IPv6 link local multicast addresses. 796.It Va cloned_interfaces 797.Pq Vt str 798Set to the list of clonable network interfaces to create on this host. 799Entries in 800.Va cloned_interfaces 801are automatically appended to 802.Va network_interfaces 803for configuration. 804.It Va gif_interfaces 805.Pq Vt str 806Set to the list of 807.Xr gif 4 808tunnel interfaces to configure on this host. 809A 810.Va gifconfig_ Ns Aq Ar interface 811variable is assumed to exist for each value of 812.Ar interface . 813The value of this variable is used to configure the link layer of the 814tunnel according to the syntax of the 815.Cm tunnel 816option to 817.Xr ifconfig 8 . 818Additionally, this option ensures that each listed interface is created 819via the 820.Cm create 821option to 822.Xr ifconfig 8 823before attempting to configure it. 824.It Va sppp_interfaces 825.Pq Vt str 826Set to the list of 827.Xr sppp 4 828interfaces to configure on this host. 829A 830.Va spppconfig_ Ns Aq Ar interface 831variable is assumed to exist for each value of 832.Ar interface . 833Each interface should also be configured by a general 834.Va ifconfig_ Ns Aq Ar interface 835setting. 836Refer to 837.Xr spppcontrol 8 838for more information about available options. 839.It Va ppp_enable 840.Pq Vt bool 841If set to 842.Dq Li YES , 843run the 844.Xr ppp 8 845daemon. 846.It Va ppp_mode 847.Pq Vt str 848Mode in which to run the 849.Xr ppp 8 850daemon. 851Accepted modes are 852.Dq Li auto , 853.Dq Li ddial , 854.Dq Li direct 855and 856.Dq Li dedicated . 857See the manual for a full description. 858.It Va ppp_nat 859.Pq Vt bool 860If set to 861.Dq Li YES , 862enables network address translation. 863Used in conjunction with 864.Va gateway_enable 865allows hosts on private network addresses access to the Internet using 866this host as a network address translating router. 867.It Va ppp_profile 868.Pq Vt str 869The name of the profile to use from 870.Pa /etc/ppp/ppp.conf . 871.It Va ppp_user 872.Pq Vt str 873The name of the user under which 874.Xr ppp 8 875should be started. 876By 877default, 878.Xr ppp 8 879is started as 880.Dq Li root . 881.It Va rc_conf_files 882.Pq Vt str 883This option is used to specify a list of files that will override 884the settings in 885.Pa /etc/defaults/rc.conf . 886The files will be read in the order in which they are specified and should 887include the full path to the file. 888By default, the files specified are 889.Pa /etc/rc.conf 890and 891.Pa /etc/rc.conf.local 892.It Va fsck_y_enable 893.Pq Vt bool 894If set to 895.Dq Li YES , 896.Xr fsck 8 897will be run with the 898.Fl y 899flag if the initial preen 900of the file systems fails. 901.It Va netfs_types 902.Pq Vt str 903List of file system types that are network-based. 904This list should generally not be modified by end users. 905Use 906.Va extra_netfs_types 907instead. 908.It Va extra_netfs_types 909.Pq Vt str 910If set to something other than 911.Dq Li NO 912(the default), 913this variable extends the list of file system types 914for which automatic mounting at startup by 915.Xr rc 8 916should be delayed until the network is initialized. 917It should contain 918a whitespace-separated list of network file system descriptor pairs, 919each consisting of a file system type as passed to 920.Xr mount 8 921and a human-readable, one-word description, 922joined with a colon 923.Pq Ql \&: . 924Extending the default list in this way is only necessary 925when third party file system types are used. 926.It Va syslogd_enable 927.Pq Vt bool 928If set to 929.Dq Li YES , 930run the 931.Xr syslogd 8 932daemon. 933.It Va syslogd_program 934.Pq Vt str 935Path to 936.Xr syslogd 8 937(default 938.Pa /usr/sbin/syslogd ) . 939.It Va syslogd_flags 940.Pq Vt str 941If 942.Va syslogd_enable 943is set to 944.Dq Li YES , 945these are the flags to pass to 946.Xr syslogd 8 . 947.It Va inetd_enable 948.Pq Vt bool 949If set to 950.Dq Li YES , 951run the 952.Xr inetd 8 953daemon. 954.It Va inetd_program 955.Pq Vt str 956Path to 957.Xr inetd 8 958(default 959.Pa /usr/sbin/inetd ) . 960.It Va inetd_flags 961.Pq Vt str 962If 963.Va inetd_enable 964is set to 965.Dq Li YES , 966these are the flags to pass to 967.Xr inetd 8 . 968.It Va named_rcng 969.Pq Vt bool 970If set to 971.Dq Li YES 972use new functionality provided in the 973.Pa /etc/rc.d/named 974script to facilitate a 975.Xr chroot 8 976instance of 977.Xr named 8 . 978This variable is experimental. 979It may be removed or changed in the near future. 980.It Va named_enable 981.Pq Vt bool 982If set to 983.Dq Li YES , 984run the 985.Xr named 8 986daemon. 987.It Va named_program 988.Pq Vt str 989Path to 990.Xr named 8 991(default 992.Pa /usr/sbin/named ) . 993.It Va named_flags 994.Pq Vt str 995If 996.Va named_enable 997is set to 998.Dq Li YES , 999these are the flags to pass to 1000.Xr named 8 . 1001.It Va named_pidfile 1002.Pq Vt str 1003This is the default path to the 1004.Xr named 8 1005daemon's PID file. 1006Change it if you change the location in 1007.Xr named.conf 5 . 1008.It Va named_chrootdir 1009.Pq Vt str 1010The root directory for a name server run in a 1011.Xr chroot 8 1012environment. 1013If left empty 1014.Xr named 8 1015will not be run in a 1016.Xr chroot 8 1017environment. 1018This variable has no effect if 1019.Va named_rcng 1020is not enabled. 1021This variable is experimental. 1022It may be removed or changed in the near future. 1023.It Va named_chroot_autoupdate 1024.Pq Vt bool 1025Set to 1026.Dq Li NO 1027to disable automatic syncing of libraries and 1028other system files between the root file system and the 1029.Xr chroot 8 . 1030This variable has no effect if 1031.Va named_rcng 1032is not enabled. 1033This variable is experimental. 1034It may be removed or changed in the near future. 1035.It Va named_symlink_enable 1036.Pq Vt bool 1037Set to 1038.Dq Li NO 1039to disable symlinking of 1040.Va named_pidfile 1041and 1042.Pa /var/run/ndc 1043into the 1044.Xr chroot 8 1045environment in which 1046.Xr named 8 1047is running. 1048This variable has no effect if 1049.Va named_rcng 1050is not enabled. 1051This variable is experimental. 1052It may be removed or changed in the near future. 1053.It Va kerberos5_server_enable 1054.Pq Vt bool 1055Set to 1056.Dq Li YES 1057to start a Kerberos 5 authentication server 1058at boot time. 1059.It Va kerberos5_server 1060.Pq Vt str 1061If 1062.Va kerberos5_server_enable 1063is set to 1064.Dq Li YES 1065this is the path to Kerberos 5 Authentication Server. 1066.It Va kadmind5_server_enable 1067.Pq Vt bool 1068Set to 1069.Dq Li YES 1070to start 1071.Xr kadmind 8 , 1072the Kerberos 5 Administration Daemon; set to 1073.Dq Li NO 1074on a slave server. 1075.It Va kadmind5_server 1076.Pq Vt str 1077If 1078.Va kadmind5_server_enable 1079is set to 1080.Dq Li YES 1081this is the path to Kerberos 5 Administration Daemon. 1082.It Va kpasswdd_server_enable 1083.Pq Vt bool 1084Set to 1085.Dq Li YES 1086to start 1087.Xr kpasswdd 8 , 1088the Kerberos 5 Password-Changing Daemon; set to 1089.Dq Li NO 1090on a slave server. 1091.It Va kpasswdd_server 1092.Pq Vt str 1093If 1094.Va kpasswdd_server_enable 1095is set to 1096.Dq Li YES 1097this is the path to Kerberos 5 Password-Changing Daemon. 1098.It Va rwhod_enable 1099.Pq Vt bool 1100If set to 1101.Dq Li YES , 1102run the 1103.Xr rwhod 8 1104daemon at boot time. 1105.It Va rwhod_flags 1106.Pq Vt str 1107If 1108.Va rwhod_enable 1109is set to 1110.Dq Li YES , 1111these are the flags to pass to it. 1112.It Va amd_enable 1113.Pq Vt bool 1114If set to 1115.Dq Li YES , 1116run the 1117.Xr amd 8 1118daemon at boot time. 1119.It Va amd_flags 1120.Pq Vt str 1121If 1122.Va amd_enable 1123is set to 1124.Dq Li YES , 1125these are the flags to pass to it. 1126See the 1127.Xr amd 8 1128manpage for more information. 1129.It Va amd_map_program 1130.Pq Vt str 1131If set, 1132the specified program is run to get the list of 1133.Xr amd 8 1134maps. 1135For example, if the 1136.Xr amd 8 1137maps are stored in NIS, one can set this to 1138run 1139.Xr ypcat 1 1140to get a list of 1141.Xr amd 8 1142maps from the 1143.Pa amd.master 1144NIS map. 1145.It Va update_motd 1146.Pq Vt bool 1147If set to 1148.Dq Li YES , 1149.Pa /etc/motd 1150will be updated at boot time to reflect the kernel release 1151being run. 1152If set to 1153.Dq Li NO , 1154.Pa /etc/motd 1155will not be updated. 1156.It Va nfs_client_enable 1157.Pq Vt bool 1158If set to 1159.Dq Li YES , 1160run the NFS client daemons at boot time. 1161.It Va nfs_access_cache 1162.Pq Vt int 1163If 1164.Va nfs_client_enable 1165is set to 1166.Dq Li YES , 1167this can be set to 1168.Dq Li 0 1169to disable NFS ACCESS RPC caching, or to the number of seconds for which 1170NFS ACCESS 1171results should be cached. 1172A value of 2-10 seconds will substantially reduce network 1173traffic for many NFS operations. 1174.It Va nfs_server_enable 1175.Pq Vt bool 1176If set to 1177.Dq Li YES , 1178run the NFS server daemons at boot time. 1179.It Va nfs_server_flags 1180.Pq Vt str 1181If 1182.Va nfs_server_enable 1183is set to 1184.Dq Li YES , 1185these are the flags to pass to the 1186.Xr nfsd 8 1187daemon. 1188.It Va mountd_enable 1189.Pq Vt bool 1190If set to 1191.Dq Li YES , 1192and no 1193.Va nfs_server_enable 1194is set, start 1195.Xr mountd 8 , 1196but not 1197.Xr nfsd 8 1198daemon. 1199It is commonly needed to run CFS without real NFS used. 1200.It Va mountd_flags 1201.Pq Vt str 1202If 1203.Va mountd_enable 1204is set to 1205.Dq Li YES , 1206these are the flags to pass to the 1207.Xr mountd 8 1208daemon. 1209.It Va weak_mountd_authentication 1210.Pq Vt bool 1211If set to 1212.Dq Li YES , 1213allow services like PCNFSD to make non-privileged mount 1214requests. 1215.It Va nfs_reserved_port_only 1216.Pq Vt bool 1217If set to 1218.Dq Li YES , 1219provide NFS services only on a secure port. 1220.It Va nfs_bufpackets 1221.Pq Vt int 1222If set to a number, indicates the number of packets worth of 1223socket buffer space to reserve on an NFS client. 1224The kernel default is typically 4. 1225Using a higher number may be 1226useful on gigabit networks to improve performance. 1227The minimum value is 12282 and the maximum is 64. 1229.It Va rpc_umntall_enable 1230.Pq Vt bool 1231If set to 1232.Dq Li YES 1233(default) and we are also an NFS client, run 1234.Xr rpc.umntall 8 1235at boot time to clear out old mounts on remote servers. 1236If set to 1237.Dq Li NO 1238then 1239.Xr rpc.umntall 8 1240will not be run at boot time. 1241.It Va rpc_lockd_enable 1242.Pq Vt bool 1243If set to 1244.Dq Li YES 1245and also an NFS server, run 1246.Xr rpc.lockd 8 1247at boot time. 1248.It Va rpc_statd_enable 1249.Pq Vt bool 1250If set to 1251.Dq Li YES 1252and also an NFS server, run 1253.Xr rpc.statd 8 1254at boot time. 1255.It Va rpcbind_program 1256.Pq Vt str 1257Path to 1258.Xr rpcbind 8 1259(default 1260.Pa /usr/sbin/rpcbind ) . 1261.It Va rpcbind_enable 1262.Pq Vt bool 1263If set to 1264.Dq Li YES , 1265run the 1266.Xr rpcbind 8 1267service at boot time. 1268.It Va rpcbind_flags 1269.Pq Vt str 1270If 1271.Va rpcbind_enable 1272is set to 1273.Dq Li YES , 1274these are the flags to pass to the 1275.Xr rpcbind 8 1276daemon. 1277.It Va keyserv_enable 1278.Pq Vt bool 1279If set to 1280.Dq Li YES , 1281run the 1282.Xr keyserv 8 1283daemon on boot for running Secure RPC. 1284.It Va keyserv_flags 1285.Pq Vt str 1286If 1287.Va keyserv_enable 1288is set to 1289.Dq Li YES , 1290these are the flags to pass to 1291.Xr keyserv 8 1292daemon. 1293.It Va pppoed_enable 1294.Pq Vt bool 1295If set to 1296.Dq Li YES , 1297run the 1298.Xr pppoed 8 1299daemon at boot time to provide PPP over Ethernet services. 1300.It Va pppoed_ Ns Ar provider 1301.Pq Vt str 1302.Xr pppoed 8 1303listens to requests to this 1304.Ar provider 1305and ultimately runs 1306.Xr ppp 8 1307with a 1308.Ar system 1309argument of the same name. 1310.It Va pppoed_flags 1311.Pq Vt str 1312Additional flags to pass to 1313.Xr pppoed 8 . 1314.It Va pppoed_interface 1315.Pq Vt str 1316The network interface to run 1317.Xr pppoed 8 1318on. 1319This is mandatory when 1320.Va pppoed_enable 1321is set to 1322.Dq Li YES . 1323.It Va timed_enable 1324.Pq Vt bool 1325If set to 1326.Dq Li YES , 1327run the 1328.Xr timed 8 1329service at boot time. 1330This command is intended for networks of 1331machines where a consistent 1332.Dq "network time" 1333for all hosts must be established. 1334This is often useful in large NFS 1335environments where time stamps on files are expected to be consistent 1336network-wide. 1337.It Va timed_flags 1338.Pq Vt str 1339If 1340.Va timed_enable 1341is set to 1342.Dq Li YES , 1343these are the flags to pass to the 1344.Xr timed 8 1345service. 1346.It Va ntpd_enable 1347.Pq Vt bool 1348If set to 1349.Dq Li YES , 1350run the 1351.Xr ntpd 8 1352command at boot time. 1353.It Va ntpd_program 1354.Pq Vt str 1355Path to 1356.Xr ntpd 8 1357(default 1358.Pa /usr/sbin/ntpd ) . 1359.It Va ntpd_flags 1360.Pq Vt str 1361If 1362.Va ntpd_enable 1363is set to 1364.Dq Li YES , 1365these are the flags to pass to the 1366.Xr ntpd 8 1367daemon. Set to 1368.Dq Li -s 1369by default which sets the time immediately at startup if the 1370local clock is off by more than 180 seconds. To prevent 1371.Xr ntpd 8 1372from doing this, set 1373.Va ntpd_flags 1374to 1375.Dq Li -S . 1376.It Va nis_client_enable 1377.Pq Vt bool 1378If set to 1379.Dq Li YES , 1380run the 1381.Xr ypbind 8 1382service at system boot time. 1383.It Va nis_client_flags 1384.Pq Vt str 1385If 1386.Va nis_client_enable 1387is set to 1388.Dq Li YES , 1389these are the flags to pass to the 1390.Xr ypbind 8 1391service. 1392.It Va nis_ypset_enable 1393.Pq Vt bool 1394If set to 1395.Dq Li YES , 1396run the 1397.Xr ypset 8 1398daemon at system boot time. 1399.It Va nis_ypset_flags 1400.Pq Vt str 1401If 1402.Va nis_ypset_enable 1403is set to 1404.Dq Li YES , 1405these are the flags to pass to the 1406.Xr ypset 8 1407daemon. 1408.It Va nis_server_enable 1409.Pq Vt bool 1410If set to 1411.Dq Li YES , 1412run the 1413.Xr ypserv 8 1414daemon at system boot time. 1415.It Va nis_server_flags 1416.Pq Vt str 1417If 1418.Va nis_server_enable 1419is set to 1420.Dq Li YES , 1421these are the flags to pass to the 1422.Xr ypserv 8 1423daemon. 1424.It Va nis_ypxfrd_enable 1425.Pq Vt bool 1426If set to 1427.Dq Li YES , 1428run the 1429.Xr rpc.ypxfrd 8 1430daemon at system boot time. 1431.It Va nis_ypxfrd_flags 1432.Pq Vt str 1433If 1434.Va nis_ypxfrd_enable 1435is set to 1436.Dq Li YES , 1437these are the flags to pass to the 1438.Xr rpc.ypxfrd 8 1439daemon. 1440.It Va nis_yppasswdd_enable 1441.Pq Vt bool 1442If set to 1443.Dq Li YES , 1444run the 1445.Xr rpc.yppasswdd 8 1446daemon at system boot time. 1447.It Va nis_yppasswdd_flags 1448.Pq Vt str 1449If 1450.Va nis_yppasswdd_enable 1451is set to 1452.Dq Li YES , 1453these are the flags to pass to the 1454.Xr rpc.yppasswdd 8 1455daemon. 1456.It Va rpc_ypupdated_enable 1457.Pq Vt bool 1458If set to 1459.Dq Li YES , 1460run the 1461.Nm rpc.ypupdated 1462daemon at system boot time. 1463.It Va defaultrouter 1464.Pq Vt str 1465If not set to 1466.Dq Li NO , 1467create a default route to this host name or IP address 1468(use an IP address if this router is also required to get to the 1469name server!). 1470.It Va ipv6_defaultrouter 1471.Pq Vt str 1472The IPv6 equivalent of 1473.Va defaultrouter . 1474.It Va static_routes 1475.Pq Vt str 1476Set to the list of static routes that are to be added at system 1477boot time. 1478If not set to 1479.Dq Li NO 1480then for each whitespace separated 1481.Ar element 1482in the value, a 1483.Va route_ Ns Aq Ar element 1484variable is assumed to exist 1485whose contents will later be passed to a 1486.Dq Nm route Cm add 1487operation. 1488.It Va ipv6_static_routes 1489.Pq Vt str 1490The IPv6 equivalent of 1491.Va static_routes . 1492If not set to 1493.Dq Li NO 1494then for each whitespace separated 1495.Ar element 1496in the value, a 1497.Va ipv6_route_ Ns Aq Ar element 1498variable is assumed to exist 1499whose contents will later be passed to a 1500.Dq Nm route Cm add Fl inet6 1501operation. 1502.It Va gateway_enable 1503.Pq Vt bool 1504If set to 1505.Dq Li YES , 1506configure host to act as an IP router, e.g. to forward packets 1507between interfaces. 1508.It Va ipv6_gateway_enable 1509.Pq Vt bool 1510The IPv6 equivalent of 1511.Va gateway_enable . 1512.It Va router_enable 1513.Pq Vt bool 1514If set to 1515.Dq Li YES , 1516run a routing daemon of some sort, based on the 1517settings of 1518.Va router 1519and 1520.Va router_flags . 1521.It Va ipv6_router_enable 1522.Pq Vt bool 1523The IPv6 equivalent of 1524.Va router_enable . 1525If set to 1526.Dq Li YES , 1527run a routing daemon of some sort, based on the 1528settings of 1529.Va ipv6_router 1530and 1531.Va ipv6_router_flags . 1532.It Va router 1533.Pq Vt str 1534If 1535.Va router_enable 1536is set to 1537.Dq Li YES , 1538this is the name of the routing daemon to use. 1539.It Va ipv6_router 1540.Pq Vt str 1541The IPv6 equivalent of 1542.Va router . 1543.It Va router_flags 1544.Pq Vt str 1545If 1546.Va router_enable 1547is set to 1548.Dq Li YES , 1549these are the flags to pass to the routing daemon. 1550.It Va ipv6_router_flags 1551.Pq Vt str 1552The IPv6 equivalent of 1553.Va router_flags . 1554.It Va mrouted_enable 1555.Pq Vt bool 1556If set to 1557.Dq Li YES , 1558run the multicast routing daemon, 1559.Xr mrouted 8 . 1560.It Va mroute6d_enable 1561.Pq Vt bool 1562The IPv6 equivalent of 1563.Va mrouted_enable . 1564If set to 1565.Dq Li YES , 1566run the IPv6 multicast routing daemon. 1567Note that no IPv6 multicast routing daemon is included in the 1568.Dx 1569base system but 1570.Xr pim6dd 8 1571can be installed from the 1572.Fx 1573Ports Collection. 1574.It Va mrouted_flags 1575.Pq Vt str 1576If 1577.Va mrouted_enable 1578is set to 1579.Dq Li YES , 1580these are the flags to pass to the 1581.Xr mrouted 8 1582daemon. 1583.It Va mroute6d_flags 1584.Pq Vt str 1585The IPv6 equivalent of 1586.Va mrouted_flags . 1587If 1588.Va mroute6d_enable 1589is set to 1590.Dq Li YES , 1591these are the flags passed to the IPv6 multicast routing daemon. 1592.It Va mroute6d_program 1593.Pq Vt str 1594If 1595.Va mroute6d_enable 1596is set to 1597.Dq Li YES , 1598this is the path to the IPv6 multicast routing daemon. 1599.It Va rtadvd_enable 1600.Pq Vt bool 1601If set to 1602.Dq Li YES , 1603run the 1604.Xr rtadvd 8 1605daemon at boot time. 1606.Xr rtadvd 8 1607will only run if 1608.Va ipv6_gateway_enable 1609is also set to 1610.Dq Li YES . 1611The 1612.Xr rtadvd 8 1613utility sends router advertisement packets to the interfaces specified in 1614.Va rtadvd_interfaces . 1615.Xr rtadvd 8 1616and should only be enabled with great care. 1617You may want to fine-tune 1618.Xr rtadvd.conf 5 . 1619.It Va rtadvd_interfaces 1620.Pq Vt str 1621If 1622.Va rtadvd_enable 1623is set to 1624.Dq Li YES 1625this is the list of interfaces to use. 1626.It Va ipxgateway_enable 1627.Pq Vt bool 1628If set to 1629.Dq Li YES , 1630enable the routing of IPX traffic. 1631.It Va ipxrouted_enable 1632.Pq Vt bool 1633If set to 1634.Dq Li YES , 1635run the 1636.Xr IPXrouted 8 1637daemon at system boot time. 1638.It Va ipxrouted_flags 1639.Pq Vt str 1640If 1641.Va ipxrouted_enable 1642is set to 1643.Dq Li YES , 1644these are the flags to pass to the 1645.Xr IPXrouted 8 1646daemon. 1647.It Va arpproxy_all 1648.Pq Vt bool 1649If set to 1650.Dq Li YES , 1651enable global proxy ARP. 1652.It Va forward_sourceroute 1653.Pq Vt bool 1654If set to 1655.Dq Li YES 1656and 1657.Va gateway_enable 1658is also set to 1659.Dq Li YES , 1660source-routed packets are forwarded. 1661.It Va accept_sourceroute 1662.Pq Vt bool 1663If set to 1664.Dq Li YES , 1665the system will accept source-routed packets directed at it. 1666.It Va rarpd_enable 1667.Pq Vt bool 1668If set to 1669.Dq Li YES , 1670run the 1671.Xr rarpd 8 1672daemon at system boot time. 1673.It Va rarpd_flags 1674.Pq Vt str 1675If 1676.Va rarpd_enable 1677is set to 1678.Dq Li YES , 1679these are the flags to pass to the 1680.Xr rarpd 8 1681daemon. 1682.It Va bootparamd_enable 1683.Pq Vt bool 1684If set to 1685.Dq Li YES , 1686run the 1687.Xr bootparamd 8 1688daemon at system boot time. 1689.It Va bootparamd_flags 1690.Pq Vt str 1691If 1692.Va bootparamd_enable 1693is set to 1694.Dq Li YES , 1695these are the flags to pass to the 1696.Xr bootparamd 8 1697daemon. 1698.It Va stf_interface_ipv4addr 1699.Pq Vt str 1700If not set to 1701.Dq Li NO , 1702this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 1703interface). 1704Specify this entry to enable the 6to4 interface. 1705.It Va stf_interface_ipv4plen 1706.Pq Vt int 1707Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1708An effective value is 0-31. 1709.It Va stf_interface_ipv6_ifid 1710.Pq Vt str 1711IPv6 interface ID for 1712.Xr stf 4 . 1713This can be set to 1714.Dq Li AUTO . 1715.It Va stf_interface_ipv6_slaid 1716.Pq Vt str 1717IPv6 Site Level Aggregator for 1718.Xr stf 4 . 1719.It Va ipv6_faith_prefix 1720.Pq Vt str 1721If not set to 1722.Dq Li NO , 1723this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 1724translator. 1725You also need 1726.Xr faithd 8 1727setup. 1728.It Va ipv6_ipv4mapping 1729.Pq Vt bool 1730If set to 1731.Dq Li YES 1732this enables IPv4 mapped IPv6 address communication (like 1733.Li ::ffff:a.b.c.d ) . 1734.It Va atm_enable 1735.Pq Vt bool 1736Set to 1737.Dq Li YES 1738to enable the configuration of ATM interfaces at system boot time. 1739For all of the ATM variables described below, please refer to the 1740.Xr atm 8 1741man page for further details on the available command parameters. 1742Also refer to the files in 1743.Pa /usr/share/examples/atm 1744for more detailed configuration information. 1745.It Va atm_load 1746.Pq Vt str 1747This is a list of physical ATM interface drivers to load. Typical values are 1748.Dq Li hfa_pci 1749and/or 1750.Dq Li hea_pci . 1751.It Va atm_netif_ Ns Aq Ar intf 1752.Pq Vt str 1753For the ATM physical interface 1754.Ar intf , 1755this variable defines the name prefix and count for the ATM network 1756interfaces to be created. 1757The value will be passed as the parameters of an 1758.Dq Nm atm Cm "set netif" Ar intf 1759command. 1760.It Va atm_sigmgr_ Ns Aq Ar intf 1761.Pq Vt str 1762For the ATM physical interface 1763.Ar intf , 1764this variable defines the ATM signalling manager to be used. 1765The value will be passed as the parameters of an 1766.Dq Nm atm Cm attach Ar intf 1767command. 1768.It Va atm_prefix_ Ns Aq Ar intf 1769.Pq Vt str 1770For the ATM physical interface 1771.Ar intf , 1772this variable defines the NSAP prefix for interfaces using a UNI signalling 1773manager. 1774If set to 1775.Dq Li ILMI , 1776the prefix will automatically be set via the 1777.Xr ilmid 8 1778daemon. 1779Otherwise, the value will be passed as the parameters of an 1780.Dq Nm atm Cm "set prefix" Ar intf 1781command. 1782.It Va atm_macaddr_ Ns Aq Ar intf 1783.Pq Vt str 1784For the ATM physical interface 1785.Ar intf , 1786this variable defines the MAC address for interfaces using a UNI signalling 1787manager. 1788If set to 1789.Dq Li NO , 1790the hardware MAC address contained in the ATM interface card will be used. 1791Otherwise, the value will be passed as the parameters of an 1792.Dq Nm atm Cm "set mac" Ar intf 1793command. 1794.It Va atm_arpserver_ Ns Aq Ar netif 1795.Pq Vt str 1796For the ATM network interface 1797.Ar netif , 1798this variable defines the ATM address for a host which is to provide ATMARP 1799service. 1800This variable is only applicable to interfaces using a UNI signalling 1801manager. 1802If set to 1803.Dq Li local , 1804this host will become an ATMARP server. 1805The value will be passed as the parameters of an 1806.Dq Nm atm Cm "set arpserver" Ar netif 1807command. 1808.It Va atm_scsparp_ Ns Aq Ar netif 1809.Pq Vt bool 1810If set to 1811.Dq Li YES , 1812SCSP/ATMARP service for the network interface 1813.Ar netif 1814will be initiated using the 1815.Xr scspd 8 1816and 1817.Xr atmarpd 8 1818daemons. 1819This variable is only applicable if 1820.Va atm_arpserver_ Ns Aq Ar netif 1821is set to 1822.Dq Li local . 1823.It Va atm_pvcs 1824.Pq Vt str 1825Set to the list of ATM PVCs to be added at system 1826boot time. 1827For each whitespace separated 1828.Ar element 1829in the value, an 1830.Va atm_pvc_ Ns Aq Ar element 1831variable is assumed to exist. 1832The value of each of these variables 1833will be passed as the parameters of an 1834.Dq Nm atm Cm "add pvc" 1835command. 1836.It Va atm_arps 1837.Pq Vt str 1838Set to the list of permanent ATM ARP entries to be added 1839at system boot time. 1840For each whitespace separated 1841.Ar element 1842in the value, an 1843.Va atm_arp_ Ns Aq Ar element 1844variable is assumed to exist. 1845The value of each of these variables 1846will be passed as the parameters of an 1847.Dq Nm atm Cm "add arp" 1848command. 1849.It Va natm_interfaces 1850.Pq Vt str 1851Set to the list of 1852.Xr natm 4 1853interfaces that will also be used for HARP through 1854.Xr harp 4 . 1855If this list is not empty all interfaces in the list will be brought up 1856with 1857.Xr ifconfig 9 1858and 1859.Xr harp 4 1860will be loaded. 1861For this to work the interface drivers must be either compiled into the 1862kernel or must reside on the root partition. 1863.It Va keybell 1864.Pq Vt str 1865The keyboard bell sound. 1866Set to 1867.Dq Li normal , 1868.Dq Li visual , 1869.Dq Li off , 1870or 1871.Dq Li NO 1872if the default behavior is desired. 1873For details, refer to the 1874.Xr kbdcontrol 1 1875manpage. 1876.It Va keymap 1877.Pq Vt str 1878If set to 1879.Dq Li NO , 1880no keymap is installed, otherwise the value is used to install 1881the keymap file in 1882.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1883.It Va keyrate 1884.Pq Vt str 1885The keyboard repeat speed. 1886Set to 1887.Dq Li slow , 1888.Dq Li normal , 1889.Dq Li fast , 1890or 1891.Dq Li NO 1892if the default behavior is desired. 1893.It Va keychange 1894.Pq Vt str 1895If not set to 1896.Dq Li NO , 1897attempt to program the function keys with the value. 1898The value should 1899be a single string of the form: 1900.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 1901.It Va cursor 1902.Pq Vt str 1903Can be set to the value of 1904.Dq Li normal , 1905.Dq Li blink , 1906.Dq Li destructive , 1907or 1908.Dq Li NO 1909to set the cursor behavior explicitly or choose the default behavior. 1910.It Va scrnmap 1911.Pq Vt str 1912If set to 1913.Dq Li NO , 1914no screen map is installed, otherwise the value is used to install 1915the screen map file in 1916.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 1917.It Va font8x16 1918.Pq Vt str 1919If set to 1920.Dq Li NO , 1921the default 8x16 font value is used for screen size requests, otherwise 1922the value in 1923.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1924is used. 1925.It Va font8x14 1926.Pq Vt str 1927If set to 1928.Dq Li NO , 1929the default 8x14 font value is used for screen size requests, otherwise 1930the value in 1931.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1932is used. 1933.It Va font8x8 1934.Pq Vt str 1935If set to 1936.Dq Li NO , 1937the default 8x8 font value is used for screen size requests, otherwise 1938the value in 1939.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1940is used. 1941.It Va blanktime 1942.Pq Vt int 1943If set to 1944.Dq Li NO , 1945the default screen blanking interval is used, otherwise it is set 1946to 1947.Ar value 1948seconds. 1949.It Va saver 1950.Pq Vt str 1951If not set to 1952.Dq Li NO , 1953this is the actual screen saver to use 1954.Li ( blank , snake , daemon , 1955etc). 1956.It Va moused_enable 1957.Pq Vt str 1958If set to 1959.Dq Li YES , 1960the 1961.Xr moused 8 1962daemon is started for doing cut/paste selection on the console. 1963.It Va moused_type 1964.Pq Vt str 1965This is the protocol type of the mouse connected to this host. 1966This variable must be set if 1967.Va moused_enable 1968is set to 1969.Dq Li YES . 1970The 1971.Xr moused 8 1972daemon 1973is able to detect the appropriate mouse type automatically in many cases. 1974Set this variable to 1975.Dq Li auto 1976to let the daemon detect it, or 1977select one from the following list if the automatic detection fails. 1978.Pp 1979If the mouse is attached to the PS/2 mouse port, choose 1980.Dq Li auto 1981or 1982.Dq Li ps/2 , 1983regardless of the brand and model of the mouse. 1984Likewise, if the 1985mouse is attached to the bus mouse port, choose 1986.Dq Li auto 1987or 1988.Dq Li busmouse . 1989All other protocols are for serial mice and will not work with 1990the PS/2 and bus mice. 1991If this is a USB mouse, 1992.Dq Li auto 1993is the only protocol type which will work. 1994.Pp 1995.Bl -tag -width ".Li x10mouseremote" -compact 1996.It Li microsoft 1997Microsoft mouse (serial) 1998.It Li intellimouse 1999Microsoft IntelliMouse (serial) 2000.It Li mousesystems 2001Mouse systems Corp. mouse (serial) 2002.It Li mmseries 2003MM Series mouse (serial) 2004.It Li logitech 2005Logitech mouse (serial) 2006.It Li busmouse 2007A bus mouse 2008.It Li mouseman 2009Logitech MouseMan and TrackMan (serial) 2010.It Li glidepoint 2011ALPS GlidePoint (serial) 2012.It Li thinkingmouse 2013Kensington ThinkingMouse (serial) 2014.It Li ps/2 2015PS/2 mouse 2016.It Li mmhittab 2017MM HitTablet (serial) 2018.It Li x10mouseremote 2019X10 MouseRemote (serial) 2020.It Li versapad 2021Interlink VersaPad (serial) 2022.El 2023.Pp 2024Even if the mouse is not in the above list, it may be compatible 2025with one in the list. 2026Refer to the man page for 2027.Xr moused 8 2028for compatibility information. 2029.Pp 2030It should also be noted that while this is enabled, any 2031other client of the mouse (such as an X server) should access 2032the mouse through the virtual mouse device, 2033.Pa /dev/sysmouse , 2034and configure it as a 2035.Dq Li sysmouse 2036type mouse, since all 2037mouse data is converted to this single canonical format when 2038using 2039.Xr moused 8 . 2040If the client program does not support the 2041.Dq Li sysmouse 2042type, 2043specify the 2044.Dq Li mousesystems 2045type. 2046It is the second preferred type. 2047.It Va moused_port 2048.Pq Vt str 2049If 2050.Va moused_enable 2051is set to 2052.Dq Li YES , 2053this is the actual port the mouse is on. 2054It might be 2055.Pa /dev/cuaa0 2056for a COM1 serial mouse, 2057.Pa /dev/psm0 2058for a PS/2 mouse or 2059.Pa /dev/mse0 2060for a bus mouse, for example. 2061.It Va moused_flags 2062.Pq Vt str 2063If 2064.Va moused_type 2065is set, these are the additional flags to pass to the 2066.Xr moused 8 2067daemon. 2068.It Va mousechar_start 2069.Pq Vt int 2070If set to 2071.Dq Li NO , 2072the default mouse cursor character range 2073.Li 0xd0 Ns - Ns Li 0xd3 2074is used, 2075otherwise the range start is set 2076to 2077.Ar value 2078character, see 2079.Xr vidcontrol 1 . 2080Use if the default range is occupied in the language code table. 2081.It Va allscreens_flags 2082.Pq Vt str 2083If set, 2084.Xr vidcontrol 1 2085is run with these options for each of the virtual terminals 2086.Pq Pa /dev/ttyv* . 2087For example, 2088.Dq Fl m Cm on 2089will enable the mouse pointer on all virtual terminals 2090if 2091.Va moused_enable 2092is set to 2093.Dq Li YES . 2094.It Va allscreens_kbdflags 2095.Pq Vt str 2096If set, 2097.Xr kbdcontrol 1 2098is run with these options for each of the virtual terminals 2099.Pq Pa /dev/ttyv* . 2100For example, 2101.Dq Fl h Li 200 2102will set the 2103.Xr syscons 4 2104scrollback (history) buffer to 200 lines. 2105.It Va cron_enable 2106.Pq Vt bool 2107If set to 2108.Dq Li YES , 2109run the 2110.Xr cron 8 2111daemon at system boot time. 2112.It Va cron_program 2113.Pq Vt str 2114Path to 2115.Xr cron 8 2116(default 2117.Pa /usr/sbin/cron ) . 2118.It Va cron_flags 2119.Pq Vt str 2120If 2121.Va cron_enable 2122is set to 2123.Dq Li YES , 2124these are the flags to pass to 2125.Xr cron 8 . 2126.It Va lpd_program 2127.Pq Vt str 2128Path to 2129.Xr lpd 8 2130(default 2131.Pa /usr/sbin/lpd ) . 2132.It Va lpd_enable 2133.Pq Vt bool 2134If set to 2135.Dq Li YES , 2136run the 2137.Xr lpd 8 2138daemon at system boot time. 2139.It Va lpd_flags 2140.Pq Vt str 2141If 2142.Va lpd_enable 2143is set to 2144.Dq Li YES , 2145these are the flags to pass to the 2146.Xr lpd 8 2147daemon. 2148.It Va mta_start_script 2149.Pq Vt str 2150This variable specifies the full path to the script to run to start 2151a mail transfer agent. 2152The default is 2153.Pa /etc/rc.sendmail . 2154The 2155.Va sendmail_* 2156variables which 2157.Pa /etc/rc.sendmail 2158uses are documented in the 2159.Xr rc.sendmail 8 2160man page. 2161.It Va dumpdev 2162.Pq Vt str 2163Indicates the device (usually a swap partition) to which a crash dump 2164should be written in the event of a system crash. 2165The value of this variable is passed as the argument to 2166.Xr dumpon 8 . 2167To disable crash dumps, set this variable to 2168.Dq Li NO . 2169.It Va dumpdir 2170.Pq Vt str 2171When the system reboots after a crash and a crash dump is found on the 2172device specified by the 2173.Va dumpdev 2174variable, 2175.Xr savecore 8 2176will save that crash dump and a copy of the kernel to the directory 2177specified by the 2178.Va dumpdir 2179variable. 2180The default value is 2181.Pa /var/crash . 2182Set to 2183.Dq Li NO 2184to not run 2185.Xr savecore 8 2186at boot time when 2187.Va dumpdir 2188is set. 2189.It Va savecore_flags 2190.Pq Vt str 2191If crash dumps are enabled, these are the flags to pass to the 2192.Xr savecore 8 2193utility. 2194.It Va enable_quotas 2195.Pq Vt bool 2196Set to 2197.Dq Li YES 2198to turn on user disk quotas on system startup via the 2199.Xr quotaon 8 2200command. 2201.It Va check_quotas 2202.Pq Vt bool 2203Set to 2204.Dq Li YES 2205to enable user disk quota checking via the 2206.Xr quotacheck 8 2207command. 2208.It Va accounting_enable 2209.Pq Vt bool 2210Set to 2211.Dq Li YES 2212to enable system accounting through the 2213.Xr accton 8 2214facility. 2215.It Va ibcs2_enable 2216.Pq Vt bool 2217Set to 2218.Dq Li YES 2219to enable iBCS2 (SCO) binary emulation at system initial boot 2220time. 2221.It Va ibcs2_loaders 2222.Pq Vt str 2223If not set to 2224.Dq Li NO 2225and if 2226.Va ibcs2_enable 2227is set to 2228.Dq Li YES , 2229this specifies a list of additional iBCS2 loaders to enable. 2230.It Va linux_enable 2231.Pq Vt bool 2232Set to 2233.Dq Li YES 2234to enable Linux/ELF binary emulation at system initial 2235boot time. 2236.It Va osf1_enable 2237.Pq Vt bool 2238Set to 2239.Dq Li YES 2240to enable OSF/1 (Digital UNIX) binary emulation at system 2241initial boot time. 2242(alpha) 2243.It Va svr4_enable 2244.Pq Vt bool 2245If set to 2246.Dq Li YES , 2247enable SysVR4 emulation at boot time. 2248.It Va sysvipc_enable 2249.Pq Vt bool 2250If set to 2251.Dq Li YES , 2252load System V IPC primitives at boot time. 2253.It Va clear_tmp_enable 2254.Pq Vt bool 2255Set to 2256.Dq Li YES 2257to have 2258.Pa /tmp 2259cleaned at startup. 2260.It Va ldconfig_paths 2261.Pq Vt str 2262Set to the list of shared library paths to use with 2263.Xr ldconfig 8 . 2264NOTE: 2265.Pa /usr/lib 2266will always be added first, so it need not appear in this list. 2267.It Va ldconfig_paths_aout 2268.Pq Vt str 2269Set to the list of shared library paths to use with 2270.Xr ldconfig 8 2271legacy 2272.Xr a.out 5 2273support. 2274.It Va ldconfig_insecure 2275.Pq Vt bool 2276The 2277.Xr ldconfig 8 2278utility normally refuses to use directories 2279which are writable by anyone except root. 2280Set this variable to 2281.Dq Li YES 2282to disable that security check during system startup. 2283.It Va kern_securelevel_enable 2284.Pq Vt bool 2285Set to 2286.Dq Li YES 2287to set the kernel security level at system startup. 2288.It Va kern_securelevel 2289.Pq Vt int 2290The kernel security level to set at startup. 2291The allowed range of 2292.Ar value 2293ranges from \-1 (the compile time default) to 3 (the 2294most secure). 2295See 2296.Xr init 8 2297for the list of possible security levels and their effect 2298on system operation. 2299.It Va lomac_enable 2300.Pq Vt bool 2301Set to 2302.Dq Li YES 2303to enable Low Watermark Mandatory Access Control (LOMAC) at boot time. 2304This security model enforces integrity constraints for system processes; 2305see 2306.Xr lomac 4 2307for a complete description of the LOMAC model, as well as its impact 2308on system operation. 2309.It Va start_vinum 2310.Pq Vt bool 2311Set to 2312.Dq Li YES 2313to start 2314.Xr vinum 8 2315at system boot time. 2316.It Va sshd_program 2317.Pq Vt str 2318Path to the SSH server program 2319.Pa ( /usr/sbin/sshd 2320is the default). 2321.It Va sshd_enable 2322.Pq Vt bool 2323Set to 2324.Dq Li YES 2325to start 2326.Xr sshd 8 2327at system boot time. 2328.It Va sshd_flags 2329.Pq Vt str 2330If 2331.Va sshd_enable 2332is set to 2333.Dq Li YES , 2334these are the flags to pass to the 2335.Xr sshd 8 2336daemon. 2337.It Va usbd_enable 2338.Pq Vt bool 2339If set to 2340.Dq Li YES , 2341run the 2342.Xr usbd 8 2343daemon at boot time. 2344.It Va usbd_flags 2345.Pq Vt str 2346If 2347.Va usbd_enable 2348is set to 2349.Dq Li YES , 2350these are the flags passed to 2351.Xr usbd 8 2352daemon. 2353.It Va watchdogd_enable 2354.Pq Vt bool 2355If set to 2356.Dq Li YES , 2357start the 2358.Xr watchdogd 8 2359daemon at boot time. 2360This requires that the kernel have been compiled with 2361.Cd "options WATCHDOG" . 2362.It Va jail_enable 2363.Pq Vt bool 2364If set to 2365.Dq Li NO , 2366any configured jails will not be started. 2367.It Va jail_list 2368.Pq Vt str 2369A space separated list of names for jails. 2370This is purely a configuration aid to help identify and 2371configure multiple jails. 2372The names specified in this list will be used to 2373identify settings common to an instance of a jail. 2374Assuming that the jail in question was named 2375.Li vjail , 2376you would have the following dependant variables: 2377.Bd -literal 2378jail_vjail_hostname="jail.example.com" 2379jail_vjail_ip="192.168.1.100" 2380jail_vjail_rootdir="/var/jails/vjail/root" 2381jail_vjail_exec="/bin/sh /etc/rc" 2382.Ed 2383.Pp 2384The last one is optional. 2385It defaults to 2386.Pa /etc/rc 2387if it is not set. 2388.It Va jail_set_hostname_allow 2389.Pq Vt bool 2390If set to 2391.Dq Li NO , 2392do not allow the root user in a jail to set its hostname. 2393.It Va jail_socket_unixiproute_only 2394.Pq Vt bool 2395If set to 2396.Dq Li NO , 2397do not allow any protocol, 2398besides TCP/IP, 2399to be used within a jail. 2400.It Va jail_sysvipc_allow 2401.Pq Vt bool 2402If set to 2403.Dq Li YES , 2404allow applications within a jail to use System V IPC. 2405.It Va unaligned_print 2406.Pq Vt bool 2407If set to 2408.Dq Li NO , 2409unaligned access warnings will not be printed. 2410(alpha) 2411.\" ----- isdn settings --------------------------------- 2412.It Va isdn_enable 2413.Pq Vt bool 2414Set to 2415.Dq Li NO 2416by default. 2417When set to 2418.Dq Li YES , 2419starts the 2420.Xr isdnd 8 2421daemon 2422at system boot time. 2423.It Va isdn_flags 2424.Pq Vt str 2425Set to 2426.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2427by default. 2428Additional flags to pass to 2429.Xr isdnd 8 2430(but see 2431.Va isdn_fsdev 2432and 2433.Va isdn_ttype 2434for certain tunable parameters). 2435.It Va isdn_ttype 2436.Pq Vt str 2437Set to 2438.Dq Li cons25 2439by default. 2440The terminal type of the output device when 2441.Xr isdnd 8 2442operates in full-screen mode. 2443.It Va isdn_screenflags 2444.Pq Vt str 2445Set to 2446.Dq Li NO 2447by default. 2448The video mode for full-screen mode (only for 2449.Xr syscons 4 2450console driver, see 2451.Xr vidcontrol 1 2452for valid modes). 2453.It Va isdn_fsdev 2454.Pq Vt str 2455Set to 2456.Dq Li NO 2457by default. 2458The output device for 2459.Xr isdnd 8 2460in full-screen mode (or 2461.Dq Li NO 2462for daemon mode). 2463.It Va isdn_trace 2464.Pq Vt bool 2465Set to 2466.Dq Li NO 2467by default. 2468When set to 2469.Dq Li YES , 2470enables the ISDN protocol trace utility 2471.Xr isdntrace 8 2472at system boot time. 2473.It Va isdn_traceflags 2474.Pq Vt str 2475Set to 2476.Dq Fl f Pa /var/tmp/isdntrace0 2477by default. 2478Flags for 2479.Xr isdntrace 8 . 2480.\" ----------------------------------------------------- 2481.It Va pcvt_verbose 2482.Pq Vt bool 2483Set to 2484.Dq Li NO 2485by default. 2486When set to 2487.Dq Li YES , 2488verbose messages about the actions done by the start script are displayed. 2489.Em Note : 2490the 2491.Xr pcvt 4 2492driver must be compiled into the kernel before the 2493.Xr pcvt 4 2494related 2495options described here take any effect. 2496.It Va pcvt_keymap 2497.Pq Vt str 2498Set to 2499.Dq Li NO 2500by default. 2501Use this to configure a national keyboard mapping found in the 2502.Pa /usr/share/misc/keycap.pcvt 2503file of keyboard mappings. 2504(See also the manual pages 2505.Xr keycap 5 2506and 2507.Xr keycap 3 2508for usage of 2509.Xr pcvt 4 Ns 's 2510keycap database and the manual page 2511.Xr kcon 1 2512option 2513.Fl m 2514for national keyboard mapping configuration.) 2515.It Va pcvt_keydel 2516.Pq Vt int 2517Set to 2518.Dq Li NO 2519by default. 2520Used to set the keyboard key repeat delay value. 2521Valid values are 2522in the range 0..3 for delay values of 250, 500, 750 and 1000 msec. 2523(See also the 2524.Xr kcon 1 2525manual page.) 2526.It Va pcvt_keyrate 2527.Pq Vt int 2528Set to 2529.Dq Li NO 2530by default. 2531Used to set the keyboard key repetition rate value. 2532Valid values are 2533in the range 0..31 for repetition values of 2..30 characters per second. 2534.It Va pcvt_keyrepeat 2535.Pq Vt bool 2536Set to 2537.Dq Li NO 2538by default. 2539Set to 2540.Dq Li YES 2541to enable automatic keyboard key repeating. 2542.It Va pcvt_force24 2543.Pq Vt bool 2544Set to 2545.Dq Li NO 2546by default. 2547Set to 2548.Dq Li YES 2549to force 2550.Xr pcvt 4 2551to use 24 lines only (in 25 lines mode) for compatibility 2552with the original 2553.Tn VT220 2554terminal. 2555.It Va pcvt_hpext 2556.Pq Vt bool 2557Set to 2558.Dq Li NO 2559by default. 2560Set to 2561.Dq Li YES 2562to enable the display and functionality of function key labels (as found 2563on 2564.Tn Hewlett-Packard 2565terminals such as the 2566.Tn HP2392A 2567and the 2568.Tn HP700/92 2569in 2570.Tn ANSI 2571mode). 2572.It Va pcvt_lines 2573.Pq Vt int 2574Set to 2575.Dq Li NO 2576by default resulting in a value of 25. 2577Used to set the number of lines on the screen. 2578For VGA displays, valid 2579values are 25, 28, 40 and 50 lines. 2580(See also the 2581.Xr scon 1 2582manual page.) 2583.It Va pcvt_blanktime 2584.Pq Vt int 2585Set to 2586.Dq Li NO 2587by default. 2588Used to set the screen saver timeout in seconds for values greater than 2589zero. 2590.It Va pcvt_cursorh 2591.Pq Vt int 2592Set to 2593.Dq Li NO 2594by default. 2595Used to set the cursor top scanline. 2596(See also the 2597.Xr cursor 1 2598manual page.) 2599.It Va pcvt_cursorl 2600.Pq Vt int 2601Set to 2602.Dq Li NO 2603by default. 2604Used to set the cursor bottom scanline. 2605.It Va pcvt_monohigh 2606.Pq Vt bool 2607Set to 2608.Dq Li NO 2609by default. 2610Set to 2611.Dq Li YES 2612to set intensity to high on monochrome monitors. 2613(See also the 2614.Xr scon 1 2615manual page, option 2616.Fl p , 2617for more information on changing VGA palette 2618values.) 2619.It Va harvest_interrupt 2620.Pq Vt bool 2621Set to 2622.Dq Li YES 2623to use hardware interrupts as an entropy source. 2624Refer to 2625.Xr random 4 2626for more information. 2627.It Va harvest_ethernet 2628.Pq Vt bool 2629Set to 2630.Dq Li YES 2631to use LAN traffic as an entropy source. 2632Refer to 2633.Xr random 4 2634for more information. 2635.It Va harvest_p_to_p 2636.Pq Vt bool 2637Set to 2638.Dq Li YES 2639to use serial line traffic as an entropy source. 2640Refer to 2641.Xr random 4 2642for more information. 2643.It Va entropy_dir 2644.Pq Vt str 2645Set to 2646.Dq Li NO 2647to disable caching entropy via 2648.Xr cron 8 . 2649Otherwise set to the directory used to store entropy files in. 2650.It Va entropy_file 2651.Pq Vt str 2652Set to 2653.Dq Li NO 2654to disable caching entropy through reboots. 2655Otherwise set to the filename used to store cached entropy through 2656reboots. 2657This file should be located on the root file system to seed the 2658.Xr random 4 2659device as early as possible in the boot process. 2660.It Va entropy_save_sz 2661.Pq Vt int 2662Size of the entropy cache files saved by 2663.Nm save-entropy 2664periodically. 2665.It Va entropy_save_num 2666.Pq Vt int 2667Number of entropy cache files to save by 2668.Nm save-entropy 2669periodically. 2670.It Va ipsec_enable 2671.Pq Vt bool 2672Set to 2673.Dq Li YES 2674to run 2675.Xr setkey 8 2676on 2677.Va ipsec_file 2678at boot time. 2679.It Va ipsec_file 2680.Pq Vt str 2681Configuration file for 2682.Xr setkey 8 . 2683.It Va dmesg_enable 2684.Pq Vt bool 2685Set to 2686.Dq Li YES 2687to save 2688.Xr dmesg 8 2689to 2690.Pa /var/run/dmesg.boot 2691on boot. 2692.It Va rcshutdown_timeout 2693.Pq Vt int 2694If set, start a watchdog timer in the background which will terminate 2695.Pa rc.shutdown 2696if 2697.Xr shutdown 8 2698has not completed within the specified time (in seconds). 2699.El 2700.Sh FILES 2701.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 2702.It Pa /etc/defaults/rc.conf 2703.It Pa /etc/rc.conf 2704.It Pa /etc/rc.conf.local 2705.El 2706.Sh SEE ALSO 2707.Xr catman 1 , 2708.Xr gdb 1 , 2709.Xr info 1 , 2710.Xr kbdcontrol 1 , 2711.Xr makewhatis 8 , 2712.Xr vidcontrol 1 , 2713.Xr ip 4 , 2714.Xr kld 4 , 2715.Xr tcp 4 , 2716.Xr udp 4 , 2717.Xr exports 5 , 2718.Xr motd 5 , 2719.Xr accton 8 , 2720.Xr amd 8 , 2721.Xr apm 8 , 2722.Xr atm 8 , 2723.Xr cron 8 , 2724.Xr dhclient 8 , 2725.Xr ifconfig 8 , 2726.Xr inetd 8 , 2727.Xr isdnd 8 , 2728.Xr isdntrace 8 , 2729.Xr kldxref 8 , 2730.Xr lpd 8 , 2731.Xr mdconfig 8 , 2732.Xr mountd 8 , 2733.Xr moused 8 , 2734.Xr mrouted 8 , 2735.Xr named 8 , 2736.Xr nfsd 8 , 2737.Xr ntpd 8 , 2738.Xr pcnfsd 8 , 2739.Xr quotacheck 8 , 2740.Xr quotaon 8 , 2741.Xr rc 8 , 2742.Xr rc.sendmail 8 , 2743.Xr route 8 , 2744.Xr routed 8 , 2745.Xr rpc.lockd 8 , 2746.Xr rpc.statd 8 , 2747.Xr rpcbind 8 , 2748.Xr rwhod 8 , 2749.Xr savecore 8 , 2750.Xr sshd 8 , 2751.Xr swapon 8 , 2752.Xr sysctl 8 , 2753.Xr syslogd 8 , 2754.Xr timed 8 , 2755.Xr usbd 8 , 2756.Xr vinum 8 , 2757.Xr yp 8 , 2758.Xr ypbind 8 , 2759.Xr ypserv 8 , 2760.Xr ypset 8 2761.Sh HISTORY 2762The 2763.Nm 2764file appeared in 2765.Fx 2.2.2 . 2766.Sh AUTHORS 2767.An Jordan K. Hubbard . 2768