1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" $DragonFly: src/share/man/man5/rc.conf.5,v 1.39 2007/06/02 23:53:26 swildner Exp $ 27.Dd June 2, 2007 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions 46directly. 47Instead, it is included by the 48various generic startup scripts in 49.Pa /etc 50which conditionalize their 51internal actions according to the settings found there. 52.Pp 53The 54.Pa /etc/rc.conf 55file is included from the file 56.Pa /etc/defaults/rc.conf , 57which specifies the default settings for all the available options. 58Options need only be specified in 59.Pa /etc/rc.conf 60when the system administrator wishes to override these defaults. 61The file 62.Pa /etc/rc.conf.local 63is used to override settings in 64.Pa /etc/rc.conf 65for historical reasons. 66See the 67.Va rc_conf_files 68variable below. 69.Pp 70The following list provides a name and short description for each 71variable that can be set in the 72.Nm 73file: 74.Bl -tag -width indent-two 75.It Va rc_debug 76.Pq Vt bool 77If set to 78.Dq Li YES , 79enable output of debug messages from rc scripts. 80This variable can be helpful in diagnosing mistakes when 81editing or integrating new scripts. 82Beware that this produces copious output to the terminal and 83.Xr syslog 3 . 84.It Va rc_info 85.Pq Vt bool 86If set to 87.Dq Li NO , 88disable informational messages from the rc scripts. 89Informational messages are displayed when 90a condition that is not serious enough to warrant a warning or 91an error occurs. 92.It Va swapfile 93.Pq Vt str 94If set to 95.Dq Li NO , 96no swapfile is installed, otherwise the value is used as the full 97pathname to a file to use for additional swap space. 98.It Va apm_enable 99.Pq Vt bool 100If set to 101.Dq Li YES , 102enable support for Automatic Power Management with 103the 104.Xr apm 8 105command. 106.It Va apmd_enable 107.Pq Vt bool 108Run 109.Xr apmd 8 110to handle APM event from userland. 111This also enables support for APM. 112.It Va apmd_flags 113.Pq Vt str 114If 115.Va apmd_enable 116is set to 117.Dq Li YES , 118these are the flags to pass to the 119.Xr apmd 8 120daemon. 121.It Va battd_enable 122Enable 123.Xr battd 8 124to monitor the status of batteries present in the system. 125This also enables support for APM. 126.It Va battd_flags 127.Pq Vt str 128If 129.Va battd_enable 130is set to 131.Dq Li YES , 132these are the flags to pass to the 133.Xr battd 8 134daemon. 135.It Va pccard_ifconfig 136.Pq Vt str 137List of arguments to be passed to 138.Xr ifconfig 8 139at boot time or on 140insertion of the card (e.g.\& 141.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 142for a fixed address or 143.Dq Li DHCP 144for a DHCP client). 145.It Va pccard_ether_delay 146.Pq Vt str 147Set the delay before starting 148.Xr dhclient 8 149in the 150.Pa /etc/pccard_ether 151script. 152This defaults to 5 seconds to work around a bug in the 153.Xr ed 4 154driver which can lead to system hangs when using some newer 155.Xr ed 4 156based cards. 157.It Va removable_interfaces 158.Pq Vt str 159List of removable network interfaces to be supported by 160.Pa /etc/pccard_ether . 161.It Va local_startup 162.Pq Vt str 163List of directories to search for startup script files. 164.It Va script_name_sep 165.Pq Vt str 166The field separator to use for breaking down the list of startup script files 167into individual filenames. 168The default is a space. 169It is not necessary to change this unless there are startup scripts with names 170containing spaces. 171.It Va hostname 172.Pq Vt str 173The fully qualified domain name (FQDN) of this host on the network. 174This should almost certainly be set to something meaningful, even if 175there is no network connection. 176If 177.Xr dhclient 8 178is used to set the hostname via DHCP, 179this variable should be set to an empty string. 180.It Va ipv6_enable 181.Pq Vt bool 182Enable support for IPv6 networking. 183Note that this requires that the kernel have been compiled with 184.Cd "options INET6" . 185.It Va nisdomainname 186.Pq Vt str 187The NIS domain name of this host, or 188.Dq Li NO 189if NIS is not used. 190.It Va dhclient_program 191.Pq Vt str 192Path to the DHCP client program 193.Pa ( /sbin/dhclient , 194the ISC DHCP client, 195is the default). 196.It Va dhclient_flags 197.Pq Vt str 198Additional flags to pass to the DHCP client program. 199For the ISC DHCP client, see the 200.Xr dhclient 8 201manpage for a description of the command line options available. 202.It Va background_dhclient 203.Pq Vt bool 204Set to 205.Dq Li YES 206to start the DHCP client in background. 207This can cause trouble with applications depending on 208a working network, but it will provide a faster startup 209in many cases. 210.It Va dhcpd_enable 211.Pq Vt bool 212Set to 213.Dq Li YES 214to run 215.Xr dhcpd 8 216at system boot time. 217.It Va dhcrelay_enable 218.Pq Vt bool 219Set to 220.Dq Li YES 221to run 222.Xr dhcrelay 8 223.It Va pf_enable 224.Pq Vt bool 225Set to 226.Dq Li YES 227to load 228.Xr pf 4 229at startup. 230If the kernel was not built with 231.Cd "device pf" , 232the 233.Pa pf.ko 234kernel module will be loaded. 235See also 236.Va firewall_enable 237and 238.Va ipfilter_enable . 239.It Va pf_rules 240.Pq Vt str 241Path to the 242.Xr pf 4 243ruleset definition file. 244.It Va pf_program 245.Pq Vt str 246Path to 247.Xr pfctl 8 . 248.It Va pf_flags 249.Pq Vt str 250If 251.Va pf_enable 252is set to 253.Dq Li YES , 254these are the flags to pass to 255.Xr pfctl 8 256when loading the ruleset. 257.It Va pflog_enable 258.Pq Vt bool 259Set this to 260.Dq Li YES 261to enable 262.Xr pflogd 8 263which logs packets from 264.Xr pf 4 . 265.It Va pflog_logfile 266.Pq Vt str 267If 268.Va pflog_enable 269is set to 270.Dq Li YES 271this specifies the path of the log file. 272.It Va pflog_program 273.Pq Vt str 274Path to 275.Xr pflogd 8 . 276.It Va pflog_flags 277.Pq Vt str 278If 279.Va pflog_enable 280is set to 281.Dq Li YES , 282these are the flags to pass to 283.Xr pflogd 8 . 284.It Va firewall_enable 285.Pq Vt bool 286Set to 287.Dq Li YES 288to load firewall rules at startup. 289If the kernel was not built with 290.Cd "options IPFIREWALL" , 291the 292.Pa ipfw.ko 293kernel module will be loaded. 294See also 295.Va pf_enable 296and 297.Va ipfilter_enable . 298.It Va ipv6_firewall_enable 299.Pq Vt bool 300The IPv6 equivalent of 301.Va firewall_enable . 302Set to 303.Dq Li YES 304to load IPv6 firewall rules at startup. 305If the kernel was not built with 306.Cd "options IPV6FIREWALL" , 307the 308.Pa ip6fw.ko 309kernel module will be loaded. 310.It Va firewall_script 311.Pq Vt str 312This variable specifies the full path to the firewall script to run. 313The default is 314.Pa /etc/rc.firewall . 315.It Va ipv6_firewall_script 316.Pq Vt str 317The IPv6 equivalent of 318.Va firewall_script . 319.It Va firewall_type 320.Pq Vt str 321Names the firewall type from the selection in 322.Pa /etc/rc.firewall , 323or the file which contains the local firewall ruleset. 324Valid selections from 325.Pa /etc/rc.firewall 326are: 327.Pp 328.Bl -tag -width ".Li simple" -compact 329.It Li open 330unrestricted IP access 331.It Li closed 332all IP services disabled, except via 333.Dq Li lo0 334.It Li client 335basic protection for a workstation on a LAN 336.It Li simple 337alias for 338.Li client . 339.El 340.Pp 341If a filename is specified, the full path 342must be given. 343.It Va firewall_trusted_nets 344.Pq Vt str 345List of trusted networks (if 346.Va firewall_type 347is set to 348.Li client ) . 349.It Va firewall_trusted_interfaces 350.Pq Vt str 351List of trusted network interfaces (if 352.Va firewall_type 353is set to 354.Li client ) . 355.It Va firewall_allowed_icmp_types 356.Pq Vt str 357List of allowed ICMP types (if 358.Va firewall_type 359is set to 360.Li client ) . 361.It Va firewall_open_tcp_ports 362.Pq Vt str 363List of TCP ports to open (if 364.Va firewall_type 365is set to 366.Li client ) . 367.It Va firewall_open_udp_ports 368.Pq Vt str 369List of UDP ports to open (if 370.Va firewall_type 371is set to 372.Li client ) . 373.It Va ipv6_firewall_type 374.Pq Vt str 375The IPv6 equivalent of 376.Va firewall_type . 377.It Va firewall_quiet 378.Pq Vt bool 379Set to 380.Dq Li YES 381to disable the display of firewall rules on the console during boot. 382.It Va ipv6_firewall_quiet 383.Pq Vt bool 384The IPv6 equivalent of 385.Va firewall_quiet . 386.It Va firewall_logging 387.Pq Vt bool 388Set to 389.Dq Li YES 390to enable firewall event logging. 391This is equivalent to the 392.Dv IPFIREWALL_VERBOSE 393kernel option. 394.It Va ipv6_firewall_logging 395.Pq Vt bool 396The IPv6 equivalent of 397.Va firewall_logging . 398.It Va firewall_flags 399.Pq Vt str 400Flags passed to 401.Xr ipfw 8 402if 403.Va firewall_type 404specifies a filename. 405.It Va ipv6_firewall_flags 406.Pq Vt str 407The IPv6 equivalent of 408.Va firewall_flags . 409.It Va natd_program 410.Pq Vt str 411Path to 412.Xr natd 8 . 413.It Va natd_enable 414.Pq Vt bool 415Set to 416.Dq Li YES 417to enable 418.Xr natd 8 . 419.Va firewall_enable 420must also be set to 421.Dq Li YES , 422and 423.Xr divert 4 424sockets must be enabled in the kernel. 425.It Va natd_interface 426.Pq Vt str 427This is the name of the public interface on which 428.Xr natd 8 429should run. 430The interface may be given as an interface name or as an IP address. 431.It Va natd_flags 432.Pq Vt str 433Additional 434.Xr natd 8 435flags should be placed here. 436The 437.Fl n 438or 439.Fl a 440flag is automatically added with the above 441.Va natd_interface 442as an argument. 443.\" ----- ipfilter_enable setting -------------------------------- 444.It Va ipfilter_enable 445.Pq Vt bool 446Set to 447.Dq Li NO 448by default. 449Setting this to 450.Dq Li YES 451enables 452.Xr ipf 8 453packet filtering. 454.Pp 455Typical usage will require putting 456.Bd -literal 457ipfilter_enable="YES" 458ipnat_enable="YES" 459ipmon_enable="YES" 460ipfs_enable="YES" 461.Ed 462.Pp 463into 464.Pa /etc/rc.conf 465and editing 466.Pa /etc/ipf.rules 467and 468.Pa /etc/ipnat.rules 469appropriately. 470.Pp 471Note that 472.Va ipfilter_enable 473and 474.Va ipnat_enable 475can be enabled independently. 476.Va ipmon_enable 477and 478.Va ipfs_enable 479both require at least one of 480.Va ipfilter_enable 481and 482.Va ipnat_enable 483to be enabled. 484.Pp 485Having 486.Bd -literal 487options IPFILTER 488options IPFILTER_LOG 489options IPFILTER_DEFAULT_BLOCK 490.Ed 491.Pp 492in the kernel configuration file is a good idea, too. 493See also 494.Va pf_enable 495and 496.Va firewall_enable . 497.\" ----- ipfilter_program setting ------------------------------ 498.It Va ipfilter_program 499.Pq Vt str 500Path to 501.Xr ipf 8 502(default 503.Pa /sbin/ipf ) . 504.\" ----- ipfilter_rules setting -------------------------------- 505.It Va ipfilter_rules 506.Pq Vt str 507Set to 508.Pa /etc/ipf.rules 509by default. 510This variable contains the name of the filter rule definition file. 511The file is expected to be readable for the 512.Xr ipf 8 513command to execute. 514.\" ----- ipv6_ipfilter_rules setting --------------------------- 515.It Va ipv6_ipfilter_rules 516.Pq Vt str 517Set to 518.Pa /etc/ipf6.rules 519by default. 520This variable contains the IPv6 filter rule definition file. 521The file is expected to be readable for the 522.Xr ipf 8 523command to execute. 524.\" ----- ipfilter_flags setting -------------------------------- 525.It Va ipfilter_flags 526.Pq Vt str 527Empty by default. 528This variable contains flags passed to the 529.Xr ipf 8 530program. 531.\" ----- ipnat_enable setting ---------------------------------- 532.It Va ipnat_enable 533.Pq Vt bool 534Set to 535.Dq Li NO 536by default. 537Set it to 538.Dq Li YES 539to enable 540.Xr ipnat 8 541network address translation. 542See 543.Va ipfilter_enable 544for a detailed discussion. 545.\" ----- ipnat_program setting --------------------------------- 546.It Va ipnat_program 547.Pq Vt str 548Path to 549.Xr ipnat 8 550(default 551.Pa /sbin/ipnat ) . 552.\" ----- ipnat_rules setting ----------------------------------- 553.It Va ipnat_rules 554.Pq Vt str 555Set to 556.Pa /etc/ipnat.rules 557by default. 558This variable contains the name of the file 559holding the network address translation definition. 560This file is expected to be readable for the 561.Xr ipnat 8 562command to execute. 563.\" ----- ipnat_flags setting ----------------------------------- 564.It Va ipnat_flags 565.Pq Vt str 566Empty by default. 567This variable contains flags passed to the 568.Xr ipnat 8 569program. 570.\" ----- ipmon_enable setting ---------------------------------- 571.It Va ipmon_enable 572.Pq Vt bool 573Set to 574.Dq Li NO 575by default. 576Set it to 577.Dq Li YES 578to enable 579.Xr ipmon 8 580monitoring (logging 581.Xr ipf 8 582and 583.Xr ipnat 8 584events). 585Setting this variable needs setting 586.Va ipfilter_enable 587or 588.Va ipnat_enable 589too. 590See 591.Va ipfilter_enable 592for a detailed discussion. 593.\" ----- ipmon_program setting --------------------------------- 594.It Va ipmon_program 595.Pq Vt str 596Path to 597.Xr ipmon 8 598(default 599.Pa /sbin/ipmon ) . 600.\" ----- ipmon_flags setting ----------------------------------- 601.It Va ipmon_flags 602.Pq Vt str 603Set to 604.Dq Li -Ds 605by default. 606This variable contains flags passed to the 607.Xr ipmon 8 608program. 609Another typical example would be 610.Dq Fl D Pa /var/log/ipflog 611to have 612.Xr ipmon 8 613log directly to a file bypassing 614.Xr syslogd 8 . 615Make sure to adjust 616.Pa /etc/newsyslog.conf 617in such case like this: 618.Bd -literal 619/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 620.Ed 621.\" ----- ipfs_enable setting ----------------------------------- 622.It Va ipfs_enable 623.Pq Vt bool 624Set to 625.Dq Li NO 626by default. 627Set it to 628.Dq Li YES 629to enable 630.Xr ipfs 8 631saving the filter and NAT state tables during shutdown 632and reloading them during startup again. 633Setting this variable needs setting 634.Va ipfilter_enable 635or 636.Va ipnat_enable 637to 638.Dq Li YES 639too. 640See 641.Va ipfilter_enable 642for a detailed discussion. 643Note that if 644.Va kern_securelevel 645is set to 3, 646.Va ipfs_enable 647cannot be used 648because the raised securelevel will prevent 649.Xr ipfs 8 650from saving the state tables at shutdown time. 651.\" ----- ipfs_program setting ---------------------------------- 652.It Va ipfs_program 653.Pq Vt str 654Path to 655.Xr ipfs 8 656(default 657.Pa /sbin/ipfs ) . 658.\" ----- ipfs_flags setting ------------------------------------ 659.It Va ipfs_flags 660.Pq Vt str 661Empty by default. 662This variable contains flags passed to the 663.Xr ipfs 8 664program. 665.\" ----- end of added ipf hook --------------------------------- 666.It Va tcp_extensions 667.Pq Vt bool 668Set to 669.Dq Li YES 670by default. 671Setting this to 672.Dq Li NO 673disables certain TCP options as described by 674.Rs 675.%T "RFC 1323" 676.Re 677Setting this to 678.Dq Li NO 679might help remedy such problems with connections as randomly hanging 680or other weird behavior. 681Some network devices are known 682to be broken with respect to these options. 683.It Va log_in_vain 684.Pq Vt int 685Set to 0 by default. 686The 687.Xr sysctl 8 688variables, 689.Va net.inet.tcp.log_in_vain 690and 691.Va net.inet.udp.log_in_vain , 692as described in 693.Xr tcp 4 694and 695.Xr udp 4 , 696are set to the given value. 697.It Va tcp_keepalive 698.Pq Vt bool 699Set to 700.Dq Li YES 701by default. 702Setting to 703.Dq Li NO 704will disable probing idle TCP connections to verify that the 705peer is still up and reachable. 706.It Va tcp_drop_synfin 707.Pq Vt bool 708Set to 709.Dq Li NO 710by default. 711Setting to 712.Dq Li YES 713will cause the kernel to ignore TCP frames that have both 714the SYN and FIN flags set. 715This prevents OS fingerprinting, but may 716break some legitimate applications. 717This option is only available if the 718kernel was built with the 719.Dv TCP_DROP_SYNFIN 720option. 721.It Va icmp_drop_redirect 722.Pq Vt bool 723Set to 724.Dq Li NO 725by default. 726Setting to 727.Dq Li YES 728will cause the kernel to ignore ICMP REDIRECT packets. 729Refer to 730.Xr icmp 4 731for more information. 732.It Va icmp_log_redirect 733.Pq Vt bool 734Set to 735.Dq Li NO 736by default. 737Setting to 738.Dq Li YES 739will cause the kernel to log ICMP REDIRECT packets. 740Note that 741the log messages are not rate-limited, so this option should only be used 742for troubleshooting networks. 743Refer to 744.Xr icmp 4 745for more information. 746.It Va icmp_bmcastecho 747.Pq Vt bool 748Set to 749.Dq Li YES 750to respond to broadcast or multicast ICMP ping packets. 751Refer to 752.Xr icmp 4 753for more information. 754.It Va ip_portrange_first 755.Pq Vt int 756If not set to 757.Dq Li NO , 758this is the first port in the default portrange. 759Refer to 760.Xr ip 4 761for more information. 762.It Va ip_portrange_last 763.Pq Vt int 764If not set to 765.Dq Li NO , 766this is the last port in the default portrange. 767Refer to 768.Xr ip 4 769for more information. 770.It Va network_interfaces 771.Pq Vt str 772Set to the list of network interfaces to configure on this host. 773For example, if the only network devices in the system are the loopback 774device 775.Pq Li lo0 776and a NIC using the 777.Xr ed 4 778driver, 779this could be set to 780.Dq Li "lo0 ed0" . 781An 782.Va ifconfig_ Ns Aq Ar interface 783variable is also assumed to exist for each value of 784.Ar interface . 785It is also possible to add IP alias entries here in cases where 786multiple IP addresses registered against a single interface 787are desired. 788Assuming that the interface in question was 789.Li ed0 , 790it might look 791something like this: 792.Bd -literal 793ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 794ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 795.Ed 796.Pp 797And so on. 798For each 799.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 800entry that is found, 801its contents are passed to 802.Xr ifconfig 8 . 803Execution stops at the first unsuccessful access, so if 804something like this is present: 805.Bd -literal 806ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 807ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 808ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 809ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 810.Ed 811.Pp 812Then note that alias4 would 813.Em not 814be added since the search would 815stop with the missing alias3 entry. 816.Pp 817If the 818.Pa /etc/start_if. Ns Aq Ar interface 819file is present, it is read and executed by the 820.Xr sh 1 821interpreter 822before configuring the interface as specified in the 823.Va ifconfig_ Ns Aq Ar interface 824and 825.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 826variables. 827.Pp 828It is possible to bring up an interface with DHCP by setting the 829.Va ifconfig_ Ns Aq Ar interface 830variable to 831.Dq Li DHCP . 832For instance, to initialize the 833.Li ed0 834device via DHCP, 835it is possible to use something like: 836.Bd -literal 837ifconfig_ed0="DHCP" 838.Ed 839.It Va ipv6_network_interfaces 840.Pq Vt str 841This is the IPv6 equivalent of 842.Va network_interfaces . 843Instead of setting the ifconfig variables as 844.Va ifconfig_ Ns Aq Ar interface 845they should be set as 846.Va ipv6_ifconfig_ Ns Aq Ar interface . 847Aliases should be set as 848.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 849.Va ipv6_prefix_ Ns Aq Ar interface 850does something. 851Interfaces that do not have a 852.Va ipv6_ifconfig_ Ns Aq Ar interface 853setting will be auto configured by 854.Xr rtsol 8 855if the 856.Va ipv6_gateway_enable 857is set to 858.Dq Li NO . 859Note that the IPv6 networking code does not support the 860.Pa /etc/start_if. Ns Aq Ar interface 861files. 862.It Va ipv6_default_interface 863.Pq Vt str 864If not set to 865.Dq Li NO , 866this is the default output interface for scoped addresses. 867Now this works only for IPv6 link local multicast addresses. 868.It Va cloned_interfaces 869.Pq Vt str 870Set to the list of clonable network interfaces to create on this host. 871Entries in 872.Va cloned_interfaces 873are automatically appended to 874.Va network_interfaces 875for configuration. 876.It Va gif_interfaces 877.Pq Vt str 878Set to the list of 879.Xr gif 4 880tunnel interfaces to configure on this host. 881A 882.Va gifconfig_ Ns Aq Ar interface 883variable is assumed to exist for each value of 884.Ar interface . 885The value of this variable is used to configure the link layer of the 886tunnel according to the syntax of the 887.Cm tunnel 888option to 889.Xr ifconfig 8 . 890Additionally, this option ensures that each listed interface is created 891via the 892.Cm create 893option to 894.Xr ifconfig 8 895before attempting to configure it. 896.It Va sppp_interfaces 897.Pq Vt str 898Set to the list of 899.Xr sppp 4 900interfaces to configure on this host. 901A 902.Va spppconfig_ Ns Aq Ar interface 903variable is assumed to exist for each value of 904.Ar interface . 905Each interface should also be configured by a general 906.Va ifconfig_ Ns Aq Ar interface 907setting. 908Refer to 909.Xr spppcontrol 8 910for more information about available options. 911.It Va ppp_enable 912.Pq Vt bool 913If set to 914.Dq Li YES , 915run the 916.Xr ppp 8 917daemon. 918.It Va ppp_mode 919.Pq Vt str 920Mode in which to run the 921.Xr ppp 8 922daemon. 923Accepted modes are 924.Dq Li auto , 925.Dq Li ddial , 926.Dq Li direct 927and 928.Dq Li dedicated . 929See the manual for a full description. 930.It Va ppp_nat 931.Pq Vt bool 932If set to 933.Dq Li YES , 934enables network address translation. 935Used in conjunction with 936.Va gateway_enable 937allows hosts on private network addresses access to the Internet using 938this host as a network address translating router. 939.It Va ppp_profile 940.Pq Vt str 941The name of the profile to use from 942.Pa /etc/ppp/ppp.conf . 943.It Va ppp_user 944.Pq Vt str 945The name of the user under which 946.Xr ppp 8 947should be started. 948By 949default, 950.Xr ppp 8 951is started as 952.Dq Li root . 953.It Va rc_conf_files 954.Pq Vt str 955This option is used to specify a list of files that will override 956the settings in 957.Pa /etc/defaults/rc.conf . 958The files will be read in the order in which they are specified and should 959include the full path to the file. 960By default, the files specified are 961.Pa /etc/rc.conf 962and 963.Pa /etc/rc.conf.local 964.It Va fsck_y_enable 965.Pq Vt bool 966If set to 967.Dq Li YES , 968.Xr fsck 8 969will be run with the 970.Fl y 971flag if the initial preen 972of the file systems fails. 973.It Va netfs_types 974.Pq Vt str 975List of file system types that are network-based. 976This list should generally not be modified by end users. 977Use 978.Va extra_netfs_types 979instead. 980.It Va extra_netfs_types 981.Pq Vt str 982If set to something other than 983.Dq Li NO 984(the default), 985this variable extends the list of file system types 986for which automatic mounting at startup by 987.Xr rc 8 988should be delayed until the network is initialized. 989It should contain 990a whitespace-separated list of network file system descriptor pairs, 991each consisting of a file system type as passed to 992.Xr mount 8 993and a human-readable, one-word description, 994joined with a colon 995.Pq Ql \&: . 996Extending the default list in this way is only necessary 997when third party file system types are used. 998.It Va syslogd_enable 999.Pq Vt bool 1000If set to 1001.Dq Li YES , 1002run the 1003.Xr syslogd 8 1004daemon. 1005.It Va syslogd_program 1006.Pq Vt str 1007Path to 1008.Xr syslogd 8 1009(default 1010.Pa /usr/sbin/syslogd ) . 1011.It Va syslogd_flags 1012.Pq Vt str 1013If 1014.Va syslogd_enable 1015is set to 1016.Dq Li YES , 1017these are the flags to pass to 1018.Xr syslogd 8 . 1019.It Va inetd_enable 1020.Pq Vt bool 1021If set to 1022.Dq Li YES , 1023run the 1024.Xr inetd 8 1025daemon. 1026.It Va inetd_program 1027.Pq Vt str 1028Path to 1029.Xr inetd 8 1030(default 1031.Pa /usr/sbin/inetd ) . 1032.It Va inetd_flags 1033.Pq Vt str 1034If 1035.Va inetd_enable 1036is set to 1037.Dq Li YES , 1038these are the flags to pass to 1039.Xr inetd 8 . 1040.It Va named_enable 1041.Pq Vt bool 1042If set to 1043.Dq Li YES , 1044run the 1045.Xr named 8 1046daemon. 1047.It Va named_program 1048.Pq Vt str 1049Path to 1050.Xr named 8 1051(default 1052.Pa /usr/sbin/named ) . 1053.It Va named_flags 1054.Pq Vt str 1055If 1056.Va named_enable 1057is set to 1058.Dq Li YES , 1059these are the flags to pass to 1060.Xr named 8 . 1061.It Va named_pidfile 1062.Pq Vt str 1063This is the default path to the 1064.Xr named 8 1065daemon's PID file. 1066Change it if you change the location in 1067.Pa /etc/namedb/named.conf . 1068.It Va named_chrootdir 1069.Pq Vt str 1070The root directory for a name server run in a 1071.Xr chroot 8 1072environment. 1073If left empty 1074.Xr named 8 1075will not be run in a 1076.Xr chroot 8 1077environment. 1078.It Va kerberos5_server_enable 1079.Pq Vt bool 1080Set to 1081.Dq Li YES 1082to start a Kerberos 5 authentication server 1083at boot time. 1084.It Va kerberos5_server_program 1085.Pq Vt str 1086If 1087.Va kerberos5_server_enable 1088is set to 1089.Dq Li YES 1090this is the path to Kerberos 5 Authentication Server. 1091.It Va kadmind5_server_enable 1092.Pq Vt bool 1093Set to 1094.Dq Li YES 1095to start 1096.Xr kadmind 8 , 1097the Kerberos 5 Administration Daemon; set to 1098.Dq Li NO 1099on a slave server. 1100.It Va kadmind5_server_program 1101.Pq Vt str 1102If 1103.Va kadmind5_server_enable 1104is set to 1105.Dq Li YES 1106this is the path to Kerberos 5 Administration Daemon. 1107.It Va kpasswdd_server_enable 1108.Pq Vt bool 1109Set to 1110.Dq Li YES 1111to start 1112.Xr kpasswdd 8 , 1113the Kerberos 5 Password-Changing Daemon; set to 1114.Dq Li NO 1115on a slave server. 1116.It Va kpasswdd_server_program 1117.Pq Vt str 1118If 1119.Va kpasswdd_server_enable 1120is set to 1121.Dq Li YES 1122this is the path to Kerberos 5 Password-Changing Daemon. 1123.It Va rwhod_enable 1124.Pq Vt bool 1125If set to 1126.Dq Li YES , 1127run the 1128.Xr rwhod 8 1129daemon at boot time. 1130.It Va rwhod_flags 1131.Pq Vt str 1132If 1133.Va rwhod_enable 1134is set to 1135.Dq Li YES , 1136these are the flags to pass to it. 1137.It Va amd_enable 1138.Pq Vt bool 1139If set to 1140.Dq Li YES , 1141run the 1142.Xr amd 8 1143daemon at boot time. 1144.It Va amd_flags 1145.Pq Vt str 1146If 1147.Va amd_enable 1148is set to 1149.Dq Li YES , 1150these are the flags to pass to it. 1151See the 1152.Xr amd 8 1153manpage for more information. 1154.It Va amd_map_program 1155.Pq Vt str 1156If set, 1157the specified program is run to get the list of 1158.Xr amd 8 1159maps. 1160For example, if the 1161.Xr amd 8 1162maps are stored in NIS, one can set this to 1163run 1164.Xr ypcat 1 1165to get a list of 1166.Xr amd 8 1167maps from the 1168.Pa amd.master 1169NIS map. 1170.It Va update_motd 1171.Pq Vt bool 1172If set to 1173.Dq Li YES , 1174.Pa /etc/motd 1175will be updated at boot time to reflect the kernel release 1176being run. 1177If set to 1178.Dq Li NO , 1179.Pa /etc/motd 1180will not be updated. 1181.It Va nfs_client_enable 1182.Pq Vt bool 1183If set to 1184.Dq Li YES , 1185run the NFS client daemons at boot time. 1186.It Va nfs_client_flags 1187.Pq Vt str 1188If 1189.Va nfs_client_enable 1190is set to 1191.Dq Li YES , 1192these are the flags to pass to the 1193.Xr nfsiod 8 1194daemon. 1195.It Va nfs_access_cache 1196.Pq Vt int 1197If 1198.Va nfs_client_enable 1199is set to 1200.Dq Li YES , 1201this can be set to 1202.Dq Li 0 1203to disable NFS ACCESS RPC caching, or to the number of seconds for which 1204NFS ACCESS 1205results should be cached. 1206A value of 2-10 seconds will substantially reduce network traffic for 1207many NFS operations. The default is 5 seconds. Note that the attribute 1208cache holds stat information only. The NFS data cache is independent 1209of the attribute cache and is only invalidated when the client detects that 1210the server has modified the underlying file. This value specifies a 1211maximum timeout. The NFS client will automatically use a shorter timeout 1212for files which have been recently modified. 1213.It Va nfs_neg_cache 1214.Pq Vt int 1215If 1216.Va nfs_client_enable 1217is set to 1218.Dq Li YES , 1219this can be set to 1220.Dq Li 0 1221to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1222filenames), or to the number of seconds for which negative lookups should 1223be cached. 1224A value of 2-10 seconds will substantially reduce network 1225traffic for many NFS operations, especially source code builds. The 1226default is 3 seconds. 1227.It Va nfs_server_enable 1228.Pq Vt bool 1229If set to 1230.Dq Li YES , 1231run the NFS server daemons at boot time. 1232.It Va nfs_server_flags 1233.Pq Vt str 1234If 1235.Va nfs_server_enable 1236is set to 1237.Dq Li YES , 1238these are the flags to pass to the 1239.Xr nfsd 8 1240daemon. 1241.It Va mountd_enable 1242.Pq Vt bool 1243If set to 1244.Dq Li YES , 1245and no 1246.Va nfs_server_enable 1247is set, start 1248.Xr mountd 8 , 1249but not 1250.Xr nfsd 8 1251daemon. 1252It is commonly needed to run CFS without real NFS used. 1253.It Va mountd_flags 1254.Pq Vt str 1255If 1256.Va mountd_enable 1257is set to 1258.Dq Li YES , 1259these are the flags to pass to the 1260.Xr mountd 8 1261daemon. 1262.It Va weak_mountd_authentication 1263.Pq Vt bool 1264If set to 1265.Dq Li YES , 1266allow services like PCNFSD to make non-privileged mount 1267requests. 1268.It Va nfs_reserved_port_only 1269.Pq Vt bool 1270If set to 1271.Dq Li YES , 1272provide NFS services only on a secure port. 1273.It Va nfs_bufpackets 1274.Pq Vt int 1275If set to a number, indicates the number of packets worth of 1276socket buffer space to reserve on an NFS client. 1277The kernel default is typically 4. 1278Using a higher number may be 1279useful on gigabit networks to improve performance. 1280The minimum value is 12812 and the maximum is 64. 1282.It Va rpc_umntall_enable 1283.Pq Vt bool 1284If set to 1285.Dq Li YES 1286(default) and we are also an NFS client, run 1287.Xr rpc.umntall 8 1288at boot time to clear out old mounts on remote servers. 1289If set to 1290.Dq Li NO 1291then 1292.Xr rpc.umntall 8 1293will not be run at boot time. 1294.It Va rpc_lockd_enable 1295.Pq Vt bool 1296If set to 1297.Dq Li YES 1298and also an NFS server, run 1299.Xr rpc.lockd 8 1300at boot time. 1301.It Va rpc_statd_enable 1302.Pq Vt bool 1303If set to 1304.Dq Li YES 1305and also an NFS server, run 1306.Xr rpc.statd 8 1307at boot time. 1308.It Va rpcbind_program 1309.Pq Vt str 1310Path to 1311.Xr rpcbind 8 1312(default 1313.Pa /usr/sbin/rpcbind ) . 1314.It Va rpcbind_enable 1315.Pq Vt bool 1316If set to 1317.Dq Li YES , 1318run the 1319.Xr rpcbind 8 1320service at boot time. 1321.It Va rpcbind_flags 1322.Pq Vt str 1323If 1324.Va rpcbind_enable 1325is set to 1326.Dq Li YES , 1327these are the flags to pass to the 1328.Xr rpcbind 8 1329daemon. 1330.It Va keyserv_enable 1331.Pq Vt bool 1332If set to 1333.Dq Li YES , 1334run the 1335.Xr keyserv 8 1336daemon on boot for running Secure RPC. 1337.It Va keyserv_flags 1338.Pq Vt str 1339If 1340.Va keyserv_enable 1341is set to 1342.Dq Li YES , 1343these are the flags to pass to 1344.Xr keyserv 8 1345daemon. 1346.It Va pppoed_enable 1347.Pq Vt bool 1348If set to 1349.Dq Li YES , 1350run the 1351.Xr pppoed 8 1352daemon at boot time to provide PPP over Ethernet services. 1353.It Va pppoed_provider 1354.Pq Vt str 1355.Xr pppoed 8 1356listens to requests to this provider and ultimately runs 1357.Xr ppp 8 1358with a 1359.Ar system 1360argument of the same name. 1361.It Va pppoed_flags 1362.Pq Vt str 1363Additional flags to pass to 1364.Xr pppoed 8 . 1365.It Va pppoed_interface 1366.Pq Vt str 1367The network interface to run 1368.Xr pppoed 8 1369on. 1370This is mandatory when 1371.Va pppoed_enable 1372is set to 1373.Dq Li YES . 1374.It Va timed_enable 1375.Pq Vt bool 1376If set to 1377.Dq Li YES , 1378run the 1379.Xr timed 8 1380service at boot time. 1381This command is intended for networks of 1382machines where a consistent 1383.Dq "network time" 1384for all hosts must be established. 1385This is often useful in large NFS 1386environments where time stamps on files are expected to be consistent 1387network-wide. 1388.It Va timed_flags 1389.Pq Vt str 1390If 1391.Va timed_enable 1392is set to 1393.Dq Li YES , 1394these are the flags to pass to the 1395.Xr timed 8 1396service. 1397.It Va ntpd_enable 1398.Pq Vt bool 1399If set to 1400.Dq Li YES , 1401run the 1402.Xr ntpd 8 1403command at boot time. 1404.It Va ntpd_program 1405.Pq Vt str 1406Path to 1407.Xr ntpd 8 1408(default 1409.Pa /usr/sbin/ntpd ) . 1410.It Va ntpd_flags 1411.Pq Vt str 1412If 1413.Va ntpd_enable 1414is set to 1415.Dq Li YES , 1416these are the flags to pass to the 1417.Xr ntpd 8 1418daemon. Set to 1419.Dq Li -s 1420by default which sets the time immediately at startup if the 1421local clock is off by more than 180 seconds. To prevent 1422.Xr ntpd 8 1423from doing this, set 1424.Va ntpd_flags 1425to 1426.Dq Li -S . 1427.It Va dntpd_enable 1428.Pq Vt bool 1429If set to 1430.Dq Li YES , 1431run 1432.Xr dntpd 8 1433at system boot time. 1434.It Va dntpd_program 1435.Pq Vt str 1436Path to 1437.Xr dntpd 8 1438(default 1439.Pa /usr/sbin/dntpd ) . 1440.It Va dntpd_flags 1441.Pq Vt str 1442If 1443.Va dntpd_enable 1444is set to 1445.Dq Li YES , 1446these are the flags to pass to the 1447.Xr dntpd 8 1448daemon. 1449.It Va nis_client_enable 1450.Pq Vt bool 1451If set to 1452.Dq Li YES , 1453run the 1454.Xr ypbind 8 1455service at system boot time. 1456.It Va nis_client_flags 1457.Pq Vt str 1458If 1459.Va nis_client_enable 1460is set to 1461.Dq Li YES , 1462these are the flags to pass to the 1463.Xr ypbind 8 1464service. 1465.It Va nis_ypset_enable 1466.Pq Vt bool 1467If set to 1468.Dq Li YES , 1469run the 1470.Xr ypset 8 1471daemon at system boot time. 1472.It Va nis_ypset_flags 1473.Pq Vt str 1474If 1475.Va nis_ypset_enable 1476is set to 1477.Dq Li YES , 1478these are the flags to pass to the 1479.Xr ypset 8 1480daemon. 1481.It Va nis_server_enable 1482.Pq Vt bool 1483If set to 1484.Dq Li YES , 1485run the 1486.Xr ypserv 8 1487daemon at system boot time. 1488.It Va nis_server_flags 1489.Pq Vt str 1490If 1491.Va nis_server_enable 1492is set to 1493.Dq Li YES , 1494these are the flags to pass to the 1495.Xr ypserv 8 1496daemon. 1497.It Va nis_ypxfrd_enable 1498.Pq Vt bool 1499If set to 1500.Dq Li YES , 1501run the 1502.Xr rpc.ypxfrd 8 1503daemon at system boot time. 1504.It Va nis_ypxfrd_flags 1505.Pq Vt str 1506If 1507.Va nis_ypxfrd_enable 1508is set to 1509.Dq Li YES , 1510these are the flags to pass to the 1511.Xr rpc.ypxfrd 8 1512daemon. 1513.It Va nis_yppasswdd_enable 1514.Pq Vt bool 1515If set to 1516.Dq Li YES , 1517run the 1518.Xr rpc.yppasswdd 8 1519daemon at system boot time. 1520.It Va nis_yppasswdd_flags 1521.Pq Vt str 1522If 1523.Va nis_yppasswdd_enable 1524is set to 1525.Dq Li YES , 1526these are the flags to pass to the 1527.Xr rpc.yppasswdd 8 1528daemon. 1529.It Va rpc_ypupdated_enable 1530.Pq Vt bool 1531If set to 1532.Dq Li YES , 1533run the 1534.Nm rpc.ypupdated 1535daemon at system boot time. 1536.It Va defaultrouter 1537.Pq Vt str 1538If not set to 1539.Dq Li NO , 1540create a default route to this host name or IP address 1541(use an IP address if this router is also required to get to the 1542name server!). 1543.It Va ipv6_defaultrouter 1544.Pq Vt str 1545The IPv6 equivalent of 1546.Va defaultrouter . 1547.It Va static_routes 1548.Pq Vt str 1549Set to the list of static routes that are to be added at system 1550boot time. 1551If not set to 1552.Dq Li NO 1553then for each whitespace separated 1554.Ar element 1555in the value, a 1556.Va route_ Ns Aq Ar element 1557variable is assumed to exist 1558whose contents will later be passed to a 1559.Dq Nm route Cm add 1560operation. 1561.It Va ipv6_static_routes 1562.Pq Vt str 1563The IPv6 equivalent of 1564.Va static_routes . 1565If not set to 1566.Dq Li NO 1567then for each whitespace separated 1568.Ar element 1569in the value, a 1570.Va ipv6_route_ Ns Aq Ar element 1571variable is assumed to exist 1572whose contents will later be passed to a 1573.Dq Nm route Cm add Fl inet6 1574operation. 1575.It Va gateway_enable 1576.Pq Vt bool 1577If set to 1578.Dq Li YES , 1579configure host to act as an IP router, e.g. to forward packets 1580between interfaces. 1581.It Va ipv6_gateway_enable 1582.Pq Vt bool 1583The IPv6 equivalent of 1584.Va gateway_enable . 1585.It Va router_enable 1586.Pq Vt bool 1587If set to 1588.Dq Li YES , 1589run a routing daemon of some sort, based on the 1590settings of 1591.Va router_program 1592and 1593.Va router_flags . 1594.It Va ipv6_router_enable 1595.Pq Vt bool 1596The IPv6 equivalent of 1597.Va router_enable . 1598If set to 1599.Dq Li YES , 1600run a routing daemon of some sort, based on the 1601settings of 1602.Va ipv6_router_program 1603and 1604.Va ipv6_router_flags . 1605.It Va router_program 1606.Pq Vt str 1607If 1608.Va router_enable 1609is set to 1610.Dq Li YES , 1611this is the name of the routing daemon to use. 1612.It Va ipv6_router_program 1613.Pq Vt str 1614The IPv6 equivalent of 1615.Va router_program . 1616.It Va router_flags 1617.Pq Vt str 1618If 1619.Va router_enable 1620is set to 1621.Dq Li YES , 1622these are the flags to pass to the routing daemon. 1623.It Va ipv6_router_flags 1624.Pq Vt str 1625The IPv6 equivalent of 1626.Va router_flags . 1627.It Va mrouted_enable 1628.Pq Vt bool 1629If set to 1630.Dq Li YES , 1631run the multicast routing daemon, 1632.Xr mrouted 8 . 1633.It Va mroute6d_enable 1634.Pq Vt bool 1635The IPv6 equivalent of 1636.Va mrouted_enable . 1637If set to 1638.Dq Li YES , 1639run the IPv6 multicast routing daemon. 1640Note that no IPv6 multicast routing daemon is included in the 1641.Dx 1642base system but 1643.Xr pim6dd 8 1644can be installed from the 1645.Xr pkgsrc 7 1646collection. 1647.It Va mrouted_flags 1648.Pq Vt str 1649If 1650.Va mrouted_enable 1651is set to 1652.Dq Li YES , 1653these are the flags to pass to the 1654.Xr mrouted 8 1655daemon. 1656.It Va mroute6d_flags 1657.Pq Vt str 1658The IPv6 equivalent of 1659.Va mrouted_flags . 1660If 1661.Va mroute6d_enable 1662is set to 1663.Dq Li YES , 1664these are the flags passed to the IPv6 multicast routing daemon. 1665.It Va mroute6d_program 1666.Pq Vt str 1667If 1668.Va mroute6d_enable 1669is set to 1670.Dq Li YES , 1671this is the path to the IPv6 multicast routing daemon. 1672.It Va rtadvd_enable 1673.Pq Vt bool 1674If set to 1675.Dq Li YES , 1676run the 1677.Xr rtadvd 8 1678daemon at boot time. 1679.Xr rtadvd 8 1680will only run if 1681.Va ipv6_gateway_enable 1682is also set to 1683.Dq Li YES . 1684The 1685.Xr rtadvd 8 1686utility sends router advertisement packets to the interfaces specified in 1687.Va rtadvd_interfaces . 1688.Xr rtadvd 8 1689and should only be enabled with great care. 1690You may want to fine-tune 1691.Xr rtadvd.conf 5 . 1692.It Va rtadvd_interfaces 1693.Pq Vt str 1694If 1695.Va rtadvd_enable 1696is set to 1697.Dq Li YES 1698this is the list of interfaces to use. 1699.It Va ipxgateway_enable 1700.Pq Vt bool 1701If set to 1702.Dq Li YES , 1703enable the routing of IPX traffic. 1704.It Va ipxrouted_enable 1705.Pq Vt bool 1706If set to 1707.Dq Li YES , 1708run the 1709.Xr IPXrouted 8 1710daemon at system boot time. 1711.It Va ipxrouted_flags 1712.Pq Vt str 1713If 1714.Va ipxrouted_enable 1715is set to 1716.Dq Li YES , 1717these are the flags to pass to the 1718.Xr IPXrouted 8 1719daemon. 1720.It Va arpproxy_all 1721.Pq Vt bool 1722If set to 1723.Dq Li YES , 1724enable global proxy ARP. 1725.It Va forward_sourceroute 1726.Pq Vt bool 1727If set to 1728.Dq Li YES 1729and 1730.Va gateway_enable 1731is also set to 1732.Dq Li YES , 1733source-routed packets are forwarded. 1734.It Va accept_sourceroute 1735.Pq Vt bool 1736If set to 1737.Dq Li YES , 1738the system will accept source-routed packets directed at it. 1739.It Va rarpd_enable 1740.Pq Vt bool 1741If set to 1742.Dq Li YES , 1743run the 1744.Xr rarpd 8 1745daemon at system boot time. 1746.It Va rarpd_flags 1747.Pq Vt str 1748If 1749.Va rarpd_enable 1750is set to 1751.Dq Li YES , 1752these are the flags to pass to the 1753.Xr rarpd 8 1754daemon. 1755.It Va bootparamd_enable 1756.Pq Vt bool 1757If set to 1758.Dq Li YES , 1759run the 1760.Xr bootparamd 8 1761daemon at system boot time. 1762.It Va bootparamd_flags 1763.Pq Vt str 1764If 1765.Va bootparamd_enable 1766is set to 1767.Dq Li YES , 1768these are the flags to pass to the 1769.Xr bootparamd 8 1770daemon. 1771.It Va stf_interface_ipv4addr 1772.Pq Vt str 1773If not set to 1774.Dq Li NO , 1775this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 1776interface). 1777Specify this entry to enable the 6to4 interface. 1778.It Va stf_interface_ipv4plen 1779.Pq Vt int 1780Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1781An effective value is 0-31. 1782.It Va stf_interface_ipv6_ifid 1783.Pq Vt str 1784IPv6 interface ID for 1785.Xr stf 4 . 1786This can be set to 1787.Dq Li AUTO . 1788.It Va stf_interface_ipv6_slaid 1789.Pq Vt str 1790IPv6 Site Level Aggregator for 1791.Xr stf 4 . 1792.It Va ipv6_faith_prefix 1793.Pq Vt str 1794If not set to 1795.Dq Li NO , 1796this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 1797translator. 1798You also need 1799.Xr faithd 8 1800setup. 1801.It Va ipv6_ipv4mapping 1802.Pq Vt bool 1803If set to 1804.Dq Li YES 1805this enables IPv4 mapped IPv6 address communication (like 1806.Li ::ffff:a.b.c.d ) . 1807.It Va atm_enable 1808.Pq Vt bool 1809Set to 1810.Dq Li YES 1811to enable the configuration of ATM interfaces at system boot time. 1812For all of the ATM variables described below, please refer to the 1813.Xr atm 8 1814man page for further details on the available command parameters. 1815Also refer to the files in 1816.Pa /usr/share/examples/atm 1817for more detailed configuration information. 1818.It Va atm_load 1819.Pq Vt str 1820This is a list of physical ATM interface drivers to load. Typical values are 1821.Dq Li hfa_pci 1822and/or 1823.Dq Li hea_pci . 1824.It Va atm_netif_ Ns Aq Ar intf 1825.Pq Vt str 1826For the ATM physical interface 1827.Ar intf , 1828this variable defines the name prefix and count for the ATM network 1829interfaces to be created. 1830The value will be passed as the parameters of an 1831.Dq Nm atm Cm "set netif" Ar intf 1832command. 1833.It Va atm_sigmgr_ Ns Aq Ar intf 1834.Pq Vt str 1835For the ATM physical interface 1836.Ar intf , 1837this variable defines the ATM signalling manager to be used. 1838The value will be passed as the parameters of an 1839.Dq Nm atm Cm attach Ar intf 1840command. 1841.It Va atm_prefix_ Ns Aq Ar intf 1842.Pq Vt str 1843For the ATM physical interface 1844.Ar intf , 1845this variable defines the NSAP prefix for interfaces using a UNI signalling 1846manager. 1847If set to 1848.Dq Li ILMI , 1849the prefix will automatically be set via the 1850.Xr ilmid 8 1851daemon. 1852Otherwise, the value will be passed as the parameters of an 1853.Dq Nm atm Cm "set prefix" Ar intf 1854command. 1855.It Va atm_macaddr_ Ns Aq Ar intf 1856.Pq Vt str 1857For the ATM physical interface 1858.Ar intf , 1859this variable defines the MAC address for interfaces using a UNI signalling 1860manager. 1861If set to 1862.Dq Li NO , 1863the hardware MAC address contained in the ATM interface card will be used. 1864Otherwise, the value will be passed as the parameters of an 1865.Dq Nm atm Cm "set mac" Ar intf 1866command. 1867.It Va atm_arpserver_ Ns Aq Ar netif 1868.Pq Vt str 1869For the ATM network interface 1870.Ar netif , 1871this variable defines the ATM address for a host which is to provide ATMARP 1872service. 1873This variable is only applicable to interfaces using a UNI signalling 1874manager. 1875If set to 1876.Dq Li local , 1877this host will become an ATMARP server. 1878The value will be passed as the parameters of an 1879.Dq Nm atm Cm "set arpserver" Ar netif 1880command. 1881.It Va atm_scsparp_ Ns Aq Ar netif 1882.Pq Vt bool 1883If set to 1884.Dq Li YES , 1885SCSP/ATMARP service for the network interface 1886.Ar netif 1887will be initiated using the 1888.Xr scspd 8 1889and 1890.Xr atmarpd 8 1891daemons. 1892This variable is only applicable if 1893.Va atm_arpserver_ Ns Aq Ar netif 1894is set to 1895.Dq Li local . 1896.It Va atm_pvcs 1897.Pq Vt str 1898Set to the list of ATM PVCs to be added at system 1899boot time. 1900For each whitespace separated 1901.Ar element 1902in the value, an 1903.Va atm_pvc_ Ns Aq Ar element 1904variable is assumed to exist. 1905The value of each of these variables 1906will be passed as the parameters of an 1907.Dq Nm atm Cm "add pvc" 1908command. 1909.It Va atm_arps 1910.Pq Vt str 1911Set to the list of permanent ATM ARP entries to be added 1912at system boot time. 1913For each whitespace separated 1914.Ar element 1915in the value, an 1916.Va atm_arp_ Ns Aq Ar element 1917variable is assumed to exist. 1918The value of each of these variables 1919will be passed as the parameters of an 1920.Dq Nm atm Cm "add arp" 1921command. 1922.It Va natm_interfaces 1923.Pq Vt str 1924Set to the list of 1925.Xr natm 4 1926interfaces that will also be used for HARP through 1927.Xr harp 4 . 1928If this list is not empty all interfaces in the list will be brought up 1929with 1930.Xr ifconfig 9 1931and 1932.Xr harp 4 1933will be loaded. 1934For this to work the interface drivers must be either compiled into the 1935kernel or must reside on the root partition. 1936.It Va keybell 1937.Pq Vt str 1938The keyboard bell sound. 1939Set to 1940.Dq Li normal , 1941.Dq Li visual , 1942.Dq Li off , 1943or 1944.Dq Li NO 1945if the default behavior is desired. 1946For details, refer to the 1947.Xr kbdcontrol 1 1948manpage. 1949.It Va keymap 1950.Pq Vt str 1951If set to 1952.Dq Li NO , 1953no keymap is installed, otherwise the value is used to install 1954the keymap file in 1955.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1956.It Va keyrate 1957.Pq Vt str 1958The keyboard repeat speed. 1959Set to 1960.Dq Li slow , 1961.Dq Li normal , 1962.Dq Li fast , 1963or 1964.Dq Li NO 1965if the default behavior is desired. 1966.It Va keychange 1967.Pq Vt str 1968If not set to 1969.Dq Li NO , 1970attempt to program the function keys with the value. 1971The value should 1972be a single string of the form: 1973.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 1974.It Va cursor 1975.Pq Vt str 1976Can be set to the value of 1977.Dq Li normal , 1978.Dq Li blink , 1979.Dq Li destructive , 1980or 1981.Dq Li NO 1982to set the cursor behavior explicitly or choose the default behavior. 1983.It Va scrnmap 1984.Pq Vt str 1985If set to 1986.Dq Li NO , 1987no screen map is installed, otherwise the value is used to install 1988the screen map file in 1989.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 1990.It Va font8x16 1991.Pq Vt str 1992If set to 1993.Dq Li NO , 1994the default 8x16 font value is used for screen size requests, otherwise 1995the value in 1996.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 1997is used. 1998.It Va font8x14 1999.Pq Vt str 2000If set to 2001.Dq Li NO , 2002the default 8x14 font value is used for screen size requests, otherwise 2003the value in 2004.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2005is used. 2006.It Va font8x8 2007.Pq Vt str 2008If set to 2009.Dq Li NO , 2010the default 8x8 font value is used for screen size requests, otherwise 2011the value in 2012.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2013is used. 2014.It Va blanktime 2015.Pq Vt int 2016If set to 2017.Dq Li NO , 2018the default screen blanking interval is used, otherwise it is set 2019to 2020.Ar value 2021seconds. 2022.It Va saver 2023.Pq Vt str 2024If not set to 2025.Dq Li NO , 2026this is the actual screen saver to use 2027.Li ( blank , snake , daemon , 2028etc). 2029.It Va moused_enable 2030.Pq Vt str 2031If set to 2032.Dq Li YES , 2033the 2034.Xr moused 8 2035daemon is started for doing cut/paste selection on the console. 2036.It Va moused_type 2037.Pq Vt str 2038This is the protocol type of the mouse connected to this host. 2039This variable must be set if 2040.Va moused_enable 2041is set to 2042.Dq Li YES . 2043The 2044.Xr moused 8 2045daemon 2046is able to detect the appropriate mouse type automatically in many cases. 2047Set this variable to 2048.Dq Li auto 2049to let the daemon detect it, or 2050select one from the following list if the automatic detection fails. 2051.Pp 2052If the mouse is attached to the PS/2 mouse port, choose 2053.Dq Li auto 2054or 2055.Dq Li ps/2 , 2056regardless of the brand and model of the mouse. 2057Likewise, if the 2058mouse is attached to the bus mouse port, choose 2059.Dq Li auto 2060or 2061.Dq Li busmouse . 2062All other protocols are for serial mice and will not work with 2063the PS/2 and bus mice. 2064If this is a USB mouse, 2065.Dq Li auto 2066is the only protocol type which will work. 2067.Pp 2068.Bl -tag -width ".Li x10mouseremote" -compact 2069.It Li microsoft 2070Microsoft mouse (serial) 2071.It Li intellimouse 2072Microsoft IntelliMouse (serial) 2073.It Li mousesystems 2074Mouse systems Corp. mouse (serial) 2075.It Li mmseries 2076MM Series mouse (serial) 2077.It Li logitech 2078Logitech mouse (serial) 2079.It Li busmouse 2080A bus mouse 2081.It Li mouseman 2082Logitech MouseMan and TrackMan (serial) 2083.It Li glidepoint 2084ALPS GlidePoint (serial) 2085.It Li thinkingmouse 2086Kensington ThinkingMouse (serial) 2087.It Li ps/2 2088PS/2 mouse 2089.It Li mmhittab 2090MM HitTablet (serial) 2091.It Li x10mouseremote 2092X10 MouseRemote (serial) 2093.It Li versapad 2094Interlink VersaPad (serial) 2095.El 2096.Pp 2097Even if the mouse is not in the above list, it may be compatible 2098with one in the list. 2099Refer to the man page for 2100.Xr moused 8 2101for compatibility information. 2102.Pp 2103It should also be noted that while this is enabled, any 2104other client of the mouse (such as an X server) should access 2105the mouse through the virtual mouse device, 2106.Pa /dev/sysmouse , 2107and configure it as a 2108.Dq Li sysmouse 2109type mouse, since all 2110mouse data is converted to this single canonical format when 2111using 2112.Xr moused 8 . 2113If the client program does not support the 2114.Dq Li sysmouse 2115type, 2116specify the 2117.Dq Li mousesystems 2118type. 2119It is the second preferred type. 2120.It Va moused_port 2121.Pq Vt str 2122If 2123.Va moused_enable 2124is set to 2125.Dq Li YES , 2126this is the actual port the mouse is on. 2127It might be 2128.Pa /dev/cuaa0 2129for a COM1 serial mouse, 2130.Pa /dev/psm0 2131for a PS/2 mouse or 2132.Pa /dev/mse0 2133for a bus mouse, for example. 2134.It Va moused_flags 2135.Pq Vt str 2136If 2137.Va moused_type 2138is set, these are the additional flags to pass to the 2139.Xr moused 8 2140daemon. 2141.It Va mousechar_start 2142.Pq Vt int 2143If set to 2144.Dq Li NO , 2145the default mouse cursor character range 2146.Li 0xd0 Ns - Ns Li 0xd3 2147is used, 2148otherwise the range start is set 2149to 2150.Ar value 2151character, see 2152.Xr vidcontrol 1 . 2153Use if the default range is occupied in the language code table. 2154.It Va vidhistory 2155.Pq Vt int 2156Set the size of the history (scrollback) buffer in lines. 2157.It Va allscreens_flags 2158.Pq Vt str 2159If set, 2160.Xr vidcontrol 1 2161is run with these options for each of the virtual terminals 2162.Pq Pa /dev/ttyv* . 2163For example, 2164.Dq Fl m Cm on 2165will enable the mouse pointer on all virtual terminals 2166if 2167.Va moused_enable 2168is set to 2169.Dq Li YES . 2170.It Va allscreens_kbdflags 2171.Pq Vt str 2172If set, 2173.Xr kbdcontrol 1 2174is run with these options for each of the virtual terminals 2175.Pq Pa /dev/ttyv* . 2176For example, 2177.Dq Fl h Li 200 2178will set the 2179.Xr syscons 4 2180scrollback (history) buffer to 200 lines. 2181.It Va cron_enable 2182.Pq Vt bool 2183If set to 2184.Dq Li YES , 2185run the 2186.Xr cron 8 2187daemon at system boot time. 2188.It Va cron_program 2189.Pq Vt str 2190Path to 2191.Xr cron 8 2192(default 2193.Pa /usr/sbin/cron ) . 2194.It Va cron_flags 2195.Pq Vt str 2196If 2197.Va cron_enable 2198is set to 2199.Dq Li YES , 2200these are the flags to pass to 2201.Xr cron 8 . 2202.It Va lpd_program 2203.Pq Vt str 2204Path to 2205.Xr lpd 8 2206(default 2207.Pa /usr/sbin/lpd ) . 2208.It Va lpd_enable 2209.Pq Vt bool 2210If set to 2211.Dq Li YES , 2212run the 2213.Xr lpd 8 2214daemon at system boot time. 2215.It Va lpd_flags 2216.Pq Vt str 2217If 2218.Va lpd_enable 2219is set to 2220.Dq Li YES , 2221these are the flags to pass to the 2222.Xr lpd 8 2223daemon. 2224.It Va mixer_enable 2225.Pq Vt bool 2226If set to 2227.Dq Li YES , 2228preserve 2229.Xr mixer 8 2230settings across reboots. 2231.It Va mta_start_script 2232.Pq Vt str 2233This variable specifies the full path to the script to run to start 2234a mail transfer agent. 2235The default is 2236.Pa /etc/rc.sendmail . 2237The 2238.Va sendmail_* 2239variables which 2240.Pa /etc/rc.sendmail 2241uses are documented in the 2242.Xr rc.sendmail 8 2243man page. 2244.It Va dumpdev 2245.Pq Vt str 2246Indicates the device (usually a swap partition) to which a crash dump 2247should be written in the event of a system crash. 2248The value of this variable is passed as the argument to 2249.Xr dumpon 8 . 2250To disable crash dumps, set this variable to 2251.Dq Li NO . 2252.It Va dumpdir 2253.Pq Vt str 2254When the system reboots after a crash and a crash dump is found on the 2255device specified by the 2256.Va dumpdev 2257variable, 2258.Xr savecore 8 2259will save that crash dump and a copy of the kernel to the directory 2260specified by the 2261.Va dumpdir 2262variable. 2263The default value is 2264.Pa /var/crash . 2265Set to 2266.Dq Li NO 2267to not run 2268.Xr savecore 8 2269at boot time when 2270.Va dumpdir 2271is set. 2272.It Va savecore_flags 2273.Pq Vt str 2274If crash dumps are enabled, these are the flags to pass to the 2275.Xr savecore 8 2276utility. 2277.It Va enable_quotas 2278.Pq Vt bool 2279Set to 2280.Dq Li YES 2281to turn on user disk quotas on system startup via the 2282.Xr quotaon 8 2283command. 2284.It Va check_quotas 2285.Pq Vt bool 2286Set to 2287.Dq Li YES 2288to enable user disk quota checking via the 2289.Xr quotacheck 8 2290command. 2291.It Va accounting_enable 2292.Pq Vt bool 2293Set to 2294.Dq Li YES 2295to enable system accounting through the 2296.Xr accton 8 2297facility. 2298.It Va linux_enable 2299.Pq Vt bool 2300Set to 2301.Dq Li YES 2302to enable Linux/ELF binary emulation at system initial 2303boot time. 2304.It Va sysvipc_enable 2305.Pq Vt bool 2306If set to 2307.Dq Li YES , 2308load System V IPC primitives at boot time. 2309.\" ----- cleanvar_enable setting-------------------------------- 2310.It Va cleanvar_enable 2311.Pq Vt bool 2312Set to 2313.Dq Li YES 2314to have 2315.Pa /var/run , 2316.Pa /var/spool/lock 2317and 2318.Pa /var/spool/uucp/.Temp/* 2319cleaned at startup. 2320.\" ----- clear_tmp_enable setting------------------------------- 2321.It Va clear_tmp_enable 2322.Pq Vt bool 2323Set to 2324.Dq Li YES 2325to have 2326.Pa /tmp 2327cleaned at startup. 2328.\" ----- ldconfig_paths setting -------------------------------- 2329.It Va ldconfig_paths 2330.Pq Vt str 2331Set to the list of shared library paths to use with 2332.Xr ldconfig 8 . 2333NOTE: 2334.Pa /usr/lib 2335will always be added first, so it need not appear in this list. 2336.It Va ldconfig_insecure 2337.Pq Vt bool 2338The 2339.Xr ldconfig 8 2340utility normally refuses to use directories 2341which are writable by anyone except root. 2342Set this variable to 2343.Dq Li YES 2344to disable that security check during system startup. 2345.It Va kern_securelevel 2346.Pq Vt int 2347The kernel security level to set at startup. 2348The allowed range of 2349.Ar value 2350ranges from \-1 (the compile time default) to 3 (the 2351most secure). 2352See 2353.Xr init 8 2354for the list of possible security levels and their effect 2355on system operation. 2356.It Va lomac_enable 2357.Pq Vt bool 2358Set to 2359.Dq Li YES 2360to enable Low Watermark Mandatory Access Control (LOMAC) at boot time. 2361This security model enforces integrity constraints for system processes; 2362see 2363.Xr lomac 4 2364for a complete description of the LOMAC model, as well as its impact 2365on system operation. 2366.It Va start_vinum 2367.Pq Vt bool 2368Set to 2369.Dq Li YES 2370to start 2371.Xr vinum 8 2372at system boot time. 2373.It Va sshd_enable 2374.Pq Vt bool 2375Set to 2376.Dq Li YES 2377to start 2378.Xr sshd 8 2379at system boot time. 2380.It Va sshd_program 2381.Pq Vt str 2382Path to the SSH server program 2383.Pa ( /usr/sbin/sshd 2384is the default). 2385.It Va sshd_flags 2386.Pq Vt str 2387If 2388.Va sshd_enable 2389is set to 2390.Dq Li YES , 2391these are the flags to pass to the 2392.Xr sshd 8 2393daemon. 2394.It Va ftpd_enable 2395.Pq Vt bool 2396Set to 2397.Dq Li YES 2398to start 2399.Xr ftpd 8 2400at system boot time. 2401.It Va ftpd_flags 2402.Pq Vt str 2403If 2404.Va ftpd_enable 2405is set to 2406.Dq Li YES , 2407these are the flags to pass to the 2408.Xr ftpd 8 2409daemon. 2410.It Va usbd_enable 2411.Pq Vt bool 2412If set to 2413.Dq Li YES , 2414run the 2415.Xr usbd 8 2416daemon at boot time. 2417.It Va usbd_flags 2418.Pq Vt str 2419If 2420.Va usbd_enable 2421is set to 2422.Dq Li YES , 2423these are the flags passed to 2424.Xr usbd 8 2425daemon. 2426.It Va watchdogd_enable 2427.Pq Vt bool 2428If set to 2429.Dq Li YES , 2430start the 2431.Xr watchdogd 8 2432daemon at boot time. 2433This requires that the kernel have been compiled with 2434.Cd "options WATCHDOG" . 2435.It Va jail_enable 2436.Pq Vt bool 2437If set to 2438.Dq Li NO , 2439any configured jails will not be started. 2440.It Va jail_list 2441.Pq Vt str 2442A space separated list of names for jails. 2443This is purely a configuration aid to help identify and 2444configure multiple jails. 2445The names specified in this list will be used to 2446identify settings common to an instance of a jail. 2447Assuming that the jail in question was named 2448.Li vjail , 2449you would have the following dependent variables: 2450.Bd -literal 2451jail_vjail_hostname="jail.example.com" 2452jail_vjail_ip="192.168.1.100" 2453jail_vjail_rootdir="/var/jails/vjail/root" 2454jail_vjail_exec="/bin/sh /etc/rc" 2455.Ed 2456.Pp 2457The last one is optional. 2458It defaults to 2459.Pa /etc/rc 2460if it is not set. 2461.It Va jail_set_hostname_allow 2462.Pq Vt bool 2463If set to 2464.Dq Li NO , 2465do not allow the root user in a jail to set its hostname. 2466.It Va jail_socket_unixiproute_only 2467.Pq Vt bool 2468If set to 2469.Dq Li NO , 2470do not allow any protocol, 2471besides TCP/IP, 2472to be used within a jail. 2473.It Va jail_sysvipc_allow 2474.Pq Vt bool 2475If set to 2476.Dq Li YES , 2477allow applications within a jail to use System V IPC. 2478.It Va resident_enable 2479.Pq Vt bool 2480If set to 2481.Dq Li YES , 2482make the dynamic binaries listed in 2483.Pa /etc/resident.conf 2484resident. 2485.It Va varsym_enable 2486.Pq Vt bool 2487If set to 2488.Dq Li YES , 2489process 2490.Pa /etc/varsym.conf 2491to set system-wide variables for variant symlinks. 2492.It Va rand_irqs 2493.Pq Vt str 2494Set either to 2495.Dq Li NO 2496or a whitespace separated list of IRQ numbers which will be used as a source of 2497randomness. 2498.\" ----- isdn settings --------------------------------- 2499.It Va isdn_enable 2500.Pq Vt bool 2501Set to 2502.Dq Li NO 2503by default. 2504When set to 2505.Dq Li YES , 2506starts the 2507.Xr isdnd 8 2508daemon 2509at system boot time. 2510.It Va isdn_flags 2511.Pq Vt str 2512Set to 2513.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2514by default. 2515Additional flags to pass to 2516.Xr isdnd 8 2517(but see 2518.Va isdn_fsdev 2519and 2520.Va isdn_ttype 2521for certain tunable parameters). 2522.It Va isdn_ttype 2523.Pq Vt str 2524Set to 2525.Dq Li cons25 2526by default. 2527The terminal type of the output device when 2528.Xr isdnd 8 2529operates in full-screen mode. 2530.It Va isdn_screenflags 2531.Pq Vt str 2532Set to 2533.Dq Li NO 2534by default. 2535The video mode for full-screen mode (only for 2536.Xr syscons 4 2537console driver, see 2538.Xr vidcontrol 1 2539for valid modes). 2540.It Va isdn_fsdev 2541.Pq Vt str 2542Set to 2543.Dq Li NO 2544by default. 2545The output device for 2546.Xr isdnd 8 2547in full-screen mode (or 2548.Dq Li NO 2549for daemon mode). 2550.It Va isdn_trace 2551.Pq Vt bool 2552Set to 2553.Dq Li NO 2554by default. 2555When set to 2556.Dq Li YES , 2557enables the ISDN protocol trace utility 2558.Xr isdntrace 8 2559at system boot time. 2560.It Va isdn_traceflags 2561.Pq Vt str 2562Set to 2563.Dq Fl f Pa /var/tmp/isdntrace0 2564by default. 2565Flags for 2566.Xr isdntrace 8 . 2567.\" ----------------------------------------------------- 2568.It Va entropy_dir 2569.Pq Vt str 2570Set to 2571.Dq Li NO 2572to disable caching entropy via 2573.Xr cron 8 . 2574Otherwise set to the directory used to store entropy files in. 2575.It Va entropy_file 2576.Pq Vt str 2577Set to 2578.Dq Li NO 2579to disable caching entropy through reboots. 2580Otherwise set to the filename used to store cached entropy through 2581reboots. 2582This file should be located on the root file system to seed the 2583.Xr random 4 2584device as early as possible in the boot process. 2585.It Va entropy_save_sz 2586.Pq Vt int 2587Size of the entropy cache files saved by 2588.Nm save-entropy 2589periodically. 2590.It Va entropy_save_num 2591.Pq Vt int 2592Number of entropy cache files to save by 2593.Nm save-entropy 2594periodically. 2595.It Va ipsec_enable 2596.Pq Vt bool 2597Set to 2598.Dq Li YES 2599to run 2600.Xr setkey 8 2601on 2602.Va ipsec_file 2603at boot time. 2604.It Va ipsec_file 2605.Pq Vt str 2606Configuration file for 2607.Xr setkey 8 . 2608.It Va dmesg_enable 2609.Pq Vt bool 2610Set to 2611.Dq Li YES 2612to save 2613.Xr dmesg 8 2614to 2615.Pa /var/run/dmesg.boot 2616on boot. 2617.It Va rcshutdown_timeout 2618.Pq Vt int 2619If set, start a watchdog timer in the background which will terminate 2620.Pa rc.shutdown 2621if 2622.Xr shutdown 8 2623has not completed within the specified time (in seconds). 2624.El 2625.Sh FILES 2626.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 2627.It Pa /etc/defaults/rc.conf 2628.It Pa /etc/rc.conf 2629.It Pa /etc/rc.conf.local 2630.El 2631.Sh SEE ALSO 2632.Xr catman 1 , 2633.Xr gdb 1 , 2634.Xr info 1 , 2635.Xr kbdcontrol 1 , 2636.Xr varsym 1 , 2637.Xr vidcontrol 1 , 2638.Xr ip 4 , 2639.Xr ipf 4 , 2640.Xr ipfw 4 , 2641.Xr kld 4 , 2642.Xr pf 4 , 2643.Xr tcp 4 , 2644.Xr udp 4 , 2645.Xr exports 5 , 2646.Xr motd 5 , 2647.Xr resident.conf 5 , 2648.Xr varsym.conf 5 , 2649.Xr accton 8 , 2650.Xr amd 8 , 2651.Xr apm 8 , 2652.Xr atm 8 , 2653.Xr cron 8 , 2654.Xr dhclient 8 , 2655.Xr dhcpd 8 , 2656.Xr dhcrelay 8 , 2657.Xr dntpd 8 , 2658.Xr ftpd 8 , 2659.Xr ifconfig 8 , 2660.Xr inetd 8 , 2661.Xr isdnd 8 , 2662.Xr isdntrace 8 , 2663.Xr kldxref 8 , 2664.Xr lpd 8 , 2665.Xr makewhatis 8 , 2666.Xr mdconfig 8 , 2667.Xr mixer 8 , 2668.Xr mountd 8 , 2669.Xr moused 8 , 2670.Xr mrouted 8 , 2671.Xr named 8 , 2672.Xr nfsd 8 , 2673.Xr ntpd 8 , 2674.Xr pcnfsd 8 , 2675.Xr pfctl 8 , 2676.Xr pflogd 8 , 2677.Xr quotacheck 8 , 2678.Xr quotaon 8 , 2679.Xr rc 8 , 2680.Xr rc.sendmail 8 , 2681.Xr resident 8 , 2682.Xr rndcontrol 8 , 2683.Xr route 8 , 2684.Xr routed 8 , 2685.Xr rpc.lockd 8 , 2686.Xr rpc.statd 8 , 2687.Xr rpcbind 8 , 2688.Xr rwhod 8 , 2689.Xr savecore 8 , 2690.Xr sshd 8 , 2691.Xr swapon 8 , 2692.Xr sysctl 8 , 2693.Xr syslogd 8 , 2694.Xr timed 8 , 2695.Xr usbd 8 , 2696.Xr vinum 8 , 2697.Xr yp 8 , 2698.Xr ypbind 8 , 2699.Xr ypserv 8 , 2700.Xr ypset 8 2701.Sh HISTORY 2702The 2703.Nm 2704file appeared in 2705.Fx 2.2.2 . 2706.Sh AUTHORS 2707.An Jordan K. Hubbard . 2708