1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" $DragonFly: src/share/man/man5/rc.conf.5,v 1.61 2008/10/20 07:35:08 swildner Exp $ 27.Dd June 26, 2009 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65See the 66.Va rc_conf_files 67variable below. 68.Pp 69The following list provides a name and short description for each 70variable that can be set in the 71.Nm 72file. 73To set a variable of 74.Vt bool 75type, specify either 76.Dq Li YES , 77.Dq Li TRUE , 78.Dq Li ON , 79or 80.Dq Li 1 . 81To unset, specify 82.Dq Li NO , 83.Dq Li FALSE , 84.Dq Li OFF , 85or 86.Dq Li 0 . 87These values are case insensitive. 88The 89.Va _enable 90postfix in the name of a variable for starting a service can be 91omitted (as in 92.Nx ) . 93.Bl -tag -width indent-two 94.It Va rc_debug 95.Pq Vt bool 96If set to 97.Dq Li YES , 98enable output of debug messages from rc scripts. 99This variable can be helpful in diagnosing mistakes when 100editing or integrating new scripts. 101Beware that this produces copious output to the terminal and 102.Xr syslog 3 . 103.It Va rc_info 104.Pq Vt bool 105If set to 106.Dq Li NO , 107disable informational messages from the rc scripts. 108Informational messages are displayed when 109a condition that is not serious enough to warrant a warning or an error occurs. 110.It Va swapfile 111.Pq Vt str 112If set to 113.Dq Li NO , 114no swapfile is installed, otherwise the value is used as the full 115pathname to a file to use for additional swap space. 116.It Va apm_enable 117.Pq Vt bool 118If set to 119.Dq Li YES , 120enable support for Automatic Power Management with the 121.Xr apm 8 122command. 123.It Va apmd_enable 124.Pq Vt bool 125Run 126.Xr apmd 8 127to handle APM event from userland. 128This also enables support for APM. 129.It Va apmd_flags 130.Pq Vt str 131If 132.Va apmd_enable 133is set to 134.Dq Li YES , 135these are the flags to pass to the 136.Xr apmd 8 137daemon. 138.It Va battd_enable 139Enable 140.Xr battd 8 141to monitor the status of batteries present in the system. 142This also enables support for APM. 143.It Va battd_flags 144.Pq Vt str 145If 146.Va battd_enable 147is set to 148.Dq Li YES , 149these are the flags to pass to the 150.Xr battd 8 151daemon. 152.It Va devd_enable 153.Pq Vt bool 154Run 155.Xr devd 8 156to handle device added, removed or unknown events from the kernel. 157.It Va devd_flags 158.Pq Vt str 159If 160.Va devd_enable 161is set to 162.Dq Li YES , 163these are the flags to pass to the 164.Xr devd 8 165daemon. 166.It Va sensorsd_enable 167.Pq Vt bool 168Set to 169.Dq Li NO 170by default. 171Setting this to 172.Dq Li YES 173enables 174.Xr sensorsd 8 , 175a sensors monitoring and logging daemon. 176.It Va sensorsd_flags 177.Pq Vt str 178Empty by default. 179Additional flags passed to the 180.Xr sensorsd 8 181program. 182.It Va pccard_ifconfig 183.Pq Vt str 184List of arguments to be passed to 185.Xr ifconfig 8 186at boot time or on insertion of the card (e.g.\& 187.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 188for a fixed address or 189.Dq Li DHCP 190for a DHCP client). 191.It Va pccard_ether_delay 192.Pq Vt str 193Set the delay before starting 194.Xr dhclient 8 195in the 196.Pa /etc/pccard_ether 197script. 198This defaults to 5 seconds to work around a bug in the 199.Xr ed 4 200driver which can lead to system hangs when using some newer 201.Xr ed 4 202based cards. 203.It Va removable_interfaces 204.Pq Vt str 205List of removable network interfaces to be supported by 206.Pa /etc/pccard_ether . 207.It Va local_startup 208.Pq Vt str 209List of directories to search for startup script files. 210.It Va script_name_sep 211.Pq Vt str 212The field separator to use for breaking down the list of startup script files 213into individual filenames. 214The default is a space. 215It is not necessary to change this unless there are startup scripts with names 216containing spaces. 217.It Va hostapd_enable 218.Pq Vt bool 219Set to 220.Dq Li YES 221to start 222.Xr hostapd 8 223at system boot time. 224.It Va hostname 225.Pq Vt str 226The fully qualified domain name (FQDN) of this host on the network. 227This should almost certainly be set to something meaningful, even if 228there is no network connection. 229If 230.Xr dhclient 8 231is used to set the hostname via DHCP, 232this variable should be set to an empty string. 233.It Va ipv6_enable 234.Pq Vt bool 235Enable support for IPv6 networking. 236Note that this requires that the kernel have been compiled with 237.Cd "options INET6" . 238.It Va nisdomainname 239.Pq Vt str 240The NIS domain name of this host, or 241.Dq Li NO 242if NIS is not used. 243.It Va dhclient_program 244.Pq Vt str 245Path to the DHCP client program 246(default 247.Pa /sbin/dhclient ) . 248.It Va dhclient_flags 249.Pq Vt str 250Additional flags to pass to the DHCP client program. 251.It Va pf_enable 252.Pq Vt bool 253Set to 254.Dq Li YES 255to load 256.Xr pf 4 257at startup. 258If the kernel was not built with 259.Cd "device pf" , 260the 261.Pa pf.ko 262kernel module will be loaded. 263See also 264.Va firewall_enable 265and 266.Va ipfilter_enable . 267.It Va pf_rules 268.Pq Vt str 269Path to the 270.Xr pf 4 271ruleset definition file. 272.It Va pf_program 273.Pq Vt str 274Path to 275.Xr pfctl 8 . 276.It Va pf_flags 277.Pq Vt str 278If 279.Va pf_enable 280is set to 281.Dq Li YES , 282these are the flags to pass to 283.Xr pfctl 8 284when loading the ruleset. 285.It Va pflog_enable 286.Pq Vt bool 287Set this to 288.Dq Li YES 289to enable 290.Xr pflogd 8 291which logs packets from 292.Xr pf 4 . 293.It Va pflog_logfile 294.Pq Vt str 295If 296.Va pflog_enable 297is set to 298.Dq Li YES 299this specifies the path of the log file. 300.It Va pflog_program 301.Pq Vt str 302Path to 303.Xr pflogd 8 . 304.It Va pflog_flags 305.Pq Vt str 306If 307.Va pflog_enable 308is set to 309.Dq Li YES , 310these are the flags to pass to 311.Xr pflogd 8 . 312.It Va firewall_enable 313.Pq Vt bool 314Set to 315.Dq Li YES 316to load firewall rules at startup. 317If the kernel was not built with 318.Cd "options IPFIREWALL" , 319the 320.Pa ipfw.ko 321kernel module will be loaded. 322See also 323.Va pf_enable 324and 325.Va ipfilter_enable . 326.It Va ipv6_firewall_enable 327.Pq Vt bool 328The IPv6 equivalent of 329.Va firewall_enable . 330Set to 331.Dq Li YES 332to load IPv6 firewall rules at startup. 333If the kernel was not built with 334.Cd "options IPV6FIREWALL" , 335the 336.Pa ip6fw.ko 337kernel module will be loaded. 338.It Va firewall_script 339.Pq Vt str 340The full path to the firewall script to run 341(default 342.Pa /etc/rc.firewall ) . 343.It Va ipv6_firewall_script 344.Pq Vt str 345The IPv6 equivalent of 346.Va firewall_script . 347.It Va firewall_type 348.Pq Vt str 349Names the firewall type from the selection in 350.Pa /etc/rc.firewall , 351or the file which contains the local firewall ruleset. 352Valid selections from 353.Pa /etc/rc.firewall 354are: 355.Pp 356.Bl -tag -width ".Li simple" -compact 357.It Li open 358unrestricted IP access 359.It Li closed 360all IP services disabled, except via 361.Dq Li lo0 362.It Li client 363basic protection for a workstation on a LAN 364.It Li simple 365alias for 366.Li client . 367.El 368.Pp 369If a filename is specified, the full path must be given. 370.It Va firewall_trusted_nets 371.Pq Vt str 372List of trusted networks (if 373.Va firewall_type 374is set to 375.Li client ) . 376.It Va firewall_trusted_interfaces 377.Pq Vt str 378List of trusted network interfaces (if 379.Va firewall_type 380is set to 381.Li client ) . 382.It Va firewall_allowed_icmp_types 383.Pq Vt str 384List of allowed ICMP types (if 385.Va firewall_type 386is set to 387.Li client ) . 388.It Va firewall_open_tcp_ports 389.Pq Vt str 390List of TCP ports to open (if 391.Va firewall_type 392is set to 393.Li client ) . 394.It Va firewall_open_udp_ports 395.Pq Vt str 396List of UDP ports to open (if 397.Va firewall_type 398is set to 399.Li client ) . 400.It Va ipv6_firewall_type 401.Pq Vt str 402The IPv6 equivalent of 403.Va firewall_type . 404.It Va firewall_quiet 405.Pq Vt bool 406Set to 407.Dq Li YES 408to disable the display of firewall rules on the console during boot. 409.It Va ipv6_firewall_quiet 410.Pq Vt bool 411The IPv6 equivalent of 412.Va firewall_quiet . 413.It Va firewall_logging 414.Pq Vt bool 415Set to 416.Dq Li YES 417to enable firewall event logging. 418This is equivalent to the 419.Dv IPFIREWALL_VERBOSE 420kernel option. 421.It Va ipv6_firewall_logging 422.Pq Vt bool 423The IPv6 equivalent of 424.Va firewall_logging . 425.It Va firewall_flags 426.Pq Vt str 427Flags passed to 428.Xr ipfw 8 429if 430.Va firewall_type 431specifies a filename. 432.It Va ipv6_firewall_flags 433.Pq Vt str 434The IPv6 equivalent of 435.Va firewall_flags . 436.It Va natd_program 437.Pq Vt str 438Path to 439.Xr natd 8 . 440.It Va natd_enable 441.Pq Vt bool 442Set to 443.Dq Li YES 444to enable 445.Xr natd 8 . 446.Va firewall_enable 447must also be set to 448.Dq Li YES , 449and 450.Xr divert 4 451sockets must be enabled in the kernel. 452.It Va natd_interface 453.Pq Vt str 454This is the name of the public interface on which 455.Xr natd 8 456should run. 457The interface may be given as an interface name or as an IP address. 458.It Va natd_flags 459.Pq Vt str 460Additional 461.Xr natd 8 462flags should be placed here. 463The 464.Fl n 465or 466.Fl a 467flag is automatically added with the above 468.Va natd_interface 469as an argument. 470.\" ----- ipfilter_enable setting -------------------------------- 471.It Va ipfilter_enable 472.Pq Vt bool 473Set to 474.Dq Li NO 475by default. 476Setting this to 477.Dq Li YES 478enables 479.Xr ipf 8 480packet filtering. 481.Pp 482Typical usage will require putting 483.Bd -literal 484ipfilter_enable="YES" 485ipnat_enable="YES" 486ipmon_enable="YES" 487ipfs_enable="YES" 488.Ed 489.Pp 490into 491.Pa /etc/rc.conf 492and editing 493.Pa /etc/ipf.rules 494and 495.Pa /etc/ipnat.rules 496appropriately. 497.Pp 498Note that 499.Va ipfilter_enable 500and 501.Va ipnat_enable 502can be enabled independently. 503.Va ipmon_enable 504and 505.Va ipfs_enable 506both require at least one of 507.Va ipfilter_enable 508and 509.Va ipnat_enable 510to be enabled. 511.Pp 512Having 513.Bd -literal 514options IPFILTER 515options IPFILTER_LOG 516options IPFILTER_DEFAULT_BLOCK 517.Ed 518.Pp 519in the kernel configuration file is a good idea, too. 520See also 521.Va pf_enable 522and 523.Va firewall_enable . 524.\" ----- ipfilter_program setting ------------------------------ 525.It Va ipfilter_program 526.Pq Vt str 527Path to 528.Xr ipf 8 529(default 530.Pa /sbin/ipf ) . 531.\" ----- ipfilter_rules setting -------------------------------- 532.It Va ipfilter_rules 533.Pq Vt str 534Set to 535.Pa /etc/ipf.rules 536by default. 537The name of the filter rule definition file. 538The file is expected to be readable for the 539.Xr ipf 8 540command to execute. 541.\" ----- ipv6_ipfilter_rules setting --------------------------- 542.It Va ipv6_ipfilter_rules 543.Pq Vt str 544Set to 545.Pa /etc/ipf6.rules 546by default. 547The name of the IPv6 filter rule definition file. 548The file is expected to be readable for the 549.Xr ipf 8 550command to execute. 551.\" ----- ipfilter_flags setting -------------------------------- 552.It Va ipfilter_flags 553.Pq Vt str 554Empty by default. 555Flags passed to the 556.Xr ipf 8 557program. 558.\" ----- ipnat_enable setting ---------------------------------- 559.It Va ipnat_enable 560.Pq Vt bool 561Set to 562.Dq Li NO 563by default. 564Set it to 565.Dq Li YES 566to enable 567.Xr ipnat 8 568network address translation. 569See 570.Va ipfilter_enable 571for a detailed discussion. 572.\" ----- ipnat_program setting --------------------------------- 573.It Va ipnat_program 574.Pq Vt str 575Path to 576.Xr ipnat 8 577(default 578.Pa /sbin/ipnat ) . 579.\" ----- ipnat_rules setting ----------------------------------- 580.It Va ipnat_rules 581.Pq Vt str 582Set to 583.Pa /etc/ipnat.rules 584by default. 585The name of the file 586holding the network address translation definition. 587This file is expected to be readable for the 588.Xr ipnat 8 589command to execute. 590.\" ----- ipnat_flags setting ----------------------------------- 591.It Va ipnat_flags 592.Pq Vt str 593Empty by default. 594Flags passed to the 595.Xr ipnat 8 596program. 597.\" ----- ipmon_enable setting ---------------------------------- 598.It Va ipmon_enable 599.Pq Vt bool 600Set to 601.Dq Li NO 602by default. 603Set it to 604.Dq Li YES 605to enable 606.Xr ipmon 8 607monitoring (logging 608.Xr ipf 8 609and 610.Xr ipnat 8 611events). 612Setting this variable needs setting 613.Va ipfilter_enable 614or 615.Va ipnat_enable 616too. 617See 618.Va ipfilter_enable 619for a detailed discussion. 620.\" ----- ipmon_program setting --------------------------------- 621.It Va ipmon_program 622.Pq Vt str 623Path to 624.Xr ipmon 8 625(default 626.Pa /sbin/ipmon ) . 627.\" ----- ipmon_flags setting ----------------------------------- 628.It Va ipmon_flags 629.Pq Vt str 630Set to 631.Dq Li -Ds 632by default. 633Flags passed to the 634.Xr ipmon 8 635program. 636Another typical example would be 637.Dq Fl D Pa /var/log/ipflog 638to have 639.Xr ipmon 8 640log directly to a file bypassing 641.Xr syslogd 8 . 642Make sure to adjust 643.Pa /etc/newsyslog.conf 644in such case like this: 645.Bd -literal 646/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 647.Ed 648.\" ----- ipfs_enable setting ----------------------------------- 649.It Va ipfs_enable 650.Pq Vt bool 651Set to 652.Dq Li NO 653by default. 654Set it to 655.Dq Li YES 656to enable 657.Xr ipfs 8 658saving the filter and NAT state tables during shutdown 659and reloading them during startup again. 660Setting this variable needs setting 661.Va ipfilter_enable 662or 663.Va ipnat_enable 664to 665.Dq Li YES 666too. 667See 668.Va ipfilter_enable 669for a detailed discussion. 670Note that if 671.Va kern_securelevel 672is set to 3, 673.Va ipfs_enable 674cannot be used because the raised securelevel will prevent 675.Xr ipfs 8 676from saving the state tables at shutdown time. 677.\" ----- ipfs_program setting ---------------------------------- 678.It Va ipfs_program 679.Pq Vt str 680Path to 681.Xr ipfs 8 682(default 683.Pa /sbin/ipfs ) . 684.\" ----- ipfs_flags setting ------------------------------------ 685.It Va ipfs_flags 686.Pq Vt str 687Empty by default. 688Flags passed to the 689.Xr ipfs 8 690program. 691.\" ----- end of added ipf hook --------------------------------- 692.It Va tcp_extensions 693.Pq Vt bool 694Set to 695.Dq Li YES 696by default. 697Setting this to 698.Dq Li NO 699disables certain TCP options as described by 700.Rs 701.%T "RFC 1323" 702.Re 703Setting this to 704.Dq Li NO 705might help remedy such problems with connections as randomly hanging 706or other weird behavior. 707Some network devices are known to be broken with respect to these options. 708.It Va log_in_vain 709.Pq Vt int 710Set to 0 by default. 711The 712.Xr sysctl 8 713variables, 714.Va net.inet.tcp.log_in_vain 715and 716.Va net.inet.udp.log_in_vain , 717as described in 718.Xr tcp 4 719and 720.Xr udp 4 , 721are set to the given value. 722.It Va tcp_keepalive 723.Pq Vt bool 724Set to 725.Dq Li YES 726by default. 727Setting to 728.Dq Li NO 729will disable probing idle TCP connections to verify that the 730peer is still up and reachable. 731.It Va tcp_drop_synfin 732.Pq Vt bool 733Set to 734.Dq Li NO 735by default. 736Setting to 737.Dq Li YES 738will cause the kernel to ignore TCP frames that have both 739the SYN and FIN flags set. 740This prevents OS fingerprinting, but may break some legitimate applications. 741This option is only available if the kernel was built with the 742.Dv TCP_DROP_SYNFIN 743option. 744.It Va icmp_drop_redirect 745.Pq Vt bool 746Set to 747.Dq Li NO 748by default. 749Setting to 750.Dq Li YES 751will cause the kernel to ignore ICMP REDIRECT packets. 752Refer to 753.Xr icmp 4 754for more information. 755.It Va icmp_log_redirect 756.Pq Vt bool 757Set to 758.Dq Li NO 759by default. 760Setting to 761.Dq Li YES 762will cause the kernel to log ICMP REDIRECT packets. 763Note that 764the log messages are not rate-limited, so this option should only be used 765for troubleshooting networks. 766Refer to 767.Xr icmp 4 768for more information. 769.It Va icmp_bmcastecho 770.Pq Vt bool 771Set to 772.Dq Li YES 773to respond to broadcast or multicast ICMP ping packets. 774Refer to 775.Xr icmp 4 776for more information. 777.It Va ip_portrange_first 778.Pq Vt int 779If not set to 780.Dq Li NO , 781this is the first port in the default portrange. 782Refer to 783.Xr ip 4 784for more information. 785.It Va ip_portrange_last 786.Pq Vt int 787If not set to 788.Dq Li NO , 789this is the last port in the default portrange. 790Refer to 791.Xr ip 4 792for more information. 793.\" 794.It Va ifconfig_ Ns Aq Ar interface 795.Pq Vt str 796Configuration for 797.Dq interface . 798Typically includes IP address. 799Assuming that the interface in question was 800.Li ed0 , 801it might look something like this: 802.Bd -literal 803ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 804.Ed 805.Pp 806If the 807.Pa /etc/start_if. Ns Aq Ar interface 808file is present, it is read and executed by the 809.Xr sh 1 810interpreter before configuring the interface as specified in the 811.Va ifconfig_ Ns Aq Ar interface 812and 813.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 814variables. 815.Pp 816It is possible to bring up an interface with DHCP by adding 817.Dq Li DHCP 818to the 819.Va ifconfig_ Ns Aq Ar interface 820variable. 821For instance, to initialize the 822.Li ed0 823device via DHCP, it is possible to use something like: 824.Bd -literal 825ifconfig_ed0="DHCP" 826.Ed 827.Pp 828Also, if your interface needs WPA authentication, it is possible to add 829.Dq Li WPA 830to the 831.Va ifconfig_ Ns Aq Ar interface 832variable. 833This will start 834.Xr wpa_supplicant 8 . 835See 836.Xr wpa_supplicant.conf 5 837for configuring authentication information. 838.Pp 839Finally, you can add 840.Xr ifconfig 8 841options in this variable, in addition to the 842.Pa /etc/start_if. Ns Aq Ar interface 843file. 844For instance, to initialize the 845.Li wi0 846device via DHCP, using WPA authentication and 802.11b mode, it is 847possible to use something like: 848.Bd -literal 849ifconfig_wi0="up DHCP WPA mode 11b" 850.Ed 851.Pp 852.\" 853.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 854.Pq Vt str 855Configuration to establish an additional network address for 856.Dq interface . 857Assuming that the interface in question was 858.Li ed0 , 859it might look something like this: 860.Bd -literal 861ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 862ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 863.Ed 864.Pp 865And so on. 866For each 867.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 868entry that is found, its contents are passed to 869.Xr ifconfig 8 . 870Execution stops at the first unsuccessful access, so if 871something like this is present: 872.Bd -literal 873ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 874ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 875ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 876ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 877.Ed 878.Pp 879Then note that alias4 would 880.Em not 881be added since the search would stop with the missing alias3 entry. 882.Pp 883.\" 884.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 885.Pq Vt str 886New name for 887.Dq interface . 888It is possible to rename interface by doing: 889.Bd -literal 890ifconfig_ed0_name="net0" 891ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 892.Ed 893.It Va network_interfaces 894.Pq Vt str 895The list of network interfaces to configure on this host, 896or 897.Dq Li auto 898to configure all network interfaces 899(default 900.Dq Li auto ) . 901For example, if the only network devices to be configured are the loopback device 902.Pq Li lo0 903and a NIC using the 904.Xr ed 4 905driver, this could be set to 906.Dq Li "lo0 ed0" . 907An 908.Va ifconfig_ Ns Aq Ar interface 909variable is assumed to exist for each value of 910.Ar interface . 911.It Va ipv6_network_interfaces 912.Pq Vt str 913This is the IPv6 equivalent of 914.Va network_interfaces . 915Instead of setting the ifconfig variables as 916.Va ifconfig_ Ns Aq Ar interface 917they should be set as 918.Va ipv6_ifconfig_ Ns Aq Ar interface . 919Aliases should be set as 920.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 921Interfaces that do not have a 922.Va ipv6_ifconfig_ Ns Aq Ar interface 923setting will be auto configured by 924.Xr rtsol 8 925if the 926.Va ipv6_gateway_enable 927is set to 928.Dq Li NO . 929Note that the IPv6 networking code does not support the 930.Pa /etc/start_if. Ns Aq Ar interface 931files. 932.It Va ipv6_prefix_ Ns Aq Ar interface 933.Pq Vt str 934Assign prefix to 935.Ar interface , 936prefixlen 64 is used. 937.It Va ipv6_default_interface 938.Pq Vt str 939If not set to 940.Dq Li NO , 941this is the default output interface for scoped addresses. 942Now this works only for IPv6 link local multicast addresses. 943.It Va cloned_interfaces 944.Pq Vt str 945Set to the list of clonable network interfaces to create on this host. 946Entries in 947.Va cloned_interfaces 948are automatically appended to 949.Va network_interfaces 950for configuration. 951.It Va gif_interfaces 952.Pq Vt str 953Set to the list of 954.Xr gif 4 955tunnel interfaces to configure on this host. 956A 957.Va gifconfig_ Ns Aq Ar interface 958variable is assumed to exist for each value of 959.Ar interface . 960The value of this variable is used to configure the link layer of the 961tunnel according to the syntax of the 962.Cm tunnel 963option to 964.Xr ifconfig 8 . 965Additionally, this option ensures that each listed interface is created via the 966.Cm create 967option to 968.Xr ifconfig 8 969before attempting to configure it. 970.It Va sppp_interfaces 971.Pq Vt str 972Set to the list of 973.Xr sppp 4 974interfaces to configure on this host. 975A 976.Va spppconfig_ Ns Aq Ar interface 977variable is assumed to exist for each value of 978.Ar interface . 979Each interface should also be configured by a general 980.Va ifconfig_ Ns Aq Ar interface 981setting. 982Refer to 983.Xr spppcontrol 8 984for more information about available options. 985.It Va ppp_enable 986.Pq Vt bool 987If set to 988.Dq Li YES , 989run the 990.Xr ppp 8 991daemon. 992.It Va ppp_mode 993.Pq Vt str 994Mode in which to run the 995.Xr ppp 8 996daemon. 997Accepted modes are 998.Dq Li auto , 999.Dq Li ddial , 1000.Dq Li direct 1001and 1002.Dq Li dedicated . 1003See the manual for a full description. 1004.It Va ppp_nat 1005.Pq Vt bool 1006If set to 1007.Dq Li YES , 1008enables network address translation. 1009Used in conjunction with 1010.Va gateway_enable 1011allows hosts on private network addresses access to the Internet using 1012this host as a network address translating router. 1013.It Va ppp_profile 1014.Pq Vt str 1015The name of the profile to use from 1016.Pa /etc/ppp/ppp.conf . 1017.It Va ppp_user 1018.Pq Vt str 1019The name of the user under which 1020.Xr ppp 8 1021should be started. 1022By default, 1023.Xr ppp 8 1024is started as 1025.Dq Li root . 1026.It Va rc_conf_files 1027.Pq Vt str 1028This option is used to specify a list of files that will override 1029the settings in 1030.Pa /etc/defaults/rc.conf . 1031The files will be read in the order in which they are specified and should 1032include the full path to the file. 1033By default, the files specified are 1034.Pa /etc/rc.conf 1035and 1036.Pa /etc/rc.conf.local 1037.It Va fsck_y_enable 1038.Pq Vt bool 1039If set to 1040.Dq Li YES , 1041.Xr fsck 8 1042will be run with the 1043.Fl y 1044flag if the initial preen of the file systems fails. 1045.It Va netfs_types 1046.Pq Vt str 1047List of file system types that are network-based. 1048This list should generally not be modified by end users. 1049Use 1050.Va extra_netfs_types 1051instead. 1052.It Va extra_netfs_types 1053.Pq Vt str 1054If set to something other than 1055.Dq Li NO 1056(the default), this variable extends the list of file system types 1057for which automatic mounting at startup by 1058.Xr rc 8 1059should be delayed until the network is initialized. 1060It should contain 1061a whitespace-separated list of network file system descriptor pairs, 1062each consisting of a file system type as passed to 1063.Xr mount 8 1064and a human-readable, one-word description, joined with a colon 1065.Pq Ql \&: . 1066Extending the default list in this way is only necessary 1067when third party file system types are used. 1068.It Va syslogd_enable 1069.Pq Vt bool 1070If set to 1071.Dq Li YES , 1072run the 1073.Xr syslogd 8 1074daemon. 1075.It Va syslogd_program 1076.Pq Vt str 1077Path to 1078.Xr syslogd 8 1079(default 1080.Pa /usr/sbin/syslogd ) . 1081.It Va syslogd_flags 1082.Pq Vt str 1083If 1084.Va syslogd_enable 1085is set to 1086.Dq Li YES , 1087these are the flags to pass to 1088.Xr syslogd 8 . 1089.It Va inetd_enable 1090.Pq Vt bool 1091If set to 1092.Dq Li YES , 1093run the 1094.Xr inetd 8 1095daemon. 1096.It Va inetd_program 1097.Pq Vt str 1098Path to 1099.Xr inetd 8 1100(default 1101.Pa /usr/sbin/inetd ) . 1102.It Va inetd_flags 1103.Pq Vt str 1104If 1105.Va inetd_enable 1106is set to 1107.Dq Li YES , 1108these are the flags to pass to 1109.Xr inetd 8 . 1110.It Va named_enable 1111.Pq Vt bool 1112If set to 1113.Dq Li YES , 1114run the 1115.Xr named 8 1116daemon. 1117.It Va named_program 1118.Pq Vt str 1119Path to 1120.Xr named 8 1121(default 1122.Pa /usr/sbin/named ) . 1123.It Va named_flags 1124.Pq Vt str 1125If 1126.Va named_enable 1127is set to 1128.Dq Li YES , 1129these are the flags to pass to 1130.Xr named 8 . 1131.It Va named_pidfile 1132.Pq Vt str 1133This is the default path to the 1134.Xr named 8 1135daemon's PID file. 1136Change it if you change the location in 1137.Pa /etc/namedb/named.conf . 1138.It Va named_chrootdir 1139.Pq Vt str 1140The root directory for a name server run in a 1141.Xr chroot 8 1142environment. 1143If left empty 1144.Xr named 8 1145will not be run in a 1146.Xr chroot 8 1147environment. 1148.It Va rwhod_enable 1149.Pq Vt bool 1150If set to 1151.Dq Li YES , 1152run the 1153.Xr rwhod 8 1154daemon at boot time. 1155.It Va rwhod_flags 1156.Pq Vt str 1157If 1158.Va rwhod_enable 1159is set to 1160.Dq Li YES , 1161these are the flags to pass to it. 1162.It Va amd_enable 1163.Pq Vt bool 1164If set to 1165.Dq Li YES , 1166run the 1167.Xr amd 8 1168daemon at boot time. 1169.It Va amd_flags 1170.Pq Vt str 1171If 1172.Va amd_enable 1173is set to 1174.Dq Li YES , 1175these are the flags to pass to it. 1176See the 1177.Xr amd 8 1178manpage for more information. 1179.It Va amd_map_program 1180.Pq Vt str 1181If set, the specified program is run to get the list of 1182.Xr amd 8 1183maps. 1184For example, if the 1185.Xr amd 8 1186maps are stored in NIS, one can set this to run 1187.Xr ypcat 1 1188to get a list of 1189.Xr amd 8 1190maps from the 1191.Pa amd.master 1192NIS map. 1193.It Va update_motd 1194.Pq Vt bool 1195If set to 1196.Dq Li YES , 1197.Pa /etc/motd 1198will be updated at boot time to reflect the kernel release being run. 1199If set to 1200.Dq Li NO , 1201.Pa /etc/motd 1202will not be updated. 1203.It Va nfs_client_enable 1204.Pq Vt bool 1205If set to 1206.Dq Li YES , 1207setup NFS client parameters at boot time. 1208.It Va nfs_access_cache 1209.Pq Vt int 1210If 1211.Va nfs_client_enable 1212is set to 1213.Dq Li YES , 1214this can be set to 1215.Dq Li 0 1216to disable NFS ACCESS RPC caching, or to the number of seconds for which 1217NFS ACCESS results should be cached. 1218A value of 2-10 seconds will substantially reduce network traffic for 1219many NFS operations. 1220The default is 5 seconds. 1221Note that the attribute cache holds stat information only. 1222The NFS data cache is independent of the attribute cache and is only 1223invalidated when the client detects that the server has modified the 1224underlying file. 1225This value specifies a maximum timeout. 1226The NFS client will automatically use a shorter timeout for files which 1227have been recently modified. 1228.It Va nfs_neg_cache 1229.Pq Vt int 1230If 1231.Va nfs_client_enable 1232is set to 1233.Dq Li YES , 1234this can be set to 1235.Dq Li 0 1236to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1237filenames), or to the number of seconds for which negative lookups should 1238be cached. 1239A value of 2-10 seconds will substantially reduce network 1240traffic for many NFS operations, especially source code builds. 1241The default is 3 seconds. 1242.It Va nfs_server_enable 1243.Pq Vt bool 1244If set to 1245.Dq Li YES , 1246run the NFS server daemons at boot time. 1247.It Va nfs_server_flags 1248.Pq Vt str 1249If 1250.Va nfs_server_enable 1251is set to 1252.Dq Li YES , 1253these are the flags to pass to the 1254.Xr nfsd 8 1255daemon. 1256.It Va mountd_enable 1257.Pq Vt bool 1258If set to 1259.Dq Li YES , 1260and no 1261.Va nfs_server_enable 1262is set, start 1263.Xr mountd 8 , 1264but not 1265.Xr nfsd 8 1266daemon. 1267It is commonly needed to run CFS without real NFS used. 1268.It Va mountd_flags 1269.Pq Vt str 1270If 1271.Va mountd_enable 1272is set to 1273.Dq Li YES , 1274these are the flags to pass to the 1275.Xr mountd 8 1276daemon. 1277.It Va weak_mountd_authentication 1278.Pq Vt bool 1279If set to 1280.Dq Li YES , 1281allow services like PCNFSD to make non-privileged mount requests. 1282.It Va nfs_reserved_port_only 1283.Pq Vt bool 1284If set to 1285.Dq Li YES , 1286provide NFS services only on a secure port. 1287.It Va nfs_bufpackets 1288.Pq Vt int 1289If set to a number, indicates the number of packets worth of 1290socket buffer space to reserve on an NFS client. 1291The kernel default is typically 4. 1292Using a higher number may be useful on gigabit networks to improve performance. 1293The minimum value is 2 and the maximum is 64. 1294.It Va rpc_umntall_enable 1295.Pq Vt bool 1296If set to 1297.Dq Li YES 1298(default) and we are also an NFS client, run 1299.Xr rpc.umntall 8 1300at boot time to clear out old mounts on remote servers. 1301If set to 1302.Dq Li NO 1303then 1304.Xr rpc.umntall 8 1305will not be run at boot time. 1306.It Va rpc_lockd_enable 1307.Pq Vt bool 1308If set to 1309.Dq Li YES 1310and also an NFS server, run 1311.Xr rpc.lockd 8 1312at boot time. 1313.It Va rpc_lockd_flags 1314.Pq Vt str 1315If 1316.Va rpc_lockd_enable 1317is set to 1318.Dq Li YES , 1319these are the flags to pass to 1320.Xr rpc.lockd 8 . 1321.It Va rpc_statd_enable 1322.Pq Vt bool 1323If set to 1324.Dq Li YES 1325and also an NFS server, run 1326.Xr rpc.statd 8 1327at boot time. 1328.It Va rpc_statd_flags 1329.Pq Vt str 1330If 1331.Va rpc_statd_enable 1332is set to 1333.Dq Li YES , 1334these are the flags to pass to 1335.Xr rpc.statd 8 . 1336.It Va rpcbind_program 1337.Pq Vt str 1338Path to program for rpcbind daemon 1339(default 1340.Pa /usr/sbin/rpcbind ) . 1341.It Va rpcbind_enable 1342.Pq Vt bool 1343If set to 1344.Dq Li YES , 1345run 1346.Va rpcbind_program 1347at boot time. 1348.It Va rpcbind_flags 1349.Pq Vt str 1350If 1351.Va rpcbind_enable 1352is set to 1353.Dq Li YES , 1354these are the flags to pass to 1355.Va rpcbind_program . 1356.It Va keyserv_enable 1357.Pq Vt bool 1358If set to 1359.Dq Li YES , 1360run the 1361.Xr keyserv 8 1362daemon on boot for running Secure RPC. 1363.It Va keyserv_flags 1364.Pq Vt str 1365If 1366.Va keyserv_enable 1367is set to 1368.Dq Li YES , 1369these are the flags to pass to 1370.Xr keyserv 8 1371daemon. 1372.It Va pppoed_enable 1373.Pq Vt bool 1374If set to 1375.Dq Li YES , 1376run the 1377.Xr pppoed 8 1378daemon at boot time to provide PPP over Ethernet services. 1379.It Va pppoed_provider 1380.Pq Vt str 1381.Xr pppoed 8 1382listens to requests to this provider and ultimately runs 1383.Xr ppp 8 1384with a 1385.Ar system 1386argument of the same name. 1387.It Va pppoed_flags 1388.Pq Vt str 1389Additional flags to pass to 1390.Xr pppoed 8 . 1391.It Va pppoed_interface 1392.Pq Vt str 1393The network interface to run 1394.Xr pppoed 8 1395on. 1396This is mandatory when 1397.Va pppoed_enable 1398is set to 1399.Dq Li YES . 1400.It Va timed_enable 1401.Pq Vt bool 1402If set to 1403.Dq Li YES , 1404run the 1405.Xr timed 8 1406service at boot time. 1407This command is intended for networks of machines where a consistent 1408.Dq "network time" 1409for all hosts must be established. 1410This is often useful in large NFS environments where time stamps on 1411files are expected to be consistent network-wide. 1412.It Va timed_flags 1413.Pq Vt str 1414If 1415.Va timed_enable 1416is set to 1417.Dq Li YES , 1418these are the flags to pass to the 1419.Xr timed 8 1420service. 1421.It Va dntpd_enable 1422.Pq Vt bool 1423If set to 1424.Dq Li YES , 1425run 1426.Xr dntpd 8 1427at system boot time. 1428.It Va dntpd_program 1429.Pq Vt str 1430Path to 1431.Xr dntpd 8 1432(default 1433.Pa /usr/sbin/dntpd ) . 1434.It Va dntpd_flags 1435.Pq Vt str 1436If 1437.Va dntpd_enable 1438is set to 1439.Dq Li YES , 1440these are the flags to pass to the 1441.Xr dntpd 8 1442daemon. 1443.It Va btconfig_enable 1444.Pq Vt bool 1445If set to 1446.Dq Li YES , 1447configure Bluetooth devices via 1448.Xr btconfig 8 1449at system boot time. 1450.It Va btconfig_devices 1451.Pq Vt str 1452If 1453.Va btconfig_enable 1454is set to 1455.Dq Li YES , 1456this is the list of Bluetooth devices to configure. 1457If 1458.Va btconfig_devices 1459is not specified, all devices known to the system will be configured. 1460A 1461.Va btconfig_ Ns Aq Ar device 1462variable can be set to specify parameters to be passed to 1463.Ar device . 1464.It Va btconfig_args 1465.Pq Vt str 1466If 1467.Va btconfig_enable 1468is set to 1469.Dq Li YES , 1470this is the list of configuration parameters to pass to all Bluetooth 1471devices. 1472.It Va sdpd_enable 1473.Pq Vt bool 1474If set to 1475.Dq Li YES , 1476run the Service Discovery Profile daemon 1477.Xr ( sdpd 8 ) 1478at system boot time. 1479.It Va sdpd_flags 1480.Pq Vt str 1481If 1482.Va sdpd_enable 1483is set to 1484.Dq Li YES , 1485these are the flags to pass to the 1486.Xr sdpd 8 1487daemon. 1488.It Va bthcid_enable 1489.Pq Vt bool 1490If set to 1491.Dq Li YES , 1492run the Bluetooth Link Key/PIN Code Manager daemon 1493.Xr ( bthcid 8 ) 1494at system boot time. 1495.It Va bthcid_flags 1496.Pq Vt str 1497If 1498.Va bthcid_enable 1499is set to 1500.Dq Li YES , 1501these are the flags to pass to the 1502.Xr bthcid 8 1503daemon. 1504.It Va nis_client_enable 1505.Pq Vt bool 1506If set to 1507.Dq Li YES , 1508run the 1509.Xr ypbind 8 1510service at system boot time. 1511.It Va nis_client_flags 1512.Pq Vt str 1513If 1514.Va nis_client_enable 1515is set to 1516.Dq Li YES , 1517these are the flags to pass to the 1518.Xr ypbind 8 1519service. 1520.It Va nis_ypset_enable 1521.Pq Vt bool 1522If set to 1523.Dq Li YES , 1524run the 1525.Xr ypset 8 1526daemon at system boot time. 1527.It Va nis_ypset_flags 1528.Pq Vt str 1529If 1530.Va nis_ypset_enable 1531is set to 1532.Dq Li YES , 1533these are the flags to pass to the 1534.Xr ypset 8 1535daemon. 1536.It Va nis_server_enable 1537.Pq Vt bool 1538If set to 1539.Dq Li YES , 1540run the 1541.Xr ypserv 8 1542daemon at system boot time. 1543.It Va nis_server_flags 1544.Pq Vt str 1545If 1546.Va nis_server_enable 1547is set to 1548.Dq Li YES , 1549these are the flags to pass to the 1550.Xr ypserv 8 1551daemon. 1552.It Va nis_ypxfrd_enable 1553.Pq Vt bool 1554If set to 1555.Dq Li YES , 1556run the 1557.Xr rpc.ypxfrd 8 1558daemon at system boot time. 1559.It Va nis_ypxfrd_flags 1560.Pq Vt str 1561If 1562.Va nis_ypxfrd_enable 1563is set to 1564.Dq Li YES , 1565these are the flags to pass to the 1566.Xr rpc.ypxfrd 8 1567daemon. 1568.It Va nis_yppasswdd_enable 1569.Pq Vt bool 1570If set to 1571.Dq Li YES , 1572run the 1573.Xr rpc.yppasswdd 8 1574daemon at system boot time. 1575.It Va nis_yppasswdd_flags 1576.Pq Vt str 1577If 1578.Va nis_yppasswdd_enable 1579is set to 1580.Dq Li YES , 1581these are the flags to pass to the 1582.Xr rpc.yppasswdd 8 1583daemon. 1584.It Va rpc_ypupdated_enable 1585.Pq Vt bool 1586If set to 1587.Dq Li YES , 1588run the 1589.Nm rpc.ypupdated 1590daemon at system boot time. 1591.It Va defaultrouter 1592.Pq Vt str 1593If not set to 1594.Dq Li NO , 1595create a default route to this host name or IP address 1596(use an IP address if this router is also required to get to the 1597name server!). 1598.It Va ipv6_defaultrouter 1599.Pq Vt str 1600The IPv6 equivalent of 1601.Va defaultrouter . 1602.It Va static_routes 1603.Pq Vt str 1604Set to the list of static routes that are to be added at system boot time. 1605If not set to 1606.Dq Li NO 1607then for each whitespace separated 1608.Ar element 1609in the value, a 1610.Va route_ Ns Aq Ar element 1611variable is assumed to exist whose contents will later be passed to a 1612.Dq Nm route Cm add 1613operation. 1614.It Va ipv6_static_routes 1615.Pq Vt str 1616The IPv6 equivalent of 1617.Va static_routes . 1618If not set to 1619.Dq Li NO 1620then for each whitespace separated 1621.Ar element 1622in the value, a 1623.Va ipv6_route_ Ns Aq Ar element 1624variable is assumed to exist whose contents will later be passed to a 1625.Dq Nm route Cm add Fl inet6 1626operation. 1627.It Va gateway_enable 1628.Pq Vt bool 1629If set to 1630.Dq Li YES , 1631configure host to act as an IP router, e.g. to forward packets 1632between interfaces. 1633.It Va ipv6_gateway_enable 1634.Pq Vt bool 1635The IPv6 equivalent of 1636.Va gateway_enable . 1637.It Va router_enable 1638.Pq Vt bool 1639If set to 1640.Dq Li YES , 1641run a routing daemon of some sort, based on the settings of 1642.Va router_program 1643and 1644.Va router_flags . 1645.It Va ipv6_router_enable 1646.Pq Vt bool 1647The IPv6 equivalent of 1648.Va router_enable . 1649If set to 1650.Dq Li YES , 1651run a routing daemon of some sort, based on the settings of 1652.Va ipv6_router_program 1653and 1654.Va ipv6_router_flags . 1655.It Va router_program 1656.Pq Vt str 1657If 1658.Va router_enable 1659is set to 1660.Dq Li YES , 1661this is the name of the routing daemon to use 1662(default 1663.Pa /sbin/routed ) . 1664.It Va ipv6_router_program 1665.Pq Vt str 1666The IPv6 equivalent of 1667.Va router_program 1668(default 1669.Pa /sbin/route6d ) . 1670.It Va router_flags 1671.Pq Vt str 1672If 1673.Va router_enable 1674is set to 1675.Dq Li YES , 1676these are the flags to pass to the routing daemon. 1677.It Va ipv6_router_flags 1678.Pq Vt str 1679The IPv6 equivalent of 1680.Va router_flags . 1681.It Va mrouted_enable 1682.Pq Vt bool 1683If set to 1684.Dq Li YES , 1685run the multicast routing daemon, 1686.Xr mrouted 8 . 1687.It Va mroute6d_enable 1688.Pq Vt bool 1689The IPv6 equivalent of 1690.Va mrouted_enable . 1691If set to 1692.Dq Li YES , 1693run the IPv6 multicast routing daemon. 1694Note that no IPv6 multicast routing daemon is included in the 1695.Dx 1696base system but 1697.Xr pim6dd 8 1698can be installed from the 1699.Xr pkgsrc 7 1700collection. 1701.It Va mrouted_flags 1702.Pq Vt str 1703If 1704.Va mrouted_enable 1705is set to 1706.Dq Li YES , 1707these are the flags to pass to the 1708.Xr mrouted 8 1709daemon. 1710.It Va mroute6d_flags 1711.Pq Vt str 1712The IPv6 equivalent of 1713.Va mrouted_flags . 1714If 1715.Va mroute6d_enable 1716is set to 1717.Dq Li YES , 1718these are the flags passed to the IPv6 multicast routing daemon. 1719.It Va mroute6d_program 1720.Pq Vt str 1721If 1722.Va mroute6d_enable 1723is set to 1724.Dq Li YES , 1725this is the path to the IPv6 multicast routing daemon. 1726.It Va rtadvd_enable 1727.Pq Vt bool 1728If set to 1729.Dq Li YES , 1730run the 1731.Xr rtadvd 8 1732daemon at boot time. 1733.Xr rtadvd 8 1734will only run if 1735.Va ipv6_gateway_enable 1736is also set to 1737.Dq Li YES . 1738The 1739.Xr rtadvd 8 1740utility sends router advertisement packets to the interfaces specified in 1741.Va rtadvd_interfaces . 1742.Xr rtadvd 8 1743and should only be enabled with great care. 1744You may want to fine-tune 1745.Xr rtadvd.conf 5 . 1746.It Va rtadvd_interfaces 1747.Pq Vt str 1748If 1749.Va rtadvd_enable 1750is set to 1751.Dq Li YES 1752this is the list of interfaces to use. 1753.It Va rtsold_enable 1754.Pq Vt bool 1755If set to 1756.Dq Li YES , 1757run the 1758.Xr rtsold 8 1759daemon at boot time. 1760The 1761.Xr rtsold 8 1762daemon is used for automatic discovery of non-link local addresses. 1763.It Va rtsold_flags 1764.Pq Vt str 1765If 1766.Va rtsold_enable 1767is set to 1768.Dq Li YES , 1769these are the flags to pass to the 1770.Xr rtsold 8 1771daemon. 1772.It Va ipxgateway_enable 1773.Pq Vt bool 1774If set to 1775.Dq Li YES , 1776enable the routing of IPX traffic. 1777.It Va ipxrouted_enable 1778.Pq Vt bool 1779If set to 1780.Dq Li YES , 1781run the 1782.Xr IPXrouted 8 1783daemon at system boot time. 1784.It Va ipxrouted_flags 1785.Pq Vt str 1786If 1787.Va ipxrouted_enable 1788is set to 1789.Dq Li YES , 1790these are the flags to pass to the 1791.Xr IPXrouted 8 1792daemon. 1793.It Va arpproxy_all 1794.Pq Vt bool 1795If set to 1796.Dq Li YES , 1797enable global proxy ARP. 1798.It Va forward_sourceroute 1799.Pq Vt bool 1800If set to 1801.Dq Li YES 1802and 1803.Va gateway_enable 1804is also set to 1805.Dq Li YES , 1806source-routed packets are forwarded. 1807.It Va accept_sourceroute 1808.Pq Vt bool 1809If set to 1810.Dq Li YES , 1811the system will accept source-routed packets directed at it. 1812.It Va rarpd_enable 1813.Pq Vt bool 1814If set to 1815.Dq Li YES , 1816run the 1817.Xr rarpd 8 1818daemon at system boot time. 1819.It Va rarpd_flags 1820.Pq Vt str 1821If 1822.Va rarpd_enable 1823is set to 1824.Dq Li YES , 1825these are the flags to pass to the 1826.Xr rarpd 8 1827daemon. 1828.It Va bootparamd_enable 1829.Pq Vt bool 1830If set to 1831.Dq Li YES , 1832run the 1833.Xr bootparamd 8 1834daemon at system boot time. 1835.It Va bootparamd_flags 1836.Pq Vt str 1837If 1838.Va bootparamd_enable 1839is set to 1840.Dq Li YES , 1841these are the flags to pass to the 1842.Xr bootparamd 8 1843daemon. 1844.It Va stf_interface_ipv4addr 1845.Pq Vt str 1846If not set to 1847.Dq Li NO , 1848this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1849Specify this entry to enable the 6to4 interface. 1850.It Va stf_interface_ipv4plen 1851.Pq Vt int 1852Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1853An effective value is 0-31. 1854.It Va stf_interface_ipv6_ifid 1855.Pq Vt str 1856IPv6 interface ID for 1857.Xr stf 4 . 1858This can be set to 1859.Dq Li AUTO . 1860.It Va stf_interface_ipv6_slaid 1861.Pq Vt str 1862IPv6 Site Level Aggregator for 1863.Xr stf 4 . 1864.It Va ipv6_faith_prefix 1865.Pq Vt str 1866If not set to 1867.Dq Li NO , 1868this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP translator. 1869You also need 1870.Xr faithd 8 1871setup. 1872.It Va ipv6_ipv4mapping 1873.Pq Vt bool 1874If set to 1875.Dq Li YES 1876this enables IPv4 mapped IPv6 address communication (like 1877.Li ::ffff:a.b.c.d ) . 1878.It Va atm_enable 1879.Pq Vt bool 1880Set to 1881.Dq Li YES 1882to enable the configuration of ATM interfaces at system boot time. 1883For all of the ATM variables described below, please refer to the 1884.Xr atm 8 1885man page for further details on the available command parameters. 1886Also refer to the files in 1887.Pa /usr/share/examples/atm 1888for more detailed configuration information. 1889.It Va atm_netif_ Ns Aq Ar intf 1890.Pq Vt str 1891For the ATM physical interface 1892.Ar intf , 1893this variable defines the name prefix and count for the ATM network 1894interfaces to be created. 1895The value will be passed as the parameters of an 1896.Dq Nm atm Cm "set netif" Ar intf 1897command. 1898.It Va atm_sigmgr_ Ns Aq Ar intf 1899.Pq Vt str 1900For the ATM physical interface 1901.Ar intf , 1902this variable defines the ATM signalling manager to be used. 1903The value will be passed as the parameters of an 1904.Dq Nm atm Cm attach Ar intf 1905command. 1906.It Va atm_prefix_ Ns Aq Ar intf 1907.Pq Vt str 1908For the ATM physical interface 1909.Ar intf , 1910this variable defines the NSAP prefix for interfaces using a UNI signalling 1911manager. 1912If set to 1913.Dq Li ILMI , 1914the prefix will automatically be set via the 1915.Xr ilmid 8 1916daemon. 1917Otherwise, the value will be passed as the parameters of an 1918.Dq Nm atm Cm "set prefix" Ar intf 1919command. 1920.It Va atm_macaddr_ Ns Aq Ar intf 1921.Pq Vt str 1922For the ATM physical interface 1923.Ar intf , 1924this variable defines the MAC address for interfaces using a UNI signalling 1925manager. 1926If set to 1927.Dq Li NO , 1928the hardware MAC address contained in the ATM interface card will be used. 1929Otherwise, the value will be passed as the parameters of an 1930.Dq Nm atm Cm "set mac" Ar intf 1931command. 1932.It Va atm_arpserver_ Ns Aq Ar netif 1933.Pq Vt str 1934For the ATM network interface 1935.Ar netif , 1936this variable defines the ATM address for a host which is to provide ATMARP 1937service. 1938This variable is only applicable to interfaces using a UNI signalling manager. 1939If set to 1940.Dq Li local , 1941this host will become an ATMARP server. 1942The value will be passed as the parameters of an 1943.Dq Nm atm Cm "set arpserver" Ar netif 1944command. 1945.It Va atm_scsparp_ Ns Aq Ar netif 1946.Pq Vt bool 1947If set to 1948.Dq Li YES , 1949SCSP/ATMARP service for the network interface 1950.Ar netif 1951will be initiated using the 1952.Xr scspd 8 1953and 1954.Xr atmarpd 8 1955daemons. 1956This variable is only applicable if 1957.Va atm_arpserver_ Ns Aq Ar netif 1958is set to 1959.Dq Li local . 1960.It Va atm_arps 1961.Pq Vt str 1962Set to the list of permanent ATM ARP entries to be added at system boot time. 1963For each whitespace separated 1964.Ar element 1965in the value, an 1966.Va atm_arp_ Ns Aq Ar element 1967variable is assumed to exist. 1968The value of each of these variables will be passed as the parameters of an 1969.Dq Nm atm Cm "add arp" 1970command. 1971.It Va keybell 1972.Pq Vt str 1973The keyboard bell sound. 1974Set to 1975.Dq Li normal , 1976.Dq Li visual , 1977.Dq Li off , 1978or 1979.Dq Li NO 1980if the default behavior is desired. 1981For details, refer to the 1982.Xr kbdcontrol 1 1983manpage. 1984.It Va keymap 1985.Pq Vt str 1986If set to 1987.Dq Li NO , 1988no keymap is installed, otherwise the value is used to install 1989the keymap file in 1990.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1991.It Va keyrate 1992.Pq Vt str 1993The keyboard repeat speed. 1994Set to 1995.Dq Li slow , 1996.Dq Li normal , 1997.Dq Li fast , 1998or 1999.Dq Li NO 2000if the default behavior is desired. 2001.It Va keychange 2002.Pq Vt str 2003If not set to 2004.Dq Li NO , 2005attempt to program the function keys with the value. 2006The value should be a single string of the form: 2007.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2008.It Va cursor 2009.Pq Vt str 2010Can be set to the value of 2011.Dq Li normal , 2012.Dq Li blink , 2013.Dq Li destructive , 2014or 2015.Dq Li NO 2016to set the cursor behavior explicitly or choose the default behavior. 2017.It Va scrnmap 2018.Pq Vt str 2019If set to 2020.Dq Li NO , 2021no screen map is installed, otherwise the value is used to install 2022the screen map file in 2023.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2024.It Va font8x16 2025.Pq Vt str 2026If set to 2027.Dq Li NO , 2028the default 8x16 font value is used for screen size requests, otherwise 2029the value in 2030.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2031is used. 2032.It Va font8x14 2033.Pq Vt str 2034If set to 2035.Dq Li NO , 2036the default 8x14 font value is used for screen size requests, otherwise 2037the value in 2038.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2039is used. 2040.It Va font8x8 2041.Pq Vt str 2042If set to 2043.Dq Li NO , 2044the default 8x8 font value is used for screen size requests, otherwise 2045the value in 2046.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2047is used. 2048.It Va blanktime 2049.Pq Vt int 2050If set to 2051.Dq Li NO , 2052the default screen blanking interval is used, otherwise it is set to 2053.Ar value 2054seconds. 2055.It Va saver 2056.Pq Vt str 2057If not set to 2058.Dq Li NO , 2059this is the actual screen saver to use 2060.Li ( blank , snake , daemon , 2061etc). 2062.It Va moused_enable 2063.Pq Vt str 2064If set to 2065.Dq Li YES , 2066the 2067.Xr moused 8 2068daemon is started for doing cut/paste selection on the console. 2069.It Va moused_type 2070.Pq Vt str 2071This is the protocol type of the mouse connected to this host. 2072This variable must be set if 2073.Va moused_enable 2074is set to 2075.Dq Li YES . 2076The 2077.Xr moused 8 2078daemon 2079is able to detect the appropriate mouse type automatically in many cases. 2080Set this variable to 2081.Dq Li auto 2082to let the daemon detect it, or 2083select one from the following list if the automatic detection fails. 2084.Pp 2085If the mouse is attached to the PS/2 mouse port, choose 2086.Dq Li auto 2087or 2088.Dq Li ps/2 , 2089regardless of the brand and model of the mouse. 2090Likewise, if the mouse is attached to the bus mouse port, choose 2091.Dq Li auto 2092or 2093.Dq Li busmouse . 2094All other protocols are for serial mice and will not work with 2095the PS/2 and bus mice. 2096If this is a USB mouse, 2097.Dq Li auto 2098is the only protocol type which will work. 2099.Pp 2100.Bl -tag -width ".Li x10mouseremote" -compact 2101.It Li microsoft 2102Microsoft mouse (serial) 2103.It Li intellimouse 2104Microsoft IntelliMouse (serial) 2105.It Li mousesystems 2106Mouse systems Corp. mouse (serial) 2107.It Li mmseries 2108MM Series mouse (serial) 2109.It Li logitech 2110Logitech mouse (serial) 2111.It Li busmouse 2112A bus mouse 2113.It Li mouseman 2114Logitech MouseMan and TrackMan (serial) 2115.It Li glidepoint 2116ALPS GlidePoint (serial) 2117.It Li thinkingmouse 2118Kensington ThinkingMouse (serial) 2119.It Li ps/2 2120PS/2 mouse 2121.It Li mmhittab 2122MM HitTablet (serial) 2123.It Li x10mouseremote 2124X10 MouseRemote (serial) 2125.It Li versapad 2126Interlink VersaPad (serial) 2127.El 2128.Pp 2129Even if the mouse is not in the above list, it may be compatible 2130with one in the list. 2131Refer to the man page for 2132.Xr moused 8 2133for compatibility information. 2134.Pp 2135It should also be noted that while this is enabled, any 2136other client of the mouse (such as an X server) should access 2137the mouse through the virtual mouse device, 2138.Pa /dev/sysmouse , 2139and configure it as a 2140.Dq Li sysmouse 2141type mouse, since all 2142mouse data is converted to this single canonical format when using 2143.Xr moused 8 . 2144If the client program does not support the 2145.Dq Li sysmouse 2146type, specify the 2147.Dq Li mousesystems 2148type. 2149It is the second preferred type. 2150.It Va moused_port 2151.Pq Vt str 2152If 2153.Va moused_enable 2154is set to 2155.Dq Li YES , 2156this is the actual port the mouse is on. 2157It might be 2158.Pa /dev/cuaa0 2159for a COM1 serial mouse, 2160.Pa /dev/psm0 2161for a PS/2 mouse or 2162.Pa /dev/mse0 2163for a bus mouse, for example. 2164.It Va moused_flags 2165.Pq Vt str 2166If 2167.Va moused_type 2168is set, these are the additional flags to pass to the 2169.Xr moused 8 2170daemon. 2171.It Va mousechar_start 2172.Pq Vt int 2173If set to 2174.Dq Li NO , 2175the default mouse cursor character range 2176.Li 0xd0 Ns - Ns Li 0xd3 2177is used, otherwise the range start is set to 2178.Ar value 2179character, see 2180.Xr vidcontrol 1 . 2181Use if the default range is occupied in the language code table. 2182.It Va vidhistory 2183.Pq Vt int 2184Set the size of the history (scrollback) buffer in lines. 2185.It Va allscreens_flags 2186.Pq Vt str 2187If set, 2188.Xr vidcontrol 1 2189is run with these options for each of the virtual terminals 2190.Pq Pa /dev/ttyv* . 2191For example, 2192.Dq Fl m Cm on 2193will enable the mouse pointer on all virtual terminals if 2194.Va moused_enable 2195is set to 2196.Dq Li YES . 2197.It Va allscreens_kbdflags 2198.Pq Vt str 2199If set, 2200.Xr kbdcontrol 1 2201is run with these options for each of the virtual terminals 2202.Pq Pa /dev/ttyv* . 2203For example, 2204.Dq Fl h Li 200 2205will set the 2206.Xr syscons 4 2207scrollback (history) buffer to 200 lines. 2208.It Va cron_enable 2209.Pq Vt bool 2210If set to 2211.Dq Li YES , 2212run the 2213.Xr cron 8 2214daemon at system boot time. 2215.It Va cron_program 2216.Pq Vt str 2217Path to 2218.Xr cron 8 2219(default 2220.Pa /usr/sbin/cron ) . 2221.It Va cron_flags 2222.Pq Vt str 2223If 2224.Va cron_enable 2225is set to 2226.Dq Li YES , 2227these are the flags to pass to 2228.Xr cron 8 . 2229.It Va lpd_program 2230.Pq Vt str 2231Path to 2232.Xr lpd 8 2233(default 2234.Pa /usr/sbin/lpd ) . 2235.It Va lpd_enable 2236.Pq Vt bool 2237If set to 2238.Dq Li YES , 2239run the 2240.Xr lpd 8 2241daemon at system boot time. 2242.It Va lpd_flags 2243.Pq Vt str 2244If 2245.Va lpd_enable 2246is set to 2247.Dq Li YES , 2248these are the flags to pass to the 2249.Xr lpd 8 2250daemon. 2251.It Va nscd_enable 2252.Pq Vt bool 2253If set to 2254.Dq Li YES , 2255run the 2256.Xr nscd 8 2257daemon at system boot time. 2258.It Va mixer_enable 2259.Pq Vt bool 2260If set to 2261.Dq Li YES , 2262preserve 2263.Xr mixer 8 2264settings across reboots. 2265.It Va mta_start_script 2266.Pq Vt str 2267The full path to the script to run to start 2268a mail transfer agent. 2269The default is 2270.Pa /etc/rc.sendmail . 2271The 2272.Va sendmail_* 2273variables which 2274.Pa /etc/rc.sendmail 2275uses are documented in the 2276.Xr rc.sendmail 8 2277man page. 2278.It Va fixbootfile 2279.Pq Vt bool 2280In a 2281.Sq HAMMER ROOT with UFS /boot 2282setup, the boot loader will not set up the 2283.Va kern.bootfile 2284sysctl correctly. 2285The system will attempt to fix this on its own. 2286Set this variable to 2287.Dq Li NO 2288to turn this behavior off. 2289.It Va dumpdev 2290.Pq Vt str 2291Indicates the device (usually a swap partition) to which a crash dump 2292should be written in the event of a system crash. 2293The value of this variable is passed as the argument to 2294.Xr dumpon 8 . 2295To disable crash dumps, set this variable to 2296.Dq Li NO . 2297.It Va dumpdir 2298.Pq Vt str 2299When the system reboots after a crash and a crash dump is found on the 2300device specified by the 2301.Va dumpdev 2302variable, 2303.Xr savecore 8 2304will save that crash dump and a copy of the kernel to the directory 2305specified by the 2306.Va dumpdir 2307variable. 2308The default value is 2309.Pa /var/crash . 2310Set to 2311.Dq Li NO 2312to not run 2313.Xr savecore 8 2314at boot time when 2315.Va dumpdir 2316is set. 2317.It Va savecore_flags 2318.Pq Vt str 2319If crash dumps are enabled, these are the flags to pass to the 2320.Xr savecore 8 2321utility. 2322.It Va enable_quotas 2323.Pq Vt bool 2324Set to 2325.Dq Li YES 2326to turn on user disk quotas on system startup via the 2327.Xr quotaon 8 2328command. 2329.It Va check_quotas 2330.Pq Vt bool 2331Set to 2332.Dq Li YES 2333to enable user disk quota checking via the 2334.Xr quotacheck 8 2335command. 2336.It Va accounting_enable 2337.Pq Vt bool 2338Set to 2339.Dq Li YES 2340to enable system accounting through the 2341.Xr accton 8 2342facility. 2343.It Va linux_enable 2344.Pq Vt bool 2345Set to 2346.Dq Li YES 2347to enable Linux/ELF binary emulation at system initial boot time. 2348.It Va sysvipc_enable 2349.Pq Vt bool 2350If set to 2351.Dq Li YES , 2352load System V IPC primitives at boot time. 2353.\" ----- cleanvar_enable setting-------------------------------- 2354.It Va cleanvar_enable 2355.Pq Vt bool 2356Set to 2357.Dq Li YES 2358to have 2359.Pa /var/run , 2360.Pa /var/spool/lock 2361and 2362.Pa /var/spool/uucp/.Temp/* 2363cleaned at startup. 2364.\" ----- clear_tmp_enable setting------------------------------- 2365.It Va clear_tmp_enable 2366.Pq Vt bool 2367Set to 2368.Dq Li YES 2369to have 2370.Pa /tmp 2371cleaned at startup. 2372.\" ----- ldconfig_paths setting -------------------------------- 2373.It Va ldconfig_paths 2374.Pq Vt str 2375Set to the list of shared library paths to use with 2376.Xr ldconfig 8 . 2377NOTE: 2378.Pa /usr/lib 2379will always be added first, so it need not appear in this list. 2380.It Va ldconfig_insecure 2381.Pq Vt bool 2382The 2383.Xr ldconfig 8 2384utility normally refuses to use directories 2385which are writable by anyone except root. 2386Set this variable to 2387.Dq Li YES 2388to disable that security check during system startup. 2389.It Va kern_securelevel 2390.Pq Vt int 2391The kernel security level to set at startup. 2392The allowed range of 2393.Ar value 2394ranges from \-1 (the compile time default) to 3 (the most secure). 2395See 2396.Xr init 8 2397for the list of possible security levels and their effect on system operation. 2398.It Va start_vinum 2399.Pq Vt bool 2400Set to 2401.Dq Li YES 2402to start 2403.Xr vinum 8 2404at system boot time. 2405.It Va sshd_enable 2406.Pq Vt bool 2407Set to 2408.Dq Li YES 2409to start 2410.Xr sshd 8 2411at system boot time. 2412.It Va sshd_program 2413.Pq Vt str 2414Path to the SSH server program 2415(default 2416.Pa /usr/sbin/sshd ) . 2417.It Va sshd_flags 2418.Pq Vt str 2419If 2420.Va sshd_enable 2421is set to 2422.Dq Li YES , 2423these are the flags to pass to the 2424.Xr sshd 8 2425daemon. 2426.It Va ftpd_enable 2427.Pq Vt bool 2428Set to 2429.Dq Li YES 2430to start 2431.Xr ftpd 8 2432at system boot time. 2433.It Va ftpd_flags 2434.Pq Vt str 2435If 2436.Va ftpd_enable 2437is set to 2438.Dq Li YES , 2439these are the flags to pass to the 2440.Xr ftpd 8 2441daemon. 2442.It Va usbd_enable 2443.Pq Vt bool 2444If set to 2445.Dq Li YES , 2446run the 2447.Xr usbd 8 2448daemon at boot time. 2449.It Va usbd_flags 2450.Pq Vt str 2451If 2452.Va usbd_enable 2453is set to 2454.Dq Li YES , 2455these are the flags passed to 2456.Xr usbd 8 2457daemon. 2458.It Va watchdogd_enable 2459.Pq Vt bool 2460If set to 2461.Dq Li YES , 2462start the 2463.Xr watchdogd 8 2464daemon at boot time. 2465This requires that the kernel have been compiled with 2466.Cd "options WATCHDOG" . 2467.It Va jail_enable 2468.Pq Vt bool 2469If set to 2470.Dq Li NO , 2471any configured jails will not be started. 2472.It Va jail_list 2473.Pq Vt str 2474A space separated list of names for jails. 2475This is purely a configuration aid to help identify and 2476configure multiple jails. 2477The names specified in this list will be used to 2478identify settings common to an instance of a jail. 2479Assuming that the jail in question was named 2480.Li vjail , 2481you would have the following dependent variables: 2482.Bd -literal 2483jail_vjail_hostname="jail.example.com" 2484jail_vjail_ip="192.168.1.100" 2485jail_vjail_rootdir="/var/jails/vjail/root" 2486.Ed 2487.Pp 2488.It Va jail_flags 2489.Pq Vt str 2490Unset by default. 2491When set, use as default value for 2492.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2493for every jail in 2494.Va jail_list . 2495.It Va jail_interface 2496.Pq Vt str 2497Unset by default. 2498When set, use as default value for 2499.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2500for every jail in 2501.Va jail_list . 2502.It Va jail_fstab 2503.Pq Vt str 2504Unset by default. 2505When set, use as default value for 2506.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2507for every jail in 2508.Va jail_list . 2509.It Va jail_mount_enable 2510.Pq Vt bool 2511Set to 2512.Dq Li NO 2513by default. 2514When set to 2515.Dq Li YES , 2516sets 2517.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2518to 2519.Dq Li YES 2520by default for every jail in 2521.Va jail_list . 2522.It Va jail_fdesc_enable 2523.Pq Vt bool 2524Set to 2525.Dq Li NO 2526by default. 2527When set to 2528.Dq Li YES , 2529sets 2530.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2531to 2532.Dq Li YES 2533by default for every jail in 2534.Va jail_list . 2535.It Va jail_procfs_enable 2536.Pq Vt bool 2537Set to 2538.Dq Li NO 2539by default. 2540When set to 2541.Dq Li YES , 2542sets 2543.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2544to 2545.Dq Li YES 2546by default for every jail in 2547.Va jail_list . 2548.It Va jail_exec_start 2549.Pq Vt str 2550Unset by default. 2551When set, use as default value for 2552.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2553for every jail in 2554.Va jail_list . 2555.It Va jail_exec_stop 2556Unset by default. 2557When set, use as default value for 2558.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2559for every jail in 2560.Va jail_list . 2561.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2562.Pq Vt str 2563Unset by default. 2564Set to the root directory used by jail 2565.Va jname . 2566.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2567.Pq Vt str 2568Unset by default. 2569Set to the fully qualified domain name (FQDN) assigned to jail 2570.Va jname . 2571.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2572.Pq Vt str 2573Unset by default. 2574Set to the IP address assigned to jail 2575.Va jname . 2576.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2577.Pq Vt str 2578Set to 2579.Dq Li -l -U root 2580by default. 2581These are flags to pass to 2582.Xr jail 8 . 2583.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2584.Pq Vt str 2585Unset by default. 2586When set, sets the interface to use when setting IP address alias. 2587Note that the alias is created at jail startup and removed at jail shutdown. 2588.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2589.Pq Vt str 2590Set to 2591.Pa /etc/fstab. Ns Aq Ar jname 2592by default. 2593This is the file system information file to use for jail 2594.Va jname . 2595.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2596.Pq Vt bool 2597Set to 2598.Dq Li NO 2599by default. 2600When set to 2601.Dq Li YES , 2602mount all file systems from 2603.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2604at jail startup. 2605.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2606.Pq Vt bool 2607Set to 2608.Dq Li NO 2609by default. 2610When set to 2611.Dq Li YES , 2612mount the file-descriptor file system inside jail 2613.Ar jname 2614at jail startup. 2615.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2616.Pq Vt bool 2617Set to 2618.Dq Li NO 2619by default. 2620When set to 2621.Dq Li YES , 2622mount the process file system inside jail 2623.Ar jname 2624at jail startup. 2625.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2626.Pq Vt str 2627Set to 2628.Dq Li /bin/sh /etc/rc 2629by default. 2630This is the command executed at jail startup. 2631.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2632.Pq Vt str 2633Set to 2634.Dq Li /bin/sh /etc/rc.shutdown 2635by default. 2636This is the command executed at jail shutdown. 2637.It Va jail_set_hostname_allow 2638.Pq Vt bool 2639If set to 2640.Dq Li NO , 2641do not allow the root user in a jail to set its hostname. 2642.It Va jail_socket_unixiproute_only 2643.Pq Vt bool 2644If set to 2645.Dq Li YES , 2646do not allow any sockets, 2647besides UNIX/IP/route sockets, 2648to be used within a jail. 2649.It Va jail_sysvipc_allow 2650.Pq Vt bool 2651If set to 2652.Dq Li YES , 2653allow applications within a jail to use System V IPC. 2654.It Va newsyslog_enable 2655.Pq Vt bool 2656If set to 2657.Dq Li YES , 2658run 2659.Xr newsyslog 8 2660before syslogd starts. 2661.It Va newsyslog_flags 2662.Pq Vt str 2663If 2664.Va newsyslog_enable 2665is set to 2666.Dq Li YES , 2667these are the flags passed to 2668.Xr newsyslog 8 . 2669.It Va resident_enable 2670.Pq Vt bool 2671If set to 2672.Dq Li YES , 2673make the dynamic binaries listed in 2674.Pa /etc/resident.conf 2675resident. 2676.It Va varsym_enable 2677.Pq Vt bool 2678If set to 2679.Dq Li YES , 2680process 2681.Pa /etc/varsym.conf 2682to set system-wide variables for variant symlinks. 2683.It Va rand_irqs 2684.Pq Vt str 2685Set either to 2686.Dq Li NO 2687or a whitespace separated list of IRQ numbers which will be used as a source of 2688randomness. 2689.\" ----- isdn settings --------------------------------- 2690.It Va isdn_enable 2691.Pq Vt bool 2692Set to 2693.Dq Li NO 2694by default. 2695When set to 2696.Dq Li YES , 2697starts the 2698.Xr isdnd 8 2699daemon at system boot time. 2700.It Va isdn_flags 2701.Pq Vt str 2702Set to 2703.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2704by default. 2705Additional flags to pass to 2706.Xr isdnd 8 2707(but see 2708.Va isdn_fsdev 2709and 2710.Va isdn_ttype 2711for certain tunable parameters). 2712.It Va isdn_ttype 2713.Pq Vt str 2714Set to 2715.Dq Li cons25 2716by default. 2717The terminal type of the output device when 2718.Xr isdnd 8 2719operates in full-screen mode. 2720.It Va isdn_screenflags 2721.Pq Vt str 2722Set to 2723.Dq Li NO 2724by default. 2725The video mode for full-screen mode (only for 2726.Xr syscons 4 2727console driver, see 2728.Xr vidcontrol 1 2729for valid modes). 2730.It Va isdn_fsdev 2731.Pq Vt str 2732Set to 2733.Dq Li NO 2734by default. 2735The output device for 2736.Xr isdnd 8 2737in full-screen mode (or 2738.Dq Li NO 2739for daemon mode). 2740.It Va isdn_trace 2741.Pq Vt bool 2742Set to 2743.Dq Li NO 2744by default. 2745When set to 2746.Dq Li YES , 2747enables the ISDN protocol trace utility 2748.Xr isdntrace 8 2749at system boot time. 2750.It Va isdn_traceflags 2751.Pq Vt str 2752Set to 2753.Dq Fl f Pa /var/tmp/isdntrace0 2754by default. 2755Flags for 2756.Xr isdntrace 8 . 2757.\" ----------------------------------------------------- 2758.It Va entropy_dir 2759.Pq Vt str 2760Set to 2761.Dq Li NO 2762to disable caching entropy via 2763.Xr cron 8 . 2764Otherwise set to the directory used to store entropy files in. 2765.It Va entropy_file 2766.Pq Vt str 2767Set to 2768.Dq Li NO 2769to disable caching entropy through reboots. 2770Otherwise set to the filename used to store cached entropy through reboots. 2771This file should be located on the root file system to seed the 2772.Xr random 4 2773device as early as possible in the boot process. 2774.It Va ipsec_enable 2775.Pq Vt bool 2776Set to 2777.Dq Li YES 2778to run 2779.Xr setkey 8 2780on 2781.Va ipsec_file 2782at boot time. 2783.It Va ipsec_file 2784.Pq Vt str 2785Configuration file for 2786.Xr setkey 8 . 2787.It Va dmesg_enable 2788.Pq Vt bool 2789Set to 2790.Dq Li YES 2791to save 2792.Xr dmesg 8 2793to 2794.Pa /var/run/dmesg.boot 2795on boot. 2796.It Va rcshutdown_timeout 2797.Pq Vt int 2798If set, start a watchdog timer in the background which will terminate 2799.Pa rc.shutdown 2800if 2801.Xr shutdown 8 2802has not completed within the specified time (in seconds). 2803.El 2804.Sh FILES 2805.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2806.It Pa /etc/defaults/rc.conf 2807.It Pa /etc/rc.conf 2808.It Pa /etc/rc.conf.local 2809.It Pa /etc/start_if. Ns Aq Ar interface 2810.El 2811.Sh SEE ALSO 2812.Xr catman 1 , 2813.Xr gdb 1 , 2814.Xr info 1 , 2815.Xr kbdcontrol 1 , 2816.Xr varsym 1 , 2817.Xr vidcontrol 1 , 2818.Xr ip 4 , 2819.Xr ipf 4 , 2820.Xr ipfw 4 , 2821.Xr kld 4 , 2822.Xr pf 4 , 2823.Xr tcp 4 , 2824.Xr udp 4 , 2825.Xr exports 5 , 2826.Xr motd 5 , 2827.Xr resident.conf 5 , 2828.Xr varsym.conf 5 , 2829.Xr accton 8 , 2830.Xr amd 8 , 2831.Xr apm 8 , 2832.Xr atm 8 , 2833.Xr btconfig 8 , 2834.Xr bthcid 8 , 2835.Xr cron 8 , 2836.Xr devd 8 , 2837.Xr dhclient 8 , 2838.Xr dntpd 8 , 2839.Xr ftpd 8 , 2840.Xr ifconfig 8 , 2841.Xr inetd 8 , 2842.Xr isdnd 8 , 2843.Xr isdntrace 8 , 2844.Xr jail 8 , 2845.Xr lpd 8 , 2846.Xr makewhatis 8 , 2847.Xr mdconfig 8 , 2848.Xr mixer 8 , 2849.Xr mountd 8 , 2850.Xr moused 8 , 2851.Xr mrouted 8 , 2852.Xr named 8 , 2853.Xr nfsd 8 , 2854.Xr pcnfsd 8 , 2855.Xr pfctl 8 , 2856.Xr pflogd 8 , 2857.Xr quotacheck 8 , 2858.Xr quotaon 8 , 2859.Xr rc 8 , 2860.Xr rc.sendmail 8 , 2861.Xr resident 8 , 2862.Xr rndcontrol 8 , 2863.Xr route 8 , 2864.Xr routed 8 , 2865.Xr rpcbind 8 , 2866.Xr rpc.lockd 8 , 2867.Xr rpc.statd 8 , 2868.Xr rtadvd 8 , 2869.Xr rtsold 8 , 2870.Xr rwhod 8 , 2871.Xr savecore 8 , 2872.Xr sdpd 8 , 2873.Xr sensorsd 8 , 2874.Xr sshd 8 , 2875.Xr swapon 8 , 2876.Xr sysctl 8 , 2877.Xr syslogd 8 , 2878.Xr timed 8 , 2879.Xr usbd 8 , 2880.Xr vinum 8 , 2881.Xr yp 8 , 2882.Xr ypbind 8 , 2883.Xr ypserv 8 , 2884.Xr ypset 8 2885.Sh HISTORY 2886The 2887.Nm 2888file appeared in 2889.Fx 2.2.2 . 2890.Sh AUTHORS 2891.An Jordan K. Hubbard . 2892