1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" 27.Dd April 8, 2010 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65See the 66.Va rc_conf_files 67variable below. 68.Pp 69The following list provides a name and short description for each 70variable that can be set in the 71.Nm 72file. 73To set a variable of 74.Vt bool 75type, specify either 76.Dq Li YES , 77.Dq Li TRUE , 78.Dq Li ON , 79or 80.Dq Li 1 . 81To unset, specify 82.Dq Li NO , 83.Dq Li FALSE , 84.Dq Li OFF , 85or 86.Dq Li 0 . 87These values are case insensitive. 88The 89.Va _enable 90postfix in the name of a variable for starting a service can be 91omitted (as in 92.Nx ) . 93.Bl -tag -width indent-two 94.It Va rc_debug 95.Pq Vt bool 96If set to 97.Dq Li YES , 98enable output of debug messages from rc scripts. 99This variable can be helpful in diagnosing mistakes when 100editing or integrating new scripts. 101Beware that this produces copious output to the terminal and 102.Xr syslog 3 . 103.It Va rc_info 104.Pq Vt bool 105If set to 106.Dq Li NO , 107disable informational messages from the rc scripts. 108Informational messages are displayed when 109a condition that is not serious enough to warrant a warning or an error occurs. 110.It Va swapfile 111.Pq Vt str 112If set to 113.Dq Li NO , 114no swapfile is installed, otherwise the value is used as the full 115pathname to a file to use for additional swap space. 116.It Va apm_enable 117.Pq Vt bool 118If set to 119.Dq Li YES , 120enable support for Automatic Power Management with the 121.Xr apm 8 122command. 123.It Va apmd_enable 124.Pq Vt bool 125Run 126.Xr apmd 8 127to handle APM event from userland. 128This also enables support for APM. 129.It Va apmd_flags 130.Pq Vt str 131If 132.Va apmd_enable 133is set to 134.Dq Li YES , 135these are the flags to pass to the 136.Xr apmd 8 137daemon. 138.It Va battd_enable 139Enable 140.Xr battd 8 141to monitor the status of batteries present in the system. 142This also enables support for APM. 143.It Va battd_flags 144.Pq Vt str 145If 146.Va battd_enable 147is set to 148.Dq Li YES , 149these are the flags to pass to the 150.Xr battd 8 151daemon. 152.It Va devd_enable 153.Pq Vt bool 154Run 155.Xr devd 8 156to handle device added, removed or unknown events from the kernel. 157.It Va devd_flags 158.Pq Vt str 159If 160.Va devd_enable 161is set to 162.Dq Li YES , 163these are the flags to pass to the 164.Xr devd 8 165daemon. 166.It Va sensorsd_enable 167.Pq Vt bool 168Set to 169.Dq Li NO 170by default. 171Setting this to 172.Dq Li YES 173enables 174.Xr sensorsd 8 , 175a sensors monitoring and logging daemon. 176.It Va sensorsd_flags 177.Pq Vt str 178Empty by default. 179Additional flags passed to the 180.Xr sensorsd 8 181program. 182.It Va hotplugd_enable 183.Pq Vt bool 184Set to 185.Dq Li NO 186by default. 187Setting this to 188.Dq Li YES 189enables 190.Xr hotplugd 8 , 191a devices hot plugging monitoring daemon. 192.It Va hotplugd_flags 193.Pq Vt str 194Empty by default. 195Additional flags passed to the 196.Xr hotplugd 8 197program. 198.It Va pccard_ifconfig 199.Pq Vt str 200List of arguments to be passed to 201.Xr ifconfig 8 202at boot time or on insertion of the card (e.g.\& 203.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 204for a fixed address or 205.Dq Li DHCP 206for a DHCP client). 207.It Va pccard_ether_delay 208.Pq Vt str 209Set the delay before starting 210.Xr dhclient 8 211in the 212.Pa /etc/pccard_ether 213script. 214This defaults to 5 seconds to work around a bug in the 215.Xr ed 4 216driver which can lead to system hangs when using some newer 217.Xr ed 4 218based cards. 219.It Va removable_interfaces 220.Pq Vt str 221List of removable network interfaces to be supported by 222.Pa /etc/pccard_ether . 223.It Va local_startup 224.Pq Vt str 225List of directories to search for startup script files. 226.It Va script_name_sep 227.Pq Vt str 228The field separator to use for breaking down the list of startup script files 229into individual filenames. 230The default is a space. 231It is not necessary to change this unless there are startup scripts with names 232containing spaces. 233.It Va hostapd_enable 234.Pq Vt bool 235Set to 236.Dq Li YES 237to start 238.Xr hostapd 8 239at system boot time. 240.It Va hostname 241.Pq Vt str 242The fully qualified domain name (FQDN) of this host on the network. 243This should almost certainly be set to something meaningful, even if 244there is no network connection. 245If 246.Xr dhclient 8 247is used to set the hostname via DHCP, 248this variable should be set to an empty string. 249.It Va ipv6_enable 250.Pq Vt bool 251Enable support for IPv6 networking. 252Note that this requires that the kernel have been compiled with 253.Cd "options INET6" . 254.It Va nisdomainname 255.Pq Vt str 256The NIS domain name of this host, or 257.Dq Li NO 258if NIS is not used. 259.It Va dhclient_program 260.Pq Vt str 261Path to the DHCP client program 262(default 263.Pa /sbin/dhclient ) . 264.It Va dhclient_flags 265.Pq Vt str 266Additional flags to pass to the DHCP client program. 267.It Va pf_enable 268.Pq Vt bool 269Set to 270.Dq Li YES 271to load 272.Xr pf 4 273at startup. 274If the kernel was not built with 275.Cd "device pf" , 276the 277.Pa pf.ko 278kernel module will be loaded. 279See also 280.Va firewall_enable 281and 282.Va ipfilter_enable . 283.It Va pf_rules 284.Pq Vt str 285Path to the 286.Xr pf 4 287ruleset definition file. 288.It Va pf_program 289.Pq Vt str 290Path to 291.Xr pfctl 8 . 292.It Va pf_flags 293.Pq Vt str 294If 295.Va pf_enable 296is set to 297.Dq Li YES , 298these are the flags to pass to 299.Xr pfctl 8 300when loading the ruleset. 301.It Va pflog_enable 302.Pq Vt bool 303Set this to 304.Dq Li YES 305to enable 306.Xr pflogd 8 307which logs packets from 308.Xr pf 4 . 309.It Va pflog_logfile 310.Pq Vt str 311If 312.Va pflog_enable 313is set to 314.Dq Li YES 315this specifies the path of the log file. 316.It Va pflog_program 317.Pq Vt str 318Path to 319.Xr pflogd 8 . 320.It Va pflog_flags 321.Pq Vt str 322If 323.Va pflog_enable 324is set to 325.Dq Li YES , 326these are the flags to pass to 327.Xr pflogd 8 . 328.It Va firewall_enable 329.Pq Vt bool 330Set to 331.Dq Li YES 332to load firewall rules at startup. 333If the kernel was not built with 334.Cd "options IPFIREWALL" , 335the 336.Pa ipfw.ko 337kernel module will be loaded. 338See also 339.Va pf_enable 340and 341.Va ipfilter_enable . 342.It Va ipv6_firewall_enable 343.Pq Vt bool 344The IPv6 equivalent of 345.Va firewall_enable . 346Set to 347.Dq Li YES 348to load IPv6 firewall rules at startup. 349If the kernel was not built with 350.Cd "options IPV6FIREWALL" , 351the 352.Pa ip6fw.ko 353kernel module will be loaded. 354.It Va firewall_script 355.Pq Vt str 356The full path to the firewall script to run 357(default 358.Pa /etc/rc.firewall ) . 359.It Va ipv6_firewall_script 360.Pq Vt str 361The IPv6 equivalent of 362.Va firewall_script . 363.It Va firewall_type 364.Pq Vt str 365Names the firewall type from the selection in 366.Pa /etc/rc.firewall , 367or the file which contains the local firewall ruleset. 368Valid selections from 369.Pa /etc/rc.firewall 370are: 371.Pp 372.Bl -tag -width ".Li simple" -compact 373.It Li open 374unrestricted IP access 375.It Li closed 376all IP services disabled, except via 377.Dq Li lo0 378.It Li client 379basic protection for a workstation on a LAN 380.It Li simple 381alias for 382.Li client . 383.El 384.Pp 385If a filename is specified, the full path must be given. 386.It Va firewall_trusted_nets 387.Pq Vt str 388List of trusted networks (if 389.Va firewall_type 390is set to 391.Li client ) . 392.It Va firewall_trusted_interfaces 393.Pq Vt str 394List of trusted network interfaces (if 395.Va firewall_type 396is set to 397.Li client ) . 398.It Va firewall_allowed_icmp_types 399.Pq Vt str 400List of allowed ICMP types (if 401.Va firewall_type 402is set to 403.Li client ) . 404.It Va firewall_open_tcp_ports 405.Pq Vt str 406List of TCP ports to open (if 407.Va firewall_type 408is set to 409.Li client ) . 410.It Va firewall_open_udp_ports 411.Pq Vt str 412List of UDP ports to open (if 413.Va firewall_type 414is set to 415.Li client ) . 416.It Va ipv6_firewall_type 417.Pq Vt str 418The IPv6 equivalent of 419.Va firewall_type . 420.It Va firewall_quiet 421.Pq Vt bool 422Set to 423.Dq Li YES 424to disable the display of firewall rules on the console during boot. 425.It Va ipv6_firewall_quiet 426.Pq Vt bool 427The IPv6 equivalent of 428.Va firewall_quiet . 429.It Va firewall_logging 430.Pq Vt bool 431Set to 432.Dq Li YES 433to enable firewall event logging. 434This is equivalent to the 435.Dv IPFIREWALL_VERBOSE 436kernel option. 437.It Va ipv6_firewall_logging 438.Pq Vt bool 439The IPv6 equivalent of 440.Va firewall_logging . 441.It Va firewall_flags 442.Pq Vt str 443Flags passed to 444.Xr ipfw 8 445if 446.Va firewall_type 447specifies a filename. 448.It Va ipv6_firewall_flags 449.Pq Vt str 450The IPv6 equivalent of 451.Va firewall_flags . 452.It Va natd_program 453.Pq Vt str 454Path to 455.Xr natd 8 . 456.It Va natd_enable 457.Pq Vt bool 458Set to 459.Dq Li YES 460to enable 461.Xr natd 8 . 462.Va firewall_enable 463must also be set to 464.Dq Li YES , 465and 466.Xr divert 4 467sockets must be enabled in the kernel. 468.It Va natd_interface 469.Pq Vt str 470This is the name of the public interface on which 471.Xr natd 8 472should run. 473The interface may be given as an interface name or as an IP address. 474.It Va natd_flags 475.Pq Vt str 476Additional 477.Xr natd 8 478flags should be placed here. 479The 480.Fl n 481or 482.Fl a 483flag is automatically added with the above 484.Va natd_interface 485as an argument. 486.\" ----- ipfilter_enable setting -------------------------------- 487.It Va ipfilter_enable 488.Pq Vt bool 489Set to 490.Dq Li NO 491by default. 492Setting this to 493.Dq Li YES 494enables 495.Xr ipf 8 496packet filtering. 497.Pp 498Typical usage will require putting 499.Bd -literal 500ipfilter_enable="YES" 501ipnat_enable="YES" 502ipmon_enable="YES" 503ipfs_enable="YES" 504.Ed 505.Pp 506into 507.Pa /etc/rc.conf 508and editing 509.Pa /etc/ipf.rules 510and 511.Pa /etc/ipnat.rules 512appropriately. 513.Pp 514Note that 515.Va ipfilter_enable 516and 517.Va ipnat_enable 518can be enabled independently. 519.Va ipmon_enable 520and 521.Va ipfs_enable 522both require at least one of 523.Va ipfilter_enable 524and 525.Va ipnat_enable 526to be enabled. 527.Pp 528Having 529.Bd -literal 530options IPFILTER 531options IPFILTER_LOG 532options IPFILTER_DEFAULT_BLOCK 533.Ed 534.Pp 535in the kernel configuration file is a good idea, too. 536See also 537.Va pf_enable 538and 539.Va firewall_enable . 540.\" ----- ipfilter_program setting ------------------------------ 541.It Va ipfilter_program 542.Pq Vt str 543Path to 544.Xr ipf 8 545(default 546.Pa /sbin/ipf ) . 547.\" ----- ipfilter_rules setting -------------------------------- 548.It Va ipfilter_rules 549.Pq Vt str 550Set to 551.Pa /etc/ipf.rules 552by default. 553The name of the filter rule definition file. 554The file is expected to be readable for the 555.Xr ipf 8 556command to execute. 557.\" ----- ipv6_ipfilter_rules setting --------------------------- 558.It Va ipv6_ipfilter_rules 559.Pq Vt str 560Set to 561.Pa /etc/ipf6.rules 562by default. 563The name of the IPv6 filter rule definition file. 564The file is expected to be readable for the 565.Xr ipf 8 566command to execute. 567.\" ----- ipfilter_flags setting -------------------------------- 568.It Va ipfilter_flags 569.Pq Vt str 570Empty by default. 571Flags passed to the 572.Xr ipf 8 573program. 574.\" ----- ipnat_enable setting ---------------------------------- 575.It Va ipnat_enable 576.Pq Vt bool 577Set to 578.Dq Li NO 579by default. 580Set it to 581.Dq Li YES 582to enable 583.Xr ipnat 8 584network address translation. 585See 586.Va ipfilter_enable 587for a detailed discussion. 588.\" ----- ipnat_program setting --------------------------------- 589.It Va ipnat_program 590.Pq Vt str 591Path to 592.Xr ipnat 8 593(default 594.Pa /sbin/ipnat ) . 595.\" ----- ipnat_rules setting ----------------------------------- 596.It Va ipnat_rules 597.Pq Vt str 598Set to 599.Pa /etc/ipnat.rules 600by default. 601The name of the file 602holding the network address translation definition. 603This file is expected to be readable for the 604.Xr ipnat 8 605command to execute. 606.\" ----- ipnat_flags setting ----------------------------------- 607.It Va ipnat_flags 608.Pq Vt str 609Empty by default. 610Flags passed to the 611.Xr ipnat 8 612program. 613.\" ----- ipmon_enable setting ---------------------------------- 614.It Va ipmon_enable 615.Pq Vt bool 616Set to 617.Dq Li NO 618by default. 619Set it to 620.Dq Li YES 621to enable 622.Xr ipmon 8 623monitoring (logging 624.Xr ipf 8 625and 626.Xr ipnat 8 627events). 628Setting this variable needs setting 629.Va ipfilter_enable 630or 631.Va ipnat_enable 632too. 633See 634.Va ipfilter_enable 635for a detailed discussion. 636.\" ----- ipmon_program setting --------------------------------- 637.It Va ipmon_program 638.Pq Vt str 639Path to 640.Xr ipmon 8 641(default 642.Pa /sbin/ipmon ) . 643.\" ----- ipmon_flags setting ----------------------------------- 644.It Va ipmon_flags 645.Pq Vt str 646Set to 647.Dq Li -Ds 648by default. 649Flags passed to the 650.Xr ipmon 8 651program. 652Another typical example would be 653.Dq Fl D Pa /var/log/ipflog 654to have 655.Xr ipmon 8 656log directly to a file bypassing 657.Xr syslogd 8 . 658Make sure to adjust 659.Pa /etc/newsyslog.conf 660in such case like this: 661.Bd -literal 662/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 663.Ed 664.\" ----- ipfs_enable setting ----------------------------------- 665.It Va ipfs_enable 666.Pq Vt bool 667Set to 668.Dq Li NO 669by default. 670Set it to 671.Dq Li YES 672to enable 673.Xr ipfs 8 674saving the filter and NAT state tables during shutdown 675and reloading them during startup again. 676Setting this variable needs setting 677.Va ipfilter_enable 678or 679.Va ipnat_enable 680to 681.Dq Li YES 682too. 683See 684.Va ipfilter_enable 685for a detailed discussion. 686Note that if 687.Va kern_securelevel 688is set to 3, 689.Va ipfs_enable 690cannot be used because the raised securelevel will prevent 691.Xr ipfs 8 692from saving the state tables at shutdown time. 693.\" ----- ipfs_program setting ---------------------------------- 694.It Va ipfs_program 695.Pq Vt str 696Path to 697.Xr ipfs 8 698(default 699.Pa /sbin/ipfs ) . 700.\" ----- ipfs_flags setting ------------------------------------ 701.It Va ipfs_flags 702.Pq Vt str 703Empty by default. 704Flags passed to the 705.Xr ipfs 8 706program. 707.\" ----- end of added ipf hook --------------------------------- 708.It Va tcp_extensions 709.Pq Vt bool 710Set to 711.Dq Li YES 712by default. 713Setting this to 714.Dq Li NO 715disables certain TCP options as described by 716.Rs 717.%T "RFC 1323" 718.Re 719Setting this to 720.Dq Li NO 721might help remedy such problems with connections as randomly hanging 722or other weird behavior. 723Some network devices are known to be broken with respect to these options. 724.It Va log_in_vain 725.Pq Vt int 726Set to 0 by default. 727The 728.Xr sysctl 8 729variables, 730.Va net.inet.tcp.log_in_vain 731and 732.Va net.inet.udp.log_in_vain , 733as described in 734.Xr tcp 4 735and 736.Xr udp 4 , 737are set to the given value. 738.It Va tcp_keepalive 739.Pq Vt bool 740Set to 741.Dq Li YES 742by default. 743Setting to 744.Dq Li NO 745will disable probing idle TCP connections to verify that the 746peer is still up and reachable. 747.It Va tcp_drop_synfin 748.Pq Vt bool 749Set to 750.Dq Li NO 751by default. 752Setting to 753.Dq Li YES 754will cause the kernel to ignore TCP frames that have both 755the SYN and FIN flags set. 756This prevents OS fingerprinting, but may break some legitimate applications. 757This option is only available if the kernel was built with the 758.Dv TCP_DROP_SYNFIN 759option. 760.It Va icmp_drop_redirect 761.Pq Vt bool 762Set to 763.Dq Li NO 764by default. 765Setting to 766.Dq Li YES 767will cause the kernel to ignore ICMP REDIRECT packets. 768Refer to 769.Xr icmp 4 770for more information. 771.It Va icmp_log_redirect 772.Pq Vt bool 773Set to 774.Dq Li NO 775by default. 776Setting to 777.Dq Li YES 778will cause the kernel to log ICMP REDIRECT packets. 779Note that 780the log messages are not rate-limited, so this option should only be used 781for troubleshooting networks. 782Refer to 783.Xr icmp 4 784for more information. 785.It Va icmp_bmcastecho 786.Pq Vt bool 787Set to 788.Dq Li YES 789to respond to broadcast or multicast ICMP ping packets. 790Refer to 791.Xr icmp 4 792for more information. 793.It Va ip_portrange_first 794.Pq Vt int 795If not set to 796.Dq Li NO , 797this is the first port in the default portrange. 798Refer to 799.Xr ip 4 800for more information. 801.It Va ip_portrange_last 802.Pq Vt int 803If not set to 804.Dq Li NO , 805this is the last port in the default portrange. 806Refer to 807.Xr ip 4 808for more information. 809.\" 810.It Va ifconfig_ Ns Aq Ar interface 811.Pq Vt str 812Configuration for 813.Dq interface . 814Typically includes IP address. 815Assuming that the interface in question was 816.Li ed0 , 817it might look something like this: 818.Bd -literal 819ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 820.Ed 821.Pp 822If the 823.Pa /etc/start_if. Ns Aq Ar interface 824file is present, it is read and executed by the 825.Xr sh 1 826interpreter before configuring the interface as specified in the 827.Va ifconfig_ Ns Aq Ar interface 828and 829.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 830variables. 831.Pp 832It is possible to bring up an interface with DHCP by adding 833.Dq Li DHCP 834to the 835.Va ifconfig_ Ns Aq Ar interface 836variable. 837For instance, to initialize the 838.Li ed0 839device via DHCP, it is possible to use something like: 840.Bd -literal 841ifconfig_ed0="DHCP" 842.Ed 843.Pp 844Also, if your interface needs WPA authentication, it is possible to add 845.Dq Li WPA 846to the 847.Va ifconfig_ Ns Aq Ar interface 848variable. 849This will start 850.Xr wpa_supplicant 8 . 851See 852.Xr wpa_supplicant.conf 5 853for configuring authentication information. 854.Pp 855Finally, you can add 856.Xr ifconfig 8 857options in this variable, in addition to the 858.Pa /etc/start_if. Ns Aq Ar interface 859file. 860For instance, to initialize the 861.Li wi0 862device via DHCP, using WPA authentication and 802.11b mode, it is 863possible to use something like: 864.Bd -literal 865ifconfig_wi0="up DHCP WPA mode 11b" 866.Ed 867.Pp 868.\" 869.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 870.Pq Vt str 871Configuration to establish an additional network address for 872.Dq interface . 873Assuming that the interface in question was 874.Li ed0 , 875it might look something like this: 876.Bd -literal 877ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 878ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 879.Ed 880.Pp 881And so on. 882For each 883.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 884entry that is found, its contents are passed to 885.Xr ifconfig 8 . 886Execution stops at the first unsuccessful access, so if 887something like this is present: 888.Bd -literal 889ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 890ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 891ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 892ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 893.Ed 894.Pp 895Then note that alias4 would 896.Em not 897be added since the search would stop with the missing alias3 entry. 898.Pp 899.\" 900.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 901.Pq Vt str 902New name for 903.Dq interface . 904It is possible to rename interface by doing: 905.Bd -literal 906ifconfig_ed0_name="net0" 907ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 908.Ed 909.It Va network_interfaces 910.Pq Vt str 911The list of network interfaces to configure on this host, 912or 913.Dq Li auto 914to configure all network interfaces 915(default 916.Dq Li auto ) . 917For example, if the only network devices to be configured are the loopback device 918.Pq Li lo0 919and a NIC using the 920.Xr ed 4 921driver, this could be set to 922.Dq Li "lo0 ed0" . 923An 924.Va ifconfig_ Ns Aq Ar interface 925variable is assumed to exist for each value of 926.Ar interface . 927.It Va ipv6_network_interfaces 928.Pq Vt str 929This is the IPv6 equivalent of 930.Va network_interfaces . 931Instead of setting the ifconfig variables as 932.Va ifconfig_ Ns Aq Ar interface 933they should be set as 934.Va ipv6_ifconfig_ Ns Aq Ar interface . 935Aliases should be set as 936.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 937Interfaces that do not have a 938.Va ipv6_ifconfig_ Ns Aq Ar interface 939setting will be auto configured by 940.Xr rtsol 8 941if the 942.Va ipv6_gateway_enable 943is set to 944.Dq Li NO . 945Note that the IPv6 networking code does not support the 946.Pa /etc/start_if. Ns Aq Ar interface 947files. 948.It Va ipv6_prefix_ Ns Aq Ar interface 949.Pq Vt str 950Assign prefix to 951.Ar interface , 952prefixlen 64 is used. 953.It Va ipv6_default_interface 954.Pq Vt str 955If not set to 956.Dq Li NO , 957this is the default output interface for scoped addresses. 958Now this works only for IPv6 link local multicast addresses. 959.It Va cloned_interfaces 960.Pq Vt str 961Set to the list of clonable network interfaces to create on this host. 962Entries in 963.Va cloned_interfaces 964are automatically appended to 965.Va network_interfaces 966for configuration. 967.It Va gif_interfaces 968.Pq Vt str 969Set to the list of 970.Xr gif 4 971tunnel interfaces to configure on this host. 972A 973.Va gifconfig_ Ns Aq Ar interface 974variable is assumed to exist for each value of 975.Ar interface . 976The value of this variable is used to configure the link layer of the 977tunnel according to the syntax of the 978.Cm tunnel 979option to 980.Xr ifconfig 8 . 981Additionally, this option ensures that each listed interface is created via the 982.Cm create 983option to 984.Xr ifconfig 8 985before attempting to configure it. 986.It Va sppp_interfaces 987.Pq Vt str 988Set to the list of 989.Xr sppp 4 990interfaces to configure on this host. 991A 992.Va spppconfig_ Ns Aq Ar interface 993variable is assumed to exist for each value of 994.Ar interface . 995Each interface should also be configured by a general 996.Va ifconfig_ Ns Aq Ar interface 997setting. 998Refer to 999.Xr spppcontrol 8 1000for more information about available options. 1001.It Va ppp_enable 1002.Pq Vt bool 1003If set to 1004.Dq Li YES , 1005run the 1006.Xr ppp 8 1007daemon. 1008.It Va ppp_mode 1009.Pq Vt str 1010Mode in which to run the 1011.Xr ppp 8 1012daemon. 1013Accepted modes are 1014.Dq Li auto , 1015.Dq Li ddial , 1016.Dq Li direct 1017and 1018.Dq Li dedicated . 1019See the manual for a full description. 1020.It Va ppp_nat 1021.Pq Vt bool 1022If set to 1023.Dq Li YES , 1024enables network address translation. 1025Used in conjunction with 1026.Va gateway_enable 1027allows hosts on private network addresses access to the Internet using 1028this host as a network address translating router. 1029.It Va ppp_profile 1030.Pq Vt str 1031The name of the profile to use from 1032.Pa /etc/ppp/ppp.conf . 1033.It Va ppp_user 1034.Pq Vt str 1035The name of the user under which 1036.Xr ppp 8 1037should be started. 1038By default, 1039.Xr ppp 8 1040is started as 1041.Dq Li root . 1042.It Va rc_conf_files 1043.Pq Vt str 1044This option is used to specify a list of files that will override 1045the settings in 1046.Pa /etc/defaults/rc.conf . 1047The files will be read in the order in which they are specified and should 1048include the full path to the file. 1049By default, the files specified are 1050.Pa /etc/rc.conf 1051and 1052.Pa /etc/rc.conf.local 1053.It Va fsck_y_enable 1054.Pq Vt bool 1055If set to 1056.Dq Li YES , 1057.Xr fsck 8 1058will be run with the 1059.Fl y 1060flag if the initial preen of the file systems fails. 1061.It Va netfs_types 1062.Pq Vt str 1063List of file system types that are network-based. 1064This list should generally not be modified by end users. 1065Use 1066.Va extra_netfs_types 1067instead. 1068.It Va extra_netfs_types 1069.Pq Vt str 1070If set to something other than 1071.Dq Li NO 1072(the default), this variable extends the list of file system types 1073for which automatic mounting at startup by 1074.Xr rc 8 1075should be delayed until the network is initialized. 1076It should contain 1077a whitespace-separated list of network file system descriptor pairs, 1078each consisting of a file system type as passed to 1079.Xr mount 8 1080and a human-readable, one-word description, joined with a colon 1081.Pq Ql \&: . 1082Extending the default list in this way is only necessary 1083when third party file system types are used. 1084.It Va devfs_config_files 1085.Pq Vt str 1086This option is used to specify a list of configuration files containing 1087.Xr devfs 5 1088rules that will be applied by 1089.Xr devfsctl 8 1090in the order in which they are specified and must include the full path 1091to the file. 1092.It Va syslogd_enable 1093.Pq Vt bool 1094If set to 1095.Dq Li YES , 1096run the 1097.Xr syslogd 8 1098daemon. 1099.It Va syslogd_program 1100.Pq Vt str 1101Path to 1102.Xr syslogd 8 1103(default 1104.Pa /usr/sbin/syslogd ) . 1105.It Va syslogd_flags 1106.Pq Vt str 1107If 1108.Va syslogd_enable 1109is set to 1110.Dq Li YES , 1111these are the flags to pass to 1112.Xr syslogd 8 . 1113.It Va inetd_enable 1114.Pq Vt bool 1115If set to 1116.Dq Li YES , 1117run the 1118.Xr inetd 8 1119daemon. 1120.It Va inetd_program 1121.Pq Vt str 1122Path to 1123.Xr inetd 8 1124(default 1125.Pa /usr/sbin/inetd ) . 1126.It Va inetd_flags 1127.Pq Vt str 1128If 1129.Va inetd_enable 1130is set to 1131.Dq Li YES , 1132these are the flags to pass to 1133.Xr inetd 8 . 1134.It Va rwhod_enable 1135.Pq Vt bool 1136If set to 1137.Dq Li YES , 1138run the 1139.Xr rwhod 8 1140daemon at boot time. 1141.It Va rwhod_flags 1142.Pq Vt str 1143If 1144.Va rwhod_enable 1145is set to 1146.Dq Li YES , 1147these are the flags to pass to it. 1148.It Va amd_enable 1149.Pq Vt bool 1150If set to 1151.Dq Li YES , 1152run the 1153.Xr amd 8 1154daemon at boot time. 1155.It Va amd_flags 1156.Pq Vt str 1157If 1158.Va amd_enable 1159is set to 1160.Dq Li YES , 1161these are the flags to pass to it. 1162See the 1163.Xr amd 8 1164manpage for more information. 1165.It Va amd_map_program 1166.Pq Vt str 1167If set, the specified program is run to get the list of 1168.Xr amd 8 1169maps. 1170For example, if the 1171.Xr amd 8 1172maps are stored in NIS, one can set this to run 1173.Xr ypcat 1 1174to get a list of 1175.Xr amd 8 1176maps from the 1177.Pa amd.master 1178NIS map. 1179.It Va update_motd 1180.Pq Vt bool 1181If set to 1182.Dq Li YES , 1183.Pa /etc/motd 1184will be updated at boot time to reflect the kernel release being run. 1185If set to 1186.Dq Li NO , 1187.Pa /etc/motd 1188will not be updated. 1189.It Va nfs_client_enable 1190.Pq Vt bool 1191If set to 1192.Dq Li YES , 1193setup NFS client parameters at boot time. 1194.It Va nfs_access_cache 1195.Pq Vt int 1196If 1197.Va nfs_client_enable 1198is set to 1199.Dq Li YES , 1200this can be set to 1201.Dq Li 0 1202to disable NFS ACCESS RPC caching, or to the number of seconds for which 1203NFS ACCESS results should be cached. 1204A value of 2-10 seconds will substantially reduce network traffic for 1205many NFS operations. 1206The default is 5 seconds. 1207Note that the attribute cache holds stat information only. 1208The NFS data cache is independent of the attribute cache and is only 1209invalidated when the client detects that the server has modified the 1210underlying file. 1211This value specifies a maximum timeout. 1212The NFS client will automatically use a shorter timeout for files which 1213have been recently modified. 1214.It Va nfs_neg_cache 1215.Pq Vt int 1216If 1217.Va nfs_client_enable 1218is set to 1219.Dq Li YES , 1220this can be set to 1221.Dq Li 0 1222to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1223filenames), or to the number of seconds for which negative lookups should 1224be cached. 1225A value of 2-10 seconds will substantially reduce network 1226traffic for many NFS operations, especially source code builds. 1227The default is 3 seconds. 1228.It Va nfs_server_enable 1229.Pq Vt bool 1230If set to 1231.Dq Li YES , 1232run the NFS server daemons at boot time. 1233.It Va nfs_server_flags 1234.Pq Vt str 1235If 1236.Va nfs_server_enable 1237is set to 1238.Dq Li YES , 1239these are the flags to pass to the 1240.Xr nfsd 8 1241daemon. 1242.It Va mountd_enable 1243.Pq Vt bool 1244If set to 1245.Dq Li YES , 1246and no 1247.Va nfs_server_enable 1248is set, start 1249.Xr mountd 8 , 1250but not 1251.Xr nfsd 8 1252daemon. 1253It is commonly needed to run CFS without real NFS used. 1254.It Va mountd_flags 1255.Pq Vt str 1256If 1257.Va mountd_enable 1258is set to 1259.Dq Li YES , 1260these are the flags to pass to the 1261.Xr mountd 8 1262daemon. 1263.It Va weak_mountd_authentication 1264.Pq Vt bool 1265If set to 1266.Dq Li YES , 1267allow services like PCNFSD to make non-privileged mount requests. 1268.It Va nfs_reserved_port_only 1269.Pq Vt bool 1270If set to 1271.Dq Li YES , 1272provide NFS services only on a secure port. 1273.It Va nfs_bufpackets 1274.Pq Vt int 1275If set to a number, indicates the number of packets worth of 1276socket buffer space to reserve on an NFS client. 1277The kernel default is typically 4. 1278Using a higher number may be useful on gigabit networks to improve performance. 1279The minimum value is 2 and the maximum is 64. 1280.It Va rpc_umntall_enable 1281.Pq Vt bool 1282If set to 1283.Dq Li YES 1284(default) and we are also an NFS client, run 1285.Xr rpc.umntall 8 1286at boot time to clear out old mounts on remote servers. 1287If set to 1288.Dq Li NO 1289then 1290.Xr rpc.umntall 8 1291will not be run at boot time. 1292.It Va rpc_lockd_enable 1293.Pq Vt bool 1294If set to 1295.Dq Li YES 1296and also an NFS server, run 1297.Xr rpc.lockd 8 1298at boot time. 1299.It Va rpc_lockd_flags 1300.Pq Vt str 1301If 1302.Va rpc_lockd_enable 1303is set to 1304.Dq Li YES , 1305these are the flags to pass to 1306.Xr rpc.lockd 8 . 1307.It Va rpc_statd_enable 1308.Pq Vt bool 1309If set to 1310.Dq Li YES 1311and also an NFS server, run 1312.Xr rpc.statd 8 1313at boot time. 1314.It Va rpc_statd_flags 1315.Pq Vt str 1316If 1317.Va rpc_statd_enable 1318is set to 1319.Dq Li YES , 1320these are the flags to pass to 1321.Xr rpc.statd 8 . 1322.It Va rpcbind_program 1323.Pq Vt str 1324Path to program for rpcbind daemon 1325(default 1326.Pa /usr/sbin/rpcbind ) . 1327.It Va rpcbind_enable 1328.Pq Vt bool 1329If set to 1330.Dq Li YES , 1331run 1332.Va rpcbind_program 1333at boot time. 1334.It Va rpcbind_flags 1335.Pq Vt str 1336If 1337.Va rpcbind_enable 1338is set to 1339.Dq Li YES , 1340these are the flags to pass to 1341.Va rpcbind_program . 1342.It Va keyserv_enable 1343.Pq Vt bool 1344If set to 1345.Dq Li YES , 1346run the 1347.Xr keyserv 8 1348daemon on boot for running Secure RPC. 1349.It Va keyserv_flags 1350.Pq Vt str 1351If 1352.Va keyserv_enable 1353is set to 1354.Dq Li YES , 1355these are the flags to pass to 1356.Xr keyserv 8 1357daemon. 1358.It Va pppoed_enable 1359.Pq Vt bool 1360If set to 1361.Dq Li YES , 1362run the 1363.Xr pppoed 8 1364daemon at boot time to provide PPP over Ethernet services. 1365.It Va pppoed_provider 1366.Pq Vt str 1367.Xr pppoed 8 1368listens to requests to this provider and ultimately runs 1369.Xr ppp 8 1370with a 1371.Ar system 1372argument of the same name. 1373.It Va pppoed_flags 1374.Pq Vt str 1375Additional flags to pass to 1376.Xr pppoed 8 . 1377.It Va pppoed_interface 1378.Pq Vt str 1379The network interface to run 1380.Xr pppoed 8 1381on. 1382This is mandatory when 1383.Va pppoed_enable 1384is set to 1385.Dq Li YES . 1386.It Va timed_enable 1387.Pq Vt bool 1388If set to 1389.Dq Li YES , 1390run the 1391.Xr timed 8 1392service at boot time. 1393This command is intended for networks of machines where a consistent 1394.Dq "network time" 1395for all hosts must be established. 1396This is often useful in large NFS environments where time stamps on 1397files are expected to be consistent network-wide. 1398.It Va timed_flags 1399.Pq Vt str 1400If 1401.Va timed_enable 1402is set to 1403.Dq Li YES , 1404these are the flags to pass to the 1405.Xr timed 8 1406service. 1407.It Va dntpd_enable 1408.Pq Vt bool 1409If set to 1410.Dq Li YES , 1411run 1412.Xr dntpd 8 1413at system boot time. 1414.It Va dntpd_program 1415.Pq Vt str 1416Path to 1417.Xr dntpd 8 1418(default 1419.Pa /usr/sbin/dntpd ) . 1420.It Va dntpd_flags 1421.Pq Vt str 1422If 1423.Va dntpd_enable 1424is set to 1425.Dq Li YES , 1426these are the flags to pass to the 1427.Xr dntpd 8 1428daemon. 1429.It Va btconfig_enable 1430.Pq Vt bool 1431If set to 1432.Dq Li YES , 1433configure Bluetooth devices via 1434.Xr btconfig 8 1435at system boot time. 1436.It Va btconfig_devices 1437.Pq Vt str 1438If 1439.Va btconfig_enable 1440is set to 1441.Dq Li YES , 1442this is the list of Bluetooth devices to configure. 1443If 1444.Va btconfig_devices 1445is not specified, all devices known to the system will be configured. 1446A 1447.Va btconfig_ Ns Aq Ar device 1448variable can be set to specify parameters to be passed to 1449.Ar device . 1450.It Va btconfig_args 1451.Pq Vt str 1452If 1453.Va btconfig_enable 1454is set to 1455.Dq Li YES , 1456this is the list of configuration parameters to pass to all Bluetooth 1457devices. 1458.It Va sdpd_enable 1459.Pq Vt bool 1460If set to 1461.Dq Li YES , 1462run the Service Discovery Profile daemon 1463.Xr ( sdpd 8 ) 1464at system boot time. 1465.It Va sdpd_flags 1466.Pq Vt str 1467If 1468.Va sdpd_enable 1469is set to 1470.Dq Li YES , 1471these are the flags to pass to the 1472.Xr sdpd 8 1473daemon. 1474.It Va bthcid_enable 1475.Pq Vt bool 1476If set to 1477.Dq Li YES , 1478run the Bluetooth Link Key/PIN Code Manager daemon 1479.Xr ( bthcid 8 ) 1480at system boot time. 1481.It Va bthcid_flags 1482.Pq Vt str 1483If 1484.Va bthcid_enable 1485is set to 1486.Dq Li YES , 1487these are the flags to pass to the 1488.Xr bthcid 8 1489daemon. 1490.It Va nis_client_enable 1491.Pq Vt bool 1492If set to 1493.Dq Li YES , 1494run the 1495.Xr ypbind 8 1496service at system boot time. 1497.It Va nis_client_flags 1498.Pq Vt str 1499If 1500.Va nis_client_enable 1501is set to 1502.Dq Li YES , 1503these are the flags to pass to the 1504.Xr ypbind 8 1505service. 1506.It Va nis_ypset_enable 1507.Pq Vt bool 1508If set to 1509.Dq Li YES , 1510run the 1511.Xr ypset 8 1512daemon at system boot time. 1513.It Va nis_ypset_flags 1514.Pq Vt str 1515If 1516.Va nis_ypset_enable 1517is set to 1518.Dq Li YES , 1519these are the flags to pass to the 1520.Xr ypset 8 1521daemon. 1522.It Va nis_server_enable 1523.Pq Vt bool 1524If set to 1525.Dq Li YES , 1526run the 1527.Xr ypserv 8 1528daemon at system boot time. 1529.It Va nis_server_flags 1530.Pq Vt str 1531If 1532.Va nis_server_enable 1533is set to 1534.Dq Li YES , 1535these are the flags to pass to the 1536.Xr ypserv 8 1537daemon. 1538.It Va nis_ypxfrd_enable 1539.Pq Vt bool 1540If set to 1541.Dq Li YES , 1542run the 1543.Xr rpc.ypxfrd 8 1544daemon at system boot time. 1545.It Va nis_ypxfrd_flags 1546.Pq Vt str 1547If 1548.Va nis_ypxfrd_enable 1549is set to 1550.Dq Li YES , 1551these are the flags to pass to the 1552.Xr rpc.ypxfrd 8 1553daemon. 1554.It Va nis_yppasswdd_enable 1555.Pq Vt bool 1556If set to 1557.Dq Li YES , 1558run the 1559.Xr rpc.yppasswdd 8 1560daemon at system boot time. 1561.It Va nis_yppasswdd_flags 1562.Pq Vt str 1563If 1564.Va nis_yppasswdd_enable 1565is set to 1566.Dq Li YES , 1567these are the flags to pass to the 1568.Xr rpc.yppasswdd 8 1569daemon. 1570.It Va rpc_ypupdated_enable 1571.Pq Vt bool 1572If set to 1573.Dq Li YES , 1574run the 1575.Nm rpc.ypupdated 1576daemon at system boot time. 1577.It Va defaultrouter 1578.Pq Vt str 1579If not set to 1580.Dq Li NO , 1581create a default route to this host name or IP address 1582(use an IP address if this router is also required to get to the 1583name server!). 1584.It Va ipv6_defaultrouter 1585.Pq Vt str 1586The IPv6 equivalent of 1587.Va defaultrouter . 1588.It Va static_routes 1589.Pq Vt str 1590Set to the list of static routes that are to be added at system boot time. 1591If not set to 1592.Dq Li NO 1593then for each whitespace separated 1594.Ar element 1595in the value, a 1596.Va route_ Ns Aq Ar element 1597variable is assumed to exist whose contents will later be passed to a 1598.Dq Nm route Cm add 1599operation. 1600.It Va ipv6_static_routes 1601.Pq Vt str 1602The IPv6 equivalent of 1603.Va static_routes . 1604If not set to 1605.Dq Li NO 1606then for each whitespace separated 1607.Ar element 1608in the value, a 1609.Va ipv6_route_ Ns Aq Ar element 1610variable is assumed to exist whose contents will later be passed to a 1611.Dq Nm route Cm add Fl inet6 1612operation. 1613.It Va gateway_enable 1614.Pq Vt bool 1615If set to 1616.Dq Li YES , 1617configure host to act as an IP router, e.g. to forward packets 1618between interfaces. 1619.It Va ipv6_gateway_enable 1620.Pq Vt bool 1621The IPv6 equivalent of 1622.Va gateway_enable . 1623.It Va router_enable 1624.Pq Vt bool 1625If set to 1626.Dq Li YES , 1627run a routing daemon of some sort, based on the settings of 1628.Va router_program 1629and 1630.Va router_flags . 1631.It Va ipv6_router_enable 1632.Pq Vt bool 1633The IPv6 equivalent of 1634.Va router_enable . 1635If set to 1636.Dq Li YES , 1637run a routing daemon of some sort, based on the settings of 1638.Va ipv6_router_program 1639and 1640.Va ipv6_router_flags . 1641.It Va router_program 1642.Pq Vt str 1643If 1644.Va router_enable 1645is set to 1646.Dq Li YES , 1647this is the name of the routing daemon to use 1648(default 1649.Pa /sbin/routed ) . 1650.It Va ipv6_router_program 1651.Pq Vt str 1652The IPv6 equivalent of 1653.Va router_program 1654(default 1655.Pa /sbin/route6d ) . 1656.It Va router_flags 1657.Pq Vt str 1658If 1659.Va router_enable 1660is set to 1661.Dq Li YES , 1662these are the flags to pass to the routing daemon. 1663.It Va ipv6_router_flags 1664.Pq Vt str 1665The IPv6 equivalent of 1666.Va router_flags . 1667.It Va mrouted_enable 1668.Pq Vt bool 1669If set to 1670.Dq Li YES , 1671run the multicast routing daemon, 1672.Xr mrouted 8 . 1673.It Va mroute6d_enable 1674.Pq Vt bool 1675The IPv6 equivalent of 1676.Va mrouted_enable . 1677If set to 1678.Dq Li YES , 1679run the IPv6 multicast routing daemon. 1680Note that no IPv6 multicast routing daemon is included in the 1681.Dx 1682base system but 1683.Xr pim6dd 8 1684can be installed from the 1685.Xr pkgsrc 7 1686collection. 1687.It Va mrouted_flags 1688.Pq Vt str 1689If 1690.Va mrouted_enable 1691is set to 1692.Dq Li YES , 1693these are the flags to pass to the 1694.Xr mrouted 8 1695daemon. 1696.It Va mroute6d_flags 1697.Pq Vt str 1698The IPv6 equivalent of 1699.Va mrouted_flags . 1700If 1701.Va mroute6d_enable 1702is set to 1703.Dq Li YES , 1704these are the flags passed to the IPv6 multicast routing daemon. 1705.It Va mroute6d_program 1706.Pq Vt str 1707If 1708.Va mroute6d_enable 1709is set to 1710.Dq Li YES , 1711this is the path to the IPv6 multicast routing daemon. 1712.It Va rtadvd_enable 1713.Pq Vt bool 1714If set to 1715.Dq Li YES , 1716run the 1717.Xr rtadvd 8 1718daemon at boot time. 1719.Xr rtadvd 8 1720will only run if 1721.Va ipv6_gateway_enable 1722is also set to 1723.Dq Li YES . 1724The 1725.Xr rtadvd 8 1726utility sends router advertisement packets to the interfaces specified in 1727.Va rtadvd_interfaces . 1728.Xr rtadvd 8 1729and should only be enabled with great care. 1730You may want to fine-tune 1731.Xr rtadvd.conf 5 . 1732.It Va rtadvd_interfaces 1733.Pq Vt str 1734If 1735.Va rtadvd_enable 1736is set to 1737.Dq Li YES 1738this is the list of interfaces to use. 1739.It Va rtsold_enable 1740.Pq Vt bool 1741If set to 1742.Dq Li YES , 1743run the 1744.Xr rtsold 8 1745daemon at boot time. 1746The 1747.Xr rtsold 8 1748daemon is used for automatic discovery of non-link local addresses. 1749.It Va rtsold_flags 1750.Pq Vt str 1751If 1752.Va rtsold_enable 1753is set to 1754.Dq Li YES , 1755these are the flags to pass to the 1756.Xr rtsold 8 1757daemon. 1758.It Va ipxgateway_enable 1759.Pq Vt bool 1760If set to 1761.Dq Li YES , 1762enable the routing of IPX traffic. 1763.It Va ipxrouted_enable 1764.Pq Vt bool 1765If set to 1766.Dq Li YES , 1767run the 1768.Xr IPXrouted 8 1769daemon at system boot time. 1770.It Va ipxrouted_flags 1771.Pq Vt str 1772If 1773.Va ipxrouted_enable 1774is set to 1775.Dq Li YES , 1776these are the flags to pass to the 1777.Xr IPXrouted 8 1778daemon. 1779.It Va arpproxy_all 1780.Pq Vt bool 1781If set to 1782.Dq Li YES , 1783enable global proxy ARP. 1784.It Va forward_sourceroute 1785.Pq Vt bool 1786If set to 1787.Dq Li YES 1788and 1789.Va gateway_enable 1790is also set to 1791.Dq Li YES , 1792source-routed packets are forwarded. 1793.It Va accept_sourceroute 1794.Pq Vt bool 1795If set to 1796.Dq Li YES , 1797the system will accept source-routed packets directed at it. 1798.It Va rarpd_enable 1799.Pq Vt bool 1800If set to 1801.Dq Li YES , 1802run the 1803.Xr rarpd 8 1804daemon at system boot time. 1805.It Va rarpd_flags 1806.Pq Vt str 1807If 1808.Va rarpd_enable 1809is set to 1810.Dq Li YES , 1811these are the flags to pass to the 1812.Xr rarpd 8 1813daemon. 1814.It Va bootparamd_enable 1815.Pq Vt bool 1816If set to 1817.Dq Li YES , 1818run the 1819.Xr bootparamd 8 1820daemon at system boot time. 1821.It Va bootparamd_flags 1822.Pq Vt str 1823If 1824.Va bootparamd_enable 1825is set to 1826.Dq Li YES , 1827these are the flags to pass to the 1828.Xr bootparamd 8 1829daemon. 1830.It Va stf_interface_ipv4addr 1831.Pq Vt str 1832If not set to 1833.Dq Li NO , 1834this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1835Specify this entry to enable the 6to4 interface. 1836.It Va stf_interface_ipv4plen 1837.Pq Vt int 1838Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1839An effective value is 0-31. 1840.It Va stf_interface_ipv6_ifid 1841.Pq Vt str 1842IPv6 interface ID for 1843.Xr stf 4 . 1844This can be set to 1845.Dq Li AUTO . 1846.It Va stf_interface_ipv6_slaid 1847.Pq Vt str 1848IPv6 Site Level Aggregator for 1849.Xr stf 4 . 1850.It Va ipv6_faith_prefix 1851.Pq Vt str 1852If not set to 1853.Dq Li NO , 1854this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP translator. 1855You also need 1856.Xr faithd 8 1857setup. 1858.It Va ipv6_ipv4mapping 1859.Pq Vt bool 1860If set to 1861.Dq Li YES 1862this enables IPv4 mapped IPv6 address communication (like 1863.Li ::ffff:a.b.c.d ) . 1864.It Va atm_enable 1865.Pq Vt bool 1866Set to 1867.Dq Li YES 1868to enable the configuration of ATM interfaces at system boot time. 1869For all of the ATM variables described below, please refer to the 1870.Xr atm 8 1871man page for further details on the available command parameters. 1872Also refer to the files in 1873.Pa /usr/share/examples/atm 1874for more detailed configuration information. 1875.It Va atm_netif_ Ns Aq Ar intf 1876.Pq Vt str 1877For the ATM physical interface 1878.Ar intf , 1879this variable defines the name prefix and count for the ATM network 1880interfaces to be created. 1881The value will be passed as the parameters of an 1882.Dq Nm atm Cm "set netif" Ar intf 1883command. 1884.It Va atm_sigmgr_ Ns Aq Ar intf 1885.Pq Vt str 1886For the ATM physical interface 1887.Ar intf , 1888this variable defines the ATM signalling manager to be used. 1889The value will be passed as the parameters of an 1890.Dq Nm atm Cm attach Ar intf 1891command. 1892.It Va atm_prefix_ Ns Aq Ar intf 1893.Pq Vt str 1894For the ATM physical interface 1895.Ar intf , 1896this variable defines the NSAP prefix for interfaces using a UNI signalling 1897manager. 1898If set to 1899.Dq Li ILMI , 1900the prefix will automatically be set via the 1901.Xr ilmid 8 1902daemon. 1903Otherwise, the value will be passed as the parameters of an 1904.Dq Nm atm Cm "set prefix" Ar intf 1905command. 1906.It Va atm_macaddr_ Ns Aq Ar intf 1907.Pq Vt str 1908For the ATM physical interface 1909.Ar intf , 1910this variable defines the MAC address for interfaces using a UNI signalling 1911manager. 1912If set to 1913.Dq Li NO , 1914the hardware MAC address contained in the ATM interface card will be used. 1915Otherwise, the value will be passed as the parameters of an 1916.Dq Nm atm Cm "set mac" Ar intf 1917command. 1918.It Va atm_arpserver_ Ns Aq Ar netif 1919.Pq Vt str 1920For the ATM network interface 1921.Ar netif , 1922this variable defines the ATM address for a host which is to provide ATMARP 1923service. 1924This variable is only applicable to interfaces using a UNI signalling manager. 1925If set to 1926.Dq Li local , 1927this host will become an ATMARP server. 1928The value will be passed as the parameters of an 1929.Dq Nm atm Cm "set arpserver" Ar netif 1930command. 1931.It Va atm_scsparp_ Ns Aq Ar netif 1932.Pq Vt bool 1933If set to 1934.Dq Li YES , 1935SCSP/ATMARP service for the network interface 1936.Ar netif 1937will be initiated using the 1938.Xr scspd 8 1939and 1940.Xr atmarpd 8 1941daemons. 1942This variable is only applicable if 1943.Va atm_arpserver_ Ns Aq Ar netif 1944is set to 1945.Dq Li local . 1946.It Va atm_arps 1947.Pq Vt str 1948Set to the list of permanent ATM ARP entries to be added at system boot time. 1949For each whitespace separated 1950.Ar element 1951in the value, an 1952.Va atm_arp_ Ns Aq Ar element 1953variable is assumed to exist. 1954The value of each of these variables will be passed as the parameters of an 1955.Dq Nm atm Cm "add arp" 1956command. 1957.It Va keybell 1958.Pq Vt str 1959The keyboard bell sound. 1960Set to 1961.Dq Li normal , 1962.Dq Li visual , 1963.Dq Li off , 1964or 1965.Dq Li NO 1966if the default behavior is desired. 1967For details, refer to the 1968.Xr kbdcontrol 1 1969manpage. 1970.It Va keymap 1971.Pq Vt str 1972If set to 1973.Dq Li NO , 1974no keymap is installed, otherwise the value is used to install 1975the keymap file in 1976.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 1977.It Va keyrate 1978.Pq Vt str 1979The keyboard repeat speed. 1980Set to 1981.Dq Li slow , 1982.Dq Li normal , 1983.Dq Li fast , 1984or 1985.Dq Li NO 1986if the default behavior is desired. 1987.It Va keychange 1988.Pq Vt str 1989If not set to 1990.Dq Li NO , 1991attempt to program the function keys with the value. 1992The value should be a single string of the form: 1993.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 1994.It Va cursor 1995.Pq Vt str 1996Can be set to the value of 1997.Dq Li normal , 1998.Dq Li blink , 1999.Dq Li destructive , 2000or 2001.Dq Li NO 2002to set the cursor behavior explicitly or choose the default behavior. 2003.It Va scrnmap 2004.Pq Vt str 2005If set to 2006.Dq Li NO , 2007no screen map is installed, otherwise the value is used to install 2008the screen map file in 2009.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2010.It Va font8x16 2011.Pq Vt str 2012If set to 2013.Dq Li NO , 2014the default 8x16 font value is used for screen size requests, otherwise 2015the value in 2016.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2017is used. 2018.It Va font8x14 2019.Pq Vt str 2020If set to 2021.Dq Li NO , 2022the default 8x14 font value is used for screen size requests, otherwise 2023the value in 2024.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2025is used. 2026.It Va font8x8 2027.Pq Vt str 2028If set to 2029.Dq Li NO , 2030the default 8x8 font value is used for screen size requests, otherwise 2031the value in 2032.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2033is used. 2034.It Va blanktime 2035.Pq Vt int 2036If set to 2037.Dq Li NO , 2038the default screen blanking interval is used, otherwise it is set to 2039.Ar value 2040seconds. 2041.It Va saver 2042.Pq Vt str 2043If not set to 2044.Dq Li NO , 2045this is the actual screen saver to use 2046.Li ( blank , snake , daemon , 2047etc). 2048.It Va moused_enable 2049.Pq Vt str 2050If set to 2051.Dq Li YES , 2052the 2053.Xr moused 8 2054daemon is started for doing cut/paste selection on the console. 2055.It Va moused_type 2056.Pq Vt str 2057This is the protocol type of the mouse connected to this host. 2058This variable must be set if 2059.Va moused_enable 2060is set to 2061.Dq Li YES . 2062The 2063.Xr moused 8 2064daemon 2065is able to detect the appropriate mouse type automatically in many cases. 2066Set this variable to 2067.Dq Li auto 2068to let the daemon detect it, or 2069select one from the following list if the automatic detection fails. 2070.Pp 2071If the mouse is attached to the PS/2 mouse port, choose 2072.Dq Li auto 2073or 2074.Dq Li ps/2 , 2075regardless of the brand and model of the mouse. 2076Likewise, if the mouse is attached to the bus mouse port, choose 2077.Dq Li auto 2078or 2079.Dq Li busmouse . 2080All other protocols are for serial mice and will not work with 2081the PS/2 and bus mice. 2082If this is a USB mouse, 2083.Dq Li auto 2084is the only protocol type which will work. 2085.Pp 2086.Bl -tag -width ".Li x10mouseremote" -compact 2087.It Li microsoft 2088Microsoft mouse (serial) 2089.It Li intellimouse 2090Microsoft IntelliMouse (serial) 2091.It Li mousesystems 2092Mouse systems Corp. mouse (serial) 2093.It Li mmseries 2094MM Series mouse (serial) 2095.It Li logitech 2096Logitech mouse (serial) 2097.It Li busmouse 2098A bus mouse 2099.It Li mouseman 2100Logitech MouseMan and TrackMan (serial) 2101.It Li glidepoint 2102ALPS GlidePoint (serial) 2103.It Li thinkingmouse 2104Kensington ThinkingMouse (serial) 2105.It Li ps/2 2106PS/2 mouse 2107.It Li mmhittab 2108MM HitTablet (serial) 2109.It Li x10mouseremote 2110X10 MouseRemote (serial) 2111.It Li versapad 2112Interlink VersaPad (serial) 2113.El 2114.Pp 2115Even if the mouse is not in the above list, it may be compatible 2116with one in the list. 2117Refer to the man page for 2118.Xr moused 8 2119for compatibility information. 2120.Pp 2121It should also be noted that while this is enabled, any 2122other client of the mouse (such as an X server) should access 2123the mouse through the virtual mouse device, 2124.Pa /dev/sysmouse , 2125and configure it as a 2126.Dq Li sysmouse 2127type mouse, since all 2128mouse data is converted to this single canonical format when using 2129.Xr moused 8 . 2130If the client program does not support the 2131.Dq Li sysmouse 2132type, specify the 2133.Dq Li mousesystems 2134type. 2135It is the second preferred type. 2136.It Va moused_port 2137.Pq Vt str 2138If 2139.Va moused_enable 2140is set to 2141.Dq Li YES , 2142this is the actual port the mouse is on. 2143It might be 2144.Pa /dev/cuaa0 2145for a COM1 serial mouse, 2146.Pa /dev/psm0 2147for a PS/2 mouse or 2148.Pa /dev/mse0 2149for a bus mouse, for example. 2150.It Va moused_flags 2151.Pq Vt str 2152If 2153.Va moused_type 2154is set, these are the additional flags to pass to the 2155.Xr moused 8 2156daemon. 2157.It Va mousechar_start 2158.Pq Vt int 2159If set to 2160.Dq Li NO , 2161the default mouse cursor character range 2162.Li 0xd0 Ns - Ns Li 0xd3 2163is used, otherwise the range start is set to 2164.Ar value 2165character, see 2166.Xr vidcontrol 1 . 2167Use if the default range is occupied in the language code table. 2168.It Va vidhistory 2169.Pq Vt int 2170Set the size of the history (scrollback) buffer in lines. 2171.It Va allscreens_flags 2172.Pq Vt str 2173If set, 2174.Xr vidcontrol 1 2175is run with these options for each of the virtual terminals 2176.Pq Pa /dev/ttyv* . 2177For example, 2178.Dq Fl m Cm on 2179will enable the mouse pointer on all virtual terminals if 2180.Va moused_enable 2181is set to 2182.Dq Li YES . 2183.It Va allscreens_kbdflags 2184.Pq Vt str 2185If set, 2186.Xr kbdcontrol 1 2187is run with these options for each of the virtual terminals 2188.Pq Pa /dev/ttyv* . 2189For example, 2190.Dq Fl h Li 200 2191will set the 2192.Xr syscons 4 2193scrollback (history) buffer to 200 lines. 2194.It Va cron_enable 2195.Pq Vt bool 2196If set to 2197.Dq Li YES , 2198run the 2199.Xr cron 8 2200daemon at system boot time. 2201.It Va cron_program 2202.Pq Vt str 2203Path to 2204.Xr cron 8 2205(default 2206.Pa /usr/sbin/cron ) . 2207.It Va cron_flags 2208.Pq Vt str 2209If 2210.Va cron_enable 2211is set to 2212.Dq Li YES , 2213these are the flags to pass to 2214.Xr cron 8 . 2215.It Va lpd_program 2216.Pq Vt str 2217Path to 2218.Xr lpd 8 2219(default 2220.Pa /usr/sbin/lpd ) . 2221.It Va lpd_enable 2222.Pq Vt bool 2223If set to 2224.Dq Li YES , 2225run the 2226.Xr lpd 8 2227daemon at system boot time. 2228.It Va lpd_flags 2229.Pq Vt str 2230If 2231.Va lpd_enable 2232is set to 2233.Dq Li YES , 2234these are the flags to pass to the 2235.Xr lpd 8 2236daemon. 2237.It Va nscd_enable 2238.Pq Vt bool 2239If set to 2240.Dq Li YES , 2241run the 2242.Xr nscd 8 2243daemon at system boot time. 2244.It Va mixer_enable 2245.Pq Vt bool 2246If set to 2247.Dq Li YES , 2248preserve 2249.Xr mixer 8 2250settings across reboots. 2251.It Va mta_start_script 2252.Pq Vt str 2253The full path to the script to run to start 2254a mail transfer agent. 2255The default is 2256.Pa /etc/rc.sendmail . 2257The 2258.Va sendmail_* 2259variables which 2260.Pa /etc/rc.sendmail 2261uses are documented in the 2262.Xr rc.sendmail 8 2263man page. 2264.It Va fixbootfile 2265.Pq Vt bool 2266In a 2267.Sq HAMMER ROOT with UFS /boot 2268setup, the boot loader will not set up the 2269.Va kern.bootfile 2270sysctl correctly. 2271The system will attempt to fix this on its own. 2272Set this variable to 2273.Dq Li NO 2274to turn this behavior off. 2275.It Va dumpdev 2276.Pq Vt str 2277Indicates the device (usually a swap partition) to which a crash dump 2278should be written in the event of a system crash. 2279The value of this variable is passed as the argument to 2280.Xr dumpon 8 2281and 2282.Xr savecore 8 . 2283To disable crash dumps, set this variable to 2284.Dq Li NO . 2285.It Va dumpdir 2286.Pq Vt str 2287When the system reboots after a crash and a crash dump is found on the 2288device specified by the 2289.Va dumpdev 2290variable, 2291.Xr savecore 8 2292will save that crash dump and a copy of the kernel to the directory 2293specified by the 2294.Va dumpdir 2295variable. 2296The default value is 2297.Pa /var/crash . 2298Set to 2299.Dq Li NO 2300to not run 2301.Xr savecore 8 2302at boot time when 2303.Va dumpdir 2304is set. 2305.It Va savecore_flags 2306.Pq Vt str 2307If crash dumps are enabled, these are the flags to pass to the 2308.Xr savecore 8 2309utility. 2310.It Va enable_quotas 2311.Pq Vt bool 2312Set to 2313.Dq Li YES 2314to turn on user disk quotas on system startup via the 2315.Xr quotaon 8 2316command. 2317.It Va check_quotas 2318.Pq Vt bool 2319Set to 2320.Dq Li YES 2321to enable user disk quota checking via the 2322.Xr quotacheck 8 2323command. 2324.It Va accounting_enable 2325.Pq Vt bool 2326Set to 2327.Dq Li YES 2328to enable system accounting through the 2329.Xr accton 8 2330facility. 2331.It Va linux_enable 2332.Pq Vt bool 2333Set to 2334.Dq Li YES 2335to enable Linux/ELF binary emulation at system initial boot time. 2336.It Va sysvipc_enable 2337.Pq Vt bool 2338If set to 2339.Dq Li YES , 2340load System V IPC primitives at boot time. 2341.\" ----- cleanvar_enable setting-------------------------------- 2342.It Va cleanvar_enable 2343.Pq Vt bool 2344Set to 2345.Dq Li YES 2346to have 2347.Pa /var/run , 2348.Pa /var/spool/lock 2349and 2350.Pa /var/spool/uucp/.Temp/* 2351cleaned at startup. 2352.\" ----- clear_tmp_enable setting------------------------------- 2353.It Va clear_tmp_enable 2354.Pq Vt bool 2355Set to 2356.Dq Li YES 2357to have 2358.Pa /tmp 2359cleaned at startup. 2360.\" ----- ldconfig_paths setting -------------------------------- 2361.It Va ldconfig_paths 2362.Pq Vt str 2363Set to the list of shared library paths to use with 2364.Xr ldconfig 8 . 2365NOTE: 2366.Pa /usr/lib 2367will always be added first, so it need not appear in this list. 2368.It Va ldconfig_insecure 2369.Pq Vt bool 2370The 2371.Xr ldconfig 8 2372utility normally refuses to use directories 2373which are writable by anyone except root. 2374Set this variable to 2375.Dq Li YES 2376to disable that security check during system startup. 2377.It Va kern_securelevel 2378.Pq Vt int 2379The kernel security level to set at startup. 2380The allowed range of 2381.Ar value 2382ranges from \-1 (the compile time default) to 3 (the most secure). 2383See 2384.Xr init 8 2385for the list of possible security levels and their effect on system operation. 2386.It Va start_vinum 2387.Pq Vt bool 2388Set to 2389.Dq Li YES 2390to start 2391.Xr vinum 8 2392at system boot time. 2393.It Va sshd_enable 2394.Pq Vt bool 2395Set to 2396.Dq Li YES 2397to start 2398.Xr sshd 8 2399at system boot time. 2400.It Va sshd_program 2401.Pq Vt str 2402Path to the SSH server program 2403(default 2404.Pa /usr/sbin/sshd ) . 2405.It Va sshd_flags 2406.Pq Vt str 2407If 2408.Va sshd_enable 2409is set to 2410.Dq Li YES , 2411these are the flags to pass to the 2412.Xr sshd 8 2413daemon. 2414.It Va ftpd_enable 2415.Pq Vt bool 2416Set to 2417.Dq Li YES 2418to start 2419.Xr ftpd 8 2420at system boot time. 2421.It Va ftpd_flags 2422.Pq Vt str 2423If 2424.Va ftpd_enable 2425is set to 2426.Dq Li YES , 2427these are the flags to pass to the 2428.Xr ftpd 8 2429daemon. 2430.It Va usbd_enable 2431.Pq Vt bool 2432If set to 2433.Dq Li YES , 2434run the 2435.Xr usbd 8 2436daemon at boot time. 2437.It Va usbd_flags 2438.Pq Vt str 2439If 2440.Va usbd_enable 2441is set to 2442.Dq Li YES , 2443these are the flags passed to 2444.Xr usbd 8 2445daemon. 2446.It Va watchdogd_enable 2447.Pq Vt bool 2448If set to 2449.Dq Li YES , 2450start the 2451.Xr watchdogd 8 2452daemon at boot time. 2453This requires that the kernel have been compiled with 2454.Cd "options WATCHDOG" . 2455.It Va jail_enable 2456.Pq Vt bool 2457If set to 2458.Dq Li NO , 2459any configured jails will not be started. 2460.It Va jail_list 2461.Pq Vt str 2462A space separated list of names for jails. 2463This is purely a configuration aid to help identify and 2464configure multiple jails. 2465The names specified in this list will be used to 2466identify settings common to an instance of a jail. 2467Assuming that the jail in question was named 2468.Li vjail , 2469you would have the following dependent variables: 2470.Bd -literal 2471jail_vjail_hostname="jail.example.com" 2472jail_vjail_ip="192.168.1.100" 2473jail_vjail_rootdir="/var/jails/vjail/root" 2474.Ed 2475.Pp 2476.It Va jail_flags 2477.Pq Vt str 2478Unset by default. 2479When set, use as default value for 2480.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2481for every jail in 2482.Va jail_list . 2483.It Va jail_interface 2484.Pq Vt str 2485Unset by default. 2486When set, use as default value for 2487.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2488for every jail in 2489.Va jail_list . 2490.It Va jail_fstab 2491.Pq Vt str 2492Unset by default. 2493When set, use as default value for 2494.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2495for every jail in 2496.Va jail_list . 2497.It Va jail_mount_enable 2498.Pq Vt bool 2499Set to 2500.Dq Li NO 2501by default. 2502When set to 2503.Dq Li YES , 2504sets 2505.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2506to 2507.Dq Li YES 2508by default for every jail in 2509.Va jail_list . 2510.It Va jail_fdesc_enable 2511.Pq Vt bool 2512Set to 2513.Dq Li NO 2514by default. 2515When set to 2516.Dq Li YES , 2517sets 2518.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2519to 2520.Dq Li YES 2521by default for every jail in 2522.Va jail_list . 2523.It Va jail_procfs_enable 2524.Pq Vt bool 2525Set to 2526.Dq Li NO 2527by default. 2528When set to 2529.Dq Li YES , 2530sets 2531.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2532to 2533.Dq Li YES 2534by default for every jail in 2535.Va jail_list . 2536.It Va jail_exec_start 2537.Pq Vt str 2538Unset by default. 2539When set, use as default value for 2540.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2541for every jail in 2542.Va jail_list . 2543.It Va jail_exec_stop 2544Unset by default. 2545When set, use as default value for 2546.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2547for every jail in 2548.Va jail_list . 2549.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2550.Pq Vt str 2551Unset by default. 2552Set to the root directory used by jail 2553.Va jname . 2554.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2555.Pq Vt str 2556Unset by default. 2557Set to the fully qualified domain name (FQDN) assigned to jail 2558.Va jname . 2559.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2560.Pq Vt str 2561Unset by default. 2562Set to the IP address assigned to jail 2563.Va jname . 2564.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2565.Pq Vt str 2566Set to 2567.Dq Li -l -U root 2568by default. 2569These are flags to pass to 2570.Xr jail 8 . 2571.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2572.Pq Vt str 2573Unset by default. 2574When set, sets the interface to use when setting IP address alias. 2575Note that the alias is created at jail startup and removed at jail shutdown. 2576.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2577.Pq Vt str 2578Set to 2579.Pa /etc/fstab. Ns Aq Ar jname 2580by default. 2581This is the file system information file to use for jail 2582.Va jname . 2583.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2584.Pq Vt bool 2585Set to 2586.Dq Li NO 2587by default. 2588When set to 2589.Dq Li YES , 2590mount all file systems from 2591.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2592at jail startup. 2593.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2594.Pq Vt bool 2595Set to 2596.Dq Li NO 2597by default. 2598When set to 2599.Dq Li YES , 2600mount the file-descriptor file system inside jail 2601.Ar jname 2602at jail startup. 2603.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2604.Pq Vt bool 2605Set to 2606.Dq Li NO 2607by default. 2608When set to 2609.Dq Li YES , 2610mount the process file system inside jail 2611.Ar jname 2612at jail startup. 2613.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2614.Pq Vt str 2615Set to 2616.Dq Li /bin/sh /etc/rc 2617by default. 2618This is the command executed at jail startup. 2619.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2620.Pq Vt str 2621Set to 2622.Dq Li /bin/sh /etc/rc.shutdown 2623by default. 2624This is the command executed at jail shutdown. 2625.It Va jail_set_hostname_allow 2626.Pq Vt bool 2627If set to 2628.Dq Li NO , 2629do not allow the root user in a jail to set its hostname. 2630.It Va jail_socket_unixiproute_only 2631.Pq Vt bool 2632If set to 2633.Dq Li YES , 2634do not allow any sockets, 2635besides UNIX/IP/route sockets, 2636to be used within a jail. 2637.It Va jail_sysvipc_allow 2638.Pq Vt bool 2639If set to 2640.Dq Li YES , 2641allow applications within a jail to use System V IPC. 2642.It Va newsyslog_enable 2643.Pq Vt bool 2644If set to 2645.Dq Li YES , 2646run 2647.Xr newsyslog 8 2648before syslogd starts. 2649.It Va newsyslog_flags 2650.Pq Vt str 2651If 2652.Va newsyslog_enable 2653is set to 2654.Dq Li YES , 2655these are the flags passed to 2656.Xr newsyslog 8 . 2657.It Va resident_enable 2658.Pq Vt bool 2659If set to 2660.Dq Li YES , 2661make the dynamic binaries listed in 2662.Pa /etc/resident.conf 2663resident. 2664.It Va varsym_enable 2665.Pq Vt bool 2666If set to 2667.Dq Li YES , 2668process 2669.Pa /etc/varsym.conf 2670to set system-wide variables for variant symlinks. 2671.It Va rand_irqs 2672.Pq Vt str 2673Set either to 2674.Dq Li NO 2675or a whitespace separated list of IRQ numbers which will be used as a source of 2676randomness. 2677.\" ----- isdn settings --------------------------------- 2678.It Va isdn_enable 2679.Pq Vt bool 2680Set to 2681.Dq Li NO 2682by default. 2683When set to 2684.Dq Li YES , 2685starts the 2686.Xr isdnd 8 2687daemon at system boot time. 2688.It Va isdn_flags 2689.Pq Vt str 2690Set to 2691.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2692by default. 2693Additional flags to pass to 2694.Xr isdnd 8 2695(but see 2696.Va isdn_fsdev 2697and 2698.Va isdn_ttype 2699for certain tunable parameters). 2700.It Va isdn_ttype 2701.Pq Vt str 2702Set to 2703.Dq Li cons25 2704by default. 2705The terminal type of the output device when 2706.Xr isdnd 8 2707operates in full-screen mode. 2708.It Va isdn_screenflags 2709.Pq Vt str 2710Set to 2711.Dq Li NO 2712by default. 2713The video mode for full-screen mode (only for 2714.Xr syscons 4 2715console driver, see 2716.Xr vidcontrol 1 2717for valid modes). 2718.It Va isdn_fsdev 2719.Pq Vt str 2720Set to 2721.Dq Li NO 2722by default. 2723The output device for 2724.Xr isdnd 8 2725in full-screen mode (or 2726.Dq Li NO 2727for daemon mode). 2728.It Va isdn_trace 2729.Pq Vt bool 2730Set to 2731.Dq Li NO 2732by default. 2733When set to 2734.Dq Li YES , 2735enables the ISDN protocol trace utility 2736.Xr isdntrace 8 2737at system boot time. 2738.It Va isdn_traceflags 2739.Pq Vt str 2740Set to 2741.Dq Fl f Pa /var/tmp/isdntrace0 2742by default. 2743Flags for 2744.Xr isdntrace 8 . 2745.\" ----------------------------------------------------- 2746.It Va entropy_dir 2747.Pq Vt str 2748Set to 2749.Dq Li NO 2750to disable caching entropy via 2751.Xr cron 8 . 2752Otherwise set to the directory used to store entropy files in. 2753.It Va entropy_file 2754.Pq Vt str 2755Set to 2756.Dq Li NO 2757to disable caching entropy through reboots. 2758Otherwise set to the filename used to store cached entropy through reboots. 2759This file should be located on the root file system to seed the 2760.Xr random 4 2761device as early as possible in the boot process. 2762.It Va ipsec_enable 2763.Pq Vt bool 2764Set to 2765.Dq Li YES 2766to run 2767.Xr setkey 8 2768on 2769.Va ipsec_file 2770at boot time. 2771.It Va ipsec_file 2772.Pq Vt str 2773Configuration file for 2774.Xr setkey 8 . 2775.It Va dmesg_enable 2776.Pq Vt bool 2777Set to 2778.Dq Li YES 2779to save 2780.Xr dmesg 8 2781to 2782.Pa /var/run/dmesg.boot 2783on boot. 2784.It Va rcshutdown_timeout 2785.Pq Vt int 2786If set, start a watchdog timer in the background which will terminate 2787.Pa rc.shutdown 2788if 2789.Xr shutdown 8 2790has not completed within the specified time (in seconds). 2791.It Va vkernel_enable 2792.Pq Vt bool 2793If set to 2794.Dq Li NO , 2795any configured vkernels will not be started. 2796.It Va vkernel_list 2797.Pq Vt str 2798A space separated list of names for vkernels. 2799This is purely a configuration aid to help identify and 2800configure multiple vkernels. 2801The names specified in this list will be used to 2802identify settings common to a vkernel instance. 2803Assuming that the vkernel in question was named 2804.Li example , 2805you would have the following dependent variables 2806(filled with reference values in this text): 2807.Bd -literal 2808vkernel_example_bin="/usr/obj/usr/src/sys/VKERNEL/kernel.debug" 2809vkernel_example_memsize="64m" 2810vkernel_example_rootimg_list="/var/vkernel/rootimg.01" 2811vkernel_example_iface_list="auto:bridge0" 2812vkernel_example_logfile="/dev/null" 2813vkernel_example_flags="-U" 2814.Ed 2815.Pp 2816The last three are optional. 2817They default to an empty string if not set, except for logfile which defaults to 2818.Pa /dev/null 2819if it is not set. 2820.El 2821.Sh FILES 2822.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2823.It Pa /etc/defaults/rc.conf 2824.It Pa /etc/rc.conf 2825.It Pa /etc/rc.conf.local 2826.It Pa /etc/start_if. Ns Aq Ar interface 2827.El 2828.Sh SEE ALSO 2829.Xr catman 1 , 2830.Xr gdb 1 , 2831.Xr info 1 , 2832.Xr kbdcontrol 1 , 2833.Xr varsym 1 , 2834.Xr vidcontrol 1 , 2835.Xr ip 4 , 2836.Xr ipf 4 , 2837.Xr ipfw 4 , 2838.Xr kld 4 , 2839.Xr pf 4 , 2840.Xr tcp 4 , 2841.Xr udp 4 , 2842.Xr exports 5 , 2843.Xr motd 5 , 2844.Xr resident.conf 5 , 2845.Xr varsym.conf 5 , 2846.Xr accton 8 , 2847.Xr amd 8 , 2848.Xr apm 8 , 2849.Xr atm 8 , 2850.Xr btconfig 8 , 2851.Xr bthcid 8 , 2852.Xr cron 8 , 2853.Xr devd 8 , 2854.Xr dhclient 8 , 2855.Xr dntpd 8 , 2856.Xr ftpd 8 , 2857.Xr ifconfig 8 , 2858.Xr inetd 8 , 2859.Xr isdnd 8 , 2860.Xr isdntrace 8 , 2861.Xr jail 8 , 2862.Xr lpd 8 , 2863.Xr makewhatis 8 , 2864.Xr mixer 8 , 2865.Xr mountd 8 , 2866.Xr moused 8 , 2867.Xr mrouted 8 , 2868.Xr named 8 , 2869.Xr nfsd 8 , 2870.Xr pcnfsd 8 , 2871.Xr pfctl 8 , 2872.Xr pflogd 8 , 2873.Xr quotacheck 8 , 2874.Xr quotaon 8 , 2875.Xr rc 8 , 2876.Xr rc.sendmail 8 , 2877.Xr resident 8 , 2878.Xr rndcontrol 8 , 2879.Xr route 8 , 2880.Xr routed 8 , 2881.Xr rpcbind 8 , 2882.Xr rpc.lockd 8 , 2883.Xr rpc.statd 8 , 2884.Xr rtadvd 8 , 2885.Xr rtsold 8 , 2886.Xr rwhod 8 , 2887.Xr savecore 8 , 2888.Xr sdpd 8 , 2889.Xr sensorsd 8 , 2890.Xr sshd 8 , 2891.Xr swapon 8 , 2892.Xr sysctl 8 , 2893.Xr syslogd 8 , 2894.Xr timed 8 , 2895.Xr usbd 8 , 2896.Xr vinum 8 , 2897.Xr yp 8 , 2898.Xr ypbind 8 , 2899.Xr ypserv 8 , 2900.Xr ypset 8 2901.Sh HISTORY 2902The 2903.Nm 2904file appeared in 2905.Fx 2.2.2 . 2906.Sh AUTHORS 2907.An Jordan K. Hubbard . 2908