1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $ 26.\" 27.Dd April 8, 2010 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the installer. 42.Pp 43The purpose of 44.Nm 45is not to run commands or perform system startup actions directly. 46Instead, it is included by the various generic startup scripts in 47.Pa /etc 48which conditionalize their 49internal actions according to the settings found there. 50.Pp 51The 52.Pa /etc/defaults/rc.conf 53file specifies the default settings for all the available options, 54the 55.Pa /etc/rc.conf 56file specifies override settings. 57Options need only be specified in 58.Pa /etc/rc.conf 59when the system administrator wishes to override the defaults. 60The file 61.Pa /etc/rc.conf.local 62is used to override settings in 63.Pa /etc/rc.conf 64for historical reasons. 65See the 66.Va rc_conf_files 67variable below. 68.Pp 69The following list provides a name and short description for each 70variable that can be set in the 71.Nm 72file. 73To set a variable of 74.Vt bool 75type, specify either 76.Dq Li YES , 77.Dq Li TRUE , 78.Dq Li ON , 79or 80.Dq Li 1 . 81To unset, specify 82.Dq Li NO , 83.Dq Li FALSE , 84.Dq Li OFF , 85or 86.Dq Li 0 . 87These values are case insensitive. 88The 89.Va _enable 90postfix in the name of a variable for starting a service can be 91omitted (as in 92.Nx ) . 93.Bl -tag -width indent-two 94.It Va rc_debug 95.Pq Vt bool 96If set to 97.Dq Li YES , 98enable output of debug messages from rc scripts. 99This variable can be helpful in diagnosing mistakes when 100editing or integrating new scripts. 101Beware that this produces copious output to the terminal and 102.Xr syslog 3 . 103.It Va rc_info 104.Pq Vt bool 105If set to 106.Dq Li NO , 107disable informational messages from the rc scripts. 108Informational messages are displayed when 109a condition that is not serious enough to warrant a warning or an error occurs. 110.It Va swapfile 111.Pq Vt str 112If set to 113.Dq Li NO , 114no swapfile is installed, otherwise the value is used as the full 115pathname to a file to use for additional swap space. 116.It Va apm_enable 117.Pq Vt bool 118If set to 119.Dq Li YES , 120enable support for Automatic Power Management with the 121.Xr apm 8 122command. 123.It Va apmd_enable 124.Pq Vt bool 125Run 126.Xr apmd 8 127to handle APM event from userland. 128This also enables support for APM. 129.It Va apmd_flags 130.Pq Vt str 131If 132.Va apmd_enable 133is set to 134.Dq Li YES , 135these are the flags to pass to the 136.Xr apmd 8 137daemon. 138.It Va battd_enable 139Enable 140.Xr battd 8 141to monitor the status of batteries present in the system. 142This also enables support for APM. 143.It Va battd_flags 144.Pq Vt str 145If 146.Va battd_enable 147is set to 148.Dq Li YES , 149these are the flags to pass to the 150.Xr battd 8 151daemon. 152.It Va devd_enable 153.Pq Vt bool 154Run 155.Xr devd 8 156to handle device added, removed or unknown events from the kernel. 157.It Va devd_flags 158.Pq Vt str 159If 160.Va devd_enable 161is set to 162.Dq Li YES , 163these are the flags to pass to the 164.Xr devd 8 165daemon. 166.It Va sensorsd_enable 167.Pq Vt bool 168Set to 169.Dq Li NO 170by default. 171Setting this to 172.Dq Li YES 173enables 174.Xr sensorsd 8 , 175a sensors monitoring and logging daemon. 176.It Va sensorsd_flags 177.Pq Vt str 178Empty by default. 179Additional flags passed to the 180.Xr sensorsd 8 181program. 182.It Va hotplugd_enable 183.Pq Vt bool 184Set to 185.Dq Li NO 186by default. 187Setting this to 188.Dq Li YES 189enables 190.Xr hotplugd 8 , 191a devices hot plugging monitoring daemon. 192.It Va hotplugd_flags 193.Pq Vt str 194Empty by default. 195Additional flags passed to the 196.Xr hotplugd 8 197program. 198.It Va pccard_ifconfig 199.Pq Vt str 200List of arguments to be passed to 201.Xr ifconfig 8 202at boot time or on insertion of the card (e.g.\& 203.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 204for a fixed address or 205.Dq Li DHCP 206for a DHCP client). 207.It Va pccard_ether_delay 208.Pq Vt str 209Set the delay before starting 210.Xr dhclient 8 211in the 212.Pa /etc/pccard_ether 213script. 214This defaults to 5 seconds to work around a bug in the 215.Xr ed 4 216driver which can lead to system hangs when using some newer 217.Xr ed 4 218based cards. 219.It Va removable_interfaces 220.Pq Vt str 221List of removable network interfaces to be supported by 222.Pa /etc/pccard_ether . 223.It Va local_startup 224.Pq Vt str 225List of directories to search for startup script files. 226.It Va script_name_sep 227.Pq Vt str 228The field separator to use for breaking down the list of startup script files 229into individual filenames. 230The default is a space. 231It is not necessary to change this unless there are startup scripts with names 232containing spaces. 233.It Va hostapd_enable 234.Pq Vt bool 235Set to 236.Dq Li YES 237to start 238.Xr hostapd 8 239at system boot time. 240.It Va hostname 241.Pq Vt str 242The fully qualified domain name (FQDN) of this host on the network. 243This should almost certainly be set to something meaningful, even if 244there is no network connection. 245If 246.Xr dhclient 8 247is used to set the hostname via DHCP, 248this variable should be set to an empty string. 249.It Va ipv6_enable 250.Pq Vt bool 251Enable support for IPv6 networking. 252Note that this requires that the kernel have been compiled with 253.Cd "options INET6" . 254.It Va nisdomainname 255.Pq Vt str 256The NIS domain name of this host, or 257.Dq Li NO 258if NIS is not used. 259.It Va dhclient_program 260.Pq Vt str 261Path to the DHCP client program 262(default 263.Pa /sbin/dhclient ) . 264.It Va dhclient_flags 265.Pq Vt str 266Additional flags to pass to the DHCP client program. 267.It Va pf_enable 268.Pq Vt bool 269Set to 270.Dq Li YES 271to load 272.Xr pf 4 273at startup. 274If the kernel was not built with 275.Cd "device pf" , 276the 277.Pa pf.ko 278kernel module will be loaded. 279See also 280.Va firewall_enable 281and 282.Va ipfilter_enable . 283.It Va pf_rules 284.Pq Vt str 285Path to the 286.Xr pf 4 287ruleset definition file. 288.It Va pf_program 289.Pq Vt str 290Path to 291.Xr pfctl 8 . 292.It Va pf_flags 293.Pq Vt str 294If 295.Va pf_enable 296is set to 297.Dq Li YES , 298these are the flags to pass to 299.Xr pfctl 8 300when loading the ruleset. 301.It Va pflog_enable 302.Pq Vt bool 303Set this to 304.Dq Li YES 305to enable 306.Xr pflogd 8 307which logs packets from 308.Xr pf 4 . 309.It Va pflog_logfile 310.Pq Vt str 311If 312.Va pflog_enable 313is set to 314.Dq Li YES 315this specifies the path of the log file. 316.It Va pflog_program 317.Pq Vt str 318Path to 319.Xr pflogd 8 . 320.It Va pflog_flags 321.Pq Vt str 322If 323.Va pflog_enable 324is set to 325.Dq Li YES , 326these are the flags to pass to 327.Xr pflogd 8 . 328.It Va firewall_enable 329.Pq Vt bool 330Set to 331.Dq Li YES 332to load firewall rules at startup. 333If the kernel was not built with 334.Cd "options IPFIREWALL" , 335the 336.Pa ipfw.ko 337kernel module will be loaded. 338See also 339.Va pf_enable 340and 341.Va ipfilter_enable . 342.It Va ipv6_firewall_enable 343.Pq Vt bool 344The IPv6 equivalent of 345.Va firewall_enable . 346Set to 347.Dq Li YES 348to load IPv6 firewall rules at startup. 349If the kernel was not built with 350.Cd "options IPV6FIREWALL" , 351the 352.Pa ip6fw.ko 353kernel module will be loaded. 354.It Va firewall_script 355.Pq Vt str 356The full path to the firewall script to run 357(default 358.Pa /etc/rc.firewall ) . 359.It Va ipv6_firewall_script 360.Pq Vt str 361The IPv6 equivalent of 362.Va firewall_script . 363.It Va firewall_type 364.Pq Vt str 365Names the firewall type from the selection in 366.Pa /etc/rc.firewall , 367or the file which contains the local firewall ruleset. 368Valid selections from 369.Pa /etc/rc.firewall 370are: 371.Pp 372.Bl -tag -width ".Li simple" -compact 373.It Li open 374unrestricted IP access 375.It Li closed 376all IP services disabled, except via 377.Dq Li lo0 378.It Li client 379basic protection for a workstation on a LAN 380.It Li simple 381alias for 382.Li client . 383.El 384.Pp 385If a filename is specified, the full path must be given. 386.It Va firewall_trusted_nets 387.Pq Vt str 388List of trusted networks (if 389.Va firewall_type 390is set to 391.Li client ) . 392.It Va firewall_trusted_interfaces 393.Pq Vt str 394List of trusted network interfaces (if 395.Va firewall_type 396is set to 397.Li client ) . 398.It Va firewall_allowed_icmp_types 399.Pq Vt str 400List of allowed ICMP types (if 401.Va firewall_type 402is set to 403.Li client ) . 404.It Va firewall_open_tcp_ports 405.Pq Vt str 406List of TCP ports to open (if 407.Va firewall_type 408is set to 409.Li client ) . 410.It Va firewall_open_udp_ports 411.Pq Vt str 412List of UDP ports to open (if 413.Va firewall_type 414is set to 415.Li client ) . 416.It Va ipv6_firewall_type 417.Pq Vt str 418The IPv6 equivalent of 419.Va firewall_type . 420.It Va firewall_quiet 421.Pq Vt bool 422Set to 423.Dq Li YES 424to disable the display of firewall rules on the console during boot. 425.It Va ipv6_firewall_quiet 426.Pq Vt bool 427The IPv6 equivalent of 428.Va firewall_quiet . 429.It Va firewall_logging 430.Pq Vt bool 431Set to 432.Dq Li YES 433to enable firewall event logging. 434This is equivalent to the 435.Dv IPFIREWALL_VERBOSE 436kernel option. 437.It Va ipv6_firewall_logging 438.Pq Vt bool 439The IPv6 equivalent of 440.Va firewall_logging . 441.It Va firewall_flags 442.Pq Vt str 443Flags passed to 444.Xr ipfw 8 445if 446.Va firewall_type 447specifies a filename. 448.It Va ipv6_firewall_flags 449.Pq Vt str 450The IPv6 equivalent of 451.Va firewall_flags . 452.It Va natd_program 453.Pq Vt str 454Path to 455.Xr natd 8 . 456.It Va natd_enable 457.Pq Vt bool 458Set to 459.Dq Li YES 460to enable 461.Xr natd 8 . 462.Va firewall_enable 463must also be set to 464.Dq Li YES , 465and 466.Xr divert 4 467sockets must be enabled in the kernel. 468.It Va natd_interface 469.Pq Vt str 470This is the name of the public interface on which 471.Xr natd 8 472should run. 473The interface may be given as an interface name or as an IP address. 474.It Va natd_flags 475.Pq Vt str 476Additional 477.Xr natd 8 478flags should be placed here. 479The 480.Fl n 481or 482.Fl a 483flag is automatically added with the above 484.Va natd_interface 485as an argument. 486.\" ----- ipfilter_enable setting -------------------------------- 487.It Va ipfilter_enable 488.Pq Vt bool 489Set to 490.Dq Li NO 491by default. 492Setting this to 493.Dq Li YES 494enables 495.Xr ipf 8 496packet filtering. 497.Pp 498Typical usage will require putting 499.Bd -literal 500ipfilter_enable="YES" 501ipnat_enable="YES" 502ipmon_enable="YES" 503ipfs_enable="YES" 504.Ed 505.Pp 506into 507.Pa /etc/rc.conf 508and editing 509.Pa /etc/ipf.rules 510and 511.Pa /etc/ipnat.rules 512appropriately. 513.Pp 514Note that 515.Va ipfilter_enable 516and 517.Va ipnat_enable 518can be enabled independently. 519.Va ipmon_enable 520and 521.Va ipfs_enable 522both require at least one of 523.Va ipfilter_enable 524and 525.Va ipnat_enable 526to be enabled. 527.Pp 528Having 529.Bd -literal 530options IPFILTER 531options IPFILTER_LOG 532options IPFILTER_DEFAULT_BLOCK 533.Ed 534.Pp 535in the kernel configuration file is a good idea, too. 536See also 537.Va pf_enable 538and 539.Va firewall_enable . 540.\" ----- ipfilter_program setting ------------------------------ 541.It Va ipfilter_program 542.Pq Vt str 543Path to 544.Xr ipf 8 545(default 546.Pa /sbin/ipf ) . 547.\" ----- ipfilter_rules setting -------------------------------- 548.It Va ipfilter_rules 549.Pq Vt str 550Set to 551.Pa /etc/ipf.rules 552by default. 553The name of the filter rule definition file. 554The file is expected to be readable for the 555.Xr ipf 8 556command to execute. 557.\" ----- ipv6_ipfilter_rules setting --------------------------- 558.It Va ipv6_ipfilter_rules 559.Pq Vt str 560Set to 561.Pa /etc/ipf6.rules 562by default. 563The name of the IPv6 filter rule definition file. 564The file is expected to be readable for the 565.Xr ipf 8 566command to execute. 567.\" ----- ipfilter_flags setting -------------------------------- 568.It Va ipfilter_flags 569.Pq Vt str 570Empty by default. 571Flags passed to the 572.Xr ipf 8 573program. 574.\" ----- ipnat_enable setting ---------------------------------- 575.It Va ipnat_enable 576.Pq Vt bool 577Set to 578.Dq Li NO 579by default. 580Set it to 581.Dq Li YES 582to enable 583.Xr ipnat 8 584network address translation. 585See 586.Va ipfilter_enable 587for a detailed discussion. 588.\" ----- ipnat_program setting --------------------------------- 589.It Va ipnat_program 590.Pq Vt str 591Path to 592.Xr ipnat 8 593(default 594.Pa /sbin/ipnat ) . 595.\" ----- ipnat_rules setting ----------------------------------- 596.It Va ipnat_rules 597.Pq Vt str 598Set to 599.Pa /etc/ipnat.rules 600by default. 601The name of the file 602holding the network address translation definition. 603This file is expected to be readable for the 604.Xr ipnat 8 605command to execute. 606.\" ----- ipnat_flags setting ----------------------------------- 607.It Va ipnat_flags 608.Pq Vt str 609Empty by default. 610Flags passed to the 611.Xr ipnat 8 612program. 613.\" ----- ipmon_enable setting ---------------------------------- 614.It Va ipmon_enable 615.Pq Vt bool 616Set to 617.Dq Li NO 618by default. 619Set it to 620.Dq Li YES 621to enable 622.Xr ipmon 8 623monitoring (logging 624.Xr ipf 8 625and 626.Xr ipnat 8 627events). 628Setting this variable needs setting 629.Va ipfilter_enable 630or 631.Va ipnat_enable 632too. 633See 634.Va ipfilter_enable 635for a detailed discussion. 636.\" ----- ipmon_program setting --------------------------------- 637.It Va ipmon_program 638.Pq Vt str 639Path to 640.Xr ipmon 8 641(default 642.Pa /sbin/ipmon ) . 643.\" ----- ipmon_flags setting ----------------------------------- 644.It Va ipmon_flags 645.Pq Vt str 646Set to 647.Dq Li -Ds 648by default. 649Flags passed to the 650.Xr ipmon 8 651program. 652Another typical example would be 653.Dq Fl D Pa /var/log/ipflog 654to have 655.Xr ipmon 8 656log directly to a file bypassing 657.Xr syslogd 8 . 658Make sure to adjust 659.Pa /etc/newsyslog.conf 660in such case like this: 661.Bd -literal 662/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 663.Ed 664.\" ----- ipfs_enable setting ----------------------------------- 665.It Va ipfs_enable 666.Pq Vt bool 667Set to 668.Dq Li NO 669by default. 670Set it to 671.Dq Li YES 672to enable 673.Xr ipfs 8 674saving the filter and NAT state tables during shutdown 675and reloading them during startup again. 676Setting this variable needs setting 677.Va ipfilter_enable 678or 679.Va ipnat_enable 680to 681.Dq Li YES 682too. 683See 684.Va ipfilter_enable 685for a detailed discussion. 686Note that if 687.Va kern_securelevel 688is set to 3, 689.Va ipfs_enable 690cannot be used because the raised securelevel will prevent 691.Xr ipfs 8 692from saving the state tables at shutdown time. 693.\" ----- ipfs_program setting ---------------------------------- 694.It Va ipfs_program 695.Pq Vt str 696Path to 697.Xr ipfs 8 698(default 699.Pa /sbin/ipfs ) . 700.\" ----- ipfs_flags setting ------------------------------------ 701.It Va ipfs_flags 702.Pq Vt str 703Empty by default. 704Flags passed to the 705.Xr ipfs 8 706program. 707.\" ----- end of added ipf hook --------------------------------- 708.It Va tcp_extensions 709.Pq Vt bool 710Set to 711.Dq Li YES 712by default. 713Setting this to 714.Dq Li NO 715disables certain TCP options as described by 716.Rs 717.%T "RFC 1323" 718.Re 719Setting this to 720.Dq Li NO 721might help remedy such problems with connections as randomly hanging 722or other weird behavior. 723Some network devices are known to be broken with respect to these options. 724.It Va log_in_vain 725.Pq Vt int 726Set to 0 by default. 727The 728.Xr sysctl 8 729variables, 730.Va net.inet.tcp.log_in_vain 731and 732.Va net.inet.udp.log_in_vain , 733as described in 734.Xr tcp 4 735and 736.Xr udp 4 , 737are set to the given value. 738.It Va tcp_keepalive 739.Pq Vt bool 740Set to 741.Dq Li YES 742by default. 743Setting to 744.Dq Li NO 745will disable probing idle TCP connections to verify that the 746peer is still up and reachable. 747.It Va tcp_drop_synfin 748.Pq Vt bool 749Set to 750.Dq Li NO 751by default. 752Setting to 753.Dq Li YES 754will cause the kernel to ignore TCP frames that have both 755the SYN and FIN flags set. 756This prevents OS fingerprinting, but may break some legitimate applications. 757This option is only available if the kernel was built with the 758.Dv TCP_DROP_SYNFIN 759option. 760.It Va icmp_drop_redirect 761.Pq Vt bool 762Set to 763.Dq Li NO 764by default. 765Setting to 766.Dq Li YES 767will cause the kernel to ignore ICMP REDIRECT packets. 768Refer to 769.Xr icmp 4 770for more information. 771.It Va icmp_log_redirect 772.Pq Vt bool 773Set to 774.Dq Li NO 775by default. 776Setting to 777.Dq Li YES 778will cause the kernel to log ICMP REDIRECT packets. 779Note that 780the log messages are not rate-limited, so this option should only be used 781for troubleshooting networks. 782Refer to 783.Xr icmp 4 784for more information. 785.It Va icmp_bmcastecho 786.Pq Vt bool 787Set to 788.Dq Li YES 789to respond to broadcast or multicast ICMP ping packets. 790Refer to 791.Xr icmp 4 792for more information. 793.It Va ip_portrange_first 794.Pq Vt int 795If not set to 796.Dq Li NO , 797this is the first port in the default portrange. 798Refer to 799.Xr ip 4 800for more information. 801.It Va ip_portrange_last 802.Pq Vt int 803If not set to 804.Dq Li NO , 805this is the last port in the default portrange. 806Refer to 807.Xr ip 4 808for more information. 809.\" 810.It Va ifconfig_ Ns Aq Ar interface 811.Pq Vt str 812Configuration for 813.Dq interface . 814Typically includes IP address. 815Assuming that the interface in question was 816.Li ed0 , 817it might look something like this: 818.Bd -literal 819ifconfig_ed0="inet 10.0.0.1 netmask 0xffff0000" 820.Ed 821.Pp 822If the 823.Pa /etc/start_if. Ns Aq Ar interface 824file is present, it is read and executed by the 825.Xr sh 1 826interpreter before configuring the interface as specified in the 827.Va ifconfig_ Ns Aq Ar interface 828and 829.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 830variables. 831.Pp 832It is possible to bring up an interface with DHCP by adding 833.Dq Li DHCP 834to the 835.Va ifconfig_ Ns Aq Ar interface 836variable. 837For instance, to initialize the 838.Li ed0 839device via DHCP, it is possible to use something like: 840.Bd -literal 841ifconfig_ed0="DHCP" 842.Ed 843.Pp 844Also, if your interface needs WPA authentication, it is possible to add 845.Dq Li WPA 846to the 847.Va ifconfig_ Ns Aq Ar interface 848variable. 849This will start 850.Xr wpa_supplicant 8 . 851See 852.Xr wpa_supplicant.conf 5 853for configuring authentication information. 854.Pp 855Finally, you can add 856.Xr ifconfig 8 857options in this variable, in addition to the 858.Pa /etc/start_if. Ns Aq Ar interface 859file. 860For instance, to initialize the 861.Li wi0 862device via DHCP, using WPA authentication and 802.11b mode, it is 863possible to use something like: 864.Bd -literal 865ifconfig_wi0="up DHCP WPA mode 11b" 866.Ed 867.Pp 868.\" 869.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 870.Pq Vt str 871Configuration to establish an additional network address for 872.Dq interface . 873Assuming that the interface in question was 874.Li ed0 , 875it might look something like this: 876.Bd -literal 877ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 878ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 879.Ed 880.Pp 881And so on. 882For each 883.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 884entry that is found, its contents are passed to 885.Xr ifconfig 8 . 886Execution stops at the first unsuccessful access, so if 887something like this is present: 888.Bd -literal 889ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 890ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 891ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 892ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 893.Ed 894.Pp 895Then note that alias4 would 896.Em not 897be added since the search would stop with the missing alias3 entry. 898.Pp 899.\" 900.It Va ifconfig_ Ns Ao Ar interface Ac Ns Va _name 901.Pq Vt str 902New name for 903.Dq interface . 904It is possible to rename interface by doing: 905.Bd -literal 906ifconfig_ed0_name="net0" 907ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 908.Ed 909.It Va network_interfaces 910.Pq Vt str 911The list of network interfaces to configure on this host, 912or 913.Dq Li auto 914to configure all network interfaces 915(default 916.Dq Li auto ) . 917For example, if the only network devices to be configured are the loopback device 918.Pq Li lo0 919and a NIC using the 920.Xr ed 4 921driver, this could be set to 922.Dq Li "lo0 ed0" . 923An 924.Va ifconfig_ Ns Aq Ar interface 925variable is assumed to exist for each value of 926.Ar interface . 927.It Va ipv6_network_interfaces 928.Pq Vt str 929This is the IPv6 equivalent of 930.Va network_interfaces . 931Instead of setting the ifconfig variables as 932.Va ifconfig_ Ns Aq Ar interface 933they should be set as 934.Va ipv6_ifconfig_ Ns Aq Ar interface . 935Aliases should be set as 936.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 937Interfaces that do not have a 938.Va ipv6_ifconfig_ Ns Aq Ar interface 939setting will be auto configured by 940.Xr rtsol 8 941if the 942.Va ipv6_gateway_enable 943is set to 944.Dq Li NO . 945Note that the IPv6 networking code does not support the 946.Pa /etc/start_if. Ns Aq Ar interface 947files. 948.It Va ipv6_prefix_ Ns Aq Ar interface 949.Pq Vt str 950Assign prefix to 951.Ar interface , 952prefixlen 64 is used. 953.It Va ipv6_default_interface 954.Pq Vt str 955If not set to 956.Dq Li NO , 957this is the default output interface for scoped addresses. 958Now this works only for IPv6 link local multicast addresses. 959.It Va cloned_interfaces 960.Pq Vt str 961Set to the list of clonable network interfaces to create on this host. 962Entries in 963.Va cloned_interfaces 964are automatically appended to 965.Va network_interfaces 966for configuration. 967.It Va gif_interfaces 968.Pq Vt str 969Set to the list of 970.Xr gif 4 971tunnel interfaces to configure on this host. 972A 973.Va gifconfig_ Ns Aq Ar interface 974variable is assumed to exist for each value of 975.Ar interface . 976The value of this variable is used to configure the link layer of the 977tunnel according to the syntax of the 978.Cm tunnel 979option to 980.Xr ifconfig 8 . 981Additionally, this option ensures that each listed interface is created via the 982.Cm create 983option to 984.Xr ifconfig 8 985before attempting to configure it. 986.It Va sppp_interfaces 987.Pq Vt str 988Set to the list of 989.Xr sppp 4 990interfaces to configure on this host. 991A 992.Va spppconfig_ Ns Aq Ar interface 993variable is assumed to exist for each value of 994.Ar interface . 995Each interface should also be configured by a general 996.Va ifconfig_ Ns Aq Ar interface 997setting. 998Refer to 999.Xr spppcontrol 8 1000for more information about available options. 1001.It Va ppp_enable 1002.Pq Vt bool 1003If set to 1004.Dq Li YES , 1005run the 1006.Xr ppp 8 1007daemon. 1008.It Va ppp_mode 1009.Pq Vt str 1010Mode in which to run the 1011.Xr ppp 8 1012daemon. 1013Accepted modes are 1014.Dq Li auto , 1015.Dq Li ddial , 1016.Dq Li direct 1017and 1018.Dq Li dedicated . 1019See the manual for a full description. 1020.It Va ppp_nat 1021.Pq Vt bool 1022If set to 1023.Dq Li YES , 1024enables network address translation. 1025Used in conjunction with 1026.Va gateway_enable 1027allows hosts on private network addresses access to the Internet using 1028this host as a network address translating router. 1029.It Va ppp_profile 1030.Pq Vt str 1031The name of the profile to use from 1032.Pa /etc/ppp/ppp.conf . 1033.It Va ppp_user 1034.Pq Vt str 1035The name of the user under which 1036.Xr ppp 8 1037should be started. 1038By default, 1039.Xr ppp 8 1040is started as 1041.Dq Li root . 1042.It Va rc_conf_files 1043.Pq Vt str 1044This option is used to specify a list of files that will override 1045the settings in 1046.Pa /etc/defaults/rc.conf . 1047The files will be read in the order in which they are specified and should 1048include the full path to the file. 1049By default, the files specified are 1050.Pa /etc/rc.conf 1051and 1052.Pa /etc/rc.conf.local 1053.It Va fsck_y_enable 1054.Pq Vt bool 1055If set to 1056.Dq Li YES , 1057.Xr fsck 8 1058will be run with the 1059.Fl y 1060flag if the initial preen of the file systems fails. 1061.It Va netfs_types 1062.Pq Vt str 1063List of file system types that are network-based. 1064This list should generally not be modified by end users. 1065Use 1066.Va extra_netfs_types 1067instead. 1068.It Va extra_netfs_types 1069.Pq Vt str 1070If set to something other than 1071.Dq Li NO 1072(the default), this variable extends the list of file system types 1073for which automatic mounting at startup by 1074.Xr rc 8 1075should be delayed until the network is initialized. 1076It should contain 1077a whitespace-separated list of network file system descriptor pairs, 1078each consisting of a file system type as passed to 1079.Xr mount 8 1080and a human-readable, one-word description, joined with a colon 1081.Pq Ql \&: . 1082Extending the default list in this way is only necessary 1083when third party file system types are used. 1084.It Va devfs_config_files 1085.Pq Vt str 1086This option is used to specify a list of configuration files containing 1087.Xr devfs 5 1088rules that will be applied by 1089.Xr devfsctl 8 1090in the order in which they are specified and must include the full path 1091to the file. 1092.It Va syslogd_enable 1093.Pq Vt bool 1094If set to 1095.Dq Li YES , 1096run the 1097.Xr syslogd 8 1098daemon. 1099.It Va syslogd_program 1100.Pq Vt str 1101Path to 1102.Xr syslogd 8 1103(default 1104.Pa /usr/sbin/syslogd ) . 1105.It Va syslogd_flags 1106.Pq Vt str 1107If 1108.Va syslogd_enable 1109is set to 1110.Dq Li YES , 1111these are the flags to pass to 1112.Xr syslogd 8 . 1113.It Va inetd_enable 1114.Pq Vt bool 1115If set to 1116.Dq Li YES , 1117run the 1118.Xr inetd 8 1119daemon. 1120.It Va inetd_program 1121.Pq Vt str 1122Path to 1123.Xr inetd 8 1124(default 1125.Pa /usr/sbin/inetd ) . 1126.It Va inetd_flags 1127.Pq Vt str 1128If 1129.Va inetd_enable 1130is set to 1131.Dq Li YES , 1132these are the flags to pass to 1133.Xr inetd 8 . 1134.It Va named_enable 1135.Pq Vt bool 1136If set to 1137.Dq Li YES , 1138run the 1139.Xr named 8 1140daemon. 1141.It Va named_program 1142.Pq Vt str 1143Path to 1144.Xr named 8 1145(default 1146.Pa /usr/sbin/named ) . 1147.It Va named_flags 1148.Pq Vt str 1149If 1150.Va named_enable 1151is set to 1152.Dq Li YES , 1153these are the flags to pass to 1154.Xr named 8 . 1155.It Va named_pidfile 1156.Pq Vt str 1157This is the default path to the 1158.Xr named 8 1159daemon's PID file. 1160Change it if you change the location in 1161.Pa /etc/namedb/named.conf . 1162.It Va named_chrootdir 1163.Pq Vt str 1164The root directory for a name server run in a 1165.Xr chroot 8 1166environment. 1167If left empty 1168.Xr named 8 1169will not be run in a 1170.Xr chroot 8 1171environment. 1172.It Va rwhod_enable 1173.Pq Vt bool 1174If set to 1175.Dq Li YES , 1176run the 1177.Xr rwhod 8 1178daemon at boot time. 1179.It Va rwhod_flags 1180.Pq Vt str 1181If 1182.Va rwhod_enable 1183is set to 1184.Dq Li YES , 1185these are the flags to pass to it. 1186.It Va amd_enable 1187.Pq Vt bool 1188If set to 1189.Dq Li YES , 1190run the 1191.Xr amd 8 1192daemon at boot time. 1193.It Va amd_flags 1194.Pq Vt str 1195If 1196.Va amd_enable 1197is set to 1198.Dq Li YES , 1199these are the flags to pass to it. 1200See the 1201.Xr amd 8 1202manpage for more information. 1203.It Va amd_map_program 1204.Pq Vt str 1205If set, the specified program is run to get the list of 1206.Xr amd 8 1207maps. 1208For example, if the 1209.Xr amd 8 1210maps are stored in NIS, one can set this to run 1211.Xr ypcat 1 1212to get a list of 1213.Xr amd 8 1214maps from the 1215.Pa amd.master 1216NIS map. 1217.It Va update_motd 1218.Pq Vt bool 1219If set to 1220.Dq Li YES , 1221.Pa /etc/motd 1222will be updated at boot time to reflect the kernel release being run. 1223If set to 1224.Dq Li NO , 1225.Pa /etc/motd 1226will not be updated. 1227.It Va nfs_client_enable 1228.Pq Vt bool 1229If set to 1230.Dq Li YES , 1231setup NFS client parameters at boot time. 1232.It Va nfs_access_cache 1233.Pq Vt int 1234If 1235.Va nfs_client_enable 1236is set to 1237.Dq Li YES , 1238this can be set to 1239.Dq Li 0 1240to disable NFS ACCESS RPC caching, or to the number of seconds for which 1241NFS ACCESS results should be cached. 1242A value of 2-10 seconds will substantially reduce network traffic for 1243many NFS operations. 1244The default is 5 seconds. 1245Note that the attribute cache holds stat information only. 1246The NFS data cache is independent of the attribute cache and is only 1247invalidated when the client detects that the server has modified the 1248underlying file. 1249This value specifies a maximum timeout. 1250The NFS client will automatically use a shorter timeout for files which 1251have been recently modified. 1252.It Va nfs_neg_cache 1253.Pq Vt int 1254If 1255.Va nfs_client_enable 1256is set to 1257.Dq Li YES , 1258this can be set to 1259.Dq Li 0 1260to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent 1261filenames), or to the number of seconds for which negative lookups should 1262be cached. 1263A value of 2-10 seconds will substantially reduce network 1264traffic for many NFS operations, especially source code builds. 1265The default is 3 seconds. 1266.It Va nfs_server_enable 1267.Pq Vt bool 1268If set to 1269.Dq Li YES , 1270run the NFS server daemons at boot time. 1271.It Va nfs_server_flags 1272.Pq Vt str 1273If 1274.Va nfs_server_enable 1275is set to 1276.Dq Li YES , 1277these are the flags to pass to the 1278.Xr nfsd 8 1279daemon. 1280.It Va mountd_enable 1281.Pq Vt bool 1282If set to 1283.Dq Li YES , 1284and no 1285.Va nfs_server_enable 1286is set, start 1287.Xr mountd 8 , 1288but not 1289.Xr nfsd 8 1290daemon. 1291It is commonly needed to run CFS without real NFS used. 1292.It Va mountd_flags 1293.Pq Vt str 1294If 1295.Va mountd_enable 1296is set to 1297.Dq Li YES , 1298these are the flags to pass to the 1299.Xr mountd 8 1300daemon. 1301.It Va weak_mountd_authentication 1302.Pq Vt bool 1303If set to 1304.Dq Li YES , 1305allow services like PCNFSD to make non-privileged mount requests. 1306.It Va nfs_reserved_port_only 1307.Pq Vt bool 1308If set to 1309.Dq Li YES , 1310provide NFS services only on a secure port. 1311.It Va nfs_bufpackets 1312.Pq Vt int 1313If set to a number, indicates the number of packets worth of 1314socket buffer space to reserve on an NFS client. 1315The kernel default is typically 4. 1316Using a higher number may be useful on gigabit networks to improve performance. 1317The minimum value is 2 and the maximum is 64. 1318.It Va rpc_umntall_enable 1319.Pq Vt bool 1320If set to 1321.Dq Li YES 1322(default) and we are also an NFS client, run 1323.Xr rpc.umntall 8 1324at boot time to clear out old mounts on remote servers. 1325If set to 1326.Dq Li NO 1327then 1328.Xr rpc.umntall 8 1329will not be run at boot time. 1330.It Va rpc_lockd_enable 1331.Pq Vt bool 1332If set to 1333.Dq Li YES 1334and also an NFS server, run 1335.Xr rpc.lockd 8 1336at boot time. 1337.It Va rpc_lockd_flags 1338.Pq Vt str 1339If 1340.Va rpc_lockd_enable 1341is set to 1342.Dq Li YES , 1343these are the flags to pass to 1344.Xr rpc.lockd 8 . 1345.It Va rpc_statd_enable 1346.Pq Vt bool 1347If set to 1348.Dq Li YES 1349and also an NFS server, run 1350.Xr rpc.statd 8 1351at boot time. 1352.It Va rpc_statd_flags 1353.Pq Vt str 1354If 1355.Va rpc_statd_enable 1356is set to 1357.Dq Li YES , 1358these are the flags to pass to 1359.Xr rpc.statd 8 . 1360.It Va rpcbind_program 1361.Pq Vt str 1362Path to program for rpcbind daemon 1363(default 1364.Pa /usr/sbin/rpcbind ) . 1365.It Va rpcbind_enable 1366.Pq Vt bool 1367If set to 1368.Dq Li YES , 1369run 1370.Va rpcbind_program 1371at boot time. 1372.It Va rpcbind_flags 1373.Pq Vt str 1374If 1375.Va rpcbind_enable 1376is set to 1377.Dq Li YES , 1378these are the flags to pass to 1379.Va rpcbind_program . 1380.It Va keyserv_enable 1381.Pq Vt bool 1382If set to 1383.Dq Li YES , 1384run the 1385.Xr keyserv 8 1386daemon on boot for running Secure RPC. 1387.It Va keyserv_flags 1388.Pq Vt str 1389If 1390.Va keyserv_enable 1391is set to 1392.Dq Li YES , 1393these are the flags to pass to 1394.Xr keyserv 8 1395daemon. 1396.It Va pppoed_enable 1397.Pq Vt bool 1398If set to 1399.Dq Li YES , 1400run the 1401.Xr pppoed 8 1402daemon at boot time to provide PPP over Ethernet services. 1403.It Va pppoed_provider 1404.Pq Vt str 1405.Xr pppoed 8 1406listens to requests to this provider and ultimately runs 1407.Xr ppp 8 1408with a 1409.Ar system 1410argument of the same name. 1411.It Va pppoed_flags 1412.Pq Vt str 1413Additional flags to pass to 1414.Xr pppoed 8 . 1415.It Va pppoed_interface 1416.Pq Vt str 1417The network interface to run 1418.Xr pppoed 8 1419on. 1420This is mandatory when 1421.Va pppoed_enable 1422is set to 1423.Dq Li YES . 1424.It Va timed_enable 1425.Pq Vt bool 1426If set to 1427.Dq Li YES , 1428run the 1429.Xr timed 8 1430service at boot time. 1431This command is intended for networks of machines where a consistent 1432.Dq "network time" 1433for all hosts must be established. 1434This is often useful in large NFS environments where time stamps on 1435files are expected to be consistent network-wide. 1436.It Va timed_flags 1437.Pq Vt str 1438If 1439.Va timed_enable 1440is set to 1441.Dq Li YES , 1442these are the flags to pass to the 1443.Xr timed 8 1444service. 1445.It Va dntpd_enable 1446.Pq Vt bool 1447If set to 1448.Dq Li YES , 1449run 1450.Xr dntpd 8 1451at system boot time. 1452.It Va dntpd_program 1453.Pq Vt str 1454Path to 1455.Xr dntpd 8 1456(default 1457.Pa /usr/sbin/dntpd ) . 1458.It Va dntpd_flags 1459.Pq Vt str 1460If 1461.Va dntpd_enable 1462is set to 1463.Dq Li YES , 1464these are the flags to pass to the 1465.Xr dntpd 8 1466daemon. 1467.It Va btconfig_enable 1468.Pq Vt bool 1469If set to 1470.Dq Li YES , 1471configure Bluetooth devices via 1472.Xr btconfig 8 1473at system boot time. 1474.It Va btconfig_devices 1475.Pq Vt str 1476If 1477.Va btconfig_enable 1478is set to 1479.Dq Li YES , 1480this is the list of Bluetooth devices to configure. 1481If 1482.Va btconfig_devices 1483is not specified, all devices known to the system will be configured. 1484A 1485.Va btconfig_ Ns Aq Ar device 1486variable can be set to specify parameters to be passed to 1487.Ar device . 1488.It Va btconfig_args 1489.Pq Vt str 1490If 1491.Va btconfig_enable 1492is set to 1493.Dq Li YES , 1494this is the list of configuration parameters to pass to all Bluetooth 1495devices. 1496.It Va sdpd_enable 1497.Pq Vt bool 1498If set to 1499.Dq Li YES , 1500run the Service Discovery Profile daemon 1501.Xr ( sdpd 8 ) 1502at system boot time. 1503.It Va sdpd_flags 1504.Pq Vt str 1505If 1506.Va sdpd_enable 1507is set to 1508.Dq Li YES , 1509these are the flags to pass to the 1510.Xr sdpd 8 1511daemon. 1512.It Va bthcid_enable 1513.Pq Vt bool 1514If set to 1515.Dq Li YES , 1516run the Bluetooth Link Key/PIN Code Manager daemon 1517.Xr ( bthcid 8 ) 1518at system boot time. 1519.It Va bthcid_flags 1520.Pq Vt str 1521If 1522.Va bthcid_enable 1523is set to 1524.Dq Li YES , 1525these are the flags to pass to the 1526.Xr bthcid 8 1527daemon. 1528.It Va nis_client_enable 1529.Pq Vt bool 1530If set to 1531.Dq Li YES , 1532run the 1533.Xr ypbind 8 1534service at system boot time. 1535.It Va nis_client_flags 1536.Pq Vt str 1537If 1538.Va nis_client_enable 1539is set to 1540.Dq Li YES , 1541these are the flags to pass to the 1542.Xr ypbind 8 1543service. 1544.It Va nis_ypset_enable 1545.Pq Vt bool 1546If set to 1547.Dq Li YES , 1548run the 1549.Xr ypset 8 1550daemon at system boot time. 1551.It Va nis_ypset_flags 1552.Pq Vt str 1553If 1554.Va nis_ypset_enable 1555is set to 1556.Dq Li YES , 1557these are the flags to pass to the 1558.Xr ypset 8 1559daemon. 1560.It Va nis_server_enable 1561.Pq Vt bool 1562If set to 1563.Dq Li YES , 1564run the 1565.Xr ypserv 8 1566daemon at system boot time. 1567.It Va nis_server_flags 1568.Pq Vt str 1569If 1570.Va nis_server_enable 1571is set to 1572.Dq Li YES , 1573these are the flags to pass to the 1574.Xr ypserv 8 1575daemon. 1576.It Va nis_ypxfrd_enable 1577.Pq Vt bool 1578If set to 1579.Dq Li YES , 1580run the 1581.Xr rpc.ypxfrd 8 1582daemon at system boot time. 1583.It Va nis_ypxfrd_flags 1584.Pq Vt str 1585If 1586.Va nis_ypxfrd_enable 1587is set to 1588.Dq Li YES , 1589these are the flags to pass to the 1590.Xr rpc.ypxfrd 8 1591daemon. 1592.It Va nis_yppasswdd_enable 1593.Pq Vt bool 1594If set to 1595.Dq Li YES , 1596run the 1597.Xr rpc.yppasswdd 8 1598daemon at system boot time. 1599.It Va nis_yppasswdd_flags 1600.Pq Vt str 1601If 1602.Va nis_yppasswdd_enable 1603is set to 1604.Dq Li YES , 1605these are the flags to pass to the 1606.Xr rpc.yppasswdd 8 1607daemon. 1608.It Va rpc_ypupdated_enable 1609.Pq Vt bool 1610If set to 1611.Dq Li YES , 1612run the 1613.Nm rpc.ypupdated 1614daemon at system boot time. 1615.It Va defaultrouter 1616.Pq Vt str 1617If not set to 1618.Dq Li NO , 1619create a default route to this host name or IP address 1620(use an IP address if this router is also required to get to the 1621name server!). 1622.It Va ipv6_defaultrouter 1623.Pq Vt str 1624The IPv6 equivalent of 1625.Va defaultrouter . 1626.It Va static_routes 1627.Pq Vt str 1628Set to the list of static routes that are to be added at system boot time. 1629If not set to 1630.Dq Li NO 1631then for each whitespace separated 1632.Ar element 1633in the value, a 1634.Va route_ Ns Aq Ar element 1635variable is assumed to exist whose contents will later be passed to a 1636.Dq Nm route Cm add 1637operation. 1638.It Va ipv6_static_routes 1639.Pq Vt str 1640The IPv6 equivalent of 1641.Va static_routes . 1642If not set to 1643.Dq Li NO 1644then for each whitespace separated 1645.Ar element 1646in the value, a 1647.Va ipv6_route_ Ns Aq Ar element 1648variable is assumed to exist whose contents will later be passed to a 1649.Dq Nm route Cm add Fl inet6 1650operation. 1651.It Va gateway_enable 1652.Pq Vt bool 1653If set to 1654.Dq Li YES , 1655configure host to act as an IP router, e.g. to forward packets 1656between interfaces. 1657.It Va ipv6_gateway_enable 1658.Pq Vt bool 1659The IPv6 equivalent of 1660.Va gateway_enable . 1661.It Va router_enable 1662.Pq Vt bool 1663If set to 1664.Dq Li YES , 1665run a routing daemon of some sort, based on the settings of 1666.Va router_program 1667and 1668.Va router_flags . 1669.It Va ipv6_router_enable 1670.Pq Vt bool 1671The IPv6 equivalent of 1672.Va router_enable . 1673If set to 1674.Dq Li YES , 1675run a routing daemon of some sort, based on the settings of 1676.Va ipv6_router_program 1677and 1678.Va ipv6_router_flags . 1679.It Va router_program 1680.Pq Vt str 1681If 1682.Va router_enable 1683is set to 1684.Dq Li YES , 1685this is the name of the routing daemon to use 1686(default 1687.Pa /sbin/routed ) . 1688.It Va ipv6_router_program 1689.Pq Vt str 1690The IPv6 equivalent of 1691.Va router_program 1692(default 1693.Pa /sbin/route6d ) . 1694.It Va router_flags 1695.Pq Vt str 1696If 1697.Va router_enable 1698is set to 1699.Dq Li YES , 1700these are the flags to pass to the routing daemon. 1701.It Va ipv6_router_flags 1702.Pq Vt str 1703The IPv6 equivalent of 1704.Va router_flags . 1705.It Va mrouted_enable 1706.Pq Vt bool 1707If set to 1708.Dq Li YES , 1709run the multicast routing daemon, 1710.Xr mrouted 8 . 1711.It Va mroute6d_enable 1712.Pq Vt bool 1713The IPv6 equivalent of 1714.Va mrouted_enable . 1715If set to 1716.Dq Li YES , 1717run the IPv6 multicast routing daemon. 1718Note that no IPv6 multicast routing daemon is included in the 1719.Dx 1720base system but 1721.Xr pim6dd 8 1722can be installed from the 1723.Xr pkgsrc 7 1724collection. 1725.It Va mrouted_flags 1726.Pq Vt str 1727If 1728.Va mrouted_enable 1729is set to 1730.Dq Li YES , 1731these are the flags to pass to the 1732.Xr mrouted 8 1733daemon. 1734.It Va mroute6d_flags 1735.Pq Vt str 1736The IPv6 equivalent of 1737.Va mrouted_flags . 1738If 1739.Va mroute6d_enable 1740is set to 1741.Dq Li YES , 1742these are the flags passed to the IPv6 multicast routing daemon. 1743.It Va mroute6d_program 1744.Pq Vt str 1745If 1746.Va mroute6d_enable 1747is set to 1748.Dq Li YES , 1749this is the path to the IPv6 multicast routing daemon. 1750.It Va rtadvd_enable 1751.Pq Vt bool 1752If set to 1753.Dq Li YES , 1754run the 1755.Xr rtadvd 8 1756daemon at boot time. 1757.Xr rtadvd 8 1758will only run if 1759.Va ipv6_gateway_enable 1760is also set to 1761.Dq Li YES . 1762The 1763.Xr rtadvd 8 1764utility sends router advertisement packets to the interfaces specified in 1765.Va rtadvd_interfaces . 1766.Xr rtadvd 8 1767and should only be enabled with great care. 1768You may want to fine-tune 1769.Xr rtadvd.conf 5 . 1770.It Va rtadvd_interfaces 1771.Pq Vt str 1772If 1773.Va rtadvd_enable 1774is set to 1775.Dq Li YES 1776this is the list of interfaces to use. 1777.It Va rtsold_enable 1778.Pq Vt bool 1779If set to 1780.Dq Li YES , 1781run the 1782.Xr rtsold 8 1783daemon at boot time. 1784The 1785.Xr rtsold 8 1786daemon is used for automatic discovery of non-link local addresses. 1787.It Va rtsold_flags 1788.Pq Vt str 1789If 1790.Va rtsold_enable 1791is set to 1792.Dq Li YES , 1793these are the flags to pass to the 1794.Xr rtsold 8 1795daemon. 1796.It Va ipxgateway_enable 1797.Pq Vt bool 1798If set to 1799.Dq Li YES , 1800enable the routing of IPX traffic. 1801.It Va ipxrouted_enable 1802.Pq Vt bool 1803If set to 1804.Dq Li YES , 1805run the 1806.Xr IPXrouted 8 1807daemon at system boot time. 1808.It Va ipxrouted_flags 1809.Pq Vt str 1810If 1811.Va ipxrouted_enable 1812is set to 1813.Dq Li YES , 1814these are the flags to pass to the 1815.Xr IPXrouted 8 1816daemon. 1817.It Va arpproxy_all 1818.Pq Vt bool 1819If set to 1820.Dq Li YES , 1821enable global proxy ARP. 1822.It Va forward_sourceroute 1823.Pq Vt bool 1824If set to 1825.Dq Li YES 1826and 1827.Va gateway_enable 1828is also set to 1829.Dq Li YES , 1830source-routed packets are forwarded. 1831.It Va accept_sourceroute 1832.Pq Vt bool 1833If set to 1834.Dq Li YES , 1835the system will accept source-routed packets directed at it. 1836.It Va rarpd_enable 1837.Pq Vt bool 1838If set to 1839.Dq Li YES , 1840run the 1841.Xr rarpd 8 1842daemon at system boot time. 1843.It Va rarpd_flags 1844.Pq Vt str 1845If 1846.Va rarpd_enable 1847is set to 1848.Dq Li YES , 1849these are the flags to pass to the 1850.Xr rarpd 8 1851daemon. 1852.It Va bootparamd_enable 1853.Pq Vt bool 1854If set to 1855.Dq Li YES , 1856run the 1857.Xr bootparamd 8 1858daemon at system boot time. 1859.It Va bootparamd_flags 1860.Pq Vt str 1861If 1862.Va bootparamd_enable 1863is set to 1864.Dq Li YES , 1865these are the flags to pass to the 1866.Xr bootparamd 8 1867daemon. 1868.It Va stf_interface_ipv4addr 1869.Pq Vt str 1870If not set to 1871.Dq Li NO , 1872this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface). 1873Specify this entry to enable the 6to4 interface. 1874.It Va stf_interface_ipv4plen 1875.Pq Vt int 1876Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1877An effective value is 0-31. 1878.It Va stf_interface_ipv6_ifid 1879.Pq Vt str 1880IPv6 interface ID for 1881.Xr stf 4 . 1882This can be set to 1883.Dq Li AUTO . 1884.It Va stf_interface_ipv6_slaid 1885.Pq Vt str 1886IPv6 Site Level Aggregator for 1887.Xr stf 4 . 1888.It Va ipv6_faith_prefix 1889.Pq Vt str 1890If not set to 1891.Dq Li NO , 1892this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP translator. 1893You also need 1894.Xr faithd 8 1895setup. 1896.It Va ipv6_ipv4mapping 1897.Pq Vt bool 1898If set to 1899.Dq Li YES 1900this enables IPv4 mapped IPv6 address communication (like 1901.Li ::ffff:a.b.c.d ) . 1902.It Va atm_enable 1903.Pq Vt bool 1904Set to 1905.Dq Li YES 1906to enable the configuration of ATM interfaces at system boot time. 1907For all of the ATM variables described below, please refer to the 1908.Xr atm 8 1909man page for further details on the available command parameters. 1910Also refer to the files in 1911.Pa /usr/share/examples/atm 1912for more detailed configuration information. 1913.It Va atm_netif_ Ns Aq Ar intf 1914.Pq Vt str 1915For the ATM physical interface 1916.Ar intf , 1917this variable defines the name prefix and count for the ATM network 1918interfaces to be created. 1919The value will be passed as the parameters of an 1920.Dq Nm atm Cm "set netif" Ar intf 1921command. 1922.It Va atm_sigmgr_ Ns Aq Ar intf 1923.Pq Vt str 1924For the ATM physical interface 1925.Ar intf , 1926this variable defines the ATM signalling manager to be used. 1927The value will be passed as the parameters of an 1928.Dq Nm atm Cm attach Ar intf 1929command. 1930.It Va atm_prefix_ Ns Aq Ar intf 1931.Pq Vt str 1932For the ATM physical interface 1933.Ar intf , 1934this variable defines the NSAP prefix for interfaces using a UNI signalling 1935manager. 1936If set to 1937.Dq Li ILMI , 1938the prefix will automatically be set via the 1939.Xr ilmid 8 1940daemon. 1941Otherwise, the value will be passed as the parameters of an 1942.Dq Nm atm Cm "set prefix" Ar intf 1943command. 1944.It Va atm_macaddr_ Ns Aq Ar intf 1945.Pq Vt str 1946For the ATM physical interface 1947.Ar intf , 1948this variable defines the MAC address for interfaces using a UNI signalling 1949manager. 1950If set to 1951.Dq Li NO , 1952the hardware MAC address contained in the ATM interface card will be used. 1953Otherwise, the value will be passed as the parameters of an 1954.Dq Nm atm Cm "set mac" Ar intf 1955command. 1956.It Va atm_arpserver_ Ns Aq Ar netif 1957.Pq Vt str 1958For the ATM network interface 1959.Ar netif , 1960this variable defines the ATM address for a host which is to provide ATMARP 1961service. 1962This variable is only applicable to interfaces using a UNI signalling manager. 1963If set to 1964.Dq Li local , 1965this host will become an ATMARP server. 1966The value will be passed as the parameters of an 1967.Dq Nm atm Cm "set arpserver" Ar netif 1968command. 1969.It Va atm_scsparp_ Ns Aq Ar netif 1970.Pq Vt bool 1971If set to 1972.Dq Li YES , 1973SCSP/ATMARP service for the network interface 1974.Ar netif 1975will be initiated using the 1976.Xr scspd 8 1977and 1978.Xr atmarpd 8 1979daemons. 1980This variable is only applicable if 1981.Va atm_arpserver_ Ns Aq Ar netif 1982is set to 1983.Dq Li local . 1984.It Va atm_arps 1985.Pq Vt str 1986Set to the list of permanent ATM ARP entries to be added at system boot time. 1987For each whitespace separated 1988.Ar element 1989in the value, an 1990.Va atm_arp_ Ns Aq Ar element 1991variable is assumed to exist. 1992The value of each of these variables will be passed as the parameters of an 1993.Dq Nm atm Cm "add arp" 1994command. 1995.It Va keybell 1996.Pq Vt str 1997The keyboard bell sound. 1998Set to 1999.Dq Li normal , 2000.Dq Li visual , 2001.Dq Li off , 2002or 2003.Dq Li NO 2004if the default behavior is desired. 2005For details, refer to the 2006.Xr kbdcontrol 1 2007manpage. 2008.It Va keymap 2009.Pq Vt str 2010If set to 2011.Dq Li NO , 2012no keymap is installed, otherwise the value is used to install 2013the keymap file in 2014.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2015.It Va keyrate 2016.Pq Vt str 2017The keyboard repeat speed. 2018Set to 2019.Dq Li slow , 2020.Dq Li normal , 2021.Dq Li fast , 2022or 2023.Dq Li NO 2024if the default behavior is desired. 2025.It Va keychange 2026.Pq Vt str 2027If not set to 2028.Dq Li NO , 2029attempt to program the function keys with the value. 2030The value should be a single string of the form: 2031.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2032.It Va cursor 2033.Pq Vt str 2034Can be set to the value of 2035.Dq Li normal , 2036.Dq Li blink , 2037.Dq Li destructive , 2038or 2039.Dq Li NO 2040to set the cursor behavior explicitly or choose the default behavior. 2041.It Va scrnmap 2042.Pq Vt str 2043If set to 2044.Dq Li NO , 2045no screen map is installed, otherwise the value is used to install 2046the screen map file in 2047.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2048.It Va font8x16 2049.Pq Vt str 2050If set to 2051.Dq Li NO , 2052the default 8x16 font value is used for screen size requests, otherwise 2053the value in 2054.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2055is used. 2056.It Va font8x14 2057.Pq Vt str 2058If set to 2059.Dq Li NO , 2060the default 8x14 font value is used for screen size requests, otherwise 2061the value in 2062.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2063is used. 2064.It Va font8x8 2065.Pq Vt str 2066If set to 2067.Dq Li NO , 2068the default 8x8 font value is used for screen size requests, otherwise 2069the value in 2070.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2071is used. 2072.It Va blanktime 2073.Pq Vt int 2074If set to 2075.Dq Li NO , 2076the default screen blanking interval is used, otherwise it is set to 2077.Ar value 2078seconds. 2079.It Va saver 2080.Pq Vt str 2081If not set to 2082.Dq Li NO , 2083this is the actual screen saver to use 2084.Li ( blank , snake , daemon , 2085etc). 2086.It Va moused_enable 2087.Pq Vt str 2088If set to 2089.Dq Li YES , 2090the 2091.Xr moused 8 2092daemon is started for doing cut/paste selection on the console. 2093.It Va moused_type 2094.Pq Vt str 2095This is the protocol type of the mouse connected to this host. 2096This variable must be set if 2097.Va moused_enable 2098is set to 2099.Dq Li YES . 2100The 2101.Xr moused 8 2102daemon 2103is able to detect the appropriate mouse type automatically in many cases. 2104Set this variable to 2105.Dq Li auto 2106to let the daemon detect it, or 2107select one from the following list if the automatic detection fails. 2108.Pp 2109If the mouse is attached to the PS/2 mouse port, choose 2110.Dq Li auto 2111or 2112.Dq Li ps/2 , 2113regardless of the brand and model of the mouse. 2114Likewise, if the mouse is attached to the bus mouse port, choose 2115.Dq Li auto 2116or 2117.Dq Li busmouse . 2118All other protocols are for serial mice and will not work with 2119the PS/2 and bus mice. 2120If this is a USB mouse, 2121.Dq Li auto 2122is the only protocol type which will work. 2123.Pp 2124.Bl -tag -width ".Li x10mouseremote" -compact 2125.It Li microsoft 2126Microsoft mouse (serial) 2127.It Li intellimouse 2128Microsoft IntelliMouse (serial) 2129.It Li mousesystems 2130Mouse systems Corp. mouse (serial) 2131.It Li mmseries 2132MM Series mouse (serial) 2133.It Li logitech 2134Logitech mouse (serial) 2135.It Li busmouse 2136A bus mouse 2137.It Li mouseman 2138Logitech MouseMan and TrackMan (serial) 2139.It Li glidepoint 2140ALPS GlidePoint (serial) 2141.It Li thinkingmouse 2142Kensington ThinkingMouse (serial) 2143.It Li ps/2 2144PS/2 mouse 2145.It Li mmhittab 2146MM HitTablet (serial) 2147.It Li x10mouseremote 2148X10 MouseRemote (serial) 2149.It Li versapad 2150Interlink VersaPad (serial) 2151.El 2152.Pp 2153Even if the mouse is not in the above list, it may be compatible 2154with one in the list. 2155Refer to the man page for 2156.Xr moused 8 2157for compatibility information. 2158.Pp 2159It should also be noted that while this is enabled, any 2160other client of the mouse (such as an X server) should access 2161the mouse through the virtual mouse device, 2162.Pa /dev/sysmouse , 2163and configure it as a 2164.Dq Li sysmouse 2165type mouse, since all 2166mouse data is converted to this single canonical format when using 2167.Xr moused 8 . 2168If the client program does not support the 2169.Dq Li sysmouse 2170type, specify the 2171.Dq Li mousesystems 2172type. 2173It is the second preferred type. 2174.It Va moused_port 2175.Pq Vt str 2176If 2177.Va moused_enable 2178is set to 2179.Dq Li YES , 2180this is the actual port the mouse is on. 2181It might be 2182.Pa /dev/cuaa0 2183for a COM1 serial mouse, 2184.Pa /dev/psm0 2185for a PS/2 mouse or 2186.Pa /dev/mse0 2187for a bus mouse, for example. 2188.It Va moused_flags 2189.Pq Vt str 2190If 2191.Va moused_type 2192is set, these are the additional flags to pass to the 2193.Xr moused 8 2194daemon. 2195.It Va mousechar_start 2196.Pq Vt int 2197If set to 2198.Dq Li NO , 2199the default mouse cursor character range 2200.Li 0xd0 Ns - Ns Li 0xd3 2201is used, otherwise the range start is set to 2202.Ar value 2203character, see 2204.Xr vidcontrol 1 . 2205Use if the default range is occupied in the language code table. 2206.It Va vidhistory 2207.Pq Vt int 2208Set the size of the history (scrollback) buffer in lines. 2209.It Va allscreens_flags 2210.Pq Vt str 2211If set, 2212.Xr vidcontrol 1 2213is run with these options for each of the virtual terminals 2214.Pq Pa /dev/ttyv* . 2215For example, 2216.Dq Fl m Cm on 2217will enable the mouse pointer on all virtual terminals if 2218.Va moused_enable 2219is set to 2220.Dq Li YES . 2221.It Va allscreens_kbdflags 2222.Pq Vt str 2223If set, 2224.Xr kbdcontrol 1 2225is run with these options for each of the virtual terminals 2226.Pq Pa /dev/ttyv* . 2227For example, 2228.Dq Fl h Li 200 2229will set the 2230.Xr syscons 4 2231scrollback (history) buffer to 200 lines. 2232.It Va cron_enable 2233.Pq Vt bool 2234If set to 2235.Dq Li YES , 2236run the 2237.Xr cron 8 2238daemon at system boot time. 2239.It Va cron_program 2240.Pq Vt str 2241Path to 2242.Xr cron 8 2243(default 2244.Pa /usr/sbin/cron ) . 2245.It Va cron_flags 2246.Pq Vt str 2247If 2248.Va cron_enable 2249is set to 2250.Dq Li YES , 2251these are the flags to pass to 2252.Xr cron 8 . 2253.It Va lpd_program 2254.Pq Vt str 2255Path to 2256.Xr lpd 8 2257(default 2258.Pa /usr/sbin/lpd ) . 2259.It Va lpd_enable 2260.Pq Vt bool 2261If set to 2262.Dq Li YES , 2263run the 2264.Xr lpd 8 2265daemon at system boot time. 2266.It Va lpd_flags 2267.Pq Vt str 2268If 2269.Va lpd_enable 2270is set to 2271.Dq Li YES , 2272these are the flags to pass to the 2273.Xr lpd 8 2274daemon. 2275.It Va nscd_enable 2276.Pq Vt bool 2277If set to 2278.Dq Li YES , 2279run the 2280.Xr nscd 8 2281daemon at system boot time. 2282.It Va mixer_enable 2283.Pq Vt bool 2284If set to 2285.Dq Li YES , 2286preserve 2287.Xr mixer 8 2288settings across reboots. 2289.It Va mta_start_script 2290.Pq Vt str 2291The full path to the script to run to start 2292a mail transfer agent. 2293The default is 2294.Pa /etc/rc.sendmail . 2295The 2296.Va sendmail_* 2297variables which 2298.Pa /etc/rc.sendmail 2299uses are documented in the 2300.Xr rc.sendmail 8 2301man page. 2302.It Va fixbootfile 2303.Pq Vt bool 2304In a 2305.Sq HAMMER ROOT with UFS /boot 2306setup, the boot loader will not set up the 2307.Va kern.bootfile 2308sysctl correctly. 2309The system will attempt to fix this on its own. 2310Set this variable to 2311.Dq Li NO 2312to turn this behavior off. 2313.It Va dumpdev 2314.Pq Vt str 2315Indicates the device (usually a swap partition) to which a crash dump 2316should be written in the event of a system crash. 2317The value of this variable is passed as the argument to 2318.Xr dumpon 8 2319and 2320.Xr savecore 8 . 2321To disable crash dumps, set this variable to 2322.Dq Li NO . 2323.It Va dumpdir 2324.Pq Vt str 2325When the system reboots after a crash and a crash dump is found on the 2326device specified by the 2327.Va dumpdev 2328variable, 2329.Xr savecore 8 2330will save that crash dump and a copy of the kernel to the directory 2331specified by the 2332.Va dumpdir 2333variable. 2334The default value is 2335.Pa /var/crash . 2336Set to 2337.Dq Li NO 2338to not run 2339.Xr savecore 8 2340at boot time when 2341.Va dumpdir 2342is set. 2343.It Va savecore_flags 2344.Pq Vt str 2345If crash dumps are enabled, these are the flags to pass to the 2346.Xr savecore 8 2347utility. 2348.It Va enable_quotas 2349.Pq Vt bool 2350Set to 2351.Dq Li YES 2352to turn on user disk quotas on system startup via the 2353.Xr quotaon 8 2354command. 2355.It Va check_quotas 2356.Pq Vt bool 2357Set to 2358.Dq Li YES 2359to enable user disk quota checking via the 2360.Xr quotacheck 8 2361command. 2362.It Va accounting_enable 2363.Pq Vt bool 2364Set to 2365.Dq Li YES 2366to enable system accounting through the 2367.Xr accton 8 2368facility. 2369.It Va linux_enable 2370.Pq Vt bool 2371Set to 2372.Dq Li YES 2373to enable Linux/ELF binary emulation at system initial boot time. 2374.It Va sysvipc_enable 2375.Pq Vt bool 2376If set to 2377.Dq Li YES , 2378load System V IPC primitives at boot time. 2379.\" ----- cleanvar_enable setting-------------------------------- 2380.It Va cleanvar_enable 2381.Pq Vt bool 2382Set to 2383.Dq Li YES 2384to have 2385.Pa /var/run , 2386.Pa /var/spool/lock 2387and 2388.Pa /var/spool/uucp/.Temp/* 2389cleaned at startup. 2390.\" ----- clear_tmp_enable setting------------------------------- 2391.It Va clear_tmp_enable 2392.Pq Vt bool 2393Set to 2394.Dq Li YES 2395to have 2396.Pa /tmp 2397cleaned at startup. 2398.\" ----- ldconfig_paths setting -------------------------------- 2399.It Va ldconfig_paths 2400.Pq Vt str 2401Set to the list of shared library paths to use with 2402.Xr ldconfig 8 . 2403NOTE: 2404.Pa /usr/lib 2405will always be added first, so it need not appear in this list. 2406.It Va ldconfig_insecure 2407.Pq Vt bool 2408The 2409.Xr ldconfig 8 2410utility normally refuses to use directories 2411which are writable by anyone except root. 2412Set this variable to 2413.Dq Li YES 2414to disable that security check during system startup. 2415.It Va kern_securelevel 2416.Pq Vt int 2417The kernel security level to set at startup. 2418The allowed range of 2419.Ar value 2420ranges from \-1 (the compile time default) to 3 (the most secure). 2421See 2422.Xr init 8 2423for the list of possible security levels and their effect on system operation. 2424.It Va start_vinum 2425.Pq Vt bool 2426Set to 2427.Dq Li YES 2428to start 2429.Xr vinum 8 2430at system boot time. 2431.It Va sshd_enable 2432.Pq Vt bool 2433Set to 2434.Dq Li YES 2435to start 2436.Xr sshd 8 2437at system boot time. 2438.It Va sshd_program 2439.Pq Vt str 2440Path to the SSH server program 2441(default 2442.Pa /usr/sbin/sshd ) . 2443.It Va sshd_flags 2444.Pq Vt str 2445If 2446.Va sshd_enable 2447is set to 2448.Dq Li YES , 2449these are the flags to pass to the 2450.Xr sshd 8 2451daemon. 2452.It Va ftpd_enable 2453.Pq Vt bool 2454Set to 2455.Dq Li YES 2456to start 2457.Xr ftpd 8 2458at system boot time. 2459.It Va ftpd_flags 2460.Pq Vt str 2461If 2462.Va ftpd_enable 2463is set to 2464.Dq Li YES , 2465these are the flags to pass to the 2466.Xr ftpd 8 2467daemon. 2468.It Va usbd_enable 2469.Pq Vt bool 2470If set to 2471.Dq Li YES , 2472run the 2473.Xr usbd 8 2474daemon at boot time. 2475.It Va usbd_flags 2476.Pq Vt str 2477If 2478.Va usbd_enable 2479is set to 2480.Dq Li YES , 2481these are the flags passed to 2482.Xr usbd 8 2483daemon. 2484.It Va watchdogd_enable 2485.Pq Vt bool 2486If set to 2487.Dq Li YES , 2488start the 2489.Xr watchdogd 8 2490daemon at boot time. 2491This requires that the kernel have been compiled with 2492.Cd "options WATCHDOG" . 2493.It Va jail_enable 2494.Pq Vt bool 2495If set to 2496.Dq Li NO , 2497any configured jails will not be started. 2498.It Va jail_list 2499.Pq Vt str 2500A space separated list of names for jails. 2501This is purely a configuration aid to help identify and 2502configure multiple jails. 2503The names specified in this list will be used to 2504identify settings common to an instance of a jail. 2505Assuming that the jail in question was named 2506.Li vjail , 2507you would have the following dependent variables: 2508.Bd -literal 2509jail_vjail_hostname="jail.example.com" 2510jail_vjail_ip="192.168.1.100" 2511jail_vjail_rootdir="/var/jails/vjail/root" 2512.Ed 2513.Pp 2514.It Va jail_flags 2515.Pq Vt str 2516Unset by default. 2517When set, use as default value for 2518.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2519for every jail in 2520.Va jail_list . 2521.It Va jail_interface 2522.Pq Vt str 2523Unset by default. 2524When set, use as default value for 2525.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2526for every jail in 2527.Va jail_list . 2528.It Va jail_fstab 2529.Pq Vt str 2530Unset by default. 2531When set, use as default value for 2532.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2533for every jail in 2534.Va jail_list . 2535.It Va jail_mount_enable 2536.Pq Vt bool 2537Set to 2538.Dq Li NO 2539by default. 2540When set to 2541.Dq Li YES , 2542sets 2543.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2544to 2545.Dq Li YES 2546by default for every jail in 2547.Va jail_list . 2548.It Va jail_fdesc_enable 2549.Pq Vt bool 2550Set to 2551.Dq Li NO 2552by default. 2553When set to 2554.Dq Li YES , 2555sets 2556.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2557to 2558.Dq Li YES 2559by default for every jail in 2560.Va jail_list . 2561.It Va jail_procfs_enable 2562.Pq Vt bool 2563Set to 2564.Dq Li NO 2565by default. 2566When set to 2567.Dq Li YES , 2568sets 2569.Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2570to 2571.Dq Li YES 2572by default for every jail in 2573.Va jail_list . 2574.It Va jail_exec_start 2575.Pq Vt str 2576Unset by default. 2577When set, use as default value for 2578.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2579for every jail in 2580.Va jail_list . 2581.It Va jail_exec_stop 2582Unset by default. 2583When set, use as default value for 2584.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2585for every jail in 2586.Va jail_list . 2587.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 2588.Pq Vt str 2589Unset by default. 2590Set to the root directory used by jail 2591.Va jname . 2592.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 2593.Pq Vt str 2594Unset by default. 2595Set to the fully qualified domain name (FQDN) assigned to jail 2596.Va jname . 2597.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 2598.Pq Vt str 2599Unset by default. 2600Set to the IP address assigned to jail 2601.Va jname . 2602.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 2603.Pq Vt str 2604Set to 2605.Dq Li -l -U root 2606by default. 2607These are flags to pass to 2608.Xr jail 8 . 2609.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 2610.Pq Vt str 2611Unset by default. 2612When set, sets the interface to use when setting IP address alias. 2613Note that the alias is created at jail startup and removed at jail shutdown. 2614.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2615.Pq Vt str 2616Set to 2617.Pa /etc/fstab. Ns Aq Ar jname 2618by default. 2619This is the file system information file to use for jail 2620.Va jname . 2621.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 2622.Pq Vt bool 2623Set to 2624.Dq Li NO 2625by default. 2626When set to 2627.Dq Li YES , 2628mount all file systems from 2629.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 2630at jail startup. 2631.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdesc_enable 2632.Pq Vt bool 2633Set to 2634.Dq Li NO 2635by default. 2636When set to 2637.Dq Li YES , 2638mount the file-descriptor file system inside jail 2639.Ar jname 2640at jail startup. 2641.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 2642.Pq Vt bool 2643Set to 2644.Dq Li NO 2645by default. 2646When set to 2647.Dq Li YES , 2648mount the process file system inside jail 2649.Ar jname 2650at jail startup. 2651.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 2652.Pq Vt str 2653Set to 2654.Dq Li /bin/sh /etc/rc 2655by default. 2656This is the command executed at jail startup. 2657.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 2658.Pq Vt str 2659Set to 2660.Dq Li /bin/sh /etc/rc.shutdown 2661by default. 2662This is the command executed at jail shutdown. 2663.It Va jail_set_hostname_allow 2664.Pq Vt bool 2665If set to 2666.Dq Li NO , 2667do not allow the root user in a jail to set its hostname. 2668.It Va jail_socket_unixiproute_only 2669.Pq Vt bool 2670If set to 2671.Dq Li YES , 2672do not allow any sockets, 2673besides UNIX/IP/route sockets, 2674to be used within a jail. 2675.It Va jail_sysvipc_allow 2676.Pq Vt bool 2677If set to 2678.Dq Li YES , 2679allow applications within a jail to use System V IPC. 2680.It Va newsyslog_enable 2681.Pq Vt bool 2682If set to 2683.Dq Li YES , 2684run 2685.Xr newsyslog 8 2686before syslogd starts. 2687.It Va newsyslog_flags 2688.Pq Vt str 2689If 2690.Va newsyslog_enable 2691is set to 2692.Dq Li YES , 2693these are the flags passed to 2694.Xr newsyslog 8 . 2695.It Va resident_enable 2696.Pq Vt bool 2697If set to 2698.Dq Li YES , 2699make the dynamic binaries listed in 2700.Pa /etc/resident.conf 2701resident. 2702.It Va varsym_enable 2703.Pq Vt bool 2704If set to 2705.Dq Li YES , 2706process 2707.Pa /etc/varsym.conf 2708to set system-wide variables for variant symlinks. 2709.It Va rand_irqs 2710.Pq Vt str 2711Set either to 2712.Dq Li NO 2713or a whitespace separated list of IRQ numbers which will be used as a source of 2714randomness. 2715.\" ----- isdn settings --------------------------------- 2716.It Va isdn_enable 2717.Pq Vt bool 2718Set to 2719.Dq Li NO 2720by default. 2721When set to 2722.Dq Li YES , 2723starts the 2724.Xr isdnd 8 2725daemon at system boot time. 2726.It Va isdn_flags 2727.Pq Vt str 2728Set to 2729.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2730by default. 2731Additional flags to pass to 2732.Xr isdnd 8 2733(but see 2734.Va isdn_fsdev 2735and 2736.Va isdn_ttype 2737for certain tunable parameters). 2738.It Va isdn_ttype 2739.Pq Vt str 2740Set to 2741.Dq Li cons25 2742by default. 2743The terminal type of the output device when 2744.Xr isdnd 8 2745operates in full-screen mode. 2746.It Va isdn_screenflags 2747.Pq Vt str 2748Set to 2749.Dq Li NO 2750by default. 2751The video mode for full-screen mode (only for 2752.Xr syscons 4 2753console driver, see 2754.Xr vidcontrol 1 2755for valid modes). 2756.It Va isdn_fsdev 2757.Pq Vt str 2758Set to 2759.Dq Li NO 2760by default. 2761The output device for 2762.Xr isdnd 8 2763in full-screen mode (or 2764.Dq Li NO 2765for daemon mode). 2766.It Va isdn_trace 2767.Pq Vt bool 2768Set to 2769.Dq Li NO 2770by default. 2771When set to 2772.Dq Li YES , 2773enables the ISDN protocol trace utility 2774.Xr isdntrace 8 2775at system boot time. 2776.It Va isdn_traceflags 2777.Pq Vt str 2778Set to 2779.Dq Fl f Pa /var/tmp/isdntrace0 2780by default. 2781Flags for 2782.Xr isdntrace 8 . 2783.\" ----------------------------------------------------- 2784.It Va entropy_dir 2785.Pq Vt str 2786Set to 2787.Dq Li NO 2788to disable caching entropy via 2789.Xr cron 8 . 2790Otherwise set to the directory used to store entropy files in. 2791.It Va entropy_file 2792.Pq Vt str 2793Set to 2794.Dq Li NO 2795to disable caching entropy through reboots. 2796Otherwise set to the filename used to store cached entropy through reboots. 2797This file should be located on the root file system to seed the 2798.Xr random 4 2799device as early as possible in the boot process. 2800.It Va ipsec_enable 2801.Pq Vt bool 2802Set to 2803.Dq Li YES 2804to run 2805.Xr setkey 8 2806on 2807.Va ipsec_file 2808at boot time. 2809.It Va ipsec_file 2810.Pq Vt str 2811Configuration file for 2812.Xr setkey 8 . 2813.It Va dmesg_enable 2814.Pq Vt bool 2815Set to 2816.Dq Li YES 2817to save 2818.Xr dmesg 8 2819to 2820.Pa /var/run/dmesg.boot 2821on boot. 2822.It Va rcshutdown_timeout 2823.Pq Vt int 2824If set, start a watchdog timer in the background which will terminate 2825.Pa rc.shutdown 2826if 2827.Xr shutdown 8 2828has not completed within the specified time (in seconds). 2829.It Va vkernel_enable 2830.Pq Vt bool 2831If set to 2832.Dq Li NO , 2833any configured vkernels will not be started. 2834.It Va vkernel_list 2835.Pq Vt str 2836A space separated list of names for vkernels. 2837This is purely a configuration aid to help identify and 2838configure multiple vkernels. 2839The names specified in this list will be used to 2840identify settings common to a vkernel instance. 2841Assuming that the vkernel in question was named 2842.Li example , 2843you would have the following dependent variables 2844(filled with reference values in this text): 2845.Bd -literal 2846vkernel_example_bin="/usr/obj/usr/src/sys/VKERNEL/kernel.debug" 2847vkernel_example_memsize="64m" 2848vkernel_example_rootimg_list="/var/vkernel/rootimg.01" 2849vkernel_example_iface_list="auto:bridge0" 2850vkernel_example_logfile="/dev/null" 2851vkernel_example_flags="-U" 2852.Ed 2853.Pp 2854The last three are optional. 2855They default to an empty string if not set, except for logfile which defaults to 2856.Pa /dev/null 2857if it is not set. 2858.El 2859.Sh FILES 2860.Bl -tag -width ".Pa /etc/start_if. Ns Aq Ar interface" -compact 2861.It Pa /etc/defaults/rc.conf 2862.It Pa /etc/rc.conf 2863.It Pa /etc/rc.conf.local 2864.It Pa /etc/start_if. Ns Aq Ar interface 2865.El 2866.Sh SEE ALSO 2867.Xr catman 1 , 2868.Xr gdb 1 , 2869.Xr info 1 , 2870.Xr kbdcontrol 1 , 2871.Xr varsym 1 , 2872.Xr vidcontrol 1 , 2873.Xr ip 4 , 2874.Xr ipf 4 , 2875.Xr ipfw 4 , 2876.Xr kld 4 , 2877.Xr pf 4 , 2878.Xr tcp 4 , 2879.Xr udp 4 , 2880.Xr exports 5 , 2881.Xr motd 5 , 2882.Xr resident.conf 5 , 2883.Xr varsym.conf 5 , 2884.Xr accton 8 , 2885.Xr amd 8 , 2886.Xr apm 8 , 2887.Xr atm 8 , 2888.Xr btconfig 8 , 2889.Xr bthcid 8 , 2890.Xr cron 8 , 2891.Xr devd 8 , 2892.Xr dhclient 8 , 2893.Xr dntpd 8 , 2894.Xr ftpd 8 , 2895.Xr ifconfig 8 , 2896.Xr inetd 8 , 2897.Xr isdnd 8 , 2898.Xr isdntrace 8 , 2899.Xr jail 8 , 2900.Xr lpd 8 , 2901.Xr makewhatis 8 , 2902.Xr mixer 8 , 2903.Xr mountd 8 , 2904.Xr moused 8 , 2905.Xr mrouted 8 , 2906.Xr named 8 , 2907.Xr nfsd 8 , 2908.Xr pcnfsd 8 , 2909.Xr pfctl 8 , 2910.Xr pflogd 8 , 2911.Xr quotacheck 8 , 2912.Xr quotaon 8 , 2913.Xr rc 8 , 2914.Xr rc.sendmail 8 , 2915.Xr resident 8 , 2916.Xr rndcontrol 8 , 2917.Xr route 8 , 2918.Xr routed 8 , 2919.Xr rpcbind 8 , 2920.Xr rpc.lockd 8 , 2921.Xr rpc.statd 8 , 2922.Xr rtadvd 8 , 2923.Xr rtsold 8 , 2924.Xr rwhod 8 , 2925.Xr savecore 8 , 2926.Xr sdpd 8 , 2927.Xr sensorsd 8 , 2928.Xr sshd 8 , 2929.Xr swapon 8 , 2930.Xr sysctl 8 , 2931.Xr syslogd 8 , 2932.Xr timed 8 , 2933.Xr usbd 8 , 2934.Xr vinum 8 , 2935.Xr yp 8 , 2936.Xr ypbind 8 , 2937.Xr ypserv 8 , 2938.Xr ypset 8 2939.Sh HISTORY 2940The 2941.Nm 2942file appeared in 2943.Fx 2.2.2 . 2944.Sh AUTHORS 2945.An Jordan K. Hubbard . 2946