Lines Matching +full:low +full:- +full:vt
93 to store jail-specific configuration options.
120 .Bl -tag -width indent-two
122 .Pq Vt bool
131 .Pq Vt bool
139 .Pq Vt bool
146 .Pq Vt str
181 .Pq Vt bool
194 .Pq Vt str
198 .Pq Vt str
206 .Pq Vt int
211 .Pq Vt str
217 .Pq Vt str
223 .Pq Vt str
229 .Pq Vt int
234 .Pq Vt str
253 .Pq Vt str
258 .Pq Vt int
263 .Pq Vt str
266 .Pq Vt bool
269 auto-jail the service with inherited filesystem and other
273 .Pq Vt str
279 .Pq Vt bool
287 .Pq Vt bool
293 .Pq Vt str
302 .Pq Vt bool
307 .Pq Vt bool
314 .Pq Vt str
320 .Pq Vt bool
323 disable auto-loading of kernel modules with
326 .Pq Vt str
327 A whitespace-separated list of kernel modules to be ignored by
336 .Pq Vt str
341 A whitespace-separated list of kernel modules to be ignored by
344 .Pq Vt str
345 A whitespace-separated list of kernel modules to load right after
350 .Pq Vt bool
362 .Pq Vt bool
379 .Pq Vt str
381 A semi-colon
392 .Pq Vt bool
399 .Pq Vt str
408 Enable auto-jailing of all services which are not explicitly
435 .Dq Li "-S" ,
466 .Dq Li "-S" ,
492 .Pq Vt bool
497 .Pq Vt bool
504 .Pq Vt bool
517 .Pq Vt str
522 .Pa /var/db/mtree/BSD.var-run.mtree .
524 .Pq Vt str
527 .Pq Vt str
534 .Pq Vt bool
541 .Pq Vt str
556 .Pq Vt str
561 .Pq Vt bool
567 .Pa machine-id
570 .Pq Vt str
576 .Pq Vt str
582 .Dq Li -r
585 .Pq Vt str
587 .Pa machine-id
589 .Pa /etc/machine-id .
591 .Pq Vt str
595 .Pq Vt str
607 .Pq Vt bool
621 .Pq Vt bool
630 .Pq Vt bool
636 This behavior can be overridden on a per-interface basis by replacing
646 .Pq Vt int
650 .Pq Vt bool
662 .Pq Vt str
667 .Pq Vt str
675 .Bl -tag -width ".Li workstation" -compact
696 .Pq Vt bool
701 .Pq Vt bool
709 .Pq Vt bool
719 .Pq Vt str
726 .Pq Vt str
729 .\" ----- firewall_nat_enable setting --------------------------------
731 .Pq Vt bool
745 .Pq Vt str
753 .Pq Vt str
756 .Pq Vt bool
766 .Pq Vt bool
776 .Pq Vt bool
786 .Pq Vt bool
795 .\" -------------------------------------------------------------------
797 .Pq Vt bool
807 .Pq Vt int
812 .Pq Vt int
817 .Pq Vt str
822 .Pq Vt int
827 .Pq Vt int
831 .Pq Vt int
836 .Pq Vt str
840 .Pq Vt bool
857 .Pq Vt str
863 .Pq Vt str
874 .\" ----- ipfilter_enable setting --------------------------------
876 .Pq Vt bool
887 .Bd -literal
917 .Bd -literal
924 .\" ----- ipfilter_program setting ------------------------------
926 .Pq Vt str
931 .\" ----- ipfilter_rules setting --------------------------------
933 .Pq Vt str
941 .\" ----- ipfilter_flags setting --------------------------------
943 .Pq Vt str
948 .\" ----- ipnat_enable setting ----------------------------------
950 .Pq Vt bool
962 .\" ----- ipnat_program setting ---------------------------------
964 .Pq Vt str
969 .\" ----- ipnat_rules setting -----------------------------------
971 .Pq Vt str
980 .\" ----- ipnat_flags setting -----------------------------------
982 .Pq Vt str
987 .\" ----- ipmon_enable setting ----------------------------------
989 .Pq Vt bool
1010 .\" ----- ipmon_program setting ---------------------------------
1012 .Pq Vt str
1017 .\" ----- ipmon_flags setting -----------------------------------
1019 .Pq Vt str
1021 .Dq Li -Ds
1035 .Bd -literal
1038 .\" ----- ipfs_enable setting -----------------------------------
1040 .Pq Vt bool
1068 .\" ----- ipfs_program setting ----------------------------------
1070 .Pq Vt str
1075 .\" ----- ipfs_flags setting ------------------------------------
1077 .Pq Vt str
1082 .\" ----- end of added ipf hook ---------------------------------
1084 .Pq Vt bool
1112 .Pq Vt str
1119 .Pq Vt str
1125 .Pq Vt str
1134 .Pq Vt bool
1147 .Pq Vt str
1152 .Pa /etc/pf-fallback.conf ) .
1154 .Pq Vt str
1161 .Bd -literal
1170 .Pq Vt bool
1182 .Pq Vt str
1196 .Pq Vt str
1202 .Pq Vt str
1208 .Pq Vt str
1218 is set, for each whitespace-separated
1236 .Pq Vt bool
1243 .Xr ftp-proxy 8
1248 .Pq Vt str
1251 .Xr ftp-proxy 8
1254 .Pq Vt str
1257 .Xr ftp-proxy 8
1260 should contain a whitespace-separated list of instance names.
1265 should be defined, containing the command-line flags to be passed to the
1266 .Xr ftp-proxy 8
1269 .Pq Vt bool
1284 .Pq Vt str
1294 .Pq Vt str
1314 .Pq Vt str
1321 .Pq Vt bool
1338 .Pq Vt int
1352 .Pq Vt bool
1361 .Pq Vt bool
1372 .Pq Vt bool
1392 .Pq Vt bool
1400 the log messages are not rate-limited, so this option should only be used
1406 .Pq Vt bool
1414 .Pq Vt int
1422 .Pq Vt int
1430 .Pq Vt str
1449 .Dq Li .-/+
1460 as well as special case-insensitive keywords described below.
1466 .Bd -literal
1484 .Bd -literal
1490 Inter-Domain Routing
1494 .Li inet 192.0.2.5-23/24
1496 .Li inet6 2001:db8:1-f::1/64 .
1509 .Bd -literal
1514 .Li 192.0.2.5-23/24 ,
1516 addresses 192.0.2.6 to 192.0.2.23 with the non-conflicting prefix length /32 as
1528 .Bd -literal
1530 ifconfig_em0_alias3="inet 192.0.2.1-5/28"
1551 .Bd -literal
1570 .Bd -literal
1616 .Bd -literal
1626 .Bd -literal
1681 .Bd -literal
1702 .Pa /etc/hostapd- Ns Ao Ar interface Ac Ns .conf
1714 .Bd -literal
1729 .Bd -literal
1734 .Pq Vt bool
1752 .Pq Vt bool
1762 will be IPv6-preferred.
1768 will be IPv4-preferred.
1770 .Pq Vt bool
1771 This controls initial configuration on IPv6-capable
1798 for an IPv6-capable interface should be sufficient.
1817 .Pq Vt bool
1823 .Pq Vt str
1828 .Pq Vt str
1833 .Dq inet6 -no_radr accept_rtadv
1869 .Pq Vt str
1885 daemon using its MIB-2 module.
1887 .Pq Vt str
1903 .Bd -literal
1919 Note that a link-local address will be automatically configured in
1920 addition to the configured global-scope addresses because the IPv6
1929 If only a link-local address is needed on the interface,
1931 .Bd -literal
1935 A link-local address can also be configured manually.
1940 .Bd -literal
1944 .Pq Vt str
1947 addresses based on each prefix and the EUI-64 interface index will be
1954 .Bd -literal
1959 .Bd -literal
1966 These Subnet-Router anycast addresses will be added only when
1970 .Pq Vt str
1976 .Pq Vt bool
1995 installs a pre-defined policy table described in Section 10.3
1996 .Pq IPv4-preferred
1998 .Pq IPv6-preferred
2014 the IPv6-preferred one is used.
2015 Otherwise IPv4-preferred.
2027 .Pq Vt str
2050 .Pq Vt bool
2085 .Bd -literal
2093 .Pq Vt bool
2100 .Pq Vt str
2103 Also used for per-profile overrides of
2110 .Dq Li .-/+
2115 .Pq Vt str
2120 .Pq Vt str
2133 .Pq Vt bool
2144 .Pq Vt str
2150 .Pq Vt int
2156 .Pq Vt str
2166 .Pq Vt str
2177 .Pq Vt bool
2184 .Pq Vt str
2185 A space-separated list of ZFS pool names for which new pool GUIDs should be
2190 .Pq Vt str
2191 A space-separated list of ZFS pool names for which the version should be
2197 .Pq Vt bool
2208 .Pq Vt str
2214 .Pq Vt str
2221 .Pq Vt int
2222 Number of times user is asked for the pass-phrase.
2227 .Pq Vt str
2237 .Pq Vt str
2246 .Pq Vt bool
2251 is remounted as read-write if this is set to
2253 Diskless systems that mount their root file system from a read-only remote
2259 .Pq Vt bool
2268 .Pq Vt bool
2275 .Pq Vt int
2293 .Pq Vt str
2294 List of file system types that are network-based.
2300 .Pq Vt str
2309 a whitespace-separated list of network file system descriptor pairs,
2312 and a human-readable, one-word description,
2318 .Pq Vt bool
2331 .Pq Vt str
2337 .Pq Vt str
2345 .Pq Vt bool
2352 .Pq Vt str
2358 .Pq Vt str
2366 .Pq Vt bool
2373 .Pq Vt str
2379 .Pq Vt str
2387 .Pq Vt bool
2400 .Pq Vt bool
2409 .Pq Vt str
2417 .Pq Vt bool
2423 .Pq Vt str
2430 .Pq Vt str
2435 .Pq Vt bool
2444 .Pq Vt str
2451 .Pq Vt bool
2456 the Kerberos 5 Password-Changing Daemon; set to
2460 .Pq Vt str
2465 this is the path to Kerberos 5 Password-Changing Daemon.
2467 .Pq Vt bool
2474 .Pq Vt str
2480 .Pq Vt bool
2487 .Pq Vt str
2494 .Pq Vt bool
2505 .Pq Vt bool
2510 .Pq Vt int
2520 A value of 2-10 seconds will substantially reduce network
2523 .Pq Vt bool
2528 .Pq Vt str
2537 .Pq Vt bool
2548 .Pq Vt bool
2559 .Pq Vt int
2563 .Pq Vt bool
2568 daemon, which is needed for NFS-over-TLS NFS mounts.
2570 .Pq Vt bool
2577 to support NFS-over-TLS NFS mounts.
2579 .Pq Vt bool
2592 .Pq Vt str
2601 .Pq Vt bool
2608 .Pq Vt str
2617 .Pq Vt bool
2629 .Pq Vt str
2638 .Pq Vt bool
2641 allow services like PCNFSD to make non-privileged mount
2644 .Pq Vt bool
2649 .Pq Vt int
2658 .Pq Vt bool
2665 .Pq Vt str
2674 .Pq Vt bool
2681 .Pq Vt str
2690 .Pq Vt str
2696 .Pq Vt bool
2703 .Pq Vt str
2712 .Pq Vt bool
2719 .Pq Vt str
2728 .Pq Vt bool
2735 .Pq Vt str
2745 .Pq Vt str
2749 .Pq Vt str
2758 .Pq Vt bool
2777 .Pq Vt str
2783 .Pq Vt str
2784 A whitespace-separated list of NTP servers to synchronize with at startup.
2789 .Pq Vt str
2795 .Pq Vt str
2804 .Pq Vt bool
2811 .Pq Vt str
2817 .Pq Vt str
2824 .Pq Vt str
2833 .Pq Vt bool
2851 .Pq Vt bool
2858 .Pq Vt str
2867 .Pq Vt bool
2874 .Pq Vt str
2883 .Pq Vt bool
2890 .Pq Vt str
2899 .Pq Vt bool
2906 .Pq Vt str
2915 .Pq Vt bool
2922 .Pq Vt str
2931 .Pq Vt bool
2938 .Pq Vt str
2947 .Pq Vt bool
2954 .Pq Vt bool
2963 .Pq Vt str
2972 .Pq Vt str
2979 .Pq Vt str
2984 .Pq Vt str
2988 .Pq Vt str
2992 .Pq Vt str
3000 .Dq Nm arp Cm -S
3003 .Bd -literal
3008 .Pq Vt str
3016 .Dq Nm ndp Cm -s
3019 .Bd -literal
3024 .Pq Vt str
3038 .Bd -literal
3040 route_ext="-net 10.0.0.0/24 -gateway 192.168.0.1"
3041 route_mcast="-net 224.0.0.0/4 -iface gif0"
3042 route_gif0local="-host 169.254.1.1 -iface lo0"
3052 .Pq Vt str
3066 .Pq Vt bool
3072 .Pq Vt bool
3076 .Pq Vt bool
3085 .Pq Vt bool
3096 .Pq Vt str
3105 .Pq Vt str
3111 .Pq Vt str
3118 .Pq Vt str
3122 .Pq Vt bool
3134 You may want to fine-tune
3137 .Pq Vt str
3144 .Pq Vt bool
3149 .Pq Vt bool
3156 source-routed packets are forwarded.
3158 .Pq Vt bool
3161 the system will accept source-routed packets directed at it.
3163 .Pq Vt bool
3170 .Pq Vt str
3179 .Pq Vt bool
3186 .Pq Vt str
3195 .Pq Vt str
3202 .Pq Vt int
3204 An effective value is 0-31.
3206 .Pq Vt str
3212 .Pq Vt str
3216 .Pq Vt bool
3222 .Pq Vt bool
3229 .Pq Vt str
3237 .Pq Vt str
3250 .Pq Vt str
3263 .Pq Vt str
3264 If set to a non-null string, the virtual console's keyboard input is
3267 .Pq Vt str
3275 .Pa /usr/share/vt/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd
3277 .Xr vt 4 ) .
3279 .Pq Vt str
3289 .Pq Vt str
3297 .Pq Vt str
3306 .Pq Vt str
3313 .Xr vt 4
3316 .Pq Vt str
3323 .Pa /usr/share/vt/fonts/ Ns Aq Ar value
3326 .Pq Vt str
3333 .Pa /usr/share/vt/fonts/ Ns Aq Ar value
3336 .Pq Vt str
3343 .Pa /usr/share/vt/fonts/ Ns Aq Ar value
3346 .Pq Vt int
3354 .Pq Vt str
3361 .Pq Vt str
3376 .Pq Vt str
3383 .Pq Vt str
3414 .Bl -tag -width ".Li x10mouseremote" -compact
3467 .Pq Vt str
3479 .Pq Vt str
3490 daemon is started for a non-default port, the
3496 is the name of the non-default port, i.e.,\&
3504 .Dq Li "-3"
3514 .Pq Vt int
3518 .Li 0xd0 Ns - Ns Li 0xd3
3527 .Pq Vt str
3540 .Pq Vt str
3550 .Xr vt 4
3553 .Pq Vt bool
3560 .Pq Vt str
3566 .Pq Vt str
3574 .Pq Vt bool
3583 .Pq Vt str
3589 .Pq Vt bool
3596 .Pq Vt str
3605 .Pq Vt bool
3614 .Pq Vt str
3625 .Dq Li -d ,
3628 .Pq Vt str
3643 .Pq Vt str
3650 .Pq Vt str
3670 .Pq Vt bool
3676 .Pq Vt str
3681 .Pq Vt bool
3692 .Pq Vt bool
3699 .Pq Vt str
3712 .Dq Li "-a" ,
3716 .Pq Vt str
3725 .Dq Li "-a" ,
3729 .Pq Vt str
3738 .Dq Li "-a" ,
3742 .Pq Vt bool
3749 .Pq Vt str
3766 .Pq Vt bool
3772 .Pq Vt bool
3777 .Pq Vt bool
3784 .Pq Vt bool
3792 .Pq Vt str
3801 .Pq Vt str
3802 Set to the list of 32-bit compatibility shared library paths to
3806 .Pq Vt bool
3815 .Pq Vt str
3823 .Pq Vt str
3824 Set to the list of local 32-bit compatibility
3831 .Pq Vt bool
3836 .Pq Vt int
3840 ranges from \-1 (the compile time default) to 3 (the
3847 .Pq Vt str
3852 .Pq Vt bool
3865 .Pq Vt str
3874 .Pq Vt str
3879 .Pq Vt bool
3884 as a stand-alone daemon at system boot time.
3886 .Pq Vt str
3895 .Pq Vt bool
3905 .Pq Vt str
3914 .Pq Vt int
3927 .Pq Vt int
3935 This timeout will not be set when returning to the single-user mode
3949 .Pq Vt str
3953 .Pq Vt str
3958 .Pq Vt str
3959 Pairs of already-mounted
3964 .Pq Vt bool
3968 .Pq Vt str
3971 .Dq Li LOW
3978 .Pq Vt str
3981 .Dq Li LOW
3988 .Pq Vt str
3991 .Dq Li LOW
3998 .Pq Vt str
4001 .Dq Li LOW
4008 .Pq Vt bool
4013 .Pq Vt str
4027 .Pq Vt bool
4032 .Pq Vt str
4039 .Pq Vt str
4040 A space-delimited list of jail names.
4053 .Pq Vt bool
4060 Note that older releases supported per-jail configuration via
4068 These per-jail configuration variables are now obsolete in favor of
4072 when per-jail configuration variables are defined,
4078 The following per-jail parameters are handled by
4086 They must be a semi-colon
4094 .Bl -tag -width "host.hostname" -offset indent
4186 .\" -----------------------------------------------------
4188 .Pq Vt int
4189 Set to a bit-mask
4196 .Pq Vt str
4213 .Pq Vt str
4228 .Pa /var/db/entropy-file
4233 .Pq Vt str
4250 .Pq Vt int
4252 .Nm save-entropy
4255 .Pq Vt int
4257 .Nm save-entropy
4260 .Pq Vt bool
4269 .Pq Vt str
4273 .Pq Vt bool
4282 .Pq Vt int
4305 .Pq Vt bool
4313 .Pq Vt bool
4321 .Pq Vt str
4328 .Pq Vt bool
4335 .Pq Vt str
4344 .Dq Li -CN ,
4349 .Pq Vt str
4371 .Pq Vt str
4379 .Pq Vt str
4391 .Pq Vt str
4403 .Pq Vt str
4410 .Pq Vt str
4430 .Bd -literal
4434 .Pq Vt str
4446 .Bd -literal
4451 .Pq Vt bool
4456 .Pq Vt bool
4461 .Pq Vt str
4467 .Pq Vt bool
4472 .Pq Vt str
4479 .Pq Vt str
4486 .Pq Vt str
4493 .Pq Vt bool
4498 .Pq Vt str
4504 .Pq Vt str
4511 .Pq Vt bool
4516 .Pq Vt str
4520 Also used to specify per-profile overrides.
4522 .Dq Li .-/+
4527 .Pq Vt str
4536 .Pq Vt str
4543 .Pq Vt bool
4550 .Pq Vt bool
4553 if it should register Dial-Up Networking service on the specified
4558 .Pq Vt bool
4578 .Pq Vt bool
4585 .Pq Vt bool
4588 delays the start of network-reliant services until
4605 .Pq Vt str
4607 This variable contains a space-delimited list of IP addresses to
4614 .Pq Vt int
4624 .Pq Vt str
4635 .Pq Vt int
4637 polled at a 1-second interval.
4640 .Pq Vt bool
4651 .Pq Vt str
4660 .Pq Vt str
4661 A space-separated list of configuration files used by
4665 .Pq Vt bool
4676 .Pq Vt str
4686 .Pq Vt str
4696 .Pq Vt str
4706 .Pq Vt bool
4713 .Pq Vt bool
4720 .Pq Vt bool
4727 .Pq Vt str
4736 .Dq Li -Aa ,
4741 .Pq Vt bool
4748 .Pq Vt str
4753 .Pq Vt bool
4761 .Pq Vt bool
4767 .Pq Vt bool
4770 enable auto-loading of encryption keys for encrypted ZFS datasets.
4781 .Pq Vt str
4782 A whitespace-separated list of ZFS datasets to unlock.
4786 .Pq Vt int
4791 .Pq Vt str
4815 .Pq Vt str
4834 .Pq Vt str
4851 .Pq Vt str
4860 .Pq Vt bool
4874 a localhost-only listening SMTP service required for running
4876 as a non-set-user-ID binary.
4881 .Pq Vt str
4894 .Pq Vt bool
4912 .Pq Vt str
4927 .Pq Vt bool
4938 .Pq Vt str
4951 parent (if you allow child-jails in your jails, service jails
4960 .Bl -tag -width indent-two
5001 All non-network options can be combined with all other options.
5010 .Va svcj- Ns Ar name .
5042 .Bl -tag -width "/etc/defaults/rc.conf" -compact