1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd April 25, 2004 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67See the 68.Va rc_conf_files 69variable below. 70.Pp 71The following list provides a name and short description for each 72variable that can be set in the 73.Nm 74file: 75.Bl -tag -width indent-two 76.It Va rc_debug 77.Pq Vt bool 78If set to 79.Dq Li YES , 80enable output of debug messages from rc scripts. 81This variable can be helpful in diagnosing mistakes when 82editing or integrating new scripts. 83Beware that this produces copious output to the terminal and 84.Xr syslog 3 . 85.It Va rc_info 86.Pq Vt bool 87If set to 88.Dq Li NO , 89disable informational messages from the rc scripts. 90Informational messages are displayed when 91a condition that is not serious enough to warrant a warning or 92an error occurs. 93.It Va swapfile 94.Pq Vt str 95If set to 96.Dq Li NO , 97no swapfile is installed, otherwise the value is used as the full 98pathname to a file to use for additional swap space. 99.It Va apm_enable 100.Pq Vt bool 101If set to 102.Dq Li YES , 103enable support for Automatic Power Management with 104the 105.Xr apm 8 106command. 107.It Va apmd_enable 108.Pq Vt bool 109Run 110.Xr apmd 8 111to handle APM event from userland. 112This also enables support for APM. 113.It Va apmd_flags 114.Pq Vt str 115If 116.Va apmd_enable 117is set to 118.Dq Li YES , 119these are the flags to pass to the 120.Xr apmd 8 121daemon. 122.It Va devd_enable 123.Pq Vt bool 124Run 125.Xr devd 8 126to handle device added, removed or unknown events from the kernel. 127.It Va kldxref_enable 128.Pq Vt bool 129Set to 130.Dq Li NO 131by default. 132Set to 133.Dq Li YES 134to automatically rebuild 135.Pa linker.hints 136files with 137.Xr kldxref 8 138at boot time. 139.It Va kldxref_clobber 140.Pq Vt bool 141Set to 142.Dq Li NO 143by default. 144If 145.Va kldxref_enable 146is true, 147setting to 148.Dq Li YES 149will overwrite existing 150.Pa linker.hints 151files at boot time. 152Otherwise, 153only missing 154.Pa linker.hints 155files are generated. 156.It Va kldxref_module_path 157.Pq Vt str 158Empty by default. 159A semi-colon 160.Pq Ql \&; 161delimited list of paths containing 162.Xr kld 4 163modules. 164If empty, 165the contents of the 166.Va kern.module_path 167.Xr sysctl 8 168are used. 169.It Va pccard_enable 170.Pq Vt bool 171If set to 172.Dq Li YES , 173enable PCCARD support at boot time. 174.It Va pccard_mem 175.Pq Vt str 176Set to PCCARD controller memory address or 177.Dq Li DEFAULT 178for the default value. 179.It Va pccard_ifconfig 180.Pq Vt str 181List of arguments to be passed to 182.Xr ifconfig 8 183at boot time or on 184insertion of the card (e.g.\& 185.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 186for a fixed address or 187.Dq Li DHCP 188for a DHCP client). 189.It Va pccard_beep 190.Pq Vt int 191If 0, 192set the PCCARD controller to silent mode. 193If 1, 194set it to beep mode. 195If 2, 196set it to melody mode. 197.It Va pccard_conf 198.Pq Vt str 199Path to the configuration file for the 200.Xr pccardd 8 201daemon (e.g.\& 202.Pa /etc/pccard.conf.sample ) . 203.It Va pccardd_flags 204.Pq Vt str 205If 206.Va pccard_enable 207is set to 208.Dq Li YES , 209these are the flags to pass to the 210.Xr pccardd 8 211daemon. 212.It Va pccard_ether_delay 213.Pq Vt str 214Set the delay before starting 215.Xr dhclient 8 216in the 217.Pa /etc/pccard_ether 218script. 219This defaults to 5 seconds to work around a bug in the 220.Xr ed 4 221driver which can lead to system hangs when using some newer 222.Xr ed 4 223based cards. 224.It Va removable_interfaces 225.Pq Vt str 226List of removable network interfaces to be supported by 227.Pa /etc/pccard_ether . 228.It Va tmpmfs 229Controls the creation of an mfs 230.Pa /tmp 231file system. 232Always happens if set to 233.Dq Li YES 234and never happens if set to 235.Dq Li NO . 236If set anything else, a memory file system is created if 237.Pa /tmp 238is not writable. 239.It Va tmpsize 240Controls the size of a created mfm 241.Pa /tmp . 242.It Va varmfs 243Controls the creation of an mfs 244.Pa /var 245file system. 246Always happens if set to 247.Dq Li YES 248and never happens if set to 249.Dq Li NO . 250If set anything else, a memory file system is created if 251.Pa /var 252is not writable. 253.It Va varsize 254Controls the size of a created mfm 255.Pa /var . 256.It Va populate_var 257Controls the automatic population of the 258.Pa /var 259file system. 260Always happens if set to 261.Dq Li YES 262and never happens if set to 263.Dq Li NO . 264If set anything else, a memory file system is created if /tmp is not writable. 265Note that this process requires access to certain commands in 266.Pa /usr 267before 268.Pa /usr 269is mounted on normal systems. 270.It Va local_startup 271.Pq Vt str 272List of directories to search for startup script files. 273.It Va script_name_sep 274.Pq Vt str 275The field separator to use for breaking down the list of startup script files 276into individual filenames. 277The default is a space. 278It is not necessary to change this unless there are startup scripts with names 279containing spaces. 280.It Va hostname 281.Pq Vt str 282The fully qualified domain name (FQDN) of this host on the network. 283This should almost certainly be set to something meaningful, even if 284there is no network connection. 285If 286.Xr dhclient 8 287is used to set the hostname via DHCP, 288this variable should be set to an empty string. 289.It Va ipv6_enable 290.Pq Vt bool 291Enable support for IPv6 networking. 292Note that this requires that the kernel have been compiled with 293.Cd "options INET6" . 294.It Va nisdomainname 295.Pq Vt str 296The NIS domain name of this host, or 297.Dq Li NO 298if NIS is not used. 299.It Va dhclient_program 300.Pq Vt str 301Path to the DHCP client program 302.Pa ( /sbin/dhclient , 303the ISC DHCP client, 304is the default). 305.It Va dhclient_flags 306.Pq Vt str 307Additional flags to pass to the DHCP client program. 308For the ISC DHCP client, see the 309.Xr dhclient 8 310manpage for a description of the command line options available. 311.It Va background_dhclient 312.Pq Vt bool 313Set to 314.Dq Li YES 315to start the dhcp client in background. 316This can cause trouble with applications depending on 317a working network, but it will provide a faster startup 318in many cases. 319.It Va firewall_enable 320.Pq Vt bool 321Set to 322.Dq Li YES 323to load firewall rules at startup. 324If the kernel was not built with 325.Cd "options IPFIREWALL" , 326the 327.Pa ipfw.ko 328kernel module will be loaded. 329See also 330.Va ipfilter_enable . 331.It Va ipv6_firewall_enable 332.Pq Vt bool 333The IPv6 equivalent of 334.Va firewall_enable . 335Set to 336.Dq Li YES 337to load IPv6 firewall rules at startup. 338If the kernel was not built with 339.Cd "options IPV6FIREWALL" , 340the 341.Pa ip6fw.ko 342kernel module will be loaded. 343.It Va firewall_script 344.Pq Vt str 345This variable specifies the full path to the firewall script to run. 346The default is 347.Pa /etc/rc.firewall . 348.It Va ipv6_firewall_script 349.Pq Vt str 350The IPv6 equivalent of 351.Va firewall_script . 352.It Va firewall_type 353.Pq Vt str 354Names the firewall type from the selection in 355.Pa /etc/rc.firewall , 356or the file which contains the local firewall ruleset. 357Valid selections from 358.Pa /etc/rc.firewall 359are: 360.Pp 361.Bl -tag -width ".Li simple" -compact 362.It Li open 363unrestricted IP access 364.It Li closed 365all IP services disabled, except via 366.Dq Li lo0 367.It Li client 368basic protection for a workstation 369.It Li simple 370basic protection for a LAN. 371.El 372.Pp 373If a filename is specified, the full path 374must be given. 375.It Va ipv6_firewall_type 376.Pq Vt str 377The IPv6 equivalent of 378.Va firewall_type . 379.It Va firewall_quiet 380.Pq Vt bool 381Set to 382.Dq Li YES 383to disable the display of firewall rules on the console during boot. 384.It Va ipv6_firewall_quiet 385.Pq Vt bool 386The IPv6 equivalent of 387.Va firewall_quiet . 388.It Va firewall_logging 389.Pq Vt bool 390Set to 391.Dq Li YES 392to enable firewall event logging. 393This is equivalent to the 394.Dv IPFIREWALL_VERBOSE 395kernel option. 396.It Va ipv6_firewall_logging 397.Pq Vt bool 398The IPv6 equivalent of 399.Va firewall_logging . 400.It Va firewall_flags 401.Pq Vt str 402Flags passed to 403.Xr ipfw 8 404if 405.Va firewall_type 406specifies a filename. 407.It Va ipv6_firewall_flags 408.Pq Vt str 409The IPv6 equivalent of 410.Va firewall_flags . 411.It Va natd_program 412.Pq Vt str 413Path to 414.Xr natd 8 . 415.It Va natd_enable 416.Pq Vt bool 417Set to 418.Dq Li YES 419to enable 420.Xr natd 8 . 421.Va firewall_enable 422must also be set to 423.Dq Li YES , 424and 425.Xr divert 4 426sockets must be enabled in the kernel. 427.It Va natd_interface 428.Pq Vt str 429This is the name of the public interface on which 430.Xr natd 8 431should run. 432The interface may be given as an interface name or as an IP address. 433.It Va natd_flags 434.Pq Vt str 435Additional 436.Xr natd 8 437flags should be placed here. 438The 439.Fl n 440or 441.Fl a 442flag is automatically added with the above 443.Va natd_interface 444as an argument. 445.\" ----- ipfilter_enable setting -------------------------------- 446.It Va ipfilter_enable 447.Pq Vt bool 448Set to 449.Dq Li NO 450by default. 451Setting this to 452.Dq Li YES 453enables 454.Xr ipf 8 455packet filtering. 456.Pp 457Typical usage will require putting 458.Bd -literal 459ipfilter_enable="YES" 460ipnat_enable="YES" 461ipmon_enable="YES" 462ipfs_enable="YES" 463.Ed 464.Pp 465into 466.Pa /etc/rc.conf 467and editing 468.Pa /etc/ipf.rules 469and 470.Pa /etc/ipnat.rules 471appropriately. 472.Pp 473Note that 474.Va ipfilter_enable 475and 476.Va ipnat_enable 477can be enabled independently. 478.Va ipmon_enable 479and 480.Va ipfs_enable 481both require at least one of 482.Va ipfilter_enable 483and 484.Va ipnat_enable 485to be enabled. 486.Pp 487Having 488.Bd -literal 489options IPFILTER 490options IPFILTER_LOG 491options IPFILTER_DEFAULT_BLOCK 492.Ed 493.Pp 494in the kernel configuration file is a good idea, too. 495.\" ----- ipfilter_program setting ------------------------------ 496.It Va ipfilter_program 497.Pq Vt str 498Path to 499.Xr ipf 8 500(default 501.Pa /sbin/ipf ) . 502.\" ----- ipfilter_rules setting -------------------------------- 503.It Va ipfilter_rules 504.Pq Vt str 505Set to 506.Pa /etc/ipf.rules 507by default. 508This variable contains the name of the filter rule definition file. 509The file is expected to be readable for the 510.Xr ipf 8 511command to execute. 512.\" ----- ipv6_ipfilter_rules setting --------------------------- 513.It Va ipv6_ipfilter_rules 514.Pq Vt str 515Set to 516.Pa /etc/ipf6.rules 517by default. 518This variable contains the IPv6 filter rule definition file. 519The file is expected to be readable for the 520.Xr ipf 8 521command to execute. 522.\" ----- ipfilter_flags setting -------------------------------- 523.It Va ipfilter_flags 524.Pq Vt str 525Empty by default. 526This variable contains flags passed to the 527.Xr ipf 8 528program. 529.\" ----- ipnat_enable setting ---------------------------------- 530.It Va ipnat_enable 531.Pq Vt bool 532Set to 533.Dq Li NO 534by default. 535Set it to 536.Dq Li YES 537to enable 538.Xr ipnat 1 539network address translation. 540See 541.Va ipfilter_enable 542for a detailed discussion. 543.\" ----- ipnat_program setting --------------------------------- 544.It Va ipnat_program 545.Pq Vt str 546Path to 547.Xr ipnat 1 548(default 549.Pa /sbin/ipnat ) . 550.\" ----- ipnat_rules setting ----------------------------------- 551.It Va ipnat_rules 552.Pq Vt str 553Set to 554.Pa /etc/ipnat.rules 555by default. 556This variable contains the name of the file 557holding the network address translation definition. 558This file is expected to be readable for the 559.Xr ipnat 1 560command to execute. 561.\" ----- ipnat_flags setting ----------------------------------- 562.It Va ipnat_flags 563.Pq Vt str 564Empty by default. 565This variable contains flags passed to the 566.Xr ipnat 1 567program. 568.\" ----- ipmon_enable setting ---------------------------------- 569.It Va ipmon_enable 570.Pq Vt bool 571Set to 572.Dq Li NO 573by default. 574Set it to 575.Dq Li YES 576to enable 577.Xr ipmon 8 578monitoring (logging 579.Xr ipf 8 580and 581.Xr ipnat 1 582events). 583Setting this variable needs setting 584.Va ipfilter_enable 585or 586.Va ipnat_enable 587too. 588See 589.Va ipfilter_enable 590for a detailed discussion. 591.\" ----- ipmon_program setting --------------------------------- 592.It Va ipmon_program 593.Pq Vt str 594Path to 595.Xr ipmon 8 596(default 597.Pa /sbin/ipmon ) . 598.\" ----- ipmon_flags setting ----------------------------------- 599.It Va ipmon_flags 600.Pq Vt str 601Set to 602.Dq Li -Ds 603by default. 604This variable contains flags passed to the 605.Xr ipmon 8 606program. 607Another typical example would be 608.Dq Fl D Pa /var/log/ipflog 609to have 610.Xr ipmon 8 611log directly to a file bypassing 612.Xr syslogd 8 . 613Make sure to adjust 614.Pa /etc/newsyslog.conf 615in such case like this: 616.Bd -literal 617/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 618.Ed 619.\" ----- ipfs_enable setting ----------------------------------- 620.It Va ipfs_enable 621.Pq Vt bool 622Set to 623.Dq Li NO 624by default. 625Set it to 626.Dq Li YES 627to enable 628.Xr ipfs 8 629saving the filter and NAT state tables during shutdown 630and reloading them during startup again. 631Setting this variable needs setting 632.Va ipfilter_enable 633or 634.Va ipnat_enable 635to 636.Dq Li YES 637too. 638See 639.Va ipfilter_enable 640for a detailed discussion. 641Note that if 642.Va kern_securelevel 643is set to 3, 644.Va ipfs_enable 645cannot be used 646because the raised securelevel will prevent 647.Xr ipfs 8 648from saving the state tables at shutdown time. 649.\" ----- ipfs_program setting ---------------------------------- 650.It Va ipfs_program 651.Pq Vt str 652Path to 653.Xr ipfs 8 654(default 655.Pa /sbin/ipfs ) . 656.\" ----- ipfs_flags setting ------------------------------------ 657.It Va ipfs_flags 658.Pq Vt str 659Empty by default. 660This variable contains flags passed to the 661.Xr ipfs 8 662program. 663.\" ----- end of added ipf hook --------------------------------- 664.It Va pf_enable 665.Pq Vt bool 666Set to 667.Dq Li NO 668by default. 669Setting this to 670.Dq Li YES 671enables 672.Xr pf 4 673packet filtering. 674.Pp 675Typical usage will require putting 676.Bd -literal 677pf_enable="YES" 678.Ed 679.Pp 680into 681.Pa /etc/rc.conf 682and editing 683.Pa /etc/pf.conf 684appropriately. 685.Pp 686Having 687.Bd -literal 688options PFIL_HOOKS 689options RANDOM_IP_ID 690.Ed 691.Pp 692in the kernel configuration file is required for use as a 693.Xr kld 4 694module. 695.Pp 696.Bd -literal 697device pf 698.Ed 699.Pp 700builds it into the kernel. 701.It Va pf_rules 702.Pq Vt str 703Path to pf ruleset configuration file 704(default 705.Pa /etc/pf.conf ) . 706.It Va pf_program 707.Pq Vt str 708Path to 709.Xr pfctl 8 710(default 711.Pa /sbin/pfctl ) . 712.It Va pf_flags 713.Pq Vt str 714If 715.Va pf_enable 716is set to 717.Dq Li YES , 718these flags are passed to the 719.Xr pfctl 8 720program when loading the ruleset. 721.It Va pflog_enable 722.Pq Vt bool 723Set to 724.Dq Li NO 725by default. 726Setting this to 727.Dq Li YES 728enables 729.Xr pflogd 8 730which logs packtes from the 731.Xr pf 4 732packet filter. 733.It Va pflog_logfile 734.Pq Vt str 735If 736.Va pflog_enable 737is set to 738.Dq Li YES 739this controls where 740.Xr pflogd 8 741stores the logfile. 742(default 743.Pa /var/log/pflog ) . 744Check 745.Pa /etc/newsyslog.conf 746to adjust logfile rotation for this. 747.It Va pflog_program 748.Pq Vt str 749Path to 750.Xr pflogd 8 751(default 752.Pa /sbin/pflogd ) . 753.It Va pflog_flags 754.Pq Vt str 755Empty by default. 756This variable contains additional flags passed to the 757.Xr pflogd 8 758program. 759.It Va tcp_extensions 760.Pq Vt bool 761Set to 762.Dq Li YES 763by default. 764Setting this to 765.Dq Li NO 766disables certain TCP options as described by 767.Rs 768.%T "RFC 1323" 769.Re 770Setting this to 771.Dq Li NO 772might help remedy such problems with connections as randomly hanging 773or other weird behavior. 774Some network devices are known 775to be broken with respect to these options. 776.It Va log_in_vain 777.Pq Vt int 778Set to 0 by default. 779The 780.Xr sysctl 8 781variables, 782.Va net.inet.tcp.log_in_vain 783and 784.Va net.inet.udp.log_in_vain , 785as described in 786.Xr tcp 4 787and 788.Xr udp 4 , 789are set to the given value. 790.It Va tcp_keepalive 791.Pq Vt bool 792Set to 793.Dq Li YES 794by default. 795Setting to 796.Dq Li NO 797will disable probing idle TCP connections to verify that the 798peer is still up and reachable. 799.It Va tcp_drop_synfin 800.Pq Vt bool 801Set to 802.Dq Li NO 803by default. 804Setting to 805.Dq Li YES 806will cause the kernel to ignore TCP frames that have both 807the SYN and FIN flags set. 808This prevents OS fingerprinting, but may 809break some legitimate applications. 810This option is only available if the 811kernel was built with the 812.Dv TCP_DROP_SYNFIN 813option. 814.It Va icmp_drop_redirect 815.Pq Vt bool 816Set to 817.Dq Li NO 818by default. 819Setting to 820.Dq Li YES 821will cause the kernel to ignore ICMP REDIRECT packets. 822Refer to 823.Xr icmp 4 824for more information. 825.It Va icmp_log_redirect 826.Pq Vt bool 827Set to 828.Dq Li NO 829by default. 830Setting to 831.Dq Li YES 832will cause the kernel to log ICMP REDIRECT packets. 833Note that 834the log messages are not rate-limited, so this option should only be used 835for troubleshooting networks. 836Refer to 837.Xr icmp 4 838for more information. 839.It Va icmp_bmcastecho 840.Pq Vt bool 841Set to 842.Dq Li YES 843to respond to broadcast or multicast ICMP ping packets. 844Refer to 845.Xr icmp 4 846for more information. 847.It Va ip_portrange_first 848.Pq Vt int 849If not set to 850.Dq Li NO , 851this is the first port in the default portrange. 852Refer to 853.Xr ip 4 854for more information. 855.It Va ip_portrange_last 856.Pq Vt int 857If not set to 858.Dq Li NO , 859this is the last port in the default portrange. 860Refer to 861.Xr ip 4 862for more information. 863.It Va network_interfaces 864.Pq Vt str 865Set to the list of network interfaces to configure on this host. 866For example, if the only network devices in the system are the loopback 867device 868.Pq Li lo0 869and a NIC using the 870.Xr ed 4 871driver, 872this could be set to 873.Dq Li "lo0 ed0" . 874An 875.Va ifconfig_ Ns Aq Ar interface 876variable is also assumed to exist for each value of 877.Ar interface . 878It is also possible to add IP alias entries here in cases where 879multiple IP addresses registered against a single interface 880are desired. 881Assuming that the interface in question was 882.Li ed0 , 883it might look 884something like this: 885.Bd -literal 886ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 887ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 888.Ed 889.Pp 890And so on. 891For each 892.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 893entry that is found, 894its contents are passed to 895.Xr ifconfig 8 . 896Execution stops at the first unsuccessful access, so if 897something like this is present: 898.Bd -literal 899ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 900ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 901ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 902ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 903.Ed 904.Pp 905Then note that alias4 would 906.Em not 907be added since the search would 908stop with the missing alias3 entry. 909.Pp 910If the 911.Pa /etc/start_if. Ns Aq Ar interface 912file is present, it is read and executed by the 913.Xr sh 1 914interpreter 915before configuring the interface as specified in the 916.Va ifconfig_ Ns Aq Ar interface 917and 918.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 919variables. 920.Pp 921It is possible to bring up an interface with DHCP by setting the 922.Va ifconfig_ Ns Aq Ar interface 923variable to 924.Dq Li DHCP . 925For instance, to initialize the 926.Li ed0 927device via DHCP, 928it is possible to use something like: 929.Bd -literal 930ifconfig_ed0="DHCP" 931.Ed 932.It Va ipv6_network_interfaces 933.Pq Vt str 934This is the IPv6 equivalent of 935.Va network_interfaces . 936Instead of setting the ifconfig variables as 937.Va ifconfig_ Ns Aq Ar interface 938they should be set as 939.Va ipv6_ifconfig_ Ns Aq Ar interface . 940Aliases should be set as 941.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 942.Va ipv6_prefix_ Ns Aq Ar interface 943does something. 944Interfaces that do not have a 945.Va ipv6_ifconfig_ Ns Aq Ar interface 946setting will be auto configured by 947.Xr rtsol 8 948if the 949.Va ipv6_gateway_enable 950is set to 951.Dq Li NO . 952Note that the IPv6 networking code does not support the 953.Pa /etc/start_if. Ns Aq Ar interface 954files. 955.It Va ipv6_default_interface 956.Pq Vt str 957If not set to 958.Dq Li NO , 959this is the default output interface for scoped addresses. 960Now this works only for IPv6 link local multicast addresses. 961.It Va cloned_interfaces 962.Pq Vt str 963Set to the list of clonable network interfaces to create on this host. 964Entries in 965.Va cloned_interfaces 966are automatically appended to 967.Va network_interfaces 968for configuration. 969.It Va gif_interfaces 970.Pq Vt str 971Set to the list of 972.Xr gif 4 973tunnel interfaces to configure on this host. 974A 975.Va gifconfig_ Ns Aq Ar interface 976variable is assumed to exist for each value of 977.Ar interface . 978The value of this variable is used to configure the link layer of the 979tunnel according to the syntax of the 980.Cm tunnel 981option to 982.Xr ifconfig 8 . 983Additionally, this option ensures that each listed interface is created 984via the 985.Cm create 986option to 987.Xr ifconfig 8 988before attempting to configure it. 989.It Va sppp_interfaces 990.Pq Vt str 991Set to the list of 992.Xr sppp 4 993interfaces to configure on this host. 994A 995.Va spppconfig_ Ns Aq Ar interface 996variable is assumed to exist for each value of 997.Ar interface . 998Each interface should also be configured by a general 999.Va ifconfig_ Ns Aq Ar interface 1000setting. 1001Refer to 1002.Xr spppcontrol 8 1003for more information about available options. 1004.It Va ppp_enable 1005.Pq Vt bool 1006If set to 1007.Dq Li YES , 1008run the 1009.Xr ppp 8 1010daemon. 1011.It Va ppp_mode 1012.Pq Vt str 1013Mode in which to run the 1014.Xr ppp 8 1015daemon. 1016Accepted modes are 1017.Dq Li auto , 1018.Dq Li ddial , 1019.Dq Li direct 1020and 1021.Dq Li dedicated . 1022See the manual for a full description. 1023.It Va ppp_nat 1024.Pq Vt bool 1025If set to 1026.Dq Li YES , 1027enables network address translation. 1028Used in conjunction with 1029.Va gateway_enable 1030allows hosts on private network addresses access to the Internet using 1031this host as a network address translating router. 1032.It Va ppp_profile 1033.Pq Vt str 1034The name of the profile to use from 1035.Pa /etc/ppp/ppp.conf . 1036.It Va ppp_user 1037.Pq Vt str 1038The name of the user under which 1039.Xr ppp 8 1040should be started. 1041By 1042default, 1043.Xr ppp 8 1044is started as 1045.Dq Li root . 1046.It Va rc_conf_files 1047.Pq Vt str 1048This option is used to specify a list of files that will override 1049the settings in 1050.Pa /etc/defaults/rc.conf . 1051The files will be read in the order in which they are specified and should 1052include the full path to the file. 1053By default, the files specified are 1054.Pa /etc/rc.conf 1055and 1056.Pa /etc/rc.conf.local 1057.It Va gbde_autoattach_all 1058.Pq Vt bool 1059If set to 1060.Dq Li YES , 1061.Pa /etc/rc.d/gbde 1062will attempt to automatically initialize your .bde devices in 1063.Pa /etc/fstab . 1064.It Va gbde_devices 1065.Pq Vt str 1066List the devices that the script should try to attach, 1067or 1068.Dq Li AUTO . 1069.It Va gbde_swap_enable 1070.Pq Vt bool 1071If set to 1072.Dq Li YES , 1073any .bde swap devices listed in 1074.Pa /etc/fstab 1075will be initialized with a random, one-shot key. 1076Note that this makes recovery of kernel dumps impossible. 1077.It Va fsck_y_enable 1078.Pq Vt bool 1079If set to 1080.Dq Li YES , 1081.Xr fsck 8 1082will be run with the 1083.Fl y 1084flag if the initial preen 1085of the file systems fails. 1086.It Va background_fsck 1087.Pq Vt bool 1088If set to 1089.Dq Li YES , 1090the system will attempt to run 1091.Xr fsck 8 1092in the background where possible. 1093.It Va background_fsck_delay 1094.Pq Vt int 1095The amount of time in seconds to sleep before starting a background 1096.Xr fsck 8 . 1097It defaults to sixty seconds to allow large applications such as 1098the X server to start before disk I/O bandwidth is monopolized by 1099.Xr fsck 8 . 1100.It Va netfs_types 1101.Pq Vt str 1102List of file system types that are network-based. 1103This list should generally not be modified by end users. 1104Use 1105.Va extra_netfs_types 1106instead. 1107.It Va extra_netfs_types 1108.Pq Vt str 1109If set to something other than 1110.Dq Li NO 1111(the default), 1112this variable extends the list of file system types 1113for which automatic mounting at startup by 1114.Xr rc 8 1115should be delayed until the network is initialized. 1116It should contain 1117a whitespace-separated list of network file system descriptor pairs, 1118each consisting of a file system type as passed to 1119.Xr mount 8 1120and a human-readable, one-word description, 1121joined with a colon 1122.Pq Ql \&: . 1123Extending the default list in this way is only necessary 1124when third party file system types are used. 1125.It Va syslogd_enable 1126.Pq Vt bool 1127If set to 1128.Dq Li YES , 1129run the 1130.Xr syslogd 8 1131daemon. 1132.It Va syslogd_program 1133.Pq Vt str 1134Path to 1135.Xr syslogd 8 1136(default 1137.Pa /usr/sbin/syslogd ) . 1138.It Va syslogd_flags 1139.Pq Vt str 1140If 1141.Va syslogd_enable 1142is set to 1143.Dq Li YES , 1144these are the flags to pass to 1145.Xr syslogd 8 . 1146.It Va inetd_enable 1147.Pq Vt bool 1148If set to 1149.Dq Li YES , 1150run the 1151.Xr inetd 8 1152daemon. 1153.It Va inetd_program 1154.Pq Vt str 1155Path to 1156.Xr inetd 8 1157(default 1158.Pa /usr/sbin/inetd ) . 1159.It Va inetd_flags 1160.Pq Vt str 1161If 1162.Va inetd_enable 1163is set to 1164.Dq Li YES , 1165these are the flags to pass to 1166.Xr inetd 8 . 1167.It Va named_enable 1168.Pq Vt bool 1169If set to 1170.Dq Li YES , 1171run the 1172.Xr named 8 1173daemon. 1174.It Va named_program 1175.Pq Vt str 1176Path to 1177.Xr named 8 1178(default 1179.Pa /usr/sbin/named ) . 1180.It Va named_flags 1181.Pq Vt str 1182If 1183.Va named_enable 1184is set to 1185.Dq Li YES , 1186these are the flags to pass to 1187.Xr named 8 . 1188.It Va named_pidfile 1189.Pq Vt str 1190This is the default path to the 1191.Xr named 8 1192daemon's PID file. 1193Change it if you change the location in 1194.Xr named.conf 5 . 1195.It Va named_chrootdir 1196.Pq Vt str 1197The root directory for a name server run in a 1198.Xr chroot 8 1199environment. 1200If left empty 1201.Xr named 8 1202will not be run in a 1203.Xr chroot 8 1204environment. 1205This variable has no effect if 1206.Va named_rcng 1207is not enabled. 1208This variable is experimental. 1209It may be removed or changed in the near future. 1210.It Va named_chroot_autoupdate 1211.Pq Vt bool 1212Set to 1213.Dq Li NO 1214to disable automatic syncing of libraries and 1215other system files between the root file system and the 1216.Xr chroot 8 . 1217This variable has no effect if 1218.Va named_rcng 1219is not enabled. 1220This variable is experimental. 1221It may be removed or changed in the near future. 1222.It Va named_symlink_enable 1223.Pq Vt bool 1224Set to 1225.Dq Li NO 1226to disable symlinking of 1227.Va named_pidfile 1228and 1229.Pa /var/run/ndc 1230into the 1231.Xr chroot 8 1232environment in which 1233.Xr named 8 1234is running. 1235This variable has no effect if 1236.Va named_rcng 1237is not enabled. 1238This variable is experimental. 1239It may be removed or changed in the near future. 1240.It Va kerberos5_server_enable 1241.Pq Vt bool 1242Set to 1243.Dq Li YES 1244to start a Kerberos 5 authentication server 1245at boot time. 1246.It Va kerberos5_server 1247.Pq Vt str 1248If 1249.Va kerberos5_server_enable 1250is set to 1251.Dq Li YES 1252this is the path to Kerberos 5 Authentication Server. 1253.It Va kadmind5_server_enable 1254.Pq Vt bool 1255Set to 1256.Dq Li YES 1257to start 1258.Xr kadmind 8 , 1259the Kerberos 5 Administration Daemon; set to 1260.Dq Li NO 1261on a slave server. 1262.It Va kadmind5_server 1263.Pq Vt str 1264If 1265.Va kadmind5_server_enable 1266is set to 1267.Dq Li YES 1268this is the path to Kerberos 5 Administration Daemon. 1269.It Va kpasswdd_server_enable 1270.Pq Vt bool 1271Set to 1272.Dq Li YES 1273to start 1274.Xr kpasswdd 8 , 1275the Kerberos 5 Password-Changing Daemon; set to 1276.Dq Li NO 1277on a slave server. 1278.It Va kpasswdd_server 1279.Pq Vt str 1280If 1281.Va kpasswdd_server_enable 1282is set to 1283.Dq Li YES 1284this is the path to Kerberos 5 Password-Changing Daemon. 1285.It Va rwhod_enable 1286.Pq Vt bool 1287If set to 1288.Dq Li YES , 1289run the 1290.Xr rwhod 8 1291daemon at boot time. 1292.It Va rwhod_flags 1293.Pq Vt str 1294If 1295.Va rwhod_enable 1296is set to 1297.Dq Li YES , 1298these are the flags to pass to it. 1299.It Va amd_enable 1300.Pq Vt bool 1301If set to 1302.Dq Li YES , 1303run the 1304.Xr amd 8 1305daemon at boot time. 1306.It Va amd_flags 1307.Pq Vt str 1308If 1309.Va amd_enable 1310is set to 1311.Dq Li YES , 1312these are the flags to pass to it. 1313See the 1314.Xr amd 8 1315manpage for more information. 1316.It Va amd_map_program 1317.Pq Vt str 1318If set, 1319the specified program is run to get the list of 1320.Xr amd 8 1321maps. 1322For example, if the 1323.Xr amd 8 1324maps are stored in NIS, one can set this to 1325run 1326.Xr ypcat 1 1327to get a list of 1328.Xr amd 8 1329maps from the 1330.Pa amd.master 1331NIS map. 1332.It Va update_motd 1333.Pq Vt bool 1334If set to 1335.Dq Li YES , 1336.Pa /etc/motd 1337will be updated at boot time to reflect the kernel release 1338being run. 1339If set to 1340.Dq Li NO , 1341.Pa /etc/motd 1342will not be updated. 1343.It Va nfs_client_enable 1344.Pq Vt bool 1345If set to 1346.Dq Li YES , 1347run the NFS client daemons at boot time. 1348.It Va nfs_access_cache 1349.Pq Vt int 1350If 1351.Va nfs_client_enable 1352is set to 1353.Dq Li YES , 1354this can be set to 1355.Dq Li 0 1356to disable NFS ACCESS RPC caching, or to the number of seconds for which 1357NFS ACCESS 1358results should be cached. 1359A value of 2-10 seconds will substantially reduce network 1360traffic for many NFS operations. 1361.It Va nfs_server_enable 1362.Pq Vt bool 1363If set to 1364.Dq Li YES , 1365run the NFS server daemons at boot time. 1366.It Va nfs_server_flags 1367.Pq Vt str 1368If 1369.Va nfs_server_enable 1370is set to 1371.Dq Li YES , 1372these are the flags to pass to the 1373.Xr nfsd 8 1374daemon. 1375.It Va mountd_enable 1376.Pq Vt bool 1377If set to 1378.Dq Li YES , 1379and no 1380.Va nfs_server_enable 1381is set, start 1382.Xr mountd 8 , 1383but not 1384.Xr nfsd 8 1385daemon. 1386It is commonly needed to run CFS without real NFS used. 1387.It Va mountd_flags 1388.Pq Vt str 1389If 1390.Va mountd_enable 1391is set to 1392.Dq Li YES , 1393these are the flags to pass to the 1394.Xr mountd 8 1395daemon. 1396.It Va weak_mountd_authentication 1397.Pq Vt bool 1398If set to 1399.Dq Li YES , 1400allow services like PCNFSD to make non-privileged mount 1401requests. 1402.It Va nfs_reserved_port_only 1403.Pq Vt bool 1404If set to 1405.Dq Li YES , 1406provide NFS services only on a secure port. 1407.It Va nfs_bufpackets 1408.Pq Vt int 1409If set to a number, indicates the number of packets worth of 1410socket buffer space to reserve on an NFS client. 1411The kernel default is typically 4. 1412Using a higher number may be 1413useful on gigabit networks to improve performance. 1414The minimum value is 14152 and the maximum is 64. 1416.It Va rpc_lockd_enable 1417.Pq Vt bool 1418If set to 1419.Dq Li YES 1420and also an NFS server, run 1421.Xr rpc.lockd 8 1422at boot time. 1423.It Va rpc_statd_enable 1424.Pq Vt bool 1425If set to 1426.Dq Li YES 1427and also an NFS server, run 1428.Xr rpc.statd 8 1429at boot time. 1430.It Va rpcbind_program 1431.Pq Vt str 1432Path to 1433.Xr rpcbind 8 1434(default 1435.Pa /usr/sbin/rpcbind ) . 1436.It Va rpcbind_enable 1437.Pq Vt bool 1438If set to 1439.Dq Li YES , 1440run the 1441.Xr rpcbind 8 1442service at boot time. 1443.It Va rpcbind_flags 1444.Pq Vt str 1445If 1446.Va rpcbind_enable 1447is set to 1448.Dq Li YES , 1449these are the flags to pass to the 1450.Xr rpcbind 8 1451daemon. 1452.It Va keyserv_enable 1453.Pq Vt bool 1454If set to 1455.Dq Li YES , 1456run the 1457.Xr keyserv 8 1458daemon on boot for running Secure RPC. 1459.It Va keyserv_flags 1460.Pq Vt str 1461If 1462.Va keyserv_enable 1463is set to 1464.Dq Li YES , 1465these are the flags to pass to 1466.Xr keyserv 8 1467daemon. 1468.It Va pppoed_enable 1469.Pq Vt bool 1470If set to 1471.Dq Li YES , 1472run the 1473.Xr pppoed 8 1474daemon at boot time to provide PPP over Ethernet services. 1475.It Va pppoed_ Ns Ar provider 1476.Pq Vt str 1477.Xr pppoed 8 1478listens to requests to this 1479.Ar provider 1480and ultimately runs 1481.Xr ppp 8 1482with a 1483.Ar system 1484argument of the same name. 1485.It Va pppoed_flags 1486.Pq Vt str 1487Additional flags to pass to 1488.Xr pppoed 8 . 1489.It Va pppoed_interface 1490.Pq Vt str 1491The network interface to run 1492.Xr pppoed 8 1493on. 1494This is mandatory when 1495.Va pppoed_enable 1496is set to 1497.Dq Li YES . 1498.It Va timed_enable 1499.Pq Vt bool 1500If set to 1501.Dq Li YES , 1502run the 1503.Xr timed 8 1504service at boot time. 1505This command is intended for networks of 1506machines where a consistent 1507.Dq "network time" 1508for all hosts must be established. 1509This is often useful in large NFS 1510environments where time stamps on files are expected to be consistent 1511network-wide. 1512.It Va timed_flags 1513.Pq Vt str 1514If 1515.Va timed_enable 1516is set to 1517.Dq Li YES , 1518these are the flags to pass to the 1519.Xr timed 8 1520service. 1521.It Va ntpdate_enable 1522.Pq Vt bool 1523If set to 1524.Dq Li YES , 1525run 1526.Xr ntpdate 8 1527at system startup. 1528This command is intended to 1529synchronize the system clock only 1530.Em once 1531from some standard reference. 1532An option to set this up initially 1533(from a list of known servers) is also provided by the 1534.Xr sysinstall 8 1535program when the system is first installed. 1536.It Va ntpdate_hosts 1537.Pq Vt str 1538A whitespace-separated list of NTP servers to synchronize with at startup. 1539The default is to use the servers listed in 1540.Pa /etc/ntp.conf , 1541if that file exists. 1542.It Va ntpdate_program 1543.Pq Vt str 1544Path to 1545.Xr ntpdate 8 1546(default 1547.Pa /usr/sbin/ntpdate ) . 1548.It Va ntpdate_flags 1549.Pq Vt str 1550If 1551.Va ntpdate_enable 1552is set to 1553.Dq Li YES , 1554these are the flags to pass to the 1555.Xr ntpdate 8 1556command (typically a hostname). 1557.It Va ntpd_enable 1558.Pq Vt bool 1559If set to 1560.Dq Li YES , 1561run the 1562.Xr ntpd 8 1563command at boot time. 1564.It Va ntpd_program 1565.Pq Vt str 1566Path to 1567.Xr ntpd 8 1568(default 1569.Pa /usr/sbin/ntpd ) . 1570.It Va ntpd_flags 1571.Pq Vt str 1572If 1573.Va ntpd_enable 1574is set to 1575.Dq Li YES , 1576these are the flags to pass to the 1577.Xr ntpd 8 1578daemon. 1579.It Va nis_client_enable 1580.Pq Vt bool 1581If set to 1582.Dq Li YES , 1583run the 1584.Xr ypbind 8 1585service at system boot time. 1586.It Va nis_client_flags 1587.Pq Vt str 1588If 1589.Va nis_client_enable 1590is set to 1591.Dq Li YES , 1592these are the flags to pass to the 1593.Xr ypbind 8 1594service. 1595.It Va nis_ypset_enable 1596.Pq Vt bool 1597If set to 1598.Dq Li YES , 1599run the 1600.Xr ypset 8 1601daemon at system boot time. 1602.It Va nis_ypset_flags 1603.Pq Vt str 1604If 1605.Va nis_ypset_enable 1606is set to 1607.Dq Li YES , 1608these are the flags to pass to the 1609.Xr ypset 8 1610daemon. 1611.It Va nis_server_enable 1612.Pq Vt bool 1613If set to 1614.Dq Li YES , 1615run the 1616.Xr ypserv 8 1617daemon at system boot time. 1618.It Va nis_server_flags 1619.Pq Vt str 1620If 1621.Va nis_server_enable 1622is set to 1623.Dq Li YES , 1624these are the flags to pass to the 1625.Xr ypserv 8 1626daemon. 1627.It Va nis_ypxfrd_enable 1628.Pq Vt bool 1629If set to 1630.Dq Li YES , 1631run the 1632.Xr rpc.ypxfrd 8 1633daemon at system boot time. 1634.It Va nis_ypxfrd_flags 1635.Pq Vt str 1636If 1637.Va nis_ypxfrd_enable 1638is set to 1639.Dq Li YES , 1640these are the flags to pass to the 1641.Xr rpc.ypxfrd 8 1642daemon. 1643.It Va nis_yppasswdd_enable 1644.Pq Vt bool 1645If set to 1646.Dq Li YES , 1647run the 1648.Xr rpc.yppasswdd 8 1649daemon at system boot time. 1650.It Va nis_yppasswdd_flags 1651.Pq Vt str 1652If 1653.Va nis_yppasswdd_enable 1654is set to 1655.Dq Li YES , 1656these are the flags to pass to the 1657.Xr rpc.yppasswdd 8 1658daemon. 1659.It Va rpc_ypupdated_enable 1660.Pq Vt bool 1661If set to 1662.Dq Li YES , 1663run the 1664.Nm rpc.ypupdated 1665daemon at system boot time. 1666.It Va defaultrouter 1667.Pq Vt str 1668If not set to 1669.Dq Li NO , 1670create a default route to this host name or IP address 1671(use an IP address if this router is also required to get to the 1672name server!). 1673.It Va ipv6_defaultrouter 1674.Pq Vt str 1675The IPv6 equivalent of 1676.Va defaultrouter . 1677.It Va static_routes 1678.Pq Vt str 1679Set to the list of static routes that are to be added at system 1680boot time. 1681If not set to 1682.Dq Li NO 1683then for each whitespace separated 1684.Ar element 1685in the value, a 1686.Va route_ Ns Aq Ar element 1687variable is assumed to exist 1688whose contents will later be passed to a 1689.Dq Nm route Cm add 1690operation. 1691.It Va ipv6_static_routes 1692.Pq Vt str 1693The IPv6 equivalent of 1694.Va static_routes . 1695If not set to 1696.Dq Li NO 1697then for each whitespace separated 1698.Ar element 1699in the value, a 1700.Va ipv6_route_ Ns Aq Ar element 1701variable is assumed to exist 1702whose contents will later be passed to a 1703.Dq Nm route Cm add Fl inet6 1704operation. 1705.It Va natm_static_routes 1706.Pq Vt str 1707The 1708.Xr natmip 4 1709equivalent of 1710.Va static_routes . 1711If not empty then for each whitespace separated 1712.Ar element 1713in the value, a 1714.Va route_ Ns Aq Ar element 1715variable is assumed to exist whose contents will later be passed to a 1716.Dq Nm atmconfig Cm natm Cm add 1717operation. 1718.It Va gateway_enable 1719.Pq Vt bool 1720If set to 1721.Dq Li YES , 1722configure host to act as an IP router, e.g. to forward packets 1723between interfaces. 1724.It Va ipv6_gateway_enable 1725.Pq Vt bool 1726The IPv6 equivalent of 1727.Va gateway_enable . 1728.It Va router_enable 1729.Pq Vt bool 1730If set to 1731.Dq Li YES , 1732run a routing daemon of some sort, based on the 1733settings of 1734.Va router 1735and 1736.Va router_flags . 1737.It Va ipv6_router_enable 1738.Pq Vt bool 1739The IPv6 equivalent of 1740.Va router_enable . 1741If set to 1742.Dq Li YES , 1743run a routing daemon of some sort, based on the 1744settings of 1745.Va ipv6_router 1746and 1747.Va ipv6_router_flags . 1748.It Va router 1749.Pq Vt str 1750If 1751.Va router_enable 1752is set to 1753.Dq Li YES , 1754this is the name of the routing daemon to use. 1755.It Va ipv6_router 1756.Pq Vt str 1757The IPv6 equivalent of 1758.Va router . 1759.It Va router_flags 1760.Pq Vt str 1761If 1762.Va router_enable 1763is set to 1764.Dq Li YES , 1765these are the flags to pass to the routing daemon. 1766.It Va ipv6_router_flags 1767.Pq Vt str 1768The IPv6 equivalent of 1769.Va router_flags . 1770.It Va mrouted_enable 1771.Pq Vt bool 1772If set to 1773.Dq Li YES , 1774run the multicast routing daemon, 1775.Xr mrouted 8 . 1776.It Va mroute6d_enable 1777.Pq Vt bool 1778The IPv6 equivalent of 1779.Va mrouted_enable . 1780If set to 1781.Dq Li YES , 1782run the IPv6 multicast routing daemon. 1783Note that no IPv6 multicast routing daemon is included in the 1784.Fx 1785base system but 1786.Xr pim6dd 8 1787can be installed from the 1788.Fx 1789Ports Collection. 1790.It Va mrouted_flags 1791.Pq Vt str 1792If 1793.Va mrouted_enable 1794is set to 1795.Dq Li YES , 1796these are the flags to pass to the 1797.Xr mrouted 8 1798daemon. 1799.It Va mroute6d_flags 1800.Pq Vt str 1801The IPv6 equivalent of 1802.Va mrouted_flags . 1803If 1804.Va mroute6d_enable 1805is set to 1806.Dq Li YES , 1807these are the flags passed to the IPv6 multicast routing daemon. 1808.It Va mroute6d_program 1809.Pq Vt str 1810If 1811.Va mroute6d_enable 1812is set to 1813.Dq Li YES , 1814this is the path to the IPv6 multicast routing daemon. 1815.It Va rtadvd_enable 1816.Pq Vt bool 1817If set to 1818.Dq Li YES , 1819run the 1820.Xr rtadvd 8 1821daemon at boot time. 1822.Xr rtadvd 8 1823will only run if 1824.Va ipv6_gateway_enable 1825is also set to 1826.Dq Li YES . 1827The 1828.Xr rtadvd 8 1829utility sends router advertisement packets to the interfaces specified in 1830.Va rtadvd_interfaces 1831and should only be enabled with great care. 1832You may want to fine-tune 1833.Xr rtadvd.conf 5 . 1834.It Va rtadvd_interfaces 1835.Pq Vt str 1836If 1837.Va rtadvd_enable 1838is set to 1839.Dq Li YES 1840this is the list of interfaces to use. 1841.It Va ipxgateway_enable 1842.Pq Vt bool 1843If set to 1844.Dq Li YES , 1845enable the routing of IPX traffic. 1846.It Va ipxrouted_enable 1847.Pq Vt bool 1848If set to 1849.Dq Li YES , 1850run the 1851.Xr IPXrouted 8 1852daemon at system boot time. 1853.It Va ipxrouted_flags 1854.Pq Vt str 1855If 1856.Va ipxrouted_enable 1857is set to 1858.Dq Li YES , 1859these are the flags to pass to the 1860.Xr IPXrouted 8 1861daemon. 1862.It Va arpproxy_all 1863.Pq Vt bool 1864If set to 1865.Dq Li YES , 1866enable global proxy ARP. 1867.It Va forward_sourceroute 1868.Pq Vt bool 1869If set to 1870.Dq Li YES 1871and 1872.Va gateway_enable 1873is also set to 1874.Dq Li YES , 1875source-routed packets are forwarded. 1876.It Va accept_sourceroute 1877.Pq Vt bool 1878If set to 1879.Dq Li YES , 1880the system will accept source-routed packets directed at it. 1881.It Va rarpd_enable 1882.Pq Vt bool 1883If set to 1884.Dq Li YES , 1885run the 1886.Xr rarpd 8 1887daemon at system boot time. 1888.It Va rarpd_flags 1889.Pq Vt str 1890If 1891.Va rarpd_enable 1892is set to 1893.Dq Li YES , 1894these are the flags to pass to the 1895.Xr rarpd 8 1896daemon. 1897.It Va bootparamd_enable 1898.Pq Vt bool 1899If set to 1900.Dq Li YES , 1901run the 1902.Xr bootparamd 8 1903daemon at system boot time. 1904.It Va bootparamd_flags 1905.Pq Vt str 1906If 1907.Va bootparamd_enable 1908is set to 1909.Dq Li YES , 1910these are the flags to pass to the 1911.Xr bootparamd 8 1912daemon. 1913.It Va stf_interface_ipv4addr 1914.Pq Vt str 1915If not set to 1916.Dq Li NO , 1917this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 1918interface). 1919Specify this entry to enable the 6to4 interface. 1920.It Va stf_interface_ipv4plen 1921.Pq Vt int 1922Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1923An effective value is 0-31. 1924.It Va stf_interface_ipv6_ifid 1925.Pq Vt str 1926IPv6 interface ID for 1927.Xr stf 4 . 1928This can be set to 1929.Dq Li AUTO . 1930.It Va stf_interface_ipv6_slaid 1931.Pq Vt str 1932IPv6 Site Level Aggregator for 1933.Xr stf 4 . 1934.It Va ipv6_faith_prefix 1935.Pq Vt str 1936If not set to 1937.Dq Li NO , 1938this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 1939translator. 1940You also need 1941.Xr faithd 8 1942setup. 1943.It Va ipv6_ipv4mapping 1944.Pq Vt bool 1945If set to 1946.Dq Li YES 1947this enables IPv4 mapped IPv6 address communication (like 1948.Li ::ffff:a.b.c.d ) . 1949.It Va atm_enable 1950.Pq Vt bool 1951Set to 1952.Dq Li YES 1953to enable the configuration of ATM interfaces at system boot time. 1954For all of the ATM variables described below, please refer to the 1955.Xr atm 8 1956man page for further details on the available command parameters. 1957Also refer to the files in 1958.Pa /usr/share/examples/atm 1959for more detailed configuration information. 1960.It Va atm_load 1961.Pq Vt str 1962This is a list of physical ATM interface drivers to load. Typical values are 1963.Dq Li hfa_pci 1964and/or 1965.Dq Li hea_pci . 1966.It Va atm_netif_ Ns Aq Ar intf 1967.Pq Vt str 1968For the ATM physical interface 1969.Ar intf , 1970this variable defines the name prefix and count for the ATM network 1971interfaces to be created. 1972The value will be passed as the parameters of an 1973.Dq Nm atm Cm "set netif" Ar intf 1974command. 1975.It Va atm_sigmgr_ Ns Aq Ar intf 1976.Pq Vt str 1977For the ATM physical interface 1978.Ar intf , 1979this variable defines the ATM signalling manager to be used. 1980The value will be passed as the parameters of an 1981.Dq Nm atm Cm attach Ar intf 1982command. 1983.It Va atm_prefix_ Ns Aq Ar intf 1984.Pq Vt str 1985For the ATM physical interface 1986.Ar intf , 1987this variable defines the NSAP prefix for interfaces using a UNI signalling 1988manager. 1989If set to 1990.Dq Li ILMI , 1991the prefix will automatically be set via the 1992.Xr ilmid 8 1993daemon. 1994Otherwise, the value will be passed as the parameters of an 1995.Dq Nm atm Cm "set prefix" Ar intf 1996command. 1997.It Va atm_macaddr_ Ns Aq Ar intf 1998.Pq Vt str 1999For the ATM physical interface 2000.Ar intf , 2001this variable defines the MAC address for interfaces using a UNI signalling 2002manager. 2003If set to 2004.Dq Li NO , 2005the hardware MAC address contained in the ATM interface card will be used. 2006Otherwise, the value will be passed as the parameters of an 2007.Dq Nm atm Cm "set mac" Ar intf 2008command. 2009.It Va atm_arpserver_ Ns Aq Ar netif 2010.Pq Vt str 2011For the ATM network interface 2012.Ar netif , 2013this variable defines the ATM address for a host which is to provide ATMARP 2014service. 2015This variable is only applicable to interfaces using a UNI signalling 2016manager. 2017If set to 2018.Dq Li local , 2019this host will become an ATMARP server. 2020The value will be passed as the parameters of an 2021.Dq Nm atm Cm "set arpserver" Ar netif 2022command. 2023.It Va atm_scsparp_ Ns Aq Ar netif 2024.Pq Vt bool 2025If set to 2026.Dq Li YES , 2027SCSP/ATMARP service for the network interface 2028.Ar netif 2029will be initiated using the 2030.Xr scspd 8 2031and 2032.Xr atmarpd 8 2033daemons. 2034This variable is only applicable if 2035.Va atm_arpserver_ Ns Aq Ar netif 2036is set to 2037.Dq Li local . 2038.It Va atm_pvcs 2039.Pq Vt str 2040Set to the list of ATM PVCs to be added at system 2041boot time. 2042For each whitespace separated 2043.Ar element 2044in the value, an 2045.Va atm_pvc_ Ns Aq Ar element 2046variable is assumed to exist. 2047The value of each of these variables 2048will be passed as the parameters of an 2049.Dq Nm atm Cm "add pvc" 2050command. 2051.It Va atm_arps 2052.Pq Vt str 2053Set to the list of permanent ATM ARP entries to be added 2054at system boot time. 2055For each whitespace separated 2056.Ar element 2057in the value, an 2058.Va atm_arp_ Ns Aq Ar element 2059variable is assumed to exist. 2060The value of each of these variables 2061will be passed as the parameters of an 2062.Dq Nm atm Cm "add arp" 2063command. 2064.It Va natm_interfaces 2065.Pq Vt str 2066Set to the list of 2067.Xr natm 4 2068interfaces that will also be used for HARP through 2069.Xr harp 4 . 2070If this list is not empty all interfaces in the list will be brought up 2071with 2072.Xr ifconfig 8 2073and 2074.Xr harp 4 2075will be loaded. 2076For this to work the interface drivers must be either compiled into the 2077kernel or must reside on the root partition. 2078.It Va keybell 2079.Pq Vt str 2080The keyboard bell sound. 2081Set to 2082.Dq Li normal , 2083.Dq Li visual , 2084.Dq Li off , 2085or 2086.Dq Li NO 2087if the default behavior is desired. 2088For details, refer to the 2089.Xr kbdcontrol 1 2090manpage. 2091.It Va keymap 2092.Pq Vt str 2093If set to 2094.Dq Li NO , 2095no keymap is installed, otherwise the value is used to install 2096the keymap file in 2097.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2098.It Va keyrate 2099.Pq Vt str 2100The keyboard repeat speed. 2101Set to 2102.Dq Li slow , 2103.Dq Li normal , 2104.Dq Li fast , 2105or 2106.Dq Li NO 2107if the default behavior is desired. 2108.It Va keychange 2109.Pq Vt str 2110If not set to 2111.Dq Li NO , 2112attempt to program the function keys with the value. 2113The value should 2114be a single string of the form: 2115.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2116.It Va cursor 2117.Pq Vt str 2118Can be set to the value of 2119.Dq Li normal , 2120.Dq Li blink , 2121.Dq Li destructive , 2122or 2123.Dq Li NO 2124to set the cursor behavior explicitly or choose the default behavior. 2125.It Va scrnmap 2126.Pq Vt str 2127If set to 2128.Dq Li NO , 2129no screen map is installed, otherwise the value is used to install 2130the screen map file in 2131.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2132.It Va font8x16 2133.Pq Vt str 2134If set to 2135.Dq Li NO , 2136the default 8x16 font value is used for screen size requests, otherwise 2137the value in 2138.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2139is used. 2140.It Va font8x14 2141.Pq Vt str 2142If set to 2143.Dq Li NO , 2144the default 8x14 font value is used for screen size requests, otherwise 2145the value in 2146.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2147is used. 2148.It Va font8x8 2149.Pq Vt str 2150If set to 2151.Dq Li NO , 2152the default 8x8 font value is used for screen size requests, otherwise 2153the value in 2154.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2155is used. 2156.It Va blanktime 2157.Pq Vt int 2158If set to 2159.Dq Li NO , 2160the default screen blanking interval is used, otherwise it is set 2161to 2162.Ar value 2163seconds. 2164.It Va saver 2165.Pq Vt str 2166If not set to 2167.Dq Li NO , 2168this is the actual screen saver to use 2169.Li ( blank , snake , daemon , 2170etc). 2171.It Va moused_enable 2172.Pq Vt str 2173If set to 2174.Dq Li YES , 2175the 2176.Xr moused 8 2177daemon is started for doing cut/paste selection on the console. 2178.It Va moused_type 2179.Pq Vt str 2180This is the protocol type of the mouse connected to this host. 2181This variable must be set if 2182.Va moused_enable 2183is set to 2184.Dq Li YES . 2185The 2186.Xr moused 8 2187daemon 2188is able to detect the appropriate mouse type automatically in many cases. 2189Set this variable to 2190.Dq Li auto 2191to let the daemon detect it, or 2192select one from the following list if the automatic detection fails. 2193.Pp 2194If the mouse is attached to the PS/2 mouse port, choose 2195.Dq Li auto 2196or 2197.Dq Li ps/2 , 2198regardless of the brand and model of the mouse. 2199Likewise, if the 2200mouse is attached to the bus mouse port, choose 2201.Dq Li auto 2202or 2203.Dq Li busmouse . 2204All other protocols are for serial mice and will not work with 2205the PS/2 and bus mice. 2206If this is a USB mouse, 2207.Dq Li auto 2208is the only protocol type which will work. 2209.Pp 2210.Bl -tag -width ".Li x10mouseremote" -compact 2211.It Li microsoft 2212Microsoft mouse (serial) 2213.It Li intellimouse 2214Microsoft IntelliMouse (serial) 2215.It Li mousesystems 2216Mouse systems Corp. mouse (serial) 2217.It Li mmseries 2218MM Series mouse (serial) 2219.It Li logitech 2220Logitech mouse (serial) 2221.It Li busmouse 2222A bus mouse 2223.It Li mouseman 2224Logitech MouseMan and TrackMan (serial) 2225.It Li glidepoint 2226ALPS GlidePoint (serial) 2227.It Li thinkingmouse 2228Kensington ThinkingMouse (serial) 2229.It Li ps/2 2230PS/2 mouse 2231.It Li mmhittab 2232MM HitTablet (serial) 2233.It Li x10mouseremote 2234X10 MouseRemote (serial) 2235.It Li versapad 2236Interlink VersaPad (serial) 2237.El 2238.Pp 2239Even if the mouse is not in the above list, it may be compatible 2240with one in the list. 2241Refer to the man page for 2242.Xr moused 8 2243for compatibility information. 2244.Pp 2245It should also be noted that while this is enabled, any 2246other client of the mouse (such as an X server) should access 2247the mouse through the virtual mouse device, 2248.Pa /dev/sysmouse , 2249and configure it as a 2250.Dq Li sysmouse 2251type mouse, since all 2252mouse data is converted to this single canonical format when 2253using 2254.Xr moused 8 . 2255If the client program does not support the 2256.Dq Li sysmouse 2257type, 2258specify the 2259.Dq Li mousesystems 2260type. 2261It is the second preferred type. 2262.It Va moused_port 2263.Pq Vt str 2264If 2265.Va moused_enable 2266is set to 2267.Dq Li YES , 2268this is the actual port the mouse is on. 2269It might be 2270.Pa /dev/cuaa0 2271for a COM1 serial mouse, 2272.Pa /dev/psm0 2273for a PS/2 mouse or 2274.Pa /dev/mse0 2275for a bus mouse, for example. 2276.It Va moused_flags 2277.Pq Vt str 2278If 2279.Va moused_type 2280is set, these are the additional flags to pass to the 2281.Xr moused 8 2282daemon. 2283.It Va mousechar_start 2284.Pq Vt int 2285If set to 2286.Dq Li NO , 2287the default mouse cursor character range 2288.Li 0xd0 Ns - Ns Li 0xd3 2289is used, 2290otherwise the range start is set 2291to 2292.Ar value 2293character, see 2294.Xr vidcontrol 1 . 2295Use if the default range is occupied in the language code table. 2296.It Va allscreens_flags 2297.Pq Vt str 2298If set, 2299.Xr vidcontrol 1 2300is run with these options for each of the virtual terminals 2301.Pq Pa /dev/ttyv* . 2302For example, 2303.Dq Fl m Cm on 2304will enable the mouse pointer on all virtual terminals 2305if 2306.Va moused_enable 2307is set to 2308.Dq Li YES . 2309.It Va allscreens_kbdflags 2310.Pq Vt str 2311If set, 2312.Xr kbdcontrol 1 2313is run with these options for each of the virtual terminals 2314.Pq Pa /dev/ttyv* . 2315For example, 2316.Dq Fl h Li 200 2317will set the 2318.Xr syscons 4 2319scrollback (history) buffer to 200 lines. 2320.It Va cron_enable 2321.Pq Vt bool 2322If set to 2323.Dq Li YES , 2324run the 2325.Xr cron 8 2326daemon at system boot time. 2327.It Va cron_program 2328.Pq Vt str 2329Path to 2330.Xr cron 8 2331(default 2332.Pa /usr/sbin/cron ) . 2333.It Va cron_flags 2334.Pq Vt str 2335If 2336.Va cron_enable 2337is set to 2338.Dq Li YES , 2339these are the flags to pass to 2340.Xr cron 8 . 2341.It Va cron_dst 2342.Pq Vt bool 2343If set to 2344.Dq Li YES , 2345enable the special handling of transitions to and from the 2346Daylight Saving Time in 2347.Xr cron 8 2348(equivalent to using the flag 2349.Fl s ) . 2350.It Va lpd_program 2351.Pq Vt str 2352Path to 2353.Xr lpd 8 2354(default 2355.Pa /usr/sbin/lpd ) . 2356.It Va lpd_enable 2357.Pq Vt bool 2358If set to 2359.Dq Li YES , 2360run the 2361.Xr lpd 8 2362daemon at system boot time. 2363.It Va lpd_flags 2364.Pq Vt str 2365If 2366.Va lpd_enable 2367is set to 2368.Dq Li YES , 2369these are the flags to pass to the 2370.Xr lpd 8 2371daemon. 2372.It Va mta_start_script 2373.Pq Vt str 2374This variable specifies the full path to the script to run to start 2375a mail transfer agent. 2376The default is 2377.Pa /etc/rc.sendmail . 2378The 2379.Va sendmail_* 2380variables which 2381.Pa /etc/rc.sendmail 2382uses are documented in the 2383.Xr rc.sendmail 8 2384man page. 2385.It Va dumpdev 2386.Pq Vt str 2387Indicates the device (usually a swap partition) to which a crash dump 2388should be written in the event of a system crash. 2389The value of this variable is passed as the argument to 2390.Xr dumpon 8 . 2391To disable crash dumps, set this variable to 2392.Dq Li NO . 2393.It Va dumpdir 2394.Pq Vt str 2395When the system reboots after a crash and a crash dump is found on the 2396device specified by the 2397.Va dumpdev 2398variable, 2399.Xr savecore 8 2400will save that crash dump and a copy of the kernel to the directory 2401specified by the 2402.Va dumpdir 2403variable. 2404The default value is 2405.Pa /var/crash . 2406Set to 2407.Dq Li NO 2408to not run 2409.Xr savecore 8 2410at boot time when 2411.Va dumpdir 2412is set. 2413.It Va savecore_flags 2414.Pq Vt str 2415If crash dumps are enabled, these are the flags to pass to the 2416.Xr savecore 8 2417utility. 2418.It Va enable_quotas 2419.Pq Vt bool 2420Set to 2421.Dq Li YES 2422to turn on user disk quotas on system startup via the 2423.Xr quotaon 8 2424command. 2425.It Va check_quotas 2426.Pq Vt bool 2427Set to 2428.Dq Li YES 2429to enable user disk quota checking via the 2430.Xr quotacheck 8 2431command. 2432.It Va accounting_enable 2433.Pq Vt bool 2434Set to 2435.Dq Li YES 2436to enable system accounting through the 2437.Xr accton 8 2438facility. 2439.It Va ibcs2_enable 2440.Pq Vt bool 2441Set to 2442.Dq Li YES 2443to enable iBCS2 (SCO) binary emulation at system initial boot 2444time. 2445.It Va ibcs2_loaders 2446.Pq Vt str 2447If not set to 2448.Dq Li NO 2449and if 2450.Va ibcs2_enable 2451is set to 2452.Dq Li YES , 2453this specifies a list of additional iBCS2 loaders to enable. 2454.It Va linux_enable 2455.Pq Vt bool 2456Set to 2457.Dq Li YES 2458to enable Linux/ELF binary emulation at system initial 2459boot time. 2460.It Va osf1_enable 2461.Pq Vt bool 2462Set to 2463.Dq Li YES 2464to enable OSF/1 (Digital UNIX) binary emulation at system 2465initial boot time. 2466(alpha) 2467.It Va svr4_enable 2468.Pq Vt bool 2469If set to 2470.Dq Li YES , 2471enable SysVR4 emulation at boot time. 2472.It Va sysvipc_enable 2473.Pq Vt bool 2474If set to 2475.Dq Li YES , 2476load System V IPC primitives at boot time. 2477.It Va clear_tmp_enable 2478.Pq Vt bool 2479Set to 2480.Dq Li YES 2481to have 2482.Pa /tmp 2483cleaned at startup. 2484.It Va ldconfig_paths 2485.Pq Vt str 2486Set to the list of shared library paths to use with 2487.Xr ldconfig 8 . 2488NOTE: 2489.Pa /usr/lib 2490will always be added first, so it need not appear in this list. 2491.It Va ldconfig_paths_aout 2492.Pq Vt str 2493Set to the list of shared library paths to use with 2494.Xr ldconfig 8 2495legacy 2496.Xr a.out 5 2497support. 2498.It Va ldconfig_insecure 2499.Pq Vt bool 2500The 2501.Xr ldconfig 8 2502utility normally refuses to use directories 2503which are writable by anyone except root. 2504Set this variable to 2505.Dq Li YES 2506to disable that security check during system startup. 2507.It Va kern_securelevel_enable 2508.Pq Vt bool 2509Set to 2510.Dq Li YES 2511to set the kernel security level at system startup. 2512.It Va kern_securelevel 2513.Pq Vt int 2514The kernel security level to set at startup. 2515The allowed range of 2516.Ar value 2517ranges from \-1 (the compile time default) to 3 (the 2518most secure). 2519See 2520.Xr init 8 2521for the list of possible security levels and their effect 2522on system operation. 2523.It Va lomac_enable 2524.Pq Vt bool 2525Set to 2526.Dq Li YES 2527to enable Low Watermark Mandatory Access Control (LOMAC) at boot time. 2528This security model enforces integrity constraints for system processes; 2529see 2530.Xr lomac 4 2531for a complete description of the LOMAC model, as well as its impact 2532on system operation. 2533.It Va start_vinum 2534.Pq Vt bool 2535Set to 2536.Dq Li YES 2537to start 2538.Xr vinum 8 2539at system boot time. 2540.It Va sshd_program 2541.Pq Vt str 2542Path to the SSH server program 2543.Pa ( /usr/sbin/sshd 2544is the default). 2545.It Va sshd_enable 2546.Pq Vt bool 2547Set to 2548.Dq Li YES 2549to start 2550.Xr sshd 8 2551at system boot time. 2552.It Va sshd_flags 2553.Pq Vt str 2554If 2555.Va sshd_enable 2556is set to 2557.Dq Li YES , 2558these are the flags to pass to the 2559.Xr sshd 8 2560daemon. 2561.It Va usbd_enable 2562.Pq Vt bool 2563If set to 2564.Dq Li YES , 2565run the 2566.Xr usbd 8 2567daemon at boot time. 2568.It Va usbd_flags 2569.Pq Vt str 2570If 2571.Va usbd_enable 2572is set to 2573.Dq Li YES , 2574these are the flags passed to the 2575.Xr usbd 8 2576daemon. 2577.It Va watchdogd_enable 2578.Pq Vt bool 2579If set to 2580.Dq Li YES , 2581start the 2582.Xr watchdogd 8 2583daemon at boot time. 2584This requires that the kernel have been compiled with a 2585.Xr watchdog 4 2586compatible device. 2587.It Va watchdogd_flags 2588.Pq Vt str 2589If 2590.Va watchdogd_enable 2591is set to 2592.Dq Li YES , 2593these are the flags passed to the 2594.Xr watchdogd 8 2595daemon. 2596.It Va jail_enable 2597.Pq Vt bool 2598If set to 2599.Dq Li NO , 2600any configured jails will not be started. 2601.It Va jail_list 2602.Pq Vt str 2603A space separated list of names for jails. 2604This is purely a configuration aid to help identify and 2605configure multiple jails. 2606The names specified in this list will be used to 2607identify settings common to an instance of a jail. 2608Assuming that the jail in question was named 2609.Li vjail , 2610you would have the following dependant variables: 2611.Bd -literal 2612jail_vjail_hostname="jail.example.com" 2613jail_vjail_ip="192.168.1.100" 2614jail_vjail_rootdir="/var/jails/vjail/root" 2615jail_vjail_exec="/bin/sh /etc/rc" 2616.Ed 2617.Pp 2618The last one is optional. 2619It defaults to 2620.Pa /etc/rc 2621if it is not set. 2622.It Va jail_set_hostname_allow 2623.Pq Vt bool 2624If set to 2625.Dq Li NO , 2626do not allow the root user in a jail to set its hostname. 2627.It Va jail_socket_unixiproute_only 2628.Pq Vt bool 2629If set to 2630.Dq Li NO , 2631do not allow any protocol, 2632besides TCP/IP, 2633to be used within a jail. 2634.It Va jail_sysvipc_allow 2635.Pq Vt bool 2636If set to 2637.Dq Li YES , 2638allow applications within a jail to use System V IPC. 2639.It Va unaligned_print 2640.Pq Vt bool 2641If set to 2642.Dq Li NO , 2643unaligned access warnings will not be printed. 2644(alpha) 2645.\" ----- isdn settings --------------------------------- 2646.It Va isdn_enable 2647.Pq Vt bool 2648Set to 2649.Dq Li NO 2650by default. 2651When set to 2652.Dq Li YES , 2653starts the 2654.Xr isdnd 8 2655daemon 2656at system boot time. 2657.It Va isdn_flags 2658.Pq Vt str 2659Set to 2660.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2661by default. 2662Additional flags to pass to 2663.Xr isdnd 8 2664(but see 2665.Va isdn_fsdev 2666and 2667.Va isdn_ttype 2668for certain tunable parameters). 2669.It Va isdn_ttype 2670.Pq Vt str 2671Set to 2672.Dq Li cons25 2673by default. 2674The terminal type of the output device when 2675.Xr isdnd 8 2676operates in full-screen mode. 2677.It Va isdn_screenflags 2678.Pq Vt str 2679Set to 2680.Dq Li NO 2681by default. 2682The video mode for full-screen mode (only for 2683.Xr syscons 4 2684console driver, see 2685.Xr vidcontrol 1 2686for valid modes). 2687.It Va isdn_fsdev 2688.Pq Vt str 2689Set to 2690.Dq Li NO 2691by default. 2692The output device for 2693.Xr isdnd 8 2694in full-screen mode (or 2695.Dq Li NO 2696for daemon mode). 2697.It Va isdn_trace 2698.Pq Vt bool 2699Set to 2700.Dq Li NO 2701by default. 2702When set to 2703.Dq Li YES , 2704enables the ISDN protocol trace utility 2705.Xr isdntrace 8 2706at system boot time. 2707.It Va isdn_traceflags 2708.Pq Vt str 2709Set to 2710.Dq Fl f Pa /var/tmp/isdntrace0 2711by default. 2712Flags for 2713.Xr isdntrace 8 . 2714.\" ----------------------------------------------------- 2715.It Va pcvt_verbose 2716.Pq Vt bool 2717Set to 2718.Dq Li NO 2719by default. 2720When set to 2721.Dq Li YES , 2722verbose messages about the actions done by the start script are displayed. 2723.Em Note : 2724the 2725.Xr pcvt 4 2726driver must be compiled into the kernel before the 2727.Xr pcvt 4 2728related 2729options described here take any effect. 2730.It Va pcvt_keymap 2731.Pq Vt str 2732Set to 2733.Dq Li NO 2734by default. 2735Use this to configure a national keyboard mapping found in the 2736.Pa /usr/share/misc/keycap.pcvt 2737file of keyboard mappings. 2738(See also the manual pages 2739.Xr keycap 5 2740and 2741.Xr keycap 3 2742for usage of 2743.Xr pcvt 4 Ns 's 2744keycap database and the manual page 2745.Xr kcon 1 2746option 2747.Fl m 2748for national keyboard mapping configuration.) 2749.It Va pcvt_keydel 2750.Pq Vt int 2751Set to 2752.Dq Li NO 2753by default. 2754Used to set the keyboard key repeat delay value. 2755Valid values are 2756in the range 0..3 for delay values of 250, 500, 750 and 1000 msec. 2757(See also the 2758.Xr kcon 1 2759manual page.) 2760.It Va pcvt_keyrate 2761.Pq Vt int 2762Set to 2763.Dq Li NO 2764by default. 2765Used to set the keyboard key repetition rate value. 2766Valid values are 2767in the range 0..31 for repetition values of 2..30 characters per second. 2768.It Va pcvt_keyrepeat 2769.Pq Vt bool 2770Set to 2771.Dq Li NO 2772by default. 2773Set to 2774.Dq Li YES 2775to enable automatic keyboard key repeating. 2776.It Va pcvt_force24 2777.Pq Vt bool 2778Set to 2779.Dq Li NO 2780by default. 2781Set to 2782.Dq Li YES 2783to force 2784.Xr pcvt 4 2785to use 24 lines only (in 25 lines mode) for compatibility 2786with the original 2787.Tn VT220 2788terminal. 2789.It Va pcvt_hpext 2790.Pq Vt bool 2791Set to 2792.Dq Li NO 2793by default. 2794Set to 2795.Dq Li YES 2796to enable the display and functionality of function key labels (as found 2797on 2798.Tn Hewlett-Packard 2799terminals such as the 2800.Tn HP2392A 2801and the 2802.Tn HP700/92 2803in 2804.Tn ANSI 2805mode). 2806.It Va pcvt_lines 2807.Pq Vt int 2808Set to 2809.Dq Li NO 2810by default resulting in a value of 25. 2811Used to set the number of lines on the screen. 2812For VGA displays, valid 2813values are 25, 28, 40 and 50 lines. 2814(See also the 2815.Xr scon 1 2816manual page.) 2817.It Va pcvt_blanktime 2818.Pq Vt int 2819Set to 2820.Dq Li NO 2821by default. 2822Used to set the screen saver timeout in seconds for values greater than 2823zero. 2824.It Va pcvt_cursorh 2825.Pq Vt int 2826Set to 2827.Dq Li NO 2828by default. 2829Used to set the cursor top scanline. 2830(See also the 2831.Xr cursor 1 2832manual page.) 2833.It Va pcvt_cursorl 2834.Pq Vt int 2835Set to 2836.Dq Li NO 2837by default. 2838Used to set the cursor bottom scanline. 2839.It Va pcvt_monohigh 2840.Pq Vt bool 2841Set to 2842.Dq Li NO 2843by default. 2844Set to 2845.Dq Li YES 2846to set intensity to high on monochrome monitors. 2847(See also the 2848.Xr scon 1 2849manual page, option 2850.Fl p , 2851for more information on changing VGA palette 2852values.) 2853.It Va harvest_interrupt 2854.Pq Vt bool 2855Set to 2856.Dq Li YES 2857to use hardware interrupts as an entropy source. 2858Refer to 2859.Xr random 4 2860for more information. 2861.It Va harvest_ethernet 2862.Pq Vt bool 2863Set to 2864.Dq Li YES 2865to use LAN traffic as an entropy source. 2866Refer to 2867.Xr random 4 2868for more information. 2869.It Va harvest_p_to_p 2870.Pq Vt bool 2871Set to 2872.Dq Li YES 2873to use serial line traffic as an entropy source. 2874Refer to 2875.Xr random 4 2876for more information. 2877.It Va entropy_dir 2878.Pq Vt str 2879Set to 2880.Dq Li NO 2881to disable caching entropy via 2882.Xr cron 8 . 2883Otherwise set to the directory used to store entropy files in. 2884.It Va entropy_file 2885.Pq Vt str 2886Set to 2887.Dq Li NO 2888to disable caching entropy through reboots. 2889Otherwise set to the filename used to store cached entropy through 2890reboots. 2891This file should be located on the root file system to seed the 2892.Xr random 4 2893device as early as possible in the boot process. 2894.It Va entropy_save_sz 2895.Pq Vt int 2896Size of the entropy cache files saved by 2897.Nm save-entropy 2898periodically. 2899.It Va entropy_save_num 2900.Pq Vt int 2901Number of entropy cache files to save by 2902.Nm save-entropy 2903periodically. 2904.It Va ipsec_enable 2905.Pq Vt bool 2906Set to 2907.Dq Li YES 2908to run 2909.Xr setkey 8 2910on 2911.Va ipsec_file 2912at boot time. 2913.It Va ipsec_file 2914.Pq Vt str 2915Configuration file for 2916.Xr setkey 8 . 2917.It Va dmesg_enable 2918.Pq Vt bool 2919Set to 2920.Dq Li YES 2921to save 2922.Xr dmesg 8 2923to 2924.Pa /var/run/dmesg.boot 2925on boot. 2926.It Va rcshutdown_timeout 2927.Pq Vt int 2928If set, start a watchdog timer in the background which will terminate 2929.Pa rc.shutdown 2930if 2931.Xr shutdown 8 2932has not completed within the specified time (in seconds). 2933.It Va virecover_enable 2934.Pq Vt bool 2935Set to 2936.Dq Li NO 2937to prevent the system from trying to 2938recover pre-maturely terminated 2939.Xr vi 1 2940sessions. 2941.It Va ramdisk_units 2942.Pq Vt str 2943A list of one or more ramdisk units to configure with 2944.Xr mdconfig 8 2945and 2946.Xr newfs 8 2947in time to be mounted from 2948.Xr fstab 5 . 2949Each listed unit 2950.Nm X 2951must specify at least a 2952.Ar type 2953in a 2954.Nm ramdisk_X_config 2955variable. 2956.It Va ramdisk_X_config 2957.Pq Vt str 2958Arguments to 2959.Xr mdconfig 8 2960for ramdisk 2961.Nm X . 2962At minimum a 2963.Fl Ar t type 2964must be specified, where 2965.Ar type 2966must be one of 2967.Nm malloc 2968or 2969.Nm swap . 2970.It Va ramdisk_X_newfs 2971.Pq Vt str 2972Optional arguments passed to 2973.Xr newfs 8 2974to initialize ramdisk 2975.Nm X . 2976.It Va ramdisk_X_owner 2977.Pq Vt str 2978An ownership specification passed to 2979.Xr chown 8 2980after the specified ramdisk unit 2981.Nm X 2982has been mounted. Both the md device and the mount point will be changed. 2983.It Va ramdisk_X_perms 2984.Pq Vt str 2985A mode string passed to 2986.Xr chmod 1 2987after the specified ramdisk unit 2988.Nm X 2989has been mounted. Both the md device and the mount point will be changed. 2990.El 2991.Sh FILES 2992.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 2993.It Pa /etc/defaults/rc.conf 2994.It Pa /etc/rc.conf 2995.It Pa /etc/rc.conf.local 2996.El 2997.Sh SEE ALSO 2998.Xr catman 1 , 2999.Xr chmod 1 , 3000.Xr gdb 1 , 3001.Xr info 1 , 3002.Xr kbdcontrol 1 , 3003.Xr makewhatis 1 , 3004.Xr vidcontrol 1 , 3005.Xr ip 4 , 3006.Xr kld 4 , 3007.Xr tcp 4 , 3008.Xr udp 4 , 3009.Xr exports 5 , 3010.Xr motd 5 , 3011.Xr newsyslog.conf 5 , 3012.Xr accton 8 , 3013.Xr amd 8 , 3014.Xr apm 8 , 3015.Xr atm 8 , 3016.Xr chown 8 , 3017.Xr cron 8 , 3018.Xr dhclient 8 , 3019.Xr ifconfig 8 , 3020.Xr inetd 8 , 3021.Xr isdnd 8 , 3022.Xr isdntrace 8 , 3023.Xr kldxref 8 , 3024.Xr lpd 8 , 3025.Xr mdconfig 8 , 3026.Xr mountd 8 , 3027.Xr moused 8 , 3028.Xr mrouted 8 , 3029.Xr named 8 , 3030.Xr newfs 8 , 3031.Xr nfsd 8 , 3032.Xr ntpd 8 , 3033.Xr ntpdate 8 , 3034.Xr pcnfsd 8 , 3035.Xr quotacheck 8 , 3036.Xr quotaon 8 , 3037.Xr rc 8 , 3038.Xr rc.sendmail 8 , 3039.Xr route 8 , 3040.Xr routed 8 , 3041.Xr rpc.lockd 8 , 3042.Xr rpc.statd 8 , 3043.Xr rpcbind 8 , 3044.Xr rwhod 8 , 3045.Xr savecore 8 , 3046.Xr sshd 8 , 3047.Xr swapon 8 , 3048.Xr sysctl 8 , 3049.Xr syslogd 8 , 3050.Xr timed 8 , 3051.Xr usbd 8 , 3052.Xr vi 1 , 3053.Xr vinum 8 , 3054.Xr yp 8 , 3055.Xr ypbind 8 , 3056.Xr ypserv 8 , 3057.Xr ypset 8 3058.Sh HISTORY 3059The 3060.Nm 3061file appeared in 3062.Fx 2.2.2 . 3063.Sh AUTHORS 3064.An Jordan K. Hubbard . 3065