1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd April 25, 2004 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67See the 68.Va rc_conf_files 69variable below. 70.Pp 71The following list provides a name and short description for each 72variable that can be set in the 73.Nm 74file: 75.Bl -tag -width indent-two 76.It Va rc_debug 77.Pq Vt bool 78If set to 79.Dq Li YES , 80enable output of debug messages from rc scripts. 81This variable can be helpful in diagnosing mistakes when 82editing or integrating new scripts. 83Beware that this produces copious output to the terminal and 84.Xr syslog 3 . 85.It Va rc_info 86.Pq Vt bool 87If set to 88.Dq Li NO , 89disable informational messages from the rc scripts. 90Informational messages are displayed when 91a condition that is not serious enough to warrant a warning or 92an error occurs. 93.It Va swapfile 94.Pq Vt str 95If set to 96.Dq Li NO , 97no swapfile is installed, otherwise the value is used as the full 98pathname to a file to use for additional swap space. 99.It Va apm_enable 100.Pq Vt bool 101If set to 102.Dq Li YES , 103enable support for Automatic Power Management with 104the 105.Xr apm 8 106command. 107.It Va apmd_enable 108.Pq Vt bool 109Run 110.Xr apmd 8 111to handle APM event from userland. 112This also enables support for APM. 113.It Va apmd_flags 114.Pq Vt str 115If 116.Va apmd_enable 117is set to 118.Dq Li YES , 119these are the flags to pass to the 120.Xr apmd 8 121daemon. 122.It Va devd_enable 123.Pq Vt bool 124Run 125.Xr devd 8 126to handle device added, removed or unknown events from the kernel. 127.It Va kldxref_enable 128.Pq Vt bool 129Set to 130.Dq Li NO 131by default. 132Set to 133.Dq Li YES 134to automatically rebuild 135.Pa linker.hints 136files with 137.Xr kldxref 8 138at boot time. 139.It Va kldxref_clobber 140.Pq Vt bool 141Set to 142.Dq Li NO 143by default. 144If 145.Va kldxref_enable 146is true, 147setting to 148.Dq Li YES 149will overwrite existing 150.Pa linker.hints 151files at boot time. 152Otherwise, 153only missing 154.Pa linker.hints 155files are generated. 156.It Va kldxref_module_path 157.Pq Vt str 158Empty by default. 159A semi-colon 160.Pq Ql \&; 161delimited list of paths containing 162.Xr kld 4 163modules. 164If empty, 165the contents of the 166.Va kern.module_path 167.Xr sysctl 8 168are used. 169.It Va pccard_enable 170.Pq Vt bool 171If set to 172.Dq Li YES , 173enable PCCARD support at boot time. 174.It Va pccard_mem 175.Pq Vt str 176Set to PCCARD controller memory address or 177.Dq Li DEFAULT 178for the default value. 179.It Va pccard_ifconfig 180.Pq Vt str 181List of arguments to be passed to 182.Xr ifconfig 8 183at boot time or on 184insertion of the card (e.g.\& 185.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 186for a fixed address or 187.Dq Li DHCP 188for a DHCP client). 189.It Va pccard_beep 190.Pq Vt int 191If 0, 192set the PCCARD controller to silent mode. 193If 1, 194set it to beep mode. 195If 2, 196set it to melody mode. 197.It Va pccard_conf 198.Pq Vt str 199Path to the configuration file for the 200.Xr pccardd 8 201daemon (e.g.\& 202.Pa /etc/pccard.conf.sample ) . 203.It Va pccardd_flags 204.Pq Vt str 205If 206.Va pccard_enable 207is set to 208.Dq Li YES , 209these are the flags to pass to the 210.Xr pccardd 8 211daemon. 212.It Va pccard_ether_delay 213.Pq Vt str 214Set the delay before starting 215.Xr dhclient 8 216in the 217.Pa /etc/pccard_ether 218script. 219This defaults to 5 seconds to work around a bug in the 220.Xr ed 4 221driver which can lead to system hangs when using some newer 222.Xr ed 4 223based cards. 224.It Va removable_interfaces 225.Pq Vt str 226List of removable network interfaces to be supported by 227.Pa /etc/pccard_ether . 228.It Va tmpmfs 229Controls the creation of a 230.Pa /tmp 231memory file system. 232Always happens if set to 233.Dq Li YES 234and never happens if set to 235.Dq Li NO . 236If set to anything else, a memory file system is created if 237.Pa /tmp 238is not writable. 239.It Va tmpsize 240Controls the size of a created 241.Pa /tmp 242memory file system. 243.It Va varmfs 244Controls the creation of a 245.Pa /var 246memory file system. 247Always happens if set to 248.Dq Li YES 249and never happens if set to 250.Dq Li NO . 251If set to anything else, a memory file system is created if 252.Pa /var 253is not writable. 254.It Va varsize 255Controls the size of a created 256.Pa /var 257memory file system. 258.It Va populate_var 259Controls the automatic population of the 260.Pa /var 261file system. 262Always happens if set to 263.Dq Li YES 264and never happens if set to 265.Dq Li NO . 266If set to anything else, a memory file system is created if 267.Pa /tmp 268is not writable. 269Note that this process requires access to certain commands in 270.Pa /usr 271before 272.Pa /usr 273is mounted on normal systems. 274.It Va local_startup 275.Pq Vt str 276List of directories to search for startup script files. 277.It Va script_name_sep 278.Pq Vt str 279The field separator to use for breaking down the list of startup script files 280into individual filenames. 281The default is a space. 282It is not necessary to change this unless there are startup scripts with names 283containing spaces. 284.It Va hostname 285.Pq Vt str 286The fully qualified domain name (FQDN) of this host on the network. 287This should almost certainly be set to something meaningful, even if 288there is no network connection. 289If 290.Xr dhclient 8 291is used to set the hostname via DHCP, 292this variable should be set to an empty string. 293.It Va ipv6_enable 294.Pq Vt bool 295Enable support for IPv6 networking. 296Note that this requires that the kernel have been compiled with 297.Cd "options INET6" . 298.It Va nisdomainname 299.Pq Vt str 300The NIS domain name of this host, or 301.Dq Li NO 302if NIS is not used. 303.It Va dhclient_program 304.Pq Vt str 305Path to the DHCP client program 306.Pa ( /sbin/dhclient , 307the ISC DHCP client, 308is the default). 309.It Va dhclient_flags 310.Pq Vt str 311Additional flags to pass to the DHCP client program. 312For the ISC DHCP client, see the 313.Xr dhclient 8 314manpage for a description of the command line options available. 315.It Va background_dhclient 316.Pq Vt bool 317Set to 318.Dq Li YES 319to start the dhcp client in background. 320This can cause trouble with applications depending on 321a working network, but it will provide a faster startup 322in many cases. 323.It Va firewall_enable 324.Pq Vt bool 325Set to 326.Dq Li YES 327to load firewall rules at startup. 328If the kernel was not built with 329.Cd "options IPFIREWALL" , 330the 331.Pa ipfw.ko 332kernel module will be loaded. 333See also 334.Va ipfilter_enable . 335.It Va ipv6_firewall_enable 336.Pq Vt bool 337The IPv6 equivalent of 338.Va firewall_enable . 339Set to 340.Dq Li YES 341to load IPv6 firewall rules at startup. 342If the kernel was not built with 343.Cd "options IPV6FIREWALL" , 344the 345.Pa ip6fw.ko 346kernel module will be loaded. 347.It Va firewall_script 348.Pq Vt str 349This variable specifies the full path to the firewall script to run. 350The default is 351.Pa /etc/rc.firewall . 352.It Va ipv6_firewall_script 353.Pq Vt str 354The IPv6 equivalent of 355.Va firewall_script . 356.It Va firewall_type 357.Pq Vt str 358Names the firewall type from the selection in 359.Pa /etc/rc.firewall , 360or the file which contains the local firewall ruleset. 361Valid selections from 362.Pa /etc/rc.firewall 363are: 364.Pp 365.Bl -tag -width ".Li simple" -compact 366.It Li open 367unrestricted IP access 368.It Li closed 369all IP services disabled, except via 370.Dq Li lo0 371.It Li client 372basic protection for a workstation 373.It Li simple 374basic protection for a LAN. 375.El 376.Pp 377If a filename is specified, the full path 378must be given. 379.It Va ipv6_firewall_type 380.Pq Vt str 381The IPv6 equivalent of 382.Va firewall_type . 383.It Va firewall_quiet 384.Pq Vt bool 385Set to 386.Dq Li YES 387to disable the display of firewall rules on the console during boot. 388.It Va ipv6_firewall_quiet 389.Pq Vt bool 390The IPv6 equivalent of 391.Va firewall_quiet . 392.It Va firewall_logging 393.Pq Vt bool 394Set to 395.Dq Li YES 396to enable firewall event logging. 397This is equivalent to the 398.Dv IPFIREWALL_VERBOSE 399kernel option. 400.It Va ipv6_firewall_logging 401.Pq Vt bool 402The IPv6 equivalent of 403.Va firewall_logging . 404.It Va firewall_flags 405.Pq Vt str 406Flags passed to 407.Xr ipfw 8 408if 409.Va firewall_type 410specifies a filename. 411.It Va ipv6_firewall_flags 412.Pq Vt str 413The IPv6 equivalent of 414.Va firewall_flags . 415.It Va natd_program 416.Pq Vt str 417Path to 418.Xr natd 8 . 419.It Va natd_enable 420.Pq Vt bool 421Set to 422.Dq Li YES 423to enable 424.Xr natd 8 . 425.Va firewall_enable 426must also be set to 427.Dq Li YES , 428and 429.Xr divert 4 430sockets must be enabled in the kernel. 431.It Va natd_interface 432.Pq Vt str 433This is the name of the public interface on which 434.Xr natd 8 435should run. 436The interface may be given as an interface name or as an IP address. 437.It Va natd_flags 438.Pq Vt str 439Additional 440.Xr natd 8 441flags should be placed here. 442The 443.Fl n 444or 445.Fl a 446flag is automatically added with the above 447.Va natd_interface 448as an argument. 449.\" ----- ipfilter_enable setting -------------------------------- 450.It Va ipfilter_enable 451.Pq Vt bool 452Set to 453.Dq Li NO 454by default. 455Setting this to 456.Dq Li YES 457enables 458.Xr ipf 8 459packet filtering. 460.Pp 461Typical usage will require putting 462.Bd -literal 463ipfilter_enable="YES" 464ipnat_enable="YES" 465ipmon_enable="YES" 466ipfs_enable="YES" 467.Ed 468.Pp 469into 470.Pa /etc/rc.conf 471and editing 472.Pa /etc/ipf.rules 473and 474.Pa /etc/ipnat.rules 475appropriately. 476.Pp 477Note that 478.Va ipfilter_enable 479and 480.Va ipnat_enable 481can be enabled independently. 482.Va ipmon_enable 483and 484.Va ipfs_enable 485both require at least one of 486.Va ipfilter_enable 487and 488.Va ipnat_enable 489to be enabled. 490.Pp 491Having 492.Bd -literal 493options IPFILTER 494options IPFILTER_LOG 495options IPFILTER_DEFAULT_BLOCK 496.Ed 497.Pp 498in the kernel configuration file is a good idea, too. 499.\" ----- ipfilter_program setting ------------------------------ 500.It Va ipfilter_program 501.Pq Vt str 502Path to 503.Xr ipf 8 504(default 505.Pa /sbin/ipf ) . 506.\" ----- ipfilter_rules setting -------------------------------- 507.It Va ipfilter_rules 508.Pq Vt str 509Set to 510.Pa /etc/ipf.rules 511by default. 512This variable contains the name of the filter rule definition file. 513The file is expected to be readable for the 514.Xr ipf 8 515command to execute. 516.\" ----- ipv6_ipfilter_rules setting --------------------------- 517.It Va ipv6_ipfilter_rules 518.Pq Vt str 519Set to 520.Pa /etc/ipf6.rules 521by default. 522This variable contains the IPv6 filter rule definition file. 523The file is expected to be readable for the 524.Xr ipf 8 525command to execute. 526.\" ----- ipfilter_flags setting -------------------------------- 527.It Va ipfilter_flags 528.Pq Vt str 529Empty by default. 530This variable contains flags passed to the 531.Xr ipf 8 532program. 533.\" ----- ipnat_enable setting ---------------------------------- 534.It Va ipnat_enable 535.Pq Vt bool 536Set to 537.Dq Li NO 538by default. 539Set it to 540.Dq Li YES 541to enable 542.Xr ipnat 1 543network address translation. 544See 545.Va ipfilter_enable 546for a detailed discussion. 547.\" ----- ipnat_program setting --------------------------------- 548.It Va ipnat_program 549.Pq Vt str 550Path to 551.Xr ipnat 1 552(default 553.Pa /sbin/ipnat ) . 554.\" ----- ipnat_rules setting ----------------------------------- 555.It Va ipnat_rules 556.Pq Vt str 557Set to 558.Pa /etc/ipnat.rules 559by default. 560This variable contains the name of the file 561holding the network address translation definition. 562This file is expected to be readable for the 563.Xr ipnat 1 564command to execute. 565.\" ----- ipnat_flags setting ----------------------------------- 566.It Va ipnat_flags 567.Pq Vt str 568Empty by default. 569This variable contains flags passed to the 570.Xr ipnat 1 571program. 572.\" ----- ipmon_enable setting ---------------------------------- 573.It Va ipmon_enable 574.Pq Vt bool 575Set to 576.Dq Li NO 577by default. 578Set it to 579.Dq Li YES 580to enable 581.Xr ipmon 8 582monitoring (logging 583.Xr ipf 8 584and 585.Xr ipnat 1 586events). 587Setting this variable needs setting 588.Va ipfilter_enable 589or 590.Va ipnat_enable 591too. 592See 593.Va ipfilter_enable 594for a detailed discussion. 595.\" ----- ipmon_program setting --------------------------------- 596.It Va ipmon_program 597.Pq Vt str 598Path to 599.Xr ipmon 8 600(default 601.Pa /sbin/ipmon ) . 602.\" ----- ipmon_flags setting ----------------------------------- 603.It Va ipmon_flags 604.Pq Vt str 605Set to 606.Dq Li -Ds 607by default. 608This variable contains flags passed to the 609.Xr ipmon 8 610program. 611Another typical example would be 612.Dq Fl D Pa /var/log/ipflog 613to have 614.Xr ipmon 8 615log directly to a file bypassing 616.Xr syslogd 8 . 617Make sure to adjust 618.Pa /etc/newsyslog.conf 619in such case like this: 620.Bd -literal 621/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 622.Ed 623.\" ----- ipfs_enable setting ----------------------------------- 624.It Va ipfs_enable 625.Pq Vt bool 626Set to 627.Dq Li NO 628by default. 629Set it to 630.Dq Li YES 631to enable 632.Xr ipfs 8 633saving the filter and NAT state tables during shutdown 634and reloading them during startup again. 635Setting this variable needs setting 636.Va ipfilter_enable 637or 638.Va ipnat_enable 639to 640.Dq Li YES 641too. 642See 643.Va ipfilter_enable 644for a detailed discussion. 645Note that if 646.Va kern_securelevel 647is set to 3, 648.Va ipfs_enable 649cannot be used 650because the raised securelevel will prevent 651.Xr ipfs 8 652from saving the state tables at shutdown time. 653.\" ----- ipfs_program setting ---------------------------------- 654.It Va ipfs_program 655.Pq Vt str 656Path to 657.Xr ipfs 8 658(default 659.Pa /sbin/ipfs ) . 660.\" ----- ipfs_flags setting ------------------------------------ 661.It Va ipfs_flags 662.Pq Vt str 663Empty by default. 664This variable contains flags passed to the 665.Xr ipfs 8 666program. 667.\" ----- end of added ipf hook --------------------------------- 668.It Va pf_enable 669.Pq Vt bool 670Set to 671.Dq Li NO 672by default. 673Setting this to 674.Dq Li YES 675enables 676.Xr pf 4 677packet filtering. 678.Pp 679Typical usage will require putting 680.Pp 681.Dl pf_enable="YES" 682.Pp 683into 684.Pa /etc/rc.conf 685and editing 686.Pa /etc/pf.conf 687appropriately. 688.Pp 689Having 690.Bd -literal -offset indent 691options PFIL_HOOKS 692options RANDOM_IP_ID 693.Ed 694.Pp 695in the kernel configuration file is required for use as a 696.Xr kld 4 697module. 698.Pp 699.Dl "device pf" 700.Pp 701builds it into the kernel. 702.It Va pf_rules 703.Pq Vt str 704Path to 705.Xr pf 4 706ruleset configuration file 707(default 708.Pa /etc/pf.conf ) . 709.It Va pf_program 710.Pq Vt str 711Path to 712.Xr pfctl 8 713(default 714.Pa /sbin/pfctl ) . 715.It Va pf_flags 716.Pq Vt str 717If 718.Va pf_enable 719is set to 720.Dq Li YES , 721these flags are passed to the 722.Xr pfctl 8 723program when loading the ruleset. 724.It Va pflog_enable 725.Pq Vt bool 726Set to 727.Dq Li NO 728by default. 729Setting this to 730.Dq Li YES 731enables 732.Xr pflogd 8 733which logs packtes from the 734.Xr pf 4 735packet filter. 736.It Va pflog_logfile 737.Pq Vt str 738If 739.Va pflog_enable 740is set to 741.Dq Li YES 742this controls where 743.Xr pflogd 8 744stores the logfile 745(default 746.Pa /var/log/pflog ) . 747Check 748.Pa /etc/newsyslog.conf 749to adjust logfile rotation for this. 750.It Va pflog_program 751.Pq Vt str 752Path to 753.Xr pflogd 8 754(default 755.Pa /sbin/pflogd ) . 756.It Va pflog_flags 757.Pq Vt str 758Empty by default. 759This variable contains additional flags passed to the 760.Xr pflogd 8 761program. 762.It Va tcp_extensions 763.Pq Vt bool 764Set to 765.Dq Li YES 766by default. 767Setting this to 768.Dq Li NO 769disables certain TCP options as described by 770.Rs 771.%T "RFC 1323" 772.Re 773Setting this to 774.Dq Li NO 775might help remedy such problems with connections as randomly hanging 776or other weird behavior. 777Some network devices are known 778to be broken with respect to these options. 779.It Va log_in_vain 780.Pq Vt int 781Set to 0 by default. 782The 783.Xr sysctl 8 784variables, 785.Va net.inet.tcp.log_in_vain 786and 787.Va net.inet.udp.log_in_vain , 788as described in 789.Xr tcp 4 790and 791.Xr udp 4 , 792are set to the given value. 793.It Va tcp_keepalive 794.Pq Vt bool 795Set to 796.Dq Li YES 797by default. 798Setting to 799.Dq Li NO 800will disable probing idle TCP connections to verify that the 801peer is still up and reachable. 802.It Va tcp_drop_synfin 803.Pq Vt bool 804Set to 805.Dq Li NO 806by default. 807Setting to 808.Dq Li YES 809will cause the kernel to ignore TCP frames that have both 810the SYN and FIN flags set. 811This prevents OS fingerprinting, but may 812break some legitimate applications. 813This option is only available if the 814kernel was built with the 815.Dv TCP_DROP_SYNFIN 816option. 817.It Va icmp_drop_redirect 818.Pq Vt bool 819Set to 820.Dq Li NO 821by default. 822Setting to 823.Dq Li YES 824will cause the kernel to ignore ICMP REDIRECT packets. 825Refer to 826.Xr icmp 4 827for more information. 828.It Va icmp_log_redirect 829.Pq Vt bool 830Set to 831.Dq Li NO 832by default. 833Setting to 834.Dq Li YES 835will cause the kernel to log ICMP REDIRECT packets. 836Note that 837the log messages are not rate-limited, so this option should only be used 838for troubleshooting networks. 839Refer to 840.Xr icmp 4 841for more information. 842.It Va icmp_bmcastecho 843.Pq Vt bool 844Set to 845.Dq Li YES 846to respond to broadcast or multicast ICMP ping packets. 847Refer to 848.Xr icmp 4 849for more information. 850.It Va ip_portrange_first 851.Pq Vt int 852If not set to 853.Dq Li NO , 854this is the first port in the default portrange. 855Refer to 856.Xr ip 4 857for more information. 858.It Va ip_portrange_last 859.Pq Vt int 860If not set to 861.Dq Li NO , 862this is the last port in the default portrange. 863Refer to 864.Xr ip 4 865for more information. 866.It Va network_interfaces 867.Pq Vt str 868Set to the list of network interfaces to configure on this host. 869For example, if the only network devices in the system are the loopback 870device 871.Pq Li lo0 872and a NIC using the 873.Xr ed 4 874driver, 875this could be set to 876.Dq Li "lo0 ed0" . 877An 878.Va ifconfig_ Ns Aq Ar interface 879variable is also assumed to exist for each value of 880.Ar interface . 881It is also possible to add IP alias entries here in cases where 882multiple IP addresses registered against a single interface 883are desired. 884Assuming that the interface in question was 885.Li ed0 , 886it might look 887something like this: 888.Bd -literal 889ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 890ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 891.Ed 892.Pp 893And so on. 894For each 895.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 896entry that is found, 897its contents are passed to 898.Xr ifconfig 8 . 899Execution stops at the first unsuccessful access, so if 900something like this is present: 901.Bd -literal 902ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 903ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 904ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 905ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 906.Ed 907.Pp 908Then note that alias4 would 909.Em not 910be added since the search would 911stop with the missing alias3 entry. 912.Pp 913If the 914.Pa /etc/start_if. Ns Aq Ar interface 915file is present, it is read and executed by the 916.Xr sh 1 917interpreter 918before configuring the interface as specified in the 919.Va ifconfig_ Ns Aq Ar interface 920and 921.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 922variables. 923.Pp 924It is possible to bring up an interface with DHCP by setting the 925.Va ifconfig_ Ns Aq Ar interface 926variable to 927.Dq Li DHCP . 928For instance, to initialize the 929.Li ed0 930device via DHCP, 931it is possible to use something like: 932.Bd -literal 933ifconfig_ed0="DHCP" 934.Ed 935.It Va ipv6_network_interfaces 936.Pq Vt str 937This is the IPv6 equivalent of 938.Va network_interfaces . 939Instead of setting the ifconfig variables as 940.Va ifconfig_ Ns Aq Ar interface 941they should be set as 942.Va ipv6_ifconfig_ Ns Aq Ar interface . 943Aliases should be set as 944.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 945.Va ipv6_prefix_ Ns Aq Ar interface 946does something. 947Interfaces that do not have a 948.Va ipv6_ifconfig_ Ns Aq Ar interface 949setting will be auto configured by 950.Xr rtsol 8 951if the 952.Va ipv6_gateway_enable 953is set to 954.Dq Li NO . 955Note that the IPv6 networking code does not support the 956.Pa /etc/start_if. Ns Aq Ar interface 957files. 958.It Va ipv6_default_interface 959.Pq Vt str 960If not set to 961.Dq Li NO , 962this is the default output interface for scoped addresses. 963Now this works only for IPv6 link local multicast addresses. 964.It Va cloned_interfaces 965.Pq Vt str 966Set to the list of clonable network interfaces to create on this host. 967Entries in 968.Va cloned_interfaces 969are automatically appended to 970.Va network_interfaces 971for configuration. 972.It Va gif_interfaces 973.Pq Vt str 974Set to the list of 975.Xr gif 4 976tunnel interfaces to configure on this host. 977A 978.Va gifconfig_ Ns Aq Ar interface 979variable is assumed to exist for each value of 980.Ar interface . 981The value of this variable is used to configure the link layer of the 982tunnel according to the syntax of the 983.Cm tunnel 984option to 985.Xr ifconfig 8 . 986Additionally, this option ensures that each listed interface is created 987via the 988.Cm create 989option to 990.Xr ifconfig 8 991before attempting to configure it. 992.It Va sppp_interfaces 993.Pq Vt str 994Set to the list of 995.Xr sppp 4 996interfaces to configure on this host. 997A 998.Va spppconfig_ Ns Aq Ar interface 999variable is assumed to exist for each value of 1000.Ar interface . 1001Each interface should also be configured by a general 1002.Va ifconfig_ Ns Aq Ar interface 1003setting. 1004Refer to 1005.Xr spppcontrol 8 1006for more information about available options. 1007.It Va ppp_enable 1008.Pq Vt bool 1009If set to 1010.Dq Li YES , 1011run the 1012.Xr ppp 8 1013daemon. 1014.It Va ppp_mode 1015.Pq Vt str 1016Mode in which to run the 1017.Xr ppp 8 1018daemon. 1019Accepted modes are 1020.Dq Li auto , 1021.Dq Li ddial , 1022.Dq Li direct 1023and 1024.Dq Li dedicated . 1025See the manual for a full description. 1026.It Va ppp_nat 1027.Pq Vt bool 1028If set to 1029.Dq Li YES , 1030enables network address translation. 1031Used in conjunction with 1032.Va gateway_enable 1033allows hosts on private network addresses access to the Internet using 1034this host as a network address translating router. 1035.It Va ppp_profile 1036.Pq Vt str 1037The name of the profile to use from 1038.Pa /etc/ppp/ppp.conf . 1039.It Va ppp_user 1040.Pq Vt str 1041The name of the user under which 1042.Xr ppp 8 1043should be started. 1044By 1045default, 1046.Xr ppp 8 1047is started as 1048.Dq Li root . 1049.It Va rc_conf_files 1050.Pq Vt str 1051This option is used to specify a list of files that will override 1052the settings in 1053.Pa /etc/defaults/rc.conf . 1054The files will be read in the order in which they are specified and should 1055include the full path to the file. 1056By default, the files specified are 1057.Pa /etc/rc.conf 1058and 1059.Pa /etc/rc.conf.local 1060.It Va gbde_autoattach_all 1061.Pq Vt bool 1062If set to 1063.Dq Li YES , 1064.Pa /etc/rc.d/gbde 1065will attempt to automatically initialize your .bde devices in 1066.Pa /etc/fstab . 1067.It Va gbde_devices 1068.Pq Vt str 1069List the devices that the script should try to attach, 1070or 1071.Dq Li AUTO . 1072.It Va gbde_swap_enable 1073.Pq Vt bool 1074If set to 1075.Dq Li YES , 1076any .bde swap devices listed in 1077.Pa /etc/fstab 1078will be initialized with a random, one-shot key. 1079Note that this makes recovery of kernel dumps impossible. 1080.It Va fsck_y_enable 1081.Pq Vt bool 1082If set to 1083.Dq Li YES , 1084.Xr fsck 8 1085will be run with the 1086.Fl y 1087flag if the initial preen 1088of the file systems fails. 1089.It Va background_fsck 1090.Pq Vt bool 1091If set to 1092.Dq Li YES , 1093the system will attempt to run 1094.Xr fsck 8 1095in the background where possible. 1096.It Va background_fsck_delay 1097.Pq Vt int 1098The amount of time in seconds to sleep before starting a background 1099.Xr fsck 8 . 1100It defaults to sixty seconds to allow large applications such as 1101the X server to start before disk I/O bandwidth is monopolized by 1102.Xr fsck 8 . 1103.It Va netfs_types 1104.Pq Vt str 1105List of file system types that are network-based. 1106This list should generally not be modified by end users. 1107Use 1108.Va extra_netfs_types 1109instead. 1110.It Va extra_netfs_types 1111.Pq Vt str 1112If set to something other than 1113.Dq Li NO 1114(the default), 1115this variable extends the list of file system types 1116for which automatic mounting at startup by 1117.Xr rc 8 1118should be delayed until the network is initialized. 1119It should contain 1120a whitespace-separated list of network file system descriptor pairs, 1121each consisting of a file system type as passed to 1122.Xr mount 8 1123and a human-readable, one-word description, 1124joined with a colon 1125.Pq Ql \&: . 1126Extending the default list in this way is only necessary 1127when third party file system types are used. 1128.It Va syslogd_enable 1129.Pq Vt bool 1130If set to 1131.Dq Li YES , 1132run the 1133.Xr syslogd 8 1134daemon. 1135.It Va syslogd_program 1136.Pq Vt str 1137Path to 1138.Xr syslogd 8 1139(default 1140.Pa /usr/sbin/syslogd ) . 1141.It Va syslogd_flags 1142.Pq Vt str 1143If 1144.Va syslogd_enable 1145is set to 1146.Dq Li YES , 1147these are the flags to pass to 1148.Xr syslogd 8 . 1149.It Va inetd_enable 1150.Pq Vt bool 1151If set to 1152.Dq Li YES , 1153run the 1154.Xr inetd 8 1155daemon. 1156.It Va inetd_program 1157.Pq Vt str 1158Path to 1159.Xr inetd 8 1160(default 1161.Pa /usr/sbin/inetd ) . 1162.It Va inetd_flags 1163.Pq Vt str 1164If 1165.Va inetd_enable 1166is set to 1167.Dq Li YES , 1168these are the flags to pass to 1169.Xr inetd 8 . 1170.It Va named_enable 1171.Pq Vt bool 1172If set to 1173.Dq Li YES , 1174run the 1175.Xr named 8 1176daemon. 1177.It Va named_program 1178.Pq Vt str 1179Path to 1180.Xr named 8 1181(default 1182.Pa /usr/sbin/named ) . 1183.It Va named_flags 1184.Pq Vt str 1185If 1186.Va named_enable 1187is set to 1188.Dq Li YES , 1189these are the flags to pass to 1190.Xr named 8 . 1191.It Va named_pidfile 1192.Pq Vt str 1193This is the default path to the 1194.Xr named 8 1195daemon's PID file. 1196Change it if you change the location in 1197.Xr named.conf 5 . 1198.It Va named_chrootdir 1199.Pq Vt str 1200The root directory for a name server run in a 1201.Xr chroot 8 1202environment. 1203If left empty 1204.Xr named 8 1205will not be run in a 1206.Xr chroot 8 1207environment. 1208This variable has no effect if 1209.Va named_rcng 1210is not enabled. 1211This variable is experimental. 1212It may be removed or changed in the near future. 1213.It Va named_chroot_autoupdate 1214.Pq Vt bool 1215Set to 1216.Dq Li NO 1217to disable automatic syncing of libraries and 1218other system files between the root file system and the 1219.Xr chroot 8 . 1220This variable has no effect if 1221.Va named_rcng 1222is not enabled. 1223This variable is experimental. 1224It may be removed or changed in the near future. 1225.It Va named_symlink_enable 1226.Pq Vt bool 1227Set to 1228.Dq Li NO 1229to disable symlinking of 1230.Va named_pidfile 1231and 1232.Pa /var/run/ndc 1233into the 1234.Xr chroot 8 1235environment in which 1236.Xr named 8 1237is running. 1238This variable has no effect if 1239.Va named_rcng 1240is not enabled. 1241This variable is experimental. 1242It may be removed or changed in the near future. 1243.It Va kerberos5_server_enable 1244.Pq Vt bool 1245Set to 1246.Dq Li YES 1247to start a Kerberos 5 authentication server 1248at boot time. 1249.It Va kerberos5_server 1250.Pq Vt str 1251If 1252.Va kerberos5_server_enable 1253is set to 1254.Dq Li YES 1255this is the path to Kerberos 5 Authentication Server. 1256.It Va kadmind5_server_enable 1257.Pq Vt bool 1258Set to 1259.Dq Li YES 1260to start 1261.Xr kadmind 8 , 1262the Kerberos 5 Administration Daemon; set to 1263.Dq Li NO 1264on a slave server. 1265.It Va kadmind5_server 1266.Pq Vt str 1267If 1268.Va kadmind5_server_enable 1269is set to 1270.Dq Li YES 1271this is the path to Kerberos 5 Administration Daemon. 1272.It Va kpasswdd_server_enable 1273.Pq Vt bool 1274Set to 1275.Dq Li YES 1276to start 1277.Xr kpasswdd 8 , 1278the Kerberos 5 Password-Changing Daemon; set to 1279.Dq Li NO 1280on a slave server. 1281.It Va kpasswdd_server 1282.Pq Vt str 1283If 1284.Va kpasswdd_server_enable 1285is set to 1286.Dq Li YES 1287this is the path to Kerberos 5 Password-Changing Daemon. 1288.It Va rwhod_enable 1289.Pq Vt bool 1290If set to 1291.Dq Li YES , 1292run the 1293.Xr rwhod 8 1294daemon at boot time. 1295.It Va rwhod_flags 1296.Pq Vt str 1297If 1298.Va rwhod_enable 1299is set to 1300.Dq Li YES , 1301these are the flags to pass to it. 1302.It Va amd_enable 1303.Pq Vt bool 1304If set to 1305.Dq Li YES , 1306run the 1307.Xr amd 8 1308daemon at boot time. 1309.It Va amd_flags 1310.Pq Vt str 1311If 1312.Va amd_enable 1313is set to 1314.Dq Li YES , 1315these are the flags to pass to it. 1316See the 1317.Xr amd 8 1318manpage for more information. 1319.It Va amd_map_program 1320.Pq Vt str 1321If set, 1322the specified program is run to get the list of 1323.Xr amd 8 1324maps. 1325For example, if the 1326.Xr amd 8 1327maps are stored in NIS, one can set this to 1328run 1329.Xr ypcat 1 1330to get a list of 1331.Xr amd 8 1332maps from the 1333.Pa amd.master 1334NIS map. 1335.It Va update_motd 1336.Pq Vt bool 1337If set to 1338.Dq Li YES , 1339.Pa /etc/motd 1340will be updated at boot time to reflect the kernel release 1341being run. 1342If set to 1343.Dq Li NO , 1344.Pa /etc/motd 1345will not be updated. 1346.It Va nfs_client_enable 1347.Pq Vt bool 1348If set to 1349.Dq Li YES , 1350run the NFS client daemons at boot time. 1351.It Va nfs_access_cache 1352.Pq Vt int 1353If 1354.Va nfs_client_enable 1355is set to 1356.Dq Li YES , 1357this can be set to 1358.Dq Li 0 1359to disable NFS ACCESS RPC caching, or to the number of seconds for which 1360NFS ACCESS 1361results should be cached. 1362A value of 2-10 seconds will substantially reduce network 1363traffic for many NFS operations. 1364.It Va nfs_server_enable 1365.Pq Vt bool 1366If set to 1367.Dq Li YES , 1368run the NFS server daemons at boot time. 1369.It Va nfs_server_flags 1370.Pq Vt str 1371If 1372.Va nfs_server_enable 1373is set to 1374.Dq Li YES , 1375these are the flags to pass to the 1376.Xr nfsd 8 1377daemon. 1378.It Va mountd_enable 1379.Pq Vt bool 1380If set to 1381.Dq Li YES , 1382and no 1383.Va nfs_server_enable 1384is set, start 1385.Xr mountd 8 , 1386but not 1387.Xr nfsd 8 1388daemon. 1389It is commonly needed to run CFS without real NFS used. 1390.It Va mountd_flags 1391.Pq Vt str 1392If 1393.Va mountd_enable 1394is set to 1395.Dq Li YES , 1396these are the flags to pass to the 1397.Xr mountd 8 1398daemon. 1399.It Va weak_mountd_authentication 1400.Pq Vt bool 1401If set to 1402.Dq Li YES , 1403allow services like PCNFSD to make non-privileged mount 1404requests. 1405.It Va nfs_reserved_port_only 1406.Pq Vt bool 1407If set to 1408.Dq Li YES , 1409provide NFS services only on a secure port. 1410.It Va nfs_bufpackets 1411.Pq Vt int 1412If set to a number, indicates the number of packets worth of 1413socket buffer space to reserve on an NFS client. 1414The kernel default is typically 4. 1415Using a higher number may be 1416useful on gigabit networks to improve performance. 1417The minimum value is 14182 and the maximum is 64. 1419.It Va rpc_lockd_enable 1420.Pq Vt bool 1421If set to 1422.Dq Li YES 1423and also an NFS server, run 1424.Xr rpc.lockd 8 1425at boot time. 1426.It Va rpc_statd_enable 1427.Pq Vt bool 1428If set to 1429.Dq Li YES 1430and also an NFS server, run 1431.Xr rpc.statd 8 1432at boot time. 1433.It Va rpcbind_program 1434.Pq Vt str 1435Path to 1436.Xr rpcbind 8 1437(default 1438.Pa /usr/sbin/rpcbind ) . 1439.It Va rpcbind_enable 1440.Pq Vt bool 1441If set to 1442.Dq Li YES , 1443run the 1444.Xr rpcbind 8 1445service at boot time. 1446.It Va rpcbind_flags 1447.Pq Vt str 1448If 1449.Va rpcbind_enable 1450is set to 1451.Dq Li YES , 1452these are the flags to pass to the 1453.Xr rpcbind 8 1454daemon. 1455.It Va keyserv_enable 1456.Pq Vt bool 1457If set to 1458.Dq Li YES , 1459run the 1460.Xr keyserv 8 1461daemon on boot for running Secure RPC. 1462.It Va keyserv_flags 1463.Pq Vt str 1464If 1465.Va keyserv_enable 1466is set to 1467.Dq Li YES , 1468these are the flags to pass to 1469.Xr keyserv 8 1470daemon. 1471.It Va pppoed_enable 1472.Pq Vt bool 1473If set to 1474.Dq Li YES , 1475run the 1476.Xr pppoed 8 1477daemon at boot time to provide PPP over Ethernet services. 1478.It Va pppoed_ Ns Ar provider 1479.Pq Vt str 1480.Xr pppoed 8 1481listens to requests to this 1482.Ar provider 1483and ultimately runs 1484.Xr ppp 8 1485with a 1486.Ar system 1487argument of the same name. 1488.It Va pppoed_flags 1489.Pq Vt str 1490Additional flags to pass to 1491.Xr pppoed 8 . 1492.It Va pppoed_interface 1493.Pq Vt str 1494The network interface to run 1495.Xr pppoed 8 1496on. 1497This is mandatory when 1498.Va pppoed_enable 1499is set to 1500.Dq Li YES . 1501.It Va timed_enable 1502.Pq Vt bool 1503If set to 1504.Dq Li YES , 1505run the 1506.Xr timed 8 1507service at boot time. 1508This command is intended for networks of 1509machines where a consistent 1510.Dq "network time" 1511for all hosts must be established. 1512This is often useful in large NFS 1513environments where time stamps on files are expected to be consistent 1514network-wide. 1515.It Va timed_flags 1516.Pq Vt str 1517If 1518.Va timed_enable 1519is set to 1520.Dq Li YES , 1521these are the flags to pass to the 1522.Xr timed 8 1523service. 1524.It Va ntpdate_enable 1525.Pq Vt bool 1526If set to 1527.Dq Li YES , 1528run 1529.Xr ntpdate 8 1530at system startup. 1531This command is intended to 1532synchronize the system clock only 1533.Em once 1534from some standard reference. 1535An option to set this up initially 1536(from a list of known servers) is also provided by the 1537.Xr sysinstall 8 1538program when the system is first installed. 1539.It Va ntpdate_hosts 1540.Pq Vt str 1541A whitespace-separated list of NTP servers to synchronize with at startup. 1542The default is to use the servers listed in 1543.Pa /etc/ntp.conf , 1544if that file exists. 1545.It Va ntpdate_program 1546.Pq Vt str 1547Path to 1548.Xr ntpdate 8 1549(default 1550.Pa /usr/sbin/ntpdate ) . 1551.It Va ntpdate_flags 1552.Pq Vt str 1553If 1554.Va ntpdate_enable 1555is set to 1556.Dq Li YES , 1557these are the flags to pass to the 1558.Xr ntpdate 8 1559command (typically a hostname). 1560.It Va ntpd_enable 1561.Pq Vt bool 1562If set to 1563.Dq Li YES , 1564run the 1565.Xr ntpd 8 1566command at boot time. 1567.It Va ntpd_program 1568.Pq Vt str 1569Path to 1570.Xr ntpd 8 1571(default 1572.Pa /usr/sbin/ntpd ) . 1573.It Va ntpd_flags 1574.Pq Vt str 1575If 1576.Va ntpd_enable 1577is set to 1578.Dq Li YES , 1579these are the flags to pass to the 1580.Xr ntpd 8 1581daemon. 1582.It Va nis_client_enable 1583.Pq Vt bool 1584If set to 1585.Dq Li YES , 1586run the 1587.Xr ypbind 8 1588service at system boot time. 1589.It Va nis_client_flags 1590.Pq Vt str 1591If 1592.Va nis_client_enable 1593is set to 1594.Dq Li YES , 1595these are the flags to pass to the 1596.Xr ypbind 8 1597service. 1598.It Va nis_ypset_enable 1599.Pq Vt bool 1600If set to 1601.Dq Li YES , 1602run the 1603.Xr ypset 8 1604daemon at system boot time. 1605.It Va nis_ypset_flags 1606.Pq Vt str 1607If 1608.Va nis_ypset_enable 1609is set to 1610.Dq Li YES , 1611these are the flags to pass to the 1612.Xr ypset 8 1613daemon. 1614.It Va nis_server_enable 1615.Pq Vt bool 1616If set to 1617.Dq Li YES , 1618run the 1619.Xr ypserv 8 1620daemon at system boot time. 1621.It Va nis_server_flags 1622.Pq Vt str 1623If 1624.Va nis_server_enable 1625is set to 1626.Dq Li YES , 1627these are the flags to pass to the 1628.Xr ypserv 8 1629daemon. 1630.It Va nis_ypxfrd_enable 1631.Pq Vt bool 1632If set to 1633.Dq Li YES , 1634run the 1635.Xr rpc.ypxfrd 8 1636daemon at system boot time. 1637.It Va nis_ypxfrd_flags 1638.Pq Vt str 1639If 1640.Va nis_ypxfrd_enable 1641is set to 1642.Dq Li YES , 1643these are the flags to pass to the 1644.Xr rpc.ypxfrd 8 1645daemon. 1646.It Va nis_yppasswdd_enable 1647.Pq Vt bool 1648If set to 1649.Dq Li YES , 1650run the 1651.Xr rpc.yppasswdd 8 1652daemon at system boot time. 1653.It Va nis_yppasswdd_flags 1654.Pq Vt str 1655If 1656.Va nis_yppasswdd_enable 1657is set to 1658.Dq Li YES , 1659these are the flags to pass to the 1660.Xr rpc.yppasswdd 8 1661daemon. 1662.It Va rpc_ypupdated_enable 1663.Pq Vt bool 1664If set to 1665.Dq Li YES , 1666run the 1667.Nm rpc.ypupdated 1668daemon at system boot time. 1669.It Va defaultrouter 1670.Pq Vt str 1671If not set to 1672.Dq Li NO , 1673create a default route to this host name or IP address 1674(use an IP address if this router is also required to get to the 1675name server!). 1676.It Va ipv6_defaultrouter 1677.Pq Vt str 1678The IPv6 equivalent of 1679.Va defaultrouter . 1680.It Va static_routes 1681.Pq Vt str 1682Set to the list of static routes that are to be added at system 1683boot time. 1684If not set to 1685.Dq Li NO 1686then for each whitespace separated 1687.Ar element 1688in the value, a 1689.Va route_ Ns Aq Ar element 1690variable is assumed to exist 1691whose contents will later be passed to a 1692.Dq Nm route Cm add 1693operation. 1694For example: 1695.Bd -literal 1696static_routes="mcast gif0local" 1697route_mcast="-net 224.0.0.0/4 -iface gif0" 1698route_gif0local="-host 169.254.1.1 -iface lo0" 1699.Ed 1700.It Va ipv6_static_routes 1701.Pq Vt str 1702The IPv6 equivalent of 1703.Va static_routes . 1704If not set to 1705.Dq Li NO 1706then for each whitespace separated 1707.Ar element 1708in the value, a 1709.Va ipv6_route_ Ns Aq Ar element 1710variable is assumed to exist 1711whose contents will later be passed to a 1712.Dq Nm route Cm add Fl inet6 1713operation. 1714.It Va natm_static_routes 1715.Pq Vt str 1716The 1717.Xr natmip 4 1718equivalent of 1719.Va static_routes . 1720If not empty then for each whitespace separated 1721.Ar element 1722in the value, a 1723.Va route_ Ns Aq Ar element 1724variable is assumed to exist whose contents will later be passed to a 1725.Dq Nm atmconfig Cm natm Cm add 1726operation. 1727.It Va gateway_enable 1728.Pq Vt bool 1729If set to 1730.Dq Li YES , 1731configure host to act as an IP router, e.g.\& to forward packets 1732between interfaces. 1733.It Va ipv6_gateway_enable 1734.Pq Vt bool 1735The IPv6 equivalent of 1736.Va gateway_enable . 1737.It Va router_enable 1738.Pq Vt bool 1739If set to 1740.Dq Li YES , 1741run a routing daemon of some sort, based on the 1742settings of 1743.Va router 1744and 1745.Va router_flags . 1746.It Va ipv6_router_enable 1747.Pq Vt bool 1748The IPv6 equivalent of 1749.Va router_enable . 1750If set to 1751.Dq Li YES , 1752run a routing daemon of some sort, based on the 1753settings of 1754.Va ipv6_router 1755and 1756.Va ipv6_router_flags . 1757.It Va router 1758.Pq Vt str 1759If 1760.Va router_enable 1761is set to 1762.Dq Li YES , 1763this is the name of the routing daemon to use. 1764.It Va ipv6_router 1765.Pq Vt str 1766The IPv6 equivalent of 1767.Va router . 1768.It Va router_flags 1769.Pq Vt str 1770If 1771.Va router_enable 1772is set to 1773.Dq Li YES , 1774these are the flags to pass to the routing daemon. 1775.It Va ipv6_router_flags 1776.Pq Vt str 1777The IPv6 equivalent of 1778.Va router_flags . 1779.It Va mrouted_enable 1780.Pq Vt bool 1781If set to 1782.Dq Li YES , 1783run the multicast routing daemon, 1784.Xr mrouted 8 . 1785.It Va mroute6d_enable 1786.Pq Vt bool 1787The IPv6 equivalent of 1788.Va mrouted_enable . 1789If set to 1790.Dq Li YES , 1791run the IPv6 multicast routing daemon. 1792Note that no IPv6 multicast routing daemon is included in the 1793.Fx 1794base system but 1795.Xr pim6dd 8 1796can be installed from the 1797.Fx 1798Ports Collection. 1799.It Va mrouted_flags 1800.Pq Vt str 1801If 1802.Va mrouted_enable 1803is set to 1804.Dq Li YES , 1805these are the flags to pass to the 1806.Xr mrouted 8 1807daemon. 1808.It Va mroute6d_flags 1809.Pq Vt str 1810The IPv6 equivalent of 1811.Va mrouted_flags . 1812If 1813.Va mroute6d_enable 1814is set to 1815.Dq Li YES , 1816these are the flags passed to the IPv6 multicast routing daemon. 1817.It Va mroute6d_program 1818.Pq Vt str 1819If 1820.Va mroute6d_enable 1821is set to 1822.Dq Li YES , 1823this is the path to the IPv6 multicast routing daemon. 1824.It Va rtadvd_enable 1825.Pq Vt bool 1826If set to 1827.Dq Li YES , 1828run the 1829.Xr rtadvd 8 1830daemon at boot time. 1831.Xr rtadvd 8 1832will only run if 1833.Va ipv6_gateway_enable 1834is also set to 1835.Dq Li YES . 1836The 1837.Xr rtadvd 8 1838utility sends router advertisement packets to the interfaces specified in 1839.Va rtadvd_interfaces 1840and should only be enabled with great care. 1841You may want to fine-tune 1842.Xr rtadvd.conf 5 . 1843.It Va rtadvd_interfaces 1844.Pq Vt str 1845If 1846.Va rtadvd_enable 1847is set to 1848.Dq Li YES 1849this is the list of interfaces to use. 1850.It Va ipxgateway_enable 1851.Pq Vt bool 1852If set to 1853.Dq Li YES , 1854enable the routing of IPX traffic. 1855.It Va ipxrouted_enable 1856.Pq Vt bool 1857If set to 1858.Dq Li YES , 1859run the 1860.Xr IPXrouted 8 1861daemon at system boot time. 1862.It Va ipxrouted_flags 1863.Pq Vt str 1864If 1865.Va ipxrouted_enable 1866is set to 1867.Dq Li YES , 1868these are the flags to pass to the 1869.Xr IPXrouted 8 1870daemon. 1871.It Va arpproxy_all 1872.Pq Vt bool 1873If set to 1874.Dq Li YES , 1875enable global proxy ARP. 1876.It Va forward_sourceroute 1877.Pq Vt bool 1878If set to 1879.Dq Li YES 1880and 1881.Va gateway_enable 1882is also set to 1883.Dq Li YES , 1884source-routed packets are forwarded. 1885.It Va accept_sourceroute 1886.Pq Vt bool 1887If set to 1888.Dq Li YES , 1889the system will accept source-routed packets directed at it. 1890.It Va rarpd_enable 1891.Pq Vt bool 1892If set to 1893.Dq Li YES , 1894run the 1895.Xr rarpd 8 1896daemon at system boot time. 1897.It Va rarpd_flags 1898.Pq Vt str 1899If 1900.Va rarpd_enable 1901is set to 1902.Dq Li YES , 1903these are the flags to pass to the 1904.Xr rarpd 8 1905daemon. 1906.It Va bootparamd_enable 1907.Pq Vt bool 1908If set to 1909.Dq Li YES , 1910run the 1911.Xr bootparamd 8 1912daemon at system boot time. 1913.It Va bootparamd_flags 1914.Pq Vt str 1915If 1916.Va bootparamd_enable 1917is set to 1918.Dq Li YES , 1919these are the flags to pass to the 1920.Xr bootparamd 8 1921daemon. 1922.It Va stf_interface_ipv4addr 1923.Pq Vt str 1924If not set to 1925.Dq Li NO , 1926this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 1927interface). 1928Specify this entry to enable the 6to4 interface. 1929.It Va stf_interface_ipv4plen 1930.Pq Vt int 1931Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1932An effective value is 0-31. 1933.It Va stf_interface_ipv6_ifid 1934.Pq Vt str 1935IPv6 interface ID for 1936.Xr stf 4 . 1937This can be set to 1938.Dq Li AUTO . 1939.It Va stf_interface_ipv6_slaid 1940.Pq Vt str 1941IPv6 Site Level Aggregator for 1942.Xr stf 4 . 1943.It Va ipv6_faith_prefix 1944.Pq Vt str 1945If not set to 1946.Dq Li NO , 1947this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 1948translator. 1949You also need 1950.Xr faithd 8 1951setup. 1952.It Va ipv6_ipv4mapping 1953.Pq Vt bool 1954If set to 1955.Dq Li YES 1956this enables IPv4 mapped IPv6 address communication (like 1957.Li ::ffff:a.b.c.d ) . 1958.It Va atm_enable 1959.Pq Vt bool 1960Set to 1961.Dq Li YES 1962to enable the configuration of ATM interfaces at system boot time. 1963For all of the ATM variables described below, please refer to the 1964.Xr atm 8 1965man page for further details on the available command parameters. 1966Also refer to the files in 1967.Pa /usr/share/examples/atm 1968for more detailed configuration information. 1969.It Va atm_load 1970.Pq Vt str 1971This is a list of physical ATM interface drivers to load. 1972Typical values are 1973.Dq Li hfa_pci 1974and/or 1975.Dq Li hea_pci . 1976.It Va atm_netif_ Ns Aq Ar intf 1977.Pq Vt str 1978For the ATM physical interface 1979.Ar intf , 1980this variable defines the name prefix and count for the ATM network 1981interfaces to be created. 1982The value will be passed as the parameters of an 1983.Dq Nm atm Cm "set netif" Ar intf 1984command. 1985.It Va atm_sigmgr_ Ns Aq Ar intf 1986.Pq Vt str 1987For the ATM physical interface 1988.Ar intf , 1989this variable defines the ATM signalling manager to be used. 1990The value will be passed as the parameters of an 1991.Dq Nm atm Cm attach Ar intf 1992command. 1993.It Va atm_prefix_ Ns Aq Ar intf 1994.Pq Vt str 1995For the ATM physical interface 1996.Ar intf , 1997this variable defines the NSAP prefix for interfaces using a UNI signalling 1998manager. 1999If set to 2000.Dq Li ILMI , 2001the prefix will automatically be set via the 2002.Xr ilmid 8 2003daemon. 2004Otherwise, the value will be passed as the parameters of an 2005.Dq Nm atm Cm "set prefix" Ar intf 2006command. 2007.It Va atm_macaddr_ Ns Aq Ar intf 2008.Pq Vt str 2009For the ATM physical interface 2010.Ar intf , 2011this variable defines the MAC address for interfaces using a UNI signalling 2012manager. 2013If set to 2014.Dq Li NO , 2015the hardware MAC address contained in the ATM interface card will be used. 2016Otherwise, the value will be passed as the parameters of an 2017.Dq Nm atm Cm "set mac" Ar intf 2018command. 2019.It Va atm_arpserver_ Ns Aq Ar netif 2020.Pq Vt str 2021For the ATM network interface 2022.Ar netif , 2023this variable defines the ATM address for a host which is to provide ATMARP 2024service. 2025This variable is only applicable to interfaces using a UNI signalling 2026manager. 2027If set to 2028.Dq Li local , 2029this host will become an ATMARP server. 2030The value will be passed as the parameters of an 2031.Dq Nm atm Cm "set arpserver" Ar netif 2032command. 2033.It Va atm_scsparp_ Ns Aq Ar netif 2034.Pq Vt bool 2035If set to 2036.Dq Li YES , 2037SCSP/ATMARP service for the network interface 2038.Ar netif 2039will be initiated using the 2040.Xr scspd 8 2041and 2042.Xr atmarpd 8 2043daemons. 2044This variable is only applicable if 2045.Va atm_arpserver_ Ns Aq Ar netif 2046is set to 2047.Dq Li local . 2048.It Va atm_pvcs 2049.Pq Vt str 2050Set to the list of ATM PVCs to be added at system 2051boot time. 2052For each whitespace separated 2053.Ar element 2054in the value, an 2055.Va atm_pvc_ Ns Aq Ar element 2056variable is assumed to exist. 2057The value of each of these variables 2058will be passed as the parameters of an 2059.Dq Nm atm Cm "add pvc" 2060command. 2061.It Va atm_arps 2062.Pq Vt str 2063Set to the list of permanent ATM ARP entries to be added 2064at system boot time. 2065For each whitespace separated 2066.Ar element 2067in the value, an 2068.Va atm_arp_ Ns Aq Ar element 2069variable is assumed to exist. 2070The value of each of these variables 2071will be passed as the parameters of an 2072.Dq Nm atm Cm "add arp" 2073command. 2074.It Va natm_interfaces 2075.Pq Vt str 2076Set to the list of 2077.Xr natm 4 2078interfaces that will also be used for HARP through 2079.Xr harp 4 . 2080If this list is not empty all interfaces in the list will be brought up 2081with 2082.Xr ifconfig 8 2083and 2084.Xr harp 4 2085will be loaded. 2086For this to work the interface drivers must be either compiled into the 2087kernel or must reside on the root partition. 2088.It Va keybell 2089.Pq Vt str 2090The keyboard bell sound. 2091Set to 2092.Dq Li normal , 2093.Dq Li visual , 2094.Dq Li off , 2095or 2096.Dq Li NO 2097if the default behavior is desired. 2098For details, refer to the 2099.Xr kbdcontrol 1 2100manpage. 2101.It Va keyboard 2102.Pq Vt str 2103If set to a non-null string, the virtual console's keyboard input is 2104set to this device. 2105.It Va keymap 2106.Pq Vt str 2107If set to 2108.Dq Li NO , 2109no keymap is installed, otherwise the value is used to install 2110the keymap file in 2111.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2112.It Va keyrate 2113.Pq Vt str 2114The keyboard repeat speed. 2115Set to 2116.Dq Li slow , 2117.Dq Li normal , 2118.Dq Li fast , 2119or 2120.Dq Li NO 2121if the default behavior is desired. 2122.It Va keychange 2123.Pq Vt str 2124If not set to 2125.Dq Li NO , 2126attempt to program the function keys with the value. 2127The value should 2128be a single string of the form: 2129.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2130.It Va cursor 2131.Pq Vt str 2132Can be set to the value of 2133.Dq Li normal , 2134.Dq Li blink , 2135.Dq Li destructive , 2136or 2137.Dq Li NO 2138to set the cursor behavior explicitly or choose the default behavior. 2139.It Va scrnmap 2140.Pq Vt str 2141If set to 2142.Dq Li NO , 2143no screen map is installed, otherwise the value is used to install 2144the screen map file in 2145.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2146.It Va font8x16 2147.Pq Vt str 2148If set to 2149.Dq Li NO , 2150the default 8x16 font value is used for screen size requests, otherwise 2151the value in 2152.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2153is used. 2154.It Va font8x14 2155.Pq Vt str 2156If set to 2157.Dq Li NO , 2158the default 8x14 font value is used for screen size requests, otherwise 2159the value in 2160.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2161is used. 2162.It Va font8x8 2163.Pq Vt str 2164If set to 2165.Dq Li NO , 2166the default 8x8 font value is used for screen size requests, otherwise 2167the value in 2168.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2169is used. 2170.It Va blanktime 2171.Pq Vt int 2172If set to 2173.Dq Li NO , 2174the default screen blanking interval is used, otherwise it is set 2175to 2176.Ar value 2177seconds. 2178.It Va saver 2179.Pq Vt str 2180If not set to 2181.Dq Li NO , 2182this is the actual screen saver to use 2183.Li ( blank , snake , daemon , 2184etc). 2185.It Va moused_enable 2186.Pq Vt str 2187If set to 2188.Dq Li YES , 2189the 2190.Xr moused 8 2191daemon is started for doing cut/paste selection on the console. 2192.It Va moused_type 2193.Pq Vt str 2194This is the protocol type of the mouse connected to this host. 2195This variable must be set if 2196.Va moused_enable 2197is set to 2198.Dq Li YES . 2199The 2200.Xr moused 8 2201daemon 2202is able to detect the appropriate mouse type automatically in many cases. 2203Set this variable to 2204.Dq Li auto 2205to let the daemon detect it, or 2206select one from the following list if the automatic detection fails. 2207.Pp 2208If the mouse is attached to the PS/2 mouse port, choose 2209.Dq Li auto 2210or 2211.Dq Li ps/2 , 2212regardless of the brand and model of the mouse. 2213Likewise, if the 2214mouse is attached to the bus mouse port, choose 2215.Dq Li auto 2216or 2217.Dq Li busmouse . 2218All other protocols are for serial mice and will not work with 2219the PS/2 and bus mice. 2220If this is a USB mouse, 2221.Dq Li auto 2222is the only protocol type which will work. 2223.Pp 2224.Bl -tag -width ".Li x10mouseremote" -compact 2225.It Li microsoft 2226Microsoft mouse (serial) 2227.It Li intellimouse 2228Microsoft IntelliMouse (serial) 2229.It Li mousesystems 2230Mouse systems Corp.\& mouse (serial) 2231.It Li mmseries 2232MM Series mouse (serial) 2233.It Li logitech 2234Logitech mouse (serial) 2235.It Li busmouse 2236A bus mouse 2237.It Li mouseman 2238Logitech MouseMan and TrackMan (serial) 2239.It Li glidepoint 2240ALPS GlidePoint (serial) 2241.It Li thinkingmouse 2242Kensington ThinkingMouse (serial) 2243.It Li ps/2 2244PS/2 mouse 2245.It Li mmhittab 2246MM HitTablet (serial) 2247.It Li x10mouseremote 2248X10 MouseRemote (serial) 2249.It Li versapad 2250Interlink VersaPad (serial) 2251.El 2252.Pp 2253Even if the mouse is not in the above list, it may be compatible 2254with one in the list. 2255Refer to the man page for 2256.Xr moused 8 2257for compatibility information. 2258.Pp 2259It should also be noted that while this is enabled, any 2260other client of the mouse (such as an X server) should access 2261the mouse through the virtual mouse device, 2262.Pa /dev/sysmouse , 2263and configure it as a 2264.Dq Li sysmouse 2265type mouse, since all 2266mouse data is converted to this single canonical format when 2267using 2268.Xr moused 8 . 2269If the client program does not support the 2270.Dq Li sysmouse 2271type, 2272specify the 2273.Dq Li mousesystems 2274type. 2275It is the second preferred type. 2276.It Va moused_port 2277.Pq Vt str 2278If 2279.Va moused_enable 2280is set to 2281.Dq Li YES , 2282this is the actual port the mouse is on. 2283It might be 2284.Pa /dev/cuaa0 2285for a COM1 serial mouse, 2286.Pa /dev/psm0 2287for a PS/2 mouse or 2288.Pa /dev/mse0 2289for a bus mouse, for example. 2290.It Va moused_flags 2291.Pq Vt str 2292If 2293.Va moused_type 2294is set, these are the additional flags to pass to the 2295.Xr moused 8 2296daemon. 2297.It Va mousechar_start 2298.Pq Vt int 2299If set to 2300.Dq Li NO , 2301the default mouse cursor character range 2302.Li 0xd0 Ns - Ns Li 0xd3 2303is used, 2304otherwise the range start is set 2305to 2306.Ar value 2307character, see 2308.Xr vidcontrol 1 . 2309Use if the default range is occupied in the language code table. 2310.It Va allscreens_flags 2311.Pq Vt str 2312If set, 2313.Xr vidcontrol 1 2314is run with these options for each of the virtual terminals 2315.Pq Pa /dev/ttyv* . 2316For example, 2317.Dq Fl m Cm on 2318will enable the mouse pointer on all virtual terminals 2319if 2320.Va moused_enable 2321is set to 2322.Dq Li YES . 2323.It Va allscreens_kbdflags 2324.Pq Vt str 2325If set, 2326.Xr kbdcontrol 1 2327is run with these options for each of the virtual terminals 2328.Pq Pa /dev/ttyv* . 2329For example, 2330.Dq Fl h Li 200 2331will set the 2332.Xr syscons 4 2333scrollback (history) buffer to 200 lines. 2334.It Va cron_enable 2335.Pq Vt bool 2336If set to 2337.Dq Li YES , 2338run the 2339.Xr cron 8 2340daemon at system boot time. 2341.It Va cron_program 2342.Pq Vt str 2343Path to 2344.Xr cron 8 2345(default 2346.Pa /usr/sbin/cron ) . 2347.It Va cron_flags 2348.Pq Vt str 2349If 2350.Va cron_enable 2351is set to 2352.Dq Li YES , 2353these are the flags to pass to 2354.Xr cron 8 . 2355.It Va cron_dst 2356.Pq Vt bool 2357If set to 2358.Dq Li YES , 2359enable the special handling of transitions to and from the 2360Daylight Saving Time in 2361.Xr cron 8 2362(equivalent to using the flag 2363.Fl s ) . 2364.It Va lpd_program 2365.Pq Vt str 2366Path to 2367.Xr lpd 8 2368(default 2369.Pa /usr/sbin/lpd ) . 2370.It Va lpd_enable 2371.Pq Vt bool 2372If set to 2373.Dq Li YES , 2374run the 2375.Xr lpd 8 2376daemon at system boot time. 2377.It Va lpd_flags 2378.Pq Vt str 2379If 2380.Va lpd_enable 2381is set to 2382.Dq Li YES , 2383these are the flags to pass to the 2384.Xr lpd 8 2385daemon. 2386.It Va mta_start_script 2387.Pq Vt str 2388This variable specifies the full path to the script to run to start 2389a mail transfer agent. 2390The default is 2391.Pa /etc/rc.sendmail . 2392The 2393.Va sendmail_* 2394variables which 2395.Pa /etc/rc.sendmail 2396uses are documented in the 2397.Xr rc.sendmail 8 2398man page. 2399.It Va dumpdev 2400.Pq Vt str 2401Indicates the device (usually a swap partition) to which a crash dump 2402should be written in the event of a system crash. 2403The value of this variable is passed as the argument to 2404.Xr dumpon 8 . 2405To disable crash dumps, set this variable to 2406.Dq Li NO . 2407.It Va dumpdir 2408.Pq Vt str 2409When the system reboots after a crash and a crash dump is found on the 2410device specified by the 2411.Va dumpdev 2412variable, 2413.Xr savecore 8 2414will save that crash dump and a copy of the kernel to the directory 2415specified by the 2416.Va dumpdir 2417variable. 2418The default value is 2419.Pa /var/crash . 2420Set to 2421.Dq Li NO 2422to not run 2423.Xr savecore 8 2424at boot time when 2425.Va dumpdir 2426is set. 2427.It Va savecore_flags 2428.Pq Vt str 2429If crash dumps are enabled, these are the flags to pass to the 2430.Xr savecore 8 2431utility. 2432.It Va enable_quotas 2433.Pq Vt bool 2434Set to 2435.Dq Li YES 2436to turn on user disk quotas on system startup via the 2437.Xr quotaon 8 2438command. 2439.It Va check_quotas 2440.Pq Vt bool 2441Set to 2442.Dq Li YES 2443to enable user disk quota checking via the 2444.Xr quotacheck 8 2445command. 2446.It Va accounting_enable 2447.Pq Vt bool 2448Set to 2449.Dq Li YES 2450to enable system accounting through the 2451.Xr accton 8 2452facility. 2453.It Va ibcs2_enable 2454.Pq Vt bool 2455Set to 2456.Dq Li YES 2457to enable iBCS2 (SCO) binary emulation at system initial boot 2458time. 2459.It Va ibcs2_loaders 2460.Pq Vt str 2461If not set to 2462.Dq Li NO 2463and if 2464.Va ibcs2_enable 2465is set to 2466.Dq Li YES , 2467this specifies a list of additional iBCS2 loaders to enable. 2468.It Va linux_enable 2469.Pq Vt bool 2470Set to 2471.Dq Li YES 2472to enable Linux/ELF binary emulation at system initial 2473boot time. 2474.It Va osf1_enable 2475.Pq Vt bool 2476Set to 2477.Dq Li YES 2478to enable OSF/1 (Digital UNIX) binary emulation at system 2479initial boot time. 2480(alpha) 2481.It Va svr4_enable 2482.Pq Vt bool 2483If set to 2484.Dq Li YES , 2485enable SysVR4 emulation at boot time. 2486.It Va sysvipc_enable 2487.Pq Vt bool 2488If set to 2489.Dq Li YES , 2490load System V IPC primitives at boot time. 2491.It Va clear_tmp_enable 2492.Pq Vt bool 2493Set to 2494.Dq Li YES 2495to have 2496.Pa /tmp 2497cleaned at startup. 2498.It Va ldconfig_paths 2499.Pq Vt str 2500Set to the list of shared library paths to use with 2501.Xr ldconfig 8 . 2502NOTE: 2503.Pa /usr/lib 2504will always be added first, so it need not appear in this list. 2505.It Va ldconfig_paths_aout 2506.Pq Vt str 2507Set to the list of shared library paths to use with 2508.Xr ldconfig 8 2509legacy 2510.Xr a.out 5 2511support. 2512.It Va ldconfig_insecure 2513.Pq Vt bool 2514The 2515.Xr ldconfig 8 2516utility normally refuses to use directories 2517which are writable by anyone except root. 2518Set this variable to 2519.Dq Li YES 2520to disable that security check during system startup. 2521.It Va kern_securelevel_enable 2522.Pq Vt bool 2523Set to 2524.Dq Li YES 2525to set the kernel security level at system startup. 2526.It Va kern_securelevel 2527.Pq Vt int 2528The kernel security level to set at startup. 2529The allowed range of 2530.Ar value 2531ranges from \-1 (the compile time default) to 3 (the 2532most secure). 2533See 2534.Xr init 8 2535for the list of possible security levels and their effect 2536on system operation. 2537.It Va lomac_enable 2538.Pq Vt bool 2539Set to 2540.Dq Li YES 2541to enable Low Watermark Mandatory Access Control (LOMAC) at boot time. 2542This security model enforces integrity constraints for system processes; 2543see 2544.Xr lomac 4 2545for a complete description of the LOMAC model, as well as its impact 2546on system operation. 2547.It Va start_vinum 2548.Pq Vt bool 2549Set to 2550.Dq Li YES 2551to start 2552.Xr vinum 8 2553at system boot time. 2554.It Va sshd_program 2555.Pq Vt str 2556Path to the SSH server program 2557.Pa ( /usr/sbin/sshd 2558is the default). 2559.It Va sshd_enable 2560.Pq Vt bool 2561Set to 2562.Dq Li YES 2563to start 2564.Xr sshd 8 2565at system boot time. 2566.It Va sshd_flags 2567.Pq Vt str 2568If 2569.Va sshd_enable 2570is set to 2571.Dq Li YES , 2572these are the flags to pass to the 2573.Xr sshd 8 2574daemon. 2575.It Va usbd_enable 2576.Pq Vt bool 2577If set to 2578.Dq Li YES , 2579run the 2580.Xr usbd 8 2581daemon at boot time. 2582.It Va usbd_flags 2583.Pq Vt str 2584If 2585.Va usbd_enable 2586is set to 2587.Dq Li YES , 2588these are the flags passed to the 2589.Xr usbd 8 2590daemon. 2591.It Va watchdogd_enable 2592.Pq Vt bool 2593If set to 2594.Dq Li YES , 2595start the 2596.Xr watchdogd 8 2597daemon at boot time. 2598This requires that the kernel have been compiled with a 2599.Xr watchdog 4 2600compatible device. 2601.It Va watchdogd_flags 2602.Pq Vt str 2603If 2604.Va watchdogd_enable 2605is set to 2606.Dq Li YES , 2607these are the flags passed to the 2608.Xr watchdogd 8 2609daemon. 2610.It Va jail_enable 2611.Pq Vt bool 2612If set to 2613.Dq Li NO , 2614any configured jails will not be started. 2615.It Va jail_list 2616.Pq Vt str 2617A space separated list of names for jails. 2618This is purely a configuration aid to help identify and 2619configure multiple jails. 2620The names specified in this list will be used to 2621identify settings common to an instance of a jail. 2622Assuming that the jail in question was named 2623.Li vjail , 2624you would have the following dependant variables: 2625.Bd -literal 2626jail_vjail_hostname="jail.example.com" 2627jail_vjail_ip="192.168.1.100" 2628jail_vjail_rootdir="/var/jails/vjail/root" 2629jail_vjail_exec="/bin/sh /etc/rc" 2630.Ed 2631.Pp 2632The last one is optional. 2633It defaults to 2634.Pa /etc/rc 2635if it is not set. 2636.It Va jail_set_hostname_allow 2637.Pq Vt bool 2638If set to 2639.Dq Li NO , 2640do not allow the root user in a jail to set its hostname. 2641.It Va jail_socket_unixiproute_only 2642.Pq Vt bool 2643If set to 2644.Dq Li NO , 2645do not allow any protocol, 2646besides TCP/IP, 2647to be used within a jail. 2648.It Va jail_sysvipc_allow 2649.Pq Vt bool 2650If set to 2651.Dq Li YES , 2652allow applications within a jail to use System V IPC. 2653.It Va unaligned_print 2654.Pq Vt bool 2655If set to 2656.Dq Li NO , 2657unaligned access warnings will not be printed. 2658(alpha) 2659.\" ----- isdn settings --------------------------------- 2660.It Va isdn_enable 2661.Pq Vt bool 2662Set to 2663.Dq Li NO 2664by default. 2665When set to 2666.Dq Li YES , 2667starts the 2668.Xr isdnd 8 2669daemon 2670at system boot time. 2671.It Va isdn_flags 2672.Pq Vt str 2673Set to 2674.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2675by default. 2676Additional flags to pass to 2677.Xr isdnd 8 2678(but see 2679.Va isdn_fsdev 2680and 2681.Va isdn_ttype 2682for certain tunable parameters). 2683.It Va isdn_ttype 2684.Pq Vt str 2685Set to 2686.Dq Li cons25 2687by default. 2688The terminal type of the output device when 2689.Xr isdnd 8 2690operates in full-screen mode. 2691.It Va isdn_screenflags 2692.Pq Vt str 2693Set to 2694.Dq Li NO 2695by default. 2696The video mode for full-screen mode (only for 2697.Xr syscons 4 2698console driver, see 2699.Xr vidcontrol 1 2700for valid modes). 2701.It Va isdn_fsdev 2702.Pq Vt str 2703Set to 2704.Dq Li NO 2705by default. 2706The output device for 2707.Xr isdnd 8 2708in full-screen mode (or 2709.Dq Li NO 2710for daemon mode). 2711.It Va isdn_trace 2712.Pq Vt bool 2713Set to 2714.Dq Li NO 2715by default. 2716When set to 2717.Dq Li YES , 2718enables the ISDN protocol trace utility 2719.Xr isdntrace 8 2720at system boot time. 2721.It Va isdn_traceflags 2722.Pq Vt str 2723Set to 2724.Dq Fl f Pa /var/tmp/isdntrace0 2725by default. 2726Flags for 2727.Xr isdntrace 8 . 2728.\" ----------------------------------------------------- 2729.It Va pcvt_verbose 2730.Pq Vt bool 2731Set to 2732.Dq Li NO 2733by default. 2734When set to 2735.Dq Li YES , 2736verbose messages about the actions done by the start script are displayed. 2737.Em Note : 2738the 2739.Xr pcvt 4 2740driver must be compiled into the kernel before the 2741.Xr pcvt 4 2742related 2743options described here take any effect. 2744.It Va pcvt_keymap 2745.Pq Vt str 2746Set to 2747.Dq Li NO 2748by default. 2749Use this to configure a national keyboard mapping found in the 2750.Pa /usr/share/misc/keycap.pcvt 2751file of keyboard mappings. 2752(See also the manual pages 2753.Xr keycap 5 2754and 2755.Xr keycap 3 2756for usage of 2757.Xr pcvt 4 Ns 's 2758keycap database and the manual page 2759.Xr kcon 1 2760option 2761.Fl m 2762for national keyboard mapping configuration.) 2763.It Va pcvt_keydel 2764.Pq Vt int 2765Set to 2766.Dq Li NO 2767by default. 2768Used to set the keyboard key repeat delay value. 2769Valid values are 2770in the range 0..3 for delay values of 250, 500, 750 and 1000 msec. 2771(See also the 2772.Xr kcon 1 2773manual page.) 2774.It Va pcvt_keyrate 2775.Pq Vt int 2776Set to 2777.Dq Li NO 2778by default. 2779Used to set the keyboard key repetition rate value. 2780Valid values are 2781in the range 0..31 for repetition values of 2..30 characters per second. 2782.It Va pcvt_keyrepeat 2783.Pq Vt bool 2784Set to 2785.Dq Li NO 2786by default. 2787Set to 2788.Dq Li YES 2789to enable automatic keyboard key repeating. 2790.It Va pcvt_force24 2791.Pq Vt bool 2792Set to 2793.Dq Li NO 2794by default. 2795Set to 2796.Dq Li YES 2797to force 2798.Xr pcvt 4 2799to use 24 lines only (in 25 lines mode) for compatibility 2800with the original 2801.Tn VT220 2802terminal. 2803.It Va pcvt_hpext 2804.Pq Vt bool 2805Set to 2806.Dq Li NO 2807by default. 2808Set to 2809.Dq Li YES 2810to enable the display and functionality of function key labels (as found 2811on 2812.Tn Hewlett-Packard 2813terminals such as the 2814.Tn HP2392A 2815and the 2816.Tn HP700/92 2817in 2818.Tn ANSI 2819mode). 2820.It Va pcvt_lines 2821.Pq Vt int 2822Set to 2823.Dq Li NO 2824by default resulting in a value of 25. 2825Used to set the number of lines on the screen. 2826For VGA displays, valid 2827values are 25, 28, 40 and 50 lines. 2828(See also the 2829.Xr scon 1 2830manual page.) 2831.It Va pcvt_blanktime 2832.Pq Vt int 2833Set to 2834.Dq Li NO 2835by default. 2836Used to set the screen saver timeout in seconds for values greater than 2837zero. 2838.It Va pcvt_cursorh 2839.Pq Vt int 2840Set to 2841.Dq Li NO 2842by default. 2843Used to set the cursor top scanline. 2844(See also the 2845.Xr cursor 1 2846manual page.) 2847.It Va pcvt_cursorl 2848.Pq Vt int 2849Set to 2850.Dq Li NO 2851by default. 2852Used to set the cursor bottom scanline. 2853.It Va pcvt_monohigh 2854.Pq Vt bool 2855Set to 2856.Dq Li NO 2857by default. 2858Set to 2859.Dq Li YES 2860to set intensity to high on monochrome monitors. 2861(See also the 2862.Xr scon 1 2863manual page, option 2864.Fl p , 2865for more information on changing VGA palette 2866values.) 2867.It Va harvest_interrupt 2868.Pq Vt bool 2869Set to 2870.Dq Li YES 2871to use hardware interrupts as an entropy source. 2872Refer to 2873.Xr random 4 2874for more information. 2875.It Va harvest_ethernet 2876.Pq Vt bool 2877Set to 2878.Dq Li YES 2879to use LAN traffic as an entropy source. 2880Refer to 2881.Xr random 4 2882for more information. 2883.It Va harvest_p_to_p 2884.Pq Vt bool 2885Set to 2886.Dq Li YES 2887to use serial line traffic as an entropy source. 2888Refer to 2889.Xr random 4 2890for more information. 2891.It Va entropy_dir 2892.Pq Vt str 2893Set to 2894.Dq Li NO 2895to disable caching entropy via 2896.Xr cron 8 . 2897Otherwise set to the directory used to store entropy files in. 2898.It Va entropy_file 2899.Pq Vt str 2900Set to 2901.Dq Li NO 2902to disable caching entropy through reboots. 2903Otherwise set to the filename used to store cached entropy through 2904reboots. 2905This file should be located on the root file system to seed the 2906.Xr random 4 2907device as early as possible in the boot process. 2908.It Va entropy_save_sz 2909.Pq Vt int 2910Size of the entropy cache files saved by 2911.Nm save-entropy 2912periodically. 2913.It Va entropy_save_num 2914.Pq Vt int 2915Number of entropy cache files to save by 2916.Nm save-entropy 2917periodically. 2918.It Va ipsec_enable 2919.Pq Vt bool 2920Set to 2921.Dq Li YES 2922to run 2923.Xr setkey 8 2924on 2925.Va ipsec_file 2926at boot time. 2927.It Va ipsec_file 2928.Pq Vt str 2929Configuration file for 2930.Xr setkey 8 . 2931.It Va dmesg_enable 2932.Pq Vt bool 2933Set to 2934.Dq Li YES 2935to save 2936.Xr dmesg 8 2937to 2938.Pa /var/run/dmesg.boot 2939on boot. 2940.It Va rcshutdown_timeout 2941.Pq Vt int 2942If set, start a watchdog timer in the background which will terminate 2943.Pa rc.shutdown 2944if 2945.Xr shutdown 8 2946has not completed within the specified time (in seconds). 2947.It Va virecover_enable 2948.Pq Vt bool 2949Set to 2950.Dq Li NO 2951to prevent the system from trying to 2952recover pre-maturely terminated 2953.Xr vi 1 2954sessions. 2955.It Va ramdisk_units 2956.Pq Vt str 2957A list of one or more ramdisk units to configure with 2958.Xr mdconfig 8 2959and 2960.Xr newfs 8 2961in time to be mounted from 2962.Xr fstab 5 . 2963Each listed unit 2964.Ar X 2965must specify at least a 2966.Ar type 2967in a 2968.Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 2969variable. 2970.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 2971.Pq Vt str 2972Arguments to 2973.Xr mdconfig 8 2974for ramdisk 2975.Ar X . 2976At minimum a 2977.Fl t Ar type 2978must be specified, where 2979.Ar type 2980must be one of 2981.Cm malloc 2982or 2983.Cm swap . 2984.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _newfs 2985.Pq Vt str 2986Optional arguments passed to 2987.Xr newfs 8 2988to initialize ramdisk 2989.Ar X . 2990.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _owner 2991.Pq Vt str 2992An ownership specification passed to 2993.Xr chown 8 2994after the specified ramdisk unit 2995.Ar X 2996has been mounted. 2997Both the 2998.Xr md 4 2999device and the mount point will be changed. 3000.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _perms 3001.Pq Vt str 3002A mode string passed to 3003.Xr chmod 1 3004after the specified ramdisk unit 3005.Ar X 3006has been mounted. 3007Both the 3008.Xr md 4 3009device and the mount point will be changed. 3010.El 3011.Sh FILES 3012.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 3013.It Pa /etc/defaults/rc.conf 3014.It Pa /etc/rc.conf 3015.It Pa /etc/rc.conf.local 3016.El 3017.Sh SEE ALSO 3018.Xr catman 1 , 3019.Xr chmod 1 , 3020.Xr gdb 1 , 3021.Xr info 1 , 3022.Xr kbdcontrol 1 , 3023.Xr makewhatis 1 , 3024.Xr vi 1 , 3025.Xr vidcontrol 1 , 3026.Xr ip 4 , 3027.Xr kld 4 , 3028.Xr tcp 4 , 3029.Xr udp 4 , 3030.Xr exports 5 , 3031.Xr motd 5 , 3032.Xr newsyslog.conf 5 , 3033.Xr accton 8 , 3034.Xr amd 8 , 3035.Xr apm 8 , 3036.Xr atm 8 , 3037.Xr chown 8 , 3038.Xr cron 8 , 3039.Xr dhclient 8 , 3040.Xr ifconfig 8 , 3041.Xr inetd 8 , 3042.Xr isdnd 8 , 3043.Xr isdntrace 8 , 3044.Xr kldxref 8 , 3045.Xr lpd 8 , 3046.Xr mdconfig 8 , 3047.Xr mountd 8 , 3048.Xr moused 8 , 3049.Xr mrouted 8 , 3050.Xr named 8 , 3051.Xr newfs 8 , 3052.Xr nfsd 8 , 3053.Xr ntpd 8 , 3054.Xr ntpdate 8 , 3055.Xr pcnfsd 8 , 3056.Xr quotacheck 8 , 3057.Xr quotaon 8 , 3058.Xr rc 8 , 3059.Xr rc.sendmail 8 , 3060.Xr route 8 , 3061.Xr routed 8 , 3062.Xr rpcbind 8 , 3063.Xr rpc.lockd 8 , 3064.Xr rpc.statd 8 , 3065.Xr rwhod 8 , 3066.Xr savecore 8 , 3067.Xr sshd 8 , 3068.Xr swapon 8 , 3069.Xr sysctl 8 , 3070.Xr syslogd 8 , 3071.Xr timed 8 , 3072.Xr usbd 8 , 3073.Xr vinum 8 , 3074.Xr yp 8 , 3075.Xr ypbind 8 , 3076.Xr ypserv 8 , 3077.Xr ypset 8 3078.Sh HISTORY 3079The 3080.Nm 3081file appeared in 3082.Fx 2.2.2 . 3083.Sh AUTHORS 3084.An Jordan K. Hubbard . 3085