1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd September 28, 2005 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67See the 68.Va rc_conf_files 69variable below. 70.Pp 71The following list provides a name and short description for each 72variable that can be set in the 73.Nm 74file: 75.Bl -tag -width indent-two 76.It Va rc_debug 77.Pq Vt bool 78If set to 79.Dq Li YES , 80enable output of debug messages from rc scripts. 81This variable can be helpful in diagnosing mistakes when 82editing or integrating new scripts. 83Beware that this produces copious output to the terminal and 84.Xr syslog 3 . 85.It Va rc_info 86.Pq Vt bool 87If set to 88.Dq Li NO , 89disable informational messages from the rc scripts. 90Informational messages are displayed when 91a condition that is not serious enough to warrant a warning or 92an error occurs. 93.It Va swapfile 94.Pq Vt str 95If set to 96.Dq Li NO , 97no swapfile is installed, otherwise the value is used as the full 98pathname to a file to use for additional swap space. 99.It Va apm_enable 100.Pq Vt bool 101If set to 102.Dq Li YES , 103enable support for Automatic Power Management with 104the 105.Xr apm 8 106command. 107.It Va apmd_enable 108.Pq Vt bool 109Run 110.Xr apmd 8 111to handle APM event from userland. 112This also enables support for APM. 113.It Va apmd_flags 114.Pq Vt str 115If 116.Va apmd_enable 117is set to 118.Dq Li YES , 119these are the flags to pass to the 120.Xr apmd 8 121daemon. 122.It Va devd_enable 123.Pq Vt bool 124Run 125.Xr devd 8 126to handle device added, removed or unknown events from the kernel. 127.It Va kldxref_enable 128.Pq Vt bool 129Set to 130.Dq Li NO 131by default. 132Set to 133.Dq Li YES 134to automatically rebuild 135.Pa linker.hints 136files with 137.Xr kldxref 8 138at boot time. 139.It Va kldxref_clobber 140.Pq Vt bool 141Set to 142.Dq Li NO 143by default. 144If 145.Va kldxref_enable 146is true, 147setting to 148.Dq Li YES 149will overwrite existing 150.Pa linker.hints 151files at boot time. 152Otherwise, 153only missing 154.Pa linker.hints 155files are generated. 156.It Va kldxref_module_path 157.Pq Vt str 158Empty by default. 159A semi-colon 160.Pq Ql \&; 161delimited list of paths containing 162.Xr kld 4 163modules. 164If empty, 165the contents of the 166.Va kern.module_path 167.Xr sysctl 8 168are used. 169.It Va pccard_enable 170.Pq Vt bool 171If set to 172.Dq Li YES , 173enable PCCARD support at boot time. 174.It Va pccard_mem 175.Pq Vt str 176Set to PCCARD controller memory address or 177.Dq Li DEFAULT 178for the default value. 179.It Va pccard_beep 180.Pq Vt int 181If 0, 182set the PCCARD controller to silent mode. 183If 1, 184set it to beep mode. 185If 2, 186set it to melody mode. 187.It Va pccard_conf 188.Pq Vt str 189Path to the configuration file for the 190.Xr pccardd 8 191daemon (e.g.\& 192.Pa /etc/pccard.conf.sample ) . 193.It Va pccardd_flags 194.Pq Vt str 195If 196.Va pccard_enable 197is set to 198.Dq Li YES , 199these are the flags to pass to the 200.Xr pccardd 8 201daemon. 202.It Va powerd_enable 203.Pq Vt bool 204If set to 205.Dq Li YES , 206enable the system power control facility with the 207.Xr powerd 8 208daemon. 209.It Va powerd_flags 210.Pq Vt str 211If 212.Va powerd_enable 213is set to 214.Dq Li YES , 215these are the flags to pass to the 216.Xr powerd 8 217daemon. 218.It Va tmpmfs 219Controls the creation of a 220.Pa /tmp 221memory file system. 222Always happens if set to 223.Dq Li YES 224and never happens if set to 225.Dq Li NO . 226If set to anything else, a memory file system is created if 227.Pa /tmp 228is not writable. 229.It Va tmpsize 230Controls the size of a created 231.Pa /tmp 232memory file system. 233.It Va tmpmfs_flags 234Extra options passed to the 235.Xr mdmfs 8 236utility when the memory file system for 237.Pa /tmp 238is created. 239The default is 240.Dq Li -S -M , 241which inhibits the use of softupdates on 242.Pa /tmp 243to waste as little space as possible 244and creates a pure memory backed disk, which will never be swapped out, 245for maximum performance and system stability at low memory conditions. 246See 247.Xr mdmfs 8 248for other options you can use in 249.Va tmpmfs_flags . 250.It Va varmfs 251Controls the creation of a 252.Pa /var 253memory file system. 254Always happens if set to 255.Dq Li YES 256and never happens if set to 257.Dq Li NO . 258If set to anything else, a memory file system is created if 259.Pa /var 260is not writable. 261.It Va varsize 262Controls the size of a created 263.Pa /var 264memory file system. 265.It Va varmfs_flags 266Extra options passed to the 267.Xr mdmfs 8 268utility when the memory file system for 269.Pa /var 270is created. 271The default is 272.Dq Li -S -M , 273which inhibits the use of softupdates on 274.Pa /var 275to waste as little space as possible 276and creates a pure memory backed disk, which will never be swapped out, 277for maximum performance and system stability at low memory conditions. 278See 279.Xr mdmfs 8 280for other options you can use in 281.Va varmfs_flags . 282.It Va populate_var 283Controls the automatic population of the 284.Pa /var 285file system. 286Always happens if set to 287.Dq Li YES 288and never happens if set to 289.Dq Li NO . 290If set to anything else, a memory file system is created if 291.Pa /var 292is not writable. 293Note that this process requires access to certain commands in 294.Pa /usr 295before 296.Pa /usr 297is mounted on normal systems. 298.It Va local_startup 299.Pq Vt str 300List of directories to search for startup script files. 301.It Va script_name_sep 302.Pq Vt str 303The field separator to use for breaking down the list of startup script files 304into individual filenames. 305The default is a space. 306It is not necessary to change this unless there are startup scripts with names 307containing spaces. 308.It Va hostname 309.Pq Vt str 310The fully qualified domain name (FQDN) of this host on the network. 311This should almost certainly be set to something meaningful, even if 312there is no network connection. 313If 314.Xr dhclient 8 315is used to set the hostname via DHCP, 316this variable should be set to an empty string. 317.It Va ipv6_enable 318.Pq Vt bool 319Enable support for IPv6 networking. 320Note that this requires that the kernel has been compiled with 321.Cd "options INET6" . 322.It Va nisdomainname 323.Pq Vt str 324The NIS domain name of this host, or 325.Dq Li NO 326if NIS is not used. 327.It Va dhclient_program 328.Pq Vt str 329Path to the DHCP client program 330.Pa ( /sbin/dhclient , 331the 332.Ox 333DHCP client, 334is the default). 335.It Va dhclient_flags 336.Pq Vt str 337Additional flags to pass to the DHCP client program. 338For the 339.Ox 340DHCP client, see the 341.Xr dhclient 8 342manpage for a description of the command line options available. 343.It Va background_dhclient 344.Pq Vt bool 345Set to 346.Dq Li YES 347to start the DHCP client in background. 348This can cause trouble with applications depending on 349a working network, but it will provide a faster startup 350in many cases. 351.It Va firewall_enable 352.Pq Vt bool 353Set to 354.Dq Li YES 355to load firewall rules at startup. 356If the kernel was not built with 357.Cd "options IPFIREWALL" , 358the 359.Pa ipfw.ko 360kernel module will be loaded. 361See also 362.Va ipfilter_enable . 363.It Va ipv6_firewall_enable 364.Pq Vt bool 365The IPv6 equivalent of 366.Va firewall_enable . 367Set to 368.Dq Li YES 369to load IPv6 firewall rules at startup. 370If the kernel was not built with 371.Cd "options IPV6FIREWALL" , 372the 373.Pa ip6fw.ko 374kernel module will be loaded. 375.It Va firewall_script 376.Pq Vt str 377This variable specifies the full path to the firewall script to run. 378The default is 379.Pa /etc/rc.firewall . 380.It Va ipv6_firewall_script 381.Pq Vt str 382The IPv6 equivalent of 383.Va firewall_script . 384.It Va firewall_type 385.Pq Vt str 386Names the firewall type from the selection in 387.Pa /etc/rc.firewall , 388or the file which contains the local firewall ruleset. 389Valid selections from 390.Pa /etc/rc.firewall 391are: 392.Pp 393.Bl -tag -width ".Li simple" -compact 394.It Li open 395unrestricted IP access 396.It Li closed 397all IP services disabled, except via 398.Dq Li lo0 399.It Li client 400basic protection for a workstation 401.It Li simple 402basic protection for a LAN. 403.El 404.Pp 405If a filename is specified, the full path 406must be given. 407.It Va ipv6_firewall_type 408.Pq Vt str 409The IPv6 equivalent of 410.Va firewall_type . 411.It Va firewall_quiet 412.Pq Vt bool 413Set to 414.Dq Li YES 415to disable the display of firewall rules on the console during boot. 416.It Va ipv6_firewall_quiet 417.Pq Vt bool 418The IPv6 equivalent of 419.Va firewall_quiet . 420.It Va firewall_logging 421.Pq Vt bool 422Set to 423.Dq Li YES 424to enable firewall event logging. 425This is equivalent to the 426.Dv IPFIREWALL_VERBOSE 427kernel option. 428.It Va ipv6_firewall_logging 429.Pq Vt bool 430The IPv6 equivalent of 431.Va firewall_logging . 432.It Va firewall_flags 433.Pq Vt str 434Flags passed to 435.Xr ipfw 8 436if 437.Va firewall_type 438specifies a filename. 439.It Va ipv6_firewall_flags 440.Pq Vt str 441The IPv6 equivalent of 442.Va firewall_flags . 443.It Va natd_program 444.Pq Vt str 445Path to 446.Xr natd 8 . 447.It Va natd_enable 448.Pq Vt bool 449Set to 450.Dq Li YES 451to enable 452.Xr natd 8 . 453.Va firewall_enable 454must also be set to 455.Dq Li YES , 456and 457.Xr divert 4 458sockets must be enabled in the kernel. 459If the kernel was not built with 460.Cd "options IPDIVERT" , 461the 462.Pa ipdivert.ko 463kernel module will be loaded. 464.It Va natd_interface 465.Pq Vt str 466This is the name of the public interface on which 467.Xr natd 8 468should run. 469The interface may be given as an interface name or as an IP address. 470.It Va natd_flags 471.Pq Vt str 472Additional 473.Xr natd 8 474flags should be placed here. 475The 476.Fl n 477or 478.Fl a 479flag is automatically added with the above 480.Va natd_interface 481as an argument. 482.\" ----- ipfilter_enable setting -------------------------------- 483.It Va ipfilter_enable 484.Pq Vt bool 485Set to 486.Dq Li NO 487by default. 488Setting this to 489.Dq Li YES 490enables 491.Xr ipf 8 492packet filtering. 493.Pp 494Typical usage will require putting 495.Bd -literal 496ipfilter_enable="YES" 497ipnat_enable="YES" 498ipmon_enable="YES" 499ipfs_enable="YES" 500.Ed 501.Pp 502into 503.Pa /etc/rc.conf 504and editing 505.Pa /etc/ipf.rules 506and 507.Pa /etc/ipnat.rules 508appropriately. 509.Pp 510Note that 511.Va ipfilter_enable 512and 513.Va ipnat_enable 514can be enabled independently. 515.Va ipmon_enable 516and 517.Va ipfs_enable 518both require at least one of 519.Va ipfilter_enable 520and 521.Va ipnat_enable 522to be enabled. 523.Pp 524Having 525.Bd -literal 526options IPFILTER 527options IPFILTER_LOG 528options IPFILTER_DEFAULT_BLOCK 529.Ed 530.Pp 531in the kernel configuration file is a good idea, too. 532.\" ----- ipfilter_program setting ------------------------------ 533.It Va ipfilter_program 534.Pq Vt str 535Path to 536.Xr ipf 8 537(default 538.Pa /sbin/ipf ) . 539.\" ----- ipfilter_rules setting -------------------------------- 540.It Va ipfilter_rules 541.Pq Vt str 542Set to 543.Pa /etc/ipf.rules 544by default. 545This variable contains the name of the filter rule definition file. 546The file is expected to be readable for the 547.Xr ipf 8 548command to execute. 549.\" ----- ipv6_ipfilter_rules setting --------------------------- 550.It Va ipv6_ipfilter_rules 551.Pq Vt str 552Set to 553.Pa /etc/ipf6.rules 554by default. 555This variable contains the IPv6 filter rule definition file. 556The file is expected to be readable for the 557.Xr ipf 8 558command to execute. 559.\" ----- ipfilter_flags setting -------------------------------- 560.It Va ipfilter_flags 561.Pq Vt str 562Empty by default. 563This variable contains flags passed to the 564.Xr ipf 8 565program. 566.\" ----- ipnat_enable setting ---------------------------------- 567.It Va ipnat_enable 568.Pq Vt bool 569Set to 570.Dq Li NO 571by default. 572Set it to 573.Dq Li YES 574to enable 575.Xr ipnat 1 576network address translation. 577See 578.Va ipfilter_enable 579for a detailed discussion. 580.\" ----- ipnat_program setting --------------------------------- 581.It Va ipnat_program 582.Pq Vt str 583Path to 584.Xr ipnat 1 585(default 586.Pa /sbin/ipnat ) . 587.\" ----- ipnat_rules setting ----------------------------------- 588.It Va ipnat_rules 589.Pq Vt str 590Set to 591.Pa /etc/ipnat.rules 592by default. 593This variable contains the name of the file 594holding the network address translation definition. 595This file is expected to be readable for the 596.Xr ipnat 1 597command to execute. 598.\" ----- ipnat_flags setting ----------------------------------- 599.It Va ipnat_flags 600.Pq Vt str 601Empty by default. 602This variable contains flags passed to the 603.Xr ipnat 1 604program. 605.\" ----- ipmon_enable setting ---------------------------------- 606.It Va ipmon_enable 607.Pq Vt bool 608Set to 609.Dq Li NO 610by default. 611Set it to 612.Dq Li YES 613to enable 614.Xr ipmon 8 615monitoring (logging 616.Xr ipf 8 617and 618.Xr ipnat 1 619events). 620Setting this variable needs setting 621.Va ipfilter_enable 622or 623.Va ipnat_enable 624too. 625See 626.Va ipfilter_enable 627for a detailed discussion. 628.\" ----- ipmon_program setting --------------------------------- 629.It Va ipmon_program 630.Pq Vt str 631Path to 632.Xr ipmon 8 633(default 634.Pa /sbin/ipmon ) . 635.\" ----- ipmon_flags setting ----------------------------------- 636.It Va ipmon_flags 637.Pq Vt str 638Set to 639.Dq Li -Ds 640by default. 641This variable contains flags passed to the 642.Xr ipmon 8 643program. 644Another typical example would be 645.Dq Fl D Pa /var/log/ipflog 646to have 647.Xr ipmon 8 648log directly to a file bypassing 649.Xr syslogd 8 . 650Make sure to adjust 651.Pa /etc/newsyslog.conf 652in such case like this: 653.Bd -literal 654/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 655.Ed 656.\" ----- ipfs_enable setting ----------------------------------- 657.It Va ipfs_enable 658.Pq Vt bool 659Set to 660.Dq Li NO 661by default. 662Set it to 663.Dq Li YES 664to enable 665.Xr ipfs 8 666saving the filter and NAT state tables during shutdown 667and reloading them during startup again. 668Setting this variable needs setting 669.Va ipfilter_enable 670or 671.Va ipnat_enable 672to 673.Dq Li YES 674too. 675See 676.Va ipfilter_enable 677for a detailed discussion. 678Note that if 679.Va kern_securelevel 680is set to 3, 681.Va ipfs_enable 682cannot be used 683because the raised securelevel will prevent 684.Xr ipfs 8 685from saving the state tables at shutdown time. 686.\" ----- ipfs_program setting ---------------------------------- 687.It Va ipfs_program 688.Pq Vt str 689Path to 690.Xr ipfs 8 691(default 692.Pa /sbin/ipfs ) . 693.\" ----- ipfs_flags setting ------------------------------------ 694.It Va ipfs_flags 695.Pq Vt str 696Empty by default. 697This variable contains flags passed to the 698.Xr ipfs 8 699program. 700.\" ----- end of added ipf hook --------------------------------- 701.It Va pf_enable 702.Pq Vt bool 703Set to 704.Dq Li NO 705by default. 706Setting this to 707.Dq Li YES 708enables 709.Xr pf 4 710packet filtering. 711.Pp 712Typical usage will require putting 713.Pp 714.Dl pf_enable="YES" 715.Pp 716into 717.Pa /etc/rc.conf 718and editing 719.Pa /etc/pf.conf 720appropriately. 721.Pp 722.Dl "device pf" 723.Pp 724builds 725.Xr pf 4 726into the kernel. 727Otherwise it is loaded from a module. 728.It Va pf_rules 729.Pq Vt str 730Path to 731.Xr pf 4 732ruleset configuration file 733(default 734.Pa /etc/pf.conf ) . 735.It Va pf_program 736.Pq Vt str 737Path to 738.Xr pfctl 8 739(default 740.Pa /sbin/pfctl ) . 741.It Va pf_flags 742.Pq Vt str 743If 744.Va pf_enable 745is set to 746.Dq Li YES , 747these flags are passed to the 748.Xr pfctl 8 749program when loading the ruleset. 750.It Va pflog_enable 751.Pq Vt bool 752Set to 753.Dq Li NO 754by default. 755Setting this to 756.Dq Li YES 757enables 758.Xr pflogd 8 759which logs packets from the 760.Xr pf 4 761packet filter. 762.It Va pflog_logfile 763.Pq Vt str 764If 765.Va pflog_enable 766is set to 767.Dq Li YES 768this controls where 769.Xr pflogd 8 770stores the logfile 771(default 772.Pa /var/log/pflog ) . 773Check 774.Pa /etc/newsyslog.conf 775to adjust logfile rotation for this. 776.It Va pflog_program 777.Pq Vt str 778Path to 779.Xr pflogd 8 780(default 781.Pa /sbin/pflogd ) . 782.It Va pflog_flags 783.Pq Vt str 784Empty by default. 785This variable contains additional flags passed to the 786.Xr pflogd 8 787program. 788.It Va pfsync_enable 789.Pq Vt bool 790Set to 791.Dq Li NO 792by default. 793Setting this to 794.Dq Li YES 795enables exposing 796.Xr pf 4 797state changes to other hosts over the network by means of 798.Xr pfsync 4 . 799The 800.Va pfsync_syncdev 801variable 802must also be set then. 803.It Va pfsync_syncdev 804.Pq Vt str 805Empty by default. 806This variable specifies the name of the network interface 807.Xr pfsync 4 808should operate through. 809It must be set accordingly if 810.Va pfsync_enable 811is set to 812.Dq Li YES . 813.It Va pfsync_ifconfig 814.Pq Vt str 815Empty by default. 816This variable can contain additional options to be passed to the 817.Xr ifconfig 8 818command used to set up 819.Xr pfsync 4 . 820.It Va tcp_extensions 821.Pq Vt bool 822Set to 823.Dq Li YES 824by default. 825Setting this to 826.Dq Li NO 827disables certain TCP options as described by 828.Rs 829.%T "RFC 1323" 830.Re 831Setting this to 832.Dq Li NO 833might help remedy such problems with connections as randomly hanging 834or other weird behavior. 835Some network devices are known 836to be broken with respect to these options. 837.It Va log_in_vain 838.Pq Vt int 839Set to 0 by default. 840The 841.Xr sysctl 8 842variables, 843.Va net.inet.tcp.log_in_vain 844and 845.Va net.inet.udp.log_in_vain , 846as described in 847.Xr tcp 4 848and 849.Xr udp 4 , 850are set to the given value. 851.It Va tcp_keepalive 852.Pq Vt bool 853Set to 854.Dq Li YES 855by default. 856Setting to 857.Dq Li NO 858will disable probing idle TCP connections to verify that the 859peer is still up and reachable. 860.It Va tcp_drop_synfin 861.Pq Vt bool 862Set to 863.Dq Li NO 864by default. 865Setting to 866.Dq Li YES 867will cause the kernel to ignore TCP frames that have both 868the SYN and FIN flags set. 869This prevents OS fingerprinting, but may 870break some legitimate applications. 871This option is only available if the 872kernel was built with the 873.Dv TCP_DROP_SYNFIN 874option. 875.It Va icmp_drop_redirect 876.Pq Vt bool 877Set to 878.Dq Li NO 879by default. 880Setting to 881.Dq Li YES 882will cause the kernel to ignore ICMP REDIRECT packets. 883Refer to 884.Xr icmp 4 885for more information. 886.It Va icmp_log_redirect 887.Pq Vt bool 888Set to 889.Dq Li NO 890by default. 891Setting to 892.Dq Li YES 893will cause the kernel to log ICMP REDIRECT packets. 894Note that 895the log messages are not rate-limited, so this option should only be used 896for troubleshooting networks. 897Refer to 898.Xr icmp 4 899for more information. 900.It Va icmp_bmcastecho 901.Pq Vt bool 902Set to 903.Dq Li YES 904to respond to broadcast or multicast ICMP ping packets. 905Refer to 906.Xr icmp 4 907for more information. 908.It Va ip_portrange_first 909.Pq Vt int 910If not set to 911.Dq Li NO , 912this is the first port in the default portrange. 913Refer to 914.Xr ip 4 915for more information. 916.It Va ip_portrange_last 917.Pq Vt int 918If not set to 919.Dq Li NO , 920this is the last port in the default portrange. 921Refer to 922.Xr ip 4 923for more information. 924.It Va network_interfaces 925.Pq Vt str 926Set to the list of network interfaces to configure on this host or 927.Dq Li "AUTO" 928(the default) for all current interfaces. 929For example, if the only active network devices in the system 930are the loopback device 931.Pq Li lo0 932and a NIC using the 933.Xr ed 4 934driver, 935this could be set to 936.Dq Li "lo0 ed0" . 937.Pp 938An 939.Va ifconfig_ Ns Aq Ar interface 940variable is also assumed to exist for each value of 941.Ar interface . 942The variable can contain arguments to 943.Xr ifconfig 8 , 944as well as special case-insensitive keywords described below. 945Such keywords are removed before passing the value to 946.Xr ifconfig 8 947while the order of the other arguments is preserved. 948.Pp 949It is also possible to add IP alias entries here in cases where 950multiple IP addresses registered against a single interface 951are desired. 952Assuming that the interface in question was 953.Li ed0 , 954it might look 955something like this: 956.Bd -literal 957ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 958ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 959.Ed 960.Pp 961And so on. 962For each 963.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 964entry that is found, 965its contents are passed to 966.Xr ifconfig 8 . 967Execution stops at the first unsuccessful access, so if 968something like this is present: 969.Bd -literal 970ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 971ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 972ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 973ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 974.Ed 975.Pp 976Then note that alias4 would 977.Em not 978be added since the search would 979stop with the missing 980.Dq Li alias3 981entry. 982.Pp 983If the 984.Pa /etc/start_if. Ns Aq Ar interface 985file is present, it is read and executed by the 986.Xr sh 1 987interpreter 988before configuring the interface as specified in the 989.Va ifconfig_ Ns Aq Ar interface 990and 991.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 992variables. 993.Pp 994If the 995.Va ifconfig_ Ns Aq Ar interface 996contains the keyword 997.Dq Li "NOAUTO" 998then the interface will not be configured 999at boot or by 1000.Pa /etc/pccard_ether 1001when 1002.Va network_interfaces 1003is set to 1004.Dq Li "AUTO" . 1005.Pp 1006It is possible to bring up an interface with DHCP by adding 1007.Dq Li DHCP 1008to the 1009.Va ifconfig_ Ns Aq Ar interface 1010variable. 1011For instance, to initialize the 1012.Li ed0 1013device via DHCP, 1014it is possible to use something like: 1015.Bd -literal 1016ifconfig_ed0="DHCP" 1017.Ed 1018.Pp 1019Also, if your interface needs WPA authentication, it is possible to add 1020.Dq Li WPA 1021to the 1022.Va ifconfig_ Ns Aq Ar interface 1023variable. 1024.Pp 1025Finally, you can add 1026.Xr ifconfig 8 1027options in this variable, in addition to the 1028.Pa /etc/start_if. Ns Aq Ar interface 1029file. 1030For instance, to initialize the 1031.Li wi0 1032device via DHCP, using WPA authentication and 802.11b mode, it is 1033possible to use something like: 1034.Bd -literal 1035ifconfig_wi0="DHCP WPA mode 11b" 1036.Ed 1037.Pp 1038In addition to the 1039.Va ifconfig_ Ns Aq Ar interface 1040form, a fallback variable 1041.Va ifconfig_DEFAULT 1042may be configured. 1043It will be used for all interfaces with no 1044.Va ifconfig_ Ns Aq Ar interface 1045variable. 1046This is intended to replace the no longer supported 1047.Va pccard_ifconfig 1048variable. 1049.Pp 1050It is also possible to rename interface by doing: 1051.Bd -literal 1052ifconfig_ed0_name="net0" 1053ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 1054.Ed 1055.It Va ipv6_network_interfaces 1056.Pq Vt str 1057This is the IPv6 equivalent of 1058.Va network_interfaces . 1059Instead of setting the ifconfig variables as 1060.Va ifconfig_ Ns Aq Ar interface 1061they should be set as 1062.Va ipv6_ifconfig_ Ns Aq Ar interface . 1063Aliases should be set as 1064.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 1065.Va ipv6_prefix_ Ns Aq Ar interface 1066does something. 1067Interfaces that do not have a 1068.Va ipv6_ifconfig_ Ns Aq Ar interface 1069setting will be auto configured by 1070.Xr rtsol 8 1071if the 1072.Va ipv6_gateway_enable 1073is set to 1074.Dq Li NO . 1075Note that the IPv6 networking code does not support the 1076.Pa /etc/start_if. Ns Aq Ar interface 1077files. 1078.It Va ipv6_default_interface 1079.Pq Vt str 1080If not set to 1081.Dq Li NO , 1082this is the default output interface for scoped addresses. 1083Now this works only for IPv6 link local multicast addresses. 1084.It Va cloned_interfaces 1085.Pq Vt str 1086Set to the list of clonable network interfaces to create on this host. 1087Entries in 1088.Va cloned_interfaces 1089are automatically appended to 1090.Va network_interfaces 1091for configuration. 1092.It Va gif_interfaces 1093.Pq Vt str 1094Set to the list of 1095.Xr gif 4 1096tunnel interfaces to configure on this host. 1097A 1098.Va gifconfig_ Ns Aq Ar interface 1099variable is assumed to exist for each value of 1100.Ar interface . 1101The value of this variable is used to configure the link layer of the 1102tunnel according to the syntax of the 1103.Cm tunnel 1104option to 1105.Xr ifconfig 8 . 1106Additionally, this option ensures that each listed interface is created 1107via the 1108.Cm create 1109option to 1110.Xr ifconfig 8 1111before attempting to configure it. 1112.It Va sppp_interfaces 1113.Pq Vt str 1114Set to the list of 1115.Xr sppp 4 1116interfaces to configure on this host. 1117A 1118.Va spppconfig_ Ns Aq Ar interface 1119variable is assumed to exist for each value of 1120.Ar interface . 1121Each interface should also be configured by a general 1122.Va ifconfig_ Ns Aq Ar interface 1123setting. 1124Refer to 1125.Xr spppcontrol 8 1126for more information about available options. 1127.It Va ppp_enable 1128.Pq Vt bool 1129If set to 1130.Dq Li YES , 1131run the 1132.Xr ppp 8 1133daemon. 1134.It Va ppp_mode 1135.Pq Vt str 1136Mode in which to run the 1137.Xr ppp 8 1138daemon. 1139Accepted modes are 1140.Dq Li auto , 1141.Dq Li ddial , 1142.Dq Li direct 1143and 1144.Dq Li dedicated . 1145See the manual for a full description. 1146.It Va ppp_nat 1147.Pq Vt bool 1148If set to 1149.Dq Li YES , 1150enables network address translation. 1151Used in conjunction with 1152.Va gateway_enable 1153allows hosts on private network addresses access to the Internet using 1154this host as a network address translating router. 1155.It Va ppp_profile 1156.Pq Vt str 1157The name of the profile to use from 1158.Pa /etc/ppp/ppp.conf . 1159.It Va ppp_user 1160.Pq Vt str 1161The name of the user under which 1162.Xr ppp 8 1163should be started. 1164By 1165default, 1166.Xr ppp 8 1167is started as 1168.Dq Li root . 1169.It Va rc_conf_files 1170.Pq Vt str 1171This option is used to specify a list of files that will override 1172the settings in 1173.Pa /etc/defaults/rc.conf . 1174The files will be read in the order in which they are specified and should 1175include the full path to the file. 1176By default, the files specified are 1177.Pa /etc/rc.conf 1178and 1179.Pa /etc/rc.conf.local 1180.It Va gbde_autoattach_all 1181.Pq Vt bool 1182If set to 1183.Dq Li YES , 1184.Pa /etc/rc.d/gbde 1185will attempt to automatically initialize your .bde devices in 1186.Pa /etc/fstab . 1187.It Va gbde_devices 1188.Pq Vt str 1189List the devices that the script should try to attach, 1190or 1191.Dq Li AUTO . 1192.It Va gbde_lockdir 1193.Pq Vt str 1194The directory where the 1195.Xr gbde 4 1196lockfiles are located. 1197The default lockfile directory is 1198.Pa /etc . 1199.Pp 1200The lockfile for each individual 1201.Xr gbde 4 1202device can be overridden by setting the variable 1203.Va gbde_lock_ Ns Aq Ar device , 1204where 1205.Ar device 1206is the encrypted device without the 1207.Dq Pa /dev/ 1208and 1209.Dq Pa .bde 1210parts. 1211.It Va gbde_attach_attempts 1212.Pq Vt int 1213Number of times to attempt attaching to a 1214.Xr gbde 4 1215device, i.e., how many times the user is asked for the pass-phrase. 1216Default is 3. 1217.It Va geli_devices 1218.Pq Vt str 1219List of devices to automatically attach on boot. 1220Note that .eli devices from 1221.Pa /etc/fstab 1222are automatically appended to this list. 1223.It Va geli_tries 1224.Pq Vt int 1225Number of times user is asked for the pass-phrase. 1226If empty, it will be taken from 1227.Va kern.geom.eli.tries 1228sysctl variable. 1229.It Va geli_default_flags 1230.Pq Vt str 1231Default flags to use by 1232.Xr geli 8 1233when configuring disk encryption. 1234Flags can be configured for every device separately by defining 1235.Va geli_<device>_flags 1236variable. 1237.It Va geli_autodetach 1238.Pq Vt str 1239Specifies if GELI devices should be marked for detach on last close after 1240file systems are mounted. 1241Default is 1242.Dq Li YES . 1243This can be changed for every device separately by defining 1244.Va geli_<device>_autodetach 1245variable. 1246.It Va geli_swap_flags 1247Options passed to the 1248.Xr geli 8 1249utility when encrypted GEOM providers for swap partitions are created. 1250The default is 1251.Dq Li -a aes -l 256 -s 4096 -d . 1252.It Va root_rw_mount 1253.Pq Vt bool 1254Set to 1255.Dq Li YES 1256by default. 1257After the file systems are checked at boot time, the root file system 1258is remounted as read-write if this is set to 1259.Dq Li YES . 1260Diskless systems that mount their root file system from a read-only remote 1261NFS share should set this to 1262.Dq Li NO 1263in their 1264.Pa rc.conf . 1265.It Va fsck_y_enable 1266.Pq Vt bool 1267If set to 1268.Dq Li YES , 1269.Xr fsck 8 1270will be run with the 1271.Fl y 1272flag if the initial preen 1273of the file systems fails. 1274.It Va background_fsck 1275.Pq Vt bool 1276If set to 1277.Dq Li YES , 1278the system will attempt to run 1279.Xr fsck 8 1280in the background where possible. 1281.It Va background_fsck_delay 1282.Pq Vt int 1283The amount of time in seconds to sleep before starting a background 1284.Xr fsck 8 . 1285It defaults to sixty seconds to allow large applications such as 1286the X server to start before disk I/O bandwidth is monopolized by 1287.Xr fsck 8 . 1288.It Va netfs_types 1289.Pq Vt str 1290List of file system types that are network-based. 1291This list should generally not be modified by end users. 1292Use 1293.Va extra_netfs_types 1294instead. 1295.It Va extra_netfs_types 1296.Pq Vt str 1297If set to something other than 1298.Dq Li NO 1299(the default), 1300this variable extends the list of file system types 1301for which automatic mounting at startup by 1302.Xr rc 8 1303should be delayed until the network is initialized. 1304It should contain 1305a whitespace-separated list of network file system descriptor pairs, 1306each consisting of a file system type as passed to 1307.Xr mount 8 1308and a human-readable, one-word description, 1309joined with a colon 1310.Pq Ql \&: . 1311Extending the default list in this way is only necessary 1312when third party file system types are used. 1313.It Va syslogd_enable 1314.Pq Vt bool 1315If set to 1316.Dq Li YES , 1317run the 1318.Xr syslogd 8 1319daemon. 1320.It Va syslogd_program 1321.Pq Vt str 1322Path to 1323.Xr syslogd 8 1324(default 1325.Pa /usr/sbin/syslogd ) . 1326.It Va syslogd_flags 1327.Pq Vt str 1328If 1329.Va syslogd_enable 1330is set to 1331.Dq Li YES , 1332these are the flags to pass to 1333.Xr syslogd 8 . 1334.It Va inetd_enable 1335.Pq Vt bool 1336If set to 1337.Dq Li YES , 1338run the 1339.Xr inetd 8 1340daemon. 1341.It Va inetd_program 1342.Pq Vt str 1343Path to 1344.Xr inetd 8 1345(default 1346.Pa /usr/sbin/inetd ) . 1347.It Va inetd_flags 1348.Pq Vt str 1349If 1350.Va inetd_enable 1351is set to 1352.Dq Li YES , 1353these are the flags to pass to 1354.Xr inetd 8 . 1355.It Va named_enable 1356.Pq Vt bool 1357If set to 1358.Dq Li YES , 1359run the 1360.Xr named 8 1361daemon. 1362.It Va named_program 1363.Pq Vt str 1364Path to 1365.Xr named 8 1366(default 1367.Pa /usr/sbin/named ) . 1368.It Va named_flags 1369.Pq Vt str 1370If 1371.Va named_enable 1372is set to 1373.Dq Li YES , 1374these are the flags to pass to 1375.Xr named 8 . 1376.It Va named_pidfile 1377.Pq Vt str 1378This is the default path to the 1379.Xr named 8 1380daemon's PID file. 1381Change it if you change the location in 1382.Xr named.conf 5 . 1383.It Va named_chrootdir 1384.Pq Vt str 1385The root directory for a name server run in a 1386.Xr chroot 8 1387environment (default 1388.Pa /var/named ) . 1389If left empty 1390.Xr named 8 1391will not be run in a 1392.Xr chroot 8 1393environment. 1394.It Va named_chroot_autoupdate 1395.Pq Vt bool 1396Set to 1397.Dq Li NO 1398to disable automatic update of the 1399.Xr chroot 8 1400environment. 1401.It Va named_symlink_enable 1402.Pq Vt bool 1403Set to 1404.Dq Li NO 1405to disable symlinking of 1406daemon's PID file 1407into the 1408.Xr chroot 8 1409environment. 1410.It Va kerberos5_server_enable 1411.Pq Vt bool 1412Set to 1413.Dq Li YES 1414to start a Kerberos 5 authentication server 1415at boot time. 1416.It Va kerberos5_server 1417.Pq Vt str 1418If 1419.Va kerberos5_server_enable 1420is set to 1421.Dq Li YES 1422this is the path to Kerberos 5 Authentication Server. 1423.It Va kerberos5_server_flags 1424.Pq Vt str 1425Empty by default. 1426This variable contains additional flags to be passed to the Kerberos 5 1427authentication server. 1428.It Va kadmind5_server_enable 1429.Pq Vt bool 1430Set to 1431.Dq Li YES 1432to start 1433.Xr kadmind 8 , 1434the Kerberos 5 Administration Daemon; set to 1435.Dq Li NO 1436on a slave server. 1437.It Va kadmind5_server 1438.Pq Vt str 1439If 1440.Va kadmind5_server_enable 1441is set to 1442.Dq Li YES 1443this is the path to Kerberos 5 Administration Daemon. 1444.It Va kpasswdd_server_enable 1445.Pq Vt bool 1446Set to 1447.Dq Li YES 1448to start 1449.Xr kpasswdd 8 , 1450the Kerberos 5 Password-Changing Daemon; set to 1451.Dq Li NO 1452on a slave server. 1453.It Va kpasswdd_server 1454.Pq Vt str 1455If 1456.Va kpasswdd_server_enable 1457is set to 1458.Dq Li YES 1459this is the path to Kerberos 5 Password-Changing Daemon. 1460.It Va rwhod_enable 1461.Pq Vt bool 1462If set to 1463.Dq Li YES , 1464run the 1465.Xr rwhod 8 1466daemon at boot time. 1467.It Va rwhod_flags 1468.Pq Vt str 1469If 1470.Va rwhod_enable 1471is set to 1472.Dq Li YES , 1473these are the flags to pass to it. 1474.It Va amd_enable 1475.Pq Vt bool 1476If set to 1477.Dq Li YES , 1478run the 1479.Xr amd 8 1480daemon at boot time. 1481.It Va amd_flags 1482.Pq Vt str 1483If 1484.Va amd_enable 1485is set to 1486.Dq Li YES , 1487these are the flags to pass to it. 1488See the 1489.Xr amd 8 1490manpage for more information. 1491.It Va amd_map_program 1492.Pq Vt str 1493If set, 1494the specified program is run to get the list of 1495.Xr amd 8 1496maps. 1497For example, if the 1498.Xr amd 8 1499maps are stored in NIS, one can set this to 1500run 1501.Xr ypcat 1 1502to get a list of 1503.Xr amd 8 1504maps from the 1505.Pa amd.master 1506NIS map. 1507.It Va update_motd 1508.Pq Vt bool 1509If set to 1510.Dq Li YES , 1511.Pa /etc/motd 1512will be updated at boot time to reflect the kernel release 1513being run. 1514If set to 1515.Dq Li NO , 1516.Pa /etc/motd 1517will not be updated. 1518.It Va nfs_client_enable 1519.Pq Vt bool 1520If set to 1521.Dq Li YES , 1522run the NFS client daemons at boot time. 1523.It Va nfs_access_cache 1524.Pq Vt int 1525If 1526.Va nfs_client_enable 1527is set to 1528.Dq Li YES , 1529this can be set to 1530.Dq Li 0 1531to disable NFS ACCESS RPC caching, or to the number of seconds for which 1532NFS ACCESS 1533results should be cached. 1534A value of 2-10 seconds will substantially reduce network 1535traffic for many NFS operations. 1536.It Va nfs_server_enable 1537.Pq Vt bool 1538If set to 1539.Dq Li YES , 1540run the NFS server daemons at boot time. 1541.It Va nfs_server_flags 1542.Pq Vt str 1543If 1544.Va nfs_server_enable 1545is set to 1546.Dq Li YES , 1547these are the flags to pass to the 1548.Xr nfsd 8 1549daemon. 1550.It Va mountd_enable 1551.Pq Vt bool 1552If set to 1553.Dq Li YES , 1554and no 1555.Va nfs_server_enable 1556is set, start 1557.Xr mountd 8 , 1558but not 1559.Xr nfsd 8 1560daemon. 1561It is commonly needed to run CFS without real NFS used. 1562.It Va mountd_flags 1563.Pq Vt str 1564If 1565.Va mountd_enable 1566is set to 1567.Dq Li YES , 1568these are the flags to pass to the 1569.Xr mountd 8 1570daemon. 1571.It Va weak_mountd_authentication 1572.Pq Vt bool 1573If set to 1574.Dq Li YES , 1575allow services like PCNFSD to make non-privileged mount 1576requests. 1577.It Va nfs_reserved_port_only 1578.Pq Vt bool 1579If set to 1580.Dq Li YES , 1581provide NFS services only on a secure port. 1582.It Va nfs_bufpackets 1583.Pq Vt int 1584If set to a number, indicates the number of packets worth of 1585socket buffer space to reserve on an NFS client. 1586The kernel default is typically 4. 1587Using a higher number may be 1588useful on gigabit networks to improve performance. 1589The minimum value is 15902 and the maximum is 64. 1591.It Va rpc_lockd_enable 1592.Pq Vt bool 1593If set to 1594.Dq Li YES 1595and also an NFS server, run 1596.Xr rpc.lockd 8 1597at boot time. 1598.It Va rpc_statd_enable 1599.Pq Vt bool 1600If set to 1601.Dq Li YES 1602and also an NFS server, run 1603.Xr rpc.statd 8 1604at boot time. 1605.It Va rpcbind_program 1606.Pq Vt str 1607Path to 1608.Xr rpcbind 8 1609(default 1610.Pa /usr/sbin/rpcbind ) . 1611.It Va rpcbind_enable 1612.Pq Vt bool 1613If set to 1614.Dq Li YES , 1615run the 1616.Xr rpcbind 8 1617service at boot time. 1618.It Va rpcbind_flags 1619.Pq Vt str 1620If 1621.Va rpcbind_enable 1622is set to 1623.Dq Li YES , 1624these are the flags to pass to the 1625.Xr rpcbind 8 1626daemon. 1627.It Va keyserv_enable 1628.Pq Vt bool 1629If set to 1630.Dq Li YES , 1631run the 1632.Xr keyserv 8 1633daemon on boot for running Secure RPC. 1634.It Va keyserv_flags 1635.Pq Vt str 1636If 1637.Va keyserv_enable 1638is set to 1639.Dq Li YES , 1640these are the flags to pass to 1641.Xr keyserv 8 1642daemon. 1643.It Va pppoed_enable 1644.Pq Vt bool 1645If set to 1646.Dq Li YES , 1647run the 1648.Xr pppoed 8 1649daemon at boot time to provide PPP over Ethernet services. 1650.It Va pppoed_ Ns Ar provider 1651.Pq Vt str 1652.Xr pppoed 8 1653listens to requests to this 1654.Ar provider 1655and ultimately runs 1656.Xr ppp 8 1657with a 1658.Ar system 1659argument of the same name. 1660.It Va pppoed_flags 1661.Pq Vt str 1662Additional flags to pass to 1663.Xr pppoed 8 . 1664.It Va pppoed_interface 1665.Pq Vt str 1666The network interface to run 1667.Xr pppoed 8 1668on. 1669This is mandatory when 1670.Va pppoed_enable 1671is set to 1672.Dq Li YES . 1673.It Va timed_enable 1674.Pq Vt bool 1675If set to 1676.Dq Li YES , 1677run the 1678.Xr timed 8 1679service at boot time. 1680This command is intended for networks of 1681machines where a consistent 1682.Dq "network time" 1683for all hosts must be established. 1684This is often useful in large NFS 1685environments where time stamps on files are expected to be consistent 1686network-wide. 1687.It Va timed_flags 1688.Pq Vt str 1689If 1690.Va timed_enable 1691is set to 1692.Dq Li YES , 1693these are the flags to pass to the 1694.Xr timed 8 1695service. 1696.It Va ntpdate_enable 1697.Pq Vt bool 1698If set to 1699.Dq Li YES , 1700run 1701.Xr ntpdate 8 1702at system startup. 1703This command is intended to 1704synchronize the system clock only 1705.Em once 1706from some standard reference. 1707An option to set this up initially 1708(from a list of known servers) is also provided by the 1709.Xr sysinstall 8 1710program when the system is first installed. 1711.It Va ntpdate_hosts 1712.Pq Vt str 1713A whitespace-separated list of NTP servers to synchronize with at startup. 1714The default is to use the servers listed in 1715.Pa /etc/ntp.conf , 1716if that file exists. 1717.It Va ntpdate_program 1718.Pq Vt str 1719Path to 1720.Xr ntpdate 8 1721(default 1722.Pa /usr/sbin/ntpdate ) . 1723.It Va ntpdate_flags 1724.Pq Vt str 1725If 1726.Va ntpdate_enable 1727is set to 1728.Dq Li YES , 1729these are the flags to pass to the 1730.Xr ntpdate 8 1731command (typically a hostname). 1732.It Va ntpd_enable 1733.Pq Vt bool 1734If set to 1735.Dq Li YES , 1736run the 1737.Xr ntpd 8 1738command at boot time. 1739.It Va ntpd_program 1740.Pq Vt str 1741Path to 1742.Xr ntpd 8 1743(default 1744.Pa /usr/sbin/ntpd ) . 1745.It Va ntpd_flags 1746.Pq Vt str 1747If 1748.Va ntpd_enable 1749is set to 1750.Dq Li YES , 1751these are the flags to pass to the 1752.Xr ntpd 8 1753daemon. 1754.It Va ntpd_sync_on_start 1755.Pq Vt bool 1756If set to 1757.Dq Li YES , 1758.Xr ntpd 8 1759is run with the 1760.Fl g 1761flag, which syncs the system's clock on startup. 1762See 1763.Xr ntpd 8 1764for more information regarding the 1765.Fl g 1766option. 1767This is a preferred alternative to using 1768.Xr ntpdate 8 1769or specifying the 1770.Va ntpdate_enable 1771variable. 1772.It Va nis_client_enable 1773.Pq Vt bool 1774If set to 1775.Dq Li YES , 1776run the 1777.Xr ypbind 8 1778service at system boot time. 1779.It Va nis_client_flags 1780.Pq Vt str 1781If 1782.Va nis_client_enable 1783is set to 1784.Dq Li YES , 1785these are the flags to pass to the 1786.Xr ypbind 8 1787service. 1788.It Va nis_ypset_enable 1789.Pq Vt bool 1790If set to 1791.Dq Li YES , 1792run the 1793.Xr ypset 8 1794daemon at system boot time. 1795.It Va nis_ypset_flags 1796.Pq Vt str 1797If 1798.Va nis_ypset_enable 1799is set to 1800.Dq Li YES , 1801these are the flags to pass to the 1802.Xr ypset 8 1803daemon. 1804.It Va nis_server_enable 1805.Pq Vt bool 1806If set to 1807.Dq Li YES , 1808run the 1809.Xr ypserv 8 1810daemon at system boot time. 1811.It Va nis_server_flags 1812.Pq Vt str 1813If 1814.Va nis_server_enable 1815is set to 1816.Dq Li YES , 1817these are the flags to pass to the 1818.Xr ypserv 8 1819daemon. 1820.It Va nis_ypxfrd_enable 1821.Pq Vt bool 1822If set to 1823.Dq Li YES , 1824run the 1825.Xr rpc.ypxfrd 8 1826daemon at system boot time. 1827.It Va nis_ypxfrd_flags 1828.Pq Vt str 1829If 1830.Va nis_ypxfrd_enable 1831is set to 1832.Dq Li YES , 1833these are the flags to pass to the 1834.Xr rpc.ypxfrd 8 1835daemon. 1836.It Va nis_yppasswdd_enable 1837.Pq Vt bool 1838If set to 1839.Dq Li YES , 1840run the 1841.Xr rpc.yppasswdd 8 1842daemon at system boot time. 1843.It Va nis_yppasswdd_flags 1844.Pq Vt str 1845If 1846.Va nis_yppasswdd_enable 1847is set to 1848.Dq Li YES , 1849these are the flags to pass to the 1850.Xr rpc.yppasswdd 8 1851daemon. 1852.It Va rpc_ypupdated_enable 1853.Pq Vt bool 1854If set to 1855.Dq Li YES , 1856run the 1857.Nm rpc.ypupdated 1858daemon at system boot time. 1859.It Va bsnmpd_enable 1860.Pq Vt bool 1861If set to 1862.Dq Li YES , 1863run the 1864.Xr bsnmpd 1 1865daemon at system boot time. 1866Be sure to understand the security implications of running SNMP daemon 1867on your host. 1868.It Va bsnmpd_flags 1869.Pq Vt str 1870If 1871.Va bsnmpd_enable 1872is set to 1873.Dq Li YES , 1874these are the flags to pass to the 1875.Xr bsnmpd 1 1876daemon. 1877.It Va defaultrouter 1878.Pq Vt str 1879If not set to 1880.Dq Li NO , 1881create a default route to this host name or IP address 1882(use an IP address if this router is also required to get to the 1883name server!). 1884.It Va ipv6_defaultrouter 1885.Pq Vt str 1886The IPv6 equivalent of 1887.Va defaultrouter . 1888.It Va static_routes 1889.Pq Vt str 1890Set to the list of static routes that are to be added at system 1891boot time. 1892If not set to 1893.Dq Li NO 1894then for each whitespace separated 1895.Ar element 1896in the value, a 1897.Va route_ Ns Aq Ar element 1898variable is assumed to exist 1899whose contents will later be passed to a 1900.Dq Nm route Cm add 1901operation. 1902For example: 1903.Bd -literal 1904static_routes="mcast gif0local" 1905route_mcast="-net 224.0.0.0/4 -iface gif0" 1906route_gif0local="-host 169.254.1.1 -iface lo0" 1907.Ed 1908.It Va ipv6_static_routes 1909.Pq Vt str 1910The IPv6 equivalent of 1911.Va static_routes . 1912If not set to 1913.Dq Li NO 1914then for each whitespace separated 1915.Ar element 1916in the value, a 1917.Va ipv6_route_ Ns Aq Ar element 1918variable is assumed to exist 1919whose contents will later be passed to a 1920.Dq Nm route Cm add Fl inet6 1921operation. 1922.It Va natm_static_routes 1923.Pq Vt str 1924The 1925.Xr natmip 4 1926equivalent of 1927.Va static_routes . 1928If not empty then for each whitespace separated 1929.Ar element 1930in the value, a 1931.Va route_ Ns Aq Ar element 1932variable is assumed to exist whose contents will later be passed to a 1933.Dq Nm atmconfig Cm natm Cm add 1934operation. 1935.It Va gateway_enable 1936.Pq Vt bool 1937If set to 1938.Dq Li YES , 1939configure host to act as an IP router, e.g.\& to forward packets 1940between interfaces. 1941.It Va ipv6_gateway_enable 1942.Pq Vt bool 1943The IPv6 equivalent of 1944.Va gateway_enable . 1945.It Va router_enable 1946.Pq Vt bool 1947If set to 1948.Dq Li YES , 1949run a routing daemon of some sort, based on the 1950settings of 1951.Va router 1952and 1953.Va router_flags . 1954.It Va ipv6_router_enable 1955.Pq Vt bool 1956The IPv6 equivalent of 1957.Va router_enable . 1958If set to 1959.Dq Li YES , 1960run a routing daemon of some sort, based on the 1961settings of 1962.Va ipv6_router 1963and 1964.Va ipv6_router_flags . 1965.It Va router 1966.Pq Vt str 1967If 1968.Va router_enable 1969is set to 1970.Dq Li YES , 1971this is the name of the routing daemon to use. 1972.It Va ipv6_router 1973.Pq Vt str 1974The IPv6 equivalent of 1975.Va router . 1976.It Va router_flags 1977.Pq Vt str 1978If 1979.Va router_enable 1980is set to 1981.Dq Li YES , 1982these are the flags to pass to the routing daemon. 1983.It Va ipv6_router_flags 1984.Pq Vt str 1985The IPv6 equivalent of 1986.Va router_flags . 1987.It Va mrouted_enable 1988.Pq Vt bool 1989If set to 1990.Dq Li YES , 1991run the multicast routing daemon, 1992.Xr mrouted 8 . 1993.It Va mroute6d_enable 1994.Pq Vt bool 1995The IPv6 equivalent of 1996.Va mrouted_enable . 1997If set to 1998.Dq Li YES , 1999run the IPv6 multicast routing daemon. 2000Note that no IPv6 multicast routing daemon is included in the 2001.Fx 2002base system but 2003.Xr pim6dd 8 2004can be installed from the 2005.Fx 2006Ports Collection. 2007.It Va mrouted_flags 2008.Pq Vt str 2009If 2010.Va mrouted_enable 2011is set to 2012.Dq Li YES , 2013these are the flags to pass to the 2014.Xr mrouted 8 2015daemon. 2016.It Va mroute6d_flags 2017.Pq Vt str 2018The IPv6 equivalent of 2019.Va mrouted_flags . 2020If 2021.Va mroute6d_enable 2022is set to 2023.Dq Li YES , 2024these are the flags passed to the IPv6 multicast routing daemon. 2025.It Va mroute6d_program 2026.Pq Vt str 2027If 2028.Va mroute6d_enable 2029is set to 2030.Dq Li YES , 2031this is the path to the IPv6 multicast routing daemon. 2032.It Va rtadvd_enable 2033.Pq Vt bool 2034If set to 2035.Dq Li YES , 2036run the 2037.Xr rtadvd 8 2038daemon at boot time. 2039.Xr rtadvd 8 2040will only run if 2041.Va ipv6_gateway_enable 2042is also set to 2043.Dq Li YES . 2044The 2045.Xr rtadvd 8 2046utility sends router advertisement packets to the interfaces specified in 2047.Va rtadvd_interfaces 2048and should only be enabled with great care. 2049You may want to fine-tune 2050.Xr rtadvd.conf 5 . 2051.It Va rtadvd_interfaces 2052.Pq Vt str 2053If 2054.Va rtadvd_enable 2055is set to 2056.Dq Li YES 2057this is the list of interfaces to use. 2058.It Va ipxgateway_enable 2059.Pq Vt bool 2060If set to 2061.Dq Li YES , 2062enable the routing of IPX traffic. 2063.It Va ipxrouted_enable 2064.Pq Vt bool 2065If set to 2066.Dq Li YES , 2067run the 2068.Xr IPXrouted 8 2069daemon at system boot time. 2070.It Va ipxrouted_flags 2071.Pq Vt str 2072If 2073.Va ipxrouted_enable 2074is set to 2075.Dq Li YES , 2076these are the flags to pass to the 2077.Xr IPXrouted 8 2078daemon. 2079.It Va arpproxy_all 2080.Pq Vt bool 2081If set to 2082.Dq Li YES , 2083enable global proxy ARP. 2084.It Va forward_sourceroute 2085.Pq Vt bool 2086If set to 2087.Dq Li YES 2088and 2089.Va gateway_enable 2090is also set to 2091.Dq Li YES , 2092source-routed packets are forwarded. 2093.It Va accept_sourceroute 2094.Pq Vt bool 2095If set to 2096.Dq Li YES , 2097the system will accept source-routed packets directed at it. 2098.It Va rarpd_enable 2099.Pq Vt bool 2100If set to 2101.Dq Li YES , 2102run the 2103.Xr rarpd 8 2104daemon at system boot time. 2105.It Va rarpd_flags 2106.Pq Vt str 2107If 2108.Va rarpd_enable 2109is set to 2110.Dq Li YES , 2111these are the flags to pass to the 2112.Xr rarpd 8 2113daemon. 2114.It Va bootparamd_enable 2115.Pq Vt bool 2116If set to 2117.Dq Li YES , 2118run the 2119.Xr bootparamd 8 2120daemon at system boot time. 2121.It Va bootparamd_flags 2122.Pq Vt str 2123If 2124.Va bootparamd_enable 2125is set to 2126.Dq Li YES , 2127these are the flags to pass to the 2128.Xr bootparamd 8 2129daemon. 2130.It Va stf_interface_ipv4addr 2131.Pq Vt str 2132If not set to 2133.Dq Li NO , 2134this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 2135interface). 2136Specify this entry to enable the 6to4 interface. 2137.It Va stf_interface_ipv4plen 2138.Pq Vt int 2139Prefix length for 6to4 IPv4 addresses, to limit peer address range. 2140An effective value is 0-31. 2141.It Va stf_interface_ipv6_ifid 2142.Pq Vt str 2143IPv6 interface ID for 2144.Xr stf 4 . 2145This can be set to 2146.Dq Li AUTO . 2147.It Va stf_interface_ipv6_slaid 2148.Pq Vt str 2149IPv6 Site Level Aggregator for 2150.Xr stf 4 . 2151.It Va ipv6_faith_prefix 2152.Pq Vt str 2153If not set to 2154.Dq Li NO , 2155this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 2156translator. 2157You also need 2158.Xr faithd 8 2159setup. 2160.It Va ipv6_ipv4mapping 2161.Pq Vt bool 2162If set to 2163.Dq Li YES 2164this enables IPv4 mapped IPv6 address communication (like 2165.Li ::ffff:a.b.c.d ) . 2166.It Va atm_enable 2167.Pq Vt bool 2168Set to 2169.Dq Li YES 2170to enable the configuration of ATM interfaces at system boot time. 2171For all of the ATM variables described below, please refer to the 2172.Xr atm 8 2173manual page for further details on the available command parameters. 2174Also refer to the files in 2175.Pa /usr/share/examples/atm 2176for more detailed configuration information. 2177.It Va atm_load 2178.Pq Vt str 2179This is a list of physical ATM interface drivers to load. 2180Typical values are 2181.Dq Li hfa_pci 2182and/or 2183.Dq Li hea_pci . 2184.It Va atm_netif_ Ns Aq Ar intf 2185.Pq Vt str 2186For the ATM physical interface 2187.Ar intf , 2188this variable defines the name prefix and count for the ATM network 2189interfaces to be created. 2190The value will be passed as the parameters of an 2191.Dq Nm atm Cm "set netif" Ar intf 2192command. 2193.It Va atm_sigmgr_ Ns Aq Ar intf 2194.Pq Vt str 2195For the ATM physical interface 2196.Ar intf , 2197this variable defines the ATM signalling manager to be used. 2198The value will be passed as the parameters of an 2199.Dq Nm atm Cm attach Ar intf 2200command. 2201.It Va atm_prefix_ Ns Aq Ar intf 2202.Pq Vt str 2203For the ATM physical interface 2204.Ar intf , 2205this variable defines the NSAP prefix for interfaces using a UNI signalling 2206manager. 2207If set to 2208.Dq Li ILMI , 2209the prefix will automatically be set via the 2210.Xr ilmid 8 2211daemon. 2212Otherwise, the value will be passed as the parameters of an 2213.Dq Nm atm Cm "set prefix" Ar intf 2214command. 2215.It Va atm_macaddr_ Ns Aq Ar intf 2216.Pq Vt str 2217For the ATM physical interface 2218.Ar intf , 2219this variable defines the MAC address for interfaces using a UNI signalling 2220manager. 2221If set to 2222.Dq Li NO , 2223the hardware MAC address contained in the ATM interface card will be used. 2224Otherwise, the value will be passed as the parameters of an 2225.Dq Nm atm Cm "set mac" Ar intf 2226command. 2227.It Va atm_arpserver_ Ns Aq Ar netif 2228.Pq Vt str 2229For the ATM network interface 2230.Ar netif , 2231this variable defines the ATM address for a host which is to provide ATMARP 2232service. 2233This variable is only applicable to interfaces using a UNI signalling 2234manager. 2235If set to 2236.Dq Li local , 2237this host will become an ATMARP server. 2238The value will be passed as the parameters of an 2239.Dq Nm atm Cm "set arpserver" Ar netif 2240command. 2241.It Va atm_scsparp_ Ns Aq Ar netif 2242.Pq Vt bool 2243If set to 2244.Dq Li YES , 2245SCSP/ATMARP service for the network interface 2246.Ar netif 2247will be initiated using the 2248.Xr scspd 8 2249and 2250.Xr atmarpd 8 2251daemons. 2252This variable is only applicable if 2253.Va atm_arpserver_ Ns Aq Ar netif 2254is set to 2255.Dq Li local . 2256.It Va atm_pvcs 2257.Pq Vt str 2258Set to the list of ATM PVCs to be added at system 2259boot time. 2260For each whitespace separated 2261.Ar element 2262in the value, an 2263.Va atm_pvc_ Ns Aq Ar element 2264variable is assumed to exist. 2265The value of each of these variables 2266will be passed as the parameters of an 2267.Dq Nm atm Cm "add pvc" 2268command. 2269.It Va atm_arps 2270.Pq Vt str 2271Set to the list of permanent ATM ARP entries to be added 2272at system boot time. 2273For each whitespace separated 2274.Ar element 2275in the value, an 2276.Va atm_arp_ Ns Aq Ar element 2277variable is assumed to exist. 2278The value of each of these variables 2279will be passed as the parameters of an 2280.Dq Nm atm Cm "add arp" 2281command. 2282.It Va natm_interfaces 2283.Pq Vt str 2284Set to the list of 2285.Xr natm 4 2286interfaces that will also be used for HARP through 2287.Xr harp 4 . 2288If this list is not empty all interfaces in the list will be brought up 2289with 2290.Xr ifconfig 8 2291and 2292.Xr harp 4 2293will be loaded. 2294For this to work the interface drivers must be either compiled into the 2295kernel or must reside on the root partition. 2296.It Va keybell 2297.Pq Vt str 2298The keyboard bell sound. 2299Set to 2300.Dq Li normal , 2301.Dq Li visual , 2302.Dq Li off , 2303or 2304.Dq Li NO 2305if the default behavior is desired. 2306For details, refer to the 2307.Xr kbdcontrol 1 2308manpage. 2309.It Va keyboard 2310.Pq Vt str 2311If set to a non-null string, the virtual console's keyboard input is 2312set to this device. 2313.It Va keymap 2314.Pq Vt str 2315If set to 2316.Dq Li NO , 2317no keymap is installed, otherwise the value is used to install 2318the keymap file in 2319.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2320.It Va keyrate 2321.Pq Vt str 2322The keyboard repeat speed. 2323Set to 2324.Dq Li slow , 2325.Dq Li normal , 2326.Dq Li fast , 2327or 2328.Dq Li NO 2329if the default behavior is desired. 2330.It Va keychange 2331.Pq Vt str 2332If not set to 2333.Dq Li NO , 2334attempt to program the function keys with the value. 2335The value should 2336be a single string of the form: 2337.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2338.It Va cursor 2339.Pq Vt str 2340Can be set to the value of 2341.Dq Li normal , 2342.Dq Li blink , 2343.Dq Li destructive , 2344or 2345.Dq Li NO 2346to set the cursor behavior explicitly or choose the default behavior. 2347.It Va scrnmap 2348.Pq Vt str 2349If set to 2350.Dq Li NO , 2351no screen map is installed, otherwise the value is used to install 2352the screen map file in 2353.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2354.It Va font8x16 2355.Pq Vt str 2356If set to 2357.Dq Li NO , 2358the default 8x16 font value is used for screen size requests, otherwise 2359the value in 2360.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2361is used. 2362.It Va font8x14 2363.Pq Vt str 2364If set to 2365.Dq Li NO , 2366the default 8x14 font value is used for screen size requests, otherwise 2367the value in 2368.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2369is used. 2370.It Va font8x8 2371.Pq Vt str 2372If set to 2373.Dq Li NO , 2374the default 8x8 font value is used for screen size requests, otherwise 2375the value in 2376.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2377is used. 2378.It Va blanktime 2379.Pq Vt int 2380If set to 2381.Dq Li NO , 2382the default screen blanking interval is used, otherwise it is set 2383to 2384.Ar value 2385seconds. 2386.It Va saver 2387.Pq Vt str 2388If not set to 2389.Dq Li NO , 2390this is the actual screen saver to use 2391.Li ( blank , snake , daemon , 2392etc). 2393.It Va moused_nondefault_enable 2394.Pq Vt str 2395If set to 2396.Dq Li NO , 2397the mouse device specified on 2398the command line is not automatically treated as enabled by the 2399.Pa /etc/rc.d/moused 2400script. 2401Having this variable set to 2402.Dq Li YES 2403allows a 2404.Xr usb 4 2405mouse, 2406for example, 2407to be enabled as soon as it is plugged in. 2408.It Va moused_enable 2409.Pq Vt str 2410If set to 2411.Dq Li YES , 2412the 2413.Xr moused 8 2414daemon is started for doing cut/paste selection on the console. 2415.It Va moused_type 2416.Pq Vt str 2417This is the protocol type of the mouse connected to this host. 2418This variable must be set if 2419.Va moused_enable 2420is set to 2421.Dq Li YES . 2422The 2423.Xr moused 8 2424daemon 2425is able to detect the appropriate mouse type automatically in many cases. 2426Set this variable to 2427.Dq Li auto 2428to let the daemon detect it, or 2429select one from the following list if the automatic detection fails. 2430.Pp 2431If the mouse is attached to the PS/2 mouse port, choose 2432.Dq Li auto 2433or 2434.Dq Li ps/2 , 2435regardless of the brand and model of the mouse. 2436Likewise, if the 2437mouse is attached to the bus mouse port, choose 2438.Dq Li auto 2439or 2440.Dq Li busmouse . 2441All other protocols are for serial mice and will not work with 2442the PS/2 and bus mice. 2443If this is a USB mouse, 2444.Dq Li auto 2445is the only protocol type which will work. 2446.Pp 2447.Bl -tag -width ".Li x10mouseremote" -compact 2448.It Li microsoft 2449Microsoft mouse (serial) 2450.It Li intellimouse 2451Microsoft IntelliMouse (serial) 2452.It Li mousesystems 2453Mouse systems Corp.\& mouse (serial) 2454.It Li mmseries 2455MM Series mouse (serial) 2456.It Li logitech 2457Logitech mouse (serial) 2458.It Li busmouse 2459A bus mouse 2460.It Li mouseman 2461Logitech MouseMan and TrackMan (serial) 2462.It Li glidepoint 2463ALPS GlidePoint (serial) 2464.It Li thinkingmouse 2465Kensington ThinkingMouse (serial) 2466.It Li ps/2 2467PS/2 mouse 2468.It Li mmhittab 2469MM HitTablet (serial) 2470.It Li x10mouseremote 2471X10 MouseRemote (serial) 2472.It Li versapad 2473Interlink VersaPad (serial) 2474.El 2475.Pp 2476Even if the mouse is not in the above list, it may be compatible 2477with one in the list. 2478Refer to the manual page for 2479.Xr moused 8 2480for compatibility information. 2481.Pp 2482It should also be noted that while this is enabled, any 2483other client of the mouse (such as an X server) should access 2484the mouse through the virtual mouse device, 2485.Pa /dev/sysmouse , 2486and configure it as a 2487.Dq Li sysmouse 2488type mouse, since all 2489mouse data is converted to this single canonical format when 2490using 2491.Xr moused 8 . 2492If the client program does not support the 2493.Dq Li sysmouse 2494type, 2495specify the 2496.Dq Li mousesystems 2497type. 2498It is the second preferred type. 2499.It Va moused_port 2500.Pq Vt str 2501If 2502.Va moused_enable 2503is set to 2504.Dq Li YES , 2505this is the actual port the mouse is on. 2506It might be 2507.Pa /dev/cuad0 2508for a COM1 serial mouse, 2509.Pa /dev/psm0 2510for a PS/2 mouse or 2511.Pa /dev/mse0 2512for a bus mouse, for example. 2513.It Va moused_flags 2514.Pq Vt str 2515If 2516.Va moused_type 2517is set, these are the additional flags to pass to the 2518.Xr moused 8 2519daemon. 2520.It Va mousechar_start 2521.Pq Vt int 2522If set to 2523.Dq Li NO , 2524the default mouse cursor character range 2525.Li 0xd0 Ns - Ns Li 0xd3 2526is used, 2527otherwise the range start is set 2528to 2529.Ar value 2530character, see 2531.Xr vidcontrol 1 . 2532Use if the default range is occupied in the language code table. 2533.It Va allscreens_flags 2534.Pq Vt str 2535If set, 2536.Xr vidcontrol 1 2537is run with these options for each of the virtual terminals 2538.Pq Pa /dev/ttyv* . 2539For example, 2540.Dq Fl m Cm on 2541will enable the mouse pointer on all virtual terminals 2542if 2543.Va moused_enable 2544is set to 2545.Dq Li YES . 2546.It Va allscreens_kbdflags 2547.Pq Vt str 2548If set, 2549.Xr kbdcontrol 1 2550is run with these options for each of the virtual terminals 2551.Pq Pa /dev/ttyv* . 2552For example, 2553.Dq Fl h Li 200 2554will set the 2555.Xr syscons 4 2556scrollback (history) buffer to 200 lines. 2557.It Va cron_enable 2558.Pq Vt bool 2559If set to 2560.Dq Li YES , 2561run the 2562.Xr cron 8 2563daemon at system boot time. 2564.It Va cron_program 2565.Pq Vt str 2566Path to 2567.Xr cron 8 2568(default 2569.Pa /usr/sbin/cron ) . 2570.It Va cron_flags 2571.Pq Vt str 2572If 2573.Va cron_enable 2574is set to 2575.Dq Li YES , 2576these are the flags to pass to 2577.Xr cron 8 . 2578.It Va cron_dst 2579.Pq Vt bool 2580If set to 2581.Dq Li YES , 2582enable the special handling of transitions to and from the 2583Daylight Saving Time in 2584.Xr cron 8 2585(equivalent to using the flag 2586.Fl s ) . 2587.It Va lpd_program 2588.Pq Vt str 2589Path to 2590.Xr lpd 8 2591(default 2592.Pa /usr/sbin/lpd ) . 2593.It Va lpd_enable 2594.Pq Vt bool 2595If set to 2596.Dq Li YES , 2597run the 2598.Xr lpd 8 2599daemon at system boot time. 2600.It Va lpd_flags 2601.Pq Vt str 2602If 2603.Va lpd_enable 2604is set to 2605.Dq Li YES , 2606these are the flags to pass to the 2607.Xr lpd 8 2608daemon. 2609.It Va chkprintcap_enable 2610.Pq Vt bool 2611If set to 2612.Dq Li YES , 2613run the 2614.Xr chkprintcap 8 2615command before starting the 2616.Xr lpd 8 2617daemon. 2618.It Va chkprintcap_flags 2619.Pq Vt str 2620If 2621.Va lpd_enable 2622and 2623.Va chkprintcap_enable 2624are set to 2625.Dq Li YES , 2626these are the flags to pass to the 2627.Xr chkprintcap 8 2628program. 2629The default is 2630.Dq Li -d , 2631which causes missing directories to be created. 2632.It Va mta_start_script 2633.Pq Vt str 2634This variable specifies the full path to the script to run to start 2635a mail transfer agent. 2636The default is 2637.Pa /etc/rc.sendmail . 2638The 2639.Va sendmail_* 2640variables which 2641.Pa /etc/rc.sendmail 2642uses are documented in the 2643.Xr rc.sendmail 8 2644manual page. 2645.It Va dumpdev 2646.Pq Vt str 2647Indicates the device (usually a swap partition) to which a crash dump 2648should be written in the event of a system crash. 2649If the value of this variable is 2650.Dq Li AUTO , 2651the first suitable swap device listed in 2652.Pa /etc/fstab 2653will be used as dump device. 2654Otherwise, the value of this variable is passed as the argument to 2655.Xr dumpon 8 . 2656To disable crash dumps, set this variable to 2657.Dq Li NO . 2658.It Va dumpdir 2659.Pq Vt str 2660When the system reboots after a crash and a crash dump is found on the 2661device specified by the 2662.Va dumpdev 2663variable, 2664.Xr savecore 8 2665will save that crash dump and a copy of the kernel to the directory 2666specified by the 2667.Va dumpdir 2668variable. 2669The default value is 2670.Pa /var/crash . 2671Set to 2672.Dq Li NO 2673to not run 2674.Xr savecore 8 2675at boot time when 2676.Va dumpdir 2677is set. 2678.It Va savecore_flags 2679.Pq Vt str 2680If crash dumps are enabled, these are the flags to pass to the 2681.Xr savecore 8 2682utility. 2683.It Va enable_quotas 2684.Pq Vt bool 2685Set to 2686.Dq Li YES 2687to turn on user disk quotas on system startup via the 2688.Xr quotaon 8 2689command. 2690.It Va check_quotas 2691.Pq Vt bool 2692Set to 2693.Dq Li YES 2694to enable user disk quota checking via the 2695.Xr quotacheck 8 2696command. 2697.It Va accounting_enable 2698.Pq Vt bool 2699Set to 2700.Dq Li YES 2701to enable system accounting through the 2702.Xr accton 8 2703facility. 2704.It Va ibcs2_enable 2705.Pq Vt bool 2706Set to 2707.Dq Li YES 2708to enable iBCS2 (SCO) binary emulation at system initial boot 2709time. 2710.It Va ibcs2_loaders 2711.Pq Vt str 2712If not set to 2713.Dq Li NO 2714and if 2715.Va ibcs2_enable 2716is set to 2717.Dq Li YES , 2718this specifies a list of additional iBCS2 loaders to enable. 2719.It Va linux_enable 2720.Pq Vt bool 2721Set to 2722.Dq Li YES 2723to enable Linux/ELF binary emulation at system initial 2724boot time. 2725.It Va osf1_enable 2726.Pq Vt bool 2727Set to 2728.Dq Li YES 2729to enable OSF/1 (Digital UNIX) binary emulation at system 2730initial boot time. 2731(alpha) 2732.It Va svr4_enable 2733.Pq Vt bool 2734If set to 2735.Dq Li YES , 2736enable SysVR4 emulation at boot time. 2737.It Va sysvipc_enable 2738.Pq Vt bool 2739If set to 2740.Dq Li YES , 2741load System V IPC primitives at boot time. 2742.It Va clear_tmp_enable 2743.Pq Vt bool 2744Set to 2745.Dq Li YES 2746to have 2747.Pa /tmp 2748cleaned at startup. 2749.It Va ldconfig_paths 2750.Pq Vt str 2751Set to the list of shared library paths to use with 2752.Xr ldconfig 8 . 2753NOTE: 2754.Pa /usr/lib 2755will always be added first, so it need not appear in this list. 2756.It Va ldconfig_paths_aout 2757.Pq Vt str 2758Set to the list of shared library paths to use with 2759.Xr ldconfig 8 2760legacy 2761.Xr a.out 5 2762support. 2763.It Va ldconfig_insecure 2764.Pq Vt bool 2765The 2766.Xr ldconfig 8 2767utility normally refuses to use directories 2768which are writable by anyone except root. 2769Set this variable to 2770.Dq Li YES 2771to disable that security check during system startup. 2772.It Va kern_securelevel_enable 2773.Pq Vt bool 2774Set to 2775.Dq Li YES 2776to set the kernel security level at system startup. 2777.It Va kern_securelevel 2778.Pq Vt int 2779The kernel security level to set at startup. 2780The allowed range of 2781.Ar value 2782ranges from \-1 (the compile time default) to 3 (the 2783most secure). 2784See 2785.Xr init 8 2786for the list of possible security levels and their effect 2787on system operation. 2788.It Va sshd_program 2789.Pq Vt str 2790Path to the SSH server program 2791.Pa ( /usr/sbin/sshd 2792is the default). 2793.It Va sshd_enable 2794.Pq Vt bool 2795Set to 2796.Dq Li YES 2797to start 2798.Xr sshd 8 2799at system boot time. 2800.It Va sshd_flags 2801.Pq Vt str 2802If 2803.Va sshd_enable 2804is set to 2805.Dq Li YES , 2806these are the flags to pass to the 2807.Xr sshd 8 2808daemon. 2809.It Va usbd_enable 2810.Pq Vt bool 2811If set to 2812.Dq Li YES , 2813run the 2814.Xr usbd 8 2815daemon at boot time. 2816.It Va usbd_flags 2817.Pq Vt str 2818If 2819.Va usbd_enable 2820is set to 2821.Dq Li YES , 2822these are the flags passed to the 2823.Xr usbd 8 2824daemon. 2825.It Va watchdogd_enable 2826.Pq Vt bool 2827If set to 2828.Dq Li YES , 2829start the 2830.Xr watchdogd 8 2831daemon at boot time. 2832This requires that the kernel have been compiled with a 2833.Xr watchdog 4 2834compatible device. 2835.It Va watchdogd_flags 2836.Pq Vt str 2837If 2838.Va watchdogd_enable 2839is set to 2840.Dq Li YES , 2841these are the flags passed to the 2842.Xr watchdogd 8 2843daemon. 2844.It Va performance_cx_lowest 2845.Pq Vt str 2846CPU idle state to use while on AC power. 2847The string 2848.Dq Li LOW 2849indicates that 2850.Xr acpi 4 2851should use the lowest power state available while 2852.Dq Li HIGH 2853indicates that the lowest latency state (less power savings) should be used. 2854.It Va performance_cpu_freq 2855.Pq Vt str 2856CPU clock frequency to use while on AC power. 2857The string 2858.Dq Li LOW 2859indicates that 2860.Xr cpufreq 4 2861should use the lowest frequency available while 2862.Dq Li HIGH 2863indicates that the highest frequency (less power savings) should be used. 2864.It Va economy_cx_lowest 2865.Pq Vt str 2866CPU idle state to use when off AC power. 2867The string 2868.Dq Li LOW 2869indicates that 2870.Xr acpi 4 2871should use the lowest power state available while 2872.Dq Li HIGH 2873indicates that the lowest latency state (less power savings) should be used. 2874.It Va economy_cpu_freq 2875.Pq Vt str 2876CPU clock frequency to use when off AC power. 2877The string 2878.Dq Li LOW 2879indicates that 2880.Xr cpufreq 4 2881should use the lowest frequency available while 2882.Dq Li HIGH 2883indicates that the highest frequency (less power savings) should be used. 2884.It Va jail_enable 2885.Pq Vt bool 2886If set to 2887.Dq Li NO , 2888any configured jails will not be started. 2889.It Va jail_list 2890.Pq Vt str 2891A space separated list of names for jails. 2892This is purely a configuration aid to help identify and 2893configure multiple jails. 2894The names specified in this list will be used to 2895identify settings common to an instance of a jail. 2896Assuming that the jail in question was named 2897.Li vjail , 2898you would have the following dependent variables: 2899.Bd -literal 2900jail_vjail_hostname="jail.example.com" 2901jail_vjail_ip="192.168.1.100" 2902jail_vjail_rootdir="/var/jails/vjail/root" 2903jail_vjail_exec="/bin/sh /etc/rc" 2904.Ed 2905.Pp 2906The last one is optional. 2907It defaults to 2908.Pa /etc/rc 2909if it is not set. 2910.It Va jail_set_hostname_allow 2911.Pq Vt bool 2912If set to 2913.Dq Li NO , 2914do not allow the root user in a jail to set its hostname. 2915.It Va jail_socket_unixiproute_only 2916.Pq Vt bool 2917If set to 2918.Dq Li NO , 2919do not allow any protocol, 2920besides TCP/IP, 2921to be used within a jail. 2922.It Va jail_sysvipc_allow 2923.Pq Vt bool 2924If set to 2925.Dq Li YES , 2926allow applications within a jail to use System V IPC. 2927.It Va unaligned_print 2928.Pq Vt bool 2929If set to 2930.Dq Li NO , 2931unaligned access warnings will not be printed. 2932(alpha) 2933.\" ----- ISDN settings --------------------------------- 2934.It Va isdn_enable 2935.Pq Vt bool 2936Set to 2937.Dq Li NO 2938by default. 2939When set to 2940.Dq Li YES , 2941starts the 2942.Xr isdnd 8 2943daemon 2944at system boot time. 2945.It Va isdn_flags 2946.Pq Vt str 2947Set to 2948.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2949by default. 2950Additional flags to pass to 2951.Xr isdnd 8 2952(but see 2953.Va isdn_fsdev 2954and 2955.Va isdn_ttype 2956for certain tunable parameters). 2957.It Va isdn_ttype 2958.Pq Vt str 2959Set to 2960.Dq Li cons25 2961by default. 2962The terminal type of the output device when 2963.Xr isdnd 8 2964operates in full-screen mode. 2965.It Va isdn_screenflags 2966.Pq Vt str 2967Set to 2968.Dq Li NO 2969by default. 2970The video mode for full-screen mode (only for 2971.Xr syscons 4 2972console driver, see 2973.Xr vidcontrol 1 2974for valid modes). 2975.It Va isdn_fsdev 2976.Pq Vt str 2977Set to 2978.Dq Li NO 2979by default. 2980The output device for 2981.Xr isdnd 8 2982in full-screen mode (or 2983.Dq Li NO 2984for daemon mode). 2985.It Va isdn_trace 2986.Pq Vt bool 2987Set to 2988.Dq Li NO 2989by default. 2990When set to 2991.Dq Li YES , 2992enables the ISDN protocol trace utility 2993.Xr isdntrace 8 2994at system boot time. 2995.It Va isdn_traceflags 2996.Pq Vt str 2997Set to 2998.Dq Fl f Pa /var/tmp/isdntrace0 2999by default. 3000Flags for 3001.Xr isdntrace 8 . 3002.\" ----------------------------------------------------- 3003.It Va pcvt_verbose 3004.Pq Vt bool 3005Set to 3006.Dq Li NO 3007by default. 3008When set to 3009.Dq Li YES , 3010verbose messages about the actions done by the start script are displayed. 3011.Em Note : 3012the 3013.Xr pcvt 4 3014driver must be compiled into the kernel before the 3015.Xr pcvt 4 3016related 3017options described here take any effect. 3018.It Va pcvt_keymap 3019.Pq Vt str 3020Set to 3021.Dq Li NO 3022by default. 3023Use this to configure a national keyboard mapping found in the 3024.Pa /usr/share/misc/keycap.pcvt 3025file of keyboard mappings. 3026(See also the manual pages 3027.Xr keycap 5 3028and 3029.Xr keycap 3 3030for usage of 3031.Xr pcvt 4 Ns 's 3032keycap database and the manual page 3033.Xr kcon 1 3034option 3035.Fl m 3036for national keyboard mapping configuration.) 3037.It Va pcvt_keydel 3038.Pq Vt int 3039Set to 3040.Dq Li NO 3041by default. 3042Used to set the keyboard key repeat delay value. 3043Valid values are 3044in the range 0..3 for delay values of 250, 500, 750 and 1000 msec. 3045(See also the 3046.Xr kcon 1 3047manual page.) 3048.It Va pcvt_keyrate 3049.Pq Vt int 3050Set to 3051.Dq Li NO 3052by default. 3053Used to set the keyboard key repetition rate value. 3054Valid values are 3055in the range 0..31 for repetition values of 2..30 characters per second. 3056.It Va pcvt_keyrepeat 3057.Pq Vt bool 3058Set to 3059.Dq Li NO 3060by default. 3061Set to 3062.Dq Li YES 3063to enable automatic keyboard key repeating. 3064.It Va pcvt_force24 3065.Pq Vt bool 3066Set to 3067.Dq Li NO 3068by default. 3069Set to 3070.Dq Li YES 3071to force 3072.Xr pcvt 4 3073to use 24 lines only (in 25 lines mode) for compatibility 3074with the original 3075.Tn VT220 3076terminal. 3077.It Va pcvt_hpext 3078.Pq Vt bool 3079Set to 3080.Dq Li NO 3081by default. 3082Set to 3083.Dq Li YES 3084to enable the display and functionality of function key labels (as found 3085on 3086.Tn Hewlett-Packard 3087terminals such as the 3088.Tn HP2392A 3089and the 3090.Tn HP700/92 3091in 3092.Tn ANSI 3093mode). 3094.It Va pcvt_lines 3095.Pq Vt int 3096Set to 3097.Dq Li NO 3098by default resulting in a value of 25. 3099Used to set the number of lines on the screen. 3100For VGA displays, valid 3101values are 25, 28, 40 and 50 lines. 3102(See also the 3103.Xr scon 1 3104manual page.) 3105.It Va pcvt_blanktime 3106.Pq Vt int 3107Set to 3108.Dq Li NO 3109by default. 3110Used to set the screen saver timeout in seconds for values greater than 3111zero. 3112.It Va pcvt_cursorh 3113.Pq Vt int 3114Set to 3115.Dq Li NO 3116by default. 3117Used to set the cursor top scanline. 3118(See also the 3119.Xr cursor 1 3120manual page.) 3121.It Va pcvt_cursorl 3122.Pq Vt int 3123Set to 3124.Dq Li NO 3125by default. 3126Used to set the cursor bottom scanline. 3127.It Va pcvt_monohigh 3128.Pq Vt bool 3129Set to 3130.Dq Li NO 3131by default. 3132Set to 3133.Dq Li YES 3134to set intensity to high on monochrome monitors. 3135(See also the 3136.Xr scon 1 3137manual page, option 3138.Fl p , 3139for more information on changing VGA palette 3140values.) 3141.It Va harvest_interrupt 3142.Pq Vt bool 3143Set to 3144.Dq Li YES 3145to use hardware interrupts as an entropy source. 3146Refer to 3147.Xr random 4 3148for more information. 3149.It Va harvest_ethernet 3150.Pq Vt bool 3151Set to 3152.Dq Li YES 3153to use LAN traffic as an entropy source. 3154Refer to 3155.Xr random 4 3156for more information. 3157.It Va harvest_p_to_p 3158.Pq Vt bool 3159Set to 3160.Dq Li YES 3161to use serial line traffic as an entropy source. 3162Refer to 3163.Xr random 4 3164for more information. 3165.It Va entropy_dir 3166.Pq Vt str 3167Set to 3168.Dq Li NO 3169to disable caching entropy via 3170.Xr cron 8 . 3171Otherwise set to the directory used to store entropy files in. 3172.It Va entropy_file 3173.Pq Vt str 3174Set to 3175.Dq Li NO 3176to disable caching entropy through reboots. 3177Otherwise set to the filename used to store cached entropy through 3178reboots. 3179This file should be located on the root file system to seed the 3180.Xr random 4 3181device as early as possible in the boot process. 3182.It Va entropy_save_sz 3183.Pq Vt int 3184Size of the entropy cache files saved by 3185.Nm save-entropy 3186periodically. 3187.It Va entropy_save_num 3188.Pq Vt int 3189Number of entropy cache files to save by 3190.Nm save-entropy 3191periodically. 3192.It Va ipsec_enable 3193.Pq Vt bool 3194Set to 3195.Dq Li YES 3196to run 3197.Xr setkey 8 3198on 3199.Va ipsec_file 3200at boot time. 3201.It Va ipsec_file 3202.Pq Vt str 3203Configuration file for 3204.Xr setkey 8 . 3205.It Va dmesg_enable 3206.Pq Vt bool 3207Set to 3208.Dq Li YES 3209to save 3210.Xr dmesg 8 3211to 3212.Pa /var/run/dmesg.boot 3213on boot. 3214.It Va rcshutdown_timeout 3215.Pq Vt int 3216If set, start a watchdog timer in the background which will terminate 3217.Pa rc.shutdown 3218if 3219.Xr shutdown 8 3220has not completed within the specified time (in seconds). 3221Notice that in addition to this soft timeout, 3222.Xr init 8 3223also applies a hard timeout for the execution of 3224.Pa rc.shutdown . 3225This is configured via 3226.Xr sysctl 8 3227variable 3228.Va kern.init_shutdown_timeout 3229and defaults to 120 seconds. Setting the value of 3230.Va rcshutdown_timeout 3231to more than 120 seconds will have no effect until the 3232.Xr sysctl 8 3233variable 3234.Va kern.init_shutdown_timeout 3235is also increased. 3236.It Va virecover_enable 3237.Pq Vt bool 3238Set to 3239.Dq Li NO 3240to prevent the system from trying to 3241recover pre-maturely terminated 3242.Xr vi 1 3243sessions. 3244.It Va ugidfw_enable 3245.Pq Vt bool 3246Set to 3247.Dq Li YES 3248to load the 3249.Xr mac_bsdextended 4 3250module upon system initialization and load a default 3251ruleset file. 3252.It Va bsdextended_script 3253.Pq Vt str 3254The default 3255.Xr mac_bsdextended 4 3256ruleset file to load. 3257The default value of this variable is 3258.Pa /etc/rc.bsdextended . 3259.It Va newsyslog_enable 3260.Pq Vt bool 3261If set to 3262.Dq Li YES , 3263run 3264.Xr newsyslog 8 3265command at startup. 3266.It Va newsyslog_flags 3267.Pq Vt str 3268If 3269.Va newsyslog_enable 3270is set to 3271.Dq Li YES , 3272these are the flags to pass to the 3273.Xr newsyslog 8 3274program. 3275The default is 3276.Dq Li -CN , 3277which causes log files flagged with a 3278.Cm C 3279to be created. 3280.It Va ramdisk_units 3281.Pq Vt str 3282A list of one or more ramdisk units to configure with 3283.Xr mdconfig 8 3284and 3285.Xr newfs 8 3286in time to be mounted from 3287.Xr fstab 5 . 3288Each listed unit 3289.Ar X 3290must specify at least a 3291.Ar type 3292in a 3293.Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 3294variable. 3295.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 3296.Pq Vt str 3297Arguments to 3298.Xr mdconfig 8 3299for ramdisk 3300.Ar X . 3301At minimum a 3302.Fl t Ar type 3303must be specified, where 3304.Ar type 3305must be one of 3306.Cm malloc 3307or 3308.Cm swap . 3309.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _newfs 3310.Pq Vt str 3311Optional arguments passed to 3312.Xr newfs 8 3313to initialize ramdisk 3314.Ar X . 3315.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _owner 3316.Pq Vt str 3317An ownership specification passed to 3318.Xr chown 8 3319after the specified ramdisk unit 3320.Ar X 3321has been mounted. 3322Both the 3323.Xr md 4 3324device and the mount point will be changed. 3325.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _perms 3326.Pq Vt str 3327A mode string passed to 3328.Xr chmod 1 3329after the specified ramdisk unit 3330.Ar X 3331has been mounted. 3332Both the 3333.Xr md 4 3334device and the mount point will be changed. 3335.El 3336.Sh FILES 3337.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 3338.It Pa /etc/defaults/rc.conf 3339.It Pa /etc/rc.conf 3340.It Pa /etc/rc.conf.local 3341.El 3342.Sh SEE ALSO 3343.Xr catman 1 , 3344.Xr chmod 1 , 3345.Xr gdb 1 , 3346.Xr info 1 , 3347.Xr kbdcontrol 1 , 3348.Xr makewhatis 1 , 3349.Xr vi 1 , 3350.Xr vidcontrol 1 , 3351.Xr ip 4 , 3352.Xr ipf 4 , 3353.Xr ipfw 4 , 3354.Xr ipnat 4 , 3355.Xr kld 4 , 3356.Xr pf 4 , 3357.Xr pflog 4 , 3358.Xr pfsync 4 , 3359.Xr tcp 4 , 3360.Xr udp 4 , 3361.Xr exports 5 , 3362.Xr ipf 5 , 3363.Xr ipnat 5 , 3364.Xr motd 5 , 3365.Xr newsyslog.conf 5 , 3366.Xr pf.conf 5 , 3367.Xr accton 8 , 3368.Xr amd 8 , 3369.Xr apm 8 , 3370.Xr atm 8 , 3371.Xr chkprintcap 8 , 3372.Xr chown 8 , 3373.Xr cron 8 , 3374.Xr dhclient 8 , 3375.Xr ifconfig 8 , 3376.Xr inetd 8 , 3377.Xr ipf 8 , 3378.Xr ipfw 8 , 3379.Xr ipnat 8 , 3380.Xr isdnd 8 , 3381.Xr isdntrace 8 , 3382.Xr kldxref 8 , 3383.Xr lpd 8 , 3384.Xr mdconfig 8 , 3385.Xr mdmfs 8 , 3386.Xr mountd 8 , 3387.Xr moused 8 , 3388.Xr mrouted 8 , 3389.Xr named 8 , 3390.Xr newfs 8 , 3391.Xr newsyslog 8 , 3392.Xr nfsd 8 , 3393.Xr ntpd 8 , 3394.Xr ntpdate 8 , 3395.Xr pcnfsd 8 , 3396.Xr pfctl 8 , 3397.Xr pflogd 8 , 3398.Xr powerd 8 , 3399.Xr quotacheck 8 , 3400.Xr quotaon 8 , 3401.Xr rc 8 , 3402.Xr rc.sendmail 8 , 3403.Xr route 8 , 3404.Xr routed 8 , 3405.Xr rpcbind 8 , 3406.Xr rpc.lockd 8 , 3407.Xr rpc.statd 8 , 3408.Xr rwhod 8 , 3409.Xr savecore 8 , 3410.Xr sshd 8 , 3411.Xr swapon 8 , 3412.Xr sysctl 8 , 3413.Xr syslogd 8 , 3414.Xr timed 8 , 3415.Xr usbd 8 , 3416.Xr yp 8 , 3417.Xr ypbind 8 , 3418.Xr ypserv 8 , 3419.Xr ypset 8 3420.Sh HISTORY 3421The 3422.Nm 3423file appeared in 3424.Fx 2.2.2 . 3425.Sh AUTHORS 3426.An Jordan K. Hubbard . 3427