1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd April 27, 2011 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67In addition to 68.Pa /etc/rc.conf.local 69you can also place smaller configuration files for each 70.Xr rc 8 71script in the 72.Pa /etc/rc.conf.d 73directory, which will be included by the 74.Va load_rc_config 75function. 76For jail configurations you could use the file 77.Pa /etc/rc.conf.d/jail 78to store jail specific configuration options. 79Also see the 80.Va rc_conf_files 81variable below. 82.Pp 83Options are set with 84.Dq Ar name Ns Li = Ns Ar value 85assignments that use 86.Xr sh 1 87syntax. 88The following list provides a name and short description for each 89variable that can be set in the 90.Nm 91file: 92.Bl -tag -width indent-two 93.It Va rc_debug 94.Pq Vt bool 95If set to 96.Dq Li YES , 97enable output of debug messages from rc scripts. 98This variable can be helpful in diagnosing mistakes when 99editing or integrating new scripts. 100Beware that this produces copious output to the terminal and 101.Xr syslog 3 . 102.It Va rc_info 103.Pq Vt bool 104If set to 105.Dq Li NO , 106disable informational messages from the rc scripts. 107Informational messages are displayed when 108a condition that is not serious enough to warrant a warning or 109an error occurs. 110.It Va rc_startmsgs 111.Pq Vt bool 112If set to 113.Dq Li YES , 114show 115.Dq Starting foo: 116when faststart is used (e.g., at boot time). 117.It Va early_late_divider 118.Pq Vt str 119The name of the script that should be used as the 120delimiter between the 121.Dq early 122and 123.Dq late 124stages of the boot process. 125The early stage should contain all the services needed to 126get the disks (local or remote) mounted so that the late 127stage can include scripts contained in the directories 128listed in the 129.Va local_startup 130variable (see below). 131Thus, the two likely candidates for this value are 132.Pa mountcritlocal 133for the typical system, and 134.Pa mountcritremote 135if the system needs remote file 136systems mounted to get access to the 137.Va local_startup 138directories; for example when 139.Pa /usr/local 140is NFS mounted. 141For 142.Pa rc.conf 143within a 144.Xr jail 8 145.Pa NETWORKING 146is likely to be an appropriate value. 147Extreme care should be taken when changing this value, 148and before changing it one should ensure that there are 149adequate provisions to recover from a failed boot 150(such as physical contact with the machine, 151or reliable remote console access). 152.It Va swapfile 153.Pq Vt str 154If set to 155.Dq Li NO , 156no swapfile is installed, otherwise the value is used as the full 157pathname to a file to use for additional swap space. 158.It Va apm_enable 159.Pq Vt bool 160If set to 161.Dq Li YES , 162enable support for Automatic Power Management with 163the 164.Xr apm 8 165command. 166.It Va apmd_enable 167.Pq Vt bool 168Run 169.Xr apmd 8 170to handle APM event from userland. 171This also enables support for APM. 172.It Va apmd_flags 173.Pq Vt str 174If 175.Va apmd_enable 176is set to 177.Dq Li YES , 178these are the flags to pass to the 179.Xr apmd 8 180daemon. 181.It Va devd_enable 182.Pq Vt bool 183Run 184.Xr devd 8 185to handle device added, removed or unknown events from the kernel. 186.It Va ddb_enable 187.Pq Vt bool 188Run 189.Xr ddb 8 190to install 191.Xr ddb 4 192scripts at boot time. 193.It Va ddb_config 194.Pq Vt str 195Configuration file for 196.Xr ddb 8 . 197Default 198.Pa /etc/ddb.conf . 199.It Va kldxref_enable 200.Pq Vt bool 201Set to 202.Dq Li NO 203by default. 204Set to 205.Dq Li YES 206to automatically rebuild 207.Pa linker.hints 208files with 209.Xr kldxref 8 210at boot time. 211.It Va kldxref_clobber 212.Pq Vt bool 213Set to 214.Dq Li NO 215by default. 216If 217.Va kldxref_enable 218is true, 219setting to 220.Dq Li YES 221will overwrite existing 222.Pa linker.hints 223files at boot time. 224Otherwise, 225only missing 226.Pa linker.hints 227files are generated. 228.It Va kldxref_module_path 229.Pq Vt str 230Empty by default. 231A semi-colon 232.Pq Ql \&; 233delimited list of paths containing 234.Xr kld 4 235modules. 236If empty, 237the contents of the 238.Va kern.module_path 239.Xr sysctl 8 240are used. 241.It Va powerd_enable 242.Pq Vt bool 243If set to 244.Dq Li YES , 245enable the system power control facility with the 246.Xr powerd 8 247daemon. 248.It Va powerd_flags 249.Pq Vt str 250If 251.Va powerd_enable 252is set to 253.Dq Li YES , 254these are the flags to pass to the 255.Xr powerd 8 256daemon. 257.It Va tmpmfs 258Controls the creation of a 259.Pa /tmp 260memory file system. 261Always happens if set to 262.Dq Li YES 263and never happens if set to 264.Dq Li NO . 265If set to anything else, a memory file system is created if 266.Pa /tmp 267is not writable. 268.It Va tmpsize 269Controls the size of a created 270.Pa /tmp 271memory file system. 272.It Va tmpmfs_flags 273Extra options passed to the 274.Xr mdmfs 8 275utility when the memory file system for 276.Pa /tmp 277is created. 278The default is 279.Dq Li "-S" , 280which inhibits the use of softupdates on 281.Pa /tmp 282so that file system space is freed without delay 283after file truncation or deletion. 284See 285.Xr mdmfs 8 286for other options you can use in 287.Va tmpmfs_flags . 288.It Va varmfs 289Controls the creation of a 290.Pa /var 291memory file system. 292Always happens if set to 293.Dq Li YES 294and never happens if set to 295.Dq Li NO . 296If set to anything else, a memory file system is created if 297.Pa /var 298is not writable. 299.It Va varsize 300Controls the size of a created 301.Pa /var 302memory file system. 303.It Va varmfs_flags 304Extra options passed to the 305.Xr mdmfs 8 306utility when the memory file system for 307.Pa /var 308is created. 309The default is 310.Dq Li "-S" , 311which inhibits the use of softupdates on 312.Pa /var 313so that file system space is freed without delay 314after file truncation or deletion. 315See 316.Xr mdmfs 8 317for other options you can use in 318.Va varmfs_flags . 319.It Va populate_var 320Controls the automatic population of the 321.Pa /var 322file system. 323Always happens if set to 324.Dq Li YES 325and never happens if set to 326.Dq Li NO . 327If set to anything else, a memory file system is created if 328.Pa /var 329is not writable. 330Note that this process requires access to certain commands in 331.Pa /usr 332before 333.Pa /usr 334is mounted on normal systems. 335.It Va cleanvar_enable 336.Pq Vt bool 337Clean the 338.Pa /var 339directory. 340.It Va local_startup 341.Pq Vt str 342List of directories to search for startup script files. 343.It Va script_name_sep 344.Pq Vt str 345The field separator to use for breaking down the list of startup script files 346into individual filenames. 347The default is a space. 348It is not necessary to change this unless there are startup scripts with names 349containing spaces. 350.It Va hostapd_enable 351.Pq Vt bool 352Set to 353.Dq Li YES 354to start 355.Xr hostapd 8 356at system boot time. 357.It Va hostname 358.Pq Vt str 359The fully qualified domain name (FQDN) of this host on the network. 360This should almost certainly be set to something meaningful, even if 361there is no network connection. 362If 363.Xr dhclient 8 364is used to set the hostname via DHCP, 365this variable should be set to an empty string. 366If this value remains unset when the system is done booting 367your console login will display the default hostname of 368.Dq Amnesiac. 369.It Va nisdomainname 370.Pq Vt str 371The NIS domain name of this host, or 372.Dq Li NO 373if NIS is not used. 374.It Va dhclient_program 375.Pq Vt str 376Path to the DHCP client program 377.Pa ( /sbin/dhclient , 378the 379.Ox 380DHCP client, 381is the default). 382.It Va dhclient_flags 383.Pq Vt str 384Additional flags to pass to the DHCP client program. 385For the 386.Ox 387DHCP client, see the 388.Xr dhclient 8 389manpage for a description of the command line options available. 390.It Va dhclient_flags_ Ns Aq Ar iface 391Additional flags to pass to the DHCP client program running on 392.Ar iface 393only. 394When specified, this variable overrides 395.Va dhclient_flags . 396.It Va background_dhclient 397.Pq Vt bool 398Set to 399.Dq Li YES 400to start the DHCP client in background. 401This can cause trouble with applications depending on 402a working network, but it will provide a faster startup 403in many cases. 404.It Va background_dhclient_ Ns Aq Ar iface 405When specified, this variable overrides the 406.Va background_dhclient 407variable for interface 408.Ar iface 409only. 410.It Va synchronous_dhclient 411.Pq Vt bool 412Set to 413.Dq Li YES 414to start 415.Xr dhclient 8 416synchronously at startup. 417This behavior can be overridden on a per-interface basis by replacing 418the 419.Dq Li DHCP 420keyword in the 421.Va ifconfig_ Ns Aq Ar interface 422variable with 423.Dq Li SYNCDHCP 424or 425.Dq Li NOSYNCDHCP . 426.It Va defaultroute_delay 427.Pq Vt int 428When set to a positive value, wait up to this long after configuring 429DHCP interfaces at startup to give the interfaces time to receive a lease. 430.It Va firewall_enable 431.Pq Vt bool 432Set to 433.Dq Li YES 434to load firewall rules at startup. 435If the kernel was not built with 436.Cd "options IPFIREWALL" , 437the 438.Pa ipfw.ko 439kernel module will be loaded. 440See also 441.Va ipfilter_enable . 442.It Va firewall_script 443.Pq Vt str 444This variable specifies the full path to the firewall script to run. 445The default is 446.Pa /etc/rc.firewall . 447.It Va firewall_type 448.Pq Vt str 449Names the firewall type from the selection in 450.Pa /etc/rc.firewall , 451or the file which contains the local firewall ruleset. 452Valid selections from 453.Pa /etc/rc.firewall 454are: 455.Pp 456.Bl -tag -width ".Li simple" -compact 457.It Li open 458unrestricted IP access 459.It Li closed 460all IP services disabled, except via 461.Dq Li lo0 462.It Li client 463basic protection for a workstation 464.It Li simple 465basic protection for a LAN. 466.El 467.Pp 468If a filename is specified, the full path 469must be given. 470.It Va firewall_quiet 471.Pq Vt bool 472Set to 473.Dq Li YES 474to disable the display of firewall rules on the console during boot. 475.It Va firewall_logging 476.Pq Vt bool 477Set to 478.Dq Li YES 479to enable firewall event logging. 480This is equivalent to the 481.Dv IPFIREWALL_VERBOSE 482kernel option. 483.It Va firewall_flags 484.Pq Vt str 485Flags passed to 486.Xr ipfw 8 487if 488.Va firewall_type 489specifies a filename. 490.It Va firewall_coscripts 491.Pq Vt str 492List of executables and/or rc scripts to run after firewall starts/stops. 493Default is empty. 494.\" ----- firewall_nat_enable setting -------------------------------- 495.It Va firewall_nat_enable 496.Pq Vt bool 497The 498.Xr ipfw 8 499equivalent of 500.Va natd_enable . 501Setting this to 502.Dq Li YES 503enables kernel NAT. 504.Va firewall_enable 505must also be set to 506.Dq Li YES . 507.It Va firewall_nat_interface 508.Pq Vt str 509The 510.Xr ipfw 8 511equivalent of 512.Va natd_interface . 513This is the name of the public interface or IP address on which 514kernel NAT should run. 515.It Va firewall_nat_flags 516.Pq Vt str 517Additional configuration parameters for kernel NAT should be placed here. 518.It Va dummynet_enable 519.Pq Vt bool 520Setting this to 521.Dq Li YES 522will automatically load the 523.Xr dummynet 4 524module if 525.Va firewall_enable 526is also set to 527.Dq Li YES . 528.\" ------------------------------------------------------------------- 529.It Va natd_program 530.Pq Vt str 531Path to 532.Xr natd 8 . 533.It Va natd_enable 534.Pq Vt bool 535Set to 536.Dq Li YES 537to enable 538.Xr natd 8 . 539.Va firewall_enable 540must also be set to 541.Dq Li YES , 542and 543.Xr divert 4 544sockets must be enabled in the kernel. 545If the kernel was not built with 546.Cd "options IPDIVERT" , 547the 548.Pa ipdivert.ko 549kernel module will be loaded. 550.It Va natd_interface 551.Pq Vt str 552This is the name of the public interface on which 553.Xr natd 8 554should run. 555The interface may be given as an interface name or as an IP address. 556.It Va natd_flags 557.Pq Vt str 558Additional 559.Xr natd 8 560flags should be placed here. 561The 562.Fl n 563or 564.Fl a 565flag is automatically added with the above 566.Va natd_interface 567as an argument. 568.\" ----- ipfilter_enable setting -------------------------------- 569.It Va ipfilter_enable 570.Pq Vt bool 571Set to 572.Dq Li NO 573by default. 574Setting this to 575.Dq Li YES 576enables 577.Xr ipf 8 578packet filtering. 579.Pp 580Typical usage will require putting 581.Bd -literal 582ipfilter_enable="YES" 583ipnat_enable="YES" 584ipmon_enable="YES" 585ipfs_enable="YES" 586.Ed 587.Pp 588into 589.Pa /etc/rc.conf 590and editing 591.Pa /etc/ipf.rules 592and 593.Pa /etc/ipnat.rules 594appropriately. 595.Pp 596Note that 597.Va ipfilter_enable 598and 599.Va ipnat_enable 600can be enabled independently. 601.Va ipmon_enable 602and 603.Va ipfs_enable 604both require at least one of 605.Va ipfilter_enable 606and 607.Va ipnat_enable 608to be enabled. 609.Pp 610Having 611.Bd -literal 612options IPFILTER 613options IPFILTER_LOG 614options IPFILTER_DEFAULT_BLOCK 615.Ed 616.Pp 617in the kernel configuration file is a good idea, too. 618.\" ----- ipfilter_program setting ------------------------------ 619.It Va ipfilter_program 620.Pq Vt str 621Path to 622.Xr ipf 8 623(default 624.Pa /sbin/ipf ) . 625.\" ----- ipfilter_rules setting -------------------------------- 626.It Va ipfilter_rules 627.Pq Vt str 628Set to 629.Pa /etc/ipf.rules 630by default. 631This variable contains the name of the filter rule definition file. 632The file is expected to be readable for the 633.Xr ipf 8 634command to execute. 635.\" ----- ipv6_ipfilter_rules setting --------------------------- 636.It Va ipv6_ipfilter_rules 637.Pq Vt str 638Set to 639.Pa /etc/ipf6.rules 640by default. 641This variable contains the IPv6 filter rule definition file. 642The file is expected to be readable for the 643.Xr ipf 8 644command to execute. 645.\" ----- ipfilter_flags setting -------------------------------- 646.It Va ipfilter_flags 647.Pq Vt str 648Empty by default. 649This variable contains flags passed to the 650.Xr ipf 8 651program. 652.\" ----- ipnat_enable setting ---------------------------------- 653.It Va ipnat_enable 654.Pq Vt bool 655Set to 656.Dq Li NO 657by default. 658Set it to 659.Dq Li YES 660to enable 661.Xr ipnat 8 662network address translation. 663See 664.Va ipfilter_enable 665for a detailed discussion. 666.\" ----- ipnat_program setting --------------------------------- 667.It Va ipnat_program 668.Pq Vt str 669Path to 670.Xr ipnat 8 671(default 672.Pa /sbin/ipnat ) . 673.\" ----- ipnat_rules setting ----------------------------------- 674.It Va ipnat_rules 675.Pq Vt str 676Set to 677.Pa /etc/ipnat.rules 678by default. 679This variable contains the name of the file 680holding the network address translation definition. 681This file is expected to be readable for the 682.Xr ipnat 8 683command to execute. 684.\" ----- ipnat_flags setting ----------------------------------- 685.It Va ipnat_flags 686.Pq Vt str 687Empty by default. 688This variable contains flags passed to the 689.Xr ipnat 8 690program. 691.\" ----- ipmon_enable setting ---------------------------------- 692.It Va ipmon_enable 693.Pq Vt bool 694Set to 695.Dq Li NO 696by default. 697Set it to 698.Dq Li YES 699to enable 700.Xr ipmon 8 701monitoring (logging 702.Xr ipf 8 703and 704.Xr ipnat 8 705events). 706Setting this variable needs setting 707.Va ipfilter_enable 708or 709.Va ipnat_enable 710too. 711See 712.Va ipfilter_enable 713for a detailed discussion. 714.\" ----- ipmon_program setting --------------------------------- 715.It Va ipmon_program 716.Pq Vt str 717Path to 718.Xr ipmon 8 719(default 720.Pa /sbin/ipmon ) . 721.\" ----- ipmon_flags setting ----------------------------------- 722.It Va ipmon_flags 723.Pq Vt str 724Set to 725.Dq Li -Ds 726by default. 727This variable contains flags passed to the 728.Xr ipmon 8 729program. 730Another typical example would be 731.Dq Fl D Pa /var/log/ipflog 732to have 733.Xr ipmon 8 734log directly to a file bypassing 735.Xr syslogd 8 . 736Make sure to adjust 737.Pa /etc/newsyslog.conf 738in such case like this: 739.Bd -literal 740/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 741.Ed 742.\" ----- ipfs_enable setting ----------------------------------- 743.It Va ipfs_enable 744.Pq Vt bool 745Set to 746.Dq Li NO 747by default. 748Set it to 749.Dq Li YES 750to enable 751.Xr ipfs 8 752saving the filter and NAT state tables during shutdown 753and reloading them during startup again. 754Setting this variable needs setting 755.Va ipfilter_enable 756or 757.Va ipnat_enable 758to 759.Dq Li YES 760too. 761See 762.Va ipfilter_enable 763for a detailed discussion. 764Note that if 765.Va kern_securelevel 766is set to 3, 767.Va ipfs_enable 768cannot be used 769because the raised securelevel will prevent 770.Xr ipfs 8 771from saving the state tables at shutdown time. 772.\" ----- ipfs_program setting ---------------------------------- 773.It Va ipfs_program 774.Pq Vt str 775Path to 776.Xr ipfs 8 777(default 778.Pa /sbin/ipfs ) . 779.\" ----- ipfs_flags setting ------------------------------------ 780.It Va ipfs_flags 781.Pq Vt str 782Empty by default. 783This variable contains flags passed to the 784.Xr ipfs 8 785program. 786.\" ----- end of added ipf hook --------------------------------- 787.It Va pf_enable 788.Pq Vt bool 789Set to 790.Dq Li NO 791by default. 792Setting this to 793.Dq Li YES 794enables 795.Xr pf 4 796packet filtering. 797.Pp 798Typical usage will require putting 799.Pp 800.Dl pf_enable="YES" 801.Pp 802into 803.Pa /etc/rc.conf 804and editing 805.Pa /etc/pf.conf 806appropriately. 807Adding 808.Pp 809.Dl "device pf" 810.Pp 811builds support for 812.Xr pf 4 813into the kernel, otherwise the 814kernel module will be loaded. 815.It Va pf_rules 816.Pq Vt str 817Path to 818.Xr pf 4 819ruleset configuration file 820(default 821.Pa /etc/pf.conf ) . 822.It Va pf_program 823.Pq Vt str 824Path to 825.Xr pfctl 8 826(default 827.Pa /sbin/pfctl ) . 828.It Va pf_flags 829.Pq Vt str 830If 831.Va pf_enable 832is set to 833.Dq Li YES , 834these flags are passed to the 835.Xr pfctl 8 836program when loading the ruleset. 837.It Va pflog_enable 838.Pq Vt bool 839Set to 840.Dq Li NO 841by default. 842Setting this to 843.Dq Li YES 844enables 845.Xr pflogd 8 846which logs packets from the 847.Xr pf 4 848packet filter. 849.It Va pflog_logfile 850.Pq Vt str 851If 852.Va pflog_enable 853is set to 854.Dq Li YES 855this controls where 856.Xr pflogd 8 857stores the logfile 858(default 859.Pa /var/log/pflog ) . 860Check 861.Pa /etc/newsyslog.conf 862to adjust logfile rotation for this. 863.It Va pflog_program 864.Pq Vt str 865Path to 866.Xr pflogd 8 867(default 868.Pa /sbin/pflogd ) . 869.It Va pflog_flags 870.Pq Vt str 871Empty by default. 872This variable contains additional flags passed to the 873.Xr pflogd 8 874program. 875.It Va ftpproxy_enable 876.Pq Vt bool 877Set to 878.Dq Li NO 879by default. 880Setting this to 881.Dq Li YES 882enables 883.Xr ftp-proxy 8 884which supports the 885.Xr pf 4 886packet filter in translating ftp connections. 887.It Va ftpproxy_flags 888.Pq Vt str 889Empty by default. 890This variable contains additional flags passed to the 891.Xr ftp-proxy 8 892program. 893.It Va pfsync_enable 894.Pq Vt bool 895Set to 896.Dq Li NO 897by default. 898Setting this to 899.Dq Li YES 900enables exposing 901.Xr pf 4 902state changes to other hosts over the network by means of 903.Xr pfsync 4 . 904The 905.Va pfsync_syncdev 906variable 907must also be set then. 908.It Va pfsync_syncdev 909.Pq Vt str 910Empty by default. 911This variable specifies the name of the network interface 912.Xr pfsync 4 913should operate through. 914It must be set accordingly if 915.Va pfsync_enable 916is set to 917.Dq Li YES . 918.It Va pfsync_syncpeer 919.Pq Vt str 920Empty by default. 921This variable is optional. 922By default, state change messages are sent out on the synchronisation 923interface using IP multicast packets. 924The protocol is IP protocol 240, PFSYNC, and the multicast group used is 925224.0.0.240. 926When a peer address is specified using the 927.Va pfsync_syncpeer 928option, the peer address is used as a destination for the pfsync 929traffic, and the traffic can then be protected using 930.Xr ipsec 4 . 931See the 932.Xr pfsync 4 933manpage for more details about using 934.Xr ipsec 4 935with 936.Xr pfsync 4 937interfaces. 938.It Va pfsync_ifconfig 939.Pq Vt str 940Empty by default. 941This variable can contain additional options to be passed to the 942.Xr ifconfig 8 943command used to set up 944.Xr pfsync 4 . 945.It Va tcp_extensions 946.Pq Vt bool 947Set to 948.Dq Li YES 949by default. 950Setting this to 951.Dq Li NO 952disables certain TCP options as described by 953.Rs 954.%T "RFC 1323" 955.Re 956Setting this to 957.Dq Li NO 958might help remedy such problems with connections as randomly hanging 959or other weird behavior. 960Some network devices are known 961to be broken with respect to these options. 962.It Va log_in_vain 963.Pq Vt int 964Set to 0 by default. 965The 966.Xr sysctl 8 967variables, 968.Va net.inet.tcp.log_in_vain 969and 970.Va net.inet.udp.log_in_vain , 971as described in 972.Xr tcp 4 973and 974.Xr udp 4 , 975are set to the given value. 976.It Va tcp_keepalive 977.Pq Vt bool 978Set to 979.Dq Li YES 980by default. 981Setting to 982.Dq Li NO 983will disable probing idle TCP connections to verify that the 984peer is still up and reachable. 985.It Va tcp_drop_synfin 986.Pq Vt bool 987Set to 988.Dq Li NO 989by default. 990Setting to 991.Dq Li YES 992will cause the kernel to ignore TCP frames that have both 993the SYN and FIN flags set. 994This prevents OS fingerprinting, but may 995break some legitimate applications. 996.It Va icmp_drop_redirect 997.Pq Vt bool 998Set to 999.Dq Li NO 1000by default. 1001Setting to 1002.Dq Li YES 1003will cause the kernel to ignore ICMP REDIRECT packets. 1004Refer to 1005.Xr icmp 4 1006for more information. 1007.It Va icmp_log_redirect 1008.Pq Vt bool 1009Set to 1010.Dq Li NO 1011by default. 1012Setting to 1013.Dq Li YES 1014will cause the kernel to log ICMP REDIRECT packets. 1015Note that 1016the log messages are not rate-limited, so this option should only be used 1017for troubleshooting networks. 1018Refer to 1019.Xr icmp 4 1020for more information. 1021.It Va icmp_bmcastecho 1022.Pq Vt bool 1023Set to 1024.Dq Li YES 1025to respond to broadcast or multicast ICMP ping packets. 1026Refer to 1027.Xr icmp 4 1028for more information. 1029.It Va ip_portrange_first 1030.Pq Vt int 1031If not set to 1032.Dq Li NO , 1033this is the first port in the default portrange. 1034Refer to 1035.Xr ip 4 1036for more information. 1037.It Va ip_portrange_last 1038.Pq Vt int 1039If not set to 1040.Dq Li NO , 1041this is the last port in the default portrange. 1042Refer to 1043.Xr ip 4 1044for more information. 1045.It Va network_interfaces 1046.Pq Vt str 1047Set to the list of network interfaces to configure on this host or 1048.Dq Li AUTO 1049(the default) for all current interfaces. 1050Setting the 1051.Va network_interfaces 1052variable to anything other than the default is deprecated. 1053Interfaces that the administrator wishes to store configuration for, 1054but not start at boot should be configured with the 1055.Dq Li NOAUTO 1056keyword in their 1057.Va ifconfig_ Ns Aq Ar interface 1058variables as described below. 1059.Pp 1060An 1061.Va ifconfig_ Ns Aq Ar interface 1062variable is also assumed to exist for each value of 1063.Ar interface . 1064When an interface name contains any of the characters 1065.Dq Li .-/+ 1066they are translated to 1067.Dq Li _ 1068before lookup. 1069The variable can contain arguments to 1070.Xr ifconfig 8 , 1071as well as special case-insensitive keywords described below. 1072Such keywords are removed before passing the value to 1073.Xr ifconfig 8 1074while the order of the other arguments is preserved. 1075.Pp 1076One can configure more than one IPv4 address with the 1077.Va ipv4_addrs_ Ns Aq Ar interface 1078variable. 1079One or more IP addresses must be provided in Classless Inter-Domain 1080Routing (CIDR) address notation, whose last byte can be a range like 1081192.0.2.5-23/24. 1082In this case the address 192.0.2.5 will be configured with the 1083netmask /24 and the addresses 192.0.2.6 to 192.0.2.23 with 1084the non-conflicting netmask /32 as explained in the 1085.Xr ifconfig 8 1086alias section. 1087With the interface in question being 1088.Li ed0 , 1089an example could look like: 1090.Bd -literal 1091ipv4_addrs_ed0="192.0.2.129/27 192.0.2.1-5/28" 1092.Ed 1093.Pp 1094It is also possible to add IP alias entries using 1095.Xr ifconfig 8 1096syntax. 1097Assuming that the interface in question was 1098.Li ed0 , 1099it might look 1100something like this: 1101.Bd -literal 1102ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 1103ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 1104.Ed 1105.Pp 1106And so on. 1107For each 1108.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1109entry that is found, 1110its contents are passed to 1111.Xr ifconfig 8 . 1112Execution stops at the first unsuccessful access, so if 1113something like this is present: 1114.Bd -literal 1115ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 1116ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 1117ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 1118ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 1119.Ed 1120.Pp 1121Then note that alias4 would 1122.Em not 1123be added since the search would 1124stop with the missing 1125.Dq Li alias3 1126entry. 1127Due to this difficult to manage behavior, the 1128.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1129form is deprecated. 1130.Pp 1131If the 1132.Pa /etc/start_if. Ns Aq Ar interface 1133file is present, it is read and executed by the 1134.Xr sh 1 1135interpreter 1136before configuring the interface as specified in the 1137.Va ifconfig_ Ns Aq Ar interface 1138and 1139.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1140variables. 1141.Pp 1142If a 1143.Va vlans_ Ns Aq Ar interface 1144variable is set, 1145a 1146.Xr vlan 4 1147interface will be created for each item in the list with the 1148.Ar vlandev 1149argument set to 1150.Ar interface . 1151If a vlan interface's name is a number, 1152then that number is used as the vlan tag and the new vlan interface is 1153named 1154.Ar interface . Ns Ar tag . 1155Otherwise, 1156the vlan tag must be specified via a 1157.Va vlan 1158parameter in the 1159.Va create_args_ Ns Aq Ar interface 1160variable. 1161.Pp 1162To create a vlan device named 1163.Li em0.101 1164on 1165.Li em0 1166with the vlan tag 101 and the optional the IPv4 address 192.0.2.1/24: 1167.Bd -literal 1168vlans_em0="101" 1169ifconfig_em0_101="inet 192.0.2.1/24" 1170.Ed 1171.Pp 1172To create a vlan device named 1173.Li myvlan 1174on 1175.Li em0 1176with the vlan tag 102: 1177.Bd -literal 1178vlans_em0="myvlan" 1179create_args_myvlan="vlan 102" 1180.Ed 1181.Pp 1182If a 1183.Va wlans_ Ns Aq Ar interface 1184variable is set, 1185an 1186.Xr wlan 4 1187interface will be created for each item in the list with the 1188.Ar wlandev 1189argument set to 1190.Ar interface . 1191Further wlan cloning arguments may be passed to the 1192.Xr ifconfig 8 1193.Cm create 1194command by setting the 1195.Va create_args_ Ns Aq Ar interface 1196variable. 1197One or more 1198.Xr wlan 4 1199devices must be created for each wireless devices as of 1200.Fx 8.0 . 1201Debugging flags for 1202.Xr wlan 4 1203devices as set by 1204.Xr wlandebug 8 1205may be specified with an 1206.Va wlandebug_ Ns Aq Ar interface 1207variable. 1208The contents of this variable will be passed directly to 1209.Xr wlandebug 8 . 1210.Pp 1211If the 1212.Va ifconfig_ Ns Aq Ar interface 1213contains the keyword 1214.Dq Li NOAUTO 1215then the interface will not be configured 1216at boot or by 1217.Pa /etc/pccard_ether 1218when 1219.Va network_interfaces 1220is set to 1221.Dq Li AUTO . 1222.Pp 1223It is possible to bring up an interface with DHCP by adding 1224.Dq Li DHCP 1225to the 1226.Va ifconfig_ Ns Aq Ar interface 1227variable. 1228For instance, to initialize the 1229.Li ed0 1230device via DHCP, 1231it is possible to use something like: 1232.Bd -literal 1233ifconfig_ed0="DHCP" 1234.Ed 1235.Pp 1236Also, if you want to configure your wireless interface with 1237.Xr wpa_supplicant 8 1238for use with WPA, EAP/LEAP or WEP, you need to add 1239.Dq Li WPA 1240to the 1241.Va ifconfig_ Ns Aq Ar interface 1242variable. 1243.Pp 1244Finally, you can add 1245.Xr ifconfig 8 1246options in this variable, in addition to the 1247.Pa /etc/start_if. Ns Aq Ar interface 1248file. 1249For instance, to configure an 1250.Xr ath 4 1251wireless device in station mode with an address obtained 1252via DHCP, using WPA authentication and 802.11b mode, it is 1253possible to use something like: 1254.Bd -literal 1255wlans_ath0="wlan0" 1256ifconfig_wlan0="DHCP WPA mode 11b" 1257.Ed 1258.Pp 1259In addition to the 1260.Va ifconfig_ Ns Aq Ar interface 1261form, a fallback variable 1262.Va ifconfig_DEFAULT 1263may be configured. 1264It will be used for all interfaces with no 1265.Va ifconfig_ Ns Aq Ar interface 1266variable. 1267This is intended to replace the no longer supported 1268.Va pccard_ifconfig 1269variable. 1270.Pp 1271It is also possible to rename an interface by doing: 1272.Bd -literal 1273ifconfig_ed0_name="net0" 1274ifconfig_net0="inet 192.0.2.1 netmask 0xffffff00" 1275.Ed 1276.It Va ipv6_enable 1277.Pq Vt bool 1278If the variable is 1279.Dq Li YES , 1280.Dq Li inet6 accept_rtadv 1281is added to all of 1282.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1283and the 1284.Va ipv6_activate_all_interfaces 1285is defined as 1286.Dq Li YES . 1287.Pp 1288This variable is deprecated. Use 1289.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1290and 1291.Va ipv6_activate_all_interfaces 1292if necessary. 1293.It Va ipv6_prefer 1294.Pq Vt bool 1295If the variable is 1296.Dq Li YES , 1297the default address selection policy table set by 1298.Xr ip6addrctl 8 1299will be IPv6-preferred. 1300.Pp 1301If the variable is 1302.Dq Li NO , 1303the default address selection policy table set by 1304.Xr ip6addrctl 8 1305will be IPv4-preferred. 1306.Pp 1307This variable is deprecated. Use 1308.Va ip6addrctl_policy 1309instead. 1310.It Va ipv6_activate_all_interfaces 1311If the variable is 1312.Dq Li NO , 1313all of interfaces which do not have the corrsponding 1314.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1315variable will be marked as 1316.Dq Li IFDISABLED 1317for security reason. This means only IPv6 functionality on that interface 1318is completely disabled. For more details of 1319.Dq Li IFDISABLED 1320flag and keywords 1321.Dq Li inet6 ifdisabled , 1322see 1323.Xr ifconfig 8 . 1324.Pp 1325Default is 1326.Dq Li NO . 1327.It Va ipv6_privacy 1328.Pq Vt bool 1329If the variable is 1330.Dq Li YES 1331privacy addresses will be generated for each IPv6 1332interface as described in RFC 4193. 1333.It Va ipv6_network_interfaces 1334.Pq Vt str 1335This is the IPv6 equivalent of 1336.Va network_interfaces . 1337Normally manual configuration of this variable is not needed. 1338.Pp 1339.It Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1340.Pq Vt str 1341IPv6 functionality on an interface should be configured by 1342.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 , 1343instead of setting ifconfig parameters in 1344.Va ifconfig_ Ns Aq Ar interface . 1345Aliases should be set by 1346.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1347with 1348.Dq Li inet6 1349keyword. For example: 1350.Bd -literal 1351ifconfig_ed0_ipv6="inet6 2001:db8:1::1 prefixlen 64" 1352ifconfig_ed0_alias0="inet6 2001:db8:2::1 prefixlen 64" 1353.Ed 1354.Pp 1355Interfaces that have an 1356.Dq Li inet6 accept_rtadv 1357keyword in 1358.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1359setting will be automatically configured by 1360.Xr rtsol 8 . 1361Note that this automatic configuration is disabled if the 1362.Va ipv6_gateway_enable 1363is set to 1364.Dq Li YES . 1365.It Va ipv6_prefix_ Ns Aq Ar interface 1366.Pq Vt str 1367If one or more prefixes are defined in 1368.Va ipv6_prefix_ Ns Aq Ar interface 1369addresses based on each prefix and the EUI-64 interface index will be 1370configured on that interface. 1371.It Va ipv6_default_interface 1372.Pq Vt str 1373If not set to 1374.Dq Li NO , 1375this is the default output interface for scoped addresses. 1376This works only with ipv6_gateway_enable="NO". 1377.It Va ip6addrctl_enable 1378.Pq Vt bool 1379This variable is to enable configuring default address selection policy table 1380.Pq RFC 3484 . 1381The table can be specified in another variable 1382.Va ip6addrctl_policy . 1383For 1384.Va ip6addrctl_policy 1385the following keywords can be specified: 1386.Dq Li ipv4_prefer , 1387.Dq Li ipv6_prefer , 1388or 1389.Dq Li AUTO . 1390.Pp 1391If 1392.Dq Li ipv4_prefer 1393or 1394.Dq Li ipv6_prefer 1395is specified, 1396.Xr ip6addrctl 8 1397installs a pre-defined policy table described in Section 2.1 1398.Pq IPv6-preferred 1399or 10.3 1400.Pq IPv4-preferred 1401of RFC 3484. 1402.Pp 1403If 1404.Dq Li AUTO 1405is specified, it attempts to read a file 1406.Pa /etc/ip6addrctl.conf 1407first. If this file is found, 1408.Xr ip6addrctl 8 1409reads and installs it. If not found, a policy is automatically set 1410according to 1411.Va ipv6_activate_all_interfaces 1412variable; if the variable is set to 1413.Dq Li YES 1414the IPv6-preferred one is used. Otherwise IPv4-preferred. 1415.Pp 1416The default value of 1417.Va ip6addrctl_enable 1418and 1419.Va ip6addrctl_policy 1420are 1421.Dq Li YES 1422and 1423.Dq Li AUTO , 1424respectively. 1425.It Va cloned_interfaces 1426.Pq Vt str 1427Set to the list of clonable network interfaces to create on this host. 1428Further cloning arguments may be passed to the 1429.Xr ifconfig 8 1430.Cm create 1431command for each interface by setting the 1432.Va create_args_ Ns Aq Ar interface 1433variable. 1434Entries in 1435.Va cloned_interfaces 1436are automatically appended to 1437.Va network_interfaces 1438for configuration. 1439.It Va fec_interfaces 1440.Pq Vt str 1441Set to the list of 1442.Xr ng_fec 4 1443Fast EtherChannel interfaces to configure on this host. 1444A 1445.Va fecconfig_ Ns Aq Ar interface 1446variable is assumed to exist for each value of 1447.Ar interface . 1448The value of this variable is used to configure link aggregated interfaces 1449according to the syntax of the 1450.Cm NGM_FEC_ADD_IFACE 1451to 1452.Xr ngctl 8 1453msg. 1454Additionally, this option ensures that each listed interface is created 1455via the 1456.Cm mkpeer 1457command to 1458.Xr ngctl 8 1459before attempting to configure it. 1460For example: 1461.Bd -literal 1462fec_interfaces="fec0" 1463fecconfig_fec0="em0 em1" 1464ifconfig_fec0="DHCP" 1465.Ed 1466.It Va gif_interfaces 1467.Pq Vt str 1468Set to the list of 1469.Xr gif 4 1470tunnel interfaces to configure on this host. 1471A 1472.Va gifconfig_ Ns Aq Ar interface 1473variable is assumed to exist for each value of 1474.Ar interface . 1475The value of this variable is used to configure the link layer of the 1476tunnel according to the syntax of the 1477.Cm tunnel 1478option to 1479.Xr ifconfig 8 . 1480Additionally, this option ensures that each listed interface is created 1481via the 1482.Cm create 1483option to 1484.Xr ifconfig 8 1485before attempting to configure it. 1486.It Va sppp_interfaces 1487.Pq Vt str 1488Set to the list of 1489.Xr sppp 4 1490interfaces to configure on this host. 1491A 1492.Va spppconfig_ Ns Aq Ar interface 1493variable is assumed to exist for each value of 1494.Ar interface . 1495Each interface should also be configured by a general 1496.Va ifconfig_ Ns Aq Ar interface 1497setting. 1498Refer to 1499.Xr spppcontrol 8 1500for more information about available options. 1501.It Va ppp_enable 1502.Pq Vt bool 1503If set to 1504.Dq Li YES , 1505run the 1506.Xr ppp 8 1507daemon. 1508.It Va ppp_profile 1509.Pq Vt str 1510The name of the profile to use from 1511.Pa /etc/ppp/ppp.conf . 1512Also used for per-profile overrides of 1513.Va ppp_mode 1514and 1515.Va ppp_nat , 1516and 1517.Va ppp_ Ns Ao Ar profile Ac Ns _unit . 1518When the profile name contains any of the characters 1519.Dq Li .-/+ 1520they are translated to 1521.Dq Li _ 1522for the proposes of the override variable names. 1523.It Va ppp_mode 1524.Pq Vt str 1525Mode in which to run the 1526.Xr ppp 8 1527daemon. 1528.It Va ppp_ Ns Ao Ar profile Ac Ns _mode 1529.Pq Vt str 1530Overrides the global 1531.Va ppp_mode 1532for 1533.Ar profile . 1534Accepted modes are 1535.Dq Li auto , 1536.Dq Li ddial , 1537.Dq Li direct 1538and 1539.Dq Li dedicated . 1540See the manual for a full description. 1541.It Va ppp_nat 1542.Pq Vt bool 1543If set to 1544.Dq Li YES , 1545enables network address translation. 1546Used in conjunction with 1547.Va gateway_enable 1548allows hosts on private network addresses access to the Internet using 1549this host as a network address translating router. 1550.It Va ppp_ Ns Ao Ar profile Ac Ns _nat 1551.Pq Vt str 1552Overrides the global 1553.Va ppp_nat 1554for 1555.Ar profile . 1556.It Va ppp_ Ns Ao Ar profile Ac Ns _unit 1557.Pq Vt int 1558Set the unit number to be used for this profile. 1559See the manual description of 1560.Fl unit Ns Ar N 1561for details. 1562.It Va ppp_user 1563.Pq Vt str 1564The name of the user under which 1565.Xr ppp 8 1566should be started. 1567By 1568default, 1569.Xr ppp 8 1570is started as 1571.Dq Li root . 1572.It Va rc_conf_files 1573.Pq Vt str 1574This option is used to specify a list of files that will override 1575the settings in 1576.Pa /etc/defaults/rc.conf . 1577The files will be read in the order in which they are specified and should 1578include the full path to the file. 1579By default, the files specified are 1580.Pa /etc/rc.conf 1581and 1582.Pa /etc/rc.conf.local 1583.It Va zfs_enable 1584.Pq Vt bool 1585If set to 1586.Dq Li YES , 1587.Pa /etc/rc.d/zfs 1588will attempt to automatically mount ZFS file systems and initialize ZFS volumes 1589(ZVOLs). 1590.It Va gptboot_enable 1591.Pq Vt bool 1592If set to 1593.Dq Li YES , 1594.Pa /etc/rc.d/gptboot 1595will log if the system successfully (or not) booted from a GPT partition, 1596which had the 1597.Ar bootonce 1598attribute set using 1599.Xr gpart 8 1600utility. 1601.It Va gbde_autoattach_all 1602.Pq Vt bool 1603If set to 1604.Dq Li YES , 1605.Pa /etc/rc.d/gbde 1606will attempt to automatically initialize your .bde devices in 1607.Pa /etc/fstab . 1608.It Va gbde_devices 1609.Pq Vt str 1610List the devices that the script should try to attach, 1611or 1612.Dq Li AUTO . 1613.It Va gbde_lockdir 1614.Pq Vt str 1615The directory where the 1616.Xr gbde 4 1617lockfiles are located. 1618The default lockfile directory is 1619.Pa /etc . 1620.Pp 1621The lockfile for each individual 1622.Xr gbde 4 1623device can be overridden by setting the variable 1624.Va gbde_lock_ Ns Aq Ar device , 1625where 1626.Ar device 1627is the encrypted device without the 1628.Dq Pa /dev/ 1629and 1630.Dq Pa .bde 1631parts. 1632.It Va gbde_attach_attempts 1633.Pq Vt int 1634Number of times to attempt attaching to a 1635.Xr gbde 4 1636device, i.e., how many times the user is asked for the pass-phrase. 1637Default is 3. 1638.It Va geli_devices 1639.Pq Vt str 1640List of devices to automatically attach on boot. 1641Note that .eli devices from 1642.Pa /etc/fstab 1643are automatically appended to this list. 1644.It Va geli_tries 1645.Pq Vt int 1646Number of times user is asked for the pass-phrase. 1647If empty, it will be taken from 1648.Va kern.geom.eli.tries 1649sysctl variable. 1650.It Va geli_default_flags 1651.Pq Vt str 1652Default flags to use by 1653.Xr geli 8 1654when configuring disk encryption. 1655Flags can be configured for every device separately by defining 1656.Va geli_ Ns Ao Ar device Ac Ns Va _flags 1657variable. 1658.It Va geli_autodetach 1659.Pq Vt str 1660Specifies if GELI devices should be marked for detach on last close after 1661file systems are mounted. 1662Default is 1663.Dq Li YES . 1664This can be changed for every device separately by defining 1665.Va geli_ Ns Ao Ar device Ac Ns Va _autodetach 1666variable. 1667.It Va geli_swap_flags 1668Options passed to the 1669.Xr geli 8 1670utility when encrypted GEOM providers for swap partitions are created. 1671The default is 1672.Dq Li "-e aes -l 256 -s 4096 -d" . 1673.It Va root_rw_mount 1674.Pq Vt bool 1675Set to 1676.Dq Li YES 1677by default. 1678After the file systems are checked at boot time, the root file system 1679is remounted as read-write if this is set to 1680.Dq Li YES . 1681Diskless systems that mount their root file system from a read-only remote 1682NFS share should set this to 1683.Dq Li NO 1684in their 1685.Pa rc.conf . 1686.It Va fsck_y_enable 1687.Pq Vt bool 1688If set to 1689.Dq Li YES , 1690.Xr fsck 8 1691will be run with the 1692.Fl y 1693flag if the initial preen 1694of the file systems fails. 1695.It Va background_fsck 1696.Pq Vt bool 1697If set to 1698.Dq Li YES , 1699the system will attempt to run 1700.Xr fsck 8 1701in the background where possible. 1702.It Va background_fsck_delay 1703.Pq Vt int 1704The amount of time in seconds to sleep before starting a background 1705.Xr fsck 8 . 1706It defaults to sixty seconds to allow large applications such as 1707the X server to start before disk I/O bandwidth is monopolized by 1708.Xr fsck 8 . 1709If set to a negative number, the background file system check will be 1710delayed indefinitely to allow the administrator to run it at a more 1711convenient time. 1712For example it may be run from 1713.Xr cron 8 1714by adding a line like 1715.Pp 1716.Dl "0 4 * * * root /etc/rc.d/bgfsck forcestart" 1717.Pp 1718to 1719.Pa /etc/crontab . 1720.It Va netfs_types 1721.Pq Vt str 1722List of file system types that are network-based. 1723This list should generally not be modified by end users. 1724Use 1725.Va extra_netfs_types 1726instead. 1727.It Va extra_netfs_types 1728.Pq Vt str 1729If set to something other than 1730.Dq Li NO 1731(the default), 1732this variable extends the list of file system types 1733for which automatic mounting at startup by 1734.Xr rc 8 1735should be delayed until the network is initialized. 1736It should contain 1737a whitespace-separated list of network file system descriptor pairs, 1738each consisting of a file system type as passed to 1739.Xr mount 8 1740and a human-readable, one-word description, 1741joined with a colon 1742.Pq Ql \&: . 1743Extending the default list in this way is only necessary 1744when third party file system types are used. 1745.It Va syslogd_enable 1746.Pq Vt bool 1747If set to 1748.Dq Li YES , 1749run the 1750.Xr syslogd 8 1751daemon. 1752.It Va syslogd_program 1753.Pq Vt str 1754Path to 1755.Xr syslogd 8 1756(default 1757.Pa /usr/sbin/syslogd ) . 1758.It Va syslogd_flags 1759.Pq Vt str 1760If 1761.Va syslogd_enable 1762is set to 1763.Dq Li YES , 1764these are the flags to pass to 1765.Xr syslogd 8 . 1766.It Va inetd_enable 1767.Pq Vt bool 1768If set to 1769.Dq Li YES , 1770run the 1771.Xr inetd 8 1772daemon. 1773.It Va inetd_program 1774.Pq Vt str 1775Path to 1776.Xr inetd 8 1777(default 1778.Pa /usr/sbin/inetd ) . 1779.It Va inetd_flags 1780.Pq Vt str 1781If 1782.Va inetd_enable 1783is set to 1784.Dq Li YES , 1785these are the flags to pass to 1786.Xr inetd 8 . 1787.It Va hastd_enable 1788.Pq Vt bool 1789If set to 1790.Dq Li YES , 1791run the 1792.Xr hastd 8 1793daemon. 1794.It Va hastd_program 1795.Pq Vt str 1796Path to 1797.Xr hastd 8 1798(default 1799.Pa /sbin/hastd ) . 1800.It Va hastd_flags 1801.Pq Vt str 1802If 1803.Va hastd_enable 1804is set to 1805.Dq Li YES , 1806these are the flags to pass to 1807.Xr hastd 8 . 1808.It Va named_enable 1809.Pq Vt bool 1810If set to 1811.Dq Li YES , 1812run the 1813.Xr named 8 1814daemon. 1815.It Va named_program 1816.Pq Vt str 1817Path to 1818.Xr named 8 1819(default 1820.Pa /usr/sbin/named ) . 1821.It Va named_conf 1822.Pq Vt str 1823Path to 1824.Xr named 8 1825configuration file, (default 1826.Pa /etc/namedb/named.conf ) . 1827.It Va named_flags 1828.Pq Vt str 1829If 1830.Va named_enable 1831is set to 1832.Dq Li YES , 1833these are the flags to pass to 1834.Xr named 8 . 1835.It Va named_uid 1836.Pq Vt str 1837The user that the 1838.Xr named 8 1839process should be run as. 1840.It Va named_chrootdir 1841.Pq Vt str 1842The root directory for a name server run in a 1843.Xr chroot 8 1844environment (default 1845.Pa /var/named ) . 1846If left empty 1847.Xr named 8 1848will not be run in a 1849.Xr chroot 8 1850environment. 1851.It Va named_chroot_autoupdate 1852.Pq Vt bool 1853Set to 1854.Dq Li NO 1855to disable automatic update of the 1856.Xr chroot 8 1857environment. 1858.It Va named_symlink_enable 1859.Pq Vt bool 1860Set to 1861.Dq Li NO 1862to disable symlinking of 1863daemon's PID file 1864into the 1865.Xr chroot 8 1866environment. 1867.It Va named_wait 1868.Pq Vt bool 1869Set to have 1870.Pa /etc/rc.d/named 1871loop until working name service is established. 1872.It Va named_wait_host 1873.Pq Vt str 1874Name of host to lookup for the named_wait option. 1875(Default localhost) 1876.It Va named_auto_forward 1877.Pq Vt bool 1878Set to enable automatic creation of a forwarder 1879configuration file derived from 1880.Pa /etc/resolv.conf . 1881.It Va named_auto_forward_only 1882.Pq Vt bool 1883Set to change the default forwarder configuration from 1884.Dq forward first 1885to 1886.Dq forward only . 1887.It Va kerberos5_server_enable 1888.Pq Vt bool 1889Set to 1890.Dq Li YES 1891to start a Kerberos 5 authentication server 1892at boot time. 1893.It Va kerberos5_server 1894.Pq Vt str 1895If 1896.Va kerberos5_server_enable 1897is set to 1898.Dq Li YES 1899this is the path to Kerberos 5 Authentication Server. 1900.It Va kerberos5_server_flags 1901.Pq Vt str 1902Empty by default. 1903This variable contains additional flags to be passed to the Kerberos 5 1904authentication server. 1905.It Va kadmind5_server_enable 1906.Pq Vt bool 1907Set to 1908.Dq Li YES 1909to start 1910.Xr kadmind 8 , 1911the Kerberos 5 Administration Daemon; set to 1912.Dq Li NO 1913on a slave server. 1914.It Va kadmind5_server 1915.Pq Vt str 1916If 1917.Va kadmind5_server_enable 1918is set to 1919.Dq Li YES 1920this is the path to Kerberos 5 Administration Daemon. 1921.It Va kpasswdd_server_enable 1922.Pq Vt bool 1923Set to 1924.Dq Li YES 1925to start 1926.Xr kpasswdd 8 , 1927the Kerberos 5 Password-Changing Daemon; set to 1928.Dq Li NO 1929on a slave server. 1930.It Va kpasswdd_server 1931.Pq Vt str 1932If 1933.Va kpasswdd_server_enable 1934is set to 1935.Dq Li YES 1936this is the path to Kerberos 5 Password-Changing Daemon. 1937.It Va rwhod_enable 1938.Pq Vt bool 1939If set to 1940.Dq Li YES , 1941run the 1942.Xr rwhod 8 1943daemon at boot time. 1944.It Va rwhod_flags 1945.Pq Vt str 1946If 1947.Va rwhod_enable 1948is set to 1949.Dq Li YES , 1950these are the flags to pass to it. 1951.It Va amd_enable 1952.Pq Vt bool 1953If set to 1954.Dq Li YES , 1955run the 1956.Xr amd 8 1957daemon at boot time. 1958.It Va amd_flags 1959.Pq Vt str 1960If 1961.Va amd_enable 1962is set to 1963.Dq Li YES , 1964these are the flags to pass to it. 1965See the 1966.Xr amd 8 1967manpage for more information. 1968.It Va amd_map_program 1969.Pq Vt str 1970If set, 1971the specified program is run to get the list of 1972.Xr amd 8 1973maps. 1974For example, if the 1975.Xr amd 8 1976maps are stored in NIS, one can set this to 1977run 1978.Xr ypcat 1 1979to get a list of 1980.Xr amd 8 1981maps from the 1982.Pa amd.master 1983NIS map. 1984.It Va update_motd 1985.Pq Vt bool 1986If set to 1987.Dq Li YES , 1988.Pa /etc/motd 1989will be updated at boot time to reflect the kernel release 1990being run. 1991If set to 1992.Dq Li NO , 1993.Pa /etc/motd 1994will not be updated. 1995.It Va nfs_client_enable 1996.Pq Vt bool 1997If set to 1998.Dq Li YES , 1999run the NFS client daemons at boot time. 2000.It Va nfs_access_cache 2001.Pq Vt int 2002If 2003.Va nfs_client_enable 2004is set to 2005.Dq Li YES , 2006this can be set to 2007.Dq Li 0 2008to disable NFS ACCESS RPC caching, or to the number of seconds for which 2009NFS ACCESS 2010results should be cached. 2011A value of 2-10 seconds will substantially reduce network 2012traffic for many NFS operations. 2013.It Va nfs_server_enable 2014.Pq Vt bool 2015If set to 2016.Dq Li YES , 2017run the NFS server daemons at boot time. 2018.It Va nfs_server_flags 2019.Pq Vt str 2020If 2021.Va nfs_server_enable 2022is set to 2023.Dq Li YES , 2024these are the flags to pass to the 2025.Xr nfsd 8 2026daemon. 2027.It Va nfsv4_server_enable 2028.Pq Vt bool 2029If 2030.Va nfs_server_enable 2031is set to 2032.Dq Li YES 2033and 2034.Va nfsv4_server_enable 2035are set to 2036.Dq Li YES , 2037enable the server for NFSv4 as well as NFSv2 and NFSv3. 2038.It Va nfsuserd_enable 2039.Pq Vt bool 2040If 2041.Va nfsuserd_enable 2042is set to 2043.Dq Li YES , 2044run the nfsuserd daemon, which is needed for NFSv4 in order 2045to map between user/group names vs uid/gid numbers. 2046If 2047.Va nfsv4_server_enable 2048is set to 2049.Dq Li YES , 2050this will be forced enabled. 2051.It Va nfsuserd_flags 2052.Pq Vt str 2053If 2054.Va nfsuserd_enable 2055is set to 2056.Dq Li YES , 2057these are the flags to pass to the 2058.Xr nfsuserd 8 2059daemon. 2060.It Va nfscbd_enable 2061.Pq Vt bool 2062If 2063.Va nfscbd_enable 2064is set to 2065.Dq Li YES , 2066run the nfscbd daemon, which enables callbacks/delegations for the NFSv4 client. 2067.It Va nfscbd_flags 2068.Pq Vt str 2069If 2070.Va nfscbd_enable 2071is set to 2072.Dq Li YES , 2073these are the flags to pass to the 2074.Xr nfscbd 8 2075daemon. 2076.It Va oldnfs_server_enable 2077.Pq Vt bool 2078If 2079.Va oldnfs_server_enable 2080is set to 2081.Dq Li YES , 2082force the NFS server daemons to run the old NFS server code 2083that does not support NFSv4. 2084.It Va mountd_enable 2085.Pq Vt bool 2086If set to 2087.Dq Li YES , 2088and no 2089.Va nfs_server_enable 2090is set, start 2091.Xr mountd 8 , 2092but not 2093.Xr nfsd 8 2094daemon. 2095It is commonly needed to run CFS without real NFS used. 2096.It Va mountd_flags 2097.Pq Vt str 2098If 2099.Va mountd_enable 2100is set to 2101.Dq Li YES , 2102these are the flags to pass to the 2103.Xr mountd 8 2104daemon. 2105.It Va weak_mountd_authentication 2106.Pq Vt bool 2107If set to 2108.Dq Li YES , 2109allow services like PCNFSD to make non-privileged mount 2110requests. 2111.It Va nfs_reserved_port_only 2112.Pq Vt bool 2113If set to 2114.Dq Li YES , 2115provide NFS services only on a secure port. 2116.It Va nfs_bufpackets 2117.Pq Vt int 2118If set to a number, indicates the number of packets worth of 2119socket buffer space to reserve on an NFS client. 2120The kernel default is typically 4. 2121Using a higher number may be 2122useful on gigabit networks to improve performance. 2123The minimum value is 21242 and the maximum is 64. 2125.It Va rpc_lockd_enable 2126.Pq Vt bool 2127If set to 2128.Dq Li YES 2129and also an NFS server or client, run 2130.Xr rpc.lockd 8 2131at boot time. 2132.It Va rpc_lockd_flags 2133.Pq Vt str 2134If 2135.Va rpc_lockd_enable 2136is set to 2137.Dq Li YES , 2138these are the flags to pass to the 2139.Xr rpc.lockd 8 2140daemon. 2141.It Va rpc_statd_enable 2142.Pq Vt bool 2143If set to 2144.Dq Li YES 2145and also an NFS server or client, run 2146.Xr rpc.statd 8 2147at boot time. 2148.It Va rpc_statd_flags 2149.Pq Vt str 2150If 2151.Va rpc_statd_enable 2152is set to 2153.Dq Li YES , 2154these are the flags to pass to the 2155.Xr rpc.statd 8 2156daemon. 2157.It Va rpcbind_program 2158.Pq Vt str 2159Path to 2160.Xr rpcbind 8 2161(default 2162.Pa /usr/sbin/rpcbind ) . 2163.It Va rpcbind_enable 2164.Pq Vt bool 2165If set to 2166.Dq Li YES , 2167run the 2168.Xr rpcbind 8 2169service at boot time. 2170.It Va rpcbind_flags 2171.Pq Vt str 2172If 2173.Va rpcbind_enable 2174is set to 2175.Dq Li YES , 2176these are the flags to pass to the 2177.Xr rpcbind 8 2178daemon. 2179.It Va keyserv_enable 2180.Pq Vt bool 2181If set to 2182.Dq Li YES , 2183run the 2184.Xr keyserv 8 2185daemon on boot for running Secure RPC. 2186.It Va keyserv_flags 2187.Pq Vt str 2188If 2189.Va keyserv_enable 2190is set to 2191.Dq Li YES , 2192these are the flags to pass to 2193.Xr keyserv 8 2194daemon. 2195.It Va pppoed_enable 2196.Pq Vt bool 2197If set to 2198.Dq Li YES , 2199run the 2200.Xr pppoed 8 2201daemon at boot time to provide PPP over Ethernet services. 2202.It Va pppoed_ Ns Aq Ar provider 2203.Pq Vt str 2204.Xr pppoed 8 2205listens to requests to this 2206.Ar provider 2207and ultimately runs 2208.Xr ppp 8 2209with a 2210.Ar system 2211argument of the same name. 2212.It Va pppoed_flags 2213.Pq Vt str 2214Additional flags to pass to 2215.Xr pppoed 8 . 2216.It Va pppoed_interface 2217.Pq Vt str 2218The network interface to run 2219.Xr pppoed 8 2220on. 2221This is mandatory when 2222.Va pppoed_enable 2223is set to 2224.Dq Li YES . 2225.It Va timed_enable 2226.Pq Vt bool 2227If set to 2228.Dq Li YES , 2229run the 2230.Xr timed 8 2231service at boot time. 2232This command is intended for networks of 2233machines where a consistent 2234.Dq "network time" 2235for all hosts must be established. 2236This is often useful in large NFS 2237environments where time stamps on files are expected to be consistent 2238network-wide. 2239.It Va timed_flags 2240.Pq Vt str 2241If 2242.Va timed_enable 2243is set to 2244.Dq Li YES , 2245these are the flags to pass to the 2246.Xr timed 8 2247service. 2248.It Va ntpdate_enable 2249.Pq Vt bool 2250If set to 2251.Dq Li YES , 2252run 2253.Xr ntpdate 8 2254at system startup. 2255This command is intended to 2256synchronize the system clock only 2257.Em once 2258from some standard reference. 2259An option to set this up initially 2260(from a list of known servers) is also provided by the 2261.Xr sysinstall 8 2262program when the system is first installed. 2263.It Va ntpdate_config 2264.Pq Vt str 2265Configuration file for 2266.Xr ntpdate 8 . 2267Default 2268.Pa /etc/ntp.conf . 2269.It Va ntpdate_hosts 2270.Pq Vt str 2271A whitespace-separated list of NTP servers to synchronize with at startup. 2272The default is to use the servers listed in 2273.Va ntpdate_config , 2274if that file exists. 2275.It Va ntpdate_program 2276.Pq Vt str 2277Path to 2278.Xr ntpdate 8 2279(default 2280.Pa /usr/sbin/ntpdate ) . 2281.It Va ntpdate_flags 2282.Pq Vt str 2283If 2284.Va ntpdate_enable 2285is set to 2286.Dq Li YES , 2287these are the flags to pass to the 2288.Xr ntpdate 8 2289command (typically a hostname). 2290.It Va ntpd_enable 2291.Pq Vt bool 2292If set to 2293.Dq Li YES , 2294run the 2295.Xr ntpd 8 2296command at boot time. 2297.It Va ntpd_program 2298.Pq Vt str 2299Path to 2300.Xr ntpd 8 2301(default 2302.Pa /usr/sbin/ntpd ) . 2303.It Va ntpd_config 2304.Pq Vt str 2305Path to 2306.Xr ntpd 8 2307configuration file. 2308Default 2309.Pa /etc/ntp.conf . 2310.It Va ntpd_flags 2311.Pq Vt str 2312If 2313.Va ntpd_enable 2314is set to 2315.Dq Li YES , 2316these are the flags to pass to the 2317.Xr ntpd 8 2318daemon. 2319.It Va ntpd_sync_on_start 2320.Pq Vt bool 2321If set to 2322.Dq Li YES , 2323.Xr ntpd 8 2324is run with the 2325.Fl g 2326flag, which syncs the system's clock on startup. 2327See 2328.Xr ntpd 8 2329for more information regarding the 2330.Fl g 2331option. 2332This is a preferred alternative to using 2333.Xr ntpdate 8 2334or specifying the 2335.Va ntpdate_enable 2336variable. 2337.It Va nis_client_enable 2338.Pq Vt bool 2339If set to 2340.Dq Li YES , 2341run the 2342.Xr ypbind 8 2343service at system boot time. 2344.It Va nis_client_flags 2345.Pq Vt str 2346If 2347.Va nis_client_enable 2348is set to 2349.Dq Li YES , 2350these are the flags to pass to the 2351.Xr ypbind 8 2352service. 2353.It Va nis_ypset_enable 2354.Pq Vt bool 2355If set to 2356.Dq Li YES , 2357run the 2358.Xr ypset 8 2359daemon at system boot time. 2360.It Va nis_ypset_flags 2361.Pq Vt str 2362If 2363.Va nis_ypset_enable 2364is set to 2365.Dq Li YES , 2366these are the flags to pass to the 2367.Xr ypset 8 2368daemon. 2369.It Va nis_server_enable 2370.Pq Vt bool 2371If set to 2372.Dq Li YES , 2373run the 2374.Xr ypserv 8 2375daemon at system boot time. 2376.It Va nis_server_flags 2377.Pq Vt str 2378If 2379.Va nis_server_enable 2380is set to 2381.Dq Li YES , 2382these are the flags to pass to the 2383.Xr ypserv 8 2384daemon. 2385.It Va nis_ypxfrd_enable 2386.Pq Vt bool 2387If set to 2388.Dq Li YES , 2389run the 2390.Xr rpc.ypxfrd 8 2391daemon at system boot time. 2392.It Va nis_ypxfrd_flags 2393.Pq Vt str 2394If 2395.Va nis_ypxfrd_enable 2396is set to 2397.Dq Li YES , 2398these are the flags to pass to the 2399.Xr rpc.ypxfrd 8 2400daemon. 2401.It Va nis_yppasswdd_enable 2402.Pq Vt bool 2403If set to 2404.Dq Li YES , 2405run the 2406.Xr rpc.yppasswdd 8 2407daemon at system boot time. 2408.It Va nis_yppasswdd_flags 2409.Pq Vt str 2410If 2411.Va nis_yppasswdd_enable 2412is set to 2413.Dq Li YES , 2414these are the flags to pass to the 2415.Xr rpc.yppasswdd 8 2416daemon. 2417.It Va rpc_ypupdated_enable 2418.Pq Vt bool 2419If set to 2420.Dq Li YES , 2421run the 2422.Nm rpc.ypupdated 2423daemon at system boot time. 2424.It Va bsnmpd_enable 2425.Pq Vt bool 2426If set to 2427.Dq Li YES , 2428run the 2429.Xr bsnmpd 1 2430daemon at system boot time. 2431Be sure to understand the security implications of running SNMP daemon 2432on your host. 2433.It Va bsnmpd_flags 2434.Pq Vt str 2435If 2436.Va bsnmpd_enable 2437is set to 2438.Dq Li YES , 2439these are the flags to pass to the 2440.Xr bsnmpd 1 2441daemon. 2442.It Va defaultrouter 2443.Pq Vt str 2444If not set to 2445.Dq Li NO , 2446create a default route to this host name or IP address 2447(use an IP address if this router is also required to get to the 2448name server!). 2449.It Va ipv6_defaultrouter 2450.Pq Vt str 2451The IPv6 equivalent of 2452.Va defaultrouter . 2453.It Va static_arp_pairs 2454.Pq Vt str 2455Set to the list of static ARP pairs that are to be added at system 2456boot time. 2457For each whitespace separated 2458.Ar element 2459in the value, a 2460.Va static_arp_ Ns Aq Ar element 2461variable is assumed to exist whose contents will later be passed to a 2462.Dq Nm arp Cm -S 2463operation. 2464For example 2465.Bd -literal 2466static_arp_pairs="gw" 2467static_arp_gw="192.168.1.1 00:01:02:03:04:05" 2468.Ed 2469.It Va static_routes 2470.Pq Vt str 2471Set to the list of static routes that are to be added at system 2472boot time. 2473If not set to 2474.Dq Li NO 2475then for each whitespace separated 2476.Ar element 2477in the value, a 2478.Va route_ Ns Aq Ar element 2479variable is assumed to exist 2480whose contents will later be passed to a 2481.Dq Nm route Cm add 2482operation. 2483For example: 2484.Bd -literal 2485static_routes="mcast gif0local" 2486route_mcast="-net 224.0.0.0/4 -iface gif0" 2487route_gif0local="-host 169.254.1.1 -iface lo0" 2488.Ed 2489.It Va ipv6_static_routes 2490.Pq Vt str 2491The IPv6 equivalent of 2492.Va static_routes . 2493If not set to 2494.Dq Li NO 2495then for each whitespace separated 2496.Ar element 2497in the value, a 2498.Va ipv6_route_ Ns Aq Ar element 2499variable is assumed to exist 2500whose contents will later be passed to a 2501.Dq Nm route Cm add Fl inet6 2502operation. 2503.It Va natm_static_routes 2504.Pq Vt str 2505The 2506.Xr natmip 4 2507equivalent of 2508.Va static_routes . 2509If not empty then for each whitespace separated 2510.Ar element 2511in the value, a 2512.Va route_ Ns Aq Ar element 2513variable is assumed to exist whose contents will later be passed to a 2514.Dq Nm atmconfig Cm natm Cm add 2515operation. 2516.It Va gateway_enable 2517.Pq Vt bool 2518If set to 2519.Dq Li YES , 2520configure host to act as an IP router, e.g.\& to forward packets 2521between interfaces. 2522.It Va ipv6_gateway_enable 2523.Pq Vt bool 2524The IPv6 equivalent of 2525.Va gateway_enable . 2526.It Va routed_enable 2527.Pq Vt bool 2528If set to 2529.Dq Li YES , 2530run a routing daemon of some sort, based on the 2531settings of 2532.Va routed_program 2533and 2534.Va routed_flags . 2535.It Va route6d_enable 2536.Pq Vt bool 2537The IPv6 equivalent of 2538.Va routed_enable . 2539If set to 2540.Dq Li YES , 2541run a routing daemon of some sort, based on the 2542settings of 2543.Va route6d_program 2544and 2545.Va route6d_flags . 2546.It Va routed_program 2547.Pq Vt str 2548If 2549.Va routed_enable 2550is set to 2551.Dq Li YES , 2552this is the name of the routing daemon to use. 2553.It Va route6d_program 2554.Pq Vt str 2555The IPv6 equivalent of 2556.Va routed_program . 2557.It Va routed_flags 2558.Pq Vt str 2559If 2560.Va routed_enable 2561is set to 2562.Dq Li YES , 2563these are the flags to pass to the routing daemon. 2564.It Va route6d_flags 2565.Pq Vt str 2566The IPv6 equivalent of 2567.Va routed_flags . 2568.It Va mrouted_enable 2569.Pq Vt bool 2570If set to 2571.Dq Li YES , 2572run the multicast routing daemon, 2573.Xr mrouted 8 . 2574.It Va mroute6d_enable 2575.Pq Vt bool 2576The IPv6 equivalent of 2577.Va mrouted_enable . 2578If set to 2579.Dq Li YES , 2580run the IPv6 multicast routing daemon. 2581.Pp 2582Note that multicast routing daemons are no longer included in the 2583.Fx 2584base system, however, both 2585.Xr mrouted 8 2586and 2587.Xr pim6dd 8 2588may be installed from the 2589.Fx 2590Ports Collection. 2591.It Va mrouted_flags 2592.Pq Vt str 2593If 2594.Va mrouted_enable 2595is set to 2596.Dq Li YES , 2597these are the flags to pass to the 2598.Xr mrouted 8 2599daemon. 2600.It Va mroute6d_flags 2601.Pq Vt str 2602The IPv6 equivalent of 2603.Va mrouted_flags . 2604If 2605.Va mroute6d_enable 2606is set to 2607.Dq Li YES , 2608these are the flags passed to the IPv6 multicast routing daemon. 2609.It Va mroute6d_program 2610.Pq Vt str 2611If 2612.Va mroute6d_enable 2613is set to 2614.Dq Li YES , 2615this is the path to the IPv6 multicast routing daemon. 2616.It Va rtadvd_enable 2617.Pq Vt bool 2618If set to 2619.Dq Li YES , 2620run the 2621.Xr rtadvd 8 2622daemon at boot time. 2623.Xr rtadvd 8 2624will only run if 2625.Va ipv6_gateway_enable 2626is also set to 2627.Dq Li YES . 2628The 2629.Xr rtadvd 8 2630utility sends router advertisement packets to the interfaces specified in 2631.Va rtadvd_interfaces 2632and should only be enabled with great care. 2633You may want to fine-tune 2634.Xr rtadvd.conf 5 . 2635.It Va rtadvd_interfaces 2636.Pq Vt str 2637If 2638.Va rtadvd_enable 2639is set to 2640.Dq Li YES 2641this is the list of interfaces to use. 2642.It Va ipxgateway_enable 2643.Pq Vt bool 2644If set to 2645.Dq Li YES , 2646enable the routing of IPX traffic. 2647.It Va ipxrouted_enable 2648.Pq Vt bool 2649If set to 2650.Dq Li YES , 2651run the 2652.Xr IPXrouted 8 2653daemon at system boot time. 2654.It Va ipxrouted_flags 2655.Pq Vt str 2656If 2657.Va ipxrouted_enable 2658is set to 2659.Dq Li YES , 2660these are the flags to pass to the 2661.Xr IPXrouted 8 2662daemon. 2663.It Va arpproxy_all 2664.Pq Vt bool 2665If set to 2666.Dq Li YES , 2667enable global proxy ARP. 2668.It Va forward_sourceroute 2669.Pq Vt bool 2670If set to 2671.Dq Li YES 2672and 2673.Va gateway_enable 2674is also set to 2675.Dq Li YES , 2676source-routed packets are forwarded. 2677.It Va accept_sourceroute 2678.Pq Vt bool 2679If set to 2680.Dq Li YES , 2681the system will accept source-routed packets directed at it. 2682.It Va rarpd_enable 2683.Pq Vt bool 2684If set to 2685.Dq Li YES , 2686run the 2687.Xr rarpd 8 2688daemon at system boot time. 2689.It Va rarpd_flags 2690.Pq Vt str 2691If 2692.Va rarpd_enable 2693is set to 2694.Dq Li YES , 2695these are the flags to pass to the 2696.Xr rarpd 8 2697daemon. 2698.It Va bootparamd_enable 2699.Pq Vt bool 2700If set to 2701.Dq Li YES , 2702run the 2703.Xr bootparamd 8 2704daemon at system boot time. 2705.It Va bootparamd_flags 2706.Pq Vt str 2707If 2708.Va bootparamd_enable 2709is set to 2710.Dq Li YES , 2711these are the flags to pass to the 2712.Xr bootparamd 8 2713daemon. 2714.It Va stf_interface_ipv4addr 2715.Pq Vt str 2716If not set to 2717.Dq Li NO , 2718this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 2719interface). 2720Specify this entry to enable the 6to4 interface. 2721.It Va stf_interface_ipv4plen 2722.Pq Vt int 2723Prefix length for 6to4 IPv4 addresses, to limit peer address range. 2724An effective value is 0-31. 2725.It Va stf_interface_ipv6_ifid 2726.Pq Vt str 2727IPv6 interface ID for 2728.Xr stf 4 . 2729This can be set to 2730.Dq Li AUTO . 2731.It Va stf_interface_ipv6_slaid 2732.Pq Vt str 2733IPv6 Site Level Aggregator for 2734.Xr stf 4 . 2735.It Va ipv6_faith_prefix 2736.Pq Vt str 2737If not set to 2738.Dq Li NO , 2739this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 2740translator. 2741You also need 2742.Xr faithd 8 2743setup. 2744.It Va ipv6_ipv4mapping 2745.Pq Vt bool 2746If set to 2747.Dq Li YES 2748this enables IPv4 mapped IPv6 address communication (like 2749.Li ::ffff:a.b.c.d ) . 2750.It Va atm_enable 2751.Pq Vt bool 2752Set to 2753.Dq Li YES 2754to enable the configuration of ATM interfaces at system boot time. 2755For all of the ATM variables described below, please refer to the 2756.Xr atm 8 2757manual page for further details on the available command parameters. 2758Also refer to the files in 2759.Pa /usr/share/examples/atm 2760for more detailed configuration information. 2761.It Va atm_load 2762.Pq Vt str 2763This is a list of physical ATM interface drivers to load. 2764Typical values are 2765.Dq Li hfa_pci 2766and/or 2767.Dq Li hea_pci . 2768.It Va atm_netif_ Ns Aq Ar intf 2769.Pq Vt str 2770For the ATM physical interface 2771.Ar intf , 2772this variable defines the name prefix and count for the ATM network 2773interfaces to be created. 2774The value will be passed as the parameters of an 2775.Dq Nm atm Cm "set netif" Ar intf 2776command. 2777.It Va atm_sigmgr_ Ns Aq Ar intf 2778.Pq Vt str 2779For the ATM physical interface 2780.Ar intf , 2781this variable defines the ATM signalling manager to be used. 2782The value will be passed as the parameters of an 2783.Dq Nm atm Cm attach Ar intf 2784command. 2785.It Va atm_prefix_ Ns Aq Ar intf 2786.Pq Vt str 2787For the ATM physical interface 2788.Ar intf , 2789this variable defines the NSAP prefix for interfaces using a UNI signalling 2790manager. 2791If set to 2792.Dq Li ILMI , 2793the prefix will automatically be set via the 2794.Xr ilmid 8 2795daemon. 2796Otherwise, the value will be passed as the parameters of an 2797.Dq Nm atm Cm "set prefix" Ar intf 2798command. 2799.It Va atm_macaddr_ Ns Aq Ar intf 2800.Pq Vt str 2801For the ATM physical interface 2802.Ar intf , 2803this variable defines the MAC address for interfaces using a UNI signalling 2804manager. 2805If set to 2806.Dq Li NO , 2807the hardware MAC address contained in the ATM interface card will be used. 2808Otherwise, the value will be passed as the parameters of an 2809.Dq Nm atm Cm "set mac" Ar intf 2810command. 2811.It Va atm_arpserver_ Ns Aq Ar netif 2812.Pq Vt str 2813For the ATM network interface 2814.Ar netif , 2815this variable defines the ATM address for a host which is to provide ATMARP 2816service. 2817This variable is only applicable to interfaces using a UNI signalling 2818manager. 2819If set to 2820.Dq Li local , 2821this host will become an ATMARP server. 2822The value will be passed as the parameters of an 2823.Dq Nm atm Cm "set arpserver" Ar netif 2824command. 2825.It Va atm_scsparp_ Ns Aq Ar netif 2826.Pq Vt bool 2827If set to 2828.Dq Li YES , 2829SCSP/ATMARP service for the network interface 2830.Ar netif 2831will be initiated using the 2832.Xr scspd 8 2833and 2834.Xr atmarpd 8 2835daemons. 2836This variable is only applicable if 2837.Va atm_arpserver_ Ns Aq Ar netif 2838is set to 2839.Dq Li local . 2840.It Va atm_pvcs 2841.Pq Vt str 2842Set to the list of ATM PVCs to be added at system 2843boot time. 2844For each whitespace separated 2845.Ar element 2846in the value, an 2847.Va atm_pvc_ Ns Aq Ar element 2848variable is assumed to exist. 2849The value of each of these variables 2850will be passed as the parameters of an 2851.Dq Nm atm Cm "add pvc" 2852command. 2853.It Va atm_arps 2854.Pq Vt str 2855Set to the list of permanent ATM ARP entries to be added 2856at system boot time. 2857For each whitespace separated 2858.Ar element 2859in the value, an 2860.Va atm_arp_ Ns Aq Ar element 2861variable is assumed to exist. 2862The value of each of these variables 2863will be passed as the parameters of an 2864.Dq Nm atm Cm "add arp" 2865command. 2866.It Va natm_interfaces 2867.Pq Vt str 2868Set to the list of 2869.Xr natm 4 2870interfaces that will also be used for HARP through 2871.Xr harp 4 . 2872If this list is not empty all interfaces in the list will be brought up 2873with 2874.Xr ifconfig 8 2875and 2876.Xr harp 4 2877will be loaded. 2878For this to work the interface drivers must be either compiled into the 2879kernel or must reside on the root partition. 2880.It Va keybell 2881.Pq Vt str 2882The keyboard bell sound. 2883Set to 2884.Dq Li normal , 2885.Dq Li visual , 2886.Dq Li off , 2887or 2888.Dq Li NO 2889if the default behavior is desired. 2890For details, refer to the 2891.Xr kbdcontrol 1 2892manpage. 2893.It Va keyboard 2894.Pq Vt str 2895If set to a non-null string, the virtual console's keyboard input is 2896set to this device. 2897.It Va keymap 2898.Pq Vt str 2899If set to 2900.Dq Li NO , 2901no keymap is installed, otherwise the value is used to install 2902the keymap file in 2903.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2904.It Va keyrate 2905.Pq Vt str 2906The keyboard repeat speed. 2907Set to 2908.Dq Li slow , 2909.Dq Li normal , 2910.Dq Li fast , 2911or 2912.Dq Li NO 2913if the default behavior is desired. 2914.It Va keychange 2915.Pq Vt str 2916If not set to 2917.Dq Li NO , 2918attempt to program the function keys with the value. 2919The value should 2920be a single string of the form: 2921.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2922.It Va cursor 2923.Pq Vt str 2924Can be set to the value of 2925.Dq Li normal , 2926.Dq Li blink , 2927.Dq Li destructive , 2928or 2929.Dq Li NO 2930to set the cursor behavior explicitly or choose the default behavior. 2931.It Va scrnmap 2932.Pq Vt str 2933If set to 2934.Dq Li NO , 2935no screen map is installed, otherwise the value is used to install 2936the screen map file in 2937.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2938.It Va font8x16 2939.Pq Vt str 2940If set to 2941.Dq Li NO , 2942the default 8x16 font value is used for screen size requests, otherwise 2943the value in 2944.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2945is used. 2946.It Va font8x14 2947.Pq Vt str 2948If set to 2949.Dq Li NO , 2950the default 8x14 font value is used for screen size requests, otherwise 2951the value in 2952.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2953is used. 2954.It Va font8x8 2955.Pq Vt str 2956If set to 2957.Dq Li NO , 2958the default 8x8 font value is used for screen size requests, otherwise 2959the value in 2960.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2961is used. 2962.It Va blanktime 2963.Pq Vt int 2964If set to 2965.Dq Li NO , 2966the default screen blanking interval is used, otherwise it is set 2967to 2968.Ar value 2969seconds. 2970.It Va saver 2971.Pq Vt str 2972If not set to 2973.Dq Li NO , 2974this is the actual screen saver to use 2975.Li ( blank , snake , daemon , 2976etc). 2977.It Va moused_nondefault_enable 2978.Pq Vt str 2979If set to 2980.Dq Li NO , 2981the mouse device specified on 2982the command line is not automatically treated as enabled by the 2983.Pa /etc/rc.d/moused 2984script. 2985Having this variable set to 2986.Dq Li YES 2987allows a 2988.Xr usb 4 2989mouse, 2990for example, 2991to be enabled as soon as it is plugged in. 2992.It Va moused_enable 2993.Pq Vt str 2994If set to 2995.Dq Li YES , 2996the 2997.Xr moused 8 2998daemon is started for doing cut/paste selection on the console. 2999.It Va moused_type 3000.Pq Vt str 3001This is the protocol type of the mouse connected to this host. 3002This variable must be set if 3003.Va moused_enable 3004is set to 3005.Dq Li YES . 3006The 3007.Xr moused 8 3008daemon 3009is able to detect the appropriate mouse type automatically in many cases. 3010Set this variable to 3011.Dq Li auto 3012to let the daemon detect it, or 3013select one from the following list if the automatic detection fails. 3014.Pp 3015If the mouse is attached to the PS/2 mouse port, choose 3016.Dq Li auto 3017or 3018.Dq Li ps/2 , 3019regardless of the brand and model of the mouse. 3020Likewise, if the 3021mouse is attached to the bus mouse port, choose 3022.Dq Li auto 3023or 3024.Dq Li busmouse . 3025All other protocols are for serial mice and will not work with 3026the PS/2 and bus mice. 3027If this is a USB mouse, 3028.Dq Li auto 3029is the only protocol type which will work. 3030.Pp 3031.Bl -tag -width ".Li x10mouseremote" -compact 3032.It Li microsoft 3033Microsoft mouse (serial) 3034.It Li intellimouse 3035Microsoft IntelliMouse (serial) 3036.It Li mousesystems 3037Mouse systems Corp.\& mouse (serial) 3038.It Li mmseries 3039MM Series mouse (serial) 3040.It Li logitech 3041Logitech mouse (serial) 3042.It Li busmouse 3043A bus mouse 3044.It Li mouseman 3045Logitech MouseMan and TrackMan (serial) 3046.It Li glidepoint 3047ALPS GlidePoint (serial) 3048.It Li thinkingmouse 3049Kensington ThinkingMouse (serial) 3050.It Li ps/2 3051PS/2 mouse 3052.It Li mmhittab 3053MM HitTablet (serial) 3054.It Li x10mouseremote 3055X10 MouseRemote (serial) 3056.It Li versapad 3057Interlink VersaPad (serial) 3058.El 3059.Pp 3060Even if the mouse is not in the above list, it may be compatible 3061with one in the list. 3062Refer to the manual page for 3063.Xr moused 8 3064for compatibility information. 3065.Pp 3066It should also be noted that while this is enabled, any 3067other client of the mouse (such as an X server) should access 3068the mouse through the virtual mouse device, 3069.Pa /dev/sysmouse , 3070and configure it as a 3071.Dq Li sysmouse 3072type mouse, since all 3073mouse data is converted to this single canonical format when 3074using 3075.Xr moused 8 . 3076If the client program does not support the 3077.Dq Li sysmouse 3078type, 3079specify the 3080.Dq Li mousesystems 3081type. 3082It is the second preferred type. 3083.It Va moused_port 3084.Pq Vt str 3085If 3086.Va moused_enable 3087is set to 3088.Dq Li YES , 3089this is the actual port the mouse is on. 3090It might be 3091.Pa /dev/cuad0 3092for a COM1 serial mouse, 3093.Pa /dev/psm0 3094for a PS/2 mouse or 3095.Pa /dev/mse0 3096for a bus mouse, for example. 3097.It Va moused_flags 3098.Pq Vt str 3099If 3100.Va moused_flags 3101is set, its value is used as an additional set of flags to pass to the 3102.Xr moused 8 3103daemon. 3104.It Va "moused_" Ns Ar XXX Ns Va "_flags" 3105When 3106.Va moused_nondefault_enable 3107is enabled, and a 3108.Xr moused 8 3109daemon is started for a non-default port, the 3110.Va "moused_" Ns Ar XXX Ns Va "_flags" 3111set of options has precedence over and replaces the default 3112.Va moused_flags (where 3113.Ar XXX 3114is the name of the non-default port, i.e.\& 3115.Ar ums0 ) . 3116By setting 3117.Va "moused_" Ns Ar XXX Ns Va "_flags" 3118it is possible to set up a different set of default flags for each 3119.Xr moused 8 3120instance. 3121For example, you can use 3122.Dq Li "-3" 3123for the default 3124.Va moused_flags 3125to make your laptop's touchpad more comfortable to use, 3126but an empty set of options for 3127.Va moused_ums0_flags 3128when your 3129.Xr usb 4 3130mouse has three or more buttons. 3131.It Va mousechar_start 3132.Pq Vt int 3133If set to 3134.Dq Li NO , 3135the default mouse cursor character range 3136.Li 0xd0 Ns - Ns Li 0xd3 3137is used, 3138otherwise the range start is set 3139to 3140.Ar value 3141character, see 3142.Xr vidcontrol 1 . 3143Use if the default range is occupied in the language code table. 3144.It Va allscreens_flags 3145.Pq Vt str 3146If set, 3147.Xr vidcontrol 1 3148is run with these options for each of the virtual terminals 3149.Pq Pa /dev/ttyv* . 3150For example, 3151.Dq Fl m Cm on 3152will enable the mouse pointer on all virtual terminals 3153if 3154.Va moused_enable 3155is set to 3156.Dq Li YES . 3157.It Va allscreens_kbdflags 3158.Pq Vt str 3159If set, 3160.Xr kbdcontrol 1 3161is run with these options for each of the virtual terminals 3162.Pq Pa /dev/ttyv* . 3163For example, 3164.Dq Fl h Li 200 3165will set the 3166.Xr syscons 4 3167scrollback (history) buffer to 200 lines. 3168.It Va cron_enable 3169.Pq Vt bool 3170If set to 3171.Dq Li YES , 3172run the 3173.Xr cron 8 3174daemon at system boot time. 3175.It Va cron_program 3176.Pq Vt str 3177Path to 3178.Xr cron 8 3179(default 3180.Pa /usr/sbin/cron ) . 3181.It Va cron_flags 3182.Pq Vt str 3183If 3184.Va cron_enable 3185is set to 3186.Dq Li YES , 3187these are the flags to pass to 3188.Xr cron 8 . 3189.It Va cron_dst 3190.Pq Vt bool 3191If set to 3192.Dq Li YES , 3193enable the special handling of transitions to and from the 3194Daylight Saving Time in 3195.Xr cron 8 3196(equivalent to using the flag 3197.Fl s ) . 3198.It Va lpd_program 3199.Pq Vt str 3200Path to 3201.Xr lpd 8 3202(default 3203.Pa /usr/sbin/lpd ) . 3204.It Va lpd_enable 3205.Pq Vt bool 3206If set to 3207.Dq Li YES , 3208run the 3209.Xr lpd 8 3210daemon at system boot time. 3211.It Va lpd_flags 3212.Pq Vt str 3213If 3214.Va lpd_enable 3215is set to 3216.Dq Li YES , 3217these are the flags to pass to the 3218.Xr lpd 8 3219daemon. 3220.It Va chkprintcap_enable 3221.Pq Vt bool 3222If set to 3223.Dq Li YES , 3224run the 3225.Xr chkprintcap 8 3226command before starting the 3227.Xr lpd 8 3228daemon. 3229.It Va chkprintcap_flags 3230.Pq Vt str 3231If 3232.Va lpd_enable 3233and 3234.Va chkprintcap_enable 3235are set to 3236.Dq Li YES , 3237these are the flags to pass to the 3238.Xr chkprintcap 8 3239program. 3240The default is 3241.Dq Li -d , 3242which causes missing directories to be created. 3243.It Va mta_start_script 3244.Pq Vt str 3245This variable specifies the full path to the script to run to start 3246a mail transfer agent. 3247The default is 3248.Pa /etc/rc.sendmail . 3249The 3250.Va sendmail_* 3251variables which 3252.Pa /etc/rc.sendmail 3253uses are documented in the 3254.Xr rc.sendmail 8 3255manual page. 3256.It Va dumpdev 3257.Pq Vt str 3258Indicates the device (usually a swap partition) to which a crash dump 3259should be written in the event of a system crash. 3260If the value of this variable is 3261.Dq Li AUTO , 3262the first suitable swap device listed in 3263.Pa /etc/fstab 3264will be used as dump device. 3265Otherwise, the value of this variable is passed as the argument to 3266.Xr dumpon 8 . 3267To disable crash dumps, set this variable to 3268.Dq Li NO . 3269.It Va dumpdir 3270.Pq Vt str 3271When the system reboots after a crash and a crash dump is found on the 3272device specified by the 3273.Va dumpdev 3274variable, 3275.Xr savecore 8 3276will save that crash dump and a copy of the kernel to the directory 3277specified by the 3278.Va dumpdir 3279variable. 3280The default value is 3281.Pa /var/crash . 3282Set to 3283.Dq Li NO 3284to not run 3285.Xr savecore 8 3286at boot time when 3287.Va dumpdir 3288is set. 3289.It Va savecore_flags 3290.Pq Vt str 3291If crash dumps are enabled, these are the flags to pass to the 3292.Xr savecore 8 3293utility. 3294.It Va quota_enable 3295.Pq Vt bool 3296Set to 3297.Dq Li YES 3298to turn on user and group disk quotas on system startup via the 3299.Xr quotaon 8 3300command for all file systems marked as having quotas enabled in 3301.Pa /etc/fstab . 3302The kernel must be built with 3303.Cd "options QUOTA" 3304for disk quotas to function. 3305.It Va check_quotas 3306.Pq Vt bool 3307Set to 3308.Dq Li YES 3309to enable user and group disk quota checking via the 3310.Xr quotacheck 8 3311command. 3312.It Va quotacheck_flags 3313.Pq Vt str 3314If 3315.Va quota_enable 3316is set to 3317.Dq Li YES , 3318and 3319.Va check_quotas 3320is set to 3321.Dq Li YES , 3322these are the flags to pass to the 3323.Xr quotacheck 8 3324utility. 3325The default is 3326.Dq Li "-a" , 3327which checks quotas for all file systems with quotas enabled in 3328.Pa /etc/fstab . 3329.It Va quotaon_flags 3330.Pq Vt str 3331If 3332.Va quota_enable 3333is set to 3334.Dq Li YES , 3335these are the flags to pass to the 3336.Xr quotaon 8 3337utility. 3338The default is 3339.Dq Li "-a" , 3340which enables quotas for all file systems with quotas enabled in 3341.Pa /etc/fstab . 3342.It Va quotaoff_flags 3343.Pq Vt str 3344If 3345.Va quota_enable 3346is set to 3347.Dq Li YES , 3348these are the flags to pass to the 3349.Xr quotaoff 8 3350utility when shutting down the quota system. 3351The default is 3352.Dq Li "-a" , 3353which disables quotas for all file systems with quotas enabled in 3354.Pa /etc/fstab . 3355.It Va accounting_enable 3356.Pq Vt bool 3357Set to 3358.Dq Li YES 3359to enable system accounting through the 3360.Xr accton 8 3361facility. 3362.It Va ibcs2_enable 3363.Pq Vt bool 3364Set to 3365.Dq Li YES 3366to enable iBCS2 (SCO) binary emulation at system initial boot 3367time. 3368.It Va ibcs2_loaders 3369.Pq Vt str 3370If not set to 3371.Dq Li NO 3372and if 3373.Va ibcs2_enable 3374is set to 3375.Dq Li YES , 3376this specifies a list of additional iBCS2 loaders to enable. 3377.It Va linux_enable 3378.Pq Vt bool 3379Set to 3380.Dq Li YES 3381to enable Linux/ELF binary emulation at system initial 3382boot time. 3383.It Va svr4_enable 3384.Pq Vt bool 3385If set to 3386.Dq Li YES , 3387enable SysVR4 emulation at boot time. 3388.It Va sysvipc_enable 3389.Pq Vt bool 3390If set to 3391.Dq Li YES , 3392load System V IPC primitives at boot time. 3393.It Va clear_tmp_enable 3394.Pq Vt bool 3395Set to 3396.Dq Li YES 3397to have 3398.Pa /tmp 3399cleaned at startup. 3400.It Va clear_tmp_X 3401.Pq Vt bool 3402Set to 3403.Dq Li NO 3404to disable removing of X11 lock files, 3405and the removal and (secure) recreation 3406of the various socket directories for X11 3407related programs. 3408.It Va ldconfig_paths 3409.Pq Vt str 3410Set to the list of shared library paths to use with 3411.Xr ldconfig 8 . 3412NOTE: 3413.Pa /usr/lib 3414will always be added first, so it need not appear in this list. 3415.It Va ldconfig32_paths 3416.Pq Vt str 3417Set to the list of 32-bit compatibility shared library paths to 3418use with 3419.Xr ldconfig 8 . 3420.It Va ldconfig_paths_aout 3421.Pq Vt str 3422Set to the list of shared library paths to use with 3423.Xr ldconfig 8 3424legacy 3425.Xr a.out 5 3426support. 3427.It Va ldconfig_insecure 3428.Pq Vt bool 3429The 3430.Xr ldconfig 8 3431utility normally refuses to use directories 3432which are writable by anyone except root. 3433Set this variable to 3434.Dq Li YES 3435to disable that security check during system startup. 3436.It Va ldconfig_local_dirs 3437.Pq Vt str 3438Set to the list of local 3439.Xr ldconfig 8 3440directories. 3441The names of all files in the directories listed will be 3442passed as arguments to 3443.Xr ldconfig 8 . 3444.It Va ldconfig_local32_dirs 3445.Pq Vt str 3446Set to the list of local 32-bit compatibility 3447.Xr ldconfig 8 3448directories. 3449The names of all files in the directories listed will be 3450passed as arguments to 3451.Dq Nm ldconfig Fl 32 . 3452.It Va kern_securelevel_enable 3453.Pq Vt bool 3454Set to 3455.Dq Li YES 3456to set the kernel security level at system startup. 3457.It Va kern_securelevel 3458.Pq Vt int 3459The kernel security level to set at startup. 3460The allowed range of 3461.Ar value 3462ranges from \-1 (the compile time default) to 3 (the 3463most secure). 3464See 3465.Xr security 7 3466for the list of possible security levels and their effect 3467on system operation. 3468.It Va sshd_program 3469.Pq Vt str 3470Path to the SSH server program 3471.Pa ( /usr/sbin/sshd 3472is the default). 3473.It Va sshd_enable 3474.Pq Vt bool 3475Set to 3476.Dq Li YES 3477to start 3478.Xr sshd 8 3479at system boot time. 3480.It Va sshd_flags 3481.Pq Vt str 3482If 3483.Va sshd_enable 3484is set to 3485.Dq Li YES , 3486these are the flags to pass to the 3487.Xr sshd 8 3488daemon. 3489.It Va ftpd_program 3490.Pq Vt str 3491Path to the FTP server program 3492.Pa ( /usr/libexec/ftpd 3493is the default). 3494.It Va ftpd_enable 3495.Pq Vt bool 3496Set to 3497.Dq Li YES 3498to start 3499.Xr ftpd 8 3500as a stand-alone daemon at system boot time. 3501.It Va ftpd_flags 3502.Pq Vt str 3503If 3504.Va ftpd_enable 3505is set to 3506.Dq Li YES , 3507these are the additional flags to pass to the 3508.Xr ftpd 8 3509daemon. 3510.It Va watchdogd_enable 3511.Pq Vt bool 3512If set to 3513.Dq Li YES , 3514start the 3515.Xr watchdogd 8 3516daemon at boot time. 3517This requires that the kernel have been compiled with a 3518.Xr watchdog 4 3519compatible device. 3520.It Va watchdogd_flags 3521.Pq Vt str 3522If 3523.Va watchdogd_enable 3524is set to 3525.Dq Li YES , 3526these are the flags passed to the 3527.Xr watchdogd 8 3528daemon. 3529.It Va performance_cx_lowest 3530.Pq Vt str 3531CPU idle state to use while on AC power. 3532The string 3533.Dq Li LOW 3534indicates that 3535.Xr acpi 4 3536should use the lowest power state available while 3537.Dq Li HIGH 3538indicates that the lowest latency state (less power savings) should be used. 3539.It Va performance_cpu_freq 3540.Pq Vt str 3541CPU clock frequency to use while on AC power. 3542The string 3543.Dq Li LOW 3544indicates that 3545.Xr cpufreq 4 3546should use the lowest frequency available while 3547.Dq Li HIGH 3548indicates that the highest frequency (less power savings) should be used. 3549.It Va economy_cx_lowest 3550.Pq Vt str 3551CPU idle state to use when off AC power. 3552The string 3553.Dq Li LOW 3554indicates that 3555.Xr acpi 4 3556should use the lowest power state available while 3557.Dq Li HIGH 3558indicates that the lowest latency state (less power savings) should be used. 3559.It Va economy_cpu_freq 3560.Pq Vt str 3561CPU clock frequency to use when off AC power. 3562The string 3563.Dq Li LOW 3564indicates that 3565.Xr cpufreq 4 3566should use the lowest frequency available while 3567.Dq Li HIGH 3568indicates that the highest frequency (less power savings) should be used. 3569.It Va jail_enable 3570.Pq Vt bool 3571If set to 3572.Dq Li NO , 3573any configured jails will not be started. 3574.It jail_parallel_start 3575.Pq Vt bool 3576If set to 3577.Dq Li YES 3578all configured jails will be started in the background (= in parallel). 3579.It Va jail_list 3580.Pq Vt str 3581A space separated list of names for jails. 3582This is purely a configuration aid to help identify and 3583configure multiple jails. 3584The names specified in this list will be used to 3585identify settings common to an instance of a jail, 3586and should contain alphanumeric characters only. 3587Assuming that the jail in question was named 3588.Li vjail , 3589you would have the following dependent variables: 3590.Bd -literal 3591jail_vjail_hostname="jail.example.com" 3592jail_vjail_ip="192.0.2.100" 3593jail_vjail_rootdir="/var/jails/vjail/root" 3594.Ed 3595.Pp 3596.It Va jail_flags 3597.Pq Vt str 3598Unset by default. 3599When set, use as default value for 3600.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3601for every jail in 3602.Va jail_list . 3603.It Va jail_interface 3604.Pq Vt str 3605Unset by default. 3606When set, use as default value for 3607.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3608for every jail in 3609.Va jail_list . 3610.It Va jail_fstab 3611.Pq Vt str 3612Unset by default. 3613When set, use as default value for 3614.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3615for every jail in 3616.Va jail_list . 3617.It Va jail_mount_enable 3618.Pq Vt bool 3619Set to 3620.Dq Li NO 3621by default. 3622When set to 3623.Dq Li YES , 3624sets 3625.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3626to 3627.Dq Li YES 3628by default for every jail in 3629.Va jail_list . 3630.It Va jail_devfs_ruleset 3631.Pq Vt str 3632Unset by default. 3633When set, sets 3634.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3635to given value for every jail in 3636.Va jail_list . 3637.It Va jail_devfs_enable 3638.Pq Vt bool 3639Set to 3640.Dq Li NO 3641by default. 3642When set to 3643.Dq Li YES , 3644sets 3645.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3646to 3647.Dq Li YES 3648by default for every jail in 3649.Va jail_list . 3650.It Va jail_fdescfs_enable 3651.Pq Vt bool 3652Set to 3653.Dq Li NO 3654by default. 3655When set to 3656.Dq Li YES , 3657sets 3658.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3659to 3660.Dq Li YES 3661by default for every jail in 3662.Va jail_list . 3663.It Va jail_procfs_enable 3664.Pq Vt bool 3665Set to 3666.Dq Li NO 3667by default. 3668When set to 3669.Dq Li YES , 3670sets 3671.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3672to 3673.Dq Li YES 3674by default for every jail in 3675.Va jail_list . 3676.It Va jail_exec_prestart Ns Aq Ar N 3677.Pq Vt str 3678Unset by default. 3679When set, use as default value for 3680.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestart Ns Aq Ar N 3681for every jail in 3682.Va jail_list . 3683.It Va jail_exec_start 3684.Pq Vt str 3685Unset by default. 3686When set, use as default value for 3687.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3688for every jail in 3689.Va jail_list . 3690.It Va jail_exec_afterstart Ns Aq Ar N 3691.Pq Vt str 3692Unset by default. 3693When set, use as default value for 3694.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3695for every jail in 3696.Va jail_list . 3697.It Va jail_exec_poststart Ns Aq Ar N 3698.Pq Vt str 3699Unset by default. 3700When set, use as default value for 3701.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststart Ns Aq Ar N 3702for every jail in 3703.Va jail_list . 3704.It Va jail_exec_prestop Ns Aq Ar N 3705.Pq Vt str 3706Unset by default. 3707When set, use as default value for 3708.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestop Ns Aq Ar N 3709for every jail in 3710.Va jail_list . 3711.It Va jail_exec_stop 3712Unset by default. 3713When set, use as default value for 3714.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3715for every jail in 3716.Va jail_list . 3717.It Va jail_exec_poststop Ns Aq Ar N 3718.Pq Vt str 3719Unset by default. 3720When set, use as default value for 3721.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststop Ns Aq Ar N 3722for every jail in 3723.Va jail_list . 3724.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 3725.Pq Vt str 3726Unset by default. 3727Set to the root directory used by jail 3728.Va jname . 3729.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 3730.Pq Vt str 3731Unset by default. 3732Set to the fully qualified domain name (FQDN) assigned to jail 3733.Va jname . 3734.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 3735.Pq Vt str 3736Unset by default. 3737Set to the (primary) IPv4 and/or IPv6 address(es) assigned to the jail. 3738The argument can be a sole address or a comma separated list of addresses. 3739Additionally each address can be prefixed by the name of an interface 3740followed by a pipe to overwrite 3741.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3742or 3743.Va jail_interface 3744and/or suffixed by a netmask, prefixlen or prefix. 3745In case no netmask, prefixlen or prefix is given, 3746.Sq /32 3747will be used for IPv4 and 3748.Sq /128 3749will be used for an IPv6 address. 3750If no address is given for the jail then the jail will be started with 3751no networking support. 3752.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip_multi Ns Aq Ar n 3753.Pq Vt str 3754Unset by default. 3755Set additional IPv4 and/or IPv6 address(es) assigned to the jail. 3756The sequence starts with 3757.Dq Li _multi0 3758and the numbers have to be strictly ascending. 3759These entries follow the same syntax as their primary 3760.Va jail_ Ns Ao Ar jname Ac Ns Va _ip 3761entry. 3762The order of the entries can be important as the first address for 3763each address family found will be the primary address of the jail. 3764See 3765.Va ip-addresses 3766option in 3767.Xr jail 8 3768for more details. 3769.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3770.Pq Vt str 3771Set to 3772.Dq Li -l -U root 3773by default. 3774These are flags to pass to 3775.Xr jail 8 . 3776.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3777.Pq Vt str 3778Unset by default. 3779When set, sets the interface to use when setting IP address alias. 3780Note that the alias is created at jail startup and removed at jail shutdown. 3781.It Va jail_ Ns Ao Ar jname Ac Ns Va _fib 3782.Pq Vt str 3783Unset by default. 3784When set, the jail is started with the specified forwarding table (sometimes 3785referred to as a routing table) via 3786.Xr setfib 1 . 3787.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3788.Pq Vt str 3789Set to 3790.Pa /etc/fstab. Ns Aq Ar jname 3791by default. 3792This is the file system information file to use for jail 3793.Va jname . 3794.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3795.Pq Vt bool 3796Set to 3797.Dq Li NO 3798by default. 3799When set to 3800.Dq Li YES , 3801mount all file systems from 3802.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3803at jail startup. 3804.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3805.Pq Vt str 3806Unset by default. 3807When set, defines the device file system ruleset file to use for jail 3808.Va jname . 3809.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3810.Pq Vt bool 3811Set to 3812.Dq Li NO 3813by default. 3814When set to 3815.Dq Li YES , 3816mount the device file system inside jail 3817.Ar jname 3818at jail startup. 3819.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3820.Pq Vt bool 3821Set to 3822.Dq Li NO 3823by default. 3824When set to 3825.Dq Li YES , 3826mount the file-descriptor file system inside jail 3827.Ar jname 3828at jail startup. 3829.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 3830.Pq Vt bool 3831Set to 3832.Dq Li NO 3833by default. 3834When set to 3835.Dq Li YES , 3836mount the process file system inside jail 3837.Ar jname 3838at jail startup. 3839.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestart Ns Aq Ar N 3840.Pq Vt str 3841Unset by default. 3842This is the command run as 3843.Ar N Ns 3844th command 3845before jail startup, where 3846.Ar N 3847is 0, 1, and so on. 3848It is run outside the jail. 3849.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3850.Pq Vt str 3851Set to 3852.Dq Li /bin/sh /etc/rc 3853by default. 3854This is the command executed in a jail at jail startup. 3855.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3856.Pq Vt str 3857Unset by default. 3858This is the command run as 3859.Ar N Ns 3860th command 3861in a jail 3862after jail startup, where 3863.Ar N 3864is 1, 2, and so on. 3865.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststart Ns Aq Ar N 3866.Pq Vt str 3867Unset by default. 3868This is the command run as 3869.Ar N Ns 3870th command 3871after jail startup, where 3872.Ar N 3873is 0, 1, and so on. 3874It is run outside the jail. 3875.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestop Ns Aq Ar N 3876.Pq Vt str 3877Unset by default. 3878This is the command run as 3879.Ar N Ns 3880th command 3881before jail shutdown, where 3882.Ar N 3883is 0, 1, and so on. 3884It is run outside the jail. 3885.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3886.Pq Vt str 3887Set to 3888.Dq Li /bin/sh /etc/rc.shutdown 3889by default. 3890This is the command executed in a jail at jail shutdown. 3891.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststop Ns Aq Ar N 3892.Pq Vt str 3893Unset by default. 3894This is the command run as 3895.Ar N Ns 3896th command 3897after jail shutdown, where 3898.Ar N 3899is 0, 1, and so on. 3900It is run outside the jail. 3901.It Va jail_set_hostname_allow 3902.Pq Vt bool 3903If set to 3904.Dq Li NO , 3905do not allow the root user in a jail to set its hostname. 3906.It Va jail_socket_unixiproute_only 3907.Pq Vt bool 3908If set to 3909.Dq Li YES , 3910do not allow any sockets, 3911besides UNIX/IP/route sockets, 3912to be used within a jail. 3913.It Va jail_sysvipc_allow 3914.Pq Vt bool 3915If set to 3916.Dq Li YES , 3917allow applications within a jail to use System V IPC. 3918.\" ----------------------------------------------------- 3919.It Va harvest_interrupt 3920.Pq Vt bool 3921Set to 3922.Dq Li YES 3923to use hardware interrupts as an entropy source. 3924Refer to 3925.Xr random 4 3926for more information. 3927.It Va harvest_ethernet 3928.Pq Vt bool 3929Set to 3930.Dq Li YES 3931to use LAN traffic as an entropy source. 3932Refer to 3933.Xr random 4 3934for more information. 3935.It Va harvest_p_to_p 3936.Pq Vt bool 3937Set to 3938.Dq Li YES 3939to use serial line traffic as an entropy source. 3940Refer to 3941.Xr random 4 3942for more information. 3943.It Va entropy_dir 3944.Pq Vt str 3945Set to 3946.Dq Li NO 3947to disable caching entropy via 3948.Xr cron 8 . 3949Otherwise set to the directory used to store entropy files in. 3950.It Va entropy_file 3951.Pq Vt str 3952Set to 3953.Dq Li NO 3954to disable caching entropy through reboots. 3955Otherwise set to the filename used to store cached entropy through 3956reboots. 3957This file should be located on the root file system to seed the 3958.Xr random 4 3959device as early as possible in the boot process. 3960.It Va entropy_save_sz 3961.Pq Vt int 3962Size of the entropy cache files saved by 3963.Nm save-entropy 3964periodically. 3965.It Va entropy_save_num 3966.Pq Vt int 3967Number of entropy cache files to save by 3968.Nm save-entropy 3969periodically. 3970.It Va ipsec_enable 3971.Pq Vt bool 3972Set to 3973.Dq Li YES 3974to run 3975.Xr setkey 8 3976on 3977.Va ipsec_file 3978at boot time. 3979.It Va ipsec_file 3980.Pq Vt str 3981Configuration file for 3982.Xr setkey 8 . 3983.It Va dmesg_enable 3984.Pq Vt bool 3985Set to 3986.Dq Li YES 3987to save 3988.Xr dmesg 8 3989to 3990.Pa /var/run/dmesg.boot 3991on boot. 3992.It Va rcshutdown_timeout 3993.Pq Vt int 3994If set, start a watchdog timer in the background which will terminate 3995.Pa rc.shutdown 3996if 3997.Xr shutdown 8 3998has not completed within the specified time (in seconds). 3999Notice that in addition to this soft timeout, 4000.Xr init 8 4001also applies a hard timeout for the execution of 4002.Pa rc.shutdown . 4003This is configured via 4004.Xr sysctl 8 4005variable 4006.Va kern.init_shutdown_timeout 4007and defaults to 120 seconds. 4008Setting the value of 4009.Va rcshutdown_timeout 4010to more than 120 seconds will have no effect until the 4011.Xr sysctl 8 4012variable 4013.Va kern.init_shutdown_timeout 4014is also increased. 4015.It Va virecover_enable 4016.Pq Vt bool 4017Set to 4018.Dq Li NO 4019to prevent the system from trying to 4020recover pre-maturely terminated 4021.Xr vi 1 4022sessions. 4023.It Va ugidfw_enable 4024.Pq Vt bool 4025Set to 4026.Dq Li YES 4027to load the 4028.Xr mac_bsdextended 4 4029module upon system initialization and load a default 4030ruleset file. 4031.It Va bsdextended_script 4032.Pq Vt str 4033The default 4034.Xr mac_bsdextended 4 4035ruleset file to load. 4036The default value of this variable is 4037.Pa /etc/rc.bsdextended . 4038.It Va newsyslog_enable 4039.Pq Vt bool 4040If set to 4041.Dq Li YES , 4042run 4043.Xr newsyslog 8 4044command at startup. 4045.It Va newsyslog_flags 4046.Pq Vt str 4047If 4048.Va newsyslog_enable 4049is set to 4050.Dq Li YES , 4051these are the flags to pass to the 4052.Xr newsyslog 8 4053program. 4054The default is 4055.Dq Li -CN , 4056which causes log files flagged with a 4057.Cm C 4058to be created. 4059.It Va mdconfig_md Ns Aq Ar X 4060.Pq Vt str 4061Arguments to 4062.Xr mdconfig 8 4063for 4064.Xr md 4 4065device 4066.Ar X . 4067At minimum a 4068.Fl t Ar type 4069must be specified and either a 4070.Fl s Ar size 4071for malloc or swap backed 4072.Xr md 4 4073devices or a 4074.Fl f Ar file 4075for vnode backed 4076.Xr md 4 4077devices. 4078Note that 4079.Va mdconfig_md Ns Aq Ar X 4080variables are evaluated until one variable is unset or null. 4081.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _newfs 4082.Pq Vt str 4083Optional arguments passed to 4084.Xr newfs 8 4085to initialize 4086.Xr md 4 4087device 4088.Ar X . 4089.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _owner 4090.Pq Vt str 4091An ownership specification passed to 4092.Xr chown 8 4093after the specified 4094.Xr md 4 4095device 4096.Ar X 4097has been mounted. 4098Both the 4099.Xr md 4 4100device and the mount point will be changed. 4101.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _perms 4102.Pq Vt str 4103A mode string passed to 4104.Xr chmod 1 4105after the specified 4106.Xr md 4 4107device 4108.Ar X 4109has been mounted. 4110Both the 4111.Xr md 4 4112device and the mount point will be changed. 4113.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _files 4114.Pq Vt str 4115Files to be copied to the mount point of the 4116.Xr md 4 4117device 4118.Ar X 4119after it has been mounted. 4120.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _cmd 4121.Pq Vt str 4122Command to execute after the specified 4123.Xr md 4 4124device 4125.Ar X 4126has been mounted. 4127Note that the command is passed to 4128.Ic eval 4129and that both 4130.Va _dev 4131and 4132.Va _mp 4133variables can be used to reference respectively the 4134.Xr md 4 4135device and the mount point. 4136Assuming that the 4137.Xr md 4 4138device is 4139.Li md0 , 4140one could set the following: 4141.Bd -literal 4142mdconfig_md0_cmd="tar xfzC /var/file.tgz \e${_mp}" 4143.Ed 4144.It Va autobridge_interfaces 4145.Pq Vt str 4146Set to the list of bridge interfaces that will have newly arriving interfaces 4147checked against to be automatically added. 4148If not set to 4149.Dq Li NO 4150then for each whitespace separated 4151.Ar element 4152in the value, a 4153.Va autobridge_ Ns Aq Ar element 4154variable is assumed to exist which has a whitespace separated list of interface 4155names to match, these names can use wildcards. 4156For example: 4157.Bd -literal 4158autobridge_interfaces="bridge0" 4159autobridge_bridge0="tap* dc0 vlan[345]" 4160.Ed 4161.It Va mixer_enable 4162.Pq Vt bool 4163If set to 4164.Dq Li YES , 4165enable support for sound mixer. 4166.It Va hcsecd_enable 4167.Pq Vt bool 4168If set to 4169.Dq Li YES , 4170enable Bluetooth security daemon. 4171.It Va hcsecd_config 4172.Pq Vt str 4173Configuration file for 4174.Xr hcsecd 8 . 4175Default 4176.Pa /etc/bluetooth/hcsecd.conf . 4177.It Va sdpd_enable 4178.Pq Vt bool 4179If set to 4180.Dq Li YES , 4181enable Bluetooth Service Discovery Protocol daemon. 4182.It Va sdpd_control 4183.Pq Vt str 4184Path to 4185.Xr sdpd 8 4186control socket. 4187Default 4188.Pa /var/run/sdp . 4189.It Va sdpd_groupname 4190.Pq Vt str 4191Sets 4192.Xr sdpd 8 4193group to run as after it initializes. 4194Default 4195.Dq Li nobody . 4196.It Va sdpd_username 4197.Pq Vt str 4198Sets 4199.Xr sdpd 8 4200user to run as after it initializes. 4201Default 4202.Dq Li nobody . 4203.It Va bthidd_enable 4204.Pq Vt bool 4205If set to 4206.Dq Li YES , 4207enable Bluetooth Human Interface Device daemon. 4208.It Va bthidd_config 4209.Pq Vt str 4210Configuration file for 4211.Xr bthidd 8 . 4212Default 4213.Pa /etc/bluetooth/bthidd.conf . 4214.It Va bthidd_hids 4215.Pq Vt str 4216Path to a file, where 4217.Xr bthidd 8 4218will store information about known HID devices. 4219Default 4220.Pa /var/db/bthidd.hids . 4221.It Va rfcomm_pppd_server_enable 4222.Pq Vt bool 4223If set to 4224.Dq Li YES , 4225enable Bluetooth RFCOMM PPP wrapper daemon. 4226.It Va rfcomm_pppd_server_profile 4227.Pq Vt str 4228The name of the profile to use from 4229.Pa /etc/ppp/ppp.conf . 4230Multiple profiles can be specified here. 4231Also used to specify per-profile overrides. 4232When the profile name contains any of the characters 4233.Dq Li .-/+ 4234they are translated to 4235.Dq Li _ 4236for the proposes of the override variable names. 4237.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _bdaddr 4238.Pq Vt str 4239Overrides local address to listen on. 4240By default 4241.Xr rfcomm_pppd 8 4242will listen on 4243.Dq Li ANY 4244address. 4245The address can be specified as BD_ADDR or name. 4246.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _channel 4247.Pq Vt str 4248Overrides local RFCOMM channel to listen on. 4249By default 4250.Xr rfcomm_pppd 8 4251will listen on RFCOMM channel 1. 4252Must set properly if multiple profiles used in the same time. 4253.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _register_sp 4254.Pq Vt bool 4255Tells 4256.Xr rfcomm_pppd 8 4257if it should register Serial Port service on the specified RFCOMM channel. 4258Default 4259.Dq Li NO . 4260.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _register_dun 4261.Pq Vt bool 4262Tells 4263.Xr rfcomm_pppd 8 4264if it should register Dial-Up Networking service on the specified 4265RFCOMM channel. 4266Default 4267.Dq Li NO . 4268.It Va ubthidhci_enable 4269.Pq Vt bool 4270If set to 4271.Dq Li YES , 4272change the USB Bluetooth controller from HID mode to HCI mode. 4273You also need to specify the location of USB Bluetooth controller with the 4274.Va ubthidhci_busnum 4275and 4276.Va ubthidhci_addr 4277variables. 4278.It Va ubthidhci_busnum 4279Bus number where the USB Bluetooth controller is located. 4280Check the output of 4281.Xr usbconfig 8 4282on your system to find this information. 4283.It Va ubthidhci_addr 4284Bus address of the USB Bluetooth controller. 4285Check the output of 4286.Xr usbconfig 8 4287on your system to find this information. 4288.El 4289.Sh FILES 4290.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 4291.It Pa /etc/defaults/rc.conf 4292.It Pa /etc/rc.conf 4293.It Pa /etc/rc.conf.local 4294.El 4295.Sh SEE ALSO 4296.Xr catman 1 , 4297.Xr chmod 1 , 4298.Xr gdb 1 , 4299.Xr info 1 , 4300.Xr kbdcontrol 1 , 4301.Xr makewhatis 1 , 4302.Xr sh 1 , 4303.Xr vi 1 , 4304.Xr vidcontrol 1 , 4305.Xr bridge 4 , 4306.Xr dummynet 4 , 4307.Xr ip 4 , 4308.Xr ipf 4 , 4309.Xr ipfw 4 , 4310.Xr ipnat 4 , 4311.Xr kld 4 , 4312.Xr pf 4 , 4313.Xr pflog 4 , 4314.Xr pfsync 4 , 4315.Xr tcp 4 , 4316.Xr udp 4 , 4317.Xr exports 5 , 4318.Xr fstab 5 , 4319.Xr ipf 5 , 4320.Xr ipnat 5 , 4321.Xr motd 5 , 4322.Xr newsyslog.conf 5 , 4323.Xr pf.conf 5 , 4324.Xr security 7 , 4325.Xr accton 8 , 4326.Xr amd 8 , 4327.Xr apm 8 , 4328.Xr atm 8 , 4329.Xr bthidd 8 , 4330.Xr chkprintcap 8 , 4331.Xr chown 8 , 4332.Xr cron 8 , 4333.Xr dhclient 8 , 4334.Xr ftpd 8 , 4335.Xr geli 8 , 4336.Xr hcsecd 8 , 4337.Xr ifconfig 8 , 4338.Xr inetd 8 , 4339.Xr ipf 8 , 4340.Xr ipfw 8 , 4341.Xr ipnat 8 , 4342.Xr jail 8 , 4343.Xr kldxref 8 , 4344.Xr lpd 8 , 4345.Xr mdconfig 8 , 4346.Xr mdmfs 8 , 4347.Xr mixer 8 , 4348.Xr mountd 8 , 4349.Xr moused 8 , 4350.Xr mrouted 8 , 4351.Xr named 8 , 4352.Xr newfs 8 , 4353.Xr newsyslog 8 , 4354.Xr nfsd 8 , 4355.Xr ntpd 8 , 4356.Xr ntpdate 8 , 4357.Xr pfctl 8 , 4358.Xr pflogd 8 , 4359.Xr powerd 8 , 4360.Xr quotacheck 8 , 4361.Xr quotaon 8 , 4362.Xr rc 8 , 4363.Xr rc.sendmail 8 , 4364.Xr rfcomm_pppd 8 , 4365.Xr route 8 , 4366.Xr routed 8 , 4367.Xr rpcbind 8 , 4368.Xr rpc.lockd 8 , 4369.Xr rpc.statd 8 , 4370.Xr rwhod 8 , 4371.Xr savecore 8 , 4372.Xr sdpd 8 , 4373.Xr sshd 8 , 4374.Xr swapon 8 , 4375.Xr sysctl 8 , 4376.Xr syslogd 8 , 4377.Xr timed 8 , 4378.Xr usbconfig 8 , 4379.Xr wlandebug 8 , 4380.Xr yp 8 , 4381.Xr ypbind 8 , 4382.Xr ypserv 8 , 4383.Xr ypset 8 4384.Sh HISTORY 4385The 4386.Nm 4387file appeared in 4388.Fx 2.2.2 . 4389.Sh AUTHORS 4390.An Jordan K. Hubbard . 4391