1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd June 19, 2011 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67In addition to 68.Pa /etc/rc.conf.local 69you can also place smaller configuration files for each 70.Xr rc 8 71script in the 72.Pa /etc/rc.conf.d 73directory, which will be included by the 74.Va load_rc_config 75function. 76For jail configurations you could use the file 77.Pa /etc/rc.conf.d/jail 78to store jail specific configuration options. 79Also see the 80.Va rc_conf_files 81variable below. 82.Pp 83Options are set with 84.Dq Ar name Ns Li = Ns Ar value 85assignments that use 86.Xr sh 1 87syntax. 88The following list provides a name and short description for each 89variable that can be set in the 90.Nm 91file: 92.Bl -tag -width indent-two 93.It Va rc_debug 94.Pq Vt bool 95If set to 96.Dq Li YES , 97enable output of debug messages from rc scripts. 98This variable can be helpful in diagnosing mistakes when 99editing or integrating new scripts. 100Beware that this produces copious output to the terminal and 101.Xr syslog 3 . 102.It Va rc_info 103.Pq Vt bool 104If set to 105.Dq Li NO , 106disable informational messages from the rc scripts. 107Informational messages are displayed when 108a condition that is not serious enough to warrant a warning or 109an error occurs. 110.It Va rc_startmsgs 111.Pq Vt bool 112If set to 113.Dq Li YES , 114show 115.Dq Starting foo: 116when faststart is used (e.g., at boot time). 117.It Va early_late_divider 118.Pq Vt str 119The name of the script that should be used as the 120delimiter between the 121.Dq early 122and 123.Dq late 124stages of the boot process. 125The early stage should contain all the services needed to 126get the disks (local or remote) mounted so that the late 127stage can include scripts contained in the directories 128listed in the 129.Va local_startup 130variable (see below). 131Thus, the two likely candidates for this value are 132.Pa mountcritlocal 133for the typical system, and 134.Pa mountcritremote 135if the system needs remote file 136systems mounted to get access to the 137.Va local_startup 138directories; for example when 139.Pa /usr/local 140is NFS mounted. 141For 142.Pa rc.conf 143within a 144.Xr jail 8 145.Pa NETWORKING 146is likely to be an appropriate value. 147Extreme care should be taken when changing this value, 148and before changing it one should ensure that there are 149adequate provisions to recover from a failed boot 150(such as physical contact with the machine, 151or reliable remote console access). 152.It Va swapfile 153.Pq Vt str 154If set to 155.Dq Li NO , 156no swapfile is installed, otherwise the value is used as the full 157pathname to a file to use for additional swap space. 158.It Va apm_enable 159.Pq Vt bool 160If set to 161.Dq Li YES , 162enable support for Automatic Power Management with 163the 164.Xr apm 8 165command. 166.It Va apmd_enable 167.Pq Vt bool 168Run 169.Xr apmd 8 170to handle APM event from userland. 171This also enables support for APM. 172.It Va apmd_flags 173.Pq Vt str 174If 175.Va apmd_enable 176is set to 177.Dq Li YES , 178these are the flags to pass to the 179.Xr apmd 8 180daemon. 181.It Va devd_enable 182.Pq Vt bool 183Run 184.Xr devd 8 185to handle device added, removed or unknown events from the kernel. 186.It Va ddb_enable 187.Pq Vt bool 188Run 189.Xr ddb 8 190to install 191.Xr ddb 4 192scripts at boot time. 193.It Va ddb_config 194.Pq Vt str 195Configuration file for 196.Xr ddb 8 . 197Default 198.Pa /etc/ddb.conf . 199.It Va kld_list 200.Pq Vt str 201A list of kernel modules to load right after the local 202disks are mounted. 203Loading modules at this point in the boot process is 204much faster than doing it via 205.Pa /boot/loader.conf 206for those modules not necessary for mounting local disk. 207.It Va kldxref_enable 208.Pq Vt bool 209Set to 210.Dq Li NO 211by default. 212Set to 213.Dq Li YES 214to automatically rebuild 215.Pa linker.hints 216files with 217.Xr kldxref 8 218at boot time. 219.It Va kldxref_clobber 220.Pq Vt bool 221Set to 222.Dq Li NO 223by default. 224If 225.Va kldxref_enable 226is true, 227setting to 228.Dq Li YES 229will overwrite existing 230.Pa linker.hints 231files at boot time. 232Otherwise, 233only missing 234.Pa linker.hints 235files are generated. 236.It Va kldxref_module_path 237.Pq Vt str 238Empty by default. 239A semi-colon 240.Pq Ql \&; 241delimited list of paths containing 242.Xr kld 4 243modules. 244If empty, 245the contents of the 246.Va kern.module_path 247.Xr sysctl 8 248are used. 249.It Va powerd_enable 250.Pq Vt bool 251If set to 252.Dq Li YES , 253enable the system power control facility with the 254.Xr powerd 8 255daemon. 256.It Va powerd_flags 257.Pq Vt str 258If 259.Va powerd_enable 260is set to 261.Dq Li YES , 262these are the flags to pass to the 263.Xr powerd 8 264daemon. 265.It Va tmpmfs 266Controls the creation of a 267.Pa /tmp 268memory file system. 269Always happens if set to 270.Dq Li YES 271and never happens if set to 272.Dq Li NO . 273If set to anything else, a memory file system is created if 274.Pa /tmp 275is not writable. 276.It Va tmpsize 277Controls the size of a created 278.Pa /tmp 279memory file system. 280.It Va tmpmfs_flags 281Extra options passed to the 282.Xr mdmfs 8 283utility when the memory file system for 284.Pa /tmp 285is created. 286The default is 287.Dq Li "-S" , 288which inhibits the use of softupdates on 289.Pa /tmp 290so that file system space is freed without delay 291after file truncation or deletion. 292See 293.Xr mdmfs 8 294for other options you can use in 295.Va tmpmfs_flags . 296.It Va varmfs 297Controls the creation of a 298.Pa /var 299memory file system. 300Always happens if set to 301.Dq Li YES 302and never happens if set to 303.Dq Li NO . 304If set to anything else, a memory file system is created if 305.Pa /var 306is not writable. 307.It Va varsize 308Controls the size of a created 309.Pa /var 310memory file system. 311.It Va varmfs_flags 312Extra options passed to the 313.Xr mdmfs 8 314utility when the memory file system for 315.Pa /var 316is created. 317The default is 318.Dq Li "-S" , 319which inhibits the use of softupdates on 320.Pa /var 321so that file system space is freed without delay 322after file truncation or deletion. 323See 324.Xr mdmfs 8 325for other options you can use in 326.Va varmfs_flags . 327.It Va populate_var 328Controls the automatic population of the 329.Pa /var 330file system. 331Always happens if set to 332.Dq Li YES 333and never happens if set to 334.Dq Li NO . 335If set to anything else, a memory file system is created if 336.Pa /var 337is not writable. 338Note that this process requires access to certain commands in 339.Pa /usr 340before 341.Pa /usr 342is mounted on normal systems. 343.It Va cleanvar_enable 344.Pq Vt bool 345Clean the 346.Pa /var 347directory. 348.It Va local_startup 349.Pq Vt str 350List of directories to search for startup script files. 351.It Va script_name_sep 352.Pq Vt str 353The field separator to use for breaking down the list of startup script files 354into individual filenames. 355The default is a space. 356It is not necessary to change this unless there are startup scripts with names 357containing spaces. 358.It Va hostapd_enable 359.Pq Vt bool 360Set to 361.Dq Li YES 362to start 363.Xr hostapd 8 364at system boot time. 365.It Va hostname 366.Pq Vt str 367The fully qualified domain name (FQDN) of this host on the network. 368This should almost certainly be set to something meaningful, even if 369there is no network connection. 370If 371.Xr dhclient 8 372is used to set the hostname via DHCP, 373this variable should be set to an empty string. 374If this value remains unset when the system is done booting 375your console login will display the default hostname of 376.Dq Amnesiac. 377.It Va nisdomainname 378.Pq Vt str 379The NIS domain name of this host, or 380.Dq Li NO 381if NIS is not used. 382.It Va dhclient_program 383.Pq Vt str 384Path to the DHCP client program 385.Pa ( /sbin/dhclient , 386the 387.Ox 388DHCP client, 389is the default). 390.It Va dhclient_flags 391.Pq Vt str 392Additional flags to pass to the DHCP client program. 393For the 394.Ox 395DHCP client, see the 396.Xr dhclient 8 397manpage for a description of the command line options available. 398.It Va dhclient_flags_ Ns Aq Ar iface 399Additional flags to pass to the DHCP client program running on 400.Ar iface 401only. 402When specified, this variable overrides 403.Va dhclient_flags . 404.It Va background_dhclient 405.Pq Vt bool 406Set to 407.Dq Li YES 408to start the DHCP client in background. 409This can cause trouble with applications depending on 410a working network, but it will provide a faster startup 411in many cases. 412.It Va background_dhclient_ Ns Aq Ar iface 413When specified, this variable overrides the 414.Va background_dhclient 415variable for interface 416.Ar iface 417only. 418.It Va synchronous_dhclient 419.Pq Vt bool 420Set to 421.Dq Li YES 422to start 423.Xr dhclient 8 424synchronously at startup. 425This behavior can be overridden on a per-interface basis by replacing 426the 427.Dq Li DHCP 428keyword in the 429.Va ifconfig_ Ns Aq Ar interface 430variable with 431.Dq Li SYNCDHCP 432or 433.Dq Li NOSYNCDHCP . 434.It Va defaultroute_delay 435.Pq Vt int 436When set to a positive value, wait up to this long after configuring 437DHCP interfaces at startup to give the interfaces time to receive a lease. 438.It Va firewall_enable 439.Pq Vt bool 440Set to 441.Dq Li YES 442to load firewall rules at startup. 443If the kernel was not built with 444.Cd "options IPFIREWALL" , 445the 446.Pa ipfw.ko 447kernel module will be loaded. 448See also 449.Va ipfilter_enable . 450.It Va firewall_script 451.Pq Vt str 452This variable specifies the full path to the firewall script to run. 453The default is 454.Pa /etc/rc.firewall . 455.It Va firewall_type 456.Pq Vt str 457Names the firewall type from the selection in 458.Pa /etc/rc.firewall , 459or the file which contains the local firewall ruleset. 460Valid selections from 461.Pa /etc/rc.firewall 462are: 463.Pp 464.Bl -tag -width ".Li simple" -compact 465.It Li open 466unrestricted IP access 467.It Li closed 468all IP services disabled, except via 469.Dq Li lo0 470.It Li client 471basic protection for a workstation 472.It Li simple 473basic protection for a LAN. 474.El 475.Pp 476If a filename is specified, the full path 477must be given. 478.It Va firewall_quiet 479.Pq Vt bool 480Set to 481.Dq Li YES 482to disable the display of firewall rules on the console during boot. 483.It Va firewall_logging 484.Pq Vt bool 485Set to 486.Dq Li YES 487to enable firewall event logging. 488This is equivalent to the 489.Dv IPFIREWALL_VERBOSE 490kernel option. 491.It Va firewall_flags 492.Pq Vt str 493Flags passed to 494.Xr ipfw 8 495if 496.Va firewall_type 497specifies a filename. 498.It Va firewall_coscripts 499.Pq Vt str 500List of executables and/or rc scripts to run after firewall starts/stops. 501Default is empty. 502.\" ----- firewall_nat_enable setting -------------------------------- 503.It Va firewall_nat_enable 504.Pq Vt bool 505The 506.Xr ipfw 8 507equivalent of 508.Va natd_enable . 509Setting this to 510.Dq Li YES 511enables kernel NAT. 512.Va firewall_enable 513must also be set to 514.Dq Li YES . 515.It Va firewall_nat_interface 516.Pq Vt str 517The 518.Xr ipfw 8 519equivalent of 520.Va natd_interface . 521This is the name of the public interface or IP address on which 522kernel NAT should run. 523.It Va firewall_nat_flags 524.Pq Vt str 525Additional configuration parameters for kernel NAT should be placed here. 526.It Va dummynet_enable 527.Pq Vt bool 528Setting this to 529.Dq Li YES 530will automatically load the 531.Xr dummynet 4 532module if 533.Va firewall_enable 534is also set to 535.Dq Li YES . 536.\" ------------------------------------------------------------------- 537.It Va natd_program 538.Pq Vt str 539Path to 540.Xr natd 8 . 541.It Va natd_enable 542.Pq Vt bool 543Set to 544.Dq Li YES 545to enable 546.Xr natd 8 . 547.Va firewall_enable 548must also be set to 549.Dq Li YES , 550and 551.Xr divert 4 552sockets must be enabled in the kernel. 553If the kernel was not built with 554.Cd "options IPDIVERT" , 555the 556.Pa ipdivert.ko 557kernel module will be loaded. 558.It Va natd_interface 559.Pq Vt str 560This is the name of the public interface on which 561.Xr natd 8 562should run. 563The interface may be given as an interface name or as an IP address. 564.It Va natd_flags 565.Pq Vt str 566Additional 567.Xr natd 8 568flags should be placed here. 569The 570.Fl n 571or 572.Fl a 573flag is automatically added with the above 574.Va natd_interface 575as an argument. 576.\" ----- ipfilter_enable setting -------------------------------- 577.It Va ipfilter_enable 578.Pq Vt bool 579Set to 580.Dq Li NO 581by default. 582Setting this to 583.Dq Li YES 584enables 585.Xr ipf 8 586packet filtering. 587.Pp 588Typical usage will require putting 589.Bd -literal 590ipfilter_enable="YES" 591ipnat_enable="YES" 592ipmon_enable="YES" 593ipfs_enable="YES" 594.Ed 595.Pp 596into 597.Pa /etc/rc.conf 598and editing 599.Pa /etc/ipf.rules 600and 601.Pa /etc/ipnat.rules 602appropriately. 603.Pp 604Note that 605.Va ipfilter_enable 606and 607.Va ipnat_enable 608can be enabled independently. 609.Va ipmon_enable 610and 611.Va ipfs_enable 612both require at least one of 613.Va ipfilter_enable 614and 615.Va ipnat_enable 616to be enabled. 617.Pp 618Having 619.Bd -literal 620options IPFILTER 621options IPFILTER_LOG 622options IPFILTER_DEFAULT_BLOCK 623.Ed 624.Pp 625in the kernel configuration file is a good idea, too. 626.\" ----- ipfilter_program setting ------------------------------ 627.It Va ipfilter_program 628.Pq Vt str 629Path to 630.Xr ipf 8 631(default 632.Pa /sbin/ipf ) . 633.\" ----- ipfilter_rules setting -------------------------------- 634.It Va ipfilter_rules 635.Pq Vt str 636Set to 637.Pa /etc/ipf.rules 638by default. 639This variable contains the name of the filter rule definition file. 640The file is expected to be readable for the 641.Xr ipf 8 642command to execute. 643.\" ----- ipv6_ipfilter_rules setting --------------------------- 644.It Va ipv6_ipfilter_rules 645.Pq Vt str 646Set to 647.Pa /etc/ipf6.rules 648by default. 649This variable contains the IPv6 filter rule definition file. 650The file is expected to be readable for the 651.Xr ipf 8 652command to execute. 653.\" ----- ipfilter_flags setting -------------------------------- 654.It Va ipfilter_flags 655.Pq Vt str 656Empty by default. 657This variable contains flags passed to the 658.Xr ipf 8 659program. 660.\" ----- ipnat_enable setting ---------------------------------- 661.It Va ipnat_enable 662.Pq Vt bool 663Set to 664.Dq Li NO 665by default. 666Set it to 667.Dq Li YES 668to enable 669.Xr ipnat 8 670network address translation. 671See 672.Va ipfilter_enable 673for a detailed discussion. 674.\" ----- ipnat_program setting --------------------------------- 675.It Va ipnat_program 676.Pq Vt str 677Path to 678.Xr ipnat 8 679(default 680.Pa /sbin/ipnat ) . 681.\" ----- ipnat_rules setting ----------------------------------- 682.It Va ipnat_rules 683.Pq Vt str 684Set to 685.Pa /etc/ipnat.rules 686by default. 687This variable contains the name of the file 688holding the network address translation definition. 689This file is expected to be readable for the 690.Xr ipnat 8 691command to execute. 692.\" ----- ipnat_flags setting ----------------------------------- 693.It Va ipnat_flags 694.Pq Vt str 695Empty by default. 696This variable contains flags passed to the 697.Xr ipnat 8 698program. 699.\" ----- ipmon_enable setting ---------------------------------- 700.It Va ipmon_enable 701.Pq Vt bool 702Set to 703.Dq Li NO 704by default. 705Set it to 706.Dq Li YES 707to enable 708.Xr ipmon 8 709monitoring (logging 710.Xr ipf 8 711and 712.Xr ipnat 8 713events). 714Setting this variable needs setting 715.Va ipfilter_enable 716or 717.Va ipnat_enable 718too. 719See 720.Va ipfilter_enable 721for a detailed discussion. 722.\" ----- ipmon_program setting --------------------------------- 723.It Va ipmon_program 724.Pq Vt str 725Path to 726.Xr ipmon 8 727(default 728.Pa /sbin/ipmon ) . 729.\" ----- ipmon_flags setting ----------------------------------- 730.It Va ipmon_flags 731.Pq Vt str 732Set to 733.Dq Li -Ds 734by default. 735This variable contains flags passed to the 736.Xr ipmon 8 737program. 738Another typical example would be 739.Dq Fl D Pa /var/log/ipflog 740to have 741.Xr ipmon 8 742log directly to a file bypassing 743.Xr syslogd 8 . 744Make sure to adjust 745.Pa /etc/newsyslog.conf 746in such case like this: 747.Bd -literal 748/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 749.Ed 750.\" ----- ipfs_enable setting ----------------------------------- 751.It Va ipfs_enable 752.Pq Vt bool 753Set to 754.Dq Li NO 755by default. 756Set it to 757.Dq Li YES 758to enable 759.Xr ipfs 8 760saving the filter and NAT state tables during shutdown 761and reloading them during startup again. 762Setting this variable needs setting 763.Va ipfilter_enable 764or 765.Va ipnat_enable 766to 767.Dq Li YES 768too. 769See 770.Va ipfilter_enable 771for a detailed discussion. 772Note that if 773.Va kern_securelevel 774is set to 3, 775.Va ipfs_enable 776cannot be used 777because the raised securelevel will prevent 778.Xr ipfs 8 779from saving the state tables at shutdown time. 780.\" ----- ipfs_program setting ---------------------------------- 781.It Va ipfs_program 782.Pq Vt str 783Path to 784.Xr ipfs 8 785(default 786.Pa /sbin/ipfs ) . 787.\" ----- ipfs_flags setting ------------------------------------ 788.It Va ipfs_flags 789.Pq Vt str 790Empty by default. 791This variable contains flags passed to the 792.Xr ipfs 8 793program. 794.\" ----- end of added ipf hook --------------------------------- 795.It Va pf_enable 796.Pq Vt bool 797Set to 798.Dq Li NO 799by default. 800Setting this to 801.Dq Li YES 802enables 803.Xr pf 4 804packet filtering. 805.Pp 806Typical usage will require putting 807.Pp 808.Dl pf_enable="YES" 809.Pp 810into 811.Pa /etc/rc.conf 812and editing 813.Pa /etc/pf.conf 814appropriately. 815Adding 816.Pp 817.Dl "device pf" 818.Pp 819builds support for 820.Xr pf 4 821into the kernel, otherwise the 822kernel module will be loaded. 823.It Va pf_rules 824.Pq Vt str 825Path to 826.Xr pf 4 827ruleset configuration file 828(default 829.Pa /etc/pf.conf ) . 830.It Va pf_program 831.Pq Vt str 832Path to 833.Xr pfctl 8 834(default 835.Pa /sbin/pfctl ) . 836.It Va pf_flags 837.Pq Vt str 838If 839.Va pf_enable 840is set to 841.Dq Li YES , 842these flags are passed to the 843.Xr pfctl 8 844program when loading the ruleset. 845.It Va pflog_enable 846.Pq Vt bool 847Set to 848.Dq Li NO 849by default. 850Setting this to 851.Dq Li YES 852enables 853.Xr pflogd 8 854which logs packets from the 855.Xr pf 4 856packet filter. 857.It Va pflog_logfile 858.Pq Vt str 859If 860.Va pflog_enable 861is set to 862.Dq Li YES 863this controls where 864.Xr pflogd 8 865stores the logfile 866(default 867.Pa /var/log/pflog ) . 868Check 869.Pa /etc/newsyslog.conf 870to adjust logfile rotation for this. 871.It Va pflog_program 872.Pq Vt str 873Path to 874.Xr pflogd 8 875(default 876.Pa /sbin/pflogd ) . 877.It Va pflog_flags 878.Pq Vt str 879Empty by default. 880This variable contains additional flags passed to the 881.Xr pflogd 8 882program. 883.It Va ftpproxy_enable 884.Pq Vt bool 885Set to 886.Dq Li NO 887by default. 888Setting this to 889.Dq Li YES 890enables 891.Xr ftp-proxy 8 892which supports the 893.Xr pf 4 894packet filter in translating ftp connections. 895.It Va ftpproxy_flags 896.Pq Vt str 897Empty by default. 898This variable contains additional flags passed to the 899.Xr ftp-proxy 8 900program. 901.It Va pfsync_enable 902.Pq Vt bool 903Set to 904.Dq Li NO 905by default. 906Setting this to 907.Dq Li YES 908enables exposing 909.Xr pf 4 910state changes to other hosts over the network by means of 911.Xr pfsync 4 . 912The 913.Va pfsync_syncdev 914variable 915must also be set then. 916.It Va pfsync_syncdev 917.Pq Vt str 918Empty by default. 919This variable specifies the name of the network interface 920.Xr pfsync 4 921should operate through. 922It must be set accordingly if 923.Va pfsync_enable 924is set to 925.Dq Li YES . 926.It Va pfsync_syncpeer 927.Pq Vt str 928Empty by default. 929This variable is optional. 930By default, state change messages are sent out on the synchronisation 931interface using IP multicast packets. 932The protocol is IP protocol 240, PFSYNC, and the multicast group used is 933224.0.0.240. 934When a peer address is specified using the 935.Va pfsync_syncpeer 936option, the peer address is used as a destination for the pfsync 937traffic, and the traffic can then be protected using 938.Xr ipsec 4 . 939See the 940.Xr pfsync 4 941manpage for more details about using 942.Xr ipsec 4 943with 944.Xr pfsync 4 945interfaces. 946.It Va pfsync_ifconfig 947.Pq Vt str 948Empty by default. 949This variable can contain additional options to be passed to the 950.Xr ifconfig 8 951command used to set up 952.Xr pfsync 4 . 953.It Va tcp_extensions 954.Pq Vt bool 955Set to 956.Dq Li YES 957by default. 958Setting this to 959.Dq Li NO 960disables certain TCP options as described by 961.Rs 962.%T "RFC 1323" 963.Re 964Setting this to 965.Dq Li NO 966might help remedy such problems with connections as randomly hanging 967or other weird behavior. 968Some network devices are known 969to be broken with respect to these options. 970.It Va log_in_vain 971.Pq Vt int 972Set to 0 by default. 973The 974.Xr sysctl 8 975variables, 976.Va net.inet.tcp.log_in_vain 977and 978.Va net.inet.udp.log_in_vain , 979as described in 980.Xr tcp 4 981and 982.Xr udp 4 , 983are set to the given value. 984.It Va tcp_keepalive 985.Pq Vt bool 986Set to 987.Dq Li YES 988by default. 989Setting to 990.Dq Li NO 991will disable probing idle TCP connections to verify that the 992peer is still up and reachable. 993.It Va tcp_drop_synfin 994.Pq Vt bool 995Set to 996.Dq Li NO 997by default. 998Setting to 999.Dq Li YES 1000will cause the kernel to ignore TCP frames that have both 1001the SYN and FIN flags set. 1002This prevents OS fingerprinting, but may 1003break some legitimate applications. 1004.It Va icmp_drop_redirect 1005.Pq Vt bool 1006Set to 1007.Dq Li NO 1008by default. 1009Setting to 1010.Dq Li YES 1011will cause the kernel to ignore ICMP REDIRECT packets. 1012Refer to 1013.Xr icmp 4 1014for more information. 1015.It Va icmp_log_redirect 1016.Pq Vt bool 1017Set to 1018.Dq Li NO 1019by default. 1020Setting to 1021.Dq Li YES 1022will cause the kernel to log ICMP REDIRECT packets. 1023Note that 1024the log messages are not rate-limited, so this option should only be used 1025for troubleshooting networks. 1026Refer to 1027.Xr icmp 4 1028for more information. 1029.It Va icmp_bmcastecho 1030.Pq Vt bool 1031Set to 1032.Dq Li YES 1033to respond to broadcast or multicast ICMP ping packets. 1034Refer to 1035.Xr icmp 4 1036for more information. 1037.It Va ip_portrange_first 1038.Pq Vt int 1039If not set to 1040.Dq Li NO , 1041this is the first port in the default portrange. 1042Refer to 1043.Xr ip 4 1044for more information. 1045.It Va ip_portrange_last 1046.Pq Vt int 1047If not set to 1048.Dq Li NO , 1049this is the last port in the default portrange. 1050Refer to 1051.Xr ip 4 1052for more information. 1053.It Va network_interfaces 1054.Pq Vt str 1055Set to the list of network interfaces to configure on this host or 1056.Dq Li AUTO 1057(the default) for all current interfaces. 1058Setting the 1059.Va network_interfaces 1060variable to anything other than the default is deprecated. 1061Interfaces that the administrator wishes to store configuration for, 1062but not start at boot should be configured with the 1063.Dq Li NOAUTO 1064keyword in their 1065.Va ifconfig_ Ns Aq Ar interface 1066variables as described below. 1067.Pp 1068An 1069.Va ifconfig_ Ns Aq Ar interface 1070variable is also assumed to exist for each value of 1071.Ar interface . 1072When an interface name contains any of the characters 1073.Dq Li .-/+ 1074they are translated to 1075.Dq Li _ 1076before lookup. 1077The variable can contain arguments to 1078.Xr ifconfig 8 , 1079as well as special case-insensitive keywords described below. 1080Such keywords are removed before passing the value to 1081.Xr ifconfig 8 1082while the order of the other arguments is preserved. 1083.Pp 1084One can configure more than one IPv4 address with the 1085.Va ipv4_addrs_ Ns Aq Ar interface 1086variable. 1087One or more IP addresses must be provided in Classless Inter-Domain 1088Routing (CIDR) address notation, whose last byte can be a range like 1089192.0.2.5-23/24. 1090In this case the address 192.0.2.5 will be configured with the 1091netmask /24 and the addresses 192.0.2.6 to 192.0.2.23 with 1092the non-conflicting netmask /32 as explained in the 1093.Xr ifconfig 8 1094alias section. 1095With the interface in question being 1096.Li ed0 , 1097an example could look like: 1098.Bd -literal 1099ipv4_addrs_ed0="192.0.2.129/27 192.0.2.1-5/28" 1100.Ed 1101.Pp 1102It is also possible to add IP alias entries using 1103.Xr ifconfig 8 1104syntax. 1105Assuming that the interface in question was 1106.Li ed0 , 1107it might look 1108something like this: 1109.Bd -literal 1110ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 1111ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 1112.Ed 1113.Pp 1114And so on. 1115For each 1116.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1117entry that is found, 1118its contents are passed to 1119.Xr ifconfig 8 . 1120Execution stops at the first unsuccessful access, so if 1121something like this is present: 1122.Bd -literal 1123ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 1124ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 1125ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 1126ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 1127.Ed 1128.Pp 1129Then note that alias4 would 1130.Em not 1131be added since the search would 1132stop with the missing 1133.Dq Li alias3 1134entry. 1135Due to this difficult to manage behavior, the 1136.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1137form is deprecated. 1138.Pp 1139If the 1140.Pa /etc/start_if. Ns Aq Ar interface 1141file is present, it is read and executed by the 1142.Xr sh 1 1143interpreter 1144before configuring the interface as specified in the 1145.Va ifconfig_ Ns Aq Ar interface 1146and 1147.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1148variables. 1149.Pp 1150If a 1151.Va vlans_ Ns Aq Ar interface 1152variable is set, 1153a 1154.Xr vlan 4 1155interface will be created for each item in the list with the 1156.Ar vlandev 1157argument set to 1158.Ar interface . 1159If a vlan interface's name is a number, 1160then that number is used as the vlan tag and the new vlan interface is 1161named 1162.Ar interface . Ns Ar tag . 1163Otherwise, 1164the vlan tag must be specified via a 1165.Va vlan 1166parameter in the 1167.Va create_args_ Ns Aq Ar interface 1168variable. 1169.Pp 1170To create a vlan device named 1171.Li em0.101 1172on 1173.Li em0 1174with the vlan tag 101 and the optional the IPv4 address 192.0.2.1/24: 1175.Bd -literal 1176vlans_em0="101" 1177ifconfig_em0_101="inet 192.0.2.1/24" 1178.Ed 1179.Pp 1180To create a vlan device named 1181.Li myvlan 1182on 1183.Li em0 1184with the vlan tag 102: 1185.Bd -literal 1186vlans_em0="myvlan" 1187create_args_myvlan="vlan 102" 1188.Ed 1189.Pp 1190If a 1191.Va wlans_ Ns Aq Ar interface 1192variable is set, 1193an 1194.Xr wlan 4 1195interface will be created for each item in the list with the 1196.Ar wlandev 1197argument set to 1198.Ar interface . 1199Further wlan cloning arguments may be passed to the 1200.Xr ifconfig 8 1201.Cm create 1202command by setting the 1203.Va create_args_ Ns Aq Ar interface 1204variable. 1205One or more 1206.Xr wlan 4 1207devices must be created for each wireless devices as of 1208.Fx 8.0 . 1209Debugging flags for 1210.Xr wlan 4 1211devices as set by 1212.Xr wlandebug 8 1213may be specified with an 1214.Va wlandebug_ Ns Aq Ar interface 1215variable. 1216The contents of this variable will be passed directly to 1217.Xr wlandebug 8 . 1218.Pp 1219If the 1220.Va ifconfig_ Ns Aq Ar interface 1221contains the keyword 1222.Dq Li NOAUTO 1223then the interface will not be configured 1224at boot or by 1225.Pa /etc/pccard_ether 1226when 1227.Va network_interfaces 1228is set to 1229.Dq Li AUTO . 1230.Pp 1231It is possible to bring up an interface with DHCP by adding 1232.Dq Li DHCP 1233to the 1234.Va ifconfig_ Ns Aq Ar interface 1235variable. 1236For instance, to initialize the 1237.Li ed0 1238device via DHCP, 1239it is possible to use something like: 1240.Bd -literal 1241ifconfig_ed0="DHCP" 1242.Ed 1243.Pp 1244Also, if you want to configure your wireless interface with 1245.Xr wpa_supplicant 8 1246for use with WPA, EAP/LEAP or WEP, you need to add 1247.Dq Li WPA 1248to the 1249.Va ifconfig_ Ns Aq Ar interface 1250variable. 1251.Pp 1252Finally, you can add 1253.Xr ifconfig 8 1254options in this variable, in addition to the 1255.Pa /etc/start_if. Ns Aq Ar interface 1256file. 1257For instance, to configure an 1258.Xr ath 4 1259wireless device in station mode with an address obtained 1260via DHCP, using WPA authentication and 802.11b mode, it is 1261possible to use something like: 1262.Bd -literal 1263wlans_ath0="wlan0" 1264ifconfig_wlan0="DHCP WPA mode 11b" 1265.Ed 1266.Pp 1267In addition to the 1268.Va ifconfig_ Ns Aq Ar interface 1269form, a fallback variable 1270.Va ifconfig_DEFAULT 1271may be configured. 1272It will be used for all interfaces with no 1273.Va ifconfig_ Ns Aq Ar interface 1274variable. 1275This is intended to replace the no longer supported 1276.Va pccard_ifconfig 1277variable. 1278.Pp 1279It is also possible to rename an interface by doing: 1280.Bd -literal 1281ifconfig_ed0_name="net0" 1282ifconfig_net0="inet 192.0.2.1 netmask 0xffffff00" 1283.Ed 1284.It Va ipv6_enable 1285.Pq Vt bool 1286If the variable is 1287.Dq Li YES , 1288.Dq Li inet6 accept_rtadv 1289is added to all of 1290.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1291and the 1292.Va ipv6_activate_all_interfaces 1293is defined as 1294.Dq Li YES . 1295.Pp 1296This variable is deprecated. Use 1297.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1298and 1299.Va ipv6_activate_all_interfaces 1300if necessary. 1301.It Va ipv6_prefer 1302.Pq Vt bool 1303If the variable is 1304.Dq Li YES , 1305the default address selection policy table set by 1306.Xr ip6addrctl 8 1307will be IPv6-preferred. 1308.Pp 1309If the variable is 1310.Dq Li NO , 1311the default address selection policy table set by 1312.Xr ip6addrctl 8 1313will be IPv4-preferred. 1314.Pp 1315This variable is deprecated. Use 1316.Va ip6addrctl_policy 1317instead. 1318.It Va ipv6_activate_all_interfaces 1319If the variable is 1320.Dq Li NO , 1321all of interfaces which do not have the corrsponding 1322.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1323variable will be marked as 1324.Dq Li IFDISABLED 1325for security reason. This means only IPv6 functionality on that interface 1326is completely disabled. For more details of 1327.Dq Li IFDISABLED 1328flag and keywords 1329.Dq Li inet6 ifdisabled , 1330see 1331.Xr ifconfig 8 . 1332.Pp 1333Default is 1334.Dq Li NO . 1335.It Va ipv6_privacy 1336.Pq Vt bool 1337If the variable is 1338.Dq Li YES 1339privacy addresses will be generated for each IPv6 1340interface as described in RFC 4193. 1341.It Va ipv6_network_interfaces 1342.Pq Vt str 1343This is the IPv6 equivalent of 1344.Va network_interfaces . 1345Normally manual configuration of this variable is not needed. 1346.Pp 1347.It Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1348.Pq Vt str 1349IPv6 functionality on an interface should be configured by 1350.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 , 1351instead of setting ifconfig parameters in 1352.Va ifconfig_ Ns Aq Ar interface . 1353Aliases should be set by 1354.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1355with 1356.Dq Li inet6 1357keyword. For example: 1358.Bd -literal 1359ifconfig_ed0_ipv6="inet6 2001:db8:1::1 prefixlen 64" 1360ifconfig_ed0_alias0="inet6 2001:db8:2::1 prefixlen 64" 1361.Ed 1362.Pp 1363Interfaces that have an 1364.Dq Li inet6 accept_rtadv 1365keyword in 1366.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1367setting will be automatically configured by 1368.Xr rtsol 8 . 1369Note that this automatic configuration is disabled if the 1370.Va ipv6_gateway_enable 1371is set to 1372.Dq Li YES . 1373.It Va ipv6_prefix_ Ns Aq Ar interface 1374.Pq Vt str 1375If one or more prefixes are defined in 1376.Va ipv6_prefix_ Ns Aq Ar interface 1377addresses based on each prefix and the EUI-64 interface index will be 1378configured on that interface. 1379.It Va ipv6_default_interface 1380.Pq Vt str 1381If not set to 1382.Dq Li NO , 1383this is the default output interface for scoped addresses. 1384This works only with ipv6_gateway_enable="NO". 1385.It Va ip6addrctl_enable 1386.Pq Vt bool 1387This variable is to enable configuring default address selection policy table 1388.Pq RFC 3484 . 1389The table can be specified in another variable 1390.Va ip6addrctl_policy . 1391For 1392.Va ip6addrctl_policy 1393the following keywords can be specified: 1394.Dq Li ipv4_prefer , 1395.Dq Li ipv6_prefer , 1396or 1397.Dq Li AUTO . 1398.Pp 1399If 1400.Dq Li ipv4_prefer 1401or 1402.Dq Li ipv6_prefer 1403is specified, 1404.Xr ip6addrctl 8 1405installs a pre-defined policy table described in Section 2.1 1406.Pq IPv6-preferred 1407or 10.3 1408.Pq IPv4-preferred 1409of RFC 3484. 1410.Pp 1411If 1412.Dq Li AUTO 1413is specified, it attempts to read a file 1414.Pa /etc/ip6addrctl.conf 1415first. If this file is found, 1416.Xr ip6addrctl 8 1417reads and installs it. If not found, a policy is automatically set 1418according to 1419.Va ipv6_activate_all_interfaces 1420variable; if the variable is set to 1421.Dq Li YES 1422the IPv6-preferred one is used. Otherwise IPv4-preferred. 1423.Pp 1424The default value of 1425.Va ip6addrctl_enable 1426and 1427.Va ip6addrctl_policy 1428are 1429.Dq Li YES 1430and 1431.Dq Li AUTO , 1432respectively. 1433.It Va cloned_interfaces 1434.Pq Vt str 1435Set to the list of clonable network interfaces to create on this host. 1436Further cloning arguments may be passed to the 1437.Xr ifconfig 8 1438.Cm create 1439command for each interface by setting the 1440.Va create_args_ Ns Aq Ar interface 1441variable. 1442Entries in 1443.Va cloned_interfaces 1444are automatically appended to 1445.Va network_interfaces 1446for configuration. 1447.It Va fec_interfaces 1448.Pq Vt str 1449Set to the list of 1450.Xr ng_fec 4 1451Fast EtherChannel interfaces to configure on this host. 1452A 1453.Va fecconfig_ Ns Aq Ar interface 1454variable is assumed to exist for each value of 1455.Ar interface . 1456The value of this variable is used to configure link aggregated interfaces 1457according to the syntax of the 1458.Cm NGM_FEC_ADD_IFACE 1459to 1460.Xr ngctl 8 1461msg. 1462Additionally, this option ensures that each listed interface is created 1463via the 1464.Cm mkpeer 1465command to 1466.Xr ngctl 8 1467before attempting to configure it. 1468For example: 1469.Bd -literal 1470fec_interfaces="fec0" 1471fecconfig_fec0="em0 em1" 1472ifconfig_fec0="DHCP" 1473.Ed 1474.It Va gif_interfaces 1475.Pq Vt str 1476Set to the list of 1477.Xr gif 4 1478tunnel interfaces to configure on this host. 1479A 1480.Va gifconfig_ Ns Aq Ar interface 1481variable is assumed to exist for each value of 1482.Ar interface . 1483The value of this variable is used to configure the link layer of the 1484tunnel according to the syntax of the 1485.Cm tunnel 1486option to 1487.Xr ifconfig 8 . 1488Additionally, this option ensures that each listed interface is created 1489via the 1490.Cm create 1491option to 1492.Xr ifconfig 8 1493before attempting to configure it. 1494.It Va sppp_interfaces 1495.Pq Vt str 1496Set to the list of 1497.Xr sppp 4 1498interfaces to configure on this host. 1499A 1500.Va spppconfig_ Ns Aq Ar interface 1501variable is assumed to exist for each value of 1502.Ar interface . 1503Each interface should also be configured by a general 1504.Va ifconfig_ Ns Aq Ar interface 1505setting. 1506Refer to 1507.Xr spppcontrol 8 1508for more information about available options. 1509.It Va ppp_enable 1510.Pq Vt bool 1511If set to 1512.Dq Li YES , 1513run the 1514.Xr ppp 8 1515daemon. 1516.It Va ppp_profile 1517.Pq Vt str 1518The name of the profile to use from 1519.Pa /etc/ppp/ppp.conf . 1520Also used for per-profile overrides of 1521.Va ppp_mode 1522and 1523.Va ppp_nat , 1524and 1525.Va ppp_ Ns Ao Ar profile Ac Ns _unit . 1526When the profile name contains any of the characters 1527.Dq Li .-/+ 1528they are translated to 1529.Dq Li _ 1530for the proposes of the override variable names. 1531.It Va ppp_mode 1532.Pq Vt str 1533Mode in which to run the 1534.Xr ppp 8 1535daemon. 1536.It Va ppp_ Ns Ao Ar profile Ac Ns _mode 1537.Pq Vt str 1538Overrides the global 1539.Va ppp_mode 1540for 1541.Ar profile . 1542Accepted modes are 1543.Dq Li auto , 1544.Dq Li ddial , 1545.Dq Li direct 1546and 1547.Dq Li dedicated . 1548See the manual for a full description. 1549.It Va ppp_nat 1550.Pq Vt bool 1551If set to 1552.Dq Li YES , 1553enables network address translation. 1554Used in conjunction with 1555.Va gateway_enable 1556allows hosts on private network addresses access to the Internet using 1557this host as a network address translating router. 1558.It Va ppp_ Ns Ao Ar profile Ac Ns _nat 1559.Pq Vt str 1560Overrides the global 1561.Va ppp_nat 1562for 1563.Ar profile . 1564.It Va ppp_ Ns Ao Ar profile Ac Ns _unit 1565.Pq Vt int 1566Set the unit number to be used for this profile. 1567See the manual description of 1568.Fl unit Ns Ar N 1569for details. 1570.It Va ppp_user 1571.Pq Vt str 1572The name of the user under which 1573.Xr ppp 8 1574should be started. 1575By 1576default, 1577.Xr ppp 8 1578is started as 1579.Dq Li root . 1580.It Va rc_conf_files 1581.Pq Vt str 1582This option is used to specify a list of files that will override 1583the settings in 1584.Pa /etc/defaults/rc.conf . 1585The files will be read in the order in which they are specified and should 1586include the full path to the file. 1587By default, the files specified are 1588.Pa /etc/rc.conf 1589and 1590.Pa /etc/rc.conf.local 1591.It Va zfs_enable 1592.Pq Vt bool 1593If set to 1594.Dq Li YES , 1595.Pa /etc/rc.d/zfs 1596will attempt to automatically mount ZFS file systems and initialize ZFS volumes 1597(ZVOLs). 1598.It Va gptboot_enable 1599.Pq Vt bool 1600If set to 1601.Dq Li YES , 1602.Pa /etc/rc.d/gptboot 1603will log if the system successfully (or not) booted from a GPT partition, 1604which had the 1605.Ar bootonce 1606attribute set using 1607.Xr gpart 8 1608utility. 1609.It Va gbde_autoattach_all 1610.Pq Vt bool 1611If set to 1612.Dq Li YES , 1613.Pa /etc/rc.d/gbde 1614will attempt to automatically initialize your .bde devices in 1615.Pa /etc/fstab . 1616.It Va gbde_devices 1617.Pq Vt str 1618List the devices that the script should try to attach, 1619or 1620.Dq Li AUTO . 1621.It Va gbde_lockdir 1622.Pq Vt str 1623The directory where the 1624.Xr gbde 4 1625lockfiles are located. 1626The default lockfile directory is 1627.Pa /etc . 1628.Pp 1629The lockfile for each individual 1630.Xr gbde 4 1631device can be overridden by setting the variable 1632.Va gbde_lock_ Ns Aq Ar device , 1633where 1634.Ar device 1635is the encrypted device without the 1636.Dq Pa /dev/ 1637and 1638.Dq Pa .bde 1639parts. 1640.It Va gbde_attach_attempts 1641.Pq Vt int 1642Number of times to attempt attaching to a 1643.Xr gbde 4 1644device, i.e., how many times the user is asked for the pass-phrase. 1645Default is 3. 1646.It Va geli_devices 1647.Pq Vt str 1648List of devices to automatically attach on boot. 1649Note that .eli devices from 1650.Pa /etc/fstab 1651are automatically appended to this list. 1652.It Va geli_tries 1653.Pq Vt int 1654Number of times user is asked for the pass-phrase. 1655If empty, it will be taken from 1656.Va kern.geom.eli.tries 1657sysctl variable. 1658.It Va geli_default_flags 1659.Pq Vt str 1660Default flags to use by 1661.Xr geli 8 1662when configuring disk encryption. 1663Flags can be configured for every device separately by defining 1664.Va geli_ Ns Ao Ar device Ac Ns Va _flags 1665variable. 1666.It Va geli_autodetach 1667.Pq Vt str 1668Specifies if GELI devices should be marked for detach on last close after 1669file systems are mounted. 1670Default is 1671.Dq Li YES . 1672This can be changed for every device separately by defining 1673.Va geli_ Ns Ao Ar device Ac Ns Va _autodetach 1674variable. 1675.It Va geli_swap_flags 1676Options passed to the 1677.Xr geli 8 1678utility when encrypted GEOM providers for swap partitions are created. 1679The default is 1680.Dq Li "-e aes -l 256 -s 4096 -d" . 1681.It Va root_rw_mount 1682.Pq Vt bool 1683Set to 1684.Dq Li YES 1685by default. 1686After the file systems are checked at boot time, the root file system 1687is remounted as read-write if this is set to 1688.Dq Li YES . 1689Diskless systems that mount their root file system from a read-only remote 1690NFS share should set this to 1691.Dq Li NO 1692in their 1693.Pa rc.conf . 1694.It Va fsck_y_enable 1695.Pq Vt bool 1696If set to 1697.Dq Li YES , 1698.Xr fsck 8 1699will be run with the 1700.Fl y 1701flag if the initial preen 1702of the file systems fails. 1703.It Va background_fsck 1704.Pq Vt bool 1705If set to 1706.Dq Li YES , 1707the system will attempt to run 1708.Xr fsck 8 1709in the background where possible. 1710.It Va background_fsck_delay 1711.Pq Vt int 1712The amount of time in seconds to sleep before starting a background 1713.Xr fsck 8 . 1714It defaults to sixty seconds to allow large applications such as 1715the X server to start before disk I/O bandwidth is monopolized by 1716.Xr fsck 8 . 1717If set to a negative number, the background file system check will be 1718delayed indefinitely to allow the administrator to run it at a more 1719convenient time. 1720For example it may be run from 1721.Xr cron 8 1722by adding a line like 1723.Pp 1724.Dl "0 4 * * * root /etc/rc.d/bgfsck forcestart" 1725.Pp 1726to 1727.Pa /etc/crontab . 1728.It Va netfs_types 1729.Pq Vt str 1730List of file system types that are network-based. 1731This list should generally not be modified by end users. 1732Use 1733.Va extra_netfs_types 1734instead. 1735.It Va extra_netfs_types 1736.Pq Vt str 1737If set to something other than 1738.Dq Li NO 1739(the default), 1740this variable extends the list of file system types 1741for which automatic mounting at startup by 1742.Xr rc 8 1743should be delayed until the network is initialized. 1744It should contain 1745a whitespace-separated list of network file system descriptor pairs, 1746each consisting of a file system type as passed to 1747.Xr mount 8 1748and a human-readable, one-word description, 1749joined with a colon 1750.Pq Ql \&: . 1751Extending the default list in this way is only necessary 1752when third party file system types are used. 1753.It Va syslogd_enable 1754.Pq Vt bool 1755If set to 1756.Dq Li YES , 1757run the 1758.Xr syslogd 8 1759daemon. 1760.It Va syslogd_program 1761.Pq Vt str 1762Path to 1763.Xr syslogd 8 1764(default 1765.Pa /usr/sbin/syslogd ) . 1766.It Va syslogd_flags 1767.Pq Vt str 1768If 1769.Va syslogd_enable 1770is set to 1771.Dq Li YES , 1772these are the flags to pass to 1773.Xr syslogd 8 . 1774.It Va inetd_enable 1775.Pq Vt bool 1776If set to 1777.Dq Li YES , 1778run the 1779.Xr inetd 8 1780daemon. 1781.It Va inetd_program 1782.Pq Vt str 1783Path to 1784.Xr inetd 8 1785(default 1786.Pa /usr/sbin/inetd ) . 1787.It Va inetd_flags 1788.Pq Vt str 1789If 1790.Va inetd_enable 1791is set to 1792.Dq Li YES , 1793these are the flags to pass to 1794.Xr inetd 8 . 1795.It Va hastd_enable 1796.Pq Vt bool 1797If set to 1798.Dq Li YES , 1799run the 1800.Xr hastd 8 1801daemon. 1802.It Va hastd_program 1803.Pq Vt str 1804Path to 1805.Xr hastd 8 1806(default 1807.Pa /sbin/hastd ) . 1808.It Va hastd_flags 1809.Pq Vt str 1810If 1811.Va hastd_enable 1812is set to 1813.Dq Li YES , 1814these are the flags to pass to 1815.Xr hastd 8 . 1816.It Va named_enable 1817.Pq Vt bool 1818If set to 1819.Dq Li YES , 1820run the 1821.Xr named 8 1822daemon. 1823.It Va named_program 1824.Pq Vt str 1825Path to 1826.Xr named 8 1827(default 1828.Pa /usr/sbin/named ) . 1829.It Va named_conf 1830.Pq Vt str 1831Path to 1832.Xr named 8 1833configuration file, (default 1834.Pa /etc/namedb/named.conf ) . 1835.It Va named_flags 1836.Pq Vt str 1837If 1838.Va named_enable 1839is set to 1840.Dq Li YES , 1841these are the flags to pass to 1842.Xr named 8 . 1843.It Va named_uid 1844.Pq Vt str 1845The user that the 1846.Xr named 8 1847process should be run as. 1848.It Va named_chrootdir 1849.Pq Vt str 1850The root directory for a name server run in a 1851.Xr chroot 8 1852environment (default 1853.Pa /var/named ) . 1854If left empty 1855.Xr named 8 1856will not be run in a 1857.Xr chroot 8 1858environment. 1859.It Va named_chroot_autoupdate 1860.Pq Vt bool 1861Set to 1862.Dq Li NO 1863to disable automatic update of the 1864.Xr chroot 8 1865environment. 1866.It Va named_symlink_enable 1867.Pq Vt bool 1868Set to 1869.Dq Li NO 1870to disable symlinking of 1871daemon's PID file 1872into the 1873.Xr chroot 8 1874environment. 1875.It Va named_wait 1876.Pq Vt bool 1877Set to have 1878.Pa /etc/rc.d/named 1879loop until working name service is established. 1880.It Va named_wait_host 1881.Pq Vt str 1882Name of host to lookup for the named_wait option. 1883(Default localhost) 1884.It Va named_auto_forward 1885.Pq Vt bool 1886Set to enable automatic creation of a forwarder 1887configuration file derived from 1888.Pa /etc/resolv.conf . 1889.It Va named_auto_forward_only 1890.Pq Vt bool 1891Set to change the default forwarder configuration from 1892.Dq forward first 1893to 1894.Dq forward only . 1895.It Va kerberos5_server_enable 1896.Pq Vt bool 1897Set to 1898.Dq Li YES 1899to start a Kerberos 5 authentication server 1900at boot time. 1901.It Va kerberos5_server 1902.Pq Vt str 1903If 1904.Va kerberos5_server_enable 1905is set to 1906.Dq Li YES 1907this is the path to Kerberos 5 Authentication Server. 1908.It Va kerberos5_server_flags 1909.Pq Vt str 1910Empty by default. 1911This variable contains additional flags to be passed to the Kerberos 5 1912authentication server. 1913.It Va kadmind5_server_enable 1914.Pq Vt bool 1915Set to 1916.Dq Li YES 1917to start 1918.Xr kadmind 8 , 1919the Kerberos 5 Administration Daemon; set to 1920.Dq Li NO 1921on a slave server. 1922.It Va kadmind5_server 1923.Pq Vt str 1924If 1925.Va kadmind5_server_enable 1926is set to 1927.Dq Li YES 1928this is the path to Kerberos 5 Administration Daemon. 1929.It Va kpasswdd_server_enable 1930.Pq Vt bool 1931Set to 1932.Dq Li YES 1933to start 1934.Xr kpasswdd 8 , 1935the Kerberos 5 Password-Changing Daemon; set to 1936.Dq Li NO 1937on a slave server. 1938.It Va kpasswdd_server 1939.Pq Vt str 1940If 1941.Va kpasswdd_server_enable 1942is set to 1943.Dq Li YES 1944this is the path to Kerberos 5 Password-Changing Daemon. 1945.It Va rwhod_enable 1946.Pq Vt bool 1947If set to 1948.Dq Li YES , 1949run the 1950.Xr rwhod 8 1951daemon at boot time. 1952.It Va rwhod_flags 1953.Pq Vt str 1954If 1955.Va rwhod_enable 1956is set to 1957.Dq Li YES , 1958these are the flags to pass to it. 1959.It Va amd_enable 1960.Pq Vt bool 1961If set to 1962.Dq Li YES , 1963run the 1964.Xr amd 8 1965daemon at boot time. 1966.It Va amd_flags 1967.Pq Vt str 1968If 1969.Va amd_enable 1970is set to 1971.Dq Li YES , 1972these are the flags to pass to it. 1973See the 1974.Xr amd 8 1975manpage for more information. 1976.It Va amd_map_program 1977.Pq Vt str 1978If set, 1979the specified program is run to get the list of 1980.Xr amd 8 1981maps. 1982For example, if the 1983.Xr amd 8 1984maps are stored in NIS, one can set this to 1985run 1986.Xr ypcat 1 1987to get a list of 1988.Xr amd 8 1989maps from the 1990.Pa amd.master 1991NIS map. 1992.It Va update_motd 1993.Pq Vt bool 1994If set to 1995.Dq Li YES , 1996.Pa /etc/motd 1997will be updated at boot time to reflect the kernel release 1998being run. 1999If set to 2000.Dq Li NO , 2001.Pa /etc/motd 2002will not be updated. 2003.It Va nfs_client_enable 2004.Pq Vt bool 2005If set to 2006.Dq Li YES , 2007run the NFS client daemons at boot time. 2008.It Va nfs_access_cache 2009.Pq Vt int 2010If 2011.Va nfs_client_enable 2012is set to 2013.Dq Li YES , 2014this can be set to 2015.Dq Li 0 2016to disable NFS ACCESS RPC caching, or to the number of seconds for which 2017NFS ACCESS 2018results should be cached. 2019A value of 2-10 seconds will substantially reduce network 2020traffic for many NFS operations. 2021.It Va nfs_server_enable 2022.Pq Vt bool 2023If set to 2024.Dq Li YES , 2025run the NFS server daemons at boot time. 2026.It Va nfs_server_flags 2027.Pq Vt str 2028If 2029.Va nfs_server_enable 2030is set to 2031.Dq Li YES , 2032these are the flags to pass to the 2033.Xr nfsd 8 2034daemon. 2035.It Va nfsv4_server_enable 2036.Pq Vt bool 2037If 2038.Va nfs_server_enable 2039is set to 2040.Dq Li YES 2041and 2042.Va nfsv4_server_enable 2043are set to 2044.Dq Li YES , 2045enable the server for NFSv4 as well as NFSv2 and NFSv3. 2046.It Va nfsuserd_enable 2047.Pq Vt bool 2048If 2049.Va nfsuserd_enable 2050is set to 2051.Dq Li YES , 2052run the nfsuserd daemon, which is needed for NFSv4 in order 2053to map between user/group names vs uid/gid numbers. 2054If 2055.Va nfsv4_server_enable 2056is set to 2057.Dq Li YES , 2058this will be forced enabled. 2059.It Va nfsuserd_flags 2060.Pq Vt str 2061If 2062.Va nfsuserd_enable 2063is set to 2064.Dq Li YES , 2065these are the flags to pass to the 2066.Xr nfsuserd 8 2067daemon. 2068.It Va nfscbd_enable 2069.Pq Vt bool 2070If 2071.Va nfscbd_enable 2072is set to 2073.Dq Li YES , 2074run the nfscbd daemon, which enables callbacks/delegations for the NFSv4 client. 2075.It Va nfscbd_flags 2076.Pq Vt str 2077If 2078.Va nfscbd_enable 2079is set to 2080.Dq Li YES , 2081these are the flags to pass to the 2082.Xr nfscbd 8 2083daemon. 2084.It Va oldnfs_server_enable 2085.Pq Vt bool 2086If 2087.Va oldnfs_server_enable 2088is set to 2089.Dq Li YES , 2090force the NFS server daemons to run the old NFS server code 2091that does not support NFSv4. 2092.It Va mountd_enable 2093.Pq Vt bool 2094If set to 2095.Dq Li YES , 2096and no 2097.Va nfs_server_enable 2098is set, start 2099.Xr mountd 8 , 2100but not 2101.Xr nfsd 8 2102daemon. 2103It is commonly needed to run CFS without real NFS used. 2104.It Va mountd_flags 2105.Pq Vt str 2106If 2107.Va mountd_enable 2108is set to 2109.Dq Li YES , 2110these are the flags to pass to the 2111.Xr mountd 8 2112daemon. 2113.It Va weak_mountd_authentication 2114.Pq Vt bool 2115If set to 2116.Dq Li YES , 2117allow services like PCNFSD to make non-privileged mount 2118requests. 2119.It Va nfs_reserved_port_only 2120.Pq Vt bool 2121If set to 2122.Dq Li YES , 2123provide NFS services only on a secure port. 2124.It Va nfs_bufpackets 2125.Pq Vt int 2126If set to a number, indicates the number of packets worth of 2127socket buffer space to reserve on an NFS client. 2128The kernel default is typically 4. 2129Using a higher number may be 2130useful on gigabit networks to improve performance. 2131The minimum value is 21322 and the maximum is 64. 2133.It Va rpc_lockd_enable 2134.Pq Vt bool 2135If set to 2136.Dq Li YES 2137and also an NFS server or client, run 2138.Xr rpc.lockd 8 2139at boot time. 2140.It Va rpc_lockd_flags 2141.Pq Vt str 2142If 2143.Va rpc_lockd_enable 2144is set to 2145.Dq Li YES , 2146these are the flags to pass to the 2147.Xr rpc.lockd 8 2148daemon. 2149.It Va rpc_statd_enable 2150.Pq Vt bool 2151If set to 2152.Dq Li YES 2153and also an NFS server or client, run 2154.Xr rpc.statd 8 2155at boot time. 2156.It Va rpc_statd_flags 2157.Pq Vt str 2158If 2159.Va rpc_statd_enable 2160is set to 2161.Dq Li YES , 2162these are the flags to pass to the 2163.Xr rpc.statd 8 2164daemon. 2165.It Va rpcbind_program 2166.Pq Vt str 2167Path to 2168.Xr rpcbind 8 2169(default 2170.Pa /usr/sbin/rpcbind ) . 2171.It Va rpcbind_enable 2172.Pq Vt bool 2173If set to 2174.Dq Li YES , 2175run the 2176.Xr rpcbind 8 2177service at boot time. 2178.It Va rpcbind_flags 2179.Pq Vt str 2180If 2181.Va rpcbind_enable 2182is set to 2183.Dq Li YES , 2184these are the flags to pass to the 2185.Xr rpcbind 8 2186daemon. 2187.It Va keyserv_enable 2188.Pq Vt bool 2189If set to 2190.Dq Li YES , 2191run the 2192.Xr keyserv 8 2193daemon on boot for running Secure RPC. 2194.It Va keyserv_flags 2195.Pq Vt str 2196If 2197.Va keyserv_enable 2198is set to 2199.Dq Li YES , 2200these are the flags to pass to 2201.Xr keyserv 8 2202daemon. 2203.It Va pppoed_enable 2204.Pq Vt bool 2205If set to 2206.Dq Li YES , 2207run the 2208.Xr pppoed 8 2209daemon at boot time to provide PPP over Ethernet services. 2210.It Va pppoed_ Ns Aq Ar provider 2211.Pq Vt str 2212.Xr pppoed 8 2213listens to requests to this 2214.Ar provider 2215and ultimately runs 2216.Xr ppp 8 2217with a 2218.Ar system 2219argument of the same name. 2220.It Va pppoed_flags 2221.Pq Vt str 2222Additional flags to pass to 2223.Xr pppoed 8 . 2224.It Va pppoed_interface 2225.Pq Vt str 2226The network interface to run 2227.Xr pppoed 8 2228on. 2229This is mandatory when 2230.Va pppoed_enable 2231is set to 2232.Dq Li YES . 2233.It Va timed_enable 2234.Pq Vt bool 2235If set to 2236.Dq Li YES , 2237run the 2238.Xr timed 8 2239service at boot time. 2240This command is intended for networks of 2241machines where a consistent 2242.Dq "network time" 2243for all hosts must be established. 2244This is often useful in large NFS 2245environments where time stamps on files are expected to be consistent 2246network-wide. 2247.It Va timed_flags 2248.Pq Vt str 2249If 2250.Va timed_enable 2251is set to 2252.Dq Li YES , 2253these are the flags to pass to the 2254.Xr timed 8 2255service. 2256.It Va ntpdate_enable 2257.Pq Vt bool 2258If set to 2259.Dq Li YES , 2260run 2261.Xr ntpdate 8 2262at system startup. 2263This command is intended to 2264synchronize the system clock only 2265.Em once 2266from some standard reference. 2267An option to set this up initially 2268(from a list of known servers) is also provided by the 2269.Xr sysinstall 8 2270program when the system is first installed. 2271.It Va ntpdate_config 2272.Pq Vt str 2273Configuration file for 2274.Xr ntpdate 8 . 2275Default 2276.Pa /etc/ntp.conf . 2277.It Va ntpdate_hosts 2278.Pq Vt str 2279A whitespace-separated list of NTP servers to synchronize with at startup. 2280The default is to use the servers listed in 2281.Va ntpdate_config , 2282if that file exists. 2283.It Va ntpdate_program 2284.Pq Vt str 2285Path to 2286.Xr ntpdate 8 2287(default 2288.Pa /usr/sbin/ntpdate ) . 2289.It Va ntpdate_flags 2290.Pq Vt str 2291If 2292.Va ntpdate_enable 2293is set to 2294.Dq Li YES , 2295these are the flags to pass to the 2296.Xr ntpdate 8 2297command (typically a hostname). 2298.It Va ntpd_enable 2299.Pq Vt bool 2300If set to 2301.Dq Li YES , 2302run the 2303.Xr ntpd 8 2304command at boot time. 2305.It Va ntpd_program 2306.Pq Vt str 2307Path to 2308.Xr ntpd 8 2309(default 2310.Pa /usr/sbin/ntpd ) . 2311.It Va ntpd_config 2312.Pq Vt str 2313Path to 2314.Xr ntpd 8 2315configuration file. 2316Default 2317.Pa /etc/ntp.conf . 2318.It Va ntpd_flags 2319.Pq Vt str 2320If 2321.Va ntpd_enable 2322is set to 2323.Dq Li YES , 2324these are the flags to pass to the 2325.Xr ntpd 8 2326daemon. 2327.It Va ntpd_sync_on_start 2328.Pq Vt bool 2329If set to 2330.Dq Li YES , 2331.Xr ntpd 8 2332is run with the 2333.Fl g 2334flag, which syncs the system's clock on startup. 2335See 2336.Xr ntpd 8 2337for more information regarding the 2338.Fl g 2339option. 2340This is a preferred alternative to using 2341.Xr ntpdate 8 2342or specifying the 2343.Va ntpdate_enable 2344variable. 2345.It Va nis_client_enable 2346.Pq Vt bool 2347If set to 2348.Dq Li YES , 2349run the 2350.Xr ypbind 8 2351service at system boot time. 2352.It Va nis_client_flags 2353.Pq Vt str 2354If 2355.Va nis_client_enable 2356is set to 2357.Dq Li YES , 2358these are the flags to pass to the 2359.Xr ypbind 8 2360service. 2361.It Va nis_ypset_enable 2362.Pq Vt bool 2363If set to 2364.Dq Li YES , 2365run the 2366.Xr ypset 8 2367daemon at system boot time. 2368.It Va nis_ypset_flags 2369.Pq Vt str 2370If 2371.Va nis_ypset_enable 2372is set to 2373.Dq Li YES , 2374these are the flags to pass to the 2375.Xr ypset 8 2376daemon. 2377.It Va nis_server_enable 2378.Pq Vt bool 2379If set to 2380.Dq Li YES , 2381run the 2382.Xr ypserv 8 2383daemon at system boot time. 2384.It Va nis_server_flags 2385.Pq Vt str 2386If 2387.Va nis_server_enable 2388is set to 2389.Dq Li YES , 2390these are the flags to pass to the 2391.Xr ypserv 8 2392daemon. 2393.It Va nis_ypxfrd_enable 2394.Pq Vt bool 2395If set to 2396.Dq Li YES , 2397run the 2398.Xr rpc.ypxfrd 8 2399daemon at system boot time. 2400.It Va nis_ypxfrd_flags 2401.Pq Vt str 2402If 2403.Va nis_ypxfrd_enable 2404is set to 2405.Dq Li YES , 2406these are the flags to pass to the 2407.Xr rpc.ypxfrd 8 2408daemon. 2409.It Va nis_yppasswdd_enable 2410.Pq Vt bool 2411If set to 2412.Dq Li YES , 2413run the 2414.Xr rpc.yppasswdd 8 2415daemon at system boot time. 2416.It Va nis_yppasswdd_flags 2417.Pq Vt str 2418If 2419.Va nis_yppasswdd_enable 2420is set to 2421.Dq Li YES , 2422these are the flags to pass to the 2423.Xr rpc.yppasswdd 8 2424daemon. 2425.It Va rpc_ypupdated_enable 2426.Pq Vt bool 2427If set to 2428.Dq Li YES , 2429run the 2430.Nm rpc.ypupdated 2431daemon at system boot time. 2432.It Va bsnmpd_enable 2433.Pq Vt bool 2434If set to 2435.Dq Li YES , 2436run the 2437.Xr bsnmpd 1 2438daemon at system boot time. 2439Be sure to understand the security implications of running SNMP daemon 2440on your host. 2441.It Va bsnmpd_flags 2442.Pq Vt str 2443If 2444.Va bsnmpd_enable 2445is set to 2446.Dq Li YES , 2447these are the flags to pass to the 2448.Xr bsnmpd 1 2449daemon. 2450.It Va defaultrouter 2451.Pq Vt str 2452If not set to 2453.Dq Li NO , 2454create a default route to this host name or IP address 2455(use an IP address if this router is also required to get to the 2456name server!). 2457.It Va ipv6_defaultrouter 2458.Pq Vt str 2459The IPv6 equivalent of 2460.Va defaultrouter . 2461.It Va static_arp_pairs 2462.Pq Vt str 2463Set to the list of static ARP pairs that are to be added at system 2464boot time. 2465For each whitespace separated 2466.Ar element 2467in the value, a 2468.Va static_arp_ Ns Aq Ar element 2469variable is assumed to exist whose contents will later be passed to a 2470.Dq Nm arp Cm -S 2471operation. 2472For example 2473.Bd -literal 2474static_arp_pairs="gw" 2475static_arp_gw="192.168.1.1 00:01:02:03:04:05" 2476.Ed 2477.It Va static_routes 2478.Pq Vt str 2479Set to the list of static routes that are to be added at system 2480boot time. 2481If not set to 2482.Dq Li NO 2483then for each whitespace separated 2484.Ar element 2485in the value, a 2486.Va route_ Ns Aq Ar element 2487variable is assumed to exist 2488whose contents will later be passed to a 2489.Dq Nm route Cm add 2490operation. 2491For example: 2492.Bd -literal 2493static_routes="mcast gif0local" 2494route_mcast="-net 224.0.0.0/4 -iface gif0" 2495route_gif0local="-host 169.254.1.1 -iface lo0" 2496.Ed 2497.It Va ipv6_static_routes 2498.Pq Vt str 2499The IPv6 equivalent of 2500.Va static_routes . 2501If not set to 2502.Dq Li NO 2503then for each whitespace separated 2504.Ar element 2505in the value, a 2506.Va ipv6_route_ Ns Aq Ar element 2507variable is assumed to exist 2508whose contents will later be passed to a 2509.Dq Nm route Cm add Fl inet6 2510operation. 2511.It Va natm_static_routes 2512.Pq Vt str 2513The 2514.Xr natmip 4 2515equivalent of 2516.Va static_routes . 2517If not empty then for each whitespace separated 2518.Ar element 2519in the value, a 2520.Va route_ Ns Aq Ar element 2521variable is assumed to exist whose contents will later be passed to a 2522.Dq Nm atmconfig Cm natm Cm add 2523operation. 2524.It Va gateway_enable 2525.Pq Vt bool 2526If set to 2527.Dq Li YES , 2528configure host to act as an IP router, e.g.\& to forward packets 2529between interfaces. 2530.It Va ipv6_gateway_enable 2531.Pq Vt bool 2532The IPv6 equivalent of 2533.Va gateway_enable . 2534.It Va routed_enable 2535.Pq Vt bool 2536If set to 2537.Dq Li YES , 2538run a routing daemon of some sort, based on the 2539settings of 2540.Va routed_program 2541and 2542.Va routed_flags . 2543.It Va route6d_enable 2544.Pq Vt bool 2545The IPv6 equivalent of 2546.Va routed_enable . 2547If set to 2548.Dq Li YES , 2549run a routing daemon of some sort, based on the 2550settings of 2551.Va route6d_program 2552and 2553.Va route6d_flags . 2554.It Va routed_program 2555.Pq Vt str 2556If 2557.Va routed_enable 2558is set to 2559.Dq Li YES , 2560this is the name of the routing daemon to use. 2561.It Va route6d_program 2562.Pq Vt str 2563The IPv6 equivalent of 2564.Va routed_program . 2565.It Va routed_flags 2566.Pq Vt str 2567If 2568.Va routed_enable 2569is set to 2570.Dq Li YES , 2571these are the flags to pass to the routing daemon. 2572.It Va route6d_flags 2573.Pq Vt str 2574The IPv6 equivalent of 2575.Va routed_flags . 2576.It Va mrouted_enable 2577.Pq Vt bool 2578If set to 2579.Dq Li YES , 2580run the multicast routing daemon, 2581.Xr mrouted 8 . 2582.It Va mroute6d_enable 2583.Pq Vt bool 2584The IPv6 equivalent of 2585.Va mrouted_enable . 2586If set to 2587.Dq Li YES , 2588run the IPv6 multicast routing daemon. 2589.Pp 2590Note that multicast routing daemons are no longer included in the 2591.Fx 2592base system, however, both 2593.Xr mrouted 8 2594and 2595.Xr pim6dd 8 2596may be installed from the 2597.Fx 2598Ports Collection. 2599.It Va mrouted_flags 2600.Pq Vt str 2601If 2602.Va mrouted_enable 2603is set to 2604.Dq Li YES , 2605these are the flags to pass to the 2606.Xr mrouted 8 2607daemon. 2608.It Va mroute6d_flags 2609.Pq Vt str 2610The IPv6 equivalent of 2611.Va mrouted_flags . 2612If 2613.Va mroute6d_enable 2614is set to 2615.Dq Li YES , 2616these are the flags passed to the IPv6 multicast routing daemon. 2617.It Va mroute6d_program 2618.Pq Vt str 2619If 2620.Va mroute6d_enable 2621is set to 2622.Dq Li YES , 2623this is the path to the IPv6 multicast routing daemon. 2624.It Va rtadvd_enable 2625.Pq Vt bool 2626If set to 2627.Dq Li YES , 2628run the 2629.Xr rtadvd 8 2630daemon at boot time. 2631.Xr rtadvd 8 2632will only run if 2633.Va ipv6_gateway_enable 2634is also set to 2635.Dq Li YES . 2636The 2637.Xr rtadvd 8 2638utility sends router advertisement packets to the interfaces specified in 2639.Va rtadvd_interfaces 2640and should only be enabled with great care. 2641You may want to fine-tune 2642.Xr rtadvd.conf 5 . 2643.It Va rtadvd_interfaces 2644.Pq Vt str 2645If 2646.Va rtadvd_enable 2647is set to 2648.Dq Li YES 2649this is the list of interfaces to use. 2650.It Va ipxgateway_enable 2651.Pq Vt bool 2652If set to 2653.Dq Li YES , 2654enable the routing of IPX traffic. 2655.It Va ipxrouted_enable 2656.Pq Vt bool 2657If set to 2658.Dq Li YES , 2659run the 2660.Xr IPXrouted 8 2661daemon at system boot time. 2662.It Va ipxrouted_flags 2663.Pq Vt str 2664If 2665.Va ipxrouted_enable 2666is set to 2667.Dq Li YES , 2668these are the flags to pass to the 2669.Xr IPXrouted 8 2670daemon. 2671.It Va arpproxy_all 2672.Pq Vt bool 2673If set to 2674.Dq Li YES , 2675enable global proxy ARP. 2676.It Va forward_sourceroute 2677.Pq Vt bool 2678If set to 2679.Dq Li YES 2680and 2681.Va gateway_enable 2682is also set to 2683.Dq Li YES , 2684source-routed packets are forwarded. 2685.It Va accept_sourceroute 2686.Pq Vt bool 2687If set to 2688.Dq Li YES , 2689the system will accept source-routed packets directed at it. 2690.It Va rarpd_enable 2691.Pq Vt bool 2692If set to 2693.Dq Li YES , 2694run the 2695.Xr rarpd 8 2696daemon at system boot time. 2697.It Va rarpd_flags 2698.Pq Vt str 2699If 2700.Va rarpd_enable 2701is set to 2702.Dq Li YES , 2703these are the flags to pass to the 2704.Xr rarpd 8 2705daemon. 2706.It Va bootparamd_enable 2707.Pq Vt bool 2708If set to 2709.Dq Li YES , 2710run the 2711.Xr bootparamd 8 2712daemon at system boot time. 2713.It Va bootparamd_flags 2714.Pq Vt str 2715If 2716.Va bootparamd_enable 2717is set to 2718.Dq Li YES , 2719these are the flags to pass to the 2720.Xr bootparamd 8 2721daemon. 2722.It Va stf_interface_ipv4addr 2723.Pq Vt str 2724If not set to 2725.Dq Li NO , 2726this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 2727interface). 2728Specify this entry to enable the 6to4 interface. 2729.It Va stf_interface_ipv4plen 2730.Pq Vt int 2731Prefix length for 6to4 IPv4 addresses, to limit peer address range. 2732An effective value is 0-31. 2733.It Va stf_interface_ipv6_ifid 2734.Pq Vt str 2735IPv6 interface ID for 2736.Xr stf 4 . 2737This can be set to 2738.Dq Li AUTO . 2739.It Va stf_interface_ipv6_slaid 2740.Pq Vt str 2741IPv6 Site Level Aggregator for 2742.Xr stf 4 . 2743.It Va ipv6_faith_prefix 2744.Pq Vt str 2745If not set to 2746.Dq Li NO , 2747this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 2748translator. 2749You also need 2750.Xr faithd 8 2751setup. 2752.It Va ipv6_ipv4mapping 2753.Pq Vt bool 2754If set to 2755.Dq Li YES 2756this enables IPv4 mapped IPv6 address communication (like 2757.Li ::ffff:a.b.c.d ) . 2758.It Va atm_enable 2759.Pq Vt bool 2760Set to 2761.Dq Li YES 2762to enable the configuration of ATM interfaces at system boot time. 2763For all of the ATM variables described below, please refer to the 2764.Xr atm 8 2765manual page for further details on the available command parameters. 2766Also refer to the files in 2767.Pa /usr/share/examples/atm 2768for more detailed configuration information. 2769.It Va atm_load 2770.Pq Vt str 2771This is a list of physical ATM interface drivers to load. 2772Typical values are 2773.Dq Li hfa_pci 2774and/or 2775.Dq Li hea_pci . 2776.It Va atm_netif_ Ns Aq Ar intf 2777.Pq Vt str 2778For the ATM physical interface 2779.Ar intf , 2780this variable defines the name prefix and count for the ATM network 2781interfaces to be created. 2782The value will be passed as the parameters of an 2783.Dq Nm atm Cm "set netif" Ar intf 2784command. 2785.It Va atm_sigmgr_ Ns Aq Ar intf 2786.Pq Vt str 2787For the ATM physical interface 2788.Ar intf , 2789this variable defines the ATM signalling manager to be used. 2790The value will be passed as the parameters of an 2791.Dq Nm atm Cm attach Ar intf 2792command. 2793.It Va atm_prefix_ Ns Aq Ar intf 2794.Pq Vt str 2795For the ATM physical interface 2796.Ar intf , 2797this variable defines the NSAP prefix for interfaces using a UNI signalling 2798manager. 2799If set to 2800.Dq Li ILMI , 2801the prefix will automatically be set via the 2802.Xr ilmid 8 2803daemon. 2804Otherwise, the value will be passed as the parameters of an 2805.Dq Nm atm Cm "set prefix" Ar intf 2806command. 2807.It Va atm_macaddr_ Ns Aq Ar intf 2808.Pq Vt str 2809For the ATM physical interface 2810.Ar intf , 2811this variable defines the MAC address for interfaces using a UNI signalling 2812manager. 2813If set to 2814.Dq Li NO , 2815the hardware MAC address contained in the ATM interface card will be used. 2816Otherwise, the value will be passed as the parameters of an 2817.Dq Nm atm Cm "set mac" Ar intf 2818command. 2819.It Va atm_arpserver_ Ns Aq Ar netif 2820.Pq Vt str 2821For the ATM network interface 2822.Ar netif , 2823this variable defines the ATM address for a host which is to provide ATMARP 2824service. 2825This variable is only applicable to interfaces using a UNI signalling 2826manager. 2827If set to 2828.Dq Li local , 2829this host will become an ATMARP server. 2830The value will be passed as the parameters of an 2831.Dq Nm atm Cm "set arpserver" Ar netif 2832command. 2833.It Va atm_scsparp_ Ns Aq Ar netif 2834.Pq Vt bool 2835If set to 2836.Dq Li YES , 2837SCSP/ATMARP service for the network interface 2838.Ar netif 2839will be initiated using the 2840.Xr scspd 8 2841and 2842.Xr atmarpd 8 2843daemons. 2844This variable is only applicable if 2845.Va atm_arpserver_ Ns Aq Ar netif 2846is set to 2847.Dq Li local . 2848.It Va atm_pvcs 2849.Pq Vt str 2850Set to the list of ATM PVCs to be added at system 2851boot time. 2852For each whitespace separated 2853.Ar element 2854in the value, an 2855.Va atm_pvc_ Ns Aq Ar element 2856variable is assumed to exist. 2857The value of each of these variables 2858will be passed as the parameters of an 2859.Dq Nm atm Cm "add pvc" 2860command. 2861.It Va atm_arps 2862.Pq Vt str 2863Set to the list of permanent ATM ARP entries to be added 2864at system boot time. 2865For each whitespace separated 2866.Ar element 2867in the value, an 2868.Va atm_arp_ Ns Aq Ar element 2869variable is assumed to exist. 2870The value of each of these variables 2871will be passed as the parameters of an 2872.Dq Nm atm Cm "add arp" 2873command. 2874.It Va natm_interfaces 2875.Pq Vt str 2876Set to the list of 2877.Xr natm 4 2878interfaces that will also be used for HARP through 2879.Xr harp 4 . 2880If this list is not empty all interfaces in the list will be brought up 2881with 2882.Xr ifconfig 8 2883and 2884.Xr harp 4 2885will be loaded. 2886For this to work the interface drivers must be either compiled into the 2887kernel or must reside on the root partition. 2888.It Va keybell 2889.Pq Vt str 2890The keyboard bell sound. 2891Set to 2892.Dq Li normal , 2893.Dq Li visual , 2894.Dq Li off , 2895or 2896.Dq Li NO 2897if the default behavior is desired. 2898For details, refer to the 2899.Xr kbdcontrol 1 2900manpage. 2901.It Va keyboard 2902.Pq Vt str 2903If set to a non-null string, the virtual console's keyboard input is 2904set to this device. 2905.It Va keymap 2906.Pq Vt str 2907If set to 2908.Dq Li NO , 2909no keymap is installed, otherwise the value is used to install 2910the keymap file in 2911.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2912.It Va keyrate 2913.Pq Vt str 2914The keyboard repeat speed. 2915Set to 2916.Dq Li slow , 2917.Dq Li normal , 2918.Dq Li fast , 2919or 2920.Dq Li NO 2921if the default behavior is desired. 2922.It Va keychange 2923.Pq Vt str 2924If not set to 2925.Dq Li NO , 2926attempt to program the function keys with the value. 2927The value should 2928be a single string of the form: 2929.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2930.It Va cursor 2931.Pq Vt str 2932Can be set to the value of 2933.Dq Li normal , 2934.Dq Li blink , 2935.Dq Li destructive , 2936or 2937.Dq Li NO 2938to set the cursor behavior explicitly or choose the default behavior. 2939.It Va scrnmap 2940.Pq Vt str 2941If set to 2942.Dq Li NO , 2943no screen map is installed, otherwise the value is used to install 2944the screen map file in 2945.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2946.It Va font8x16 2947.Pq Vt str 2948If set to 2949.Dq Li NO , 2950the default 8x16 font value is used for screen size requests, otherwise 2951the value in 2952.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2953is used. 2954.It Va font8x14 2955.Pq Vt str 2956If set to 2957.Dq Li NO , 2958the default 8x14 font value is used for screen size requests, otherwise 2959the value in 2960.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2961is used. 2962.It Va font8x8 2963.Pq Vt str 2964If set to 2965.Dq Li NO , 2966the default 8x8 font value is used for screen size requests, otherwise 2967the value in 2968.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2969is used. 2970.It Va blanktime 2971.Pq Vt int 2972If set to 2973.Dq Li NO , 2974the default screen blanking interval is used, otherwise it is set 2975to 2976.Ar value 2977seconds. 2978.It Va saver 2979.Pq Vt str 2980If not set to 2981.Dq Li NO , 2982this is the actual screen saver to use 2983.Li ( blank , snake , daemon , 2984etc). 2985.It Va moused_nondefault_enable 2986.Pq Vt str 2987If set to 2988.Dq Li NO , 2989the mouse device specified on 2990the command line is not automatically treated as enabled by the 2991.Pa /etc/rc.d/moused 2992script. 2993Having this variable set to 2994.Dq Li YES 2995allows a 2996.Xr usb 4 2997mouse, 2998for example, 2999to be enabled as soon as it is plugged in. 3000.It Va moused_enable 3001.Pq Vt str 3002If set to 3003.Dq Li YES , 3004the 3005.Xr moused 8 3006daemon is started for doing cut/paste selection on the console. 3007.It Va moused_type 3008.Pq Vt str 3009This is the protocol type of the mouse connected to this host. 3010This variable must be set if 3011.Va moused_enable 3012is set to 3013.Dq Li YES . 3014The 3015.Xr moused 8 3016daemon 3017is able to detect the appropriate mouse type automatically in many cases. 3018Set this variable to 3019.Dq Li auto 3020to let the daemon detect it, or 3021select one from the following list if the automatic detection fails. 3022.Pp 3023If the mouse is attached to the PS/2 mouse port, choose 3024.Dq Li auto 3025or 3026.Dq Li ps/2 , 3027regardless of the brand and model of the mouse. 3028Likewise, if the 3029mouse is attached to the bus mouse port, choose 3030.Dq Li auto 3031or 3032.Dq Li busmouse . 3033All other protocols are for serial mice and will not work with 3034the PS/2 and bus mice. 3035If this is a USB mouse, 3036.Dq Li auto 3037is the only protocol type which will work. 3038.Pp 3039.Bl -tag -width ".Li x10mouseremote" -compact 3040.It Li microsoft 3041Microsoft mouse (serial) 3042.It Li intellimouse 3043Microsoft IntelliMouse (serial) 3044.It Li mousesystems 3045Mouse systems Corp.\& mouse (serial) 3046.It Li mmseries 3047MM Series mouse (serial) 3048.It Li logitech 3049Logitech mouse (serial) 3050.It Li busmouse 3051A bus mouse 3052.It Li mouseman 3053Logitech MouseMan and TrackMan (serial) 3054.It Li glidepoint 3055ALPS GlidePoint (serial) 3056.It Li thinkingmouse 3057Kensington ThinkingMouse (serial) 3058.It Li ps/2 3059PS/2 mouse 3060.It Li mmhittab 3061MM HitTablet (serial) 3062.It Li x10mouseremote 3063X10 MouseRemote (serial) 3064.It Li versapad 3065Interlink VersaPad (serial) 3066.El 3067.Pp 3068Even if the mouse is not in the above list, it may be compatible 3069with one in the list. 3070Refer to the manual page for 3071.Xr moused 8 3072for compatibility information. 3073.Pp 3074It should also be noted that while this is enabled, any 3075other client of the mouse (such as an X server) should access 3076the mouse through the virtual mouse device, 3077.Pa /dev/sysmouse , 3078and configure it as a 3079.Dq Li sysmouse 3080type mouse, since all 3081mouse data is converted to this single canonical format when 3082using 3083.Xr moused 8 . 3084If the client program does not support the 3085.Dq Li sysmouse 3086type, 3087specify the 3088.Dq Li mousesystems 3089type. 3090It is the second preferred type. 3091.It Va moused_port 3092.Pq Vt str 3093If 3094.Va moused_enable 3095is set to 3096.Dq Li YES , 3097this is the actual port the mouse is on. 3098It might be 3099.Pa /dev/cuad0 3100for a COM1 serial mouse, 3101.Pa /dev/psm0 3102for a PS/2 mouse or 3103.Pa /dev/mse0 3104for a bus mouse, for example. 3105.It Va moused_flags 3106.Pq Vt str 3107If 3108.Va moused_flags 3109is set, its value is used as an additional set of flags to pass to the 3110.Xr moused 8 3111daemon. 3112.It Va "moused_" Ns Ar XXX Ns Va "_flags" 3113When 3114.Va moused_nondefault_enable 3115is enabled, and a 3116.Xr moused 8 3117daemon is started for a non-default port, the 3118.Va "moused_" Ns Ar XXX Ns Va "_flags" 3119set of options has precedence over and replaces the default 3120.Va moused_flags (where 3121.Ar XXX 3122is the name of the non-default port, i.e.\& 3123.Ar ums0 ) . 3124By setting 3125.Va "moused_" Ns Ar XXX Ns Va "_flags" 3126it is possible to set up a different set of default flags for each 3127.Xr moused 8 3128instance. 3129For example, you can use 3130.Dq Li "-3" 3131for the default 3132.Va moused_flags 3133to make your laptop's touchpad more comfortable to use, 3134but an empty set of options for 3135.Va moused_ums0_flags 3136when your 3137.Xr usb 4 3138mouse has three or more buttons. 3139.It Va mousechar_start 3140.Pq Vt int 3141If set to 3142.Dq Li NO , 3143the default mouse cursor character range 3144.Li 0xd0 Ns - Ns Li 0xd3 3145is used, 3146otherwise the range start is set 3147to 3148.Ar value 3149character, see 3150.Xr vidcontrol 1 . 3151Use if the default range is occupied in the language code table. 3152.It Va allscreens_flags 3153.Pq Vt str 3154If set, 3155.Xr vidcontrol 1 3156is run with these options for each of the virtual terminals 3157.Pq Pa /dev/ttyv* . 3158For example, 3159.Dq Fl m Cm on 3160will enable the mouse pointer on all virtual terminals 3161if 3162.Va moused_enable 3163is set to 3164.Dq Li YES . 3165.It Va allscreens_kbdflags 3166.Pq Vt str 3167If set, 3168.Xr kbdcontrol 1 3169is run with these options for each of the virtual terminals 3170.Pq Pa /dev/ttyv* . 3171For example, 3172.Dq Fl h Li 200 3173will set the 3174.Xr syscons 4 3175scrollback (history) buffer to 200 lines. 3176.It Va cron_enable 3177.Pq Vt bool 3178If set to 3179.Dq Li YES , 3180run the 3181.Xr cron 8 3182daemon at system boot time. 3183.It Va cron_program 3184.Pq Vt str 3185Path to 3186.Xr cron 8 3187(default 3188.Pa /usr/sbin/cron ) . 3189.It Va cron_flags 3190.Pq Vt str 3191If 3192.Va cron_enable 3193is set to 3194.Dq Li YES , 3195these are the flags to pass to 3196.Xr cron 8 . 3197.It Va cron_dst 3198.Pq Vt bool 3199If set to 3200.Dq Li YES , 3201enable the special handling of transitions to and from the 3202Daylight Saving Time in 3203.Xr cron 8 3204(equivalent to using the flag 3205.Fl s ) . 3206.It Va lpd_program 3207.Pq Vt str 3208Path to 3209.Xr lpd 8 3210(default 3211.Pa /usr/sbin/lpd ) . 3212.It Va lpd_enable 3213.Pq Vt bool 3214If set to 3215.Dq Li YES , 3216run the 3217.Xr lpd 8 3218daemon at system boot time. 3219.It Va lpd_flags 3220.Pq Vt str 3221If 3222.Va lpd_enable 3223is set to 3224.Dq Li YES , 3225these are the flags to pass to the 3226.Xr lpd 8 3227daemon. 3228.It Va chkprintcap_enable 3229.Pq Vt bool 3230If set to 3231.Dq Li YES , 3232run the 3233.Xr chkprintcap 8 3234command before starting the 3235.Xr lpd 8 3236daemon. 3237.It Va chkprintcap_flags 3238.Pq Vt str 3239If 3240.Va lpd_enable 3241and 3242.Va chkprintcap_enable 3243are set to 3244.Dq Li YES , 3245these are the flags to pass to the 3246.Xr chkprintcap 8 3247program. 3248The default is 3249.Dq Li -d , 3250which causes missing directories to be created. 3251.It Va mta_start_script 3252.Pq Vt str 3253This variable specifies the full path to the script to run to start 3254a mail transfer agent. 3255The default is 3256.Pa /etc/rc.sendmail . 3257The 3258.Va sendmail_* 3259variables which 3260.Pa /etc/rc.sendmail 3261uses are documented in the 3262.Xr rc.sendmail 8 3263manual page. 3264.It Va dumpdev 3265.Pq Vt str 3266Indicates the device (usually a swap partition) to which a crash dump 3267should be written in the event of a system crash. 3268If the value of this variable is 3269.Dq Li AUTO , 3270the first suitable swap device listed in 3271.Pa /etc/fstab 3272will be used as dump device. 3273Otherwise, the value of this variable is passed as the argument to 3274.Xr dumpon 8 . 3275To disable crash dumps, set this variable to 3276.Dq Li NO . 3277.It Va dumpdir 3278.Pq Vt str 3279When the system reboots after a crash and a crash dump is found on the 3280device specified by the 3281.Va dumpdev 3282variable, 3283.Xr savecore 8 3284will save that crash dump and a copy of the kernel to the directory 3285specified by the 3286.Va dumpdir 3287variable. 3288The default value is 3289.Pa /var/crash . 3290Set to 3291.Dq Li NO 3292to not run 3293.Xr savecore 8 3294at boot time when 3295.Va dumpdir 3296is set. 3297.It Va savecore_flags 3298.Pq Vt str 3299If crash dumps are enabled, these are the flags to pass to the 3300.Xr savecore 8 3301utility. 3302.It Va quota_enable 3303.Pq Vt bool 3304Set to 3305.Dq Li YES 3306to turn on user and group disk quotas on system startup via the 3307.Xr quotaon 8 3308command for all file systems marked as having quotas enabled in 3309.Pa /etc/fstab . 3310The kernel must be built with 3311.Cd "options QUOTA" 3312for disk quotas to function. 3313.It Va check_quotas 3314.Pq Vt bool 3315Set to 3316.Dq Li YES 3317to enable user and group disk quota checking via the 3318.Xr quotacheck 8 3319command. 3320.It Va quotacheck_flags 3321.Pq Vt str 3322If 3323.Va quota_enable 3324is set to 3325.Dq Li YES , 3326and 3327.Va check_quotas 3328is set to 3329.Dq Li YES , 3330these are the flags to pass to the 3331.Xr quotacheck 8 3332utility. 3333The default is 3334.Dq Li "-a" , 3335which checks quotas for all file systems with quotas enabled in 3336.Pa /etc/fstab . 3337.It Va quotaon_flags 3338.Pq Vt str 3339If 3340.Va quota_enable 3341is set to 3342.Dq Li YES , 3343these are the flags to pass to the 3344.Xr quotaon 8 3345utility. 3346The default is 3347.Dq Li "-a" , 3348which enables quotas for all file systems with quotas enabled in 3349.Pa /etc/fstab . 3350.It Va quotaoff_flags 3351.Pq Vt str 3352If 3353.Va quota_enable 3354is set to 3355.Dq Li YES , 3356these are the flags to pass to the 3357.Xr quotaoff 8 3358utility when shutting down the quota system. 3359The default is 3360.Dq Li "-a" , 3361which disables quotas for all file systems with quotas enabled in 3362.Pa /etc/fstab . 3363.It Va accounting_enable 3364.Pq Vt bool 3365Set to 3366.Dq Li YES 3367to enable system accounting through the 3368.Xr accton 8 3369facility. 3370.It Va ibcs2_enable 3371.Pq Vt bool 3372Set to 3373.Dq Li YES 3374to enable iBCS2 (SCO) binary emulation at system initial boot 3375time. 3376.It Va ibcs2_loaders 3377.Pq Vt str 3378If not set to 3379.Dq Li NO 3380and if 3381.Va ibcs2_enable 3382is set to 3383.Dq Li YES , 3384this specifies a list of additional iBCS2 loaders to enable. 3385.It Va linux_enable 3386.Pq Vt bool 3387Set to 3388.Dq Li YES 3389to enable Linux/ELF binary emulation at system initial 3390boot time. 3391.It Va svr4_enable 3392.Pq Vt bool 3393If set to 3394.Dq Li YES , 3395enable SysVR4 emulation at boot time. 3396.It Va sysvipc_enable 3397.Pq Vt bool 3398If set to 3399.Dq Li YES , 3400load System V IPC primitives at boot time. 3401.It Va clear_tmp_enable 3402.Pq Vt bool 3403Set to 3404.Dq Li YES 3405to have 3406.Pa /tmp 3407cleaned at startup. 3408.It Va clear_tmp_X 3409.Pq Vt bool 3410Set to 3411.Dq Li NO 3412to disable removing of X11 lock files, 3413and the removal and (secure) recreation 3414of the various socket directories for X11 3415related programs. 3416.It Va ldconfig_paths 3417.Pq Vt str 3418Set to the list of shared library paths to use with 3419.Xr ldconfig 8 . 3420NOTE: 3421.Pa /usr/lib 3422will always be added first, so it need not appear in this list. 3423.It Va ldconfig32_paths 3424.Pq Vt str 3425Set to the list of 32-bit compatibility shared library paths to 3426use with 3427.Xr ldconfig 8 . 3428.It Va ldconfig_paths_aout 3429.Pq Vt str 3430Set to the list of shared library paths to use with 3431.Xr ldconfig 8 3432legacy 3433.Xr a.out 5 3434support. 3435.It Va ldconfig_insecure 3436.Pq Vt bool 3437The 3438.Xr ldconfig 8 3439utility normally refuses to use directories 3440which are writable by anyone except root. 3441Set this variable to 3442.Dq Li YES 3443to disable that security check during system startup. 3444.It Va ldconfig_local_dirs 3445.Pq Vt str 3446Set to the list of local 3447.Xr ldconfig 8 3448directories. 3449The names of all files in the directories listed will be 3450passed as arguments to 3451.Xr ldconfig 8 . 3452.It Va ldconfig_local32_dirs 3453.Pq Vt str 3454Set to the list of local 32-bit compatibility 3455.Xr ldconfig 8 3456directories. 3457The names of all files in the directories listed will be 3458passed as arguments to 3459.Dq Nm ldconfig Fl 32 . 3460.It Va kern_securelevel_enable 3461.Pq Vt bool 3462Set to 3463.Dq Li YES 3464to set the kernel security level at system startup. 3465.It Va kern_securelevel 3466.Pq Vt int 3467The kernel security level to set at startup. 3468The allowed range of 3469.Ar value 3470ranges from \-1 (the compile time default) to 3 (the 3471most secure). 3472See 3473.Xr security 7 3474for the list of possible security levels and their effect 3475on system operation. 3476.It Va sshd_program 3477.Pq Vt str 3478Path to the SSH server program 3479.Pa ( /usr/sbin/sshd 3480is the default). 3481.It Va sshd_enable 3482.Pq Vt bool 3483Set to 3484.Dq Li YES 3485to start 3486.Xr sshd 8 3487at system boot time. 3488.It Va sshd_flags 3489.Pq Vt str 3490If 3491.Va sshd_enable 3492is set to 3493.Dq Li YES , 3494these are the flags to pass to the 3495.Xr sshd 8 3496daemon. 3497.It Va ftpd_program 3498.Pq Vt str 3499Path to the FTP server program 3500.Pa ( /usr/libexec/ftpd 3501is the default). 3502.It Va ftpd_enable 3503.Pq Vt bool 3504Set to 3505.Dq Li YES 3506to start 3507.Xr ftpd 8 3508as a stand-alone daemon at system boot time. 3509.It Va ftpd_flags 3510.Pq Vt str 3511If 3512.Va ftpd_enable 3513is set to 3514.Dq Li YES , 3515these are the additional flags to pass to the 3516.Xr ftpd 8 3517daemon. 3518.It Va watchdogd_enable 3519.Pq Vt bool 3520If set to 3521.Dq Li YES , 3522start the 3523.Xr watchdogd 8 3524daemon at boot time. 3525This requires that the kernel have been compiled with a 3526.Xr watchdog 4 3527compatible device. 3528.It Va watchdogd_flags 3529.Pq Vt str 3530If 3531.Va watchdogd_enable 3532is set to 3533.Dq Li YES , 3534these are the flags passed to the 3535.Xr watchdogd 8 3536daemon. 3537.It Va performance_cx_lowest 3538.Pq Vt str 3539CPU idle state to use while on AC power. 3540The string 3541.Dq Li LOW 3542indicates that 3543.Xr acpi 4 3544should use the lowest power state available while 3545.Dq Li HIGH 3546indicates that the lowest latency state (less power savings) should be used. 3547.It Va performance_cpu_freq 3548.Pq Vt str 3549CPU clock frequency to use while on AC power. 3550The string 3551.Dq Li LOW 3552indicates that 3553.Xr cpufreq 4 3554should use the lowest frequency available while 3555.Dq Li HIGH 3556indicates that the highest frequency (less power savings) should be used. 3557.It Va economy_cx_lowest 3558.Pq Vt str 3559CPU idle state to use when off AC power. 3560The string 3561.Dq Li LOW 3562indicates that 3563.Xr acpi 4 3564should use the lowest power state available while 3565.Dq Li HIGH 3566indicates that the lowest latency state (less power savings) should be used. 3567.It Va economy_cpu_freq 3568.Pq Vt str 3569CPU clock frequency to use when off AC power. 3570The string 3571.Dq Li LOW 3572indicates that 3573.Xr cpufreq 4 3574should use the lowest frequency available while 3575.Dq Li HIGH 3576indicates that the highest frequency (less power savings) should be used. 3577.It Va jail_enable 3578.Pq Vt bool 3579If set to 3580.Dq Li NO , 3581any configured jails will not be started. 3582.It jail_parallel_start 3583.Pq Vt bool 3584If set to 3585.Dq Li YES 3586all configured jails will be started in the background (= in parallel). 3587.It Va jail_list 3588.Pq Vt str 3589A space separated list of names for jails. 3590This is purely a configuration aid to help identify and 3591configure multiple jails. 3592The names specified in this list will be used to 3593identify settings common to an instance of a jail, 3594and should contain alphanumeric characters only. 3595Assuming that the jail in question was named 3596.Li vjail , 3597you would have the following dependent variables: 3598.Bd -literal 3599jail_vjail_hostname="jail.example.com" 3600jail_vjail_ip="192.0.2.100" 3601jail_vjail_rootdir="/var/jails/vjail/root" 3602.Ed 3603.Pp 3604.It Va jail_flags 3605.Pq Vt str 3606Unset by default. 3607When set, use as default value for 3608.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3609for every jail in 3610.Va jail_list . 3611.It Va jail_interface 3612.Pq Vt str 3613Unset by default. 3614When set, use as default value for 3615.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3616for every jail in 3617.Va jail_list . 3618.It Va jail_fstab 3619.Pq Vt str 3620Unset by default. 3621When set, use as default value for 3622.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3623for every jail in 3624.Va jail_list . 3625.It Va jail_mount_enable 3626.Pq Vt bool 3627Set to 3628.Dq Li NO 3629by default. 3630When set to 3631.Dq Li YES , 3632sets 3633.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3634to 3635.Dq Li YES 3636by default for every jail in 3637.Va jail_list . 3638.It Va jail_devfs_ruleset 3639.Pq Vt str 3640Unset by default. 3641When set, sets 3642.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3643to given value for every jail in 3644.Va jail_list . 3645.It Va jail_devfs_enable 3646.Pq Vt bool 3647Set to 3648.Dq Li NO 3649by default. 3650When set to 3651.Dq Li YES , 3652sets 3653.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3654to 3655.Dq Li YES 3656by default for every jail in 3657.Va jail_list . 3658.It Va jail_fdescfs_enable 3659.Pq Vt bool 3660Set to 3661.Dq Li NO 3662by default. 3663When set to 3664.Dq Li YES , 3665sets 3666.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3667to 3668.Dq Li YES 3669by default for every jail in 3670.Va jail_list . 3671.It Va jail_procfs_enable 3672.Pq Vt bool 3673Set to 3674.Dq Li NO 3675by default. 3676When set to 3677.Dq Li YES , 3678sets 3679.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3680to 3681.Dq Li YES 3682by default for every jail in 3683.Va jail_list . 3684.It Va jail_exec_prestart Ns Aq Ar N 3685.Pq Vt str 3686Unset by default. 3687When set, use as default value for 3688.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestart Ns Aq Ar N 3689for every jail in 3690.Va jail_list . 3691.It Va jail_exec_start 3692.Pq Vt str 3693Unset by default. 3694When set, use as default value for 3695.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3696for every jail in 3697.Va jail_list . 3698.It Va jail_exec_afterstart Ns Aq Ar N 3699.Pq Vt str 3700Unset by default. 3701When set, use as default value for 3702.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3703for every jail in 3704.Va jail_list . 3705.It Va jail_exec_poststart Ns Aq Ar N 3706.Pq Vt str 3707Unset by default. 3708When set, use as default value for 3709.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststart Ns Aq Ar N 3710for every jail in 3711.Va jail_list . 3712.It Va jail_exec_prestop Ns Aq Ar N 3713.Pq Vt str 3714Unset by default. 3715When set, use as default value for 3716.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestop Ns Aq Ar N 3717for every jail in 3718.Va jail_list . 3719.It Va jail_exec_stop 3720Unset by default. 3721When set, use as default value for 3722.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3723for every jail in 3724.Va jail_list . 3725.It Va jail_exec_poststop Ns Aq Ar N 3726.Pq Vt str 3727Unset by default. 3728When set, use as default value for 3729.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststop Ns Aq Ar N 3730for every jail in 3731.Va jail_list . 3732.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 3733.Pq Vt str 3734Unset by default. 3735Set to the root directory used by jail 3736.Va jname . 3737.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 3738.Pq Vt str 3739Unset by default. 3740Set to the fully qualified domain name (FQDN) assigned to jail 3741.Va jname . 3742.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 3743.Pq Vt str 3744Unset by default. 3745Set to the (primary) IPv4 and/or IPv6 address(es) assigned to the jail. 3746The argument can be a sole address or a comma separated list of addresses. 3747Additionally each address can be prefixed by the name of an interface 3748followed by a pipe to overwrite 3749.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3750or 3751.Va jail_interface 3752and/or suffixed by a netmask, prefixlen or prefix. 3753In case no netmask, prefixlen or prefix is given, 3754.Sq /32 3755will be used for IPv4 and 3756.Sq /128 3757will be used for an IPv6 address. 3758If no address is given for the jail then the jail will be started with 3759no networking support. 3760.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip_multi Ns Aq Ar n 3761.Pq Vt str 3762Unset by default. 3763Set additional IPv4 and/or IPv6 address(es) assigned to the jail. 3764The sequence starts with 3765.Dq Li _multi0 3766and the numbers have to be strictly ascending. 3767These entries follow the same syntax as their primary 3768.Va jail_ Ns Ao Ar jname Ac Ns Va _ip 3769entry. 3770The order of the entries can be important as the first address for 3771each address family found will be the primary address of the jail. 3772See 3773.Va ip-addresses 3774option in 3775.Xr jail 8 3776for more details. 3777.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3778.Pq Vt str 3779Set to 3780.Dq Li -l -U root 3781by default. 3782These are flags to pass to 3783.Xr jail 8 . 3784.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3785.Pq Vt str 3786Unset by default. 3787When set, sets the interface to use when setting IP address alias. 3788Note that the alias is created at jail startup and removed at jail shutdown. 3789.It Va jail_ Ns Ao Ar jname Ac Ns Va _fib 3790.Pq Vt str 3791Unset by default. 3792When set, the jail is started with the specified forwarding table (sometimes 3793referred to as a routing table) via 3794.Xr setfib 1 . 3795.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3796.Pq Vt str 3797Set to 3798.Pa /etc/fstab. Ns Aq Ar jname 3799by default. 3800This is the file system information file to use for jail 3801.Va jname . 3802.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3803.Pq Vt bool 3804Set to 3805.Dq Li NO 3806by default. 3807When set to 3808.Dq Li YES , 3809mount all file systems from 3810.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3811at jail startup. 3812.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3813.Pq Vt str 3814Unset by default. 3815When set, defines the device file system ruleset file to use for jail 3816.Va jname . 3817.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3818.Pq Vt bool 3819Set to 3820.Dq Li NO 3821by default. 3822When set to 3823.Dq Li YES , 3824mount the device file system inside jail 3825.Ar jname 3826at jail startup. 3827.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3828.Pq Vt bool 3829Set to 3830.Dq Li NO 3831by default. 3832When set to 3833.Dq Li YES , 3834mount the file-descriptor file system inside jail 3835.Ar jname 3836at jail startup. 3837.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 3838.Pq Vt bool 3839Set to 3840.Dq Li NO 3841by default. 3842When set to 3843.Dq Li YES , 3844mount the process file system inside jail 3845.Ar jname 3846at jail startup. 3847.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestart Ns Aq Ar N 3848.Pq Vt str 3849Unset by default. 3850This is the command run as 3851.Ar N Ns 3852th command 3853before jail startup, where 3854.Ar N 3855is 0, 1, and so on. 3856It is run outside the jail. 3857.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3858.Pq Vt str 3859Set to 3860.Dq Li /bin/sh /etc/rc 3861by default. 3862This is the command executed in a jail at jail startup. 3863.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3864.Pq Vt str 3865Unset by default. 3866This is the command run as 3867.Ar N Ns 3868th command 3869in a jail 3870after jail startup, where 3871.Ar N 3872is 1, 2, and so on. 3873.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststart Ns Aq Ar N 3874.Pq Vt str 3875Unset by default. 3876This is the command run as 3877.Ar N Ns 3878th command 3879after jail startup, where 3880.Ar N 3881is 0, 1, and so on. 3882It is run outside the jail. 3883.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestop Ns Aq Ar N 3884.Pq Vt str 3885Unset by default. 3886This is the command run as 3887.Ar N Ns 3888th command 3889before jail shutdown, where 3890.Ar N 3891is 0, 1, and so on. 3892It is run outside the jail. 3893.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3894.Pq Vt str 3895Set to 3896.Dq Li /bin/sh /etc/rc.shutdown 3897by default. 3898This is the command executed in a jail at jail shutdown. 3899.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststop Ns Aq Ar N 3900.Pq Vt str 3901Unset by default. 3902This is the command run as 3903.Ar N Ns 3904th command 3905after jail shutdown, where 3906.Ar N 3907is 0, 1, and so on. 3908It is run outside the jail. 3909.It Va jail_set_hostname_allow 3910.Pq Vt bool 3911If set to 3912.Dq Li NO , 3913do not allow the root user in a jail to set its hostname. 3914.It Va jail_socket_unixiproute_only 3915.Pq Vt bool 3916If set to 3917.Dq Li YES , 3918do not allow any sockets, 3919besides UNIX/IP/route sockets, 3920to be used within a jail. 3921.It Va jail_sysvipc_allow 3922.Pq Vt bool 3923If set to 3924.Dq Li YES , 3925allow applications within a jail to use System V IPC. 3926.\" ----------------------------------------------------- 3927.It Va harvest_interrupt 3928.Pq Vt bool 3929Set to 3930.Dq Li YES 3931to use hardware interrupts as an entropy source. 3932Refer to 3933.Xr random 4 3934for more information. 3935.It Va harvest_ethernet 3936.Pq Vt bool 3937Set to 3938.Dq Li YES 3939to use LAN traffic as an entropy source. 3940Refer to 3941.Xr random 4 3942for more information. 3943.It Va harvest_p_to_p 3944.Pq Vt bool 3945Set to 3946.Dq Li YES 3947to use serial line traffic as an entropy source. 3948Refer to 3949.Xr random 4 3950for more information. 3951.It Va entropy_dir 3952.Pq Vt str 3953Set to 3954.Dq Li NO 3955to disable caching entropy via 3956.Xr cron 8 . 3957Otherwise set to the directory used to store entropy files in. 3958.It Va entropy_file 3959.Pq Vt str 3960Set to 3961.Dq Li NO 3962to disable caching entropy through reboots. 3963Otherwise set to the filename used to store cached entropy through 3964reboots. 3965This file should be located on the root file system to seed the 3966.Xr random 4 3967device as early as possible in the boot process. 3968.It Va entropy_save_sz 3969.Pq Vt int 3970Size of the entropy cache files saved by 3971.Nm save-entropy 3972periodically. 3973.It Va entropy_save_num 3974.Pq Vt int 3975Number of entropy cache files to save by 3976.Nm save-entropy 3977periodically. 3978.It Va ipsec_enable 3979.Pq Vt bool 3980Set to 3981.Dq Li YES 3982to run 3983.Xr setkey 8 3984on 3985.Va ipsec_file 3986at boot time. 3987.It Va ipsec_file 3988.Pq Vt str 3989Configuration file for 3990.Xr setkey 8 . 3991.It Va dmesg_enable 3992.Pq Vt bool 3993Set to 3994.Dq Li YES 3995to save 3996.Xr dmesg 8 3997to 3998.Pa /var/run/dmesg.boot 3999on boot. 4000.It Va rcshutdown_timeout 4001.Pq Vt int 4002If set, start a watchdog timer in the background which will terminate 4003.Pa rc.shutdown 4004if 4005.Xr shutdown 8 4006has not completed within the specified time (in seconds). 4007Notice that in addition to this soft timeout, 4008.Xr init 8 4009also applies a hard timeout for the execution of 4010.Pa rc.shutdown . 4011This is configured via 4012.Xr sysctl 8 4013variable 4014.Va kern.init_shutdown_timeout 4015and defaults to 120 seconds. 4016Setting the value of 4017.Va rcshutdown_timeout 4018to more than 120 seconds will have no effect until the 4019.Xr sysctl 8 4020variable 4021.Va kern.init_shutdown_timeout 4022is also increased. 4023.It Va virecover_enable 4024.Pq Vt bool 4025Set to 4026.Dq Li NO 4027to prevent the system from trying to 4028recover pre-maturely terminated 4029.Xr vi 1 4030sessions. 4031.It Va ugidfw_enable 4032.Pq Vt bool 4033Set to 4034.Dq Li YES 4035to load the 4036.Xr mac_bsdextended 4 4037module upon system initialization and load a default 4038ruleset file. 4039.It Va bsdextended_script 4040.Pq Vt str 4041The default 4042.Xr mac_bsdextended 4 4043ruleset file to load. 4044The default value of this variable is 4045.Pa /etc/rc.bsdextended . 4046.It Va newsyslog_enable 4047.Pq Vt bool 4048If set to 4049.Dq Li YES , 4050run 4051.Xr newsyslog 8 4052command at startup. 4053.It Va newsyslog_flags 4054.Pq Vt str 4055If 4056.Va newsyslog_enable 4057is set to 4058.Dq Li YES , 4059these are the flags to pass to the 4060.Xr newsyslog 8 4061program. 4062The default is 4063.Dq Li -CN , 4064which causes log files flagged with a 4065.Cm C 4066to be created. 4067.It Va mdconfig_md Ns Aq Ar X 4068.Pq Vt str 4069Arguments to 4070.Xr mdconfig 8 4071for 4072.Xr md 4 4073device 4074.Ar X . 4075At minimum a 4076.Fl t Ar type 4077must be specified and either a 4078.Fl s Ar size 4079for malloc or swap backed 4080.Xr md 4 4081devices or a 4082.Fl f Ar file 4083for vnode backed 4084.Xr md 4 4085devices. 4086Note that 4087.Va mdconfig_md Ns Aq Ar X 4088variables are evaluated until one variable is unset or null. 4089.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _newfs 4090.Pq Vt str 4091Optional arguments passed to 4092.Xr newfs 8 4093to initialize 4094.Xr md 4 4095device 4096.Ar X . 4097.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _owner 4098.Pq Vt str 4099An ownership specification passed to 4100.Xr chown 8 4101after the specified 4102.Xr md 4 4103device 4104.Ar X 4105has been mounted. 4106Both the 4107.Xr md 4 4108device and the mount point will be changed. 4109.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _perms 4110.Pq Vt str 4111A mode string passed to 4112.Xr chmod 1 4113after the specified 4114.Xr md 4 4115device 4116.Ar X 4117has been mounted. 4118Both the 4119.Xr md 4 4120device and the mount point will be changed. 4121.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _files 4122.Pq Vt str 4123Files to be copied to the mount point of the 4124.Xr md 4 4125device 4126.Ar X 4127after it has been mounted. 4128.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _cmd 4129.Pq Vt str 4130Command to execute after the specified 4131.Xr md 4 4132device 4133.Ar X 4134has been mounted. 4135Note that the command is passed to 4136.Ic eval 4137and that both 4138.Va _dev 4139and 4140.Va _mp 4141variables can be used to reference respectively the 4142.Xr md 4 4143device and the mount point. 4144Assuming that the 4145.Xr md 4 4146device is 4147.Li md0 , 4148one could set the following: 4149.Bd -literal 4150mdconfig_md0_cmd="tar xfzC /var/file.tgz \e${_mp}" 4151.Ed 4152.It Va autobridge_interfaces 4153.Pq Vt str 4154Set to the list of bridge interfaces that will have newly arriving interfaces 4155checked against to be automatically added. 4156If not set to 4157.Dq Li NO 4158then for each whitespace separated 4159.Ar element 4160in the value, a 4161.Va autobridge_ Ns Aq Ar element 4162variable is assumed to exist which has a whitespace separated list of interface 4163names to match, these names can use wildcards. 4164For example: 4165.Bd -literal 4166autobridge_interfaces="bridge0" 4167autobridge_bridge0="tap* dc0 vlan[345]" 4168.Ed 4169.It Va mixer_enable 4170.Pq Vt bool 4171If set to 4172.Dq Li YES , 4173enable support for sound mixer. 4174.It Va hcsecd_enable 4175.Pq Vt bool 4176If set to 4177.Dq Li YES , 4178enable Bluetooth security daemon. 4179.It Va hcsecd_config 4180.Pq Vt str 4181Configuration file for 4182.Xr hcsecd 8 . 4183Default 4184.Pa /etc/bluetooth/hcsecd.conf . 4185.It Va sdpd_enable 4186.Pq Vt bool 4187If set to 4188.Dq Li YES , 4189enable Bluetooth Service Discovery Protocol daemon. 4190.It Va sdpd_control 4191.Pq Vt str 4192Path to 4193.Xr sdpd 8 4194control socket. 4195Default 4196.Pa /var/run/sdp . 4197.It Va sdpd_groupname 4198.Pq Vt str 4199Sets 4200.Xr sdpd 8 4201group to run as after it initializes. 4202Default 4203.Dq Li nobody . 4204.It Va sdpd_username 4205.Pq Vt str 4206Sets 4207.Xr sdpd 8 4208user to run as after it initializes. 4209Default 4210.Dq Li nobody . 4211.It Va bthidd_enable 4212.Pq Vt bool 4213If set to 4214.Dq Li YES , 4215enable Bluetooth Human Interface Device daemon. 4216.It Va bthidd_config 4217.Pq Vt str 4218Configuration file for 4219.Xr bthidd 8 . 4220Default 4221.Pa /etc/bluetooth/bthidd.conf . 4222.It Va bthidd_hids 4223.Pq Vt str 4224Path to a file, where 4225.Xr bthidd 8 4226will store information about known HID devices. 4227Default 4228.Pa /var/db/bthidd.hids . 4229.It Va rfcomm_pppd_server_enable 4230.Pq Vt bool 4231If set to 4232.Dq Li YES , 4233enable Bluetooth RFCOMM PPP wrapper daemon. 4234.It Va rfcomm_pppd_server_profile 4235.Pq Vt str 4236The name of the profile to use from 4237.Pa /etc/ppp/ppp.conf . 4238Multiple profiles can be specified here. 4239Also used to specify per-profile overrides. 4240When the profile name contains any of the characters 4241.Dq Li .-/+ 4242they are translated to 4243.Dq Li _ 4244for the proposes of the override variable names. 4245.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _bdaddr 4246.Pq Vt str 4247Overrides local address to listen on. 4248By default 4249.Xr rfcomm_pppd 8 4250will listen on 4251.Dq Li ANY 4252address. 4253The address can be specified as BD_ADDR or name. 4254.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _channel 4255.Pq Vt str 4256Overrides local RFCOMM channel to listen on. 4257By default 4258.Xr rfcomm_pppd 8 4259will listen on RFCOMM channel 1. 4260Must set properly if multiple profiles used in the same time. 4261.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _register_sp 4262.Pq Vt bool 4263Tells 4264.Xr rfcomm_pppd 8 4265if it should register Serial Port service on the specified RFCOMM channel. 4266Default 4267.Dq Li NO . 4268.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _register_dun 4269.Pq Vt bool 4270Tells 4271.Xr rfcomm_pppd 8 4272if it should register Dial-Up Networking service on the specified 4273RFCOMM channel. 4274Default 4275.Dq Li NO . 4276.It Va ubthidhci_enable 4277.Pq Vt bool 4278If set to 4279.Dq Li YES , 4280change the USB Bluetooth controller from HID mode to HCI mode. 4281You also need to specify the location of USB Bluetooth controller with the 4282.Va ubthidhci_busnum 4283and 4284.Va ubthidhci_addr 4285variables. 4286.It Va ubthidhci_busnum 4287Bus number where the USB Bluetooth controller is located. 4288Check the output of 4289.Xr usbconfig 8 4290on your system to find this information. 4291.It Va ubthidhci_addr 4292Bus address of the USB Bluetooth controller. 4293Check the output of 4294.Xr usbconfig 8 4295on your system to find this information. 4296.It Va netwait_enable 4297.Pq Vt bool 4298If set to 4299.Dq Li YES , 4300delays the start of network-reliant services until 4301.Va netwait_if 4302is up and ICMP packets to a destination defined in 4303.Va netwait_ip 4304are flowing. 4305Link state is examined first, followed by 4306.Dq Li pinging 4307an IP address to verify network usability. 4308If no destination can be reached or timeouts are exceeded, 4309network services are started anyway with no guarantee that 4310the network is usable. 4311Use of this variable requires both 4312.Va netwait_ip 4313and 4314.Va netwait_if 4315to be set. 4316.It Va netwait_ip 4317.Pq Vt str 4318Empty by default. 4319This variable contains a space-delimited list of IP addresses to 4320.Xr ping 8 . 4321DNS hostnames should not be used as resolution is not guaranteed 4322to be functional at this point. 4323If multiple IP addresses are specified, 4324each will be tried until one is successful or the list is exhausted. 4325.It Va netwait_timeout 4326.Pq Vt int 4327Indicates the total number of seconds to perform a 4328.Dq Li ping 4329against each IP address in 4330.Va netwait_ip , 4331at a rate of one ping per second. 4332If any of the pings are successful, 4333full network connectivity is considered reliable. 4334The default is 60. 4335.It Va netwait_if 4336.Pq Vt str 4337Empty by default. 4338Defines the name of the network interface on which watch for link. 4339.Xr ifconfig 8 4340is used to monitor the interface, looking for 4341.Dq Li status: no carrier . 4342Once gone, the link is considered up. 4343This can be a 4344.Xr vlan 4 4345interface if desired. 4346.It Va netwait_if_timeout 4347.Pq Vt int 4348Defines the total number of seconds to wait for link to become usable, 4349polled at a 1-second interval. 4350The default is 30. 4351.El 4352.Sh FILES 4353.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 4354.It Pa /etc/defaults/rc.conf 4355.It Pa /etc/rc.conf 4356.It Pa /etc/rc.conf.local 4357.El 4358.Sh SEE ALSO 4359.Xr catman 1 , 4360.Xr chmod 1 , 4361.Xr gdb 1 , 4362.Xr info 1 , 4363.Xr kbdcontrol 1 , 4364.Xr makewhatis 1 , 4365.Xr sh 1 , 4366.Xr vi 1 , 4367.Xr vidcontrol 1 , 4368.Xr bridge 4 , 4369.Xr dummynet 4 , 4370.Xr ip 4 , 4371.Xr ipf 4 , 4372.Xr ipfw 4 , 4373.Xr ipnat 4 , 4374.Xr kld 4 , 4375.Xr pf 4 , 4376.Xr pflog 4 , 4377.Xr pfsync 4 , 4378.Xr tcp 4 , 4379.Xr udp 4 , 4380.Xr exports 5 , 4381.Xr fstab 5 , 4382.Xr ipf 5 , 4383.Xr ipnat 5 , 4384.Xr motd 5 , 4385.Xr newsyslog.conf 5 , 4386.Xr pf.conf 5 , 4387.Xr security 7 , 4388.Xr accton 8 , 4389.Xr amd 8 , 4390.Xr apm 8 , 4391.Xr atm 8 , 4392.Xr bthidd 8 , 4393.Xr chkprintcap 8 , 4394.Xr chown 8 , 4395.Xr cron 8 , 4396.Xr dhclient 8 , 4397.Xr ftpd 8 , 4398.Xr geli 8 , 4399.Xr hcsecd 8 , 4400.Xr ifconfig 8 , 4401.Xr inetd 8 , 4402.Xr ipf 8 , 4403.Xr ipfw 8 , 4404.Xr ipnat 8 , 4405.Xr jail 8 , 4406.Xr kldxref 8 , 4407.Xr lpd 8 , 4408.Xr mdconfig 8 , 4409.Xr mdmfs 8 , 4410.Xr mixer 8 , 4411.Xr mountd 8 , 4412.Xr moused 8 , 4413.Xr mrouted 8 , 4414.Xr named 8 , 4415.Xr newfs 8 , 4416.Xr newsyslog 8 , 4417.Xr nfsd 8 , 4418.Xr ntpd 8 , 4419.Xr ntpdate 8 , 4420.Xr pfctl 8 , 4421.Xr pflogd 8 , 4422.Xr ping 8 , 4423.Xr powerd 8 , 4424.Xr quotacheck 8 , 4425.Xr quotaon 8 , 4426.Xr rc 8 , 4427.Xr rc.sendmail 8 , 4428.Xr rfcomm_pppd 8 , 4429.Xr route 8 , 4430.Xr routed 8 , 4431.Xr rpcbind 8 , 4432.Xr rpc.lockd 8 , 4433.Xr rpc.statd 8 , 4434.Xr rwhod 8 , 4435.Xr savecore 8 , 4436.Xr sdpd 8 , 4437.Xr sshd 8 , 4438.Xr swapon 8 , 4439.Xr sysctl 8 , 4440.Xr syslogd 8 , 4441.Xr timed 8 , 4442.Xr usbconfig 8 , 4443.Xr wlandebug 8 , 4444.Xr yp 8 , 4445.Xr ypbind 8 , 4446.Xr ypserv 8 , 4447.Xr ypset 8 4448.Sh HISTORY 4449The 4450.Nm 4451file appeared in 4452.Fx 2.2.2 . 4453.Sh AUTHORS 4454.An Jordan K. Hubbard . 4455