1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd September 13, 2010 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67See the 68.Va rc_conf_files 69variable below. 70.Pp 71Options are set with 72.Dq Ar name Ns Li = Ns Ar value 73assignments that use 74.Xr sh 1 75syntax. 76The following list provides a name and short description for each 77variable that can be set in the 78.Nm 79file: 80.Bl -tag -width indent-two 81.It Va rc_debug 82.Pq Vt bool 83If set to 84.Dq Li YES , 85enable output of debug messages from rc scripts. 86This variable can be helpful in diagnosing mistakes when 87editing or integrating new scripts. 88Beware that this produces copious output to the terminal and 89.Xr syslog 3 . 90.It Va rc_info 91.Pq Vt bool 92If set to 93.Dq Li NO , 94disable informational messages from the rc scripts. 95Informational messages are displayed when 96a condition that is not serious enough to warrant a warning or 97an error occurs. 98.It Va rc_startmsgs 99.Pq Vt bool 100If set to 101.Dq Li YES , 102show 103.Dq Starting foo: 104when faststart is used (e.g., at boot time). 105.It Va early_late_divider 106.Pq Vt str 107The name of the script that should be used as the 108delimiter between the 109.Dq early 110and 111.Dq late 112stages of the boot process. 113The early stage should contain all the services needed to 114get the disks (local or remote) mounted so that the late 115stage can include scripts contained in the directories 116listed in the 117.Va local_startup 118variable (see below). 119Thus, the two likely candidates for this value are 120.Pa mountcritlocal 121for the typical system, and 122.Pa mountcritremote 123if the system needs remote file 124systems mounted to get access to the 125.Va local_startup 126directories; for example when 127.Pa /usr/local 128is NFS mounted. 129For 130.Pa rc.conf 131within a 132.Xr jail 8 133.Pa NETWORKING 134is likely to be an appropriate value. 135Extreme care should be taken when changing this value, 136and before changing it one should ensure that there are 137adequate provisions to recover from a failed boot 138(such as physical contact with the machine, 139or reliable remote console access). 140.It Va swapfile 141.Pq Vt str 142If set to 143.Dq Li NO , 144no swapfile is installed, otherwise the value is used as the full 145pathname to a file to use for additional swap space. 146.It Va apm_enable 147.Pq Vt bool 148If set to 149.Dq Li YES , 150enable support for Automatic Power Management with 151the 152.Xr apm 8 153command. 154.It Va apmd_enable 155.Pq Vt bool 156Run 157.Xr apmd 8 158to handle APM event from userland. 159This also enables support for APM. 160.It Va apmd_flags 161.Pq Vt str 162If 163.Va apmd_enable 164is set to 165.Dq Li YES , 166these are the flags to pass to the 167.Xr apmd 8 168daemon. 169.It Va devd_enable 170.Pq Vt bool 171Run 172.Xr devd 8 173to handle device added, removed or unknown events from the kernel. 174.It Va ddb_enable 175.Pq Vt bool 176Run 177.Xr ddb 8 178to install 179.Xr ddb 4 180scripts at boot time. 181.It Va ddb_config 182.Pq Vt str 183Configuration file for 184.Xr ddb 8 . 185Default 186.Pa /etc/ddb.conf . 187.It Va kldxref_enable 188.Pq Vt bool 189Set to 190.Dq Li NO 191by default. 192Set to 193.Dq Li YES 194to automatically rebuild 195.Pa linker.hints 196files with 197.Xr kldxref 8 198at boot time. 199.It Va kldxref_clobber 200.Pq Vt bool 201Set to 202.Dq Li NO 203by default. 204If 205.Va kldxref_enable 206is true, 207setting to 208.Dq Li YES 209will overwrite existing 210.Pa linker.hints 211files at boot time. 212Otherwise, 213only missing 214.Pa linker.hints 215files are generated. 216.It Va kldxref_module_path 217.Pq Vt str 218Empty by default. 219A semi-colon 220.Pq Ql \&; 221delimited list of paths containing 222.Xr kld 4 223modules. 224If empty, 225the contents of the 226.Va kern.module_path 227.Xr sysctl 8 228are used. 229.It Va powerd_enable 230.Pq Vt bool 231If set to 232.Dq Li YES , 233enable the system power control facility with the 234.Xr powerd 8 235daemon. 236.It Va powerd_flags 237.Pq Vt str 238If 239.Va powerd_enable 240is set to 241.Dq Li YES , 242these are the flags to pass to the 243.Xr powerd 8 244daemon. 245.It Va tmpmfs 246Controls the creation of a 247.Pa /tmp 248memory file system. 249Always happens if set to 250.Dq Li YES 251and never happens if set to 252.Dq Li NO . 253If set to anything else, a memory file system is created if 254.Pa /tmp 255is not writable. 256.It Va tmpsize 257Controls the size of a created 258.Pa /tmp 259memory file system. 260.It Va tmpmfs_flags 261Extra options passed to the 262.Xr mdmfs 8 263utility when the memory file system for 264.Pa /tmp 265is created. 266The default is 267.Dq Li "-S" , 268which inhibits the use of softupdates on 269.Pa /tmp 270so that file system space is freed without delay 271after file truncation or deletion. 272See 273.Xr mdmfs 8 274for other options you can use in 275.Va tmpmfs_flags . 276.It Va varmfs 277Controls the creation of a 278.Pa /var 279memory file system. 280Always happens if set to 281.Dq Li YES 282and never happens if set to 283.Dq Li NO . 284If set to anything else, a memory file system is created if 285.Pa /var 286is not writable. 287.It Va varsize 288Controls the size of a created 289.Pa /var 290memory file system. 291.It Va varmfs_flags 292Extra options passed to the 293.Xr mdmfs 8 294utility when the memory file system for 295.Pa /var 296is created. 297The default is 298.Dq Li "-S" , 299which inhibits the use of softupdates on 300.Pa /var 301so that file system space is freed without delay 302after file truncation or deletion. 303See 304.Xr mdmfs 8 305for other options you can use in 306.Va varmfs_flags . 307.It Va populate_var 308Controls the automatic population of the 309.Pa /var 310file system. 311Always happens if set to 312.Dq Li YES 313and never happens if set to 314.Dq Li NO . 315If set to anything else, a memory file system is created if 316.Pa /var 317is not writable. 318Note that this process requires access to certain commands in 319.Pa /usr 320before 321.Pa /usr 322is mounted on normal systems. 323.It Va cleanvar_enable 324.Pq Vt bool 325Clean the 326.Pa /var 327directory. 328.It Va local_startup 329.Pq Vt str 330List of directories to search for startup script files. 331.It Va script_name_sep 332.Pq Vt str 333The field separator to use for breaking down the list of startup script files 334into individual filenames. 335The default is a space. 336It is not necessary to change this unless there are startup scripts with names 337containing spaces. 338.It Va hostapd_enable 339.Pq Vt bool 340Set to 341.Dq Li YES 342to start 343.Xr hostapd 8 344at system boot time. 345.It Va hostname 346.Pq Vt str 347The fully qualified domain name (FQDN) of this host on the network. 348This should almost certainly be set to something meaningful, even if 349there is no network connection. 350If 351.Xr dhclient 8 352is used to set the hostname via DHCP, 353this variable should be set to an empty string. 354If this value remains unset when the system is done booting 355your console login will display the default hostname of 356.Dq Amnesiac. 357.It Va nisdomainname 358.Pq Vt str 359The NIS domain name of this host, or 360.Dq Li NO 361if NIS is not used. 362.It Va dhclient_program 363.Pq Vt str 364Path to the DHCP client program 365.Pa ( /sbin/dhclient , 366the 367.Ox 368DHCP client, 369is the default). 370.It Va dhclient_flags 371.Pq Vt str 372Additional flags to pass to the DHCP client program. 373For the 374.Ox 375DHCP client, see the 376.Xr dhclient 8 377manpage for a description of the command line options available. 378.It Va dhclient_flags_ Ns Aq Ar iface 379Additional flags to pass to the DHCP client program running on 380.Ar iface 381only. 382When specified, this variable overrides 383.Va dhclient_flags . 384.It Va background_dhclient 385.Pq Vt bool 386Set to 387.Dq Li YES 388to start the DHCP client in background. 389This can cause trouble with applications depending on 390a working network, but it will provide a faster startup 391in many cases. 392.It Va background_dhclient_ Ns Aq Ar iface 393When specified, this variable overrides the 394.Va background_dhclient 395variable for interface 396.Ar iface 397only. 398.It Va synchronous_dhclient 399.Pq Vt bool 400Set to 401.Dq Li YES 402to start 403.Xr dhclient 8 404synchronously at startup. 405This behavior can be overridden on a per-interface basis by replacing 406the 407.Dq Li DHCP 408keyword in the 409.Va ifconfig_ Ns Aq Ar interface 410variable with 411.Dq Li SYNCDHCP 412or 413.Dq Li NOSYNCDHCP . 414.It Va defaultroute_delay 415.Pq Vt int 416When set to a positive value, wait up to this long after configuring 417DHCP interfaces at startup to give the interfaces time to receive a lease. 418.It Va firewall_enable 419.Pq Vt bool 420Set to 421.Dq Li YES 422to load firewall rules at startup. 423If the kernel was not built with 424.Cd "options IPFIREWALL" , 425the 426.Pa ipfw.ko 427kernel module will be loaded. 428See also 429.Va ipfilter_enable . 430.It Va firewall_script 431.Pq Vt str 432This variable specifies the full path to the firewall script to run. 433The default is 434.Pa /etc/rc.firewall . 435.It Va firewall_type 436.Pq Vt str 437Names the firewall type from the selection in 438.Pa /etc/rc.firewall , 439or the file which contains the local firewall ruleset. 440Valid selections from 441.Pa /etc/rc.firewall 442are: 443.Pp 444.Bl -tag -width ".Li simple" -compact 445.It Li open 446unrestricted IP access 447.It Li closed 448all IP services disabled, except via 449.Dq Li lo0 450.It Li client 451basic protection for a workstation 452.It Li simple 453basic protection for a LAN. 454.El 455.Pp 456If a filename is specified, the full path 457must be given. 458.It Va firewall_quiet 459.Pq Vt bool 460Set to 461.Dq Li YES 462to disable the display of firewall rules on the console during boot. 463.It Va firewall_logging 464.Pq Vt bool 465Set to 466.Dq Li YES 467to enable firewall event logging. 468This is equivalent to the 469.Dv IPFIREWALL_VERBOSE 470kernel option. 471.It Va firewall_flags 472.Pq Vt str 473Flags passed to 474.Xr ipfw 8 475if 476.Va firewall_type 477specifies a filename. 478.It Va firewall_coscripts 479.Pq Vt str 480List of executables and/or rc scripts to run after firewall starts/stops. 481Default is empty. 482.\" ----- firewall_nat_enable setting -------------------------------- 483.It Va firewall_nat_enable 484.Pq Vt bool 485The 486.Xr ipfw 8 487equivalent of 488.Va natd_enable . 489Setting this to 490.Dq Li YES 491enables kernel NAT. 492.Va firewall_enable 493must also be set to 494.Dq Li YES . 495.It Va firewall_nat_interface 496.Pq Vt str 497The 498.Xr ipfw 8 499equivalent of 500.Va natd_interface . 501This is the name of the public interface or IP address on which 502kernel NAT should run. 503.It Va firewall_nat_flags 504.Pq Vt str 505Additional configuration parameters for kernel NAT should be placed here. 506.It Va dummynet_enable 507.Pq Vt bool 508Setting this to 509.Dq Li YES 510will automatically load the 511.Xr dummynet 4 512module if 513.Va firewall_enable 514is also set to 515.Dq Li YES . 516.\" ------------------------------------------------------------------- 517.It Va natd_program 518.Pq Vt str 519Path to 520.Xr natd 8 . 521.It Va natd_enable 522.Pq Vt bool 523Set to 524.Dq Li YES 525to enable 526.Xr natd 8 . 527.Va firewall_enable 528must also be set to 529.Dq Li YES , 530and 531.Xr divert 4 532sockets must be enabled in the kernel. 533If the kernel was not built with 534.Cd "options IPDIVERT" , 535the 536.Pa ipdivert.ko 537kernel module will be loaded. 538.It Va natd_interface 539.Pq Vt str 540This is the name of the public interface on which 541.Xr natd 8 542should run. 543The interface may be given as an interface name or as an IP address. 544.It Va natd_flags 545.Pq Vt str 546Additional 547.Xr natd 8 548flags should be placed here. 549The 550.Fl n 551or 552.Fl a 553flag is automatically added with the above 554.Va natd_interface 555as an argument. 556.\" ----- ipfilter_enable setting -------------------------------- 557.It Va ipfilter_enable 558.Pq Vt bool 559Set to 560.Dq Li NO 561by default. 562Setting this to 563.Dq Li YES 564enables 565.Xr ipf 8 566packet filtering. 567.Pp 568Typical usage will require putting 569.Bd -literal 570ipfilter_enable="YES" 571ipnat_enable="YES" 572ipmon_enable="YES" 573ipfs_enable="YES" 574.Ed 575.Pp 576into 577.Pa /etc/rc.conf 578and editing 579.Pa /etc/ipf.rules 580and 581.Pa /etc/ipnat.rules 582appropriately. 583.Pp 584Note that 585.Va ipfilter_enable 586and 587.Va ipnat_enable 588can be enabled independently. 589.Va ipmon_enable 590and 591.Va ipfs_enable 592both require at least one of 593.Va ipfilter_enable 594and 595.Va ipnat_enable 596to be enabled. 597.Pp 598Having 599.Bd -literal 600options IPFILTER 601options IPFILTER_LOG 602options IPFILTER_DEFAULT_BLOCK 603.Ed 604.Pp 605in the kernel configuration file is a good idea, too. 606.\" ----- ipfilter_program setting ------------------------------ 607.It Va ipfilter_program 608.Pq Vt str 609Path to 610.Xr ipf 8 611(default 612.Pa /sbin/ipf ) . 613.\" ----- ipfilter_rules setting -------------------------------- 614.It Va ipfilter_rules 615.Pq Vt str 616Set to 617.Pa /etc/ipf.rules 618by default. 619This variable contains the name of the filter rule definition file. 620The file is expected to be readable for the 621.Xr ipf 8 622command to execute. 623.\" ----- ipv6_ipfilter_rules setting --------------------------- 624.It Va ipv6_ipfilter_rules 625.Pq Vt str 626Set to 627.Pa /etc/ipf6.rules 628by default. 629This variable contains the IPv6 filter rule definition file. 630The file is expected to be readable for the 631.Xr ipf 8 632command to execute. 633.\" ----- ipfilter_flags setting -------------------------------- 634.It Va ipfilter_flags 635.Pq Vt str 636Empty by default. 637This variable contains flags passed to the 638.Xr ipf 8 639program. 640.\" ----- ipnat_enable setting ---------------------------------- 641.It Va ipnat_enable 642.Pq Vt bool 643Set to 644.Dq Li NO 645by default. 646Set it to 647.Dq Li YES 648to enable 649.Xr ipnat 8 650network address translation. 651See 652.Va ipfilter_enable 653for a detailed discussion. 654.\" ----- ipnat_program setting --------------------------------- 655.It Va ipnat_program 656.Pq Vt str 657Path to 658.Xr ipnat 8 659(default 660.Pa /sbin/ipnat ) . 661.\" ----- ipnat_rules setting ----------------------------------- 662.It Va ipnat_rules 663.Pq Vt str 664Set to 665.Pa /etc/ipnat.rules 666by default. 667This variable contains the name of the file 668holding the network address translation definition. 669This file is expected to be readable for the 670.Xr ipnat 8 671command to execute. 672.\" ----- ipnat_flags setting ----------------------------------- 673.It Va ipnat_flags 674.Pq Vt str 675Empty by default. 676This variable contains flags passed to the 677.Xr ipnat 8 678program. 679.\" ----- ipmon_enable setting ---------------------------------- 680.It Va ipmon_enable 681.Pq Vt bool 682Set to 683.Dq Li NO 684by default. 685Set it to 686.Dq Li YES 687to enable 688.Xr ipmon 8 689monitoring (logging 690.Xr ipf 8 691and 692.Xr ipnat 8 693events). 694Setting this variable needs setting 695.Va ipfilter_enable 696or 697.Va ipnat_enable 698too. 699See 700.Va ipfilter_enable 701for a detailed discussion. 702.\" ----- ipmon_program setting --------------------------------- 703.It Va ipmon_program 704.Pq Vt str 705Path to 706.Xr ipmon 8 707(default 708.Pa /sbin/ipmon ) . 709.\" ----- ipmon_flags setting ----------------------------------- 710.It Va ipmon_flags 711.Pq Vt str 712Set to 713.Dq Li -Ds 714by default. 715This variable contains flags passed to the 716.Xr ipmon 8 717program. 718Another typical example would be 719.Dq Fl D Pa /var/log/ipflog 720to have 721.Xr ipmon 8 722log directly to a file bypassing 723.Xr syslogd 8 . 724Make sure to adjust 725.Pa /etc/newsyslog.conf 726in such case like this: 727.Bd -literal 728/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 729.Ed 730.\" ----- ipfs_enable setting ----------------------------------- 731.It Va ipfs_enable 732.Pq Vt bool 733Set to 734.Dq Li NO 735by default. 736Set it to 737.Dq Li YES 738to enable 739.Xr ipfs 8 740saving the filter and NAT state tables during shutdown 741and reloading them during startup again. 742Setting this variable needs setting 743.Va ipfilter_enable 744or 745.Va ipnat_enable 746to 747.Dq Li YES 748too. 749See 750.Va ipfilter_enable 751for a detailed discussion. 752Note that if 753.Va kern_securelevel 754is set to 3, 755.Va ipfs_enable 756cannot be used 757because the raised securelevel will prevent 758.Xr ipfs 8 759from saving the state tables at shutdown time. 760.\" ----- ipfs_program setting ---------------------------------- 761.It Va ipfs_program 762.Pq Vt str 763Path to 764.Xr ipfs 8 765(default 766.Pa /sbin/ipfs ) . 767.\" ----- ipfs_flags setting ------------------------------------ 768.It Va ipfs_flags 769.Pq Vt str 770Empty by default. 771This variable contains flags passed to the 772.Xr ipfs 8 773program. 774.\" ----- end of added ipf hook --------------------------------- 775.It Va pf_enable 776.Pq Vt bool 777Set to 778.Dq Li NO 779by default. 780Setting this to 781.Dq Li YES 782enables 783.Xr pf 4 784packet filtering. 785.Pp 786Typical usage will require putting 787.Pp 788.Dl pf_enable="YES" 789.Pp 790into 791.Pa /etc/rc.conf 792and editing 793.Pa /etc/pf.conf 794appropriately. 795Adding 796.Pp 797.Dl "device pf" 798.Pp 799builds support for 800.Xr pf 4 801into the kernel, otherwise the 802kernel module will be loaded. 803.It Va pf_rules 804.Pq Vt str 805Path to 806.Xr pf 4 807ruleset configuration file 808(default 809.Pa /etc/pf.conf ) . 810.It Va pf_program 811.Pq Vt str 812Path to 813.Xr pfctl 8 814(default 815.Pa /sbin/pfctl ) . 816.It Va pf_flags 817.Pq Vt str 818If 819.Va pf_enable 820is set to 821.Dq Li YES , 822these flags are passed to the 823.Xr pfctl 8 824program when loading the ruleset. 825.It Va pflog_enable 826.Pq Vt bool 827Set to 828.Dq Li NO 829by default. 830Setting this to 831.Dq Li YES 832enables 833.Xr pflogd 8 834which logs packets from the 835.Xr pf 4 836packet filter. 837.It Va pflog_logfile 838.Pq Vt str 839If 840.Va pflog_enable 841is set to 842.Dq Li YES 843this controls where 844.Xr pflogd 8 845stores the logfile 846(default 847.Pa /var/log/pflog ) . 848Check 849.Pa /etc/newsyslog.conf 850to adjust logfile rotation for this. 851.It Va pflog_program 852.Pq Vt str 853Path to 854.Xr pflogd 8 855(default 856.Pa /sbin/pflogd ) . 857.It Va pflog_flags 858.Pq Vt str 859Empty by default. 860This variable contains additional flags passed to the 861.Xr pflogd 8 862program. 863.It Va ftpproxy_enable 864.Pq Vt bool 865Set to 866.Dq Li NO 867by default. 868Setting this to 869.Dq Li YES 870enables 871.Xr ftp-proxy 8 872which supports the 873.Xr pf 4 874packet filter in translating ftp connections. 875.It Va ftpproxy_flags 876.Pq Vt str 877Empty by default. 878This variable contains additional flags passed to the 879.Xr ftp-proxy 8 880program. 881.It Va pfsync_enable 882.Pq Vt bool 883Set to 884.Dq Li NO 885by default. 886Setting this to 887.Dq Li YES 888enables exposing 889.Xr pf 4 890state changes to other hosts over the network by means of 891.Xr pfsync 4 . 892The 893.Va pfsync_syncdev 894variable 895must also be set then. 896.It Va pfsync_syncdev 897.Pq Vt str 898Empty by default. 899This variable specifies the name of the network interface 900.Xr pfsync 4 901should operate through. 902It must be set accordingly if 903.Va pfsync_enable 904is set to 905.Dq Li YES . 906.It Va pfsync_syncpeer 907.Pq Vt str 908Empty by default. 909This variable is optional. 910By default, state change messages are sent out on the synchronisation 911interface using IP multicast packets. 912The protocol is IP protocol 240, PFSYNC, and the multicast group used is 913224.0.0.240. 914When a peer address is specified using the 915.Va pfsync_syncpeer 916option, the peer address is used as a destination for the pfsync 917traffic, and the traffic can then be protected using 918.Xr ipsec 4 . 919See the 920.Xr pfsync 4 921manpage for more details about using 922.Xr ipsec 4 923with 924.Xr pfsync 4 925interfaces. 926.It Va pfsync_ifconfig 927.Pq Vt str 928Empty by default. 929This variable can contain additional options to be passed to the 930.Xr ifconfig 8 931command used to set up 932.Xr pfsync 4 . 933.It Va tcp_extensions 934.Pq Vt bool 935Set to 936.Dq Li YES 937by default. 938Setting this to 939.Dq Li NO 940disables certain TCP options as described by 941.Rs 942.%T "RFC 1323" 943.Re 944Setting this to 945.Dq Li NO 946might help remedy such problems with connections as randomly hanging 947or other weird behavior. 948Some network devices are known 949to be broken with respect to these options. 950.It Va log_in_vain 951.Pq Vt int 952Set to 0 by default. 953The 954.Xr sysctl 8 955variables, 956.Va net.inet.tcp.log_in_vain 957and 958.Va net.inet.udp.log_in_vain , 959as described in 960.Xr tcp 4 961and 962.Xr udp 4 , 963are set to the given value. 964.It Va tcp_keepalive 965.Pq Vt bool 966Set to 967.Dq Li YES 968by default. 969Setting to 970.Dq Li NO 971will disable probing idle TCP connections to verify that the 972peer is still up and reachable. 973.It Va tcp_drop_synfin 974.Pq Vt bool 975Set to 976.Dq Li NO 977by default. 978Setting to 979.Dq Li YES 980will cause the kernel to ignore TCP frames that have both 981the SYN and FIN flags set. 982This prevents OS fingerprinting, but may 983break some legitimate applications. 984.It Va icmp_drop_redirect 985.Pq Vt bool 986Set to 987.Dq Li NO 988by default. 989Setting to 990.Dq Li YES 991will cause the kernel to ignore ICMP REDIRECT packets. 992Refer to 993.Xr icmp 4 994for more information. 995.It Va icmp_log_redirect 996.Pq Vt bool 997Set to 998.Dq Li NO 999by default. 1000Setting to 1001.Dq Li YES 1002will cause the kernel to log ICMP REDIRECT packets. 1003Note that 1004the log messages are not rate-limited, so this option should only be used 1005for troubleshooting networks. 1006Refer to 1007.Xr icmp 4 1008for more information. 1009.It Va icmp_bmcastecho 1010.Pq Vt bool 1011Set to 1012.Dq Li YES 1013to respond to broadcast or multicast ICMP ping packets. 1014Refer to 1015.Xr icmp 4 1016for more information. 1017.It Va ip_portrange_first 1018.Pq Vt int 1019If not set to 1020.Dq Li NO , 1021this is the first port in the default portrange. 1022Refer to 1023.Xr ip 4 1024for more information. 1025.It Va ip_portrange_last 1026.Pq Vt int 1027If not set to 1028.Dq Li NO , 1029this is the last port in the default portrange. 1030Refer to 1031.Xr ip 4 1032for more information. 1033.It Va network_interfaces 1034.Pq Vt str 1035Set to the list of network interfaces to configure on this host or 1036.Dq Li AUTO 1037(the default) for all current interfaces. 1038Setting the 1039.Va network_interfaces 1040variable to anything other than the default is deprecated. 1041Interfaces that the administrator wishes to store configuration for, 1042but not start at boot should be configured with the 1043.Dq Li NOAUTO 1044keyword in their 1045.Va ifconfig_ Ns Aq Ar interface 1046variables as described below. 1047.Pp 1048An 1049.Va ifconfig_ Ns Aq Ar interface 1050variable is also assumed to exist for each value of 1051.Ar interface . 1052When an interface name contains any of the characters 1053.Dq Li .-/+ 1054they are translated to 1055.Dq Li _ 1056before lookup. 1057The variable can contain arguments to 1058.Xr ifconfig 8 , 1059as well as special case-insensitive keywords described below. 1060Such keywords are removed before passing the value to 1061.Xr ifconfig 8 1062while the order of the other arguments is preserved. 1063.Pp 1064One can configure more than one IPv4 address with the 1065.Va ipv4_addrs_ Ns Aq Ar interface 1066variable. 1067One or more IP addresses must be provided in Classless Inter-Domain 1068Routing (CIDR) address notation, whose last byte can be a range like 1069192.0.2.5-23/24. 1070In this case the address 192.0.2.5 will be configured with the 1071netmask /24 and the addresses 192.0.2.6 to 192.0.2.23 with 1072the non-conflicting netmask /32 as explained in the 1073.Xr ifconfig 8 1074alias section. 1075With the interface in question being 1076.Li ed0 , 1077an example could look like: 1078.Bd -literal 1079ipv4_addrs_ed0="192.0.2.129/27 192.0.2.1-5/28" 1080.Ed 1081.Pp 1082It is also possible to add IP alias entries using 1083.Xr ifconfig 8 1084syntax. 1085Assuming that the interface in question was 1086.Li ed0 , 1087it might look 1088something like this: 1089.Bd -literal 1090ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 1091ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 1092.Ed 1093.Pp 1094And so on. 1095For each 1096.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1097entry that is found, 1098its contents are passed to 1099.Xr ifconfig 8 . 1100Execution stops at the first unsuccessful access, so if 1101something like this is present: 1102.Bd -literal 1103ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 1104ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 1105ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 1106ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 1107.Ed 1108.Pp 1109Then note that alias4 would 1110.Em not 1111be added since the search would 1112stop with the missing 1113.Dq Li alias3 1114entry. 1115Due to this difficult to manage behavior, the 1116.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1117form is deprecated. 1118.Pp 1119If the 1120.Pa /etc/start_if. Ns Aq Ar interface 1121file is present, it is read and executed by the 1122.Xr sh 1 1123interpreter 1124before configuring the interface as specified in the 1125.Va ifconfig_ Ns Aq Ar interface 1126and 1127.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1128variables. 1129.Pp 1130If a 1131.Va vlans_ Ns Aq Ar interface 1132variable is set, 1133a 1134.Xr vlan 4 1135interface will be created for each item in the list with the 1136.Ar vlandev 1137argument set to 1138.Ar interface . 1139If a vlan interface's name is a number, 1140then that number is used as the vlan tag and the new vlan interface is 1141named 1142.Ar interface . Ns Ar tag . 1143Otherwise, 1144the vlan tag must be specified via a 1145.Va vlan 1146parameter in the 1147.Va create_args_ Ns Aq Ar interface 1148variable. 1149.Pp 1150To create a vlan device named 1151.Li em0.101 1152on 1153.Li em0 1154with the vlan tag 101 and the optional the IPv4 address 192.0.2.1/24: 1155.Bd -literal 1156vlans_em0="101" 1157ifconfig_em0_101="inet 192.0.2.1/24" 1158.Ed 1159.Pp 1160To create a vlan device named 1161.Li myvlan 1162on 1163.Li em0 1164with the vlan tag 102: 1165.Bd -literal 1166vlans_em0="myvlan" 1167create_args_myvlan="vlan 102" 1168.Ed 1169.Pp 1170If a 1171.Va wlans_ Ns Aq Ar interface 1172variable is set, 1173an 1174.Xr wlan 4 1175interface will be created for each item in the list with the 1176.Ar wlandev 1177argument set to 1178.Ar interface . 1179Further wlan cloning arguments may be passed to the 1180.Xr ifconfig 8 1181.Cm create 1182command by setting the 1183.Va create_args_ Ns Aq Ar interface 1184variable. 1185One or more 1186.Xr wlan 4 1187devices must be created for each wireless devices as of 1188.Fx 8.0 . 1189Debugging flags for 1190.Xr wlan 4 1191devices as set by 1192.Xr wlandebug 8 1193may be specified with an 1194.Va wlandebug_ Ns Aq Ar interface 1195variable. 1196The contents of this variable will be passed directly to 1197.Xr wlandebug 8 . 1198.Pp 1199If the 1200.Va ifconfig_ Ns Aq Ar interface 1201contains the keyword 1202.Dq Li NOAUTO 1203then the interface will not be configured 1204at boot or by 1205.Pa /etc/pccard_ether 1206when 1207.Va network_interfaces 1208is set to 1209.Dq Li AUTO . 1210.Pp 1211It is possible to bring up an interface with DHCP by adding 1212.Dq Li DHCP 1213to the 1214.Va ifconfig_ Ns Aq Ar interface 1215variable. 1216For instance, to initialize the 1217.Li ed0 1218device via DHCP, 1219it is possible to use something like: 1220.Bd -literal 1221ifconfig_ed0="DHCP" 1222.Ed 1223.Pp 1224Also, if you want to configure your wireless interface with 1225.Xr wpa_supplicant 8 1226for use with WPA, EAP/LEAP or WEP, you need to add 1227.Dq Li WPA 1228to the 1229.Va ifconfig_ Ns Aq Ar interface 1230variable. 1231.Pp 1232Finally, you can add 1233.Xr ifconfig 8 1234options in this variable, in addition to the 1235.Pa /etc/start_if. Ns Aq Ar interface 1236file. 1237For instance, to configure an 1238.Xr ath 4 1239wireless device in station mode with an address obtained 1240via DHCP, using WPA authentication and 802.11b mode, it is 1241possible to use something like: 1242.Bd -literal 1243wlans_ath0="wlan0" 1244ifconfig_wlan0="DHCP WPA mode 11b" 1245.Ed 1246.Pp 1247In addition to the 1248.Va ifconfig_ Ns Aq Ar interface 1249form, a fallback variable 1250.Va ifconfig_DEFAULT 1251may be configured. 1252It will be used for all interfaces with no 1253.Va ifconfig_ Ns Aq Ar interface 1254variable. 1255This is intended to replace the no longer supported 1256.Va pccard_ifconfig 1257variable. 1258.Pp 1259It is also possible to rename an interface by doing: 1260.Bd -literal 1261ifconfig_ed0_name="net0" 1262ifconfig_net0="inet 192.0.2.1 netmask 0xffffff00" 1263.Ed 1264.It Va ipv6_enable 1265.Pq Vt bool 1266If the variable is 1267.Dq Li YES , 1268.Dq Li inet6 accept_rtadv 1269is added to all of 1270.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1271and the 1272.Va ipv6_activate_all_interfaces 1273is defined as 1274.Dq Li YES . 1275.Pp 1276This variable is deprecated. Use 1277.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1278and 1279.Va ipv6_activate_all_interfaces 1280if necessary. 1281.It Va ipv6_prefer 1282.Pq Vt bool 1283If the variable is 1284.Dq Li YES , 1285the default address selection policy table set by 1286.Xr ip6addrctl 8 1287will be IPv6-preferred. 1288.Pp 1289If the variable is 1290.Dq Li NO , 1291the default address selection policy table set by 1292.Xr ip6addrctl 8 1293will be IPv4-preferred. 1294.Pp 1295This variable is deprecated. Use 1296.Va ip6addtctl_policy 1297instead. 1298.It Va ipv6_activate_all_interfaces 1299If the variable is 1300.Dq Li NO , 1301all of interfaces which do not have the corrsponding 1302.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1303variable will be marked as 1304.Dq Li IFDISABLED 1305for security reason. This means only IPv6 functionality on that interface 1306is completely disabled. For more details of 1307.Dq Li IFDISABLED 1308flag and keywords 1309.Dq Li inet6 ifdisabled , 1310see 1311.Xr ifconfig 8 . 1312.Pp 1313Default is 1314.Dq Li NO . 1315.It Va ipv6_privacy 1316.Pq Vt bool 1317If the variable is 1318.Dq Li YES 1319privacy addresses will be generated for each IPv6 1320interface as described in RFC 4193. 1321.It Va ipv6_network_interfaces 1322.Pq Vt str 1323This is the IPv6 equivalent of 1324.Va network_interfaces . 1325Normally manual configuration of this variable is not needed. 1326.Pp 1327.It Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1328.Pq Vt str 1329IPv6 functionality on an interface should be configured by 1330.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 , 1331instead of setting ifconfig parameters in 1332.Va ifconfig_ Ns Aq Ar interface . 1333Aliases should be set by 1334.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1335with 1336.Dq Li inet6 1337keyword. For example: 1338.Bd -literal 1339ifconfig_ed0_ipv6="inet6 2001:db8:1::1 prefixlen 64" 1340ifconfig_ed0_alias0="inet6 2001:db8:2::1 prefixlen 64" 1341.Ed 1342.Pp 1343Interfaces that have an 1344.Dq Li inet6 accept_rtadv 1345keyword in 1346.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1347setting will be automatically configured by 1348.Xr rtsol 8 . 1349Note that this automatic configuration is disabled if the 1350.Va ipv6_gateway_enable 1351is set to 1352.Dq Li YES . 1353.It Va ipv6_prefix_ Ns Aq Ar interface 1354.Pq Vt str 1355If one or more prefixes are defined in 1356.Va ipv6_prefix_ Ns Aq Ar interface 1357addresses based on each prefix and the EUI-64 interface index will be 1358configured on that interface. 1359.It Va ipv6_default_interface 1360.Pq Vt str 1361If not set to 1362.Dq Li NO , 1363this is the default output interface for scoped addresses. 1364This works only with ipv6_gateway_enable="NO". 1365.It Va ip6addrctl_enable 1366.Pq Vt bool 1367This variable is to enable configuring default address selection policy table 1368.Pq RFC 3484 . 1369The table can be specified in another variable 1370.Va ip6addrctl_policy . 1371For 1372.Va ip6addrctl_policy 1373the following keywords can be specified: 1374.Dq Li ipv4_prefer , 1375.Dq Li ipv6_prefer , 1376or 1377.Dq Li AUTO . 1378.Pp 1379If 1380.Dq Li ipv4_prefer 1381or 1382.Dq Li ipv6_prefer 1383is specified, 1384.Xr ip6addrctl 8 1385installs a pre-defined policy table described in Section 2.1 1386.Pq IPv6-preferred 1387or 10.3 1388.Pq IPv4-preferred 1389of RFC 3484. 1390.Pp 1391If 1392.Dq Li AUTO 1393is specified, it attempts to read a file 1394.Pa /etc/ip6addrctl.conf 1395first. If this file is found, 1396.Xr ip6addrctl 8 1397reads and installs it. If not found, a policy is automatically set 1398according to 1399.Va ipv6_activate_all_interfaces 1400variable; if the variable is set to 1401.Dq Li YES 1402the IPv6-preferred one is used. Otherwise IPv4-preferred. 1403.Pp 1404The default value of 1405.Va ip6addrctl_enable 1406and 1407.Va ip6addrctl_policy 1408are 1409.Dq Li YES 1410and 1411.Dq Li AUTO , 1412respectively. 1413.It Va cloned_interfaces 1414.Pq Vt str 1415Set to the list of clonable network interfaces to create on this host. 1416Further cloning arguments may be passed to the 1417.Xr ifconfig 8 1418.Cm create 1419command for each interface by setting the 1420.Va create_args_ Ns Aq Ar interface 1421variable. 1422Entries in 1423.Va cloned_interfaces 1424are automatically appended to 1425.Va network_interfaces 1426for configuration. 1427.It Va fec_interfaces 1428.Pq Vt str 1429Set to the list of 1430.Xr ng_fec 4 1431Fast EtherChannel interfaces to configure on this host. 1432A 1433.Va fecconfig_ Ns Aq Ar interface 1434variable is assumed to exist for each value of 1435.Ar interface . 1436The value of this variable is used to configure link aggregated interfaces 1437according to the syntax of the 1438.Cm NGM_FEC_ADD_IFACE 1439to 1440.Xr ngctl 8 1441msg. 1442Additionally, this option ensures that each listed interface is created 1443via the 1444.Cm mkpeer 1445command to 1446.Xr ngctl 8 1447before attempting to configure it. 1448For example: 1449.Bd -literal 1450fec_interfaces="fec0" 1451fecconfig_fec0="em0 em1" 1452ifconfig_fec0="DHCP" 1453.Ed 1454.It Va gif_interfaces 1455.Pq Vt str 1456Set to the list of 1457.Xr gif 4 1458tunnel interfaces to configure on this host. 1459A 1460.Va gifconfig_ Ns Aq Ar interface 1461variable is assumed to exist for each value of 1462.Ar interface . 1463The value of this variable is used to configure the link layer of the 1464tunnel according to the syntax of the 1465.Cm tunnel 1466option to 1467.Xr ifconfig 8 . 1468Additionally, this option ensures that each listed interface is created 1469via the 1470.Cm create 1471option to 1472.Xr ifconfig 8 1473before attempting to configure it. 1474.It Va sppp_interfaces 1475.Pq Vt str 1476Set to the list of 1477.Xr sppp 4 1478interfaces to configure on this host. 1479A 1480.Va spppconfig_ Ns Aq Ar interface 1481variable is assumed to exist for each value of 1482.Ar interface . 1483Each interface should also be configured by a general 1484.Va ifconfig_ Ns Aq Ar interface 1485setting. 1486Refer to 1487.Xr spppcontrol 8 1488for more information about available options. 1489.It Va ppp_enable 1490.Pq Vt bool 1491If set to 1492.Dq Li YES , 1493run the 1494.Xr ppp 8 1495daemon. 1496.It Va ppp_profile 1497.Pq Vt str 1498The name of the profile to use from 1499.Pa /etc/ppp/ppp.conf . 1500Also used for per-profile overrides of 1501.Va ppp_mode 1502and 1503.Va ppp_nat , 1504and 1505.Va ppp_ Ns Ao Ar profile Ac Ns _unit . 1506When the profile name contains any of the characters 1507.Dq Li .-/+ 1508they are translated to 1509.Dq Li _ 1510for the proposes of the override variable names. 1511.It Va ppp_mode 1512.Pq Vt str 1513Mode in which to run the 1514.Xr ppp 8 1515daemon. 1516.It Va ppp_ Ns Ao Ar profile Ac Ns _mode 1517.Pq Vt str 1518Overrides the global 1519.Va ppp_mode 1520for 1521.Ar profile . 1522Accepted modes are 1523.Dq Li auto , 1524.Dq Li ddial , 1525.Dq Li direct 1526and 1527.Dq Li dedicated . 1528See the manual for a full description. 1529.It Va ppp_nat 1530.Pq Vt bool 1531If set to 1532.Dq Li YES , 1533enables network address translation. 1534Used in conjunction with 1535.Va gateway_enable 1536allows hosts on private network addresses access to the Internet using 1537this host as a network address translating router. 1538.It Va ppp_ Ns Ao Ar profile Ac Ns _nat 1539.Pq Vt str 1540Overrides the global 1541.Va ppp_nat 1542for 1543.Ar profile . 1544.It Va ppp_ Ns Ao Ar profile Ac Ns _unit 1545.Pq Vt int 1546Set the unit number to be used for this profile. 1547See the manual description of 1548.Fl unit Ns Ar N 1549for details. 1550.It Va ppp_user 1551.Pq Vt str 1552The name of the user under which 1553.Xr ppp 8 1554should be started. 1555By 1556default, 1557.Xr ppp 8 1558is started as 1559.Dq Li root . 1560.It Va rc_conf_files 1561.Pq Vt str 1562This option is used to specify a list of files that will override 1563the settings in 1564.Pa /etc/defaults/rc.conf . 1565The files will be read in the order in which they are specified and should 1566include the full path to the file. 1567By default, the files specified are 1568.Pa /etc/rc.conf 1569and 1570.Pa /etc/rc.conf.local 1571.It Va zfs_enable 1572.Pq Vt bool 1573If set to 1574.Dq Li YES , 1575.Pa /etc/rc.d/zfs 1576will attempt to automatically mount ZFS file systems and initialize ZFS volumes 1577(ZVOLs). 1578.It Va gbde_autoattach_all 1579.Pq Vt bool 1580If set to 1581.Dq Li YES , 1582.Pa /etc/rc.d/gbde 1583will attempt to automatically initialize your .bde devices in 1584.Pa /etc/fstab . 1585.It Va gbde_devices 1586.Pq Vt str 1587List the devices that the script should try to attach, 1588or 1589.Dq Li AUTO . 1590.It Va gbde_lockdir 1591.Pq Vt str 1592The directory where the 1593.Xr gbde 4 1594lockfiles are located. 1595The default lockfile directory is 1596.Pa /etc . 1597.Pp 1598The lockfile for each individual 1599.Xr gbde 4 1600device can be overridden by setting the variable 1601.Va gbde_lock_ Ns Aq Ar device , 1602where 1603.Ar device 1604is the encrypted device without the 1605.Dq Pa /dev/ 1606and 1607.Dq Pa .bde 1608parts. 1609.It Va gbde_attach_attempts 1610.Pq Vt int 1611Number of times to attempt attaching to a 1612.Xr gbde 4 1613device, i.e., how many times the user is asked for the pass-phrase. 1614Default is 3. 1615.It Va geli_devices 1616.Pq Vt str 1617List of devices to automatically attach on boot. 1618Note that .eli devices from 1619.Pa /etc/fstab 1620are automatically appended to this list. 1621.It Va geli_tries 1622.Pq Vt int 1623Number of times user is asked for the pass-phrase. 1624If empty, it will be taken from 1625.Va kern.geom.eli.tries 1626sysctl variable. 1627.It Va geli_default_flags 1628.Pq Vt str 1629Default flags to use by 1630.Xr geli 8 1631when configuring disk encryption. 1632Flags can be configured for every device separately by defining 1633.Va geli_ Ns Ao Ar device Ac Ns Va _flags 1634variable. 1635.It Va geli_autodetach 1636.Pq Vt str 1637Specifies if GELI devices should be marked for detach on last close after 1638file systems are mounted. 1639Default is 1640.Dq Li YES . 1641This can be changed for every device separately by defining 1642.Va geli_ Ns Ao Ar device Ac Ns Va _autodetach 1643variable. 1644.It Va geli_swap_flags 1645Options passed to the 1646.Xr geli 8 1647utility when encrypted GEOM providers for swap partitions are created. 1648The default is 1649.Dq Li "-e aes -l 256 -s 4096 -d" . 1650.It Va root_rw_mount 1651.Pq Vt bool 1652Set to 1653.Dq Li YES 1654by default. 1655After the file systems are checked at boot time, the root file system 1656is remounted as read-write if this is set to 1657.Dq Li YES . 1658Diskless systems that mount their root file system from a read-only remote 1659NFS share should set this to 1660.Dq Li NO 1661in their 1662.Pa rc.conf . 1663.It Va fsck_y_enable 1664.Pq Vt bool 1665If set to 1666.Dq Li YES , 1667.Xr fsck 8 1668will be run with the 1669.Fl y 1670flag if the initial preen 1671of the file systems fails. 1672.It Va background_fsck 1673.Pq Vt bool 1674If set to 1675.Dq Li YES , 1676the system will attempt to run 1677.Xr fsck 8 1678in the background where possible. 1679.It Va background_fsck_delay 1680.Pq Vt int 1681The amount of time in seconds to sleep before starting a background 1682.Xr fsck 8 . 1683It defaults to sixty seconds to allow large applications such as 1684the X server to start before disk I/O bandwidth is monopolized by 1685.Xr fsck 8 . 1686If set to a negative number, the background file system check will be 1687delayed indefinitely to allow the administrator to run it at a more 1688convenient time. 1689For example it may be run from 1690.Xr cron 8 1691by adding a line like 1692.Pp 1693.Dl "0 4 * * * root /etc/rc.d/bgfsck forcestart" 1694.Pp 1695to 1696.Pa /etc/crontab . 1697.It Va netfs_types 1698.Pq Vt str 1699List of file system types that are network-based. 1700This list should generally not be modified by end users. 1701Use 1702.Va extra_netfs_types 1703instead. 1704.It Va extra_netfs_types 1705.Pq Vt str 1706If set to something other than 1707.Dq Li NO 1708(the default), 1709this variable extends the list of file system types 1710for which automatic mounting at startup by 1711.Xr rc 8 1712should be delayed until the network is initialized. 1713It should contain 1714a whitespace-separated list of network file system descriptor pairs, 1715each consisting of a file system type as passed to 1716.Xr mount 8 1717and a human-readable, one-word description, 1718joined with a colon 1719.Pq Ql \&: . 1720Extending the default list in this way is only necessary 1721when third party file system types are used. 1722.It Va syslogd_enable 1723.Pq Vt bool 1724If set to 1725.Dq Li YES , 1726run the 1727.Xr syslogd 8 1728daemon. 1729.It Va syslogd_program 1730.Pq Vt str 1731Path to 1732.Xr syslogd 8 1733(default 1734.Pa /usr/sbin/syslogd ) . 1735.It Va syslogd_flags 1736.Pq Vt str 1737If 1738.Va syslogd_enable 1739is set to 1740.Dq Li YES , 1741these are the flags to pass to 1742.Xr syslogd 8 . 1743.It Va inetd_enable 1744.Pq Vt bool 1745If set to 1746.Dq Li YES , 1747run the 1748.Xr inetd 8 1749daemon. 1750.It Va inetd_program 1751.Pq Vt str 1752Path to 1753.Xr inetd 8 1754(default 1755.Pa /usr/sbin/inetd ) . 1756.It Va inetd_flags 1757.Pq Vt str 1758If 1759.Va inetd_enable 1760is set to 1761.Dq Li YES , 1762these are the flags to pass to 1763.Xr inetd 8 . 1764.It Va hastd_enable 1765.Pq Vt bool 1766If set to 1767.Dq Li YES , 1768run the 1769.Xr hastd 8 1770daemon. 1771.It Va hastd_program 1772.Pq Vt str 1773Path to 1774.Xr hastd 8 1775(default 1776.Pa /sbin/hastd ) . 1777.It Va hastd_flags 1778.Pq Vt str 1779If 1780.Va hastd_enable 1781is set to 1782.Dq Li YES , 1783these are the flags to pass to 1784.Xr hastd 8 . 1785.It Va named_enable 1786.Pq Vt bool 1787If set to 1788.Dq Li YES , 1789run the 1790.Xr named 8 1791daemon. 1792.It Va named_program 1793.Pq Vt str 1794Path to 1795.Xr named 8 1796(default 1797.Pa /usr/sbin/named ) . 1798.It Va named_conf 1799.Pq Vt str 1800Path to 1801.Xr named 8 1802configuration file, (default 1803.Pa /etc/namedb/named.conf ) . 1804.It Va named_flags 1805.Pq Vt str 1806If 1807.Va named_enable 1808is set to 1809.Dq Li YES , 1810these are the flags to pass to 1811.Xr named 8 . 1812.It Va named_pidfile 1813.Pq Vt str 1814This is the default path to the 1815.Xr named 8 1816daemon's PID file. 1817This must match the location in 1818.Xr named.conf 5 . 1819.It Va named_uid 1820.Pq Vt str 1821The user that the 1822.Xr named 8 1823process should be run as. 1824.It Va named_chrootdir 1825.Pq Vt str 1826The root directory for a name server run in a 1827.Xr chroot 8 1828environment (default 1829.Pa /var/named ) . 1830If left empty 1831.Xr named 8 1832will not be run in a 1833.Xr chroot 8 1834environment. 1835.It Va named_chroot_autoupdate 1836.Pq Vt bool 1837Set to 1838.Dq Li NO 1839to disable automatic update of the 1840.Xr chroot 8 1841environment. 1842.It Va named_symlink_enable 1843.Pq Vt bool 1844Set to 1845.Dq Li NO 1846to disable symlinking of 1847daemon's PID file 1848into the 1849.Xr chroot 8 1850environment. 1851.It Va named_wait 1852.Pq Vt bool 1853Set to have 1854.Pa /etc/rc.d/named 1855loop until working name service is established. 1856.It Va named_wait_host 1857.Pq Vt str 1858Name of host to lookup for the named_wait option. 1859(Default localhost) 1860.It Va named_auto_forward 1861.Pq Vt bool 1862Set to enable automatic creation of a forwarder 1863configuration file derived from 1864.Pa /etc/resolv.conf . 1865.It Va named_auto_forward_only 1866.Pq Vt bool 1867Set to change the default forwarder configuration from 1868.Dq forward first 1869to 1870.Dq forward only . 1871.It Va kerberos5_server_enable 1872.Pq Vt bool 1873Set to 1874.Dq Li YES 1875to start a Kerberos 5 authentication server 1876at boot time. 1877.It Va kerberos5_server 1878.Pq Vt str 1879If 1880.Va kerberos5_server_enable 1881is set to 1882.Dq Li YES 1883this is the path to Kerberos 5 Authentication Server. 1884.It Va kerberos5_server_flags 1885.Pq Vt str 1886Empty by default. 1887This variable contains additional flags to be passed to the Kerberos 5 1888authentication server. 1889.It Va kadmind5_server_enable 1890.Pq Vt bool 1891Set to 1892.Dq Li YES 1893to start 1894.Xr kadmind 8 , 1895the Kerberos 5 Administration Daemon; set to 1896.Dq Li NO 1897on a slave server. 1898.It Va kadmind5_server 1899.Pq Vt str 1900If 1901.Va kadmind5_server_enable 1902is set to 1903.Dq Li YES 1904this is the path to Kerberos 5 Administration Daemon. 1905.It Va kpasswdd_server_enable 1906.Pq Vt bool 1907Set to 1908.Dq Li YES 1909to start 1910.Xr kpasswdd 8 , 1911the Kerberos 5 Password-Changing Daemon; set to 1912.Dq Li NO 1913on a slave server. 1914.It Va kpasswdd_server 1915.Pq Vt str 1916If 1917.Va kpasswdd_server_enable 1918is set to 1919.Dq Li YES 1920this is the path to Kerberos 5 Password-Changing Daemon. 1921.It Va rwhod_enable 1922.Pq Vt bool 1923If set to 1924.Dq Li YES , 1925run the 1926.Xr rwhod 8 1927daemon at boot time. 1928.It Va rwhod_flags 1929.Pq Vt str 1930If 1931.Va rwhod_enable 1932is set to 1933.Dq Li YES , 1934these are the flags to pass to it. 1935.It Va amd_enable 1936.Pq Vt bool 1937If set to 1938.Dq Li YES , 1939run the 1940.Xr amd 8 1941daemon at boot time. 1942.It Va amd_flags 1943.Pq Vt str 1944If 1945.Va amd_enable 1946is set to 1947.Dq Li YES , 1948these are the flags to pass to it. 1949See the 1950.Xr amd 8 1951manpage for more information. 1952.It Va amd_map_program 1953.Pq Vt str 1954If set, 1955the specified program is run to get the list of 1956.Xr amd 8 1957maps. 1958For example, if the 1959.Xr amd 8 1960maps are stored in NIS, one can set this to 1961run 1962.Xr ypcat 1 1963to get a list of 1964.Xr amd 8 1965maps from the 1966.Pa amd.master 1967NIS map. 1968.It Va update_motd 1969.Pq Vt bool 1970If set to 1971.Dq Li YES , 1972.Pa /etc/motd 1973will be updated at boot time to reflect the kernel release 1974being run. 1975If set to 1976.Dq Li NO , 1977.Pa /etc/motd 1978will not be updated. 1979.It Va nfs_client_enable 1980.Pq Vt bool 1981If set to 1982.Dq Li YES , 1983run the NFS client daemons at boot time. 1984.It Va nfs_access_cache 1985.Pq Vt int 1986If 1987.Va nfs_client_enable 1988is set to 1989.Dq Li YES , 1990this can be set to 1991.Dq Li 0 1992to disable NFS ACCESS RPC caching, or to the number of seconds for which 1993NFS ACCESS 1994results should be cached. 1995A value of 2-10 seconds will substantially reduce network 1996traffic for many NFS operations. 1997.It Va nfs_server_enable 1998.Pq Vt bool 1999If set to 2000.Dq Li YES , 2001run the NFS server daemons at boot time. 2002.It Va nfs_server_flags 2003.Pq Vt str 2004If 2005.Va nfs_server_enable 2006is set to 2007.Dq Li YES , 2008these are the flags to pass to the 2009.Xr nfsd 8 2010daemon. 2011.It Va idmapd_enable 2012.Pq Vt bool 2013If set to 2014.Dq Li YES , 2015run the ID mapping daemon for NFS version 4. 2016.It Va idmapd_flags 2017.Pq Vt str 2018If 2019.Va idmapd_enable 2020is set to 2021.Dq Li YES , 2022these are the flags to pass to the 2023.Xr idmapd 8 2024daemon. 2025.It Va mountd_enable 2026.Pq Vt bool 2027If set to 2028.Dq Li YES , 2029and no 2030.Va nfs_server_enable 2031is set, start 2032.Xr mountd 8 , 2033but not 2034.Xr nfsd 8 2035daemon. 2036It is commonly needed to run CFS without real NFS used. 2037.It Va mountd_flags 2038.Pq Vt str 2039If 2040.Va mountd_enable 2041is set to 2042.Dq Li YES , 2043these are the flags to pass to the 2044.Xr mountd 8 2045daemon. 2046.It Va weak_mountd_authentication 2047.Pq Vt bool 2048If set to 2049.Dq Li YES , 2050allow services like PCNFSD to make non-privileged mount 2051requests. 2052.It Va nfs_reserved_port_only 2053.Pq Vt bool 2054If set to 2055.Dq Li YES , 2056provide NFS services only on a secure port. 2057.It Va nfs_bufpackets 2058.Pq Vt int 2059If set to a number, indicates the number of packets worth of 2060socket buffer space to reserve on an NFS client. 2061The kernel default is typically 4. 2062Using a higher number may be 2063useful on gigabit networks to improve performance. 2064The minimum value is 20652 and the maximum is 64. 2066.It Va rpc_lockd_enable 2067.Pq Vt bool 2068If set to 2069.Dq Li YES 2070and also an NFS server or client, run 2071.Xr rpc.lockd 8 2072at boot time. 2073.It Va rpc_lockd_flags 2074.Pq Vt str 2075If 2076.Va rpc_lockd_enable 2077is set to 2078.Dq Li YES , 2079these are the flags to pass to the 2080.Xr rpc.lockd 8 2081daemon. 2082.It Va rpc_statd_enable 2083.Pq Vt bool 2084If set to 2085.Dq Li YES 2086and also an NFS server or client, run 2087.Xr rpc.statd 8 2088at boot time. 2089.It Va rpc_statd_flags 2090.Pq Vt str 2091If 2092.Va rpc_statd_enable 2093is set to 2094.Dq Li YES , 2095these are the flags to pass to the 2096.Xr rpc.statd 8 2097daemon. 2098.It Va rpcbind_program 2099.Pq Vt str 2100Path to 2101.Xr rpcbind 8 2102(default 2103.Pa /usr/sbin/rpcbind ) . 2104.It Va rpcbind_enable 2105.Pq Vt bool 2106If set to 2107.Dq Li YES , 2108run the 2109.Xr rpcbind 8 2110service at boot time. 2111.It Va rpcbind_flags 2112.Pq Vt str 2113If 2114.Va rpcbind_enable 2115is set to 2116.Dq Li YES , 2117these are the flags to pass to the 2118.Xr rpcbind 8 2119daemon. 2120.It Va keyserv_enable 2121.Pq Vt bool 2122If set to 2123.Dq Li YES , 2124run the 2125.Xr keyserv 8 2126daemon on boot for running Secure RPC. 2127.It Va keyserv_flags 2128.Pq Vt str 2129If 2130.Va keyserv_enable 2131is set to 2132.Dq Li YES , 2133these are the flags to pass to 2134.Xr keyserv 8 2135daemon. 2136.It Va pppoed_enable 2137.Pq Vt bool 2138If set to 2139.Dq Li YES , 2140run the 2141.Xr pppoed 8 2142daemon at boot time to provide PPP over Ethernet services. 2143.It Va pppoed_ Ns Aq Ar provider 2144.Pq Vt str 2145.Xr pppoed 8 2146listens to requests to this 2147.Ar provider 2148and ultimately runs 2149.Xr ppp 8 2150with a 2151.Ar system 2152argument of the same name. 2153.It Va pppoed_flags 2154.Pq Vt str 2155Additional flags to pass to 2156.Xr pppoed 8 . 2157.It Va pppoed_interface 2158.Pq Vt str 2159The network interface to run 2160.Xr pppoed 8 2161on. 2162This is mandatory when 2163.Va pppoed_enable 2164is set to 2165.Dq Li YES . 2166.It Va timed_enable 2167.Pq Vt bool 2168If set to 2169.Dq Li YES , 2170run the 2171.Xr timed 8 2172service at boot time. 2173This command is intended for networks of 2174machines where a consistent 2175.Dq "network time" 2176for all hosts must be established. 2177This is often useful in large NFS 2178environments where time stamps on files are expected to be consistent 2179network-wide. 2180.It Va timed_flags 2181.Pq Vt str 2182If 2183.Va timed_enable 2184is set to 2185.Dq Li YES , 2186these are the flags to pass to the 2187.Xr timed 8 2188service. 2189.It Va ntpdate_enable 2190.Pq Vt bool 2191If set to 2192.Dq Li YES , 2193run 2194.Xr ntpdate 8 2195at system startup. 2196This command is intended to 2197synchronize the system clock only 2198.Em once 2199from some standard reference. 2200An option to set this up initially 2201(from a list of known servers) is also provided by the 2202.Xr sysinstall 8 2203program when the system is first installed. 2204.It Va ntpdate_config 2205.Pq Vt str 2206Configuration file for 2207.Xr ntpdate 8 . 2208Default 2209.Pa /etc/ntp.conf . 2210.It Va ntpdate_hosts 2211.Pq Vt str 2212A whitespace-separated list of NTP servers to synchronize with at startup. 2213The default is to use the servers listed in 2214.Va ntpdate_config , 2215if that file exists. 2216.It Va ntpdate_program 2217.Pq Vt str 2218Path to 2219.Xr ntpdate 8 2220(default 2221.Pa /usr/sbin/ntpdate ) . 2222.It Va ntpdate_flags 2223.Pq Vt str 2224If 2225.Va ntpdate_enable 2226is set to 2227.Dq Li YES , 2228these are the flags to pass to the 2229.Xr ntpdate 8 2230command (typically a hostname). 2231.It Va ntpd_enable 2232.Pq Vt bool 2233If set to 2234.Dq Li YES , 2235run the 2236.Xr ntpd 8 2237command at boot time. 2238.It Va ntpd_program 2239.Pq Vt str 2240Path to 2241.Xr ntpd 8 2242(default 2243.Pa /usr/sbin/ntpd ) . 2244.It Va ntpd_config 2245.Pq Vt str 2246Path to 2247.Xr ntpd 8 2248configuration file. 2249Default 2250.Pa /etc/ntp.conf . 2251.It Va ntpd_flags 2252.Pq Vt str 2253If 2254.Va ntpd_enable 2255is set to 2256.Dq Li YES , 2257these are the flags to pass to the 2258.Xr ntpd 8 2259daemon. 2260.It Va ntpd_sync_on_start 2261.Pq Vt bool 2262If set to 2263.Dq Li YES , 2264.Xr ntpd 8 2265is run with the 2266.Fl g 2267flag, which syncs the system's clock on startup. 2268See 2269.Xr ntpd 8 2270for more information regarding the 2271.Fl g 2272option. 2273This is a preferred alternative to using 2274.Xr ntpdate 8 2275or specifying the 2276.Va ntpdate_enable 2277variable. 2278.It Va nis_client_enable 2279.Pq Vt bool 2280If set to 2281.Dq Li YES , 2282run the 2283.Xr ypbind 8 2284service at system boot time. 2285.It Va nis_client_flags 2286.Pq Vt str 2287If 2288.Va nis_client_enable 2289is set to 2290.Dq Li YES , 2291these are the flags to pass to the 2292.Xr ypbind 8 2293service. 2294.It Va nis_ypset_enable 2295.Pq Vt bool 2296If set to 2297.Dq Li YES , 2298run the 2299.Xr ypset 8 2300daemon at system boot time. 2301.It Va nis_ypset_flags 2302.Pq Vt str 2303If 2304.Va nis_ypset_enable 2305is set to 2306.Dq Li YES , 2307these are the flags to pass to the 2308.Xr ypset 8 2309daemon. 2310.It Va nis_server_enable 2311.Pq Vt bool 2312If set to 2313.Dq Li YES , 2314run the 2315.Xr ypserv 8 2316daemon at system boot time. 2317.It Va nis_server_flags 2318.Pq Vt str 2319If 2320.Va nis_server_enable 2321is set to 2322.Dq Li YES , 2323these are the flags to pass to the 2324.Xr ypserv 8 2325daemon. 2326.It Va nis_ypxfrd_enable 2327.Pq Vt bool 2328If set to 2329.Dq Li YES , 2330run the 2331.Xr rpc.ypxfrd 8 2332daemon at system boot time. 2333.It Va nis_ypxfrd_flags 2334.Pq Vt str 2335If 2336.Va nis_ypxfrd_enable 2337is set to 2338.Dq Li YES , 2339these are the flags to pass to the 2340.Xr rpc.ypxfrd 8 2341daemon. 2342.It Va nis_yppasswdd_enable 2343.Pq Vt bool 2344If set to 2345.Dq Li YES , 2346run the 2347.Xr rpc.yppasswdd 8 2348daemon at system boot time. 2349.It Va nis_yppasswdd_flags 2350.Pq Vt str 2351If 2352.Va nis_yppasswdd_enable 2353is set to 2354.Dq Li YES , 2355these are the flags to pass to the 2356.Xr rpc.yppasswdd 8 2357daemon. 2358.It Va rpc_ypupdated_enable 2359.Pq Vt bool 2360If set to 2361.Dq Li YES , 2362run the 2363.Nm rpc.ypupdated 2364daemon at system boot time. 2365.It Va bsnmpd_enable 2366.Pq Vt bool 2367If set to 2368.Dq Li YES , 2369run the 2370.Xr bsnmpd 1 2371daemon at system boot time. 2372Be sure to understand the security implications of running SNMP daemon 2373on your host. 2374.It Va bsnmpd_flags 2375.Pq Vt str 2376If 2377.Va bsnmpd_enable 2378is set to 2379.Dq Li YES , 2380these are the flags to pass to the 2381.Xr bsnmpd 1 2382daemon. 2383.It Va defaultrouter 2384.Pq Vt str 2385If not set to 2386.Dq Li NO , 2387create a default route to this host name or IP address 2388(use an IP address if this router is also required to get to the 2389name server!). 2390.It Va ipv6_defaultrouter 2391.Pq Vt str 2392The IPv6 equivalent of 2393.Va defaultrouter . 2394.It Va static_arp_pairs 2395.Pq Vt str 2396Set to the list of static ARP pairs that are to be added at system 2397boot time. 2398For each whitespace separated 2399.Ar element 2400in the value, a 2401.Va static_arp_ Ns Aq Ar element 2402variable is assumed to exist whose contents will later be passed to a 2403.Dq Nm arp Cm -S 2404operation. 2405For example 2406.Bd -literal 2407static_arp_pairs="gw" 2408static_arp_gw="192.168.1.1 00:01:02:03:04:05" 2409.Ed 2410.It Va static_routes 2411.Pq Vt str 2412Set to the list of static routes that are to be added at system 2413boot time. 2414If not set to 2415.Dq Li NO 2416then for each whitespace separated 2417.Ar element 2418in the value, a 2419.Va route_ Ns Aq Ar element 2420variable is assumed to exist 2421whose contents will later be passed to a 2422.Dq Nm route Cm add 2423operation. 2424For example: 2425.Bd -literal 2426static_routes="mcast gif0local" 2427route_mcast="-net 224.0.0.0/4 -iface gif0" 2428route_gif0local="-host 169.254.1.1 -iface lo0" 2429.Ed 2430.It Va ipv6_static_routes 2431.Pq Vt str 2432The IPv6 equivalent of 2433.Va static_routes . 2434If not set to 2435.Dq Li NO 2436then for each whitespace separated 2437.Ar element 2438in the value, a 2439.Va ipv6_route_ Ns Aq Ar element 2440variable is assumed to exist 2441whose contents will later be passed to a 2442.Dq Nm route Cm add Fl inet6 2443operation. 2444.It Va natm_static_routes 2445.Pq Vt str 2446The 2447.Xr natmip 4 2448equivalent of 2449.Va static_routes . 2450If not empty then for each whitespace separated 2451.Ar element 2452in the value, a 2453.Va route_ Ns Aq Ar element 2454variable is assumed to exist whose contents will later be passed to a 2455.Dq Nm atmconfig Cm natm Cm add 2456operation. 2457.It Va gateway_enable 2458.Pq Vt bool 2459If set to 2460.Dq Li YES , 2461configure host to act as an IP router, e.g.\& to forward packets 2462between interfaces. 2463.It Va ipv6_gateway_enable 2464.Pq Vt bool 2465The IPv6 equivalent of 2466.Va gateway_enable . 2467.It Va routed_enable 2468.Pq Vt bool 2469If set to 2470.Dq Li YES , 2471run a routing daemon of some sort, based on the 2472settings of 2473.Va routed_program 2474and 2475.Va routed_flags . 2476.It Va route6d_enable 2477.Pq Vt bool 2478The IPv6 equivalent of 2479.Va routed_enable . 2480If set to 2481.Dq Li YES , 2482run a routing daemon of some sort, based on the 2483settings of 2484.Va route6d_program 2485and 2486.Va route6d_flags . 2487.It Va routed_program 2488.Pq Vt str 2489If 2490.Va routed_enable 2491is set to 2492.Dq Li YES , 2493this is the name of the routing daemon to use. 2494.It Va route6d_program 2495.Pq Vt str 2496The IPv6 equivalent of 2497.Va routed_program . 2498.It Va routed_flags 2499.Pq Vt str 2500If 2501.Va routed_enable 2502is set to 2503.Dq Li YES , 2504these are the flags to pass to the routing daemon. 2505.It Va route6d_flags 2506.Pq Vt str 2507The IPv6 equivalent of 2508.Va routed_flags . 2509.It Va mrouted_enable 2510.Pq Vt bool 2511If set to 2512.Dq Li YES , 2513run the multicast routing daemon, 2514.Xr mrouted 8 . 2515.It Va mroute6d_enable 2516.Pq Vt bool 2517The IPv6 equivalent of 2518.Va mrouted_enable . 2519If set to 2520.Dq Li YES , 2521run the IPv6 multicast routing daemon. 2522.Pp 2523Note that multicast routing daemons are no longer included in the 2524.Fx 2525base system, however, both 2526.Xr mrouted 8 2527and 2528.Xr pim6dd 8 2529may be installed from the 2530.Fx 2531Ports Collection. 2532.It Va mrouted_flags 2533.Pq Vt str 2534If 2535.Va mrouted_enable 2536is set to 2537.Dq Li YES , 2538these are the flags to pass to the 2539.Xr mrouted 8 2540daemon. 2541.It Va mroute6d_flags 2542.Pq Vt str 2543The IPv6 equivalent of 2544.Va mrouted_flags . 2545If 2546.Va mroute6d_enable 2547is set to 2548.Dq Li YES , 2549these are the flags passed to the IPv6 multicast routing daemon. 2550.It Va mroute6d_program 2551.Pq Vt str 2552If 2553.Va mroute6d_enable 2554is set to 2555.Dq Li YES , 2556this is the path to the IPv6 multicast routing daemon. 2557.It Va rtadvd_enable 2558.Pq Vt bool 2559If set to 2560.Dq Li YES , 2561run the 2562.Xr rtadvd 8 2563daemon at boot time. 2564.Xr rtadvd 8 2565will only run if 2566.Va ipv6_gateway_enable 2567is also set to 2568.Dq Li YES . 2569The 2570.Xr rtadvd 8 2571utility sends router advertisement packets to the interfaces specified in 2572.Va rtadvd_interfaces 2573and should only be enabled with great care. 2574You may want to fine-tune 2575.Xr rtadvd.conf 5 . 2576.It Va rtadvd_interfaces 2577.Pq Vt str 2578If 2579.Va rtadvd_enable 2580is set to 2581.Dq Li YES 2582this is the list of interfaces to use. 2583.It Va ipxgateway_enable 2584.Pq Vt bool 2585If set to 2586.Dq Li YES , 2587enable the routing of IPX traffic. 2588.It Va ipxrouted_enable 2589.Pq Vt bool 2590If set to 2591.Dq Li YES , 2592run the 2593.Xr IPXrouted 8 2594daemon at system boot time. 2595.It Va ipxrouted_flags 2596.Pq Vt str 2597If 2598.Va ipxrouted_enable 2599is set to 2600.Dq Li YES , 2601these are the flags to pass to the 2602.Xr IPXrouted 8 2603daemon. 2604.It Va arpproxy_all 2605.Pq Vt bool 2606If set to 2607.Dq Li YES , 2608enable global proxy ARP. 2609.It Va forward_sourceroute 2610.Pq Vt bool 2611If set to 2612.Dq Li YES 2613and 2614.Va gateway_enable 2615is also set to 2616.Dq Li YES , 2617source-routed packets are forwarded. 2618.It Va accept_sourceroute 2619.Pq Vt bool 2620If set to 2621.Dq Li YES , 2622the system will accept source-routed packets directed at it. 2623.It Va rarpd_enable 2624.Pq Vt bool 2625If set to 2626.Dq Li YES , 2627run the 2628.Xr rarpd 8 2629daemon at system boot time. 2630.It Va rarpd_flags 2631.Pq Vt str 2632If 2633.Va rarpd_enable 2634is set to 2635.Dq Li YES , 2636these are the flags to pass to the 2637.Xr rarpd 8 2638daemon. 2639.It Va bootparamd_enable 2640.Pq Vt bool 2641If set to 2642.Dq Li YES , 2643run the 2644.Xr bootparamd 8 2645daemon at system boot time. 2646.It Va bootparamd_flags 2647.Pq Vt str 2648If 2649.Va bootparamd_enable 2650is set to 2651.Dq Li YES , 2652these are the flags to pass to the 2653.Xr bootparamd 8 2654daemon. 2655.It Va stf_interface_ipv4addr 2656.Pq Vt str 2657If not set to 2658.Dq Li NO , 2659this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 2660interface). 2661Specify this entry to enable the 6to4 interface. 2662.It Va stf_interface_ipv4plen 2663.Pq Vt int 2664Prefix length for 6to4 IPv4 addresses, to limit peer address range. 2665An effective value is 0-31. 2666.It Va stf_interface_ipv6_ifid 2667.Pq Vt str 2668IPv6 interface ID for 2669.Xr stf 4 . 2670This can be set to 2671.Dq Li AUTO . 2672.It Va stf_interface_ipv6_slaid 2673.Pq Vt str 2674IPv6 Site Level Aggregator for 2675.Xr stf 4 . 2676.It Va ipv6_faith_prefix 2677.Pq Vt str 2678If not set to 2679.Dq Li NO , 2680this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 2681translator. 2682You also need 2683.Xr faithd 8 2684setup. 2685.It Va ipv6_ipv4mapping 2686.Pq Vt bool 2687If set to 2688.Dq Li YES 2689this enables IPv4 mapped IPv6 address communication (like 2690.Li ::ffff:a.b.c.d ) . 2691.It Va atm_enable 2692.Pq Vt bool 2693Set to 2694.Dq Li YES 2695to enable the configuration of ATM interfaces at system boot time. 2696For all of the ATM variables described below, please refer to the 2697.Xr atm 8 2698manual page for further details on the available command parameters. 2699Also refer to the files in 2700.Pa /usr/share/examples/atm 2701for more detailed configuration information. 2702.It Va atm_load 2703.Pq Vt str 2704This is a list of physical ATM interface drivers to load. 2705Typical values are 2706.Dq Li hfa_pci 2707and/or 2708.Dq Li hea_pci . 2709.It Va atm_netif_ Ns Aq Ar intf 2710.Pq Vt str 2711For the ATM physical interface 2712.Ar intf , 2713this variable defines the name prefix and count for the ATM network 2714interfaces to be created. 2715The value will be passed as the parameters of an 2716.Dq Nm atm Cm "set netif" Ar intf 2717command. 2718.It Va atm_sigmgr_ Ns Aq Ar intf 2719.Pq Vt str 2720For the ATM physical interface 2721.Ar intf , 2722this variable defines the ATM signalling manager to be used. 2723The value will be passed as the parameters of an 2724.Dq Nm atm Cm attach Ar intf 2725command. 2726.It Va atm_prefix_ Ns Aq Ar intf 2727.Pq Vt str 2728For the ATM physical interface 2729.Ar intf , 2730this variable defines the NSAP prefix for interfaces using a UNI signalling 2731manager. 2732If set to 2733.Dq Li ILMI , 2734the prefix will automatically be set via the 2735.Xr ilmid 8 2736daemon. 2737Otherwise, the value will be passed as the parameters of an 2738.Dq Nm atm Cm "set prefix" Ar intf 2739command. 2740.It Va atm_macaddr_ Ns Aq Ar intf 2741.Pq Vt str 2742For the ATM physical interface 2743.Ar intf , 2744this variable defines the MAC address for interfaces using a UNI signalling 2745manager. 2746If set to 2747.Dq Li NO , 2748the hardware MAC address contained in the ATM interface card will be used. 2749Otherwise, the value will be passed as the parameters of an 2750.Dq Nm atm Cm "set mac" Ar intf 2751command. 2752.It Va atm_arpserver_ Ns Aq Ar netif 2753.Pq Vt str 2754For the ATM network interface 2755.Ar netif , 2756this variable defines the ATM address for a host which is to provide ATMARP 2757service. 2758This variable is only applicable to interfaces using a UNI signalling 2759manager. 2760If set to 2761.Dq Li local , 2762this host will become an ATMARP server. 2763The value will be passed as the parameters of an 2764.Dq Nm atm Cm "set arpserver" Ar netif 2765command. 2766.It Va atm_scsparp_ Ns Aq Ar netif 2767.Pq Vt bool 2768If set to 2769.Dq Li YES , 2770SCSP/ATMARP service for the network interface 2771.Ar netif 2772will be initiated using the 2773.Xr scspd 8 2774and 2775.Xr atmarpd 8 2776daemons. 2777This variable is only applicable if 2778.Va atm_arpserver_ Ns Aq Ar netif 2779is set to 2780.Dq Li local . 2781.It Va atm_pvcs 2782.Pq Vt str 2783Set to the list of ATM PVCs to be added at system 2784boot time. 2785For each whitespace separated 2786.Ar element 2787in the value, an 2788.Va atm_pvc_ Ns Aq Ar element 2789variable is assumed to exist. 2790The value of each of these variables 2791will be passed as the parameters of an 2792.Dq Nm atm Cm "add pvc" 2793command. 2794.It Va atm_arps 2795.Pq Vt str 2796Set to the list of permanent ATM ARP entries to be added 2797at system boot time. 2798For each whitespace separated 2799.Ar element 2800in the value, an 2801.Va atm_arp_ Ns Aq Ar element 2802variable is assumed to exist. 2803The value of each of these variables 2804will be passed as the parameters of an 2805.Dq Nm atm Cm "add arp" 2806command. 2807.It Va natm_interfaces 2808.Pq Vt str 2809Set to the list of 2810.Xr natm 4 2811interfaces that will also be used for HARP through 2812.Xr harp 4 . 2813If this list is not empty all interfaces in the list will be brought up 2814with 2815.Xr ifconfig 8 2816and 2817.Xr harp 4 2818will be loaded. 2819For this to work the interface drivers must be either compiled into the 2820kernel or must reside on the root partition. 2821.It Va keybell 2822.Pq Vt str 2823The keyboard bell sound. 2824Set to 2825.Dq Li normal , 2826.Dq Li visual , 2827.Dq Li off , 2828or 2829.Dq Li NO 2830if the default behavior is desired. 2831For details, refer to the 2832.Xr kbdcontrol 1 2833manpage. 2834.It Va keyboard 2835.Pq Vt str 2836If set to a non-null string, the virtual console's keyboard input is 2837set to this device. 2838.It Va keymap 2839.Pq Vt str 2840If set to 2841.Dq Li NO , 2842no keymap is installed, otherwise the value is used to install 2843the keymap file in 2844.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2845.It Va keyrate 2846.Pq Vt str 2847The keyboard repeat speed. 2848Set to 2849.Dq Li slow , 2850.Dq Li normal , 2851.Dq Li fast , 2852or 2853.Dq Li NO 2854if the default behavior is desired. 2855.It Va keychange 2856.Pq Vt str 2857If not set to 2858.Dq Li NO , 2859attempt to program the function keys with the value. 2860The value should 2861be a single string of the form: 2862.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2863.It Va cursor 2864.Pq Vt str 2865Can be set to the value of 2866.Dq Li normal , 2867.Dq Li blink , 2868.Dq Li destructive , 2869or 2870.Dq Li NO 2871to set the cursor behavior explicitly or choose the default behavior. 2872.It Va scrnmap 2873.Pq Vt str 2874If set to 2875.Dq Li NO , 2876no screen map is installed, otherwise the value is used to install 2877the screen map file in 2878.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2879.It Va font8x16 2880.Pq Vt str 2881If set to 2882.Dq Li NO , 2883the default 8x16 font value is used for screen size requests, otherwise 2884the value in 2885.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2886is used. 2887.It Va font8x14 2888.Pq Vt str 2889If set to 2890.Dq Li NO , 2891the default 8x14 font value is used for screen size requests, otherwise 2892the value in 2893.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2894is used. 2895.It Va font8x8 2896.Pq Vt str 2897If set to 2898.Dq Li NO , 2899the default 8x8 font value is used for screen size requests, otherwise 2900the value in 2901.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2902is used. 2903.It Va blanktime 2904.Pq Vt int 2905If set to 2906.Dq Li NO , 2907the default screen blanking interval is used, otherwise it is set 2908to 2909.Ar value 2910seconds. 2911.It Va saver 2912.Pq Vt str 2913If not set to 2914.Dq Li NO , 2915this is the actual screen saver to use 2916.Li ( blank , snake , daemon , 2917etc). 2918.It Va moused_nondefault_enable 2919.Pq Vt str 2920If set to 2921.Dq Li NO , 2922the mouse device specified on 2923the command line is not automatically treated as enabled by the 2924.Pa /etc/rc.d/moused 2925script. 2926Having this variable set to 2927.Dq Li YES 2928allows a 2929.Xr usb 4 2930mouse, 2931for example, 2932to be enabled as soon as it is plugged in. 2933.It Va moused_enable 2934.Pq Vt str 2935If set to 2936.Dq Li YES , 2937the 2938.Xr moused 8 2939daemon is started for doing cut/paste selection on the console. 2940.It Va moused_type 2941.Pq Vt str 2942This is the protocol type of the mouse connected to this host. 2943This variable must be set if 2944.Va moused_enable 2945is set to 2946.Dq Li YES . 2947The 2948.Xr moused 8 2949daemon 2950is able to detect the appropriate mouse type automatically in many cases. 2951Set this variable to 2952.Dq Li auto 2953to let the daemon detect it, or 2954select one from the following list if the automatic detection fails. 2955.Pp 2956If the mouse is attached to the PS/2 mouse port, choose 2957.Dq Li auto 2958or 2959.Dq Li ps/2 , 2960regardless of the brand and model of the mouse. 2961Likewise, if the 2962mouse is attached to the bus mouse port, choose 2963.Dq Li auto 2964or 2965.Dq Li busmouse . 2966All other protocols are for serial mice and will not work with 2967the PS/2 and bus mice. 2968If this is a USB mouse, 2969.Dq Li auto 2970is the only protocol type which will work. 2971.Pp 2972.Bl -tag -width ".Li x10mouseremote" -compact 2973.It Li microsoft 2974Microsoft mouse (serial) 2975.It Li intellimouse 2976Microsoft IntelliMouse (serial) 2977.It Li mousesystems 2978Mouse systems Corp.\& mouse (serial) 2979.It Li mmseries 2980MM Series mouse (serial) 2981.It Li logitech 2982Logitech mouse (serial) 2983.It Li busmouse 2984A bus mouse 2985.It Li mouseman 2986Logitech MouseMan and TrackMan (serial) 2987.It Li glidepoint 2988ALPS GlidePoint (serial) 2989.It Li thinkingmouse 2990Kensington ThinkingMouse (serial) 2991.It Li ps/2 2992PS/2 mouse 2993.It Li mmhittab 2994MM HitTablet (serial) 2995.It Li x10mouseremote 2996X10 MouseRemote (serial) 2997.It Li versapad 2998Interlink VersaPad (serial) 2999.El 3000.Pp 3001Even if the mouse is not in the above list, it may be compatible 3002with one in the list. 3003Refer to the manual page for 3004.Xr moused 8 3005for compatibility information. 3006.Pp 3007It should also be noted that while this is enabled, any 3008other client of the mouse (such as an X server) should access 3009the mouse through the virtual mouse device, 3010.Pa /dev/sysmouse , 3011and configure it as a 3012.Dq Li sysmouse 3013type mouse, since all 3014mouse data is converted to this single canonical format when 3015using 3016.Xr moused 8 . 3017If the client program does not support the 3018.Dq Li sysmouse 3019type, 3020specify the 3021.Dq Li mousesystems 3022type. 3023It is the second preferred type. 3024.It Va moused_port 3025.Pq Vt str 3026If 3027.Va moused_enable 3028is set to 3029.Dq Li YES , 3030this is the actual port the mouse is on. 3031It might be 3032.Pa /dev/cuad0 3033for a COM1 serial mouse, 3034.Pa /dev/psm0 3035for a PS/2 mouse or 3036.Pa /dev/mse0 3037for a bus mouse, for example. 3038.It Va moused_flags 3039.Pq Vt str 3040If 3041.Va moused_flags 3042is set, its value is used as an additional set of flags to pass to the 3043.Xr moused 8 3044daemon. 3045.It Va "moused_" Ns Ar XXX Ns Va "_flags" 3046When 3047.Va moused_nondefault_enable 3048is enabled, and a 3049.Xr moused 8 3050daemon is started for a non-default port, the 3051.Va "moused_" Ns Ar XXX Ns Va "_flags" 3052set of options has precedence over and replaces the default 3053.Va moused_flags (where 3054.Ar XXX 3055is the name of the non-default port, i.e.\& 3056.Ar ums0 ) . 3057By setting 3058.Va "moused_" Ns Ar XXX Ns Va "_flags" 3059it is possible to set up a different set of default flags for each 3060.Xr moused 8 3061instance. 3062For example, you can use 3063.Dq Li "-3" 3064for the default 3065.Va moused_flags 3066to make your laptop's touchpad more comfortable to use, 3067but an empty set of options for 3068.Va moused_ums0_flags 3069when your 3070.Xr usb 4 3071mouse has three or more buttons. 3072.It Va mousechar_start 3073.Pq Vt int 3074If set to 3075.Dq Li NO , 3076the default mouse cursor character range 3077.Li 0xd0 Ns - Ns Li 0xd3 3078is used, 3079otherwise the range start is set 3080to 3081.Ar value 3082character, see 3083.Xr vidcontrol 1 . 3084Use if the default range is occupied in the language code table. 3085.It Va allscreens_flags 3086.Pq Vt str 3087If set, 3088.Xr vidcontrol 1 3089is run with these options for each of the virtual terminals 3090.Pq Pa /dev/ttyv* . 3091For example, 3092.Dq Fl m Cm on 3093will enable the mouse pointer on all virtual terminals 3094if 3095.Va moused_enable 3096is set to 3097.Dq Li YES . 3098.It Va allscreens_kbdflags 3099.Pq Vt str 3100If set, 3101.Xr kbdcontrol 1 3102is run with these options for each of the virtual terminals 3103.Pq Pa /dev/ttyv* . 3104For example, 3105.Dq Fl h Li 200 3106will set the 3107.Xr syscons 4 3108scrollback (history) buffer to 200 lines. 3109.It Va cron_enable 3110.Pq Vt bool 3111If set to 3112.Dq Li YES , 3113run the 3114.Xr cron 8 3115daemon at system boot time. 3116.It Va cron_program 3117.Pq Vt str 3118Path to 3119.Xr cron 8 3120(default 3121.Pa /usr/sbin/cron ) . 3122.It Va cron_flags 3123.Pq Vt str 3124If 3125.Va cron_enable 3126is set to 3127.Dq Li YES , 3128these are the flags to pass to 3129.Xr cron 8 . 3130.It Va cron_dst 3131.Pq Vt bool 3132If set to 3133.Dq Li YES , 3134enable the special handling of transitions to and from the 3135Daylight Saving Time in 3136.Xr cron 8 3137(equivalent to using the flag 3138.Fl s ) . 3139.It Va lpd_program 3140.Pq Vt str 3141Path to 3142.Xr lpd 8 3143(default 3144.Pa /usr/sbin/lpd ) . 3145.It Va lpd_enable 3146.Pq Vt bool 3147If set to 3148.Dq Li YES , 3149run the 3150.Xr lpd 8 3151daemon at system boot time. 3152.It Va lpd_flags 3153.Pq Vt str 3154If 3155.Va lpd_enable 3156is set to 3157.Dq Li YES , 3158these are the flags to pass to the 3159.Xr lpd 8 3160daemon. 3161.It Va chkprintcap_enable 3162.Pq Vt bool 3163If set to 3164.Dq Li YES , 3165run the 3166.Xr chkprintcap 8 3167command before starting the 3168.Xr lpd 8 3169daemon. 3170.It Va chkprintcap_flags 3171.Pq Vt str 3172If 3173.Va lpd_enable 3174and 3175.Va chkprintcap_enable 3176are set to 3177.Dq Li YES , 3178these are the flags to pass to the 3179.Xr chkprintcap 8 3180program. 3181The default is 3182.Dq Li -d , 3183which causes missing directories to be created. 3184.It Va mta_start_script 3185.Pq Vt str 3186This variable specifies the full path to the script to run to start 3187a mail transfer agent. 3188The default is 3189.Pa /etc/rc.sendmail . 3190The 3191.Va sendmail_* 3192variables which 3193.Pa /etc/rc.sendmail 3194uses are documented in the 3195.Xr rc.sendmail 8 3196manual page. 3197.It Va dumpdev 3198.Pq Vt str 3199Indicates the device (usually a swap partition) to which a crash dump 3200should be written in the event of a system crash. 3201If the value of this variable is 3202.Dq Li AUTO , 3203the first suitable swap device listed in 3204.Pa /etc/fstab 3205will be used as dump device. 3206Otherwise, the value of this variable is passed as the argument to 3207.Xr dumpon 8 . 3208To disable crash dumps, set this variable to 3209.Dq Li NO . 3210.It Va dumpdir 3211.Pq Vt str 3212When the system reboots after a crash and a crash dump is found on the 3213device specified by the 3214.Va dumpdev 3215variable, 3216.Xr savecore 8 3217will save that crash dump and a copy of the kernel to the directory 3218specified by the 3219.Va dumpdir 3220variable. 3221The default value is 3222.Pa /var/crash . 3223Set to 3224.Dq Li NO 3225to not run 3226.Xr savecore 8 3227at boot time when 3228.Va dumpdir 3229is set. 3230.It Va savecore_flags 3231.Pq Vt str 3232If crash dumps are enabled, these are the flags to pass to the 3233.Xr savecore 8 3234utility. 3235.It Va quota_enable 3236.Pq Vt bool 3237Set to 3238.Dq Li YES 3239to turn on user and group disk quotas on system startup via the 3240.Xr quotaon 8 3241command for all file systems marked as having quotas enabled in 3242.Pa /etc/fstab . 3243The kernel must be built with 3244.Cd "options QUOTA" 3245for disk quotas to function. 3246.It Va check_quotas 3247.Pq Vt bool 3248Set to 3249.Dq Li YES 3250to enable user and group disk quota checking via the 3251.Xr quotacheck 8 3252command. 3253.It Va quotacheck_flags 3254.Pq Vt str 3255If 3256.Va quota_enable 3257is set to 3258.Dq Li YES , 3259and 3260.Va check_quotas 3261is set to 3262.Dq Li YES , 3263these are the flags to pass to the 3264.Xr quotacheck 8 3265utility. 3266The default is 3267.Dq Li "-a" , 3268which checks quotas for all file systems with quotas enabled in 3269.Pa /etc/fstab . 3270.It Va quotaon_flags 3271.Pq Vt str 3272If 3273.Va quota_enable 3274is set to 3275.Dq Li YES , 3276these are the flags to pass to the 3277.Xr quotaon 8 3278utility. 3279The default is 3280.Dq Li "-a" , 3281which enables quotas for all file systems with quotas enabled in 3282.Pa /etc/fstab . 3283.It Va quotaoff_flags 3284.Pq Vt str 3285If 3286.Va quota_enable 3287is set to 3288.Dq Li YES , 3289these are the flags to pass to the 3290.Xr quotaoff 8 3291utility when shutting down the quota system. 3292The default is 3293.Dq Li "-a" , 3294which disables quotas for all file systems with quotas enabled in 3295.Pa /etc/fstab . 3296.It Va accounting_enable 3297.Pq Vt bool 3298Set to 3299.Dq Li YES 3300to enable system accounting through the 3301.Xr accton 8 3302facility. 3303.It Va ibcs2_enable 3304.Pq Vt bool 3305Set to 3306.Dq Li YES 3307to enable iBCS2 (SCO) binary emulation at system initial boot 3308time. 3309.It Va ibcs2_loaders 3310.Pq Vt str 3311If not set to 3312.Dq Li NO 3313and if 3314.Va ibcs2_enable 3315is set to 3316.Dq Li YES , 3317this specifies a list of additional iBCS2 loaders to enable. 3318.It Va linux_enable 3319.Pq Vt bool 3320Set to 3321.Dq Li YES 3322to enable Linux/ELF binary emulation at system initial 3323boot time. 3324.It Va svr4_enable 3325.Pq Vt bool 3326If set to 3327.Dq Li YES , 3328enable SysVR4 emulation at boot time. 3329.It Va sysvipc_enable 3330.Pq Vt bool 3331If set to 3332.Dq Li YES , 3333load System V IPC primitives at boot time. 3334.It Va clear_tmp_enable 3335.Pq Vt bool 3336Set to 3337.Dq Li YES 3338to have 3339.Pa /tmp 3340cleaned at startup. 3341.It Va clear_tmp_X 3342.Pq Vt bool 3343Set to 3344.Dq Li NO 3345to disable removing of X11 lock files, 3346and the removal and (secure) recreation 3347of the various socket directories for X11 3348related programs. 3349.It Va ldconfig_paths 3350.Pq Vt str 3351Set to the list of shared library paths to use with 3352.Xr ldconfig 8 . 3353NOTE: 3354.Pa /usr/lib 3355will always be added first, so it need not appear in this list. 3356.It Va ldconfig32_paths 3357.Pq Vt str 3358Set to the list of 32-bit compatibility shared library paths to 3359use with 3360.Xr ldconfig 8 . 3361.It Va ldconfig_paths_aout 3362.Pq Vt str 3363Set to the list of shared library paths to use with 3364.Xr ldconfig 8 3365legacy 3366.Xr a.out 5 3367support. 3368.It Va ldconfig_insecure 3369.Pq Vt bool 3370The 3371.Xr ldconfig 8 3372utility normally refuses to use directories 3373which are writable by anyone except root. 3374Set this variable to 3375.Dq Li YES 3376to disable that security check during system startup. 3377.It Va ldconfig_local_dirs 3378.Pq Vt str 3379Set to the list of local 3380.Xr ldconfig 8 3381directories. 3382The names of all files in the directories listed will be 3383passed as arguments to 3384.Xr ldconfig 8 . 3385.It Va ldconfig_local32_dirs 3386.Pq Vt str 3387Set to the list of local 32-bit compatibility 3388.Xr ldconfig 8 3389directories. 3390The names of all files in the directories listed will be 3391passed as arguments to 3392.Dq Nm ldconfig Fl 32 . 3393.It Va kern_securelevel_enable 3394.Pq Vt bool 3395Set to 3396.Dq Li YES 3397to set the kernel security level at system startup. 3398.It Va kern_securelevel 3399.Pq Vt int 3400The kernel security level to set at startup. 3401The allowed range of 3402.Ar value 3403ranges from \-1 (the compile time default) to 3 (the 3404most secure). 3405See 3406.Xr security 7 3407for the list of possible security levels and their effect 3408on system operation. 3409.It Va sshd_program 3410.Pq Vt str 3411Path to the SSH server program 3412.Pa ( /usr/sbin/sshd 3413is the default). 3414.It Va sshd_enable 3415.Pq Vt bool 3416Set to 3417.Dq Li YES 3418to start 3419.Xr sshd 8 3420at system boot time. 3421.It Va sshd_flags 3422.Pq Vt str 3423If 3424.Va sshd_enable 3425is set to 3426.Dq Li YES , 3427these are the flags to pass to the 3428.Xr sshd 8 3429daemon. 3430.It Va ftpd_program 3431.Pq Vt str 3432Path to the FTP server program 3433.Pa ( /usr/libexec/ftpd 3434is the default). 3435.It Va ftpd_enable 3436.Pq Vt bool 3437Set to 3438.Dq Li YES 3439to start 3440.Xr ftpd 8 3441as a stand-alone daemon at system boot time. 3442.It Va ftpd_flags 3443.Pq Vt str 3444If 3445.Va ftpd_enable 3446is set to 3447.Dq Li YES , 3448these are the additional flags to pass to the 3449.Xr ftpd 8 3450daemon. 3451.It Va watchdogd_enable 3452.Pq Vt bool 3453If set to 3454.Dq Li YES , 3455start the 3456.Xr watchdogd 8 3457daemon at boot time. 3458This requires that the kernel have been compiled with a 3459.Xr watchdog 4 3460compatible device. 3461.It Va watchdogd_flags 3462.Pq Vt str 3463If 3464.Va watchdogd_enable 3465is set to 3466.Dq Li YES , 3467these are the flags passed to the 3468.Xr watchdogd 8 3469daemon. 3470.It Va performance_cx_lowest 3471.Pq Vt str 3472CPU idle state to use while on AC power. 3473The string 3474.Dq Li LOW 3475indicates that 3476.Xr acpi 4 3477should use the lowest power state available while 3478.Dq Li HIGH 3479indicates that the lowest latency state (less power savings) should be used. 3480.It Va performance_cpu_freq 3481.Pq Vt str 3482CPU clock frequency to use while on AC power. 3483The string 3484.Dq Li LOW 3485indicates that 3486.Xr cpufreq 4 3487should use the lowest frequency available while 3488.Dq Li HIGH 3489indicates that the highest frequency (less power savings) should be used. 3490.It Va economy_cx_lowest 3491.Pq Vt str 3492CPU idle state to use when off AC power. 3493The string 3494.Dq Li LOW 3495indicates that 3496.Xr acpi 4 3497should use the lowest power state available while 3498.Dq Li HIGH 3499indicates that the lowest latency state (less power savings) should be used. 3500.It Va economy_cpu_freq 3501.Pq Vt str 3502CPU clock frequency to use when off AC power. 3503The string 3504.Dq Li LOW 3505indicates that 3506.Xr cpufreq 4 3507should use the lowest frequency available while 3508.Dq Li HIGH 3509indicates that the highest frequency (less power savings) should be used. 3510.It Va jail_enable 3511.Pq Vt bool 3512If set to 3513.Dq Li NO , 3514any configured jails will not be started. 3515.It jail_parallel_start 3516.Pq Vt bool 3517If set to 3518.Dq Li YES 3519all configured jails will be started in the background (= in parallel). 3520.It Va jail_list 3521.Pq Vt str 3522A space separated list of names for jails. 3523This is purely a configuration aid to help identify and 3524configure multiple jails. 3525The names specified in this list will be used to 3526identify settings common to an instance of a jail, 3527and should contain alphanumeric characters only. 3528Assuming that the jail in question was named 3529.Li vjail , 3530you would have the following dependent variables: 3531.Bd -literal 3532jail_vjail_hostname="jail.example.com" 3533jail_vjail_ip="192.0.2.100" 3534jail_vjail_rootdir="/var/jails/vjail/root" 3535.Ed 3536.Pp 3537.It Va jail_flags 3538.Pq Vt str 3539Unset by default. 3540When set, use as default value for 3541.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3542for every jail in 3543.Va jail_list . 3544.It Va jail_interface 3545.Pq Vt str 3546Unset by default. 3547When set, use as default value for 3548.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3549for every jail in 3550.Va jail_list . 3551.It Va jail_fstab 3552.Pq Vt str 3553Unset by default. 3554When set, use as default value for 3555.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3556for every jail in 3557.Va jail_list . 3558.It Va jail_mount_enable 3559.Pq Vt bool 3560Set to 3561.Dq Li NO 3562by default. 3563When set to 3564.Dq Li YES , 3565sets 3566.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3567to 3568.Dq Li YES 3569by default for every jail in 3570.Va jail_list . 3571.It Va jail_devfs_ruleset 3572.Pq Vt str 3573Unset by default. 3574When set, sets 3575.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3576to given value for every jail in 3577.Va jail_list . 3578.It Va jail_devfs_enable 3579.Pq Vt bool 3580Set to 3581.Dq Li NO 3582by default. 3583When set to 3584.Dq Li YES , 3585sets 3586.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3587to 3588.Dq Li YES 3589by default for every jail in 3590.Va jail_list . 3591.It Va jail_fdescfs_enable 3592.Pq Vt bool 3593Set to 3594.Dq Li NO 3595by default. 3596When set to 3597.Dq Li YES , 3598sets 3599.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3600to 3601.Dq Li YES 3602by default for every jail in 3603.Va jail_list . 3604.It Va jail_procfs_enable 3605.Pq Vt bool 3606Set to 3607.Dq Li NO 3608by default. 3609When set to 3610.Dq Li YES , 3611sets 3612.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3613to 3614.Dq Li YES 3615by default for every jail in 3616.Va jail_list . 3617.It Va jail_exec_prestart Ns Aq Ar N 3618.Pq Vt str 3619Unset by default. 3620When set, use as default value for 3621.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestart Ns Aq Ar N 3622for every jail in 3623.Va jail_list . 3624.It Va jail_exec_start 3625.Pq Vt str 3626Unset by default. 3627When set, use as default value for 3628.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3629for every jail in 3630.Va jail_list . 3631.It Va jail_exec_afterstart Ns Aq Ar N 3632.Pq Vt str 3633Unset by default. 3634When set, use as default value for 3635.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3636for every jail in 3637.Va jail_list . 3638.It Va jail_exec_poststart Ns Aq Ar N 3639.Pq Vt str 3640Unset by default. 3641When set, use as default value for 3642.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststart Ns Aq Ar N 3643for every jail in 3644.Va jail_list . 3645.It Va jail_exec_prestop Ns Aq Ar N 3646.Pq Vt str 3647Unset by default. 3648When set, use as default value for 3649.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestop Ns Aq Ar N 3650for every jail in 3651.Va jail_list . 3652.It Va jail_exec_stop 3653Unset by default. 3654When set, use as default value for 3655.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3656for every jail in 3657.Va jail_list . 3658.It Va jail_exec_poststop Ns Aq Ar N 3659.Pq Vt str 3660Unset by default. 3661When set, use as default value for 3662.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststop Ns Aq Ar N 3663for every jail in 3664.Va jail_list . 3665.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 3666.Pq Vt str 3667Unset by default. 3668Set to the root directory used by jail 3669.Va jname . 3670.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 3671.Pq Vt str 3672Unset by default. 3673Set to the fully qualified domain name (FQDN) assigned to jail 3674.Va jname . 3675.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 3676.Pq Vt str 3677Unset by default. 3678Set to the (primary) IPv4 and/or IPv6 address(es) assigned to the jail. 3679The argument can be a sole address or a comma separated list of addresses. 3680Additionally each address can be prefixed by the name of an interface 3681followed by a pipe to overwrite 3682.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3683or 3684.Va jail_interface 3685and/or suffixed by a netmask, prefixlen or prefix. 3686In case no netmask, prefixlen or prefix is given, 3687.Sq /32 3688will be used for IPv4 and 3689.Sq /128 3690will be used for an IPv6 address. 3691If no address is given for the jail then the jail will be started with 3692no networking support. 3693.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip_multi Ns Aq Ar n 3694.Pq Vt str 3695Unset by default. 3696Set additional IPv4 and/or IPv6 address(es) assigned to the jail. 3697The sequence starts with 3698.Dq Li _multi0 3699and the numbers have to be strictly ascending. 3700These entries follow the same syntax as their primary 3701.Va jail_ Ns Ao Ar jname Ac Ns Va _ip 3702entry. 3703The order of the entries can be important as the first address for 3704each address family found will be the primary address of the jail. 3705See 3706.Va ip-addresses 3707option in 3708.Xr jail 8 3709for more details. 3710.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3711.Pq Vt str 3712Set to 3713.Dq Li -l -U root 3714by default. 3715These are flags to pass to 3716.Xr jail . 3717.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3718.Pq Vt str 3719Unset by default. 3720When set, sets the interface to use when setting IP address alias. 3721Note that the alias is created at jail startup and removed at jail shutdown. 3722.It Va jail_ Ns Ao Ar jname Ac Ns Va _fib 3723.Pq Vt str 3724Unset by default. 3725When set, the jail is started with the specified forwarding table (sometimes 3726referred to as a routing table) via 3727.Xr setfib 1 . 3728.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3729.Pq Vt str 3730Set to 3731.Pa /etc/fstab. Ns Aq Ar jname 3732by default. 3733This is the file system information file to use for jail 3734.Va jname . 3735.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3736.Pq Vt bool 3737Set to 3738.Dq Li NO 3739by default. 3740When set to 3741.Dq Li YES , 3742mount all file systems from 3743.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3744at jail startup. 3745.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3746.Pq Vt str 3747Unset by default. 3748When set, defines the device file system ruleset file to use for jail 3749.Va jname . 3750.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3751.Pq Vt bool 3752Set to 3753.Dq Li NO 3754by default. 3755When set to 3756.Dq Li YES , 3757mount the device file system inside jail 3758.Ar jname 3759at jail startup. 3760.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3761.Pq Vt bool 3762Set to 3763.Dq Li NO 3764by default. 3765When set to 3766.Dq Li YES , 3767mount the file-descriptor file system inside jail 3768.Ar jname 3769at jail startup. 3770.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 3771.Pq Vt bool 3772Set to 3773.Dq Li NO 3774by default. 3775When set to 3776.Dq Li YES , 3777mount the process file system inside jail 3778.Ar jname 3779at jail startup. 3780.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestart Ns Aq Ar N 3781.Pq Vt str 3782Unset by default. 3783This is the command run as 3784.Ar N Ns 3785th command 3786before jail startup, where 3787.Ar N 3788is 0, 1, and so on. 3789It is run outside the jail. 3790.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3791.Pq Vt str 3792Set to 3793.Dq Li /bin/sh /etc/rc 3794by default. 3795This is the command executed in a jail at jail startup. 3796.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3797.Pq Vt str 3798Unset by default. 3799This is the command run as 3800.Ar N Ns 3801th command 3802in a jail 3803after jail startup, where 3804.Ar N 3805is 1, 2, and so on. 3806.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststart Ns Aq Ar N 3807.Pq Vt str 3808Unset by default. 3809This is the command run as 3810.Ar N Ns 3811th command 3812after jail startup, where 3813.Ar N 3814is 0, 1, and so on. 3815It is run outside the jail. 3816.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestop Ns Aq Ar N 3817.Pq Vt str 3818Unset by default. 3819This is the command run as 3820.Ar N Ns 3821th command 3822before jail shutdown, where 3823.Ar N 3824is 0, 1, and so on. 3825It is run outside the jail. 3826.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3827.Pq Vt str 3828Set to 3829.Dq Li /bin/sh /etc/rc.shutdown 3830by default. 3831This is the command executed in a jail at jail shutdown. 3832.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststop Ns Aq Ar N 3833.Pq Vt str 3834Unset by default. 3835This is the command run as 3836.Ar N Ns 3837th command 3838after jail shutdown, where 3839.Ar N 3840is 0, 1, and so on. 3841It is run outside the jail. 3842.It Va jail_set_hostname_allow 3843.Pq Vt bool 3844If set to 3845.Dq Li NO , 3846do not allow the root user in a jail to set its hostname. 3847.It Va jail_socket_unixiproute_only 3848.Pq Vt bool 3849If set to 3850.Dq Li YES , 3851do not allow any sockets, 3852besides UNIX/IP/route sockets, 3853to be used within a jail. 3854.It Va jail_sysvipc_allow 3855.Pq Vt bool 3856If set to 3857.Dq Li YES , 3858allow applications within a jail to use System V IPC. 3859.\" ----------------------------------------------------- 3860.It Va harvest_interrupt 3861.Pq Vt bool 3862Set to 3863.Dq Li YES 3864to use hardware interrupts as an entropy source. 3865Refer to 3866.Xr random 4 3867for more information. 3868.It Va harvest_ethernet 3869.Pq Vt bool 3870Set to 3871.Dq Li YES 3872to use LAN traffic as an entropy source. 3873Refer to 3874.Xr random 4 3875for more information. 3876.It Va harvest_p_to_p 3877.Pq Vt bool 3878Set to 3879.Dq Li YES 3880to use serial line traffic as an entropy source. 3881Refer to 3882.Xr random 4 3883for more information. 3884.It Va entropy_dir 3885.Pq Vt str 3886Set to 3887.Dq Li NO 3888to disable caching entropy via 3889.Xr cron 8 . 3890Otherwise set to the directory used to store entropy files in. 3891.It Va entropy_file 3892.Pq Vt str 3893Set to 3894.Dq Li NO 3895to disable caching entropy through reboots. 3896Otherwise set to the filename used to store cached entropy through 3897reboots. 3898This file should be located on the root file system to seed the 3899.Xr random 4 3900device as early as possible in the boot process. 3901.It Va entropy_save_sz 3902.Pq Vt int 3903Size of the entropy cache files saved by 3904.Nm save-entropy 3905periodically. 3906.It Va entropy_save_num 3907.Pq Vt int 3908Number of entropy cache files to save by 3909.Nm save-entropy 3910periodically. 3911.It Va ipsec_enable 3912.Pq Vt bool 3913Set to 3914.Dq Li YES 3915to run 3916.Xr setkey 8 3917on 3918.Va ipsec_file 3919at boot time. 3920.It Va ipsec_file 3921.Pq Vt str 3922Configuration file for 3923.Xr setkey 8 . 3924.It Va dmesg_enable 3925.Pq Vt bool 3926Set to 3927.Dq Li YES 3928to save 3929.Xr dmesg 8 3930to 3931.Pa /var/run/dmesg.boot 3932on boot. 3933.It Va rcshutdown_timeout 3934.Pq Vt int 3935If set, start a watchdog timer in the background which will terminate 3936.Pa rc.shutdown 3937if 3938.Xr shutdown 8 3939has not completed within the specified time (in seconds). 3940Notice that in addition to this soft timeout, 3941.Xr init 8 3942also applies a hard timeout for the execution of 3943.Pa rc.shutdown . 3944This is configured via 3945.Xr sysctl 8 3946variable 3947.Va kern.init_shutdown_timeout 3948and defaults to 120 seconds. 3949Setting the value of 3950.Va rcshutdown_timeout 3951to more than 120 seconds will have no effect until the 3952.Xr sysctl 8 3953variable 3954.Va kern.init_shutdown_timeout 3955is also increased. 3956.It Va virecover_enable 3957.Pq Vt bool 3958Set to 3959.Dq Li NO 3960to prevent the system from trying to 3961recover pre-maturely terminated 3962.Xr vi 1 3963sessions. 3964.It Va ugidfw_enable 3965.Pq Vt bool 3966Set to 3967.Dq Li YES 3968to load the 3969.Xr mac_bsdextended 4 3970module upon system initialization and load a default 3971ruleset file. 3972.It Va bsdextended_script 3973.Pq Vt str 3974The default 3975.Xr mac_bsdextended 4 3976ruleset file to load. 3977The default value of this variable is 3978.Pa /etc/rc.bsdextended . 3979.It Va newsyslog_enable 3980.Pq Vt bool 3981If set to 3982.Dq Li YES , 3983run 3984.Xr newsyslog 8 3985command at startup. 3986.It Va newsyslog_flags 3987.Pq Vt str 3988If 3989.Va newsyslog_enable 3990is set to 3991.Dq Li YES , 3992these are the flags to pass to the 3993.Xr newsyslog 8 3994program. 3995The default is 3996.Dq Li -CN , 3997which causes log files flagged with a 3998.Cm C 3999to be created. 4000.It Va mdconfig_md Ns Aq Ar X 4001.Pq Vt str 4002Arguments to 4003.Xr mdconfig 8 4004for 4005.Xr md 4 4006device 4007.Ar X . 4008At minimum a 4009.Fl t Ar type 4010must be specified and either a 4011.Fl s Ar size 4012for malloc or swap backed 4013.Xr md 4 4014devices or a 4015.Fl f Ar file 4016for vnode backed 4017.Xr md 4 4018devices. 4019Note that 4020.Va mdconfig_md Ns Aq Ar X 4021variables are evaluated until one variable is unset or null. 4022.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _newfs 4023.Pq Vt str 4024Optional arguments passed to 4025.Xr newfs 8 4026to initialize 4027.Xr md 4 4028device 4029.Ar X . 4030.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _owner 4031.Pq Vt str 4032An ownership specification passed to 4033.Xr chown 8 4034after the specified 4035.Xr md 4 4036device 4037.Ar X 4038has been mounted. 4039Both the 4040.Xr md 4 4041device and the mount point will be changed. 4042.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _perms 4043.Pq Vt str 4044A mode string passed to 4045.Xr chmod 1 4046after the specified 4047.Xr md 4 4048device 4049.Ar X 4050has been mounted. 4051Both the 4052.Xr md 4 4053device and the mount point will be changed. 4054.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _files 4055.Pq Vt str 4056Files to be copied to the mount point of the 4057.Xr md 4 4058device 4059.Ar X 4060after it has been mounted. 4061.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _cmd 4062.Pq Vt str 4063Command to execute after the specified 4064.Xr md 4 4065device 4066.Ar X 4067has been mounted. 4068Note that the command is passed to 4069.Ic eval 4070and that both 4071.Va _dev 4072and 4073.Va _mp 4074variables can be used to reference respectively the 4075.Xr md 4 4076device and the mount point. 4077Assuming that the 4078.Xr md 4 4079device is 4080.Li md0 , 4081one could set the following: 4082.Bd -literal 4083mdconfig_md0_cmd="tar xfzC /var/file.tgz \e${_mp}" 4084.Ed 4085.It Va ramdisk_units 4086.Pq Vt str 4087A list of one or more ramdisk units to configure with 4088.Xr mdconfig 8 4089and 4090.Xr newfs 8 4091in time to be mounted from 4092.Xr fstab 5 . 4093Each listed unit 4094.Ar X 4095must specify at least a 4096.Ar type 4097in a 4098.Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 4099variable. 4100Note that this way to configure ramdisks has been deprecated 4101in favor of new 4102.Va mdconfig_md* 4103variables (see above). 4104.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 4105.Pq Vt str 4106Arguments to 4107.Xr mdconfig 8 4108for ramdisk 4109.Ar X . 4110At minimum a 4111.Fl t Ar type 4112must be specified, where 4113.Ar type 4114must be one of 4115.Cm malloc 4116or 4117.Cm swap . 4118.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _newfs 4119.Pq Vt str 4120Optional arguments passed to 4121.Xr newfs 8 4122to initialize ramdisk 4123.Ar X . 4124.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _owner 4125.Pq Vt str 4126An ownership specification passed to 4127.Xr chown 8 4128after the specified ramdisk unit 4129.Ar X 4130has been mounted. 4131Both the 4132.Xr md 4 4133device and the mount point will be changed. 4134.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _perms 4135.Pq Vt str 4136A mode string passed to 4137.Xr chmod 1 4138after the specified ramdisk unit 4139.Ar X 4140has been mounted. 4141Both the 4142.Xr md 4 4143device and the mount point will be changed. 4144.It Va autobridge_interfaces 4145.Pq Vt str 4146Set to the list of bridge interfaces that will have newly arriving interfaces 4147checked against to be automatically added. 4148If not set to 4149.Dq Li NO 4150then for each whitespace separated 4151.Ar element 4152in the value, a 4153.Va autobridge_ Ns Aq Ar element 4154variable is assumed to exist which has a whitespace separated list of interface 4155names to match, these names can use wildcards. 4156For example: 4157.Bd -literal 4158autobridge_interfaces="bridge0" 4159autobridge_bridge0="tap* dc0 vlan[345]" 4160.Ed 4161.It Va mixer_enable 4162.Pq Vt bool 4163If set to 4164.Dq Li YES , 4165enable support for sound mixer. 4166.It Va hcsecd_enable 4167.Pq Vt bool 4168If set to 4169.Dq Li YES , 4170enable Bluetooth security daemon. 4171.It Va hcsecd_config 4172.Pq Vt str 4173Configuration file for 4174.Xr hcsecd 8 . 4175Default 4176.Pa /etc/bluetooth/hcsecd.conf . 4177.It Va sdpd_enable 4178.Pq Vt bool 4179If set to 4180.Dq Li YES , 4181enable Bluetooth Service Discovery Protocol daemon. 4182.It Va sdpd_control 4183.Pq Vt str 4184Path to 4185.Xr sdpd 8 4186control socket. 4187Default 4188.Pa /var/run/sdp . 4189.It Va sdpd_groupname 4190.Pq Vt str 4191Sets 4192.Xr sdpd 8 4193group to run as after it initializes. 4194Default 4195.Dq Li nobody . 4196.It Va sdpd_username 4197.Pq Vt str 4198Sets 4199.Xr sdpd 8 4200user to run as after it initializes. 4201Default 4202.Dq Li nobody . 4203.It Va bthidd_enable 4204.Pq Vt bool 4205If set to 4206.Dq Li YES , 4207enable Bluetooth Human Interface Device daemon. 4208.It Va bthidd_config 4209.Pq Vt str 4210Configuration file for 4211.Xr bthidd 8 . 4212Default 4213.Pa /etc/bluetooth/bthidd.conf . 4214.It Va bthidd_hids 4215.Pq Vt str 4216Path to a file, where 4217.Xr bthidd 8 4218will store information about known HID devices. 4219Default 4220.Pa /var/db/bthidd.hids . 4221.It Va rfcomm_pppd_server_enable 4222.Pq Vt bool 4223If set to 4224.Dq Li YES , 4225enable Bluetooth RFCOMM PPP wrapper daemon. 4226.It Va rfcomm_pppd_server_profile 4227.Pq Vt str 4228The name of the profile to use from 4229.Pa /etc/ppp/ppp.conf . 4230Multiple profiles can be specified here. 4231Also used to specify per-profile overrides. 4232When the profile name contains any of the characters 4233.Dq Li .-/+ 4234they are translated to 4235.Dq Li _ 4236for the proposes of the override variable names. 4237.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _bdaddr 4238.Pq Vt str 4239Overrides local address to listen on. 4240By default 4241.Xr rfcomm_pppd 8 4242will listen on 4243.Dq Li ANY 4244address. 4245The address can be specified as BD_ADDR or name. 4246.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _channel 4247.Pq Vt str 4248Overrides local RFCOMM channel to listen on. 4249By default 4250.Xr rfcomm_pppd 8 4251will listen on RFCOMM channel 1. 4252Must set properly if multiple profiles used in the same time. 4253.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _register_sp 4254.Pq Vt bool 4255Tells 4256.Xr rfcomm_pppd 8 4257if it should register Serial Port service on the specified RFCOMM channel. 4258Default 4259.Dq Li NO . 4260.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _register_dun 4261.Pq Vt bool 4262Tells 4263.Xr rfcomm_pppd 8 4264if it should register Dial-Up Networking service on the specified 4265RFCOMM channel. 4266Default 4267.Dq Li NO . 4268.It Va ubthidhci_enable 4269.Pq Vt bool 4270If set to 4271.Dq Li YES , 4272change the USB Bluetooth controller from HID mode to HCI mode. 4273You also need to specify the location of USB Bluetooth controller with the 4274.Va ubthidhci_busnum 4275and 4276.Va ubthidhci_addr 4277variables. 4278.It Va ubthidhci_busnum 4279Bus number where the USB Bluetooth controller is located. 4280Check the output of 4281.Xr usbconfig 8 4282on your system to find this information. 4283.It Va ubthidhci_addr 4284Bus address of the USB Bluetooth controller. 4285Check the output of 4286.Xr usbconfig 8 4287on your system to find this information. 4288.El 4289.Sh FILES 4290.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 4291.It Pa /etc/defaults/rc.conf 4292.It Pa /etc/rc.conf 4293.It Pa /etc/rc.conf.local 4294.El 4295.Sh SEE ALSO 4296.Xr catman 1 , 4297.Xr chmod 1 , 4298.Xr gdb 1 , 4299.Xr info 1 , 4300.Xr kbdcontrol 1 , 4301.Xr makewhatis 1 , 4302.Xr sh 1 , 4303.Xr vi 1 , 4304.Xr vidcontrol 1 , 4305.Xr bridge 4 , 4306.Xr dummynet 4 , 4307.Xr ip 4 , 4308.Xr ipf 4 , 4309.Xr ipfw 4 , 4310.Xr ipnat 4 , 4311.Xr kld 4 , 4312.Xr pf 4 , 4313.Xr pflog 4 , 4314.Xr pfsync 4 , 4315.Xr tcp 4 , 4316.Xr udp 4 , 4317.Xr exports 5 , 4318.Xr fstab 5 , 4319.Xr ipf 5 , 4320.Xr ipnat 5 , 4321.Xr motd 5 , 4322.Xr newsyslog.conf 5 , 4323.Xr pf.conf 5 , 4324.Xr security 7 , 4325.Xr accton 8 , 4326.Xr amd 8 , 4327.Xr apm 8 , 4328.Xr atm 8 , 4329.Xr bthidd 8 , 4330.Xr chkprintcap 8 , 4331.Xr chown 8 , 4332.Xr cron 8 , 4333.Xr dhclient 8 , 4334.Xr ftpd 8 , 4335.Xr geli 8 , 4336.Xr hcsecd 8 , 4337.Xr ifconfig 8 , 4338.Xr inetd 8 , 4339.Xr ipf 8 , 4340.Xr ipfw 8 , 4341.Xr ipnat 8 , 4342.Xr jail 8 , 4343.Xr kldxref 8 , 4344.Xr lpd 8 , 4345.Xr mdconfig 8 , 4346.Xr mdmfs 8 , 4347.Xr mixer 8 , 4348.Xr mountd 8 , 4349.Xr moused 8 , 4350.Xr mrouted 8 , 4351.Xr named 8 , 4352.Xr newfs 8 , 4353.Xr newsyslog 8 , 4354.Xr nfsd 8 , 4355.Xr ntpd 8 , 4356.Xr ntpdate 8 , 4357.Xr pfctl 8 , 4358.Xr pflogd 8 , 4359.Xr powerd 8 , 4360.Xr quotacheck 8 , 4361.Xr quotaon 8 , 4362.Xr rc 8 , 4363.Xr rc.sendmail 8 , 4364.Xr rfcomm_pppd 8 , 4365.Xr route 8 , 4366.Xr routed 8 , 4367.Xr rpcbind 8 , 4368.Xr rpc.lockd 8 , 4369.Xr rpc.statd 8 , 4370.Xr rwhod 8 , 4371.Xr savecore 8 , 4372.Xr sdpd 8 , 4373.Xr sshd 8 , 4374.Xr swapon 8 , 4375.Xr sysctl 8 , 4376.Xr syslogd 8 , 4377.Xr timed 8 , 4378.Xr usbconfig 8 , 4379.Xr wlandebug 8 , 4380.Xr yp 8 , 4381.Xr ypbind 8 , 4382.Xr ypserv 8 , 4383.Xr ypset 8 4384.Sh HISTORY 4385The 4386.Nm 4387file appeared in 4388.Fx 2.2.2 . 4389.Sh AUTHORS 4390.An Jordan K. Hubbard . 4391