1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd January 7, 2011 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67In addition to 68.Pa /etc/rc.conf.local 69you can also place smaller configuration files for each 70.Xr rc 8 71script in the 72.Pa /etc/rc.conf.d 73directory, which will be included by the 74.Va load_rc_config 75function. 76For jail configurations you could use the file 77.Pa /etc/rc.conf.d/jail 78to store jail specific configuration options. 79Also see the 80.Va rc_conf_files 81variable below. 82.Pp 83Options are set with 84.Dq Ar name Ns Li = Ns Ar value 85assignments that use 86.Xr sh 1 87syntax. 88The following list provides a name and short description for each 89variable that can be set in the 90.Nm 91file: 92.Bl -tag -width indent-two 93.It Va rc_debug 94.Pq Vt bool 95If set to 96.Dq Li YES , 97enable output of debug messages from rc scripts. 98This variable can be helpful in diagnosing mistakes when 99editing or integrating new scripts. 100Beware that this produces copious output to the terminal and 101.Xr syslog 3 . 102.It Va rc_info 103.Pq Vt bool 104If set to 105.Dq Li NO , 106disable informational messages from the rc scripts. 107Informational messages are displayed when 108a condition that is not serious enough to warrant a warning or 109an error occurs. 110.It Va rc_startmsgs 111.Pq Vt bool 112If set to 113.Dq Li YES , 114show 115.Dq Starting foo: 116when faststart is used (e.g., at boot time). 117.It Va early_late_divider 118.Pq Vt str 119The name of the script that should be used as the 120delimiter between the 121.Dq early 122and 123.Dq late 124stages of the boot process. 125The early stage should contain all the services needed to 126get the disks (local or remote) mounted so that the late 127stage can include scripts contained in the directories 128listed in the 129.Va local_startup 130variable (see below). 131Thus, the two likely candidates for this value are 132.Pa mountcritlocal 133for the typical system, and 134.Pa mountcritremote 135if the system needs remote file 136systems mounted to get access to the 137.Va local_startup 138directories; for example when 139.Pa /usr/local 140is NFS mounted. 141For 142.Pa rc.conf 143within a 144.Xr jail 8 145.Pa NETWORKING 146is likely to be an appropriate value. 147Extreme care should be taken when changing this value, 148and before changing it one should ensure that there are 149adequate provisions to recover from a failed boot 150(such as physical contact with the machine, 151or reliable remote console access). 152.It Va swapfile 153.Pq Vt str 154If set to 155.Dq Li NO , 156no swapfile is installed, otherwise the value is used as the full 157pathname to a file to use for additional swap space. 158.It Va apm_enable 159.Pq Vt bool 160If set to 161.Dq Li YES , 162enable support for Automatic Power Management with 163the 164.Xr apm 8 165command. 166.It Va apmd_enable 167.Pq Vt bool 168Run 169.Xr apmd 8 170to handle APM event from userland. 171This also enables support for APM. 172.It Va apmd_flags 173.Pq Vt str 174If 175.Va apmd_enable 176is set to 177.Dq Li YES , 178these are the flags to pass to the 179.Xr apmd 8 180daemon. 181.It Va devd_enable 182.Pq Vt bool 183Run 184.Xr devd 8 185to handle device added, removed or unknown events from the kernel. 186.It Va ddb_enable 187.Pq Vt bool 188Run 189.Xr ddb 8 190to install 191.Xr ddb 4 192scripts at boot time. 193.It Va ddb_config 194.Pq Vt str 195Configuration file for 196.Xr ddb 8 . 197Default 198.Pa /etc/ddb.conf . 199.It Va kldxref_enable 200.Pq Vt bool 201Set to 202.Dq Li NO 203by default. 204Set to 205.Dq Li YES 206to automatically rebuild 207.Pa linker.hints 208files with 209.Xr kldxref 8 210at boot time. 211.It Va kldxref_clobber 212.Pq Vt bool 213Set to 214.Dq Li NO 215by default. 216If 217.Va kldxref_enable 218is true, 219setting to 220.Dq Li YES 221will overwrite existing 222.Pa linker.hints 223files at boot time. 224Otherwise, 225only missing 226.Pa linker.hints 227files are generated. 228.It Va kldxref_module_path 229.Pq Vt str 230Empty by default. 231A semi-colon 232.Pq Ql \&; 233delimited list of paths containing 234.Xr kld 4 235modules. 236If empty, 237the contents of the 238.Va kern.module_path 239.Xr sysctl 8 240are used. 241.It Va powerd_enable 242.Pq Vt bool 243If set to 244.Dq Li YES , 245enable the system power control facility with the 246.Xr powerd 8 247daemon. 248.It Va powerd_flags 249.Pq Vt str 250If 251.Va powerd_enable 252is set to 253.Dq Li YES , 254these are the flags to pass to the 255.Xr powerd 8 256daemon. 257.It Va tmpmfs 258Controls the creation of a 259.Pa /tmp 260memory file system. 261Always happens if set to 262.Dq Li YES 263and never happens if set to 264.Dq Li NO . 265If set to anything else, a memory file system is created if 266.Pa /tmp 267is not writable. 268.It Va tmpsize 269Controls the size of a created 270.Pa /tmp 271memory file system. 272.It Va tmpmfs_flags 273Extra options passed to the 274.Xr mdmfs 8 275utility when the memory file system for 276.Pa /tmp 277is created. 278The default is 279.Dq Li "-S" , 280which inhibits the use of softupdates on 281.Pa /tmp 282so that file system space is freed without delay 283after file truncation or deletion. 284See 285.Xr mdmfs 8 286for other options you can use in 287.Va tmpmfs_flags . 288.It Va varmfs 289Controls the creation of a 290.Pa /var 291memory file system. 292Always happens if set to 293.Dq Li YES 294and never happens if set to 295.Dq Li NO . 296If set to anything else, a memory file system is created if 297.Pa /var 298is not writable. 299.It Va varsize 300Controls the size of a created 301.Pa /var 302memory file system. 303.It Va varmfs_flags 304Extra options passed to the 305.Xr mdmfs 8 306utility when the memory file system for 307.Pa /var 308is created. 309The default is 310.Dq Li "-S" , 311which inhibits the use of softupdates on 312.Pa /var 313so that file system space is freed without delay 314after file truncation or deletion. 315See 316.Xr mdmfs 8 317for other options you can use in 318.Va varmfs_flags . 319.It Va populate_var 320Controls the automatic population of the 321.Pa /var 322file system. 323Always happens if set to 324.Dq Li YES 325and never happens if set to 326.Dq Li NO . 327If set to anything else, a memory file system is created if 328.Pa /var 329is not writable. 330Note that this process requires access to certain commands in 331.Pa /usr 332before 333.Pa /usr 334is mounted on normal systems. 335.It Va cleanvar_enable 336.Pq Vt bool 337Clean the 338.Pa /var 339directory. 340.It Va local_startup 341.Pq Vt str 342List of directories to search for startup script files. 343.It Va script_name_sep 344.Pq Vt str 345The field separator to use for breaking down the list of startup script files 346into individual filenames. 347The default is a space. 348It is not necessary to change this unless there are startup scripts with names 349containing spaces. 350.It Va hostapd_enable 351.Pq Vt bool 352Set to 353.Dq Li YES 354to start 355.Xr hostapd 8 356at system boot time. 357.It Va hostname 358.Pq Vt str 359The fully qualified domain name (FQDN) of this host on the network. 360This should almost certainly be set to something meaningful, even if 361there is no network connection. 362If 363.Xr dhclient 8 364is used to set the hostname via DHCP, 365this variable should be set to an empty string. 366If this value remains unset when the system is done booting 367your console login will display the default hostname of 368.Dq Amnesiac. 369.It Va nisdomainname 370.Pq Vt str 371The NIS domain name of this host, or 372.Dq Li NO 373if NIS is not used. 374.It Va dhclient_program 375.Pq Vt str 376Path to the DHCP client program 377.Pa ( /sbin/dhclient , 378the 379.Ox 380DHCP client, 381is the default). 382.It Va dhclient_flags 383.Pq Vt str 384Additional flags to pass to the DHCP client program. 385For the 386.Ox 387DHCP client, see the 388.Xr dhclient 8 389manpage for a description of the command line options available. 390.It Va dhclient_flags_ Ns Aq Ar iface 391Additional flags to pass to the DHCP client program running on 392.Ar iface 393only. 394When specified, this variable overrides 395.Va dhclient_flags . 396.It Va background_dhclient 397.Pq Vt bool 398Set to 399.Dq Li YES 400to start the DHCP client in background. 401This can cause trouble with applications depending on 402a working network, but it will provide a faster startup 403in many cases. 404.It Va background_dhclient_ Ns Aq Ar iface 405When specified, this variable overrides the 406.Va background_dhclient 407variable for interface 408.Ar iface 409only. 410.It Va synchronous_dhclient 411.Pq Vt bool 412Set to 413.Dq Li YES 414to start 415.Xr dhclient 8 416synchronously at startup. 417This behavior can be overridden on a per-interface basis by replacing 418the 419.Dq Li DHCP 420keyword in the 421.Va ifconfig_ Ns Aq Ar interface 422variable with 423.Dq Li SYNCDHCP 424or 425.Dq Li NOSYNCDHCP . 426.It Va defaultroute_delay 427.Pq Vt int 428When set to a positive value, wait up to this long after configuring 429DHCP interfaces at startup to give the interfaces time to receive a lease. 430.It Va firewall_enable 431.Pq Vt bool 432Set to 433.Dq Li YES 434to load firewall rules at startup. 435If the kernel was not built with 436.Cd "options IPFIREWALL" , 437the 438.Pa ipfw.ko 439kernel module will be loaded. 440See also 441.Va ipfilter_enable . 442.It Va firewall_script 443.Pq Vt str 444This variable specifies the full path to the firewall script to run. 445The default is 446.Pa /etc/rc.firewall . 447.It Va firewall_type 448.Pq Vt str 449Names the firewall type from the selection in 450.Pa /etc/rc.firewall , 451or the file which contains the local firewall ruleset. 452Valid selections from 453.Pa /etc/rc.firewall 454are: 455.Pp 456.Bl -tag -width ".Li simple" -compact 457.It Li open 458unrestricted IP access 459.It Li closed 460all IP services disabled, except via 461.Dq Li lo0 462.It Li client 463basic protection for a workstation 464.It Li simple 465basic protection for a LAN. 466.El 467.Pp 468If a filename is specified, the full path 469must be given. 470.It Va firewall_quiet 471.Pq Vt bool 472Set to 473.Dq Li YES 474to disable the display of firewall rules on the console during boot. 475.It Va firewall_logging 476.Pq Vt bool 477Set to 478.Dq Li YES 479to enable firewall event logging. 480This is equivalent to the 481.Dv IPFIREWALL_VERBOSE 482kernel option. 483.It Va firewall_flags 484.Pq Vt str 485Flags passed to 486.Xr ipfw 8 487if 488.Va firewall_type 489specifies a filename. 490.It Va firewall_coscripts 491.Pq Vt str 492List of executables and/or rc scripts to run after firewall starts/stops. 493Default is empty. 494.\" ----- firewall_nat_enable setting -------------------------------- 495.It Va firewall_nat_enable 496.Pq Vt bool 497The 498.Xr ipfw 8 499equivalent of 500.Va natd_enable . 501Setting this to 502.Dq Li YES 503enables kernel NAT. 504.Va firewall_enable 505must also be set to 506.Dq Li YES . 507.It Va firewall_nat_interface 508.Pq Vt str 509The 510.Xr ipfw 8 511equivalent of 512.Va natd_interface . 513This is the name of the public interface or IP address on which 514kernel NAT should run. 515.It Va firewall_nat_flags 516.Pq Vt str 517Additional configuration parameters for kernel NAT should be placed here. 518.It Va dummynet_enable 519.Pq Vt bool 520Setting this to 521.Dq Li YES 522will automatically load the 523.Xr dummynet 4 524module if 525.Va firewall_enable 526is also set to 527.Dq Li YES . 528.\" ------------------------------------------------------------------- 529.It Va natd_program 530.Pq Vt str 531Path to 532.Xr natd 8 . 533.It Va natd_enable 534.Pq Vt bool 535Set to 536.Dq Li YES 537to enable 538.Xr natd 8 . 539.Va firewall_enable 540must also be set to 541.Dq Li YES , 542and 543.Xr divert 4 544sockets must be enabled in the kernel. 545If the kernel was not built with 546.Cd "options IPDIVERT" , 547the 548.Pa ipdivert.ko 549kernel module will be loaded. 550.It Va natd_interface 551.Pq Vt str 552This is the name of the public interface on which 553.Xr natd 8 554should run. 555The interface may be given as an interface name or as an IP address. 556.It Va natd_flags 557.Pq Vt str 558Additional 559.Xr natd 8 560flags should be placed here. 561The 562.Fl n 563or 564.Fl a 565flag is automatically added with the above 566.Va natd_interface 567as an argument. 568.\" ----- ipfilter_enable setting -------------------------------- 569.It Va ipfilter_enable 570.Pq Vt bool 571Set to 572.Dq Li NO 573by default. 574Setting this to 575.Dq Li YES 576enables 577.Xr ipf 8 578packet filtering. 579.Pp 580Typical usage will require putting 581.Bd -literal 582ipfilter_enable="YES" 583ipnat_enable="YES" 584ipmon_enable="YES" 585ipfs_enable="YES" 586.Ed 587.Pp 588into 589.Pa /etc/rc.conf 590and editing 591.Pa /etc/ipf.rules 592and 593.Pa /etc/ipnat.rules 594appropriately. 595.Pp 596Note that 597.Va ipfilter_enable 598and 599.Va ipnat_enable 600can be enabled independently. 601.Va ipmon_enable 602and 603.Va ipfs_enable 604both require at least one of 605.Va ipfilter_enable 606and 607.Va ipnat_enable 608to be enabled. 609.Pp 610Having 611.Bd -literal 612options IPFILTER 613options IPFILTER_LOG 614options IPFILTER_DEFAULT_BLOCK 615.Ed 616.Pp 617in the kernel configuration file is a good idea, too. 618.\" ----- ipfilter_program setting ------------------------------ 619.It Va ipfilter_program 620.Pq Vt str 621Path to 622.Xr ipf 8 623(default 624.Pa /sbin/ipf ) . 625.\" ----- ipfilter_rules setting -------------------------------- 626.It Va ipfilter_rules 627.Pq Vt str 628Set to 629.Pa /etc/ipf.rules 630by default. 631This variable contains the name of the filter rule definition file. 632The file is expected to be readable for the 633.Xr ipf 8 634command to execute. 635.\" ----- ipv6_ipfilter_rules setting --------------------------- 636.It Va ipv6_ipfilter_rules 637.Pq Vt str 638Set to 639.Pa /etc/ipf6.rules 640by default. 641This variable contains the IPv6 filter rule definition file. 642The file is expected to be readable for the 643.Xr ipf 8 644command to execute. 645.\" ----- ipfilter_flags setting -------------------------------- 646.It Va ipfilter_flags 647.Pq Vt str 648Empty by default. 649This variable contains flags passed to the 650.Xr ipf 8 651program. 652.\" ----- ipnat_enable setting ---------------------------------- 653.It Va ipnat_enable 654.Pq Vt bool 655Set to 656.Dq Li NO 657by default. 658Set it to 659.Dq Li YES 660to enable 661.Xr ipnat 8 662network address translation. 663See 664.Va ipfilter_enable 665for a detailed discussion. 666.\" ----- ipnat_program setting --------------------------------- 667.It Va ipnat_program 668.Pq Vt str 669Path to 670.Xr ipnat 8 671(default 672.Pa /sbin/ipnat ) . 673.\" ----- ipnat_rules setting ----------------------------------- 674.It Va ipnat_rules 675.Pq Vt str 676Set to 677.Pa /etc/ipnat.rules 678by default. 679This variable contains the name of the file 680holding the network address translation definition. 681This file is expected to be readable for the 682.Xr ipnat 8 683command to execute. 684.\" ----- ipnat_flags setting ----------------------------------- 685.It Va ipnat_flags 686.Pq Vt str 687Empty by default. 688This variable contains flags passed to the 689.Xr ipnat 8 690program. 691.\" ----- ipmon_enable setting ---------------------------------- 692.It Va ipmon_enable 693.Pq Vt bool 694Set to 695.Dq Li NO 696by default. 697Set it to 698.Dq Li YES 699to enable 700.Xr ipmon 8 701monitoring (logging 702.Xr ipf 8 703and 704.Xr ipnat 8 705events). 706Setting this variable needs setting 707.Va ipfilter_enable 708or 709.Va ipnat_enable 710too. 711See 712.Va ipfilter_enable 713for a detailed discussion. 714.\" ----- ipmon_program setting --------------------------------- 715.It Va ipmon_program 716.Pq Vt str 717Path to 718.Xr ipmon 8 719(default 720.Pa /sbin/ipmon ) . 721.\" ----- ipmon_flags setting ----------------------------------- 722.It Va ipmon_flags 723.Pq Vt str 724Set to 725.Dq Li -Ds 726by default. 727This variable contains flags passed to the 728.Xr ipmon 8 729program. 730Another typical example would be 731.Dq Fl D Pa /var/log/ipflog 732to have 733.Xr ipmon 8 734log directly to a file bypassing 735.Xr syslogd 8 . 736Make sure to adjust 737.Pa /etc/newsyslog.conf 738in such case like this: 739.Bd -literal 740/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 741.Ed 742.\" ----- ipfs_enable setting ----------------------------------- 743.It Va ipfs_enable 744.Pq Vt bool 745Set to 746.Dq Li NO 747by default. 748Set it to 749.Dq Li YES 750to enable 751.Xr ipfs 8 752saving the filter and NAT state tables during shutdown 753and reloading them during startup again. 754Setting this variable needs setting 755.Va ipfilter_enable 756or 757.Va ipnat_enable 758to 759.Dq Li YES 760too. 761See 762.Va ipfilter_enable 763for a detailed discussion. 764Note that if 765.Va kern_securelevel 766is set to 3, 767.Va ipfs_enable 768cannot be used 769because the raised securelevel will prevent 770.Xr ipfs 8 771from saving the state tables at shutdown time. 772.\" ----- ipfs_program setting ---------------------------------- 773.It Va ipfs_program 774.Pq Vt str 775Path to 776.Xr ipfs 8 777(default 778.Pa /sbin/ipfs ) . 779.\" ----- ipfs_flags setting ------------------------------------ 780.It Va ipfs_flags 781.Pq Vt str 782Empty by default. 783This variable contains flags passed to the 784.Xr ipfs 8 785program. 786.\" ----- end of added ipf hook --------------------------------- 787.It Va pf_enable 788.Pq Vt bool 789Set to 790.Dq Li NO 791by default. 792Setting this to 793.Dq Li YES 794enables 795.Xr pf 4 796packet filtering. 797.Pp 798Typical usage will require putting 799.Pp 800.Dl pf_enable="YES" 801.Pp 802into 803.Pa /etc/rc.conf 804and editing 805.Pa /etc/pf.conf 806appropriately. 807Adding 808.Pp 809.Dl "device pf" 810.Pp 811builds support for 812.Xr pf 4 813into the kernel, otherwise the 814kernel module will be loaded. 815.It Va pf_rules 816.Pq Vt str 817Path to 818.Xr pf 4 819ruleset configuration file 820(default 821.Pa /etc/pf.conf ) . 822.It Va pf_program 823.Pq Vt str 824Path to 825.Xr pfctl 8 826(default 827.Pa /sbin/pfctl ) . 828.It Va pf_flags 829.Pq Vt str 830If 831.Va pf_enable 832is set to 833.Dq Li YES , 834these flags are passed to the 835.Xr pfctl 8 836program when loading the ruleset. 837.It Va pflog_enable 838.Pq Vt bool 839Set to 840.Dq Li NO 841by default. 842Setting this to 843.Dq Li YES 844enables 845.Xr pflogd 8 846which logs packets from the 847.Xr pf 4 848packet filter. 849.It Va pflog_logfile 850.Pq Vt str 851If 852.Va pflog_enable 853is set to 854.Dq Li YES 855this controls where 856.Xr pflogd 8 857stores the logfile 858(default 859.Pa /var/log/pflog ) . 860Check 861.Pa /etc/newsyslog.conf 862to adjust logfile rotation for this. 863.It Va pflog_program 864.Pq Vt str 865Path to 866.Xr pflogd 8 867(default 868.Pa /sbin/pflogd ) . 869.It Va pflog_flags 870.Pq Vt str 871Empty by default. 872This variable contains additional flags passed to the 873.Xr pflogd 8 874program. 875.It Va ftpproxy_enable 876.Pq Vt bool 877Set to 878.Dq Li NO 879by default. 880Setting this to 881.Dq Li YES 882enables 883.Xr ftp-proxy 8 884which supports the 885.Xr pf 4 886packet filter in translating ftp connections. 887.It Va ftpproxy_flags 888.Pq Vt str 889Empty by default. 890This variable contains additional flags passed to the 891.Xr ftp-proxy 8 892program. 893.It Va pfsync_enable 894.Pq Vt bool 895Set to 896.Dq Li NO 897by default. 898Setting this to 899.Dq Li YES 900enables exposing 901.Xr pf 4 902state changes to other hosts over the network by means of 903.Xr pfsync 4 . 904The 905.Va pfsync_syncdev 906variable 907must also be set then. 908.It Va pfsync_syncdev 909.Pq Vt str 910Empty by default. 911This variable specifies the name of the network interface 912.Xr pfsync 4 913should operate through. 914It must be set accordingly if 915.Va pfsync_enable 916is set to 917.Dq Li YES . 918.It Va pfsync_syncpeer 919.Pq Vt str 920Empty by default. 921This variable is optional. 922By default, state change messages are sent out on the synchronisation 923interface using IP multicast packets. 924The protocol is IP protocol 240, PFSYNC, and the multicast group used is 925224.0.0.240. 926When a peer address is specified using the 927.Va pfsync_syncpeer 928option, the peer address is used as a destination for the pfsync 929traffic, and the traffic can then be protected using 930.Xr ipsec 4 . 931See the 932.Xr pfsync 4 933manpage for more details about using 934.Xr ipsec 4 935with 936.Xr pfsync 4 937interfaces. 938.It Va pfsync_ifconfig 939.Pq Vt str 940Empty by default. 941This variable can contain additional options to be passed to the 942.Xr ifconfig 8 943command used to set up 944.Xr pfsync 4 . 945.It Va tcp_extensions 946.Pq Vt bool 947Set to 948.Dq Li YES 949by default. 950Setting this to 951.Dq Li NO 952disables certain TCP options as described by 953.Rs 954.%T "RFC 1323" 955.Re 956Setting this to 957.Dq Li NO 958might help remedy such problems with connections as randomly hanging 959or other weird behavior. 960Some network devices are known 961to be broken with respect to these options. 962.It Va log_in_vain 963.Pq Vt int 964Set to 0 by default. 965The 966.Xr sysctl 8 967variables, 968.Va net.inet.tcp.log_in_vain 969and 970.Va net.inet.udp.log_in_vain , 971as described in 972.Xr tcp 4 973and 974.Xr udp 4 , 975are set to the given value. 976.It Va tcp_keepalive 977.Pq Vt bool 978Set to 979.Dq Li YES 980by default. 981Setting to 982.Dq Li NO 983will disable probing idle TCP connections to verify that the 984peer is still up and reachable. 985.It Va tcp_drop_synfin 986.Pq Vt bool 987Set to 988.Dq Li NO 989by default. 990Setting to 991.Dq Li YES 992will cause the kernel to ignore TCP frames that have both 993the SYN and FIN flags set. 994This prevents OS fingerprinting, but may 995break some legitimate applications. 996.It Va icmp_drop_redirect 997.Pq Vt bool 998Set to 999.Dq Li NO 1000by default. 1001Setting to 1002.Dq Li YES 1003will cause the kernel to ignore ICMP REDIRECT packets. 1004Refer to 1005.Xr icmp 4 1006for more information. 1007.It Va icmp_log_redirect 1008.Pq Vt bool 1009Set to 1010.Dq Li NO 1011by default. 1012Setting to 1013.Dq Li YES 1014will cause the kernel to log ICMP REDIRECT packets. 1015Note that 1016the log messages are not rate-limited, so this option should only be used 1017for troubleshooting networks. 1018Refer to 1019.Xr icmp 4 1020for more information. 1021.It Va icmp_bmcastecho 1022.Pq Vt bool 1023Set to 1024.Dq Li YES 1025to respond to broadcast or multicast ICMP ping packets. 1026Refer to 1027.Xr icmp 4 1028for more information. 1029.It Va ip_portrange_first 1030.Pq Vt int 1031If not set to 1032.Dq Li NO , 1033this is the first port in the default portrange. 1034Refer to 1035.Xr ip 4 1036for more information. 1037.It Va ip_portrange_last 1038.Pq Vt int 1039If not set to 1040.Dq Li NO , 1041this is the last port in the default portrange. 1042Refer to 1043.Xr ip 4 1044for more information. 1045.It Va network_interfaces 1046.Pq Vt str 1047Set to the list of network interfaces to configure on this host or 1048.Dq Li AUTO 1049(the default) for all current interfaces. 1050Setting the 1051.Va network_interfaces 1052variable to anything other than the default is deprecated. 1053Interfaces that the administrator wishes to store configuration for, 1054but not start at boot should be configured with the 1055.Dq Li NOAUTO 1056keyword in their 1057.Va ifconfig_ Ns Aq Ar interface 1058variables as described below. 1059.Pp 1060An 1061.Va ifconfig_ Ns Aq Ar interface 1062variable is also assumed to exist for each value of 1063.Ar interface . 1064When an interface name contains any of the characters 1065.Dq Li .-/+ 1066they are translated to 1067.Dq Li _ 1068before lookup. 1069The variable can contain arguments to 1070.Xr ifconfig 8 , 1071as well as special case-insensitive keywords described below. 1072Such keywords are removed before passing the value to 1073.Xr ifconfig 8 1074while the order of the other arguments is preserved. 1075.Pp 1076One can configure more than one IPv4 address with the 1077.Va ipv4_addrs_ Ns Aq Ar interface 1078variable. 1079One or more IP addresses must be provided in Classless Inter-Domain 1080Routing (CIDR) address notation, whose last byte can be a range like 1081192.0.2.5-23/24. 1082In this case the address 192.0.2.5 will be configured with the 1083netmask /24 and the addresses 192.0.2.6 to 192.0.2.23 with 1084the non-conflicting netmask /32 as explained in the 1085.Xr ifconfig 8 1086alias section. 1087With the interface in question being 1088.Li ed0 , 1089an example could look like: 1090.Bd -literal 1091ipv4_addrs_ed0="192.0.2.129/27 192.0.2.1-5/28" 1092.Ed 1093.Pp 1094It is also possible to add IP alias entries using 1095.Xr ifconfig 8 1096syntax. 1097Assuming that the interface in question was 1098.Li ed0 , 1099it might look 1100something like this: 1101.Bd -literal 1102ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 1103ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 1104.Ed 1105.Pp 1106And so on. 1107For each 1108.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1109entry that is found, 1110its contents are passed to 1111.Xr ifconfig 8 . 1112Execution stops at the first unsuccessful access, so if 1113something like this is present: 1114.Bd -literal 1115ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 1116ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 1117ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 1118ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 1119.Ed 1120.Pp 1121Then note that alias4 would 1122.Em not 1123be added since the search would 1124stop with the missing 1125.Dq Li alias3 1126entry. 1127Due to this difficult to manage behavior, the 1128.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1129form is deprecated. 1130.Pp 1131If the 1132.Pa /etc/start_if. Ns Aq Ar interface 1133file is present, it is read and executed by the 1134.Xr sh 1 1135interpreter 1136before configuring the interface as specified in the 1137.Va ifconfig_ Ns Aq Ar interface 1138and 1139.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1140variables. 1141.Pp 1142If a 1143.Va vlans_ Ns Aq Ar interface 1144variable is set, 1145a 1146.Xr vlan 4 1147interface will be created for each item in the list with the 1148.Ar vlandev 1149argument set to 1150.Ar interface . 1151If a vlan interface's name is a number, 1152then that number is used as the vlan tag and the new vlan interface is 1153named 1154.Ar interface . Ns Ar tag . 1155Otherwise, 1156the vlan tag must be specified via a 1157.Va vlan 1158parameter in the 1159.Va create_args_ Ns Aq Ar interface 1160variable. 1161.Pp 1162To create a vlan device named 1163.Li em0.101 1164on 1165.Li em0 1166with the vlan tag 101 and the optional the IPv4 address 192.0.2.1/24: 1167.Bd -literal 1168vlans_em0="101" 1169ifconfig_em0_101="inet 192.0.2.1/24" 1170.Ed 1171.Pp 1172To create a vlan device named 1173.Li myvlan 1174on 1175.Li em0 1176with the vlan tag 102: 1177.Bd -literal 1178vlans_em0="myvlan" 1179create_args_myvlan="vlan 102" 1180.Ed 1181.Pp 1182If a 1183.Va wlans_ Ns Aq Ar interface 1184variable is set, 1185an 1186.Xr wlan 4 1187interface will be created for each item in the list with the 1188.Ar wlandev 1189argument set to 1190.Ar interface . 1191Further wlan cloning arguments may be passed to the 1192.Xr ifconfig 8 1193.Cm create 1194command by setting the 1195.Va create_args_ Ns Aq Ar interface 1196variable. 1197One or more 1198.Xr wlan 4 1199devices must be created for each wireless devices as of 1200.Fx 8.0 . 1201Debugging flags for 1202.Xr wlan 4 1203devices as set by 1204.Xr wlandebug 8 1205may be specified with an 1206.Va wlandebug_ Ns Aq Ar interface 1207variable. 1208The contents of this variable will be passed directly to 1209.Xr wlandebug 8 . 1210.Pp 1211If the 1212.Va ifconfig_ Ns Aq Ar interface 1213contains the keyword 1214.Dq Li NOAUTO 1215then the interface will not be configured 1216at boot or by 1217.Pa /etc/pccard_ether 1218when 1219.Va network_interfaces 1220is set to 1221.Dq Li AUTO . 1222.Pp 1223It is possible to bring up an interface with DHCP by adding 1224.Dq Li DHCP 1225to the 1226.Va ifconfig_ Ns Aq Ar interface 1227variable. 1228For instance, to initialize the 1229.Li ed0 1230device via DHCP, 1231it is possible to use something like: 1232.Bd -literal 1233ifconfig_ed0="DHCP" 1234.Ed 1235.Pp 1236Also, if you want to configure your wireless interface with 1237.Xr wpa_supplicant 8 1238for use with WPA, EAP/LEAP or WEP, you need to add 1239.Dq Li WPA 1240to the 1241.Va ifconfig_ Ns Aq Ar interface 1242variable. 1243.Pp 1244Finally, you can add 1245.Xr ifconfig 8 1246options in this variable, in addition to the 1247.Pa /etc/start_if. Ns Aq Ar interface 1248file. 1249For instance, to configure an 1250.Xr ath 4 1251wireless device in station mode with an address obtained 1252via DHCP, using WPA authentication and 802.11b mode, it is 1253possible to use something like: 1254.Bd -literal 1255wlans_ath0="wlan0" 1256ifconfig_wlan0="DHCP WPA mode 11b" 1257.Ed 1258.Pp 1259In addition to the 1260.Va ifconfig_ Ns Aq Ar interface 1261form, a fallback variable 1262.Va ifconfig_DEFAULT 1263may be configured. 1264It will be used for all interfaces with no 1265.Va ifconfig_ Ns Aq Ar interface 1266variable. 1267This is intended to replace the no longer supported 1268.Va pccard_ifconfig 1269variable. 1270.Pp 1271It is also possible to rename an interface by doing: 1272.Bd -literal 1273ifconfig_ed0_name="net0" 1274ifconfig_net0="inet 192.0.2.1 netmask 0xffffff00" 1275.Ed 1276.It Va ipv6_enable 1277.Pq Vt bool 1278If the variable is 1279.Dq Li YES , 1280.Dq Li inet6 accept_rtadv 1281is added to all of 1282.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1283and the 1284.Va ipv6_activate_all_interfaces 1285is defined as 1286.Dq Li YES . 1287.Pp 1288This variable is deprecated. Use 1289.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1290and 1291.Va ipv6_activate_all_interfaces 1292if necessary. 1293.It Va ipv6_prefer 1294.Pq Vt bool 1295If the variable is 1296.Dq Li YES , 1297the default address selection policy table set by 1298.Xr ip6addrctl 8 1299will be IPv6-preferred. 1300.Pp 1301If the variable is 1302.Dq Li NO , 1303the default address selection policy table set by 1304.Xr ip6addrctl 8 1305will be IPv4-preferred. 1306.Pp 1307This variable is deprecated. Use 1308.Va ip6addrctl_policy 1309instead. 1310.It Va ipv6_activate_all_interfaces 1311If the variable is 1312.Dq Li NO , 1313all of interfaces which do not have the corrsponding 1314.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1315variable will be marked as 1316.Dq Li IFDISABLED 1317for security reason. This means only IPv6 functionality on that interface 1318is completely disabled. For more details of 1319.Dq Li IFDISABLED 1320flag and keywords 1321.Dq Li inet6 ifdisabled , 1322see 1323.Xr ifconfig 8 . 1324.Pp 1325Default is 1326.Dq Li NO . 1327.It Va ipv6_privacy 1328.Pq Vt bool 1329If the variable is 1330.Dq Li YES 1331privacy addresses will be generated for each IPv6 1332interface as described in RFC 4193. 1333.It Va ipv6_network_interfaces 1334.Pq Vt str 1335This is the IPv6 equivalent of 1336.Va network_interfaces . 1337Normally manual configuration of this variable is not needed. 1338.Pp 1339.It Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1340.Pq Vt str 1341IPv6 functionality on an interface should be configured by 1342.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 , 1343instead of setting ifconfig parameters in 1344.Va ifconfig_ Ns Aq Ar interface . 1345Aliases should be set by 1346.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1347with 1348.Dq Li inet6 1349keyword. For example: 1350.Bd -literal 1351ifconfig_ed0_ipv6="inet6 2001:db8:1::1 prefixlen 64" 1352ifconfig_ed0_alias0="inet6 2001:db8:2::1 prefixlen 64" 1353.Ed 1354.Pp 1355Interfaces that have an 1356.Dq Li inet6 accept_rtadv 1357keyword in 1358.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1359setting will be automatically configured by 1360.Xr rtsol 8 . 1361Note that this automatic configuration is disabled if the 1362.Va ipv6_gateway_enable 1363is set to 1364.Dq Li YES . 1365.It Va ipv6_prefix_ Ns Aq Ar interface 1366.Pq Vt str 1367If one or more prefixes are defined in 1368.Va ipv6_prefix_ Ns Aq Ar interface 1369addresses based on each prefix and the EUI-64 interface index will be 1370configured on that interface. 1371.It Va ipv6_default_interface 1372.Pq Vt str 1373If not set to 1374.Dq Li NO , 1375this is the default output interface for scoped addresses. 1376This works only with ipv6_gateway_enable="NO". 1377.It Va ip6addrctl_enable 1378.Pq Vt bool 1379This variable is to enable configuring default address selection policy table 1380.Pq RFC 3484 . 1381The table can be specified in another variable 1382.Va ip6addrctl_policy . 1383For 1384.Va ip6addrctl_policy 1385the following keywords can be specified: 1386.Dq Li ipv4_prefer , 1387.Dq Li ipv6_prefer , 1388or 1389.Dq Li AUTO . 1390.Pp 1391If 1392.Dq Li ipv4_prefer 1393or 1394.Dq Li ipv6_prefer 1395is specified, 1396.Xr ip6addrctl 8 1397installs a pre-defined policy table described in Section 2.1 1398.Pq IPv6-preferred 1399or 10.3 1400.Pq IPv4-preferred 1401of RFC 3484. 1402.Pp 1403If 1404.Dq Li AUTO 1405is specified, it attempts to read a file 1406.Pa /etc/ip6addrctl.conf 1407first. If this file is found, 1408.Xr ip6addrctl 8 1409reads and installs it. If not found, a policy is automatically set 1410according to 1411.Va ipv6_activate_all_interfaces 1412variable; if the variable is set to 1413.Dq Li YES 1414the IPv6-preferred one is used. Otherwise IPv4-preferred. 1415.Pp 1416The default value of 1417.Va ip6addrctl_enable 1418and 1419.Va ip6addrctl_policy 1420are 1421.Dq Li YES 1422and 1423.Dq Li AUTO , 1424respectively. 1425.It Va cloned_interfaces 1426.Pq Vt str 1427Set to the list of clonable network interfaces to create on this host. 1428Further cloning arguments may be passed to the 1429.Xr ifconfig 8 1430.Cm create 1431command for each interface by setting the 1432.Va create_args_ Ns Aq Ar interface 1433variable. 1434Entries in 1435.Va cloned_interfaces 1436are automatically appended to 1437.Va network_interfaces 1438for configuration. 1439.It Va fec_interfaces 1440.Pq Vt str 1441Set to the list of 1442.Xr ng_fec 4 1443Fast EtherChannel interfaces to configure on this host. 1444A 1445.Va fecconfig_ Ns Aq Ar interface 1446variable is assumed to exist for each value of 1447.Ar interface . 1448The value of this variable is used to configure link aggregated interfaces 1449according to the syntax of the 1450.Cm NGM_FEC_ADD_IFACE 1451to 1452.Xr ngctl 8 1453msg. 1454Additionally, this option ensures that each listed interface is created 1455via the 1456.Cm mkpeer 1457command to 1458.Xr ngctl 8 1459before attempting to configure it. 1460For example: 1461.Bd -literal 1462fec_interfaces="fec0" 1463fecconfig_fec0="em0 em1" 1464ifconfig_fec0="DHCP" 1465.Ed 1466.It Va gif_interfaces 1467.Pq Vt str 1468Set to the list of 1469.Xr gif 4 1470tunnel interfaces to configure on this host. 1471A 1472.Va gifconfig_ Ns Aq Ar interface 1473variable is assumed to exist for each value of 1474.Ar interface . 1475The value of this variable is used to configure the link layer of the 1476tunnel according to the syntax of the 1477.Cm tunnel 1478option to 1479.Xr ifconfig 8 . 1480Additionally, this option ensures that each listed interface is created 1481via the 1482.Cm create 1483option to 1484.Xr ifconfig 8 1485before attempting to configure it. 1486.It Va sppp_interfaces 1487.Pq Vt str 1488Set to the list of 1489.Xr sppp 4 1490interfaces to configure on this host. 1491A 1492.Va spppconfig_ Ns Aq Ar interface 1493variable is assumed to exist for each value of 1494.Ar interface . 1495Each interface should also be configured by a general 1496.Va ifconfig_ Ns Aq Ar interface 1497setting. 1498Refer to 1499.Xr spppcontrol 8 1500for more information about available options. 1501.It Va ppp_enable 1502.Pq Vt bool 1503If set to 1504.Dq Li YES , 1505run the 1506.Xr ppp 8 1507daemon. 1508.It Va ppp_profile 1509.Pq Vt str 1510The name of the profile to use from 1511.Pa /etc/ppp/ppp.conf . 1512Also used for per-profile overrides of 1513.Va ppp_mode 1514and 1515.Va ppp_nat , 1516and 1517.Va ppp_ Ns Ao Ar profile Ac Ns _unit . 1518When the profile name contains any of the characters 1519.Dq Li .-/+ 1520they are translated to 1521.Dq Li _ 1522for the proposes of the override variable names. 1523.It Va ppp_mode 1524.Pq Vt str 1525Mode in which to run the 1526.Xr ppp 8 1527daemon. 1528.It Va ppp_ Ns Ao Ar profile Ac Ns _mode 1529.Pq Vt str 1530Overrides the global 1531.Va ppp_mode 1532for 1533.Ar profile . 1534Accepted modes are 1535.Dq Li auto , 1536.Dq Li ddial , 1537.Dq Li direct 1538and 1539.Dq Li dedicated . 1540See the manual for a full description. 1541.It Va ppp_nat 1542.Pq Vt bool 1543If set to 1544.Dq Li YES , 1545enables network address translation. 1546Used in conjunction with 1547.Va gateway_enable 1548allows hosts on private network addresses access to the Internet using 1549this host as a network address translating router. 1550.It Va ppp_ Ns Ao Ar profile Ac Ns _nat 1551.Pq Vt str 1552Overrides the global 1553.Va ppp_nat 1554for 1555.Ar profile . 1556.It Va ppp_ Ns Ao Ar profile Ac Ns _unit 1557.Pq Vt int 1558Set the unit number to be used for this profile. 1559See the manual description of 1560.Fl unit Ns Ar N 1561for details. 1562.It Va ppp_user 1563.Pq Vt str 1564The name of the user under which 1565.Xr ppp 8 1566should be started. 1567By 1568default, 1569.Xr ppp 8 1570is started as 1571.Dq Li root . 1572.It Va rc_conf_files 1573.Pq Vt str 1574This option is used to specify a list of files that will override 1575the settings in 1576.Pa /etc/defaults/rc.conf . 1577The files will be read in the order in which they are specified and should 1578include the full path to the file. 1579By default, the files specified are 1580.Pa /etc/rc.conf 1581and 1582.Pa /etc/rc.conf.local 1583.It Va zfs_enable 1584.Pq Vt bool 1585If set to 1586.Dq Li YES , 1587.Pa /etc/rc.d/zfs 1588will attempt to automatically mount ZFS file systems and initialize ZFS volumes 1589(ZVOLs). 1590.It Va gptboot_enable 1591.Pq Vt bool 1592If set to 1593.Dq Li YES , 1594.Pa /etc/rc.d/gptboot 1595will log if the system successfully (or not) booted from a GPT partition, 1596which had the 1597.Ar bootonce 1598attribute set using 1599.Xr gpart 8 1600utility. 1601.It Va gbde_autoattach_all 1602.Pq Vt bool 1603If set to 1604.Dq Li YES , 1605.Pa /etc/rc.d/gbde 1606will attempt to automatically initialize your .bde devices in 1607.Pa /etc/fstab . 1608.It Va gbde_devices 1609.Pq Vt str 1610List the devices that the script should try to attach, 1611or 1612.Dq Li AUTO . 1613.It Va gbde_lockdir 1614.Pq Vt str 1615The directory where the 1616.Xr gbde 4 1617lockfiles are located. 1618The default lockfile directory is 1619.Pa /etc . 1620.Pp 1621The lockfile for each individual 1622.Xr gbde 4 1623device can be overridden by setting the variable 1624.Va gbde_lock_ Ns Aq Ar device , 1625where 1626.Ar device 1627is the encrypted device without the 1628.Dq Pa /dev/ 1629and 1630.Dq Pa .bde 1631parts. 1632.It Va gbde_attach_attempts 1633.Pq Vt int 1634Number of times to attempt attaching to a 1635.Xr gbde 4 1636device, i.e., how many times the user is asked for the pass-phrase. 1637Default is 3. 1638.It Va geli_devices 1639.Pq Vt str 1640List of devices to automatically attach on boot. 1641Note that .eli devices from 1642.Pa /etc/fstab 1643are automatically appended to this list. 1644.It Va geli_tries 1645.Pq Vt int 1646Number of times user is asked for the pass-phrase. 1647If empty, it will be taken from 1648.Va kern.geom.eli.tries 1649sysctl variable. 1650.It Va geli_default_flags 1651.Pq Vt str 1652Default flags to use by 1653.Xr geli 8 1654when configuring disk encryption. 1655Flags can be configured for every device separately by defining 1656.Va geli_ Ns Ao Ar device Ac Ns Va _flags 1657variable. 1658.It Va geli_autodetach 1659.Pq Vt str 1660Specifies if GELI devices should be marked for detach on last close after 1661file systems are mounted. 1662Default is 1663.Dq Li YES . 1664This can be changed for every device separately by defining 1665.Va geli_ Ns Ao Ar device Ac Ns Va _autodetach 1666variable. 1667.It Va geli_swap_flags 1668Options passed to the 1669.Xr geli 8 1670utility when encrypted GEOM providers for swap partitions are created. 1671The default is 1672.Dq Li "-e aes -l 256 -s 4096 -d" . 1673.It Va root_rw_mount 1674.Pq Vt bool 1675Set to 1676.Dq Li YES 1677by default. 1678After the file systems are checked at boot time, the root file system 1679is remounted as read-write if this is set to 1680.Dq Li YES . 1681Diskless systems that mount their root file system from a read-only remote 1682NFS share should set this to 1683.Dq Li NO 1684in their 1685.Pa rc.conf . 1686.It Va fsck_y_enable 1687.Pq Vt bool 1688If set to 1689.Dq Li YES , 1690.Xr fsck 8 1691will be run with the 1692.Fl y 1693flag if the initial preen 1694of the file systems fails. 1695.It Va background_fsck 1696.Pq Vt bool 1697If set to 1698.Dq Li YES , 1699the system will attempt to run 1700.Xr fsck 8 1701in the background where possible. 1702.It Va background_fsck_delay 1703.Pq Vt int 1704The amount of time in seconds to sleep before starting a background 1705.Xr fsck 8 . 1706It defaults to sixty seconds to allow large applications such as 1707the X server to start before disk I/O bandwidth is monopolized by 1708.Xr fsck 8 . 1709If set to a negative number, the background file system check will be 1710delayed indefinitely to allow the administrator to run it at a more 1711convenient time. 1712For example it may be run from 1713.Xr cron 8 1714by adding a line like 1715.Pp 1716.Dl "0 4 * * * root /etc/rc.d/bgfsck forcestart" 1717.Pp 1718to 1719.Pa /etc/crontab . 1720.It Va netfs_types 1721.Pq Vt str 1722List of file system types that are network-based. 1723This list should generally not be modified by end users. 1724Use 1725.Va extra_netfs_types 1726instead. 1727.It Va extra_netfs_types 1728.Pq Vt str 1729If set to something other than 1730.Dq Li NO 1731(the default), 1732this variable extends the list of file system types 1733for which automatic mounting at startup by 1734.Xr rc 8 1735should be delayed until the network is initialized. 1736It should contain 1737a whitespace-separated list of network file system descriptor pairs, 1738each consisting of a file system type as passed to 1739.Xr mount 8 1740and a human-readable, one-word description, 1741joined with a colon 1742.Pq Ql \&: . 1743Extending the default list in this way is only necessary 1744when third party file system types are used. 1745.It Va syslogd_enable 1746.Pq Vt bool 1747If set to 1748.Dq Li YES , 1749run the 1750.Xr syslogd 8 1751daemon. 1752.It Va syslogd_program 1753.Pq Vt str 1754Path to 1755.Xr syslogd 8 1756(default 1757.Pa /usr/sbin/syslogd ) . 1758.It Va syslogd_flags 1759.Pq Vt str 1760If 1761.Va syslogd_enable 1762is set to 1763.Dq Li YES , 1764these are the flags to pass to 1765.Xr syslogd 8 . 1766.It Va inetd_enable 1767.Pq Vt bool 1768If set to 1769.Dq Li YES , 1770run the 1771.Xr inetd 8 1772daemon. 1773.It Va inetd_program 1774.Pq Vt str 1775Path to 1776.Xr inetd 8 1777(default 1778.Pa /usr/sbin/inetd ) . 1779.It Va inetd_flags 1780.Pq Vt str 1781If 1782.Va inetd_enable 1783is set to 1784.Dq Li YES , 1785these are the flags to pass to 1786.Xr inetd 8 . 1787.It Va hastd_enable 1788.Pq Vt bool 1789If set to 1790.Dq Li YES , 1791run the 1792.Xr hastd 8 1793daemon. 1794.It Va hastd_program 1795.Pq Vt str 1796Path to 1797.Xr hastd 8 1798(default 1799.Pa /sbin/hastd ) . 1800.It Va hastd_flags 1801.Pq Vt str 1802If 1803.Va hastd_enable 1804is set to 1805.Dq Li YES , 1806these are the flags to pass to 1807.Xr hastd 8 . 1808.It Va named_enable 1809.Pq Vt bool 1810If set to 1811.Dq Li YES , 1812run the 1813.Xr named 8 1814daemon. 1815.It Va named_program 1816.Pq Vt str 1817Path to 1818.Xr named 8 1819(default 1820.Pa /usr/sbin/named ) . 1821.It Va named_conf 1822.Pq Vt str 1823Path to 1824.Xr named 8 1825configuration file, (default 1826.Pa /etc/namedb/named.conf ) . 1827.It Va named_flags 1828.Pq Vt str 1829If 1830.Va named_enable 1831is set to 1832.Dq Li YES , 1833these are the flags to pass to 1834.Xr named 8 . 1835.It Va named_pidfile 1836.Pq Vt str 1837This is the default path to the 1838.Xr named 8 1839daemon's PID file. 1840This must match the location in 1841.Xr named.conf 5 . 1842.It Va named_uid 1843.Pq Vt str 1844The user that the 1845.Xr named 8 1846process should be run as. 1847.It Va named_chrootdir 1848.Pq Vt str 1849The root directory for a name server run in a 1850.Xr chroot 8 1851environment (default 1852.Pa /var/named ) . 1853If left empty 1854.Xr named 8 1855will not be run in a 1856.Xr chroot 8 1857environment. 1858.It Va named_chroot_autoupdate 1859.Pq Vt bool 1860Set to 1861.Dq Li NO 1862to disable automatic update of the 1863.Xr chroot 8 1864environment. 1865.It Va named_symlink_enable 1866.Pq Vt bool 1867Set to 1868.Dq Li NO 1869to disable symlinking of 1870daemon's PID file 1871into the 1872.Xr chroot 8 1873environment. 1874.It Va named_wait 1875.Pq Vt bool 1876Set to have 1877.Pa /etc/rc.d/named 1878loop until working name service is established. 1879.It Va named_wait_host 1880.Pq Vt str 1881Name of host to lookup for the named_wait option. 1882(Default localhost) 1883.It Va named_auto_forward 1884.Pq Vt bool 1885Set to enable automatic creation of a forwarder 1886configuration file derived from 1887.Pa /etc/resolv.conf . 1888.It Va named_auto_forward_only 1889.Pq Vt bool 1890Set to change the default forwarder configuration from 1891.Dq forward first 1892to 1893.Dq forward only . 1894.It Va kerberos5_server_enable 1895.Pq Vt bool 1896Set to 1897.Dq Li YES 1898to start a Kerberos 5 authentication server 1899at boot time. 1900.It Va kerberos5_server 1901.Pq Vt str 1902If 1903.Va kerberos5_server_enable 1904is set to 1905.Dq Li YES 1906this is the path to Kerberos 5 Authentication Server. 1907.It Va kerberos5_server_flags 1908.Pq Vt str 1909Empty by default. 1910This variable contains additional flags to be passed to the Kerberos 5 1911authentication server. 1912.It Va kadmind5_server_enable 1913.Pq Vt bool 1914Set to 1915.Dq Li YES 1916to start 1917.Xr kadmind 8 , 1918the Kerberos 5 Administration Daemon; set to 1919.Dq Li NO 1920on a slave server. 1921.It Va kadmind5_server 1922.Pq Vt str 1923If 1924.Va kadmind5_server_enable 1925is set to 1926.Dq Li YES 1927this is the path to Kerberos 5 Administration Daemon. 1928.It Va kpasswdd_server_enable 1929.Pq Vt bool 1930Set to 1931.Dq Li YES 1932to start 1933.Xr kpasswdd 8 , 1934the Kerberos 5 Password-Changing Daemon; set to 1935.Dq Li NO 1936on a slave server. 1937.It Va kpasswdd_server 1938.Pq Vt str 1939If 1940.Va kpasswdd_server_enable 1941is set to 1942.Dq Li YES 1943this is the path to Kerberos 5 Password-Changing Daemon. 1944.It Va rwhod_enable 1945.Pq Vt bool 1946If set to 1947.Dq Li YES , 1948run the 1949.Xr rwhod 8 1950daemon at boot time. 1951.It Va rwhod_flags 1952.Pq Vt str 1953If 1954.Va rwhod_enable 1955is set to 1956.Dq Li YES , 1957these are the flags to pass to it. 1958.It Va amd_enable 1959.Pq Vt bool 1960If set to 1961.Dq Li YES , 1962run the 1963.Xr amd 8 1964daemon at boot time. 1965.It Va amd_flags 1966.Pq Vt str 1967If 1968.Va amd_enable 1969is set to 1970.Dq Li YES , 1971these are the flags to pass to it. 1972See the 1973.Xr amd 8 1974manpage for more information. 1975.It Va amd_map_program 1976.Pq Vt str 1977If set, 1978the specified program is run to get the list of 1979.Xr amd 8 1980maps. 1981For example, if the 1982.Xr amd 8 1983maps are stored in NIS, one can set this to 1984run 1985.Xr ypcat 1 1986to get a list of 1987.Xr amd 8 1988maps from the 1989.Pa amd.master 1990NIS map. 1991.It Va update_motd 1992.Pq Vt bool 1993If set to 1994.Dq Li YES , 1995.Pa /etc/motd 1996will be updated at boot time to reflect the kernel release 1997being run. 1998If set to 1999.Dq Li NO , 2000.Pa /etc/motd 2001will not be updated. 2002.It Va nfs_client_enable 2003.Pq Vt bool 2004If set to 2005.Dq Li YES , 2006run the NFS client daemons at boot time. 2007.It Va nfs_access_cache 2008.Pq Vt int 2009If 2010.Va nfs_client_enable 2011is set to 2012.Dq Li YES , 2013this can be set to 2014.Dq Li 0 2015to disable NFS ACCESS RPC caching, or to the number of seconds for which 2016NFS ACCESS 2017results should be cached. 2018A value of 2-10 seconds will substantially reduce network 2019traffic for many NFS operations. 2020.It Va nfs_server_enable 2021.Pq Vt bool 2022If set to 2023.Dq Li YES , 2024run the NFS server daemons at boot time. 2025.It Va nfs_server_flags 2026.Pq Vt str 2027If 2028.Va nfs_server_enable 2029is set to 2030.Dq Li YES , 2031these are the flags to pass to the 2032.Xr nfsd 8 2033daemon. 2034.It Va idmapd_enable 2035.Pq Vt bool 2036If set to 2037.Dq Li YES , 2038run the ID mapping daemon for NFS version 4. 2039.It Va idmapd_flags 2040.Pq Vt str 2041If 2042.Va idmapd_enable 2043is set to 2044.Dq Li YES , 2045these are the flags to pass to the 2046.Xr idmapd 8 2047daemon. 2048.It Va mountd_enable 2049.Pq Vt bool 2050If set to 2051.Dq Li YES , 2052and no 2053.Va nfs_server_enable 2054is set, start 2055.Xr mountd 8 , 2056but not 2057.Xr nfsd 8 2058daemon. 2059It is commonly needed to run CFS without real NFS used. 2060.It Va mountd_flags 2061.Pq Vt str 2062If 2063.Va mountd_enable 2064is set to 2065.Dq Li YES , 2066these are the flags to pass to the 2067.Xr mountd 8 2068daemon. 2069.It Va weak_mountd_authentication 2070.Pq Vt bool 2071If set to 2072.Dq Li YES , 2073allow services like PCNFSD to make non-privileged mount 2074requests. 2075.It Va nfs_reserved_port_only 2076.Pq Vt bool 2077If set to 2078.Dq Li YES , 2079provide NFS services only on a secure port. 2080.It Va nfs_bufpackets 2081.Pq Vt int 2082If set to a number, indicates the number of packets worth of 2083socket buffer space to reserve on an NFS client. 2084The kernel default is typically 4. 2085Using a higher number may be 2086useful on gigabit networks to improve performance. 2087The minimum value is 20882 and the maximum is 64. 2089.It Va rpc_lockd_enable 2090.Pq Vt bool 2091If set to 2092.Dq Li YES 2093and also an NFS server or client, run 2094.Xr rpc.lockd 8 2095at boot time. 2096.It Va rpc_lockd_flags 2097.Pq Vt str 2098If 2099.Va rpc_lockd_enable 2100is set to 2101.Dq Li YES , 2102these are the flags to pass to the 2103.Xr rpc.lockd 8 2104daemon. 2105.It Va rpc_statd_enable 2106.Pq Vt bool 2107If set to 2108.Dq Li YES 2109and also an NFS server or client, run 2110.Xr rpc.statd 8 2111at boot time. 2112.It Va rpc_statd_flags 2113.Pq Vt str 2114If 2115.Va rpc_statd_enable 2116is set to 2117.Dq Li YES , 2118these are the flags to pass to the 2119.Xr rpc.statd 8 2120daemon. 2121.It Va rpcbind_program 2122.Pq Vt str 2123Path to 2124.Xr rpcbind 8 2125(default 2126.Pa /usr/sbin/rpcbind ) . 2127.It Va rpcbind_enable 2128.Pq Vt bool 2129If set to 2130.Dq Li YES , 2131run the 2132.Xr rpcbind 8 2133service at boot time. 2134.It Va rpcbind_flags 2135.Pq Vt str 2136If 2137.Va rpcbind_enable 2138is set to 2139.Dq Li YES , 2140these are the flags to pass to the 2141.Xr rpcbind 8 2142daemon. 2143.It Va keyserv_enable 2144.Pq Vt bool 2145If set to 2146.Dq Li YES , 2147run the 2148.Xr keyserv 8 2149daemon on boot for running Secure RPC. 2150.It Va keyserv_flags 2151.Pq Vt str 2152If 2153.Va keyserv_enable 2154is set to 2155.Dq Li YES , 2156these are the flags to pass to 2157.Xr keyserv 8 2158daemon. 2159.It Va pppoed_enable 2160.Pq Vt bool 2161If set to 2162.Dq Li YES , 2163run the 2164.Xr pppoed 8 2165daemon at boot time to provide PPP over Ethernet services. 2166.It Va pppoed_ Ns Aq Ar provider 2167.Pq Vt str 2168.Xr pppoed 8 2169listens to requests to this 2170.Ar provider 2171and ultimately runs 2172.Xr ppp 8 2173with a 2174.Ar system 2175argument of the same name. 2176.It Va pppoed_flags 2177.Pq Vt str 2178Additional flags to pass to 2179.Xr pppoed 8 . 2180.It Va pppoed_interface 2181.Pq Vt str 2182The network interface to run 2183.Xr pppoed 8 2184on. 2185This is mandatory when 2186.Va pppoed_enable 2187is set to 2188.Dq Li YES . 2189.It Va timed_enable 2190.Pq Vt bool 2191If set to 2192.Dq Li YES , 2193run the 2194.Xr timed 8 2195service at boot time. 2196This command is intended for networks of 2197machines where a consistent 2198.Dq "network time" 2199for all hosts must be established. 2200This is often useful in large NFS 2201environments where time stamps on files are expected to be consistent 2202network-wide. 2203.It Va timed_flags 2204.Pq Vt str 2205If 2206.Va timed_enable 2207is set to 2208.Dq Li YES , 2209these are the flags to pass to the 2210.Xr timed 8 2211service. 2212.It Va ntpdate_enable 2213.Pq Vt bool 2214If set to 2215.Dq Li YES , 2216run 2217.Xr ntpdate 8 2218at system startup. 2219This command is intended to 2220synchronize the system clock only 2221.Em once 2222from some standard reference. 2223An option to set this up initially 2224(from a list of known servers) is also provided by the 2225.Xr sysinstall 8 2226program when the system is first installed. 2227.It Va ntpdate_config 2228.Pq Vt str 2229Configuration file for 2230.Xr ntpdate 8 . 2231Default 2232.Pa /etc/ntp.conf . 2233.It Va ntpdate_hosts 2234.Pq Vt str 2235A whitespace-separated list of NTP servers to synchronize with at startup. 2236The default is to use the servers listed in 2237.Va ntpdate_config , 2238if that file exists. 2239.It Va ntpdate_program 2240.Pq Vt str 2241Path to 2242.Xr ntpdate 8 2243(default 2244.Pa /usr/sbin/ntpdate ) . 2245.It Va ntpdate_flags 2246.Pq Vt str 2247If 2248.Va ntpdate_enable 2249is set to 2250.Dq Li YES , 2251these are the flags to pass to the 2252.Xr ntpdate 8 2253command (typically a hostname). 2254.It Va ntpd_enable 2255.Pq Vt bool 2256If set to 2257.Dq Li YES , 2258run the 2259.Xr ntpd 8 2260command at boot time. 2261.It Va ntpd_program 2262.Pq Vt str 2263Path to 2264.Xr ntpd 8 2265(default 2266.Pa /usr/sbin/ntpd ) . 2267.It Va ntpd_config 2268.Pq Vt str 2269Path to 2270.Xr ntpd 8 2271configuration file. 2272Default 2273.Pa /etc/ntp.conf . 2274.It Va ntpd_flags 2275.Pq Vt str 2276If 2277.Va ntpd_enable 2278is set to 2279.Dq Li YES , 2280these are the flags to pass to the 2281.Xr ntpd 8 2282daemon. 2283.It Va ntpd_sync_on_start 2284.Pq Vt bool 2285If set to 2286.Dq Li YES , 2287.Xr ntpd 8 2288is run with the 2289.Fl g 2290flag, which syncs the system's clock on startup. 2291See 2292.Xr ntpd 8 2293for more information regarding the 2294.Fl g 2295option. 2296This is a preferred alternative to using 2297.Xr ntpdate 8 2298or specifying the 2299.Va ntpdate_enable 2300variable. 2301.It Va nis_client_enable 2302.Pq Vt bool 2303If set to 2304.Dq Li YES , 2305run the 2306.Xr ypbind 8 2307service at system boot time. 2308.It Va nis_client_flags 2309.Pq Vt str 2310If 2311.Va nis_client_enable 2312is set to 2313.Dq Li YES , 2314these are the flags to pass to the 2315.Xr ypbind 8 2316service. 2317.It Va nis_ypset_enable 2318.Pq Vt bool 2319If set to 2320.Dq Li YES , 2321run the 2322.Xr ypset 8 2323daemon at system boot time. 2324.It Va nis_ypset_flags 2325.Pq Vt str 2326If 2327.Va nis_ypset_enable 2328is set to 2329.Dq Li YES , 2330these are the flags to pass to the 2331.Xr ypset 8 2332daemon. 2333.It Va nis_server_enable 2334.Pq Vt bool 2335If set to 2336.Dq Li YES , 2337run the 2338.Xr ypserv 8 2339daemon at system boot time. 2340.It Va nis_server_flags 2341.Pq Vt str 2342If 2343.Va nis_server_enable 2344is set to 2345.Dq Li YES , 2346these are the flags to pass to the 2347.Xr ypserv 8 2348daemon. 2349.It Va nis_ypxfrd_enable 2350.Pq Vt bool 2351If set to 2352.Dq Li YES , 2353run the 2354.Xr rpc.ypxfrd 8 2355daemon at system boot time. 2356.It Va nis_ypxfrd_flags 2357.Pq Vt str 2358If 2359.Va nis_ypxfrd_enable 2360is set to 2361.Dq Li YES , 2362these are the flags to pass to the 2363.Xr rpc.ypxfrd 8 2364daemon. 2365.It Va nis_yppasswdd_enable 2366.Pq Vt bool 2367If set to 2368.Dq Li YES , 2369run the 2370.Xr rpc.yppasswdd 8 2371daemon at system boot time. 2372.It Va nis_yppasswdd_flags 2373.Pq Vt str 2374If 2375.Va nis_yppasswdd_enable 2376is set to 2377.Dq Li YES , 2378these are the flags to pass to the 2379.Xr rpc.yppasswdd 8 2380daemon. 2381.It Va rpc_ypupdated_enable 2382.Pq Vt bool 2383If set to 2384.Dq Li YES , 2385run the 2386.Nm rpc.ypupdated 2387daemon at system boot time. 2388.It Va bsnmpd_enable 2389.Pq Vt bool 2390If set to 2391.Dq Li YES , 2392run the 2393.Xr bsnmpd 1 2394daemon at system boot time. 2395Be sure to understand the security implications of running SNMP daemon 2396on your host. 2397.It Va bsnmpd_flags 2398.Pq Vt str 2399If 2400.Va bsnmpd_enable 2401is set to 2402.Dq Li YES , 2403these are the flags to pass to the 2404.Xr bsnmpd 1 2405daemon. 2406.It Va defaultrouter 2407.Pq Vt str 2408If not set to 2409.Dq Li NO , 2410create a default route to this host name or IP address 2411(use an IP address if this router is also required to get to the 2412name server!). 2413.It Va ipv6_defaultrouter 2414.Pq Vt str 2415The IPv6 equivalent of 2416.Va defaultrouter . 2417.It Va static_arp_pairs 2418.Pq Vt str 2419Set to the list of static ARP pairs that are to be added at system 2420boot time. 2421For each whitespace separated 2422.Ar element 2423in the value, a 2424.Va static_arp_ Ns Aq Ar element 2425variable is assumed to exist whose contents will later be passed to a 2426.Dq Nm arp Cm -S 2427operation. 2428For example 2429.Bd -literal 2430static_arp_pairs="gw" 2431static_arp_gw="192.168.1.1 00:01:02:03:04:05" 2432.Ed 2433.It Va static_routes 2434.Pq Vt str 2435Set to the list of static routes that are to be added at system 2436boot time. 2437If not set to 2438.Dq Li NO 2439then for each whitespace separated 2440.Ar element 2441in the value, a 2442.Va route_ Ns Aq Ar element 2443variable is assumed to exist 2444whose contents will later be passed to a 2445.Dq Nm route Cm add 2446operation. 2447For example: 2448.Bd -literal 2449static_routes="mcast gif0local" 2450route_mcast="-net 224.0.0.0/4 -iface gif0" 2451route_gif0local="-host 169.254.1.1 -iface lo0" 2452.Ed 2453.It Va ipv6_static_routes 2454.Pq Vt str 2455The IPv6 equivalent of 2456.Va static_routes . 2457If not set to 2458.Dq Li NO 2459then for each whitespace separated 2460.Ar element 2461in the value, a 2462.Va ipv6_route_ Ns Aq Ar element 2463variable is assumed to exist 2464whose contents will later be passed to a 2465.Dq Nm route Cm add Fl inet6 2466operation. 2467.It Va natm_static_routes 2468.Pq Vt str 2469The 2470.Xr natmip 4 2471equivalent of 2472.Va static_routes . 2473If not empty then for each whitespace separated 2474.Ar element 2475in the value, a 2476.Va route_ Ns Aq Ar element 2477variable is assumed to exist whose contents will later be passed to a 2478.Dq Nm atmconfig Cm natm Cm add 2479operation. 2480.It Va gateway_enable 2481.Pq Vt bool 2482If set to 2483.Dq Li YES , 2484configure host to act as an IP router, e.g.\& to forward packets 2485between interfaces. 2486.It Va ipv6_gateway_enable 2487.Pq Vt bool 2488The IPv6 equivalent of 2489.Va gateway_enable . 2490.It Va routed_enable 2491.Pq Vt bool 2492If set to 2493.Dq Li YES , 2494run a routing daemon of some sort, based on the 2495settings of 2496.Va routed_program 2497and 2498.Va routed_flags . 2499.It Va route6d_enable 2500.Pq Vt bool 2501The IPv6 equivalent of 2502.Va routed_enable . 2503If set to 2504.Dq Li YES , 2505run a routing daemon of some sort, based on the 2506settings of 2507.Va route6d_program 2508and 2509.Va route6d_flags . 2510.It Va routed_program 2511.Pq Vt str 2512If 2513.Va routed_enable 2514is set to 2515.Dq Li YES , 2516this is the name of the routing daemon to use. 2517.It Va route6d_program 2518.Pq Vt str 2519The IPv6 equivalent of 2520.Va routed_program . 2521.It Va routed_flags 2522.Pq Vt str 2523If 2524.Va routed_enable 2525is set to 2526.Dq Li YES , 2527these are the flags to pass to the routing daemon. 2528.It Va route6d_flags 2529.Pq Vt str 2530The IPv6 equivalent of 2531.Va routed_flags . 2532.It Va mrouted_enable 2533.Pq Vt bool 2534If set to 2535.Dq Li YES , 2536run the multicast routing daemon, 2537.Xr mrouted 8 . 2538.It Va mroute6d_enable 2539.Pq Vt bool 2540The IPv6 equivalent of 2541.Va mrouted_enable . 2542If set to 2543.Dq Li YES , 2544run the IPv6 multicast routing daemon. 2545.Pp 2546Note that multicast routing daemons are no longer included in the 2547.Fx 2548base system, however, both 2549.Xr mrouted 8 2550and 2551.Xr pim6dd 8 2552may be installed from the 2553.Fx 2554Ports Collection. 2555.It Va mrouted_flags 2556.Pq Vt str 2557If 2558.Va mrouted_enable 2559is set to 2560.Dq Li YES , 2561these are the flags to pass to the 2562.Xr mrouted 8 2563daemon. 2564.It Va mroute6d_flags 2565.Pq Vt str 2566The IPv6 equivalent of 2567.Va mrouted_flags . 2568If 2569.Va mroute6d_enable 2570is set to 2571.Dq Li YES , 2572these are the flags passed to the IPv6 multicast routing daemon. 2573.It Va mroute6d_program 2574.Pq Vt str 2575If 2576.Va mroute6d_enable 2577is set to 2578.Dq Li YES , 2579this is the path to the IPv6 multicast routing daemon. 2580.It Va rtadvd_enable 2581.Pq Vt bool 2582If set to 2583.Dq Li YES , 2584run the 2585.Xr rtadvd 8 2586daemon at boot time. 2587.Xr rtadvd 8 2588will only run if 2589.Va ipv6_gateway_enable 2590is also set to 2591.Dq Li YES . 2592The 2593.Xr rtadvd 8 2594utility sends router advertisement packets to the interfaces specified in 2595.Va rtadvd_interfaces 2596and should only be enabled with great care. 2597You may want to fine-tune 2598.Xr rtadvd.conf 5 . 2599.It Va rtadvd_interfaces 2600.Pq Vt str 2601If 2602.Va rtadvd_enable 2603is set to 2604.Dq Li YES 2605this is the list of interfaces to use. 2606.It Va ipxgateway_enable 2607.Pq Vt bool 2608If set to 2609.Dq Li YES , 2610enable the routing of IPX traffic. 2611.It Va ipxrouted_enable 2612.Pq Vt bool 2613If set to 2614.Dq Li YES , 2615run the 2616.Xr IPXrouted 8 2617daemon at system boot time. 2618.It Va ipxrouted_flags 2619.Pq Vt str 2620If 2621.Va ipxrouted_enable 2622is set to 2623.Dq Li YES , 2624these are the flags to pass to the 2625.Xr IPXrouted 8 2626daemon. 2627.It Va arpproxy_all 2628.Pq Vt bool 2629If set to 2630.Dq Li YES , 2631enable global proxy ARP. 2632.It Va forward_sourceroute 2633.Pq Vt bool 2634If set to 2635.Dq Li YES 2636and 2637.Va gateway_enable 2638is also set to 2639.Dq Li YES , 2640source-routed packets are forwarded. 2641.It Va accept_sourceroute 2642.Pq Vt bool 2643If set to 2644.Dq Li YES , 2645the system will accept source-routed packets directed at it. 2646.It Va rarpd_enable 2647.Pq Vt bool 2648If set to 2649.Dq Li YES , 2650run the 2651.Xr rarpd 8 2652daemon at system boot time. 2653.It Va rarpd_flags 2654.Pq Vt str 2655If 2656.Va rarpd_enable 2657is set to 2658.Dq Li YES , 2659these are the flags to pass to the 2660.Xr rarpd 8 2661daemon. 2662.It Va bootparamd_enable 2663.Pq Vt bool 2664If set to 2665.Dq Li YES , 2666run the 2667.Xr bootparamd 8 2668daemon at system boot time. 2669.It Va bootparamd_flags 2670.Pq Vt str 2671If 2672.Va bootparamd_enable 2673is set to 2674.Dq Li YES , 2675these are the flags to pass to the 2676.Xr bootparamd 8 2677daemon. 2678.It Va stf_interface_ipv4addr 2679.Pq Vt str 2680If not set to 2681.Dq Li NO , 2682this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 2683interface). 2684Specify this entry to enable the 6to4 interface. 2685.It Va stf_interface_ipv4plen 2686.Pq Vt int 2687Prefix length for 6to4 IPv4 addresses, to limit peer address range. 2688An effective value is 0-31. 2689.It Va stf_interface_ipv6_ifid 2690.Pq Vt str 2691IPv6 interface ID for 2692.Xr stf 4 . 2693This can be set to 2694.Dq Li AUTO . 2695.It Va stf_interface_ipv6_slaid 2696.Pq Vt str 2697IPv6 Site Level Aggregator for 2698.Xr stf 4 . 2699.It Va ipv6_faith_prefix 2700.Pq Vt str 2701If not set to 2702.Dq Li NO , 2703this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 2704translator. 2705You also need 2706.Xr faithd 8 2707setup. 2708.It Va ipv6_ipv4mapping 2709.Pq Vt bool 2710If set to 2711.Dq Li YES 2712this enables IPv4 mapped IPv6 address communication (like 2713.Li ::ffff:a.b.c.d ) . 2714.It Va atm_enable 2715.Pq Vt bool 2716Set to 2717.Dq Li YES 2718to enable the configuration of ATM interfaces at system boot time. 2719For all of the ATM variables described below, please refer to the 2720.Xr atm 8 2721manual page for further details on the available command parameters. 2722Also refer to the files in 2723.Pa /usr/share/examples/atm 2724for more detailed configuration information. 2725.It Va atm_load 2726.Pq Vt str 2727This is a list of physical ATM interface drivers to load. 2728Typical values are 2729.Dq Li hfa_pci 2730and/or 2731.Dq Li hea_pci . 2732.It Va atm_netif_ Ns Aq Ar intf 2733.Pq Vt str 2734For the ATM physical interface 2735.Ar intf , 2736this variable defines the name prefix and count for the ATM network 2737interfaces to be created. 2738The value will be passed as the parameters of an 2739.Dq Nm atm Cm "set netif" Ar intf 2740command. 2741.It Va atm_sigmgr_ Ns Aq Ar intf 2742.Pq Vt str 2743For the ATM physical interface 2744.Ar intf , 2745this variable defines the ATM signalling manager to be used. 2746The value will be passed as the parameters of an 2747.Dq Nm atm Cm attach Ar intf 2748command. 2749.It Va atm_prefix_ Ns Aq Ar intf 2750.Pq Vt str 2751For the ATM physical interface 2752.Ar intf , 2753this variable defines the NSAP prefix for interfaces using a UNI signalling 2754manager. 2755If set to 2756.Dq Li ILMI , 2757the prefix will automatically be set via the 2758.Xr ilmid 8 2759daemon. 2760Otherwise, the value will be passed as the parameters of an 2761.Dq Nm atm Cm "set prefix" Ar intf 2762command. 2763.It Va atm_macaddr_ Ns Aq Ar intf 2764.Pq Vt str 2765For the ATM physical interface 2766.Ar intf , 2767this variable defines the MAC address for interfaces using a UNI signalling 2768manager. 2769If set to 2770.Dq Li NO , 2771the hardware MAC address contained in the ATM interface card will be used. 2772Otherwise, the value will be passed as the parameters of an 2773.Dq Nm atm Cm "set mac" Ar intf 2774command. 2775.It Va atm_arpserver_ Ns Aq Ar netif 2776.Pq Vt str 2777For the ATM network interface 2778.Ar netif , 2779this variable defines the ATM address for a host which is to provide ATMARP 2780service. 2781This variable is only applicable to interfaces using a UNI signalling 2782manager. 2783If set to 2784.Dq Li local , 2785this host will become an ATMARP server. 2786The value will be passed as the parameters of an 2787.Dq Nm atm Cm "set arpserver" Ar netif 2788command. 2789.It Va atm_scsparp_ Ns Aq Ar netif 2790.Pq Vt bool 2791If set to 2792.Dq Li YES , 2793SCSP/ATMARP service for the network interface 2794.Ar netif 2795will be initiated using the 2796.Xr scspd 8 2797and 2798.Xr atmarpd 8 2799daemons. 2800This variable is only applicable if 2801.Va atm_arpserver_ Ns Aq Ar netif 2802is set to 2803.Dq Li local . 2804.It Va atm_pvcs 2805.Pq Vt str 2806Set to the list of ATM PVCs to be added at system 2807boot time. 2808For each whitespace separated 2809.Ar element 2810in the value, an 2811.Va atm_pvc_ Ns Aq Ar element 2812variable is assumed to exist. 2813The value of each of these variables 2814will be passed as the parameters of an 2815.Dq Nm atm Cm "add pvc" 2816command. 2817.It Va atm_arps 2818.Pq Vt str 2819Set to the list of permanent ATM ARP entries to be added 2820at system boot time. 2821For each whitespace separated 2822.Ar element 2823in the value, an 2824.Va atm_arp_ Ns Aq Ar element 2825variable is assumed to exist. 2826The value of each of these variables 2827will be passed as the parameters of an 2828.Dq Nm atm Cm "add arp" 2829command. 2830.It Va natm_interfaces 2831.Pq Vt str 2832Set to the list of 2833.Xr natm 4 2834interfaces that will also be used for HARP through 2835.Xr harp 4 . 2836If this list is not empty all interfaces in the list will be brought up 2837with 2838.Xr ifconfig 8 2839and 2840.Xr harp 4 2841will be loaded. 2842For this to work the interface drivers must be either compiled into the 2843kernel or must reside on the root partition. 2844.It Va keybell 2845.Pq Vt str 2846The keyboard bell sound. 2847Set to 2848.Dq Li normal , 2849.Dq Li visual , 2850.Dq Li off , 2851or 2852.Dq Li NO 2853if the default behavior is desired. 2854For details, refer to the 2855.Xr kbdcontrol 1 2856manpage. 2857.It Va keyboard 2858.Pq Vt str 2859If set to a non-null string, the virtual console's keyboard input is 2860set to this device. 2861.It Va keymap 2862.Pq Vt str 2863If set to 2864.Dq Li NO , 2865no keymap is installed, otherwise the value is used to install 2866the keymap file in 2867.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2868.It Va keyrate 2869.Pq Vt str 2870The keyboard repeat speed. 2871Set to 2872.Dq Li slow , 2873.Dq Li normal , 2874.Dq Li fast , 2875or 2876.Dq Li NO 2877if the default behavior is desired. 2878.It Va keychange 2879.Pq Vt str 2880If not set to 2881.Dq Li NO , 2882attempt to program the function keys with the value. 2883The value should 2884be a single string of the form: 2885.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2886.It Va cursor 2887.Pq Vt str 2888Can be set to the value of 2889.Dq Li normal , 2890.Dq Li blink , 2891.Dq Li destructive , 2892or 2893.Dq Li NO 2894to set the cursor behavior explicitly or choose the default behavior. 2895.It Va scrnmap 2896.Pq Vt str 2897If set to 2898.Dq Li NO , 2899no screen map is installed, otherwise the value is used to install 2900the screen map file in 2901.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2902.It Va font8x16 2903.Pq Vt str 2904If set to 2905.Dq Li NO , 2906the default 8x16 font value is used for screen size requests, otherwise 2907the value in 2908.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2909is used. 2910.It Va font8x14 2911.Pq Vt str 2912If set to 2913.Dq Li NO , 2914the default 8x14 font value is used for screen size requests, otherwise 2915the value in 2916.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2917is used. 2918.It Va font8x8 2919.Pq Vt str 2920If set to 2921.Dq Li NO , 2922the default 8x8 font value is used for screen size requests, otherwise 2923the value in 2924.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2925is used. 2926.It Va blanktime 2927.Pq Vt int 2928If set to 2929.Dq Li NO , 2930the default screen blanking interval is used, otherwise it is set 2931to 2932.Ar value 2933seconds. 2934.It Va saver 2935.Pq Vt str 2936If not set to 2937.Dq Li NO , 2938this is the actual screen saver to use 2939.Li ( blank , snake , daemon , 2940etc). 2941.It Va moused_nondefault_enable 2942.Pq Vt str 2943If set to 2944.Dq Li NO , 2945the mouse device specified on 2946the command line is not automatically treated as enabled by the 2947.Pa /etc/rc.d/moused 2948script. 2949Having this variable set to 2950.Dq Li YES 2951allows a 2952.Xr usb 4 2953mouse, 2954for example, 2955to be enabled as soon as it is plugged in. 2956.It Va moused_enable 2957.Pq Vt str 2958If set to 2959.Dq Li YES , 2960the 2961.Xr moused 8 2962daemon is started for doing cut/paste selection on the console. 2963.It Va moused_type 2964.Pq Vt str 2965This is the protocol type of the mouse connected to this host. 2966This variable must be set if 2967.Va moused_enable 2968is set to 2969.Dq Li YES . 2970The 2971.Xr moused 8 2972daemon 2973is able to detect the appropriate mouse type automatically in many cases. 2974Set this variable to 2975.Dq Li auto 2976to let the daemon detect it, or 2977select one from the following list if the automatic detection fails. 2978.Pp 2979If the mouse is attached to the PS/2 mouse port, choose 2980.Dq Li auto 2981or 2982.Dq Li ps/2 , 2983regardless of the brand and model of the mouse. 2984Likewise, if the 2985mouse is attached to the bus mouse port, choose 2986.Dq Li auto 2987or 2988.Dq Li busmouse . 2989All other protocols are for serial mice and will not work with 2990the PS/2 and bus mice. 2991If this is a USB mouse, 2992.Dq Li auto 2993is the only protocol type which will work. 2994.Pp 2995.Bl -tag -width ".Li x10mouseremote" -compact 2996.It Li microsoft 2997Microsoft mouse (serial) 2998.It Li intellimouse 2999Microsoft IntelliMouse (serial) 3000.It Li mousesystems 3001Mouse systems Corp.\& mouse (serial) 3002.It Li mmseries 3003MM Series mouse (serial) 3004.It Li logitech 3005Logitech mouse (serial) 3006.It Li busmouse 3007A bus mouse 3008.It Li mouseman 3009Logitech MouseMan and TrackMan (serial) 3010.It Li glidepoint 3011ALPS GlidePoint (serial) 3012.It Li thinkingmouse 3013Kensington ThinkingMouse (serial) 3014.It Li ps/2 3015PS/2 mouse 3016.It Li mmhittab 3017MM HitTablet (serial) 3018.It Li x10mouseremote 3019X10 MouseRemote (serial) 3020.It Li versapad 3021Interlink VersaPad (serial) 3022.El 3023.Pp 3024Even if the mouse is not in the above list, it may be compatible 3025with one in the list. 3026Refer to the manual page for 3027.Xr moused 8 3028for compatibility information. 3029.Pp 3030It should also be noted that while this is enabled, any 3031other client of the mouse (such as an X server) should access 3032the mouse through the virtual mouse device, 3033.Pa /dev/sysmouse , 3034and configure it as a 3035.Dq Li sysmouse 3036type mouse, since all 3037mouse data is converted to this single canonical format when 3038using 3039.Xr moused 8 . 3040If the client program does not support the 3041.Dq Li sysmouse 3042type, 3043specify the 3044.Dq Li mousesystems 3045type. 3046It is the second preferred type. 3047.It Va moused_port 3048.Pq Vt str 3049If 3050.Va moused_enable 3051is set to 3052.Dq Li YES , 3053this is the actual port the mouse is on. 3054It might be 3055.Pa /dev/cuad0 3056for a COM1 serial mouse, 3057.Pa /dev/psm0 3058for a PS/2 mouse or 3059.Pa /dev/mse0 3060for a bus mouse, for example. 3061.It Va moused_flags 3062.Pq Vt str 3063If 3064.Va moused_flags 3065is set, its value is used as an additional set of flags to pass to the 3066.Xr moused 8 3067daemon. 3068.It Va "moused_" Ns Ar XXX Ns Va "_flags" 3069When 3070.Va moused_nondefault_enable 3071is enabled, and a 3072.Xr moused 8 3073daemon is started for a non-default port, the 3074.Va "moused_" Ns Ar XXX Ns Va "_flags" 3075set of options has precedence over and replaces the default 3076.Va moused_flags (where 3077.Ar XXX 3078is the name of the non-default port, i.e.\& 3079.Ar ums0 ) . 3080By setting 3081.Va "moused_" Ns Ar XXX Ns Va "_flags" 3082it is possible to set up a different set of default flags for each 3083.Xr moused 8 3084instance. 3085For example, you can use 3086.Dq Li "-3" 3087for the default 3088.Va moused_flags 3089to make your laptop's touchpad more comfortable to use, 3090but an empty set of options for 3091.Va moused_ums0_flags 3092when your 3093.Xr usb 4 3094mouse has three or more buttons. 3095.It Va mousechar_start 3096.Pq Vt int 3097If set to 3098.Dq Li NO , 3099the default mouse cursor character range 3100.Li 0xd0 Ns - Ns Li 0xd3 3101is used, 3102otherwise the range start is set 3103to 3104.Ar value 3105character, see 3106.Xr vidcontrol 1 . 3107Use if the default range is occupied in the language code table. 3108.It Va allscreens_flags 3109.Pq Vt str 3110If set, 3111.Xr vidcontrol 1 3112is run with these options for each of the virtual terminals 3113.Pq Pa /dev/ttyv* . 3114For example, 3115.Dq Fl m Cm on 3116will enable the mouse pointer on all virtual terminals 3117if 3118.Va moused_enable 3119is set to 3120.Dq Li YES . 3121.It Va allscreens_kbdflags 3122.Pq Vt str 3123If set, 3124.Xr kbdcontrol 1 3125is run with these options for each of the virtual terminals 3126.Pq Pa /dev/ttyv* . 3127For example, 3128.Dq Fl h Li 200 3129will set the 3130.Xr syscons 4 3131scrollback (history) buffer to 200 lines. 3132.It Va cron_enable 3133.Pq Vt bool 3134If set to 3135.Dq Li YES , 3136run the 3137.Xr cron 8 3138daemon at system boot time. 3139.It Va cron_program 3140.Pq Vt str 3141Path to 3142.Xr cron 8 3143(default 3144.Pa /usr/sbin/cron ) . 3145.It Va cron_flags 3146.Pq Vt str 3147If 3148.Va cron_enable 3149is set to 3150.Dq Li YES , 3151these are the flags to pass to 3152.Xr cron 8 . 3153.It Va cron_dst 3154.Pq Vt bool 3155If set to 3156.Dq Li YES , 3157enable the special handling of transitions to and from the 3158Daylight Saving Time in 3159.Xr cron 8 3160(equivalent to using the flag 3161.Fl s ) . 3162.It Va lpd_program 3163.Pq Vt str 3164Path to 3165.Xr lpd 8 3166(default 3167.Pa /usr/sbin/lpd ) . 3168.It Va lpd_enable 3169.Pq Vt bool 3170If set to 3171.Dq Li YES , 3172run the 3173.Xr lpd 8 3174daemon at system boot time. 3175.It Va lpd_flags 3176.Pq Vt str 3177If 3178.Va lpd_enable 3179is set to 3180.Dq Li YES , 3181these are the flags to pass to the 3182.Xr lpd 8 3183daemon. 3184.It Va chkprintcap_enable 3185.Pq Vt bool 3186If set to 3187.Dq Li YES , 3188run the 3189.Xr chkprintcap 8 3190command before starting the 3191.Xr lpd 8 3192daemon. 3193.It Va chkprintcap_flags 3194.Pq Vt str 3195If 3196.Va lpd_enable 3197and 3198.Va chkprintcap_enable 3199are set to 3200.Dq Li YES , 3201these are the flags to pass to the 3202.Xr chkprintcap 8 3203program. 3204The default is 3205.Dq Li -d , 3206which causes missing directories to be created. 3207.It Va mta_start_script 3208.Pq Vt str 3209This variable specifies the full path to the script to run to start 3210a mail transfer agent. 3211The default is 3212.Pa /etc/rc.sendmail . 3213The 3214.Va sendmail_* 3215variables which 3216.Pa /etc/rc.sendmail 3217uses are documented in the 3218.Xr rc.sendmail 8 3219manual page. 3220.It Va dumpdev 3221.Pq Vt str 3222Indicates the device (usually a swap partition) to which a crash dump 3223should be written in the event of a system crash. 3224If the value of this variable is 3225.Dq Li AUTO , 3226the first suitable swap device listed in 3227.Pa /etc/fstab 3228will be used as dump device. 3229Otherwise, the value of this variable is passed as the argument to 3230.Xr dumpon 8 . 3231To disable crash dumps, set this variable to 3232.Dq Li NO . 3233.It Va dumpdir 3234.Pq Vt str 3235When the system reboots after a crash and a crash dump is found on the 3236device specified by the 3237.Va dumpdev 3238variable, 3239.Xr savecore 8 3240will save that crash dump and a copy of the kernel to the directory 3241specified by the 3242.Va dumpdir 3243variable. 3244The default value is 3245.Pa /var/crash . 3246Set to 3247.Dq Li NO 3248to not run 3249.Xr savecore 8 3250at boot time when 3251.Va dumpdir 3252is set. 3253.It Va savecore_flags 3254.Pq Vt str 3255If crash dumps are enabled, these are the flags to pass to the 3256.Xr savecore 8 3257utility. 3258.It Va quota_enable 3259.Pq Vt bool 3260Set to 3261.Dq Li YES 3262to turn on user and group disk quotas on system startup via the 3263.Xr quotaon 8 3264command for all file systems marked as having quotas enabled in 3265.Pa /etc/fstab . 3266The kernel must be built with 3267.Cd "options QUOTA" 3268for disk quotas to function. 3269.It Va check_quotas 3270.Pq Vt bool 3271Set to 3272.Dq Li YES 3273to enable user and group disk quota checking via the 3274.Xr quotacheck 8 3275command. 3276.It Va quotacheck_flags 3277.Pq Vt str 3278If 3279.Va quota_enable 3280is set to 3281.Dq Li YES , 3282and 3283.Va check_quotas 3284is set to 3285.Dq Li YES , 3286these are the flags to pass to the 3287.Xr quotacheck 8 3288utility. 3289The default is 3290.Dq Li "-a" , 3291which checks quotas for all file systems with quotas enabled in 3292.Pa /etc/fstab . 3293.It Va quotaon_flags 3294.Pq Vt str 3295If 3296.Va quota_enable 3297is set to 3298.Dq Li YES , 3299these are the flags to pass to the 3300.Xr quotaon 8 3301utility. 3302The default is 3303.Dq Li "-a" , 3304which enables quotas for all file systems with quotas enabled in 3305.Pa /etc/fstab . 3306.It Va quotaoff_flags 3307.Pq Vt str 3308If 3309.Va quota_enable 3310is set to 3311.Dq Li YES , 3312these are the flags to pass to the 3313.Xr quotaoff 8 3314utility when shutting down the quota system. 3315The default is 3316.Dq Li "-a" , 3317which disables quotas for all file systems with quotas enabled in 3318.Pa /etc/fstab . 3319.It Va accounting_enable 3320.Pq Vt bool 3321Set to 3322.Dq Li YES 3323to enable system accounting through the 3324.Xr accton 8 3325facility. 3326.It Va ibcs2_enable 3327.Pq Vt bool 3328Set to 3329.Dq Li YES 3330to enable iBCS2 (SCO) binary emulation at system initial boot 3331time. 3332.It Va ibcs2_loaders 3333.Pq Vt str 3334If not set to 3335.Dq Li NO 3336and if 3337.Va ibcs2_enable 3338is set to 3339.Dq Li YES , 3340this specifies a list of additional iBCS2 loaders to enable. 3341.It Va linux_enable 3342.Pq Vt bool 3343Set to 3344.Dq Li YES 3345to enable Linux/ELF binary emulation at system initial 3346boot time. 3347.It Va svr4_enable 3348.Pq Vt bool 3349If set to 3350.Dq Li YES , 3351enable SysVR4 emulation at boot time. 3352.It Va sysvipc_enable 3353.Pq Vt bool 3354If set to 3355.Dq Li YES , 3356load System V IPC primitives at boot time. 3357.It Va clear_tmp_enable 3358.Pq Vt bool 3359Set to 3360.Dq Li YES 3361to have 3362.Pa /tmp 3363cleaned at startup. 3364.It Va clear_tmp_X 3365.Pq Vt bool 3366Set to 3367.Dq Li NO 3368to disable removing of X11 lock files, 3369and the removal and (secure) recreation 3370of the various socket directories for X11 3371related programs. 3372.It Va ldconfig_paths 3373.Pq Vt str 3374Set to the list of shared library paths to use with 3375.Xr ldconfig 8 . 3376NOTE: 3377.Pa /usr/lib 3378will always be added first, so it need not appear in this list. 3379.It Va ldconfig32_paths 3380.Pq Vt str 3381Set to the list of 32-bit compatibility shared library paths to 3382use with 3383.Xr ldconfig 8 . 3384.It Va ldconfig_paths_aout 3385.Pq Vt str 3386Set to the list of shared library paths to use with 3387.Xr ldconfig 8 3388legacy 3389.Xr a.out 5 3390support. 3391.It Va ldconfig_insecure 3392.Pq Vt bool 3393The 3394.Xr ldconfig 8 3395utility normally refuses to use directories 3396which are writable by anyone except root. 3397Set this variable to 3398.Dq Li YES 3399to disable that security check during system startup. 3400.It Va ldconfig_local_dirs 3401.Pq Vt str 3402Set to the list of local 3403.Xr ldconfig 8 3404directories. 3405The names of all files in the directories listed will be 3406passed as arguments to 3407.Xr ldconfig 8 . 3408.It Va ldconfig_local32_dirs 3409.Pq Vt str 3410Set to the list of local 32-bit compatibility 3411.Xr ldconfig 8 3412directories. 3413The names of all files in the directories listed will be 3414passed as arguments to 3415.Dq Nm ldconfig Fl 32 . 3416.It Va kern_securelevel_enable 3417.Pq Vt bool 3418Set to 3419.Dq Li YES 3420to set the kernel security level at system startup. 3421.It Va kern_securelevel 3422.Pq Vt int 3423The kernel security level to set at startup. 3424The allowed range of 3425.Ar value 3426ranges from \-1 (the compile time default) to 3 (the 3427most secure). 3428See 3429.Xr security 7 3430for the list of possible security levels and their effect 3431on system operation. 3432.It Va sshd_program 3433.Pq Vt str 3434Path to the SSH server program 3435.Pa ( /usr/sbin/sshd 3436is the default). 3437.It Va sshd_enable 3438.Pq Vt bool 3439Set to 3440.Dq Li YES 3441to start 3442.Xr sshd 8 3443at system boot time. 3444.It Va sshd_flags 3445.Pq Vt str 3446If 3447.Va sshd_enable 3448is set to 3449.Dq Li YES , 3450these are the flags to pass to the 3451.Xr sshd 8 3452daemon. 3453.It Va ftpd_program 3454.Pq Vt str 3455Path to the FTP server program 3456.Pa ( /usr/libexec/ftpd 3457is the default). 3458.It Va ftpd_enable 3459.Pq Vt bool 3460Set to 3461.Dq Li YES 3462to start 3463.Xr ftpd 8 3464as a stand-alone daemon at system boot time. 3465.It Va ftpd_flags 3466.Pq Vt str 3467If 3468.Va ftpd_enable 3469is set to 3470.Dq Li YES , 3471these are the additional flags to pass to the 3472.Xr ftpd 8 3473daemon. 3474.It Va watchdogd_enable 3475.Pq Vt bool 3476If set to 3477.Dq Li YES , 3478start the 3479.Xr watchdogd 8 3480daemon at boot time. 3481This requires that the kernel have been compiled with a 3482.Xr watchdog 4 3483compatible device. 3484.It Va watchdogd_flags 3485.Pq Vt str 3486If 3487.Va watchdogd_enable 3488is set to 3489.Dq Li YES , 3490these are the flags passed to the 3491.Xr watchdogd 8 3492daemon. 3493.It Va performance_cx_lowest 3494.Pq Vt str 3495CPU idle state to use while on AC power. 3496The string 3497.Dq Li LOW 3498indicates that 3499.Xr acpi 4 3500should use the lowest power state available while 3501.Dq Li HIGH 3502indicates that the lowest latency state (less power savings) should be used. 3503.It Va performance_cpu_freq 3504.Pq Vt str 3505CPU clock frequency to use while on AC power. 3506The string 3507.Dq Li LOW 3508indicates that 3509.Xr cpufreq 4 3510should use the lowest frequency available while 3511.Dq Li HIGH 3512indicates that the highest frequency (less power savings) should be used. 3513.It Va economy_cx_lowest 3514.Pq Vt str 3515CPU idle state to use when off AC power. 3516The string 3517.Dq Li LOW 3518indicates that 3519.Xr acpi 4 3520should use the lowest power state available while 3521.Dq Li HIGH 3522indicates that the lowest latency state (less power savings) should be used. 3523.It Va economy_cpu_freq 3524.Pq Vt str 3525CPU clock frequency to use when off AC power. 3526The string 3527.Dq Li LOW 3528indicates that 3529.Xr cpufreq 4 3530should use the lowest frequency available while 3531.Dq Li HIGH 3532indicates that the highest frequency (less power savings) should be used. 3533.It Va jail_enable 3534.Pq Vt bool 3535If set to 3536.Dq Li NO , 3537any configured jails will not be started. 3538.It jail_parallel_start 3539.Pq Vt bool 3540If set to 3541.Dq Li YES 3542all configured jails will be started in the background (= in parallel). 3543.It Va jail_list 3544.Pq Vt str 3545A space separated list of names for jails. 3546This is purely a configuration aid to help identify and 3547configure multiple jails. 3548The names specified in this list will be used to 3549identify settings common to an instance of a jail, 3550and should contain alphanumeric characters only. 3551Assuming that the jail in question was named 3552.Li vjail , 3553you would have the following dependent variables: 3554.Bd -literal 3555jail_vjail_hostname="jail.example.com" 3556jail_vjail_ip="192.0.2.100" 3557jail_vjail_rootdir="/var/jails/vjail/root" 3558.Ed 3559.Pp 3560.It Va jail_flags 3561.Pq Vt str 3562Unset by default. 3563When set, use as default value for 3564.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3565for every jail in 3566.Va jail_list . 3567.It Va jail_interface 3568.Pq Vt str 3569Unset by default. 3570When set, use as default value for 3571.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3572for every jail in 3573.Va jail_list . 3574.It Va jail_fstab 3575.Pq Vt str 3576Unset by default. 3577When set, use as default value for 3578.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3579for every jail in 3580.Va jail_list . 3581.It Va jail_mount_enable 3582.Pq Vt bool 3583Set to 3584.Dq Li NO 3585by default. 3586When set to 3587.Dq Li YES , 3588sets 3589.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3590to 3591.Dq Li YES 3592by default for every jail in 3593.Va jail_list . 3594.It Va jail_devfs_ruleset 3595.Pq Vt str 3596Unset by default. 3597When set, sets 3598.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3599to given value for every jail in 3600.Va jail_list . 3601.It Va jail_devfs_enable 3602.Pq Vt bool 3603Set to 3604.Dq Li NO 3605by default. 3606When set to 3607.Dq Li YES , 3608sets 3609.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3610to 3611.Dq Li YES 3612by default for every jail in 3613.Va jail_list . 3614.It Va jail_fdescfs_enable 3615.Pq Vt bool 3616Set to 3617.Dq Li NO 3618by default. 3619When set to 3620.Dq Li YES , 3621sets 3622.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3623to 3624.Dq Li YES 3625by default for every jail in 3626.Va jail_list . 3627.It Va jail_procfs_enable 3628.Pq Vt bool 3629Set to 3630.Dq Li NO 3631by default. 3632When set to 3633.Dq Li YES , 3634sets 3635.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3636to 3637.Dq Li YES 3638by default for every jail in 3639.Va jail_list . 3640.It Va jail_exec_prestart Ns Aq Ar N 3641.Pq Vt str 3642Unset by default. 3643When set, use as default value for 3644.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestart Ns Aq Ar N 3645for every jail in 3646.Va jail_list . 3647.It Va jail_exec_start 3648.Pq Vt str 3649Unset by default. 3650When set, use as default value for 3651.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3652for every jail in 3653.Va jail_list . 3654.It Va jail_exec_afterstart Ns Aq Ar N 3655.Pq Vt str 3656Unset by default. 3657When set, use as default value for 3658.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3659for every jail in 3660.Va jail_list . 3661.It Va jail_exec_poststart Ns Aq Ar N 3662.Pq Vt str 3663Unset by default. 3664When set, use as default value for 3665.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststart Ns Aq Ar N 3666for every jail in 3667.Va jail_list . 3668.It Va jail_exec_prestop Ns Aq Ar N 3669.Pq Vt str 3670Unset by default. 3671When set, use as default value for 3672.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestop Ns Aq Ar N 3673for every jail in 3674.Va jail_list . 3675.It Va jail_exec_stop 3676Unset by default. 3677When set, use as default value for 3678.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3679for every jail in 3680.Va jail_list . 3681.It Va jail_exec_poststop Ns Aq Ar N 3682.Pq Vt str 3683Unset by default. 3684When set, use as default value for 3685.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststop Ns Aq Ar N 3686for every jail in 3687.Va jail_list . 3688.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 3689.Pq Vt str 3690Unset by default. 3691Set to the root directory used by jail 3692.Va jname . 3693.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 3694.Pq Vt str 3695Unset by default. 3696Set to the fully qualified domain name (FQDN) assigned to jail 3697.Va jname . 3698.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 3699.Pq Vt str 3700Unset by default. 3701Set to the (primary) IPv4 and/or IPv6 address(es) assigned to the jail. 3702The argument can be a sole address or a comma separated list of addresses. 3703Additionally each address can be prefixed by the name of an interface 3704followed by a pipe to overwrite 3705.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3706or 3707.Va jail_interface 3708and/or suffixed by a netmask, prefixlen or prefix. 3709In case no netmask, prefixlen or prefix is given, 3710.Sq /32 3711will be used for IPv4 and 3712.Sq /128 3713will be used for an IPv6 address. 3714If no address is given for the jail then the jail will be started with 3715no networking support. 3716.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip_multi Ns Aq Ar n 3717.Pq Vt str 3718Unset by default. 3719Set additional IPv4 and/or IPv6 address(es) assigned to the jail. 3720The sequence starts with 3721.Dq Li _multi0 3722and the numbers have to be strictly ascending. 3723These entries follow the same syntax as their primary 3724.Va jail_ Ns Ao Ar jname Ac Ns Va _ip 3725entry. 3726The order of the entries can be important as the first address for 3727each address family found will be the primary address of the jail. 3728See 3729.Va ip-addresses 3730option in 3731.Xr jail 8 3732for more details. 3733.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3734.Pq Vt str 3735Set to 3736.Dq Li -l -U root 3737by default. 3738These are flags to pass to 3739.Xr jail . 3740.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3741.Pq Vt str 3742Unset by default. 3743When set, sets the interface to use when setting IP address alias. 3744Note that the alias is created at jail startup and removed at jail shutdown. 3745.It Va jail_ Ns Ao Ar jname Ac Ns Va _fib 3746.Pq Vt str 3747Unset by default. 3748When set, the jail is started with the specified forwarding table (sometimes 3749referred to as a routing table) via 3750.Xr setfib 1 . 3751.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3752.Pq Vt str 3753Set to 3754.Pa /etc/fstab. Ns Aq Ar jname 3755by default. 3756This is the file system information file to use for jail 3757.Va jname . 3758.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3759.Pq Vt bool 3760Set to 3761.Dq Li NO 3762by default. 3763When set to 3764.Dq Li YES , 3765mount all file systems from 3766.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3767at jail startup. 3768.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3769.Pq Vt str 3770Unset by default. 3771When set, defines the device file system ruleset file to use for jail 3772.Va jname . 3773.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3774.Pq Vt bool 3775Set to 3776.Dq Li NO 3777by default. 3778When set to 3779.Dq Li YES , 3780mount the device file system inside jail 3781.Ar jname 3782at jail startup. 3783.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3784.Pq Vt bool 3785Set to 3786.Dq Li NO 3787by default. 3788When set to 3789.Dq Li YES , 3790mount the file-descriptor file system inside jail 3791.Ar jname 3792at jail startup. 3793.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 3794.Pq Vt bool 3795Set to 3796.Dq Li NO 3797by default. 3798When set to 3799.Dq Li YES , 3800mount the process file system inside jail 3801.Ar jname 3802at jail startup. 3803.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestart Ns Aq Ar N 3804.Pq Vt str 3805Unset by default. 3806This is the command run as 3807.Ar N Ns 3808th command 3809before jail startup, where 3810.Ar N 3811is 0, 1, and so on. 3812It is run outside the jail. 3813.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3814.Pq Vt str 3815Set to 3816.Dq Li /bin/sh /etc/rc 3817by default. 3818This is the command executed in a jail at jail startup. 3819.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3820.Pq Vt str 3821Unset by default. 3822This is the command run as 3823.Ar N Ns 3824th command 3825in a jail 3826after jail startup, where 3827.Ar N 3828is 1, 2, and so on. 3829.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststart Ns Aq Ar N 3830.Pq Vt str 3831Unset by default. 3832This is the command run as 3833.Ar N Ns 3834th command 3835after jail startup, where 3836.Ar N 3837is 0, 1, and so on. 3838It is run outside the jail. 3839.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestop Ns Aq Ar N 3840.Pq Vt str 3841Unset by default. 3842This is the command run as 3843.Ar N Ns 3844th command 3845before jail shutdown, where 3846.Ar N 3847is 0, 1, and so on. 3848It is run outside the jail. 3849.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3850.Pq Vt str 3851Set to 3852.Dq Li /bin/sh /etc/rc.shutdown 3853by default. 3854This is the command executed in a jail at jail shutdown. 3855.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststop Ns Aq Ar N 3856.Pq Vt str 3857Unset by default. 3858This is the command run as 3859.Ar N Ns 3860th command 3861after jail shutdown, where 3862.Ar N 3863is 0, 1, and so on. 3864It is run outside the jail. 3865.It Va jail_set_hostname_allow 3866.Pq Vt bool 3867If set to 3868.Dq Li NO , 3869do not allow the root user in a jail to set its hostname. 3870.It Va jail_socket_unixiproute_only 3871.Pq Vt bool 3872If set to 3873.Dq Li YES , 3874do not allow any sockets, 3875besides UNIX/IP/route sockets, 3876to be used within a jail. 3877.It Va jail_sysvipc_allow 3878.Pq Vt bool 3879If set to 3880.Dq Li YES , 3881allow applications within a jail to use System V IPC. 3882.\" ----------------------------------------------------- 3883.It Va harvest_interrupt 3884.Pq Vt bool 3885Set to 3886.Dq Li YES 3887to use hardware interrupts as an entropy source. 3888Refer to 3889.Xr random 4 3890for more information. 3891.It Va harvest_ethernet 3892.Pq Vt bool 3893Set to 3894.Dq Li YES 3895to use LAN traffic as an entropy source. 3896Refer to 3897.Xr random 4 3898for more information. 3899.It Va harvest_p_to_p 3900.Pq Vt bool 3901Set to 3902.Dq Li YES 3903to use serial line traffic as an entropy source. 3904Refer to 3905.Xr random 4 3906for more information. 3907.It Va entropy_dir 3908.Pq Vt str 3909Set to 3910.Dq Li NO 3911to disable caching entropy via 3912.Xr cron 8 . 3913Otherwise set to the directory used to store entropy files in. 3914.It Va entropy_file 3915.Pq Vt str 3916Set to 3917.Dq Li NO 3918to disable caching entropy through reboots. 3919Otherwise set to the filename used to store cached entropy through 3920reboots. 3921This file should be located on the root file system to seed the 3922.Xr random 4 3923device as early as possible in the boot process. 3924.It Va entropy_save_sz 3925.Pq Vt int 3926Size of the entropy cache files saved by 3927.Nm save-entropy 3928periodically. 3929.It Va entropy_save_num 3930.Pq Vt int 3931Number of entropy cache files to save by 3932.Nm save-entropy 3933periodically. 3934.It Va ipsec_enable 3935.Pq Vt bool 3936Set to 3937.Dq Li YES 3938to run 3939.Xr setkey 8 3940on 3941.Va ipsec_file 3942at boot time. 3943.It Va ipsec_file 3944.Pq Vt str 3945Configuration file for 3946.Xr setkey 8 . 3947.It Va dmesg_enable 3948.Pq Vt bool 3949Set to 3950.Dq Li YES 3951to save 3952.Xr dmesg 8 3953to 3954.Pa /var/run/dmesg.boot 3955on boot. 3956.It Va rcshutdown_timeout 3957.Pq Vt int 3958If set, start a watchdog timer in the background which will terminate 3959.Pa rc.shutdown 3960if 3961.Xr shutdown 8 3962has not completed within the specified time (in seconds). 3963Notice that in addition to this soft timeout, 3964.Xr init 8 3965also applies a hard timeout for the execution of 3966.Pa rc.shutdown . 3967This is configured via 3968.Xr sysctl 8 3969variable 3970.Va kern.init_shutdown_timeout 3971and defaults to 120 seconds. 3972Setting the value of 3973.Va rcshutdown_timeout 3974to more than 120 seconds will have no effect until the 3975.Xr sysctl 8 3976variable 3977.Va kern.init_shutdown_timeout 3978is also increased. 3979.It Va virecover_enable 3980.Pq Vt bool 3981Set to 3982.Dq Li NO 3983to prevent the system from trying to 3984recover pre-maturely terminated 3985.Xr vi 1 3986sessions. 3987.It Va ugidfw_enable 3988.Pq Vt bool 3989Set to 3990.Dq Li YES 3991to load the 3992.Xr mac_bsdextended 4 3993module upon system initialization and load a default 3994ruleset file. 3995.It Va bsdextended_script 3996.Pq Vt str 3997The default 3998.Xr mac_bsdextended 4 3999ruleset file to load. 4000The default value of this variable is 4001.Pa /etc/rc.bsdextended . 4002.It Va newsyslog_enable 4003.Pq Vt bool 4004If set to 4005.Dq Li YES , 4006run 4007.Xr newsyslog 8 4008command at startup. 4009.It Va newsyslog_flags 4010.Pq Vt str 4011If 4012.Va newsyslog_enable 4013is set to 4014.Dq Li YES , 4015these are the flags to pass to the 4016.Xr newsyslog 8 4017program. 4018The default is 4019.Dq Li -CN , 4020which causes log files flagged with a 4021.Cm C 4022to be created. 4023.It Va mdconfig_md Ns Aq Ar X 4024.Pq Vt str 4025Arguments to 4026.Xr mdconfig 8 4027for 4028.Xr md 4 4029device 4030.Ar X . 4031At minimum a 4032.Fl t Ar type 4033must be specified and either a 4034.Fl s Ar size 4035for malloc or swap backed 4036.Xr md 4 4037devices or a 4038.Fl f Ar file 4039for vnode backed 4040.Xr md 4 4041devices. 4042Note that 4043.Va mdconfig_md Ns Aq Ar X 4044variables are evaluated until one variable is unset or null. 4045.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _newfs 4046.Pq Vt str 4047Optional arguments passed to 4048.Xr newfs 8 4049to initialize 4050.Xr md 4 4051device 4052.Ar X . 4053.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _owner 4054.Pq Vt str 4055An ownership specification passed to 4056.Xr chown 8 4057after the specified 4058.Xr md 4 4059device 4060.Ar X 4061has been mounted. 4062Both the 4063.Xr md 4 4064device and the mount point will be changed. 4065.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _perms 4066.Pq Vt str 4067A mode string passed to 4068.Xr chmod 1 4069after the specified 4070.Xr md 4 4071device 4072.Ar X 4073has been mounted. 4074Both the 4075.Xr md 4 4076device and the mount point will be changed. 4077.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _files 4078.Pq Vt str 4079Files to be copied to the mount point of the 4080.Xr md 4 4081device 4082.Ar X 4083after it has been mounted. 4084.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _cmd 4085.Pq Vt str 4086Command to execute after the specified 4087.Xr md 4 4088device 4089.Ar X 4090has been mounted. 4091Note that the command is passed to 4092.Ic eval 4093and that both 4094.Va _dev 4095and 4096.Va _mp 4097variables can be used to reference respectively the 4098.Xr md 4 4099device and the mount point. 4100Assuming that the 4101.Xr md 4 4102device is 4103.Li md0 , 4104one could set the following: 4105.Bd -literal 4106mdconfig_md0_cmd="tar xfzC /var/file.tgz \e${_mp}" 4107.Ed 4108.It Va autobridge_interfaces 4109.Pq Vt str 4110Set to the list of bridge interfaces that will have newly arriving interfaces 4111checked against to be automatically added. 4112If not set to 4113.Dq Li NO 4114then for each whitespace separated 4115.Ar element 4116in the value, a 4117.Va autobridge_ Ns Aq Ar element 4118variable is assumed to exist which has a whitespace separated list of interface 4119names to match, these names can use wildcards. 4120For example: 4121.Bd -literal 4122autobridge_interfaces="bridge0" 4123autobridge_bridge0="tap* dc0 vlan[345]" 4124.Ed 4125.It Va mixer_enable 4126.Pq Vt bool 4127If set to 4128.Dq Li YES , 4129enable support for sound mixer. 4130.It Va hcsecd_enable 4131.Pq Vt bool 4132If set to 4133.Dq Li YES , 4134enable Bluetooth security daemon. 4135.It Va hcsecd_config 4136.Pq Vt str 4137Configuration file for 4138.Xr hcsecd 8 . 4139Default 4140.Pa /etc/bluetooth/hcsecd.conf . 4141.It Va sdpd_enable 4142.Pq Vt bool 4143If set to 4144.Dq Li YES , 4145enable Bluetooth Service Discovery Protocol daemon. 4146.It Va sdpd_control 4147.Pq Vt str 4148Path to 4149.Xr sdpd 8 4150control socket. 4151Default 4152.Pa /var/run/sdp . 4153.It Va sdpd_groupname 4154.Pq Vt str 4155Sets 4156.Xr sdpd 8 4157group to run as after it initializes. 4158Default 4159.Dq Li nobody . 4160.It Va sdpd_username 4161.Pq Vt str 4162Sets 4163.Xr sdpd 8 4164user to run as after it initializes. 4165Default 4166.Dq Li nobody . 4167.It Va bthidd_enable 4168.Pq Vt bool 4169If set to 4170.Dq Li YES , 4171enable Bluetooth Human Interface Device daemon. 4172.It Va bthidd_config 4173.Pq Vt str 4174Configuration file for 4175.Xr bthidd 8 . 4176Default 4177.Pa /etc/bluetooth/bthidd.conf . 4178.It Va bthidd_hids 4179.Pq Vt str 4180Path to a file, where 4181.Xr bthidd 8 4182will store information about known HID devices. 4183Default 4184.Pa /var/db/bthidd.hids . 4185.It Va rfcomm_pppd_server_enable 4186.Pq Vt bool 4187If set to 4188.Dq Li YES , 4189enable Bluetooth RFCOMM PPP wrapper daemon. 4190.It Va rfcomm_pppd_server_profile 4191.Pq Vt str 4192The name of the profile to use from 4193.Pa /etc/ppp/ppp.conf . 4194Multiple profiles can be specified here. 4195Also used to specify per-profile overrides. 4196When the profile name contains any of the characters 4197.Dq Li .-/+ 4198they are translated to 4199.Dq Li _ 4200for the proposes of the override variable names. 4201.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _bdaddr 4202.Pq Vt str 4203Overrides local address to listen on. 4204By default 4205.Xr rfcomm_pppd 8 4206will listen on 4207.Dq Li ANY 4208address. 4209The address can be specified as BD_ADDR or name. 4210.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _channel 4211.Pq Vt str 4212Overrides local RFCOMM channel to listen on. 4213By default 4214.Xr rfcomm_pppd 8 4215will listen on RFCOMM channel 1. 4216Must set properly if multiple profiles used in the same time. 4217.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _register_sp 4218.Pq Vt bool 4219Tells 4220.Xr rfcomm_pppd 8 4221if it should register Serial Port service on the specified RFCOMM channel. 4222Default 4223.Dq Li NO . 4224.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _register_dun 4225.Pq Vt bool 4226Tells 4227.Xr rfcomm_pppd 8 4228if it should register Dial-Up Networking service on the specified 4229RFCOMM channel. 4230Default 4231.Dq Li NO . 4232.It Va ubthidhci_enable 4233.Pq Vt bool 4234If set to 4235.Dq Li YES , 4236change the USB Bluetooth controller from HID mode to HCI mode. 4237You also need to specify the location of USB Bluetooth controller with the 4238.Va ubthidhci_busnum 4239and 4240.Va ubthidhci_addr 4241variables. 4242.It Va ubthidhci_busnum 4243Bus number where the USB Bluetooth controller is located. 4244Check the output of 4245.Xr usbconfig 8 4246on your system to find this information. 4247.It Va ubthidhci_addr 4248Bus address of the USB Bluetooth controller. 4249Check the output of 4250.Xr usbconfig 8 4251on your system to find this information. 4252.El 4253.Sh FILES 4254.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 4255.It Pa /etc/defaults/rc.conf 4256.It Pa /etc/rc.conf 4257.It Pa /etc/rc.conf.local 4258.El 4259.Sh SEE ALSO 4260.Xr catman 1 , 4261.Xr chmod 1 , 4262.Xr gdb 1 , 4263.Xr info 1 , 4264.Xr kbdcontrol 1 , 4265.Xr makewhatis 1 , 4266.Xr sh 1 , 4267.Xr vi 1 , 4268.Xr vidcontrol 1 , 4269.Xr bridge 4 , 4270.Xr dummynet 4 , 4271.Xr ip 4 , 4272.Xr ipf 4 , 4273.Xr ipfw 4 , 4274.Xr ipnat 4 , 4275.Xr kld 4 , 4276.Xr pf 4 , 4277.Xr pflog 4 , 4278.Xr pfsync 4 , 4279.Xr tcp 4 , 4280.Xr udp 4 , 4281.Xr exports 5 , 4282.Xr fstab 5 , 4283.Xr ipf 5 , 4284.Xr ipnat 5 , 4285.Xr motd 5 , 4286.Xr newsyslog.conf 5 , 4287.Xr pf.conf 5 , 4288.Xr security 7 , 4289.Xr accton 8 , 4290.Xr amd 8 , 4291.Xr apm 8 , 4292.Xr atm 8 , 4293.Xr bthidd 8 , 4294.Xr chkprintcap 8 , 4295.Xr chown 8 , 4296.Xr cron 8 , 4297.Xr dhclient 8 , 4298.Xr ftpd 8 , 4299.Xr geli 8 , 4300.Xr hcsecd 8 , 4301.Xr ifconfig 8 , 4302.Xr inetd 8 , 4303.Xr ipf 8 , 4304.Xr ipfw 8 , 4305.Xr ipnat 8 , 4306.Xr jail 8 , 4307.Xr kldxref 8 , 4308.Xr lpd 8 , 4309.Xr mdconfig 8 , 4310.Xr mdmfs 8 , 4311.Xr mixer 8 , 4312.Xr mountd 8 , 4313.Xr moused 8 , 4314.Xr mrouted 8 , 4315.Xr named 8 , 4316.Xr newfs 8 , 4317.Xr newsyslog 8 , 4318.Xr nfsd 8 , 4319.Xr ntpd 8 , 4320.Xr ntpdate 8 , 4321.Xr pfctl 8 , 4322.Xr pflogd 8 , 4323.Xr powerd 8 , 4324.Xr quotacheck 8 , 4325.Xr quotaon 8 , 4326.Xr rc 8 , 4327.Xr rc.sendmail 8 , 4328.Xr rfcomm_pppd 8 , 4329.Xr route 8 , 4330.Xr routed 8 , 4331.Xr rpcbind 8 , 4332.Xr rpc.lockd 8 , 4333.Xr rpc.statd 8 , 4334.Xr rwhod 8 , 4335.Xr savecore 8 , 4336.Xr sdpd 8 , 4337.Xr sshd 8 , 4338.Xr swapon 8 , 4339.Xr sysctl 8 , 4340.Xr syslogd 8 , 4341.Xr timed 8 , 4342.Xr usbconfig 8 , 4343.Xr wlandebug 8 , 4344.Xr yp 8 , 4345.Xr ypbind 8 , 4346.Xr ypserv 8 , 4347.Xr ypset 8 4348.Sh HISTORY 4349The 4350.Nm 4351file appeared in 4352.Fx 2.2.2 . 4353.Sh AUTHORS 4354.An Jordan K. Hubbard . 4355