1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd April 25, 2004 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67See the 68.Va rc_conf_files 69variable below. 70.Pp 71The following list provides a name and short description for each 72variable that can be set in the 73.Nm 74file: 75.Bl -tag -width indent-two 76.It Va rc_debug 77.Pq Vt bool 78If set to 79.Dq Li YES , 80enable output of debug messages from rc scripts. 81This variable can be helpful in diagnosing mistakes when 82editing or integrating new scripts. 83Beware that this produces copious output to the terminal and 84.Xr syslog 3 . 85.It Va rc_info 86.Pq Vt bool 87If set to 88.Dq Li NO , 89disable informational messages from the rc scripts. 90Informational messages are displayed when 91a condition that is not serious enough to warrant a warning or 92an error occurs. 93.It Va swapfile 94.Pq Vt str 95If set to 96.Dq Li NO , 97no swapfile is installed, otherwise the value is used as the full 98pathname to a file to use for additional swap space. 99.It Va apm_enable 100.Pq Vt bool 101If set to 102.Dq Li YES , 103enable support for Automatic Power Management with 104the 105.Xr apm 8 106command. 107.It Va apmd_enable 108.Pq Vt bool 109Run 110.Xr apmd 8 111to handle APM event from userland. 112This also enables support for APM. 113.It Va apmd_flags 114.Pq Vt str 115If 116.Va apmd_enable 117is set to 118.Dq Li YES , 119these are the flags to pass to the 120.Xr apmd 8 121daemon. 122.It Va devd_enable 123.Pq Vt bool 124Run 125.Xr devd 8 126to handle device added, removed or unknown events from the kernel. 127.It Va kldxref_enable 128.Pq Vt bool 129Set to 130.Dq Li NO 131by default. 132Set to 133.Dq Li YES 134to automatically rebuild 135.Pa linker.hints 136files with 137.Xr kldxref 8 138at boot time. 139.It Va kldxref_clobber 140.Pq Vt bool 141Set to 142.Dq Li NO 143by default. 144If 145.Va kldxref_enable 146is true, 147setting to 148.Dq Li YES 149will overwrite existing 150.Pa linker.hints 151files at boot time. 152Otherwise, 153only missing 154.Pa linker.hints 155files are generated. 156.It Va kldxref_module_path 157.Pq Vt str 158Empty by default. 159A semi-colon 160.Pq Ql \&; 161delimited list of paths containing 162.Xr kld 4 163modules. 164If empty, 165the contents of the 166.Va kern.module_path 167.Xr sysctl 8 168are used. 169.It Va pccard_enable 170.Pq Vt bool 171If set to 172.Dq Li YES , 173enable PCCARD support at boot time. 174.It Va pccard_mem 175.Pq Vt str 176Set to PCCARD controller memory address or 177.Dq Li DEFAULT 178for the default value. 179.It Va pccard_ifconfig 180.Pq Vt str 181List of arguments to be passed to 182.Xr ifconfig 8 183at boot time or on 184insertion of the card (e.g.\& 185.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 186for a fixed address or 187.Dq Li DHCP 188for a DHCP client). 189.It Va pccard_beep 190.Pq Vt int 191If 0, 192set the PCCARD controller to silent mode. 193If 1, 194set it to beep mode. 195If 2, 196set it to melody mode. 197.It Va pccard_conf 198.Pq Vt str 199Path to the configuration file for the 200.Xr pccardd 8 201daemon (e.g.\& 202.Pa /etc/pccard.conf.sample ) . 203.It Va pccardd_flags 204.Pq Vt str 205If 206.Va pccard_enable 207is set to 208.Dq Li YES , 209these are the flags to pass to the 210.Xr pccardd 8 211daemon. 212.It Va pccard_ether_delay 213.Pq Vt str 214Set the delay before starting 215.Xr dhclient 8 216in the 217.Pa /etc/pccard_ether 218script. 219This defaults to 5 seconds to work around a bug in the 220.Xr ed 4 221driver which can lead to system hangs when using some newer 222.Xr ed 4 223based cards. 224.It Va removable_interfaces 225.Pq Vt str 226List of removable network interfaces to be supported by 227.Pa /etc/pccard_ether . 228.It Va tmpmfs 229Controls the creation of a 230.Pa /tmp 231memory file system. 232Always happens if set to 233.Dq Li YES 234and never happens if set to 235.Dq Li NO . 236If set to anything else, a memory file system is created if 237.Pa /tmp 238is not writable. 239.It Va tmpsize 240Controls the size of a created 241.Pa /tmp 242memory file system. 243.It Va varmfs 244Controls the creation of a 245.Pa /var 246memory file system. 247Always happens if set to 248.Dq Li YES 249and never happens if set to 250.Dq Li NO . 251If set to anything else, a memory file system is created if 252.Pa /var 253is not writable. 254.It Va varsize 255Controls the size of a created 256.Pa /var 257memory file system. 258.It Va populate_var 259Controls the automatic population of the 260.Pa /var 261file system. 262Always happens if set to 263.Dq Li YES 264and never happens if set to 265.Dq Li NO . 266If set to anything else, a memory file system is created if 267.Pa /tmp 268is not writable. 269Note that this process requires access to certain commands in 270.Pa /usr 271before 272.Pa /usr 273is mounted on normal systems. 274.It Va local_startup 275.Pq Vt str 276List of directories to search for startup script files. 277.It Va script_name_sep 278.Pq Vt str 279The field separator to use for breaking down the list of startup script files 280into individual filenames. 281The default is a space. 282It is not necessary to change this unless there are startup scripts with names 283containing spaces. 284.It Va hostname 285.Pq Vt str 286The fully qualified domain name (FQDN) of this host on the network. 287This should almost certainly be set to something meaningful, even if 288there is no network connection. 289If 290.Xr dhclient 8 291is used to set the hostname via DHCP, 292this variable should be set to an empty string. 293.It Va ipv6_enable 294.Pq Vt bool 295Enable support for IPv6 networking. 296Note that this requires that the kernel have been compiled with 297.Cd "options INET6" . 298.It Va nisdomainname 299.Pq Vt str 300The NIS domain name of this host, or 301.Dq Li NO 302if NIS is not used. 303.It Va dhclient_program 304.Pq Vt str 305Path to the DHCP client program 306.Pa ( /sbin/dhclient , 307the ISC DHCP client, 308is the default). 309.It Va dhclient_flags 310.Pq Vt str 311Additional flags to pass to the DHCP client program. 312For the ISC DHCP client, see the 313.Xr dhclient 8 314manpage for a description of the command line options available. 315.It Va background_dhclient 316.Pq Vt bool 317Set to 318.Dq Li YES 319to start the dhcp client in background. 320This can cause trouble with applications depending on 321a working network, but it will provide a faster startup 322in many cases. 323.It Va firewall_enable 324.Pq Vt bool 325Set to 326.Dq Li YES 327to load firewall rules at startup. 328If the kernel was not built with 329.Cd "options IPFIREWALL" , 330the 331.Pa ipfw.ko 332kernel module will be loaded. 333See also 334.Va ipfilter_enable . 335.It Va ipv6_firewall_enable 336.Pq Vt bool 337The IPv6 equivalent of 338.Va firewall_enable . 339Set to 340.Dq Li YES 341to load IPv6 firewall rules at startup. 342If the kernel was not built with 343.Cd "options IPV6FIREWALL" , 344the 345.Pa ip6fw.ko 346kernel module will be loaded. 347.It Va firewall_script 348.Pq Vt str 349This variable specifies the full path to the firewall script to run. 350The default is 351.Pa /etc/rc.firewall . 352.It Va ipv6_firewall_script 353.Pq Vt str 354The IPv6 equivalent of 355.Va firewall_script . 356.It Va firewall_type 357.Pq Vt str 358Names the firewall type from the selection in 359.Pa /etc/rc.firewall , 360or the file which contains the local firewall ruleset. 361Valid selections from 362.Pa /etc/rc.firewall 363are: 364.Pp 365.Bl -tag -width ".Li simple" -compact 366.It Li open 367unrestricted IP access 368.It Li closed 369all IP services disabled, except via 370.Dq Li lo0 371.It Li client 372basic protection for a workstation 373.It Li simple 374basic protection for a LAN. 375.El 376.Pp 377If a filename is specified, the full path 378must be given. 379.It Va ipv6_firewall_type 380.Pq Vt str 381The IPv6 equivalent of 382.Va firewall_type . 383.It Va firewall_quiet 384.Pq Vt bool 385Set to 386.Dq Li YES 387to disable the display of firewall rules on the console during boot. 388.It Va ipv6_firewall_quiet 389.Pq Vt bool 390The IPv6 equivalent of 391.Va firewall_quiet . 392.It Va firewall_logging 393.Pq Vt bool 394Set to 395.Dq Li YES 396to enable firewall event logging. 397This is equivalent to the 398.Dv IPFIREWALL_VERBOSE 399kernel option. 400.It Va ipv6_firewall_logging 401.Pq Vt bool 402The IPv6 equivalent of 403.Va firewall_logging . 404.It Va firewall_flags 405.Pq Vt str 406Flags passed to 407.Xr ipfw 8 408if 409.Va firewall_type 410specifies a filename. 411.It Va ipv6_firewall_flags 412.Pq Vt str 413The IPv6 equivalent of 414.Va firewall_flags . 415.It Va natd_program 416.Pq Vt str 417Path to 418.Xr natd 8 . 419.It Va natd_enable 420.Pq Vt bool 421Set to 422.Dq Li YES 423to enable 424.Xr natd 8 . 425.Va firewall_enable 426must also be set to 427.Dq Li YES , 428and 429.Xr divert 4 430sockets must be enabled in the kernel. 431.It Va natd_interface 432.Pq Vt str 433This is the name of the public interface on which 434.Xr natd 8 435should run. 436The interface may be given as an interface name or as an IP address. 437.It Va natd_flags 438.Pq Vt str 439Additional 440.Xr natd 8 441flags should be placed here. 442The 443.Fl n 444or 445.Fl a 446flag is automatically added with the above 447.Va natd_interface 448as an argument. 449.\" ----- ipfilter_enable setting -------------------------------- 450.It Va ipfilter_enable 451.Pq Vt bool 452Set to 453.Dq Li NO 454by default. 455Setting this to 456.Dq Li YES 457enables 458.Xr ipf 8 459packet filtering. 460.Pp 461Typical usage will require putting 462.Bd -literal 463ipfilter_enable="YES" 464ipnat_enable="YES" 465ipmon_enable="YES" 466ipfs_enable="YES" 467.Ed 468.Pp 469into 470.Pa /etc/rc.conf 471and editing 472.Pa /etc/ipf.rules 473and 474.Pa /etc/ipnat.rules 475appropriately. 476.Pp 477Note that 478.Va ipfilter_enable 479and 480.Va ipnat_enable 481can be enabled independently. 482.Va ipmon_enable 483and 484.Va ipfs_enable 485both require at least one of 486.Va ipfilter_enable 487and 488.Va ipnat_enable 489to be enabled. 490.Pp 491Having 492.Bd -literal 493options IPFILTER 494options IPFILTER_LOG 495options IPFILTER_DEFAULT_BLOCK 496.Ed 497.Pp 498in the kernel configuration file is a good idea, too. 499.\" ----- ipfilter_program setting ------------------------------ 500.It Va ipfilter_program 501.Pq Vt str 502Path to 503.Xr ipf 8 504(default 505.Pa /sbin/ipf ) . 506.\" ----- ipfilter_rules setting -------------------------------- 507.It Va ipfilter_rules 508.Pq Vt str 509Set to 510.Pa /etc/ipf.rules 511by default. 512This variable contains the name of the filter rule definition file. 513The file is expected to be readable for the 514.Xr ipf 8 515command to execute. 516.\" ----- ipv6_ipfilter_rules setting --------------------------- 517.It Va ipv6_ipfilter_rules 518.Pq Vt str 519Set to 520.Pa /etc/ipf6.rules 521by default. 522This variable contains the IPv6 filter rule definition file. 523The file is expected to be readable for the 524.Xr ipf 8 525command to execute. 526.\" ----- ipfilter_flags setting -------------------------------- 527.It Va ipfilter_flags 528.Pq Vt str 529Empty by default. 530This variable contains flags passed to the 531.Xr ipf 8 532program. 533.\" ----- ipnat_enable setting ---------------------------------- 534.It Va ipnat_enable 535.Pq Vt bool 536Set to 537.Dq Li NO 538by default. 539Set it to 540.Dq Li YES 541to enable 542.Xr ipnat 1 543network address translation. 544See 545.Va ipfilter_enable 546for a detailed discussion. 547.\" ----- ipnat_program setting --------------------------------- 548.It Va ipnat_program 549.Pq Vt str 550Path to 551.Xr ipnat 1 552(default 553.Pa /sbin/ipnat ) . 554.\" ----- ipnat_rules setting ----------------------------------- 555.It Va ipnat_rules 556.Pq Vt str 557Set to 558.Pa /etc/ipnat.rules 559by default. 560This variable contains the name of the file 561holding the network address translation definition. 562This file is expected to be readable for the 563.Xr ipnat 1 564command to execute. 565.\" ----- ipnat_flags setting ----------------------------------- 566.It Va ipnat_flags 567.Pq Vt str 568Empty by default. 569This variable contains flags passed to the 570.Xr ipnat 1 571program. 572.\" ----- ipmon_enable setting ---------------------------------- 573.It Va ipmon_enable 574.Pq Vt bool 575Set to 576.Dq Li NO 577by default. 578Set it to 579.Dq Li YES 580to enable 581.Xr ipmon 8 582monitoring (logging 583.Xr ipf 8 584and 585.Xr ipnat 1 586events). 587Setting this variable needs setting 588.Va ipfilter_enable 589or 590.Va ipnat_enable 591too. 592See 593.Va ipfilter_enable 594for a detailed discussion. 595.\" ----- ipmon_program setting --------------------------------- 596.It Va ipmon_program 597.Pq Vt str 598Path to 599.Xr ipmon 8 600(default 601.Pa /sbin/ipmon ) . 602.\" ----- ipmon_flags setting ----------------------------------- 603.It Va ipmon_flags 604.Pq Vt str 605Set to 606.Dq Li -Ds 607by default. 608This variable contains flags passed to the 609.Xr ipmon 8 610program. 611Another typical example would be 612.Dq Fl D Pa /var/log/ipflog 613to have 614.Xr ipmon 8 615log directly to a file bypassing 616.Xr syslogd 8 . 617Make sure to adjust 618.Pa /etc/newsyslog.conf 619in such case like this: 620.Bd -literal 621/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 622.Ed 623.\" ----- ipfs_enable setting ----------------------------------- 624.It Va ipfs_enable 625.Pq Vt bool 626Set to 627.Dq Li NO 628by default. 629Set it to 630.Dq Li YES 631to enable 632.Xr ipfs 8 633saving the filter and NAT state tables during shutdown 634and reloading them during startup again. 635Setting this variable needs setting 636.Va ipfilter_enable 637or 638.Va ipnat_enable 639to 640.Dq Li YES 641too. 642See 643.Va ipfilter_enable 644for a detailed discussion. 645Note that if 646.Va kern_securelevel 647is set to 3, 648.Va ipfs_enable 649cannot be used 650because the raised securelevel will prevent 651.Xr ipfs 8 652from saving the state tables at shutdown time. 653.\" ----- ipfs_program setting ---------------------------------- 654.It Va ipfs_program 655.Pq Vt str 656Path to 657.Xr ipfs 8 658(default 659.Pa /sbin/ipfs ) . 660.\" ----- ipfs_flags setting ------------------------------------ 661.It Va ipfs_flags 662.Pq Vt str 663Empty by default. 664This variable contains flags passed to the 665.Xr ipfs 8 666program. 667.\" ----- end of added ipf hook --------------------------------- 668.It Va pf_enable 669.Pq Vt bool 670Set to 671.Dq Li NO 672by default. 673Setting this to 674.Dq Li YES 675enables 676.Xr pf 4 677packet filtering. 678.Pp 679Typical usage will require putting 680.Pp 681.Dl pf_enable="YES" 682.Pp 683into 684.Pa /etc/rc.conf 685and editing 686.Pa /etc/pf.conf 687appropriately. 688.Pp 689Having 690.Bd -literal -offset indent 691options PFIL_HOOKS 692options RANDOM_IP_ID 693.Ed 694.Pp 695in the kernel configuration file is required for use as a 696.Xr kld 4 697module. 698.Pp 699.Dl "device pf" 700.Pp 701builds it into the kernel. 702.It Va pf_rules 703.Pq Vt str 704Path to 705.Xr pf 4 706ruleset configuration file 707(default 708.Pa /etc/pf.conf ) . 709.It Va pf_program 710.Pq Vt str 711Path to 712.Xr pfctl 8 713(default 714.Pa /sbin/pfctl ) . 715.It Va pf_flags 716.Pq Vt str 717If 718.Va pf_enable 719is set to 720.Dq Li YES , 721these flags are passed to the 722.Xr pfctl 8 723program when loading the ruleset. 724.It Va pflog_enable 725.Pq Vt bool 726Set to 727.Dq Li NO 728by default. 729Setting this to 730.Dq Li YES 731enables 732.Xr pflogd 8 733which logs packtes from the 734.Xr pf 4 735packet filter. 736.It Va pflog_logfile 737.Pq Vt str 738If 739.Va pflog_enable 740is set to 741.Dq Li YES 742this controls where 743.Xr pflogd 8 744stores the logfile 745(default 746.Pa /var/log/pflog ) . 747Check 748.Pa /etc/newsyslog.conf 749to adjust logfile rotation for this. 750.It Va pflog_program 751.Pq Vt str 752Path to 753.Xr pflogd 8 754(default 755.Pa /sbin/pflogd ) . 756.It Va pflog_flags 757.Pq Vt str 758Empty by default. 759This variable contains additional flags passed to the 760.Xr pflogd 8 761program. 762.It Va tcp_extensions 763.Pq Vt bool 764Set to 765.Dq Li YES 766by default. 767Setting this to 768.Dq Li NO 769disables certain TCP options as described by 770.Rs 771.%T "RFC 1323" 772.Re 773Setting this to 774.Dq Li NO 775might help remedy such problems with connections as randomly hanging 776or other weird behavior. 777Some network devices are known 778to be broken with respect to these options. 779.It Va log_in_vain 780.Pq Vt int 781Set to 0 by default. 782The 783.Xr sysctl 8 784variables, 785.Va net.inet.tcp.log_in_vain 786and 787.Va net.inet.udp.log_in_vain , 788as described in 789.Xr tcp 4 790and 791.Xr udp 4 , 792are set to the given value. 793.It Va tcp_keepalive 794.Pq Vt bool 795Set to 796.Dq Li YES 797by default. 798Setting to 799.Dq Li NO 800will disable probing idle TCP connections to verify that the 801peer is still up and reachable. 802.It Va tcp_drop_synfin 803.Pq Vt bool 804Set to 805.Dq Li NO 806by default. 807Setting to 808.Dq Li YES 809will cause the kernel to ignore TCP frames that have both 810the SYN and FIN flags set. 811This prevents OS fingerprinting, but may 812break some legitimate applications. 813This option is only available if the 814kernel was built with the 815.Dv TCP_DROP_SYNFIN 816option. 817.It Va icmp_drop_redirect 818.Pq Vt bool 819Set to 820.Dq Li NO 821by default. 822Setting to 823.Dq Li YES 824will cause the kernel to ignore ICMP REDIRECT packets. 825Refer to 826.Xr icmp 4 827for more information. 828.It Va icmp_log_redirect 829.Pq Vt bool 830Set to 831.Dq Li NO 832by default. 833Setting to 834.Dq Li YES 835will cause the kernel to log ICMP REDIRECT packets. 836Note that 837the log messages are not rate-limited, so this option should only be used 838for troubleshooting networks. 839Refer to 840.Xr icmp 4 841for more information. 842.It Va icmp_bmcastecho 843.Pq Vt bool 844Set to 845.Dq Li YES 846to respond to broadcast or multicast ICMP ping packets. 847Refer to 848.Xr icmp 4 849for more information. 850.It Va ip_portrange_first 851.Pq Vt int 852If not set to 853.Dq Li NO , 854this is the first port in the default portrange. 855Refer to 856.Xr ip 4 857for more information. 858.It Va ip_portrange_last 859.Pq Vt int 860If not set to 861.Dq Li NO , 862this is the last port in the default portrange. 863Refer to 864.Xr ip 4 865for more information. 866.It Va network_interfaces 867.Pq Vt str 868Set to the list of network interfaces to configure on this host. 869For example, if the only network devices in the system are the loopback 870device 871.Pq Li lo0 872and a NIC using the 873.Xr ed 4 874driver, 875this could be set to 876.Dq Li "lo0 ed0" . 877An 878.Va ifconfig_ Ns Aq Ar interface 879variable is also assumed to exist for each value of 880.Ar interface . 881It is also possible to add IP alias entries here in cases where 882multiple IP addresses registered against a single interface 883are desired. 884Assuming that the interface in question was 885.Li ed0 , 886it might look 887something like this: 888.Bd -literal 889ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 890ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 891.Ed 892.Pp 893And so on. 894For each 895.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 896entry that is found, 897its contents are passed to 898.Xr ifconfig 8 . 899Execution stops at the first unsuccessful access, so if 900something like this is present: 901.Bd -literal 902ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 903ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 904ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 905ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 906.Ed 907.Pp 908Then note that alias4 would 909.Em not 910be added since the search would 911stop with the missing alias3 entry. 912.Pp 913If the 914.Pa /etc/start_if. Ns Aq Ar interface 915file is present, it is read and executed by the 916.Xr sh 1 917interpreter 918before configuring the interface as specified in the 919.Va ifconfig_ Ns Aq Ar interface 920and 921.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 922variables. 923.Pp 924It is possible to bring up an interface with DHCP by setting the 925.Va ifconfig_ Ns Aq Ar interface 926variable to 927.Dq Li DHCP . 928For instance, to initialize the 929.Li ed0 930device via DHCP, 931it is possible to use something like: 932.Bd -literal 933ifconfig_ed0="DHCP" 934.Ed 935.It Va ipv6_network_interfaces 936.Pq Vt str 937This is the IPv6 equivalent of 938.Va network_interfaces . 939Instead of setting the ifconfig variables as 940.Va ifconfig_ Ns Aq Ar interface 941they should be set as 942.Va ipv6_ifconfig_ Ns Aq Ar interface . 943Aliases should be set as 944.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 945.Va ipv6_prefix_ Ns Aq Ar interface 946does something. 947Interfaces that do not have a 948.Va ipv6_ifconfig_ Ns Aq Ar interface 949setting will be auto configured by 950.Xr rtsol 8 951if the 952.Va ipv6_gateway_enable 953is set to 954.Dq Li NO . 955Note that the IPv6 networking code does not support the 956.Pa /etc/start_if. Ns Aq Ar interface 957files. 958.It Va ipv6_default_interface 959.Pq Vt str 960If not set to 961.Dq Li NO , 962this is the default output interface for scoped addresses. 963Now this works only for IPv6 link local multicast addresses. 964.It Va cloned_interfaces 965.Pq Vt str 966Set to the list of clonable network interfaces to create on this host. 967Entries in 968.Va cloned_interfaces 969are automatically appended to 970.Va network_interfaces 971for configuration. 972.It Va gif_interfaces 973.Pq Vt str 974Set to the list of 975.Xr gif 4 976tunnel interfaces to configure on this host. 977A 978.Va gifconfig_ Ns Aq Ar interface 979variable is assumed to exist for each value of 980.Ar interface . 981The value of this variable is used to configure the link layer of the 982tunnel according to the syntax of the 983.Cm tunnel 984option to 985.Xr ifconfig 8 . 986Additionally, this option ensures that each listed interface is created 987via the 988.Cm create 989option to 990.Xr ifconfig 8 991before attempting to configure it. 992.It Va sppp_interfaces 993.Pq Vt str 994Set to the list of 995.Xr sppp 4 996interfaces to configure on this host. 997A 998.Va spppconfig_ Ns Aq Ar interface 999variable is assumed to exist for each value of 1000.Ar interface . 1001Each interface should also be configured by a general 1002.Va ifconfig_ Ns Aq Ar interface 1003setting. 1004Refer to 1005.Xr spppcontrol 8 1006for more information about available options. 1007.It Va ppp_enable 1008.Pq Vt bool 1009If set to 1010.Dq Li YES , 1011run the 1012.Xr ppp 8 1013daemon. 1014.It Va ppp_mode 1015.Pq Vt str 1016Mode in which to run the 1017.Xr ppp 8 1018daemon. 1019Accepted modes are 1020.Dq Li auto , 1021.Dq Li ddial , 1022.Dq Li direct 1023and 1024.Dq Li dedicated . 1025See the manual for a full description. 1026.It Va ppp_nat 1027.Pq Vt bool 1028If set to 1029.Dq Li YES , 1030enables network address translation. 1031Used in conjunction with 1032.Va gateway_enable 1033allows hosts on private network addresses access to the Internet using 1034this host as a network address translating router. 1035.It Va ppp_profile 1036.Pq Vt str 1037The name of the profile to use from 1038.Pa /etc/ppp/ppp.conf . 1039.It Va ppp_user 1040.Pq Vt str 1041The name of the user under which 1042.Xr ppp 8 1043should be started. 1044By 1045default, 1046.Xr ppp 8 1047is started as 1048.Dq Li root . 1049.It Va rc_conf_files 1050.Pq Vt str 1051This option is used to specify a list of files that will override 1052the settings in 1053.Pa /etc/defaults/rc.conf . 1054The files will be read in the order in which they are specified and should 1055include the full path to the file. 1056By default, the files specified are 1057.Pa /etc/rc.conf 1058and 1059.Pa /etc/rc.conf.local 1060.It Va gbde_autoattach_all 1061.Pq Vt bool 1062If set to 1063.Dq Li YES , 1064.Pa /etc/rc.d/gbde 1065will attempt to automatically initialize your .bde devices in 1066.Pa /etc/fstab . 1067.It Va gbde_devices 1068.Pq Vt str 1069List the devices that the script should try to attach, 1070or 1071.Dq Li AUTO . 1072.It Va gbde_lockdir 1073.Pq Vt str 1074The directory where the 1075.Xr gbde 4 1076lockfiles are located. 1077The default lockfile directory is 1078.Pa /etc . 1079.Pp 1080The lockfile for each individual 1081.Xr gbde 4 1082device can be overridden by setting the variable 1083.Va gbde_lock_ Ns Aq Ar device , 1084where 1085.Ar device 1086is the encrypted device without the 1087.Dq Pa /dev/ 1088and 1089.Dq Pa .bde 1090parts. 1091.It Va gbde_attach_attempts 1092.Pq Vt int 1093Number of times to attempt attaching to a 1094.Xr gbde 4 1095device, i.e. how many times the user is asked for the pass-phrase. 1096Default is 3. 1097.It Va gbde_swap_enable 1098.Pq Vt bool 1099If set to 1100.Dq Li YES , 1101any .bde swap devices listed in 1102.Pa /etc/fstab 1103will be initialized with a random, one-shot key. 1104Note that this makes recovery of kernel dumps impossible. 1105.It Va fsck_y_enable 1106.Pq Vt bool 1107If set to 1108.Dq Li YES , 1109.Xr fsck 8 1110will be run with the 1111.Fl y 1112flag if the initial preen 1113of the file systems fails. 1114.It Va background_fsck 1115.Pq Vt bool 1116If set to 1117.Dq Li YES , 1118the system will attempt to run 1119.Xr fsck 8 1120in the background where possible. 1121.It Va background_fsck_delay 1122.Pq Vt int 1123The amount of time in seconds to sleep before starting a background 1124.Xr fsck 8 . 1125It defaults to sixty seconds to allow large applications such as 1126the X server to start before disk I/O bandwidth is monopolized by 1127.Xr fsck 8 . 1128.It Va netfs_types 1129.Pq Vt str 1130List of file system types that are network-based. 1131This list should generally not be modified by end users. 1132Use 1133.Va extra_netfs_types 1134instead. 1135.It Va extra_netfs_types 1136.Pq Vt str 1137If set to something other than 1138.Dq Li NO 1139(the default), 1140this variable extends the list of file system types 1141for which automatic mounting at startup by 1142.Xr rc 8 1143should be delayed until the network is initialized. 1144It should contain 1145a whitespace-separated list of network file system descriptor pairs, 1146each consisting of a file system type as passed to 1147.Xr mount 8 1148and a human-readable, one-word description, 1149joined with a colon 1150.Pq Ql \&: . 1151Extending the default list in this way is only necessary 1152when third party file system types are used. 1153.It Va syslogd_enable 1154.Pq Vt bool 1155If set to 1156.Dq Li YES , 1157run the 1158.Xr syslogd 8 1159daemon. 1160.It Va syslogd_program 1161.Pq Vt str 1162Path to 1163.Xr syslogd 8 1164(default 1165.Pa /usr/sbin/syslogd ) . 1166.It Va syslogd_flags 1167.Pq Vt str 1168If 1169.Va syslogd_enable 1170is set to 1171.Dq Li YES , 1172these are the flags to pass to 1173.Xr syslogd 8 . 1174.It Va inetd_enable 1175.Pq Vt bool 1176If set to 1177.Dq Li YES , 1178run the 1179.Xr inetd 8 1180daemon. 1181.It Va inetd_program 1182.Pq Vt str 1183Path to 1184.Xr inetd 8 1185(default 1186.Pa /usr/sbin/inetd ) . 1187.It Va inetd_flags 1188.Pq Vt str 1189If 1190.Va inetd_enable 1191is set to 1192.Dq Li YES , 1193these are the flags to pass to 1194.Xr inetd 8 . 1195.It Va named_enable 1196.Pq Vt bool 1197If set to 1198.Dq Li YES , 1199run the 1200.Xr named 8 1201daemon. 1202.It Va named_program 1203.Pq Vt str 1204Path to 1205.Xr named 8 1206(default 1207.Pa /usr/sbin/named ) . 1208.It Va named_flags 1209.Pq Vt str 1210If 1211.Va named_enable 1212is set to 1213.Dq Li YES , 1214these are the flags to pass to 1215.Xr named 8 . 1216.It Va named_pidfile 1217.Pq Vt str 1218This is the default path to the 1219.Xr named 8 1220daemon's PID file. 1221Change it if you change the location in 1222.Xr named.conf 5 . 1223.It Va named_chrootdir 1224.Pq Vt str 1225The root directory for a name server run in a 1226.Xr chroot 8 1227environment. 1228If left empty 1229.Xr named 8 1230will not be run in a 1231.Xr chroot 8 1232environment. 1233This variable has no effect if 1234.Va named_rcng 1235is not enabled. 1236This variable is experimental. 1237It may be removed or changed in the near future. 1238.It Va named_chroot_autoupdate 1239.Pq Vt bool 1240Set to 1241.Dq Li NO 1242to disable automatic syncing of libraries and 1243other system files between the root file system and the 1244.Xr chroot 8 . 1245This variable has no effect if 1246.Va named_rcng 1247is not enabled. 1248This variable is experimental. 1249It may be removed or changed in the near future. 1250.It Va named_symlink_enable 1251.Pq Vt bool 1252Set to 1253.Dq Li NO 1254to disable symlinking of 1255.Va named_pidfile 1256and 1257.Pa /var/run/ndc 1258into the 1259.Xr chroot 8 1260environment in which 1261.Xr named 8 1262is running. 1263This variable has no effect if 1264.Va named_rcng 1265is not enabled. 1266This variable is experimental. 1267It may be removed or changed in the near future. 1268.It Va kerberos5_server_enable 1269.Pq Vt bool 1270Set to 1271.Dq Li YES 1272to start a Kerberos 5 authentication server 1273at boot time. 1274.It Va kerberos5_server 1275.Pq Vt str 1276If 1277.Va kerberos5_server_enable 1278is set to 1279.Dq Li YES 1280this is the path to Kerberos 5 Authentication Server. 1281.It Va kadmind5_server_enable 1282.Pq Vt bool 1283Set to 1284.Dq Li YES 1285to start 1286.Xr kadmind 8 , 1287the Kerberos 5 Administration Daemon; set to 1288.Dq Li NO 1289on a slave server. 1290.It Va kadmind5_server 1291.Pq Vt str 1292If 1293.Va kadmind5_server_enable 1294is set to 1295.Dq Li YES 1296this is the path to Kerberos 5 Administration Daemon. 1297.It Va kpasswdd_server_enable 1298.Pq Vt bool 1299Set to 1300.Dq Li YES 1301to start 1302.Xr kpasswdd 8 , 1303the Kerberos 5 Password-Changing Daemon; set to 1304.Dq Li NO 1305on a slave server. 1306.It Va kpasswdd_server 1307.Pq Vt str 1308If 1309.Va kpasswdd_server_enable 1310is set to 1311.Dq Li YES 1312this is the path to Kerberos 5 Password-Changing Daemon. 1313.It Va rwhod_enable 1314.Pq Vt bool 1315If set to 1316.Dq Li YES , 1317run the 1318.Xr rwhod 8 1319daemon at boot time. 1320.It Va rwhod_flags 1321.Pq Vt str 1322If 1323.Va rwhod_enable 1324is set to 1325.Dq Li YES , 1326these are the flags to pass to it. 1327.It Va amd_enable 1328.Pq Vt bool 1329If set to 1330.Dq Li YES , 1331run the 1332.Xr amd 8 1333daemon at boot time. 1334.It Va amd_flags 1335.Pq Vt str 1336If 1337.Va amd_enable 1338is set to 1339.Dq Li YES , 1340these are the flags to pass to it. 1341See the 1342.Xr amd 8 1343manpage for more information. 1344.It Va amd_map_program 1345.Pq Vt str 1346If set, 1347the specified program is run to get the list of 1348.Xr amd 8 1349maps. 1350For example, if the 1351.Xr amd 8 1352maps are stored in NIS, one can set this to 1353run 1354.Xr ypcat 1 1355to get a list of 1356.Xr amd 8 1357maps from the 1358.Pa amd.master 1359NIS map. 1360.It Va update_motd 1361.Pq Vt bool 1362If set to 1363.Dq Li YES , 1364.Pa /etc/motd 1365will be updated at boot time to reflect the kernel release 1366being run. 1367If set to 1368.Dq Li NO , 1369.Pa /etc/motd 1370will not be updated. 1371.It Va nfs_client_enable 1372.Pq Vt bool 1373If set to 1374.Dq Li YES , 1375run the NFS client daemons at boot time. 1376.It Va nfs_access_cache 1377.Pq Vt int 1378If 1379.Va nfs_client_enable 1380is set to 1381.Dq Li YES , 1382this can be set to 1383.Dq Li 0 1384to disable NFS ACCESS RPC caching, or to the number of seconds for which 1385NFS ACCESS 1386results should be cached. 1387A value of 2-10 seconds will substantially reduce network 1388traffic for many NFS operations. 1389.It Va nfs_server_enable 1390.Pq Vt bool 1391If set to 1392.Dq Li YES , 1393run the NFS server daemons at boot time. 1394.It Va nfs_server_flags 1395.Pq Vt str 1396If 1397.Va nfs_server_enable 1398is set to 1399.Dq Li YES , 1400these are the flags to pass to the 1401.Xr nfsd 8 1402daemon. 1403.It Va mountd_enable 1404.Pq Vt bool 1405If set to 1406.Dq Li YES , 1407and no 1408.Va nfs_server_enable 1409is set, start 1410.Xr mountd 8 , 1411but not 1412.Xr nfsd 8 1413daemon. 1414It is commonly needed to run CFS without real NFS used. 1415.It Va mountd_flags 1416.Pq Vt str 1417If 1418.Va mountd_enable 1419is set to 1420.Dq Li YES , 1421these are the flags to pass to the 1422.Xr mountd 8 1423daemon. 1424.It Va weak_mountd_authentication 1425.Pq Vt bool 1426If set to 1427.Dq Li YES , 1428allow services like PCNFSD to make non-privileged mount 1429requests. 1430.It Va nfs_reserved_port_only 1431.Pq Vt bool 1432If set to 1433.Dq Li YES , 1434provide NFS services only on a secure port. 1435.It Va nfs_bufpackets 1436.Pq Vt int 1437If set to a number, indicates the number of packets worth of 1438socket buffer space to reserve on an NFS client. 1439The kernel default is typically 4. 1440Using a higher number may be 1441useful on gigabit networks to improve performance. 1442The minimum value is 14432 and the maximum is 64. 1444.It Va rpc_lockd_enable 1445.Pq Vt bool 1446If set to 1447.Dq Li YES 1448and also an NFS server, run 1449.Xr rpc.lockd 8 1450at boot time. 1451.It Va rpc_statd_enable 1452.Pq Vt bool 1453If set to 1454.Dq Li YES 1455and also an NFS server, run 1456.Xr rpc.statd 8 1457at boot time. 1458.It Va rpcbind_program 1459.Pq Vt str 1460Path to 1461.Xr rpcbind 8 1462(default 1463.Pa /usr/sbin/rpcbind ) . 1464.It Va rpcbind_enable 1465.Pq Vt bool 1466If set to 1467.Dq Li YES , 1468run the 1469.Xr rpcbind 8 1470service at boot time. 1471.It Va rpcbind_flags 1472.Pq Vt str 1473If 1474.Va rpcbind_enable 1475is set to 1476.Dq Li YES , 1477these are the flags to pass to the 1478.Xr rpcbind 8 1479daemon. 1480.It Va keyserv_enable 1481.Pq Vt bool 1482If set to 1483.Dq Li YES , 1484run the 1485.Xr keyserv 8 1486daemon on boot for running Secure RPC. 1487.It Va keyserv_flags 1488.Pq Vt str 1489If 1490.Va keyserv_enable 1491is set to 1492.Dq Li YES , 1493these are the flags to pass to 1494.Xr keyserv 8 1495daemon. 1496.It Va pppoed_enable 1497.Pq Vt bool 1498If set to 1499.Dq Li YES , 1500run the 1501.Xr pppoed 8 1502daemon at boot time to provide PPP over Ethernet services. 1503.It Va pppoed_ Ns Ar provider 1504.Pq Vt str 1505.Xr pppoed 8 1506listens to requests to this 1507.Ar provider 1508and ultimately runs 1509.Xr ppp 8 1510with a 1511.Ar system 1512argument of the same name. 1513.It Va pppoed_flags 1514.Pq Vt str 1515Additional flags to pass to 1516.Xr pppoed 8 . 1517.It Va pppoed_interface 1518.Pq Vt str 1519The network interface to run 1520.Xr pppoed 8 1521on. 1522This is mandatory when 1523.Va pppoed_enable 1524is set to 1525.Dq Li YES . 1526.It Va timed_enable 1527.Pq Vt bool 1528If set to 1529.Dq Li YES , 1530run the 1531.Xr timed 8 1532service at boot time. 1533This command is intended for networks of 1534machines where a consistent 1535.Dq "network time" 1536for all hosts must be established. 1537This is often useful in large NFS 1538environments where time stamps on files are expected to be consistent 1539network-wide. 1540.It Va timed_flags 1541.Pq Vt str 1542If 1543.Va timed_enable 1544is set to 1545.Dq Li YES , 1546these are the flags to pass to the 1547.Xr timed 8 1548service. 1549.It Va ntpdate_enable 1550.Pq Vt bool 1551If set to 1552.Dq Li YES , 1553run 1554.Xr ntpdate 8 1555at system startup. 1556This command is intended to 1557synchronize the system clock only 1558.Em once 1559from some standard reference. 1560An option to set this up initially 1561(from a list of known servers) is also provided by the 1562.Xr sysinstall 8 1563program when the system is first installed. 1564.It Va ntpdate_hosts 1565.Pq Vt str 1566A whitespace-separated list of NTP servers to synchronize with at startup. 1567The default is to use the servers listed in 1568.Pa /etc/ntp.conf , 1569if that file exists. 1570.It Va ntpdate_program 1571.Pq Vt str 1572Path to 1573.Xr ntpdate 8 1574(default 1575.Pa /usr/sbin/ntpdate ) . 1576.It Va ntpdate_flags 1577.Pq Vt str 1578If 1579.Va ntpdate_enable 1580is set to 1581.Dq Li YES , 1582these are the flags to pass to the 1583.Xr ntpdate 8 1584command (typically a hostname). 1585.It Va ntpd_enable 1586.Pq Vt bool 1587If set to 1588.Dq Li YES , 1589run the 1590.Xr ntpd 8 1591command at boot time. 1592.It Va ntpd_program 1593.Pq Vt str 1594Path to 1595.Xr ntpd 8 1596(default 1597.Pa /usr/sbin/ntpd ) . 1598.It Va ntpd_flags 1599.Pq Vt str 1600If 1601.Va ntpd_enable 1602is set to 1603.Dq Li YES , 1604these are the flags to pass to the 1605.Xr ntpd 8 1606daemon. 1607.It Va nis_client_enable 1608.Pq Vt bool 1609If set to 1610.Dq Li YES , 1611run the 1612.Xr ypbind 8 1613service at system boot time. 1614.It Va nis_client_flags 1615.Pq Vt str 1616If 1617.Va nis_client_enable 1618is set to 1619.Dq Li YES , 1620these are the flags to pass to the 1621.Xr ypbind 8 1622service. 1623.It Va nis_ypset_enable 1624.Pq Vt bool 1625If set to 1626.Dq Li YES , 1627run the 1628.Xr ypset 8 1629daemon at system boot time. 1630.It Va nis_ypset_flags 1631.Pq Vt str 1632If 1633.Va nis_ypset_enable 1634is set to 1635.Dq Li YES , 1636these are the flags to pass to the 1637.Xr ypset 8 1638daemon. 1639.It Va nis_server_enable 1640.Pq Vt bool 1641If set to 1642.Dq Li YES , 1643run the 1644.Xr ypserv 8 1645daemon at system boot time. 1646.It Va nis_server_flags 1647.Pq Vt str 1648If 1649.Va nis_server_enable 1650is set to 1651.Dq Li YES , 1652these are the flags to pass to the 1653.Xr ypserv 8 1654daemon. 1655.It Va nis_ypxfrd_enable 1656.Pq Vt bool 1657If set to 1658.Dq Li YES , 1659run the 1660.Xr rpc.ypxfrd 8 1661daemon at system boot time. 1662.It Va nis_ypxfrd_flags 1663.Pq Vt str 1664If 1665.Va nis_ypxfrd_enable 1666is set to 1667.Dq Li YES , 1668these are the flags to pass to the 1669.Xr rpc.ypxfrd 8 1670daemon. 1671.It Va nis_yppasswdd_enable 1672.Pq Vt bool 1673If set to 1674.Dq Li YES , 1675run the 1676.Xr rpc.yppasswdd 8 1677daemon at system boot time. 1678.It Va nis_yppasswdd_flags 1679.Pq Vt str 1680If 1681.Va nis_yppasswdd_enable 1682is set to 1683.Dq Li YES , 1684these are the flags to pass to the 1685.Xr rpc.yppasswdd 8 1686daemon. 1687.It Va rpc_ypupdated_enable 1688.Pq Vt bool 1689If set to 1690.Dq Li YES , 1691run the 1692.Nm rpc.ypupdated 1693daemon at system boot time. 1694.It Va defaultrouter 1695.Pq Vt str 1696If not set to 1697.Dq Li NO , 1698create a default route to this host name or IP address 1699(use an IP address if this router is also required to get to the 1700name server!). 1701.It Va ipv6_defaultrouter 1702.Pq Vt str 1703The IPv6 equivalent of 1704.Va defaultrouter . 1705.It Va static_routes 1706.Pq Vt str 1707Set to the list of static routes that are to be added at system 1708boot time. 1709If not set to 1710.Dq Li NO 1711then for each whitespace separated 1712.Ar element 1713in the value, a 1714.Va route_ Ns Aq Ar element 1715variable is assumed to exist 1716whose contents will later be passed to a 1717.Dq Nm route Cm add 1718operation. 1719For example: 1720.Bd -literal 1721static_routes="mcast gif0local" 1722route_mcast="-net 224.0.0.0/4 -iface gif0" 1723route_gif0local="-host 169.254.1.1 -iface lo0" 1724.Ed 1725.It Va ipv6_static_routes 1726.Pq Vt str 1727The IPv6 equivalent of 1728.Va static_routes . 1729If not set to 1730.Dq Li NO 1731then for each whitespace separated 1732.Ar element 1733in the value, a 1734.Va ipv6_route_ Ns Aq Ar element 1735variable is assumed to exist 1736whose contents will later be passed to a 1737.Dq Nm route Cm add Fl inet6 1738operation. 1739.It Va natm_static_routes 1740.Pq Vt str 1741The 1742.Xr natmip 4 1743equivalent of 1744.Va static_routes . 1745If not empty then for each whitespace separated 1746.Ar element 1747in the value, a 1748.Va route_ Ns Aq Ar element 1749variable is assumed to exist whose contents will later be passed to a 1750.Dq Nm atmconfig Cm natm Cm add 1751operation. 1752.It Va gateway_enable 1753.Pq Vt bool 1754If set to 1755.Dq Li YES , 1756configure host to act as an IP router, e.g.\& to forward packets 1757between interfaces. 1758.It Va ipv6_gateway_enable 1759.Pq Vt bool 1760The IPv6 equivalent of 1761.Va gateway_enable . 1762.It Va router_enable 1763.Pq Vt bool 1764If set to 1765.Dq Li YES , 1766run a routing daemon of some sort, based on the 1767settings of 1768.Va router 1769and 1770.Va router_flags . 1771.It Va ipv6_router_enable 1772.Pq Vt bool 1773The IPv6 equivalent of 1774.Va router_enable . 1775If set to 1776.Dq Li YES , 1777run a routing daemon of some sort, based on the 1778settings of 1779.Va ipv6_router 1780and 1781.Va ipv6_router_flags . 1782.It Va router 1783.Pq Vt str 1784If 1785.Va router_enable 1786is set to 1787.Dq Li YES , 1788this is the name of the routing daemon to use. 1789.It Va ipv6_router 1790.Pq Vt str 1791The IPv6 equivalent of 1792.Va router . 1793.It Va router_flags 1794.Pq Vt str 1795If 1796.Va router_enable 1797is set to 1798.Dq Li YES , 1799these are the flags to pass to the routing daemon. 1800.It Va ipv6_router_flags 1801.Pq Vt str 1802The IPv6 equivalent of 1803.Va router_flags . 1804.It Va mrouted_enable 1805.Pq Vt bool 1806If set to 1807.Dq Li YES , 1808run the multicast routing daemon, 1809.Xr mrouted 8 . 1810.It Va mroute6d_enable 1811.Pq Vt bool 1812The IPv6 equivalent of 1813.Va mrouted_enable . 1814If set to 1815.Dq Li YES , 1816run the IPv6 multicast routing daemon. 1817Note that no IPv6 multicast routing daemon is included in the 1818.Fx 1819base system but 1820.Xr pim6dd 8 1821can be installed from the 1822.Fx 1823Ports Collection. 1824.It Va mrouted_flags 1825.Pq Vt str 1826If 1827.Va mrouted_enable 1828is set to 1829.Dq Li YES , 1830these are the flags to pass to the 1831.Xr mrouted 8 1832daemon. 1833.It Va mroute6d_flags 1834.Pq Vt str 1835The IPv6 equivalent of 1836.Va mrouted_flags . 1837If 1838.Va mroute6d_enable 1839is set to 1840.Dq Li YES , 1841these are the flags passed to the IPv6 multicast routing daemon. 1842.It Va mroute6d_program 1843.Pq Vt str 1844If 1845.Va mroute6d_enable 1846is set to 1847.Dq Li YES , 1848this is the path to the IPv6 multicast routing daemon. 1849.It Va rtadvd_enable 1850.Pq Vt bool 1851If set to 1852.Dq Li YES , 1853run the 1854.Xr rtadvd 8 1855daemon at boot time. 1856.Xr rtadvd 8 1857will only run if 1858.Va ipv6_gateway_enable 1859is also set to 1860.Dq Li YES . 1861The 1862.Xr rtadvd 8 1863utility sends router advertisement packets to the interfaces specified in 1864.Va rtadvd_interfaces 1865and should only be enabled with great care. 1866You may want to fine-tune 1867.Xr rtadvd.conf 5 . 1868.It Va rtadvd_interfaces 1869.Pq Vt str 1870If 1871.Va rtadvd_enable 1872is set to 1873.Dq Li YES 1874this is the list of interfaces to use. 1875.It Va ipxgateway_enable 1876.Pq Vt bool 1877If set to 1878.Dq Li YES , 1879enable the routing of IPX traffic. 1880.It Va ipxrouted_enable 1881.Pq Vt bool 1882If set to 1883.Dq Li YES , 1884run the 1885.Xr IPXrouted 8 1886daemon at system boot time. 1887.It Va ipxrouted_flags 1888.Pq Vt str 1889If 1890.Va ipxrouted_enable 1891is set to 1892.Dq Li YES , 1893these are the flags to pass to the 1894.Xr IPXrouted 8 1895daemon. 1896.It Va arpproxy_all 1897.Pq Vt bool 1898If set to 1899.Dq Li YES , 1900enable global proxy ARP. 1901.It Va forward_sourceroute 1902.Pq Vt bool 1903If set to 1904.Dq Li YES 1905and 1906.Va gateway_enable 1907is also set to 1908.Dq Li YES , 1909source-routed packets are forwarded. 1910.It Va accept_sourceroute 1911.Pq Vt bool 1912If set to 1913.Dq Li YES , 1914the system will accept source-routed packets directed at it. 1915.It Va rarpd_enable 1916.Pq Vt bool 1917If set to 1918.Dq Li YES , 1919run the 1920.Xr rarpd 8 1921daemon at system boot time. 1922.It Va rarpd_flags 1923.Pq Vt str 1924If 1925.Va rarpd_enable 1926is set to 1927.Dq Li YES , 1928these are the flags to pass to the 1929.Xr rarpd 8 1930daemon. 1931.It Va bootparamd_enable 1932.Pq Vt bool 1933If set to 1934.Dq Li YES , 1935run the 1936.Xr bootparamd 8 1937daemon at system boot time. 1938.It Va bootparamd_flags 1939.Pq Vt str 1940If 1941.Va bootparamd_enable 1942is set to 1943.Dq Li YES , 1944these are the flags to pass to the 1945.Xr bootparamd 8 1946daemon. 1947.It Va stf_interface_ipv4addr 1948.Pq Vt str 1949If not set to 1950.Dq Li NO , 1951this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 1952interface). 1953Specify this entry to enable the 6to4 interface. 1954.It Va stf_interface_ipv4plen 1955.Pq Vt int 1956Prefix length for 6to4 IPv4 addresses, to limit peer address range. 1957An effective value is 0-31. 1958.It Va stf_interface_ipv6_ifid 1959.Pq Vt str 1960IPv6 interface ID for 1961.Xr stf 4 . 1962This can be set to 1963.Dq Li AUTO . 1964.It Va stf_interface_ipv6_slaid 1965.Pq Vt str 1966IPv6 Site Level Aggregator for 1967.Xr stf 4 . 1968.It Va ipv6_faith_prefix 1969.Pq Vt str 1970If not set to 1971.Dq Li NO , 1972this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 1973translator. 1974You also need 1975.Xr faithd 8 1976setup. 1977.It Va ipv6_ipv4mapping 1978.Pq Vt bool 1979If set to 1980.Dq Li YES 1981this enables IPv4 mapped IPv6 address communication (like 1982.Li ::ffff:a.b.c.d ) . 1983.It Va atm_enable 1984.Pq Vt bool 1985Set to 1986.Dq Li YES 1987to enable the configuration of ATM interfaces at system boot time. 1988For all of the ATM variables described below, please refer to the 1989.Xr atm 8 1990man page for further details on the available command parameters. 1991Also refer to the files in 1992.Pa /usr/share/examples/atm 1993for more detailed configuration information. 1994.It Va atm_load 1995.Pq Vt str 1996This is a list of physical ATM interface drivers to load. 1997Typical values are 1998.Dq Li hfa_pci 1999and/or 2000.Dq Li hea_pci . 2001.It Va atm_netif_ Ns Aq Ar intf 2002.Pq Vt str 2003For the ATM physical interface 2004.Ar intf , 2005this variable defines the name prefix and count for the ATM network 2006interfaces to be created. 2007The value will be passed as the parameters of an 2008.Dq Nm atm Cm "set netif" Ar intf 2009command. 2010.It Va atm_sigmgr_ Ns Aq Ar intf 2011.Pq Vt str 2012For the ATM physical interface 2013.Ar intf , 2014this variable defines the ATM signalling manager to be used. 2015The value will be passed as the parameters of an 2016.Dq Nm atm Cm attach Ar intf 2017command. 2018.It Va atm_prefix_ Ns Aq Ar intf 2019.Pq Vt str 2020For the ATM physical interface 2021.Ar intf , 2022this variable defines the NSAP prefix for interfaces using a UNI signalling 2023manager. 2024If set to 2025.Dq Li ILMI , 2026the prefix will automatically be set via the 2027.Xr ilmid 8 2028daemon. 2029Otherwise, the value will be passed as the parameters of an 2030.Dq Nm atm Cm "set prefix" Ar intf 2031command. 2032.It Va atm_macaddr_ Ns Aq Ar intf 2033.Pq Vt str 2034For the ATM physical interface 2035.Ar intf , 2036this variable defines the MAC address for interfaces using a UNI signalling 2037manager. 2038If set to 2039.Dq Li NO , 2040the hardware MAC address contained in the ATM interface card will be used. 2041Otherwise, the value will be passed as the parameters of an 2042.Dq Nm atm Cm "set mac" Ar intf 2043command. 2044.It Va atm_arpserver_ Ns Aq Ar netif 2045.Pq Vt str 2046For the ATM network interface 2047.Ar netif , 2048this variable defines the ATM address for a host which is to provide ATMARP 2049service. 2050This variable is only applicable to interfaces using a UNI signalling 2051manager. 2052If set to 2053.Dq Li local , 2054this host will become an ATMARP server. 2055The value will be passed as the parameters of an 2056.Dq Nm atm Cm "set arpserver" Ar netif 2057command. 2058.It Va atm_scsparp_ Ns Aq Ar netif 2059.Pq Vt bool 2060If set to 2061.Dq Li YES , 2062SCSP/ATMARP service for the network interface 2063.Ar netif 2064will be initiated using the 2065.Xr scspd 8 2066and 2067.Xr atmarpd 8 2068daemons. 2069This variable is only applicable if 2070.Va atm_arpserver_ Ns Aq Ar netif 2071is set to 2072.Dq Li local . 2073.It Va atm_pvcs 2074.Pq Vt str 2075Set to the list of ATM PVCs to be added at system 2076boot time. 2077For each whitespace separated 2078.Ar element 2079in the value, an 2080.Va atm_pvc_ Ns Aq Ar element 2081variable is assumed to exist. 2082The value of each of these variables 2083will be passed as the parameters of an 2084.Dq Nm atm Cm "add pvc" 2085command. 2086.It Va atm_arps 2087.Pq Vt str 2088Set to the list of permanent ATM ARP entries to be added 2089at system boot time. 2090For each whitespace separated 2091.Ar element 2092in the value, an 2093.Va atm_arp_ Ns Aq Ar element 2094variable is assumed to exist. 2095The value of each of these variables 2096will be passed as the parameters of an 2097.Dq Nm atm Cm "add arp" 2098command. 2099.It Va natm_interfaces 2100.Pq Vt str 2101Set to the list of 2102.Xr natm 4 2103interfaces that will also be used for HARP through 2104.Xr harp 4 . 2105If this list is not empty all interfaces in the list will be brought up 2106with 2107.Xr ifconfig 8 2108and 2109.Xr harp 4 2110will be loaded. 2111For this to work the interface drivers must be either compiled into the 2112kernel or must reside on the root partition. 2113.It Va keybell 2114.Pq Vt str 2115The keyboard bell sound. 2116Set to 2117.Dq Li normal , 2118.Dq Li visual , 2119.Dq Li off , 2120or 2121.Dq Li NO 2122if the default behavior is desired. 2123For details, refer to the 2124.Xr kbdcontrol 1 2125manpage. 2126.It Va keyboard 2127.Pq Vt str 2128If set to a non-null string, the virtual console's keyboard input is 2129set to this device. 2130.It Va keymap 2131.Pq Vt str 2132If set to 2133.Dq Li NO , 2134no keymap is installed, otherwise the value is used to install 2135the keymap file in 2136.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2137.It Va keyrate 2138.Pq Vt str 2139The keyboard repeat speed. 2140Set to 2141.Dq Li slow , 2142.Dq Li normal , 2143.Dq Li fast , 2144or 2145.Dq Li NO 2146if the default behavior is desired. 2147.It Va keychange 2148.Pq Vt str 2149If not set to 2150.Dq Li NO , 2151attempt to program the function keys with the value. 2152The value should 2153be a single string of the form: 2154.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2155.It Va cursor 2156.Pq Vt str 2157Can be set to the value of 2158.Dq Li normal , 2159.Dq Li blink , 2160.Dq Li destructive , 2161or 2162.Dq Li NO 2163to set the cursor behavior explicitly or choose the default behavior. 2164.It Va scrnmap 2165.Pq Vt str 2166If set to 2167.Dq Li NO , 2168no screen map is installed, otherwise the value is used to install 2169the screen map file in 2170.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2171.It Va font8x16 2172.Pq Vt str 2173If set to 2174.Dq Li NO , 2175the default 8x16 font value is used for screen size requests, otherwise 2176the value in 2177.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2178is used. 2179.It Va font8x14 2180.Pq Vt str 2181If set to 2182.Dq Li NO , 2183the default 8x14 font value is used for screen size requests, otherwise 2184the value in 2185.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2186is used. 2187.It Va font8x8 2188.Pq Vt str 2189If set to 2190.Dq Li NO , 2191the default 8x8 font value is used for screen size requests, otherwise 2192the value in 2193.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2194is used. 2195.It Va blanktime 2196.Pq Vt int 2197If set to 2198.Dq Li NO , 2199the default screen blanking interval is used, otherwise it is set 2200to 2201.Ar value 2202seconds. 2203.It Va saver 2204.Pq Vt str 2205If not set to 2206.Dq Li NO , 2207this is the actual screen saver to use 2208.Li ( blank , snake , daemon , 2209etc). 2210.It Va moused_enable 2211.Pq Vt str 2212If set to 2213.Dq Li YES , 2214the 2215.Xr moused 8 2216daemon is started for doing cut/paste selection on the console. 2217.It Va moused_type 2218.Pq Vt str 2219This is the protocol type of the mouse connected to this host. 2220This variable must be set if 2221.Va moused_enable 2222is set to 2223.Dq Li YES . 2224The 2225.Xr moused 8 2226daemon 2227is able to detect the appropriate mouse type automatically in many cases. 2228Set this variable to 2229.Dq Li auto 2230to let the daemon detect it, or 2231select one from the following list if the automatic detection fails. 2232.Pp 2233If the mouse is attached to the PS/2 mouse port, choose 2234.Dq Li auto 2235or 2236.Dq Li ps/2 , 2237regardless of the brand and model of the mouse. 2238Likewise, if the 2239mouse is attached to the bus mouse port, choose 2240.Dq Li auto 2241or 2242.Dq Li busmouse . 2243All other protocols are for serial mice and will not work with 2244the PS/2 and bus mice. 2245If this is a USB mouse, 2246.Dq Li auto 2247is the only protocol type which will work. 2248.Pp 2249.Bl -tag -width ".Li x10mouseremote" -compact 2250.It Li microsoft 2251Microsoft mouse (serial) 2252.It Li intellimouse 2253Microsoft IntelliMouse (serial) 2254.It Li mousesystems 2255Mouse systems Corp.\& mouse (serial) 2256.It Li mmseries 2257MM Series mouse (serial) 2258.It Li logitech 2259Logitech mouse (serial) 2260.It Li busmouse 2261A bus mouse 2262.It Li mouseman 2263Logitech MouseMan and TrackMan (serial) 2264.It Li glidepoint 2265ALPS GlidePoint (serial) 2266.It Li thinkingmouse 2267Kensington ThinkingMouse (serial) 2268.It Li ps/2 2269PS/2 mouse 2270.It Li mmhittab 2271MM HitTablet (serial) 2272.It Li x10mouseremote 2273X10 MouseRemote (serial) 2274.It Li versapad 2275Interlink VersaPad (serial) 2276.El 2277.Pp 2278Even if the mouse is not in the above list, it may be compatible 2279with one in the list. 2280Refer to the man page for 2281.Xr moused 8 2282for compatibility information. 2283.Pp 2284It should also be noted that while this is enabled, any 2285other client of the mouse (such as an X server) should access 2286the mouse through the virtual mouse device, 2287.Pa /dev/sysmouse , 2288and configure it as a 2289.Dq Li sysmouse 2290type mouse, since all 2291mouse data is converted to this single canonical format when 2292using 2293.Xr moused 8 . 2294If the client program does not support the 2295.Dq Li sysmouse 2296type, 2297specify the 2298.Dq Li mousesystems 2299type. 2300It is the second preferred type. 2301.It Va moused_port 2302.Pq Vt str 2303If 2304.Va moused_enable 2305is set to 2306.Dq Li YES , 2307this is the actual port the mouse is on. 2308It might be 2309.Pa /dev/cuaa0 2310for a COM1 serial mouse, 2311.Pa /dev/psm0 2312for a PS/2 mouse or 2313.Pa /dev/mse0 2314for a bus mouse, for example. 2315.It Va moused_flags 2316.Pq Vt str 2317If 2318.Va moused_type 2319is set, these are the additional flags to pass to the 2320.Xr moused 8 2321daemon. 2322.It Va mousechar_start 2323.Pq Vt int 2324If set to 2325.Dq Li NO , 2326the default mouse cursor character range 2327.Li 0xd0 Ns - Ns Li 0xd3 2328is used, 2329otherwise the range start is set 2330to 2331.Ar value 2332character, see 2333.Xr vidcontrol 1 . 2334Use if the default range is occupied in the language code table. 2335.It Va allscreens_flags 2336.Pq Vt str 2337If set, 2338.Xr vidcontrol 1 2339is run with these options for each of the virtual terminals 2340.Pq Pa /dev/ttyv* . 2341For example, 2342.Dq Fl m Cm on 2343will enable the mouse pointer on all virtual terminals 2344if 2345.Va moused_enable 2346is set to 2347.Dq Li YES . 2348.It Va allscreens_kbdflags 2349.Pq Vt str 2350If set, 2351.Xr kbdcontrol 1 2352is run with these options for each of the virtual terminals 2353.Pq Pa /dev/ttyv* . 2354For example, 2355.Dq Fl h Li 200 2356will set the 2357.Xr syscons 4 2358scrollback (history) buffer to 200 lines. 2359.It Va cron_enable 2360.Pq Vt bool 2361If set to 2362.Dq Li YES , 2363run the 2364.Xr cron 8 2365daemon at system boot time. 2366.It Va cron_program 2367.Pq Vt str 2368Path to 2369.Xr cron 8 2370(default 2371.Pa /usr/sbin/cron ) . 2372.It Va cron_flags 2373.Pq Vt str 2374If 2375.Va cron_enable 2376is set to 2377.Dq Li YES , 2378these are the flags to pass to 2379.Xr cron 8 . 2380.It Va cron_dst 2381.Pq Vt bool 2382If set to 2383.Dq Li YES , 2384enable the special handling of transitions to and from the 2385Daylight Saving Time in 2386.Xr cron 8 2387(equivalent to using the flag 2388.Fl s ) . 2389.It Va lpd_program 2390.Pq Vt str 2391Path to 2392.Xr lpd 8 2393(default 2394.Pa /usr/sbin/lpd ) . 2395.It Va lpd_enable 2396.Pq Vt bool 2397If set to 2398.Dq Li YES , 2399run the 2400.Xr lpd 8 2401daemon at system boot time. 2402.It Va lpd_flags 2403.Pq Vt str 2404If 2405.Va lpd_enable 2406is set to 2407.Dq Li YES , 2408these are the flags to pass to the 2409.Xr lpd 8 2410daemon. 2411.It Va mta_start_script 2412.Pq Vt str 2413This variable specifies the full path to the script to run to start 2414a mail transfer agent. 2415The default is 2416.Pa /etc/rc.sendmail . 2417The 2418.Va sendmail_* 2419variables which 2420.Pa /etc/rc.sendmail 2421uses are documented in the 2422.Xr rc.sendmail 8 2423man page. 2424.It Va dumpdev 2425.Pq Vt str 2426Indicates the device (usually a swap partition) to which a crash dump 2427should be written in the event of a system crash. 2428The value of this variable is passed as the argument to 2429.Xr dumpon 8 . 2430To disable crash dumps, set this variable to 2431.Dq Li NO . 2432.It Va dumpdir 2433.Pq Vt str 2434When the system reboots after a crash and a crash dump is found on the 2435device specified by the 2436.Va dumpdev 2437variable, 2438.Xr savecore 8 2439will save that crash dump and a copy of the kernel to the directory 2440specified by the 2441.Va dumpdir 2442variable. 2443The default value is 2444.Pa /var/crash . 2445Set to 2446.Dq Li NO 2447to not run 2448.Xr savecore 8 2449at boot time when 2450.Va dumpdir 2451is set. 2452.It Va savecore_flags 2453.Pq Vt str 2454If crash dumps are enabled, these are the flags to pass to the 2455.Xr savecore 8 2456utility. 2457.It Va enable_quotas 2458.Pq Vt bool 2459Set to 2460.Dq Li YES 2461to turn on user disk quotas on system startup via the 2462.Xr quotaon 8 2463command. 2464.It Va check_quotas 2465.Pq Vt bool 2466Set to 2467.Dq Li YES 2468to enable user disk quota checking via the 2469.Xr quotacheck 8 2470command. 2471.It Va accounting_enable 2472.Pq Vt bool 2473Set to 2474.Dq Li YES 2475to enable system accounting through the 2476.Xr accton 8 2477facility. 2478.It Va ibcs2_enable 2479.Pq Vt bool 2480Set to 2481.Dq Li YES 2482to enable iBCS2 (SCO) binary emulation at system initial boot 2483time. 2484.It Va ibcs2_loaders 2485.Pq Vt str 2486If not set to 2487.Dq Li NO 2488and if 2489.Va ibcs2_enable 2490is set to 2491.Dq Li YES , 2492this specifies a list of additional iBCS2 loaders to enable. 2493.It Va linux_enable 2494.Pq Vt bool 2495Set to 2496.Dq Li YES 2497to enable Linux/ELF binary emulation at system initial 2498boot time. 2499.It Va osf1_enable 2500.Pq Vt bool 2501Set to 2502.Dq Li YES 2503to enable OSF/1 (Digital UNIX) binary emulation at system 2504initial boot time. 2505(alpha) 2506.It Va svr4_enable 2507.Pq Vt bool 2508If set to 2509.Dq Li YES , 2510enable SysVR4 emulation at boot time. 2511.It Va sysvipc_enable 2512.Pq Vt bool 2513If set to 2514.Dq Li YES , 2515load System V IPC primitives at boot time. 2516.It Va clear_tmp_enable 2517.Pq Vt bool 2518Set to 2519.Dq Li YES 2520to have 2521.Pa /tmp 2522cleaned at startup. 2523.It Va ldconfig_paths 2524.Pq Vt str 2525Set to the list of shared library paths to use with 2526.Xr ldconfig 8 . 2527NOTE: 2528.Pa /usr/lib 2529will always be added first, so it need not appear in this list. 2530.It Va ldconfig_paths_aout 2531.Pq Vt str 2532Set to the list of shared library paths to use with 2533.Xr ldconfig 8 2534legacy 2535.Xr a.out 5 2536support. 2537.It Va ldconfig_insecure 2538.Pq Vt bool 2539The 2540.Xr ldconfig 8 2541utility normally refuses to use directories 2542which are writable by anyone except root. 2543Set this variable to 2544.Dq Li YES 2545to disable that security check during system startup. 2546.It Va kern_securelevel_enable 2547.Pq Vt bool 2548Set to 2549.Dq Li YES 2550to set the kernel security level at system startup. 2551.It Va kern_securelevel 2552.Pq Vt int 2553The kernel security level to set at startup. 2554The allowed range of 2555.Ar value 2556ranges from \-1 (the compile time default) to 3 (the 2557most secure). 2558See 2559.Xr init 8 2560for the list of possible security levels and their effect 2561on system operation. 2562.It Va lomac_enable 2563.Pq Vt bool 2564Set to 2565.Dq Li YES 2566to enable Low Watermark Mandatory Access Control (LOMAC) at boot time. 2567This security model enforces integrity constraints for system processes; 2568see 2569.Xr lomac 4 2570for a complete description of the LOMAC model, as well as its impact 2571on system operation. 2572.It Va start_vinum 2573.Pq Vt bool 2574Set to 2575.Dq Li YES 2576to start 2577.Xr vinum 8 2578at system boot time. 2579.It Va sshd_program 2580.Pq Vt str 2581Path to the SSH server program 2582.Pa ( /usr/sbin/sshd 2583is the default). 2584.It Va sshd_enable 2585.Pq Vt bool 2586Set to 2587.Dq Li YES 2588to start 2589.Xr sshd 8 2590at system boot time. 2591.It Va sshd_flags 2592.Pq Vt str 2593If 2594.Va sshd_enable 2595is set to 2596.Dq Li YES , 2597these are the flags to pass to the 2598.Xr sshd 8 2599daemon. 2600.It Va usbd_enable 2601.Pq Vt bool 2602If set to 2603.Dq Li YES , 2604run the 2605.Xr usbd 8 2606daemon at boot time. 2607.It Va usbd_flags 2608.Pq Vt str 2609If 2610.Va usbd_enable 2611is set to 2612.Dq Li YES , 2613these are the flags passed to the 2614.Xr usbd 8 2615daemon. 2616.It Va watchdogd_enable 2617.Pq Vt bool 2618If set to 2619.Dq Li YES , 2620start the 2621.Xr watchdogd 8 2622daemon at boot time. 2623This requires that the kernel have been compiled with a 2624.Xr watchdog 4 2625compatible device. 2626.It Va watchdogd_flags 2627.Pq Vt str 2628If 2629.Va watchdogd_enable 2630is set to 2631.Dq Li YES , 2632these are the flags passed to the 2633.Xr watchdogd 8 2634daemon. 2635.It Va jail_enable 2636.Pq Vt bool 2637If set to 2638.Dq Li NO , 2639any configured jails will not be started. 2640.It Va jail_list 2641.Pq Vt str 2642A space separated list of names for jails. 2643This is purely a configuration aid to help identify and 2644configure multiple jails. 2645The names specified in this list will be used to 2646identify settings common to an instance of a jail. 2647Assuming that the jail in question was named 2648.Li vjail , 2649you would have the following dependant variables: 2650.Bd -literal 2651jail_vjail_hostname="jail.example.com" 2652jail_vjail_ip="192.168.1.100" 2653jail_vjail_rootdir="/var/jails/vjail/root" 2654jail_vjail_exec="/bin/sh /etc/rc" 2655.Ed 2656.Pp 2657The last one is optional. 2658It defaults to 2659.Pa /etc/rc 2660if it is not set. 2661.It Va jail_set_hostname_allow 2662.Pq Vt bool 2663If set to 2664.Dq Li NO , 2665do not allow the root user in a jail to set its hostname. 2666.It Va jail_socket_unixiproute_only 2667.Pq Vt bool 2668If set to 2669.Dq Li NO , 2670do not allow any protocol, 2671besides TCP/IP, 2672to be used within a jail. 2673.It Va jail_sysvipc_allow 2674.Pq Vt bool 2675If set to 2676.Dq Li YES , 2677allow applications within a jail to use System V IPC. 2678.It Va unaligned_print 2679.Pq Vt bool 2680If set to 2681.Dq Li NO , 2682unaligned access warnings will not be printed. 2683(alpha) 2684.\" ----- isdn settings --------------------------------- 2685.It Va isdn_enable 2686.Pq Vt bool 2687Set to 2688.Dq Li NO 2689by default. 2690When set to 2691.Dq Li YES , 2692starts the 2693.Xr isdnd 8 2694daemon 2695at system boot time. 2696.It Va isdn_flags 2697.Pq Vt str 2698Set to 2699.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2700by default. 2701Additional flags to pass to 2702.Xr isdnd 8 2703(but see 2704.Va isdn_fsdev 2705and 2706.Va isdn_ttype 2707for certain tunable parameters). 2708.It Va isdn_ttype 2709.Pq Vt str 2710Set to 2711.Dq Li cons25 2712by default. 2713The terminal type of the output device when 2714.Xr isdnd 8 2715operates in full-screen mode. 2716.It Va isdn_screenflags 2717.Pq Vt str 2718Set to 2719.Dq Li NO 2720by default. 2721The video mode for full-screen mode (only for 2722.Xr syscons 4 2723console driver, see 2724.Xr vidcontrol 1 2725for valid modes). 2726.It Va isdn_fsdev 2727.Pq Vt str 2728Set to 2729.Dq Li NO 2730by default. 2731The output device for 2732.Xr isdnd 8 2733in full-screen mode (or 2734.Dq Li NO 2735for daemon mode). 2736.It Va isdn_trace 2737.Pq Vt bool 2738Set to 2739.Dq Li NO 2740by default. 2741When set to 2742.Dq Li YES , 2743enables the ISDN protocol trace utility 2744.Xr isdntrace 8 2745at system boot time. 2746.It Va isdn_traceflags 2747.Pq Vt str 2748Set to 2749.Dq Fl f Pa /var/tmp/isdntrace0 2750by default. 2751Flags for 2752.Xr isdntrace 8 . 2753.\" ----------------------------------------------------- 2754.It Va pcvt_verbose 2755.Pq Vt bool 2756Set to 2757.Dq Li NO 2758by default. 2759When set to 2760.Dq Li YES , 2761verbose messages about the actions done by the start script are displayed. 2762.Em Note : 2763the 2764.Xr pcvt 4 2765driver must be compiled into the kernel before the 2766.Xr pcvt 4 2767related 2768options described here take any effect. 2769.It Va pcvt_keymap 2770.Pq Vt str 2771Set to 2772.Dq Li NO 2773by default. 2774Use this to configure a national keyboard mapping found in the 2775.Pa /usr/share/misc/keycap.pcvt 2776file of keyboard mappings. 2777(See also the manual pages 2778.Xr keycap 5 2779and 2780.Xr keycap 3 2781for usage of 2782.Xr pcvt 4 Ns 's 2783keycap database and the manual page 2784.Xr kcon 1 2785option 2786.Fl m 2787for national keyboard mapping configuration.) 2788.It Va pcvt_keydel 2789.Pq Vt int 2790Set to 2791.Dq Li NO 2792by default. 2793Used to set the keyboard key repeat delay value. 2794Valid values are 2795in the range 0..3 for delay values of 250, 500, 750 and 1000 msec. 2796(See also the 2797.Xr kcon 1 2798manual page.) 2799.It Va pcvt_keyrate 2800.Pq Vt int 2801Set to 2802.Dq Li NO 2803by default. 2804Used to set the keyboard key repetition rate value. 2805Valid values are 2806in the range 0..31 for repetition values of 2..30 characters per second. 2807.It Va pcvt_keyrepeat 2808.Pq Vt bool 2809Set to 2810.Dq Li NO 2811by default. 2812Set to 2813.Dq Li YES 2814to enable automatic keyboard key repeating. 2815.It Va pcvt_force24 2816.Pq Vt bool 2817Set to 2818.Dq Li NO 2819by default. 2820Set to 2821.Dq Li YES 2822to force 2823.Xr pcvt 4 2824to use 24 lines only (in 25 lines mode) for compatibility 2825with the original 2826.Tn VT220 2827terminal. 2828.It Va pcvt_hpext 2829.Pq Vt bool 2830Set to 2831.Dq Li NO 2832by default. 2833Set to 2834.Dq Li YES 2835to enable the display and functionality of function key labels (as found 2836on 2837.Tn Hewlett-Packard 2838terminals such as the 2839.Tn HP2392A 2840and the 2841.Tn HP700/92 2842in 2843.Tn ANSI 2844mode). 2845.It Va pcvt_lines 2846.Pq Vt int 2847Set to 2848.Dq Li NO 2849by default resulting in a value of 25. 2850Used to set the number of lines on the screen. 2851For VGA displays, valid 2852values are 25, 28, 40 and 50 lines. 2853(See also the 2854.Xr scon 1 2855manual page.) 2856.It Va pcvt_blanktime 2857.Pq Vt int 2858Set to 2859.Dq Li NO 2860by default. 2861Used to set the screen saver timeout in seconds for values greater than 2862zero. 2863.It Va pcvt_cursorh 2864.Pq Vt int 2865Set to 2866.Dq Li NO 2867by default. 2868Used to set the cursor top scanline. 2869(See also the 2870.Xr cursor 1 2871manual page.) 2872.It Va pcvt_cursorl 2873.Pq Vt int 2874Set to 2875.Dq Li NO 2876by default. 2877Used to set the cursor bottom scanline. 2878.It Va pcvt_monohigh 2879.Pq Vt bool 2880Set to 2881.Dq Li NO 2882by default. 2883Set to 2884.Dq Li YES 2885to set intensity to high on monochrome monitors. 2886(See also the 2887.Xr scon 1 2888manual page, option 2889.Fl p , 2890for more information on changing VGA palette 2891values.) 2892.It Va harvest_interrupt 2893.Pq Vt bool 2894Set to 2895.Dq Li YES 2896to use hardware interrupts as an entropy source. 2897Refer to 2898.Xr random 4 2899for more information. 2900.It Va harvest_ethernet 2901.Pq Vt bool 2902Set to 2903.Dq Li YES 2904to use LAN traffic as an entropy source. 2905Refer to 2906.Xr random 4 2907for more information. 2908.It Va harvest_p_to_p 2909.Pq Vt bool 2910Set to 2911.Dq Li YES 2912to use serial line traffic as an entropy source. 2913Refer to 2914.Xr random 4 2915for more information. 2916.It Va entropy_dir 2917.Pq Vt str 2918Set to 2919.Dq Li NO 2920to disable caching entropy via 2921.Xr cron 8 . 2922Otherwise set to the directory used to store entropy files in. 2923.It Va entropy_file 2924.Pq Vt str 2925Set to 2926.Dq Li NO 2927to disable caching entropy through reboots. 2928Otherwise set to the filename used to store cached entropy through 2929reboots. 2930This file should be located on the root file system to seed the 2931.Xr random 4 2932device as early as possible in the boot process. 2933.It Va entropy_save_sz 2934.Pq Vt int 2935Size of the entropy cache files saved by 2936.Nm save-entropy 2937periodically. 2938.It Va entropy_save_num 2939.Pq Vt int 2940Number of entropy cache files to save by 2941.Nm save-entropy 2942periodically. 2943.It Va ipsec_enable 2944.Pq Vt bool 2945Set to 2946.Dq Li YES 2947to run 2948.Xr setkey 8 2949on 2950.Va ipsec_file 2951at boot time. 2952.It Va ipsec_file 2953.Pq Vt str 2954Configuration file for 2955.Xr setkey 8 . 2956.It Va dmesg_enable 2957.Pq Vt bool 2958Set to 2959.Dq Li YES 2960to save 2961.Xr dmesg 8 2962to 2963.Pa /var/run/dmesg.boot 2964on boot. 2965.It Va rcshutdown_timeout 2966.Pq Vt int 2967If set, start a watchdog timer in the background which will terminate 2968.Pa rc.shutdown 2969if 2970.Xr shutdown 8 2971has not completed within the specified time (in seconds). 2972.It Va virecover_enable 2973.Pq Vt bool 2974Set to 2975.Dq Li NO 2976to prevent the system from trying to 2977recover pre-maturely terminated 2978.Xr vi 1 2979sessions. 2980.It Va ramdisk_units 2981.Pq Vt str 2982A list of one or more ramdisk units to configure with 2983.Xr mdconfig 8 2984and 2985.Xr newfs 8 2986in time to be mounted from 2987.Xr fstab 5 . 2988Each listed unit 2989.Ar X 2990must specify at least a 2991.Ar type 2992in a 2993.Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 2994variable. 2995.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 2996.Pq Vt str 2997Arguments to 2998.Xr mdconfig 8 2999for ramdisk 3000.Ar X . 3001At minimum a 3002.Fl t Ar type 3003must be specified, where 3004.Ar type 3005must be one of 3006.Cm malloc 3007or 3008.Cm swap . 3009.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _newfs 3010.Pq Vt str 3011Optional arguments passed to 3012.Xr newfs 8 3013to initialize ramdisk 3014.Ar X . 3015.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _owner 3016.Pq Vt str 3017An ownership specification passed to 3018.Xr chown 8 3019after the specified ramdisk unit 3020.Ar X 3021has been mounted. 3022Both the 3023.Xr md 4 3024device and the mount point will be changed. 3025.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _perms 3026.Pq Vt str 3027A mode string passed to 3028.Xr chmod 1 3029after the specified ramdisk unit 3030.Ar X 3031has been mounted. 3032Both the 3033.Xr md 4 3034device and the mount point will be changed. 3035.El 3036.Sh FILES 3037.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 3038.It Pa /etc/defaults/rc.conf 3039.It Pa /etc/rc.conf 3040.It Pa /etc/rc.conf.local 3041.El 3042.Sh SEE ALSO 3043.Xr catman 1 , 3044.Xr chmod 1 , 3045.Xr gdb 1 , 3046.Xr info 1 , 3047.Xr kbdcontrol 1 , 3048.Xr makewhatis 1 , 3049.Xr vi 1 , 3050.Xr vidcontrol 1 , 3051.Xr ip 4 , 3052.Xr kld 4 , 3053.Xr tcp 4 , 3054.Xr udp 4 , 3055.Xr exports 5 , 3056.Xr motd 5 , 3057.Xr newsyslog.conf 5 , 3058.Xr accton 8 , 3059.Xr amd 8 , 3060.Xr apm 8 , 3061.Xr atm 8 , 3062.Xr chown 8 , 3063.Xr cron 8 , 3064.Xr dhclient 8 , 3065.Xr ifconfig 8 , 3066.Xr inetd 8 , 3067.Xr isdnd 8 , 3068.Xr isdntrace 8 , 3069.Xr kldxref 8 , 3070.Xr lpd 8 , 3071.Xr mdconfig 8 , 3072.Xr mountd 8 , 3073.Xr moused 8 , 3074.Xr mrouted 8 , 3075.Xr named 8 , 3076.Xr newfs 8 , 3077.Xr nfsd 8 , 3078.Xr ntpd 8 , 3079.Xr ntpdate 8 , 3080.Xr pcnfsd 8 , 3081.Xr quotacheck 8 , 3082.Xr quotaon 8 , 3083.Xr rc 8 , 3084.Xr rc.sendmail 8 , 3085.Xr route 8 , 3086.Xr routed 8 , 3087.Xr rpcbind 8 , 3088.Xr rpc.lockd 8 , 3089.Xr rpc.statd 8 , 3090.Xr rwhod 8 , 3091.Xr savecore 8 , 3092.Xr sshd 8 , 3093.Xr swapon 8 , 3094.Xr sysctl 8 , 3095.Xr syslogd 8 , 3096.Xr timed 8 , 3097.Xr usbd 8 , 3098.Xr vinum 8 , 3099.Xr yp 8 , 3100.Xr ypbind 8 , 3101.Xr ypserv 8 , 3102.Xr ypset 8 3103.Sh HISTORY 3104The 3105.Nm 3106file appeared in 3107.Fx 2.2.2 . 3108.Sh AUTHORS 3109.An Jordan K. Hubbard . 3110