1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd November 11, 2009 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67See the 68.Va rc_conf_files 69variable below. 70.Pp 71Options are set with 72.Dq Ar name Ns Li = Ns Ar value 73assignments that use 74.Xr sh 1 75syntax. 76The following list provides a name and short description for each 77variable that can be set in the 78.Nm 79file: 80.Bl -tag -width indent-two 81.It Va rc_debug 82.Pq Vt bool 83If set to 84.Dq Li YES , 85enable output of debug messages from rc scripts. 86This variable can be helpful in diagnosing mistakes when 87editing or integrating new scripts. 88Beware that this produces copious output to the terminal and 89.Xr syslog 3 . 90.It Va rc_info 91.Pq Vt bool 92If set to 93.Dq Li NO , 94disable informational messages from the rc scripts. 95Informational messages are displayed when 96a condition that is not serious enough to warrant a warning or 97an error occurs. 98.It Va rc_startmsgs 99.Pq Vt bool 100If set to 101.Dq Li YES , 102show 103.Dq Starting foo: 104when faststart is used (e.g., at boot time). 105.It Va early_late_divider 106.Pq Vt str 107The name of the script that should be used as the 108delimiter between the 109.Dq early 110and 111.Dq late 112stages of the boot process. 113The early stage should contain all the services needed to 114get the disks (local or remote) mounted so that the late 115stage can include scripts contained in the directories 116listed in the 117.Va local_startup 118variable (see below). 119Thus, the two likely candidates for this value are 120.Pa mountcritlocal 121for the typical system, and 122.Pa mountcritremote 123if the system needs remote file 124systems mounted to get access to the 125.Va local_startup 126directories; for example when 127.Pa /usr/local 128is NFS mounted. 129For 130.Pa rc.conf 131within a 132.Xr jail 8 133.Pa NETWORKING 134is likely to be an appropriate value. 135Extreme care should be taken when changing this value, 136and before changing it one should ensure that there are 137adequate provisions to recover from a failed boot 138(such as physical contact with the machine, 139or reliable remote console access). 140.It Va swapfile 141.Pq Vt str 142If set to 143.Dq Li NO , 144no swapfile is installed, otherwise the value is used as the full 145pathname to a file to use for additional swap space. 146.It Va apm_enable 147.Pq Vt bool 148If set to 149.Dq Li YES , 150enable support for Automatic Power Management with 151the 152.Xr apm 8 153command. 154.It Va apmd_enable 155.Pq Vt bool 156Run 157.Xr apmd 8 158to handle APM event from userland. 159This also enables support for APM. 160.It Va apmd_flags 161.Pq Vt str 162If 163.Va apmd_enable 164is set to 165.Dq Li YES , 166these are the flags to pass to the 167.Xr apmd 8 168daemon. 169.It Va devd_enable 170.Pq Vt bool 171Run 172.Xr devd 8 173to handle device added, removed or unknown events from the kernel. 174.It Va ddb_enable 175.Pq Vt bool 176Run 177.Xr ddb 8 178to install 179.Xr ddb 4 180scripts at boot time. 181.It Va ddb_config 182.Pq Vt str 183Configuration file for 184.Xr ddb 8 . 185Default 186.Pa /etc/ddb.conf . 187.It Va kldxref_enable 188.Pq Vt bool 189Set to 190.Dq Li NO 191by default. 192Set to 193.Dq Li YES 194to automatically rebuild 195.Pa linker.hints 196files with 197.Xr kldxref 8 198at boot time. 199.It Va kldxref_clobber 200.Pq Vt bool 201Set to 202.Dq Li NO 203by default. 204If 205.Va kldxref_enable 206is true, 207setting to 208.Dq Li YES 209will overwrite existing 210.Pa linker.hints 211files at boot time. 212Otherwise, 213only missing 214.Pa linker.hints 215files are generated. 216.It Va kldxref_module_path 217.Pq Vt str 218Empty by default. 219A semi-colon 220.Pq Ql \&; 221delimited list of paths containing 222.Xr kld 4 223modules. 224If empty, 225the contents of the 226.Va kern.module_path 227.Xr sysctl 8 228are used. 229.It Va powerd_enable 230.Pq Vt bool 231If set to 232.Dq Li YES , 233enable the system power control facility with the 234.Xr powerd 8 235daemon. 236.It Va powerd_flags 237.Pq Vt str 238If 239.Va powerd_enable 240is set to 241.Dq Li YES , 242these are the flags to pass to the 243.Xr powerd 8 244daemon. 245.It Va tmpmfs 246Controls the creation of a 247.Pa /tmp 248memory file system. 249Always happens if set to 250.Dq Li YES 251and never happens if set to 252.Dq Li NO . 253If set to anything else, a memory file system is created if 254.Pa /tmp 255is not writable. 256.It Va tmpsize 257Controls the size of a created 258.Pa /tmp 259memory file system. 260.It Va tmpmfs_flags 261Extra options passed to the 262.Xr mdmfs 8 263utility when the memory file system for 264.Pa /tmp 265is created. 266The default is 267.Dq Li "-S" , 268which inhibits the use of softupdates on 269.Pa /tmp 270so that file system space is freed without delay 271after file truncation or deletion. 272See 273.Xr mdmfs 8 274for other options you can use in 275.Va tmpmfs_flags . 276.It Va varmfs 277Controls the creation of a 278.Pa /var 279memory file system. 280Always happens if set to 281.Dq Li YES 282and never happens if set to 283.Dq Li NO . 284If set to anything else, a memory file system is created if 285.Pa /var 286is not writable. 287.It Va varsize 288Controls the size of a created 289.Pa /var 290memory file system. 291.It Va varmfs_flags 292Extra options passed to the 293.Xr mdmfs 8 294utility when the memory file system for 295.Pa /var 296is created. 297The default is 298.Dq Li "-S" , 299which inhibits the use of softupdates on 300.Pa /var 301so that file system space is freed without delay 302after file truncation or deletion. 303See 304.Xr mdmfs 8 305for other options you can use in 306.Va varmfs_flags . 307.It Va populate_var 308Controls the automatic population of the 309.Pa /var 310file system. 311Always happens if set to 312.Dq Li YES 313and never happens if set to 314.Dq Li NO . 315If set to anything else, a memory file system is created if 316.Pa /var 317is not writable. 318Note that this process requires access to certain commands in 319.Pa /usr 320before 321.Pa /usr 322is mounted on normal systems. 323.It Va cleanvar_enable 324.Pq Vt bool 325Clean the 326.Pa /var 327directory. 328.It Va local_startup 329.Pq Vt str 330List of directories to search for startup script files. 331.It Va script_name_sep 332.Pq Vt str 333The field separator to use for breaking down the list of startup script files 334into individual filenames. 335The default is a space. 336It is not necessary to change this unless there are startup scripts with names 337containing spaces. 338.It Va hostapd_enable 339.Pq Vt bool 340Set to 341.Dq Li YES 342to start 343.Xr hostapd 8 344at system boot time. 345.It Va hostname 346.Pq Vt str 347The fully qualified domain name (FQDN) of this host on the network. 348This should almost certainly be set to something meaningful, even if 349there is no network connection. 350If 351.Xr dhclient 8 352is used to set the hostname via DHCP, 353this variable should be set to an empty string. 354If this value remains unset when the system is done booting 355your console login will display the default hostname of 356.Dq Amnesiac. 357.It Va nisdomainname 358.Pq Vt str 359The NIS domain name of this host, or 360.Dq Li NO 361if NIS is not used. 362.It Va dhclient_program 363.Pq Vt str 364Path to the DHCP client program 365.Pa ( /sbin/dhclient , 366the 367.Ox 368DHCP client, 369is the default). 370.It Va dhclient_flags 371.Pq Vt str 372Additional flags to pass to the DHCP client program. 373For the 374.Ox 375DHCP client, see the 376.Xr dhclient 8 377manpage for a description of the command line options available. 378.It Va dhclient_flags_ Ns Aq Ar iface 379Additional flags to pass to the DHCP client program running on 380.Ar iface 381only. 382When specified, this variable overrides 383.Va dhclient_flags . 384.It Va background_dhclient 385.Pq Vt bool 386Set to 387.Dq Li YES 388to start the DHCP client in background. 389This can cause trouble with applications depending on 390a working network, but it will provide a faster startup 391in many cases. 392.It Va background_dhclient_ Ns Aq Ar iface 393When specified, this variable overrides the 394.Va background_dhclient 395variable for interface 396.Ar iface 397only. 398.It Va synchronous_dhclient 399.Pq Vt bool 400Set to 401.Dq Li YES 402to start 403.Xr dhclient 8 404synchronously at startup. 405This behavior can be overridden on a per-interface basis by replacing 406the 407.Dq Li DHCP 408keyword in the 409.Va ifconfig_ Ns Aq Ar interface 410variable with 411.Dq Li SYNCDHCP 412or 413.Dq Li NOSYNCDHCP . 414.It Va defaultroute_delay 415.Pq Vt int 416When set to a positive value, wait up to this long after configuring 417DHCP interfaces at startup to give the interfaces time to receive a lease. 418.It Va firewall_enable 419.Pq Vt bool 420Set to 421.Dq Li YES 422to load firewall rules at startup. 423If the kernel was not built with 424.Cd "options IPFIREWALL" , 425the 426.Pa ipfw.ko 427kernel module will be loaded. 428See also 429.Va ipfilter_enable . 430.It Va ipv6_firewall_enable 431.Pq Vt bool 432The IPv6 equivalent of 433.Va firewall_enable . 434Set to 435.Dq Li YES 436to load IPv6 firewall rules at startup. 437If the kernel was not built with 438.Cd "options IPV6FIREWALL" , 439the 440.Pa ipfw.ko 441kernel module will be loaded. 442.It Va firewall_script 443.Pq Vt str 444This variable specifies the full path to the firewall script to run. 445The default is 446.Pa /etc/rc.firewall . 447.It Va ipv6_firewall_script 448.Pq Vt str 449The IPv6 equivalent of 450.Va firewall_script . 451.It Va firewall_type 452.Pq Vt str 453Names the firewall type from the selection in 454.Pa /etc/rc.firewall , 455or the file which contains the local firewall ruleset. 456Valid selections from 457.Pa /etc/rc.firewall 458are: 459.Pp 460.Bl -tag -width ".Li simple" -compact 461.It Li open 462unrestricted IP access 463.It Li closed 464all IP services disabled, except via 465.Dq Li lo0 466.It Li client 467basic protection for a workstation 468.It Li simple 469basic protection for a LAN. 470.El 471.Pp 472If a filename is specified, the full path 473must be given. 474.It Va ipv6_firewall_type 475.Pq Vt str 476The IPv6 equivalent of 477.Va firewall_type . 478.It Va firewall_quiet 479.Pq Vt bool 480Set to 481.Dq Li YES 482to disable the display of firewall rules on the console during boot. 483.It Va ipv6_firewall_quiet 484.Pq Vt bool 485The IPv6 equivalent of 486.Va firewall_quiet . 487.It Va firewall_logging 488.Pq Vt bool 489Set to 490.Dq Li YES 491to enable firewall event logging. 492This is equivalent to the 493.Dv IPFIREWALL_VERBOSE 494kernel option. 495.It Va ipv6_firewall_logging 496.Pq Vt bool 497The IPv6 equivalent of 498.Va firewall_logging . 499.It Va firewall_flags 500.Pq Vt str 501Flags passed to 502.Xr ipfw 8 503if 504.Va firewall_type 505specifies a filename. 506.It Va ipv6_firewall_flags 507.Pq Vt str 508The IPv6 equivalent of 509.Va firewall_flags . 510.\" ----- firewall_nat_enable setting -------------------------------- 511.It Va firewall_nat_enable 512.Pq Vt bool 513The 514.Xr ipfw 8 515equivalent of 516.Va natd_enable . 517Setting this to 518.Dq Li YES 519enables kernel NAT. 520.Va firewall_enable 521must also be set to 522.Dq Li YES . 523.It Va firewall_nat_interface 524.Pq Vt str 525The 526.Xr ipfw 8 527equivalent of 528.Va natd_interface . 529This is the name of the public interface or IP address on which 530kernel NAT should run. 531.It Va firewall_nat_flags 532.Pq Vt str 533Additional configuration parameters for kernel NAT should be placed here. 534.It Va dummynet_enable 535.Pq Vt bool 536Setting this to 537.Dq Li YES 538will automatically load the 539.Xr dummynet 4 540module if 541.Va firewall_enable 542is also set to 543.Dq Li YES . 544.\" ------------------------------------------------------------------- 545.It Va natd_program 546.Pq Vt str 547Path to 548.Xr natd 8 . 549.It Va natd_enable 550.Pq Vt bool 551Set to 552.Dq Li YES 553to enable 554.Xr natd 8 . 555.Va firewall_enable 556must also be set to 557.Dq Li YES , 558and 559.Xr divert 4 560sockets must be enabled in the kernel. 561If the kernel was not built with 562.Cd "options IPDIVERT" , 563the 564.Pa ipdivert.ko 565kernel module will be loaded. 566.It Va natd_interface 567.Pq Vt str 568This is the name of the public interface on which 569.Xr natd 8 570should run. 571The interface may be given as an interface name or as an IP address. 572.It Va natd_flags 573.Pq Vt str 574Additional 575.Xr natd 8 576flags should be placed here. 577The 578.Fl n 579or 580.Fl a 581flag is automatically added with the above 582.Va natd_interface 583as an argument. 584.\" ----- ipfilter_enable setting -------------------------------- 585.It Va ipfilter_enable 586.Pq Vt bool 587Set to 588.Dq Li NO 589by default. 590Setting this to 591.Dq Li YES 592enables 593.Xr ipf 8 594packet filtering. 595.Pp 596Typical usage will require putting 597.Bd -literal 598ipfilter_enable="YES" 599ipnat_enable="YES" 600ipmon_enable="YES" 601ipfs_enable="YES" 602.Ed 603.Pp 604into 605.Pa /etc/rc.conf 606and editing 607.Pa /etc/ipf.rules 608and 609.Pa /etc/ipnat.rules 610appropriately. 611.Pp 612Note that 613.Va ipfilter_enable 614and 615.Va ipnat_enable 616can be enabled independently. 617.Va ipmon_enable 618and 619.Va ipfs_enable 620both require at least one of 621.Va ipfilter_enable 622and 623.Va ipnat_enable 624to be enabled. 625.Pp 626Having 627.Bd -literal 628options IPFILTER 629options IPFILTER_LOG 630options IPFILTER_DEFAULT_BLOCK 631.Ed 632.Pp 633in the kernel configuration file is a good idea, too. 634.\" ----- ipfilter_program setting ------------------------------ 635.It Va ipfilter_program 636.Pq Vt str 637Path to 638.Xr ipf 8 639(default 640.Pa /sbin/ipf ) . 641.\" ----- ipfilter_rules setting -------------------------------- 642.It Va ipfilter_rules 643.Pq Vt str 644Set to 645.Pa /etc/ipf.rules 646by default. 647This variable contains the name of the filter rule definition file. 648The file is expected to be readable for the 649.Xr ipf 8 650command to execute. 651.\" ----- ipv6_ipfilter_rules setting --------------------------- 652.It Va ipv6_ipfilter_rules 653.Pq Vt str 654Set to 655.Pa /etc/ipf6.rules 656by default. 657This variable contains the IPv6 filter rule definition file. 658The file is expected to be readable for the 659.Xr ipf 8 660command to execute. 661.\" ----- ipfilter_flags setting -------------------------------- 662.It Va ipfilter_flags 663.Pq Vt str 664Empty by default. 665This variable contains flags passed to the 666.Xr ipf 8 667program. 668.\" ----- ipnat_enable setting ---------------------------------- 669.It Va ipnat_enable 670.Pq Vt bool 671Set to 672.Dq Li NO 673by default. 674Set it to 675.Dq Li YES 676to enable 677.Xr ipnat 8 678network address translation. 679See 680.Va ipfilter_enable 681for a detailed discussion. 682.\" ----- ipnat_program setting --------------------------------- 683.It Va ipnat_program 684.Pq Vt str 685Path to 686.Xr ipnat 8 687(default 688.Pa /sbin/ipnat ) . 689.\" ----- ipnat_rules setting ----------------------------------- 690.It Va ipnat_rules 691.Pq Vt str 692Set to 693.Pa /etc/ipnat.rules 694by default. 695This variable contains the name of the file 696holding the network address translation definition. 697This file is expected to be readable for the 698.Xr ipnat 8 699command to execute. 700.\" ----- ipnat_flags setting ----------------------------------- 701.It Va ipnat_flags 702.Pq Vt str 703Empty by default. 704This variable contains flags passed to the 705.Xr ipnat 8 706program. 707.\" ----- ipmon_enable setting ---------------------------------- 708.It Va ipmon_enable 709.Pq Vt bool 710Set to 711.Dq Li NO 712by default. 713Set it to 714.Dq Li YES 715to enable 716.Xr ipmon 8 717monitoring (logging 718.Xr ipf 8 719and 720.Xr ipnat 8 721events). 722Setting this variable needs setting 723.Va ipfilter_enable 724or 725.Va ipnat_enable 726too. 727See 728.Va ipfilter_enable 729for a detailed discussion. 730.\" ----- ipmon_program setting --------------------------------- 731.It Va ipmon_program 732.Pq Vt str 733Path to 734.Xr ipmon 8 735(default 736.Pa /sbin/ipmon ) . 737.\" ----- ipmon_flags setting ----------------------------------- 738.It Va ipmon_flags 739.Pq Vt str 740Set to 741.Dq Li -Ds 742by default. 743This variable contains flags passed to the 744.Xr ipmon 8 745program. 746Another typical example would be 747.Dq Fl D Pa /var/log/ipflog 748to have 749.Xr ipmon 8 750log directly to a file bypassing 751.Xr syslogd 8 . 752Make sure to adjust 753.Pa /etc/newsyslog.conf 754in such case like this: 755.Bd -literal 756/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 757.Ed 758.\" ----- ipfs_enable setting ----------------------------------- 759.It Va ipfs_enable 760.Pq Vt bool 761Set to 762.Dq Li NO 763by default. 764Set it to 765.Dq Li YES 766to enable 767.Xr ipfs 8 768saving the filter and NAT state tables during shutdown 769and reloading them during startup again. 770Setting this variable needs setting 771.Va ipfilter_enable 772or 773.Va ipnat_enable 774to 775.Dq Li YES 776too. 777See 778.Va ipfilter_enable 779for a detailed discussion. 780Note that if 781.Va kern_securelevel 782is set to 3, 783.Va ipfs_enable 784cannot be used 785because the raised securelevel will prevent 786.Xr ipfs 8 787from saving the state tables at shutdown time. 788.\" ----- ipfs_program setting ---------------------------------- 789.It Va ipfs_program 790.Pq Vt str 791Path to 792.Xr ipfs 8 793(default 794.Pa /sbin/ipfs ) . 795.\" ----- ipfs_flags setting ------------------------------------ 796.It Va ipfs_flags 797.Pq Vt str 798Empty by default. 799This variable contains flags passed to the 800.Xr ipfs 8 801program. 802.\" ----- end of added ipf hook --------------------------------- 803.It Va pf_enable 804.Pq Vt bool 805Set to 806.Dq Li NO 807by default. 808Setting this to 809.Dq Li YES 810enables 811.Xr pf 4 812packet filtering. 813.Pp 814Typical usage will require putting 815.Pp 816.Dl pf_enable="YES" 817.Pp 818into 819.Pa /etc/rc.conf 820and editing 821.Pa /etc/pf.conf 822appropriately. 823Adding 824.Pp 825.Dl "device pf" 826.Pp 827builds support for 828.Xr pf 4 829into the kernel, otherwise the 830kernel module will be loaded. 831.It Va pf_rules 832.Pq Vt str 833Path to 834.Xr pf 4 835ruleset configuration file 836(default 837.Pa /etc/pf.conf ) . 838.It Va pf_program 839.Pq Vt str 840Path to 841.Xr pfctl 8 842(default 843.Pa /sbin/pfctl ) . 844.It Va pf_flags 845.Pq Vt str 846If 847.Va pf_enable 848is set to 849.Dq Li YES , 850these flags are passed to the 851.Xr pfctl 8 852program when loading the ruleset. 853.It Va pflog_enable 854.Pq Vt bool 855Set to 856.Dq Li NO 857by default. 858Setting this to 859.Dq Li YES 860enables 861.Xr pflogd 8 862which logs packets from the 863.Xr pf 4 864packet filter. 865.It Va pflog_logfile 866.Pq Vt str 867If 868.Va pflog_enable 869is set to 870.Dq Li YES 871this controls where 872.Xr pflogd 8 873stores the logfile 874(default 875.Pa /var/log/pflog ) . 876Check 877.Pa /etc/newsyslog.conf 878to adjust logfile rotation for this. 879.It Va pflog_program 880.Pq Vt str 881Path to 882.Xr pflogd 8 883(default 884.Pa /sbin/pflogd ) . 885.It Va pflog_flags 886.Pq Vt str 887Empty by default. 888This variable contains additional flags passed to the 889.Xr pflogd 8 890program. 891.It Va ftpproxy_enable 892.Pq Vt bool 893Set to 894.Dq Li NO 895by default. 896Setting this to 897.Dq Li YES 898enables 899.Xr ftp-proxy 8 900which supports the 901.Xr pf 4 902packet filter in translating ftp connections. 903.It Va ftpproxy_flags 904.Pq Vt str 905Empty by default. 906This variable contains additional flags passed to the 907.Xr ftp-proxy 8 908program. 909.It Va pfsync_enable 910.Pq Vt bool 911Set to 912.Dq Li NO 913by default. 914Setting this to 915.Dq Li YES 916enables exposing 917.Xr pf 4 918state changes to other hosts over the network by means of 919.Xr pfsync 4 . 920The 921.Va pfsync_syncdev 922variable 923must also be set then. 924.It Va pfsync_syncdev 925.Pq Vt str 926Empty by default. 927This variable specifies the name of the network interface 928.Xr pfsync 4 929should operate through. 930It must be set accordingly if 931.Va pfsync_enable 932is set to 933.Dq Li YES . 934.It Va pfsync_syncpeer 935.Pq Vt str 936Empty by default. 937This variable is optional. 938By default, state change messages are sent out on the synchronisation 939interface using IP multicast packets. 940The protocol is IP protocol 240, PFSYNC, and the multicast group used is 941224.0.0.240. 942When a peer address is specified using the 943.Va pfsync_syncpeer 944option, the peer address is used as a destination for the pfsync 945traffic, and the traffic can then be protected using 946.Xr ipsec 4 . 947See the 948.Xr pfsync 4 949manpage for more details about using 950.Xr ipsec 4 951with 952.Xr pfsync 4 953interfaces. 954.It Va pfsync_ifconfig 955.Pq Vt str 956Empty by default. 957This variable can contain additional options to be passed to the 958.Xr ifconfig 8 959command used to set up 960.Xr pfsync 4 . 961.It Va tcp_extensions 962.Pq Vt bool 963Set to 964.Dq Li YES 965by default. 966Setting this to 967.Dq Li NO 968disables certain TCP options as described by 969.Rs 970.%T "RFC 1323" 971.Re 972Setting this to 973.Dq Li NO 974might help remedy such problems with connections as randomly hanging 975or other weird behavior. 976Some network devices are known 977to be broken with respect to these options. 978.It Va log_in_vain 979.Pq Vt int 980Set to 0 by default. 981The 982.Xr sysctl 8 983variables, 984.Va net.inet.tcp.log_in_vain 985and 986.Va net.inet.udp.log_in_vain , 987as described in 988.Xr tcp 4 989and 990.Xr udp 4 , 991are set to the given value. 992.It Va tcp_keepalive 993.Pq Vt bool 994Set to 995.Dq Li YES 996by default. 997Setting to 998.Dq Li NO 999will disable probing idle TCP connections to verify that the 1000peer is still up and reachable. 1001.It Va tcp_drop_synfin 1002.Pq Vt bool 1003Set to 1004.Dq Li NO 1005by default. 1006Setting to 1007.Dq Li YES 1008will cause the kernel to ignore TCP frames that have both 1009the SYN and FIN flags set. 1010This prevents OS fingerprinting, but may 1011break some legitimate applications. 1012.It Va icmp_drop_redirect 1013.Pq Vt bool 1014Set to 1015.Dq Li NO 1016by default. 1017Setting to 1018.Dq Li YES 1019will cause the kernel to ignore ICMP REDIRECT packets. 1020Refer to 1021.Xr icmp 4 1022for more information. 1023.It Va icmp_log_redirect 1024.Pq Vt bool 1025Set to 1026.Dq Li NO 1027by default. 1028Setting to 1029.Dq Li YES 1030will cause the kernel to log ICMP REDIRECT packets. 1031Note that 1032the log messages are not rate-limited, so this option should only be used 1033for troubleshooting networks. 1034Refer to 1035.Xr icmp 4 1036for more information. 1037.It Va icmp_bmcastecho 1038.Pq Vt bool 1039Set to 1040.Dq Li YES 1041to respond to broadcast or multicast ICMP ping packets. 1042Refer to 1043.Xr icmp 4 1044for more information. 1045.It Va ip_portrange_first 1046.Pq Vt int 1047If not set to 1048.Dq Li NO , 1049this is the first port in the default portrange. 1050Refer to 1051.Xr ip 4 1052for more information. 1053.It Va ip_portrange_last 1054.Pq Vt int 1055If not set to 1056.Dq Li NO , 1057this is the last port in the default portrange. 1058Refer to 1059.Xr ip 4 1060for more information. 1061.It Va network_interfaces 1062.Pq Vt str 1063Set to the list of network interfaces to configure on this host or 1064.Dq Li AUTO 1065(the default) for all current interfaces. 1066Setting the 1067.Va network_interfaces 1068variable to anything other than the default is deprecated. 1069Interfaces that the administrator wishes to store configuration for, 1070but not start at boot should be configured with the 1071.Dq Li NOAUTO 1072keyword in their 1073.Va ifconfig_ Ns Aq Ar interface 1074variables as described below. 1075.Pp 1076An 1077.Va ifconfig_ Ns Aq Ar interface 1078variable is also assumed to exist for each value of 1079.Ar interface . 1080When an interface name contains any of the characters 1081.Dq Li .-/+ 1082they are translated to 1083.Dq Li _ 1084before lookup. 1085The variable can contain arguments to 1086.Xr ifconfig 8 , 1087as well as special case-insensitive keywords described below. 1088Such keywords are removed before passing the value to 1089.Xr ifconfig 8 1090while the order of the other arguments is preserved. 1091.Pp 1092One can configure more than one IPv4 address with the 1093.Va ipv4_addrs_ Ns Aq Ar interface 1094variable. 1095One or more IP addresses must be provided in Classless Inter-Domain 1096Routing (CIDR) address notation, whose last byte can be a range like 1097192.0.2.5-23/24. 1098In this case the address 192.0.2.5 will be configured with the 1099netmask /24 and the addresses 192.0.2.6 to 192.0.2.23 with 1100the non-conflicting netmask /32 as explained in the 1101.Xr ifconfig 8 1102alias section. 1103With the interface in question being 1104.Li ed0 , 1105an example could look like: 1106.Bd -literal 1107ipv4_addrs_ed0="192.0.2.129/27 192.0.2.1-5/28" 1108.Ed 1109.Pp 1110It is also possible to add IP alias entries using 1111.Xr ifconfig 8 1112syntax. 1113Assuming that the interface in question was 1114.Li ed0 , 1115it might look 1116something like this: 1117.Bd -literal 1118ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 1119ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 1120.Ed 1121.Pp 1122And so on. 1123For each 1124.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1125entry that is found, 1126its contents are passed to 1127.Xr ifconfig 8 . 1128Execution stops at the first unsuccessful access, so if 1129something like this is present: 1130.Bd -literal 1131ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 1132ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 1133ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 1134ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 1135.Ed 1136.Pp 1137Then note that alias4 would 1138.Em not 1139be added since the search would 1140stop with the missing 1141.Dq Li alias3 1142entry. 1143Due to this difficult to manage behavior, the 1144.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1145form is deprecated. 1146.Pp 1147If the 1148.Pa /etc/start_if. Ns Aq Ar interface 1149file is present, it is read and executed by the 1150.Xr sh 1 1151interpreter 1152before configuring the interface as specified in the 1153.Va ifconfig_ Ns Aq Ar interface 1154and 1155.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1156variables. 1157.Pp 1158If a 1159.Va wlans_ Ns Aq Ar interface 1160variable is set, 1161an 1162.Xr wlan 4 1163interface will be created for each item in the list with the 1164.Ar wlandev 1165argument set to 1166.Ar interface . 1167Further wlan cloning arguments may be passed to the 1168.Xr ifconfig 8 1169.Cm create 1170command by setting the 1171.Va create_args_ Ns Aq Ar interface 1172variable. 1173One or more 1174.Xr wlan 4 1175devices must be created for each wireless devices as of 1176.Fx 8.0 . 1177Debugging flags for 1178.Xr wlan 4 1179devices as set by 1180.Xr wlandebug 8 1181may be specified with an 1182.Va wlandebug_ Ns Aq Ar interface 1183variable. 1184The contents of this variable will be passed directly to 1185.Xr wlandebug 8 . 1186.Pp 1187If the 1188.Va ifconfig_ Ns Aq Ar interface 1189contains the keyword 1190.Dq Li NOAUTO 1191then the interface will not be configured 1192at boot or by 1193.Pa /etc/pccard_ether 1194when 1195.Va network_interfaces 1196is set to 1197.Dq Li AUTO . 1198.Pp 1199It is possible to bring up an interface with DHCP by adding 1200.Dq Li DHCP 1201to the 1202.Va ifconfig_ Ns Aq Ar interface 1203variable. 1204For instance, to initialize the 1205.Li ed0 1206device via DHCP, 1207it is possible to use something like: 1208.Bd -literal 1209ifconfig_ed0="DHCP" 1210.Ed 1211.Pp 1212Also, if you want to configure your wireless interface with 1213.Xr wpa_supplicant 8 1214for use with WPA, EAP/LEAP or WEP, you need to add 1215.Dq Li WPA 1216to the 1217.Va ifconfig_ Ns Aq Ar interface 1218variable. 1219.Pp 1220Finally, you can add 1221.Xr ifconfig 8 1222options in this variable, in addition to the 1223.Pa /etc/start_if. Ns Aq Ar interface 1224file. 1225For instance, configure an 1226.Xr ath 4 1227wireless device in station mode with an address obtained 1228via DHCP, using WPA authentication and 802.11b mode, it is 1229possible to use something like: 1230.Bd -literal 1231wlans_ath0="wlan0" 1232ifconfig_wlan0="DHCP WPA mode 11b" 1233.Ed 1234.Pp 1235In addition to the 1236.Va ifconfig_ Ns Aq Ar interface 1237form, a fallback variable 1238.Va ifconfig_DEFAULT 1239may be configured. 1240It will be used for all interfaces with no 1241.Va ifconfig_ Ns Aq Ar interface 1242variable. 1243This is intended to replace the no longer supported 1244.Va pccard_ifconfig 1245variable. 1246.Pp 1247It is also possible to rename interface by doing: 1248.Bd -literal 1249ifconfig_ed0_name="net0" 1250ifconfig_net0="inet 192.0.2.1 netmask 0xffffff00" 1251.Ed 1252.It Va ipv6_enable 1253.Pq Vt bool 1254If the variable is 1255.Dq Li YES , 1256.Dq Li inet6 accept_rtadv 1257is added to all of 1258.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1259and the 1260.Va ipv6_prefer 1261is defined as 1262.Dq Li YES . 1263.Pp 1264This variable is deprecated. Use 1265.Va ipv6_prefer 1266and 1267.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 . 1268.It Va ipv6_prefer 1269.Pq Vt bool 1270This variable does the following: 1271.Pp 1272If the variable is 1273.Dq Li YES , 1274the default policy of the source address selection set by 1275.Xr ip6addrctl 8 1276will be IPv6-preferred. 1277.Pp 1278If the variable is 1279.Dq Li NO , 1280the default policy of the source address selection set by 1281.Xr ip6addrctl 8 1282will be IPv4-preferred, and all of interfaces which does not have the 1283corrsponding 1284.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1285variable will be marked as 1286.Dq Li IFDISABLED . 1287This means only IPv6 functionality on that interface is completely 1288disabled. For more details of 1289.Dq Li IFDISABLED 1290flag and keywords 1291.Dq Li inet6 ifdisabled , 1292see 1293.Xr ifconfig 8 . 1294.Pp 1295.It Va ipv6_network_interfaces 1296.Pq Vt str 1297This is the IPv6 equivalent of 1298.Va network_interfaces . 1299Normally manual configuration of this variable is not needed. 1300.Pp 1301IPv6 functionality on an interface should be configured by 1302.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 , 1303instead of setting ifconfig parameters in 1304.Va ifconfig_ Ns Aq Ar interface . 1305Aliases should be set by 1306.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1307with 1308.Dq Li inet6 1309keyword. For example: 1310.Bd -literal 1311ifconfig_ed0_ipv6="inet6 2001:db8:1::1 prefixlen 64" 1312ifconfig_ed0_alias0="inet6 2001:db8:2::1 prefixlen 64" 1313.Ed 1314.Pp 1315Interfaces that have an 1316.Dq Li inet6 accept_rtadv 1317keyword in 1318.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 1319setting will be automatically configured by 1320.Xr rtsol 8 . 1321Note that this automatic configuration is disabled if the 1322.Va ipv6_gateway_enable 1323is set to 1324.Dq Li YES . 1325.It Va ipv6_prefix_ Ns Aq Ar interface 1326.Pq Vt str 1327If one or more prefixes are defined in 1328.Va ipv6_prefix_ Ns Aq Ar interface 1329addresses based on each prefix and the EUI-64 interface index will be 1330configured on that interface. 1331.It Va ipv6_default_interface 1332.Pq Vt str 1333If not set to 1334.Dq Li NO , 1335this is the default output interface for scoped addresses. 1336Now this works only for IPv6 link local multicast addresses. 1337.It Va ip6addrctl_enable 1338.Pq Vt bool 1339If set to 1340.Dq Li YES , 1341install default address selection policy table 1342.Pq RFC 3484 . 1343If a file 1344.Pa /etc/ip6addrctl.conf 1345is found the 1346.Xr ip6addrctl 8 1347reads and installs it. 1348If not, a pre-defined policy table will be installed. 1349There are two pre-defined ones; IPv4-preferred and IPv6-preferred. 1350If set 1351.Va ipv6_prefer 1352variable to 1353.Dq Li YES 1354the IPv6-preferred one is used. Default is IPv4-preferred. 1355.It Va cloned_interfaces 1356.Pq Vt str 1357Set to the list of clonable network interfaces to create on this host. 1358Entries in 1359.Va cloned_interfaces 1360are automatically appended to 1361.Va network_interfaces 1362for configuration. 1363.It Va fec_interfaces 1364.Pq Vt str 1365Set to the list of 1366.Xr ng_fec 4 1367Fast EtherChannel interfaces to configure on this host. 1368A 1369.Va fecconfig_ Ns Aq Ar interface 1370variable is assumed to exist for each value of 1371.Ar interface . 1372The value of this variable is used to configure link aggregated interfaces 1373according to the syntax of the 1374.Cm NGM_FEC_ADD_IFACE 1375to 1376.Xr ngctl 8 1377msg. 1378Additionally, this option ensures that each listed interface is created 1379via the 1380.Cm mkpeer 1381command to 1382.Xr ngctl 8 1383before attempting to configure it. 1384For example: 1385.Bd -literal 1386fec_interfaces="fec0" 1387fecconfig_fec0="em0 em1" 1388ifconfig_fec0="DHCP" 1389.Ed 1390.It Va gif_interfaces 1391.Pq Vt str 1392Set to the list of 1393.Xr gif 4 1394tunnel interfaces to configure on this host. 1395A 1396.Va gifconfig_ Ns Aq Ar interface 1397variable is assumed to exist for each value of 1398.Ar interface . 1399The value of this variable is used to configure the link layer of the 1400tunnel according to the syntax of the 1401.Cm tunnel 1402option to 1403.Xr ifconfig 8 . 1404Additionally, this option ensures that each listed interface is created 1405via the 1406.Cm create 1407option to 1408.Xr ifconfig 8 1409before attempting to configure it. 1410.It Va sppp_interfaces 1411.Pq Vt str 1412Set to the list of 1413.Xr sppp 4 1414interfaces to configure on this host. 1415A 1416.Va spppconfig_ Ns Aq Ar interface 1417variable is assumed to exist for each value of 1418.Ar interface . 1419Each interface should also be configured by a general 1420.Va ifconfig_ Ns Aq Ar interface 1421setting. 1422Refer to 1423.Xr spppcontrol 8 1424for more information about available options. 1425.It Va ppp_enable 1426.Pq Vt bool 1427If set to 1428.Dq Li YES , 1429run the 1430.Xr ppp 8 1431daemon. 1432.It Va ppp_profile 1433.Pq Vt str 1434The name of the profile to use from 1435.Pa /etc/ppp/ppp.conf . 1436Also used for per-profile overrides of 1437.Va ppp_mode 1438and 1439.Va ppp_nat , 1440and 1441.Va ppp_ Ns Ao Ar profile Ac Ns _unit . 1442When the profile name contains any of the characters 1443.Dq Li .-/+ 1444they are translated to 1445.Dq Li _ 1446for the proposes of the override variable names. 1447.It Va ppp_mode 1448.Pq Vt str 1449Mode in which to run the 1450.Xr ppp 8 1451daemon. 1452.It Va ppp_ Ns Ao Ar profile Ac Ns _mode 1453.Pq Vt str 1454Overrides the global 1455.Va ppp_mode 1456for 1457.Ar profile . 1458Accepted modes are 1459.Dq Li auto , 1460.Dq Li ddial , 1461.Dq Li direct 1462and 1463.Dq Li dedicated . 1464See the manual for a full description. 1465.It Va ppp_nat 1466.Pq Vt bool 1467If set to 1468.Dq Li YES , 1469enables network address translation. 1470Used in conjunction with 1471.Va gateway_enable 1472allows hosts on private network addresses access to the Internet using 1473this host as a network address translating router. 1474.It Va ppp_ Ns Ao Ar profile Ac Ns _nat 1475.Pq Vt str 1476Overrides the global 1477.Va ppp_nat 1478for 1479.Ar profile . 1480.It Va ppp_ Ns Ao Ar profile Ac Ns _unit 1481.Pq Vt int 1482Set the unit number to be used for this profile. 1483See the manual description of 1484.Fl unit Ns Ar N 1485for details. 1486.It Va ppp_user 1487.Pq Vt str 1488The name of the user under which 1489.Xr ppp 8 1490should be started. 1491By 1492default, 1493.Xr ppp 8 1494is started as 1495.Dq Li root . 1496.It Va rc_conf_files 1497.Pq Vt str 1498This option is used to specify a list of files that will override 1499the settings in 1500.Pa /etc/defaults/rc.conf . 1501The files will be read in the order in which they are specified and should 1502include the full path to the file. 1503By default, the files specified are 1504.Pa /etc/rc.conf 1505and 1506.Pa /etc/rc.conf.local 1507.It Va zfs_enable 1508.Pq Vt bool 1509If set to 1510.Dq Li YES , 1511.Pa /etc/rc.d/zfs 1512will attempt to automatically mount ZFS file systems and initialize ZFS volumes 1513(ZVOLs). 1514.It Va gbde_autoattach_all 1515.Pq Vt bool 1516If set to 1517.Dq Li YES , 1518.Pa /etc/rc.d/gbde 1519will attempt to automatically initialize your .bde devices in 1520.Pa /etc/fstab . 1521.It Va gbde_devices 1522.Pq Vt str 1523List the devices that the script should try to attach, 1524or 1525.Dq Li AUTO . 1526.It Va gbde_lockdir 1527.Pq Vt str 1528The directory where the 1529.Xr gbde 4 1530lockfiles are located. 1531The default lockfile directory is 1532.Pa /etc . 1533.Pp 1534The lockfile for each individual 1535.Xr gbde 4 1536device can be overridden by setting the variable 1537.Va gbde_lock_ Ns Aq Ar device , 1538where 1539.Ar device 1540is the encrypted device without the 1541.Dq Pa /dev/ 1542and 1543.Dq Pa .bde 1544parts. 1545.It Va gbde_attach_attempts 1546.Pq Vt int 1547Number of times to attempt attaching to a 1548.Xr gbde 4 1549device, i.e., how many times the user is asked for the pass-phrase. 1550Default is 3. 1551.It Va geli_devices 1552.Pq Vt str 1553List of devices to automatically attach on boot. 1554Note that .eli devices from 1555.Pa /etc/fstab 1556are automatically appended to this list. 1557.It Va geli_tries 1558.Pq Vt int 1559Number of times user is asked for the pass-phrase. 1560If empty, it will be taken from 1561.Va kern.geom.eli.tries 1562sysctl variable. 1563.It Va geli_default_flags 1564.Pq Vt str 1565Default flags to use by 1566.Xr geli 8 1567when configuring disk encryption. 1568Flags can be configured for every device separately by defining 1569.Va geli_ Ns Ao Ar device Ac Ns Va _flags 1570variable. 1571.It Va geli_autodetach 1572.Pq Vt str 1573Specifies if GELI devices should be marked for detach on last close after 1574file systems are mounted. 1575Default is 1576.Dq Li YES . 1577This can be changed for every device separately by defining 1578.Va geli_ Ns Ao Ar device Ac Ns Va _autodetach 1579variable. 1580.It Va geli_swap_flags 1581Options passed to the 1582.Xr geli 8 1583utility when encrypted GEOM providers for swap partitions are created. 1584The default is 1585.Dq Li "-e aes -l 256 -s 4096 -d" . 1586.It Va root_rw_mount 1587.Pq Vt bool 1588Set to 1589.Dq Li YES 1590by default. 1591After the file systems are checked at boot time, the root file system 1592is remounted as read-write if this is set to 1593.Dq Li YES . 1594Diskless systems that mount their root file system from a read-only remote 1595NFS share should set this to 1596.Dq Li NO 1597in their 1598.Pa rc.conf . 1599.It Va fsck_y_enable 1600.Pq Vt bool 1601If set to 1602.Dq Li YES , 1603.Xr fsck 8 1604will be run with the 1605.Fl y 1606flag if the initial preen 1607of the file systems fails. 1608.It Va background_fsck 1609.Pq Vt bool 1610If set to 1611.Dq Li YES , 1612the system will attempt to run 1613.Xr fsck 8 1614in the background where possible. 1615.It Va background_fsck_delay 1616.Pq Vt int 1617The amount of time in seconds to sleep before starting a background 1618.Xr fsck 8 . 1619It defaults to sixty seconds to allow large applications such as 1620the X server to start before disk I/O bandwidth is monopolized by 1621.Xr fsck 8 . 1622If set to a negative number, the background file system check will be 1623delayed indefinitely to allow the administrator to run it at a more 1624convenient time. 1625For example it may be run from 1626.Xr cron 8 1627by adding a line like 1628.Pp 1629.Dl "0 4 * * * root /etc/rc.d/bgfsck forcestart" 1630.Pp 1631to 1632.Pa /etc/crontab . 1633.It Va netfs_types 1634.Pq Vt str 1635List of file system types that are network-based. 1636This list should generally not be modified by end users. 1637Use 1638.Va extra_netfs_types 1639instead. 1640.It Va extra_netfs_types 1641.Pq Vt str 1642If set to something other than 1643.Dq Li NO 1644(the default), 1645this variable extends the list of file system types 1646for which automatic mounting at startup by 1647.Xr rc 8 1648should be delayed until the network is initialized. 1649It should contain 1650a whitespace-separated list of network file system descriptor pairs, 1651each consisting of a file system type as passed to 1652.Xr mount 8 1653and a human-readable, one-word description, 1654joined with a colon 1655.Pq Ql \&: . 1656Extending the default list in this way is only necessary 1657when third party file system types are used. 1658.It Va syslogd_enable 1659.Pq Vt bool 1660If set to 1661.Dq Li YES , 1662run the 1663.Xr syslogd 8 1664daemon. 1665.It Va syslogd_program 1666.Pq Vt str 1667Path to 1668.Xr syslogd 8 1669(default 1670.Pa /usr/sbin/syslogd ) . 1671.It Va syslogd_flags 1672.Pq Vt str 1673If 1674.Va syslogd_enable 1675is set to 1676.Dq Li YES , 1677these are the flags to pass to 1678.Xr syslogd 8 . 1679.It Va inetd_enable 1680.Pq Vt bool 1681If set to 1682.Dq Li YES , 1683run the 1684.Xr inetd 8 1685daemon. 1686.It Va inetd_program 1687.Pq Vt str 1688Path to 1689.Xr inetd 8 1690(default 1691.Pa /usr/sbin/inetd ) . 1692.It Va inetd_flags 1693.Pq Vt str 1694If 1695.Va inetd_enable 1696is set to 1697.Dq Li YES , 1698these are the flags to pass to 1699.Xr inetd 8 . 1700.It Va named_enable 1701.Pq Vt bool 1702If set to 1703.Dq Li YES , 1704run the 1705.Xr named 8 1706daemon. 1707.It Va named_program 1708.Pq Vt str 1709Path to 1710.Xr named 8 1711(default 1712.Pa /usr/sbin/named ) . 1713.It Va named_conf 1714.Pq Vt str 1715Path to 1716.Xr named 8 1717configuration file, (default 1718.Pa /etc/namedb/named.conf ) . 1719.It Va named_flags 1720.Pq Vt str 1721If 1722.Va named_enable 1723is set to 1724.Dq Li YES , 1725these are the flags to pass to 1726.Xr named 8 . 1727.It Va named_pidfile 1728.Pq Vt str 1729This is the default path to the 1730.Xr named 8 1731daemon's PID file. 1732This must match the location in 1733.Xr named.conf 5 . 1734.It Va named_uid 1735.Pq Vt str 1736The user that the 1737.Xr named 8 1738process should be run as. 1739.It Va named_chrootdir 1740.Pq Vt str 1741The root directory for a name server run in a 1742.Xr chroot 8 1743environment (default 1744.Pa /var/named ) . 1745If left empty 1746.Xr named 8 1747will not be run in a 1748.Xr chroot 8 1749environment. 1750.It Va named_chroot_autoupdate 1751.Pq Vt bool 1752Set to 1753.Dq Li NO 1754to disable automatic update of the 1755.Xr chroot 8 1756environment. 1757.It Va named_symlink_enable 1758.Pq Vt bool 1759Set to 1760.Dq Li NO 1761to disable symlinking of 1762daemon's PID file 1763into the 1764.Xr chroot 8 1765environment. 1766.It Va named_wait 1767.Pq Vt bool 1768Set to have 1769.Pa /etc/rc.d/named 1770loop until working name service is established. 1771.It Va named_wait_host 1772.Pq Vt str 1773Name of host to lookup for the named_wait option. 1774(Default localhost) 1775.It Va named_auto_forward 1776.Pq Vt bool 1777Set to enable automatic creation of a forwarder 1778configuration file derived from 1779.Pa /etc/resolv.conf . 1780.It Va named_auto_forward_only 1781.Pq Vt bool 1782Set to change the default forwarder configuration from 1783.Dq forward first 1784to 1785.Dq forward only . 1786.It Va kerberos5_server_enable 1787.Pq Vt bool 1788Set to 1789.Dq Li YES 1790to start a Kerberos 5 authentication server 1791at boot time. 1792.It Va kerberos5_server 1793.Pq Vt str 1794If 1795.Va kerberos5_server_enable 1796is set to 1797.Dq Li YES 1798this is the path to Kerberos 5 Authentication Server. 1799.It Va kerberos5_server_flags 1800.Pq Vt str 1801Empty by default. 1802This variable contains additional flags to be passed to the Kerberos 5 1803authentication server. 1804.It Va kadmind5_server_enable 1805.Pq Vt bool 1806Set to 1807.Dq Li YES 1808to start 1809.Xr kadmind 8 , 1810the Kerberos 5 Administration Daemon; set to 1811.Dq Li NO 1812on a slave server. 1813.It Va kadmind5_server 1814.Pq Vt str 1815If 1816.Va kadmind5_server_enable 1817is set to 1818.Dq Li YES 1819this is the path to Kerberos 5 Administration Daemon. 1820.It Va kpasswdd_server_enable 1821.Pq Vt bool 1822Set to 1823.Dq Li YES 1824to start 1825.Xr kpasswdd 8 , 1826the Kerberos 5 Password-Changing Daemon; set to 1827.Dq Li NO 1828on a slave server. 1829.It Va kpasswdd_server 1830.Pq Vt str 1831If 1832.Va kpasswdd_server_enable 1833is set to 1834.Dq Li YES 1835this is the path to Kerberos 5 Password-Changing Daemon. 1836.It Va rwhod_enable 1837.Pq Vt bool 1838If set to 1839.Dq Li YES , 1840run the 1841.Xr rwhod 8 1842daemon at boot time. 1843.It Va rwhod_flags 1844.Pq Vt str 1845If 1846.Va rwhod_enable 1847is set to 1848.Dq Li YES , 1849these are the flags to pass to it. 1850.It Va amd_enable 1851.Pq Vt bool 1852If set to 1853.Dq Li YES , 1854run the 1855.Xr amd 8 1856daemon at boot time. 1857.It Va amd_flags 1858.Pq Vt str 1859If 1860.Va amd_enable 1861is set to 1862.Dq Li YES , 1863these are the flags to pass to it. 1864See the 1865.Xr amd 8 1866manpage for more information. 1867.It Va amd_map_program 1868.Pq Vt str 1869If set, 1870the specified program is run to get the list of 1871.Xr amd 8 1872maps. 1873For example, if the 1874.Xr amd 8 1875maps are stored in NIS, one can set this to 1876run 1877.Xr ypcat 1 1878to get a list of 1879.Xr amd 8 1880maps from the 1881.Pa amd.master 1882NIS map. 1883.It Va update_motd 1884.Pq Vt bool 1885If set to 1886.Dq Li YES , 1887.Pa /etc/motd 1888will be updated at boot time to reflect the kernel release 1889being run. 1890If set to 1891.Dq Li NO , 1892.Pa /etc/motd 1893will not be updated. 1894.It Va nfs_client_enable 1895.Pq Vt bool 1896If set to 1897.Dq Li YES , 1898run the NFS client daemons at boot time. 1899.It Va nfs_access_cache 1900.Pq Vt int 1901If 1902.Va nfs_client_enable 1903is set to 1904.Dq Li YES , 1905this can be set to 1906.Dq Li 0 1907to disable NFS ACCESS RPC caching, or to the number of seconds for which 1908NFS ACCESS 1909results should be cached. 1910A value of 2-10 seconds will substantially reduce network 1911traffic for many NFS operations. 1912.It Va nfs_server_enable 1913.Pq Vt bool 1914If set to 1915.Dq Li YES , 1916run the NFS server daemons at boot time. 1917.It Va nfs_server_flags 1918.Pq Vt str 1919If 1920.Va nfs_server_enable 1921is set to 1922.Dq Li YES , 1923these are the flags to pass to the 1924.Xr nfsd 8 1925daemon. 1926.It Va idmapd_enable 1927.Pq Vt bool 1928If set to 1929.Dq Li YES , 1930run the ID mapping daemon for NFS version 4. 1931.It Va idmapd_flags 1932.Pq Vt str 1933If 1934.Va idmapd_enable 1935is set to 1936.Dq Li YES , 1937these are the flags to pass to the 1938.Xr idmapd 8 1939daemon. 1940.It Va mountd_enable 1941.Pq Vt bool 1942If set to 1943.Dq Li YES , 1944and no 1945.Va nfs_server_enable 1946is set, start 1947.Xr mountd 8 , 1948but not 1949.Xr nfsd 8 1950daemon. 1951It is commonly needed to run CFS without real NFS used. 1952.It Va mountd_flags 1953.Pq Vt str 1954If 1955.Va mountd_enable 1956is set to 1957.Dq Li YES , 1958these are the flags to pass to the 1959.Xr mountd 8 1960daemon. 1961.It Va weak_mountd_authentication 1962.Pq Vt bool 1963If set to 1964.Dq Li YES , 1965allow services like PCNFSD to make non-privileged mount 1966requests. 1967.It Va nfs_reserved_port_only 1968.Pq Vt bool 1969If set to 1970.Dq Li YES , 1971provide NFS services only on a secure port. 1972.It Va nfs_bufpackets 1973.Pq Vt int 1974If set to a number, indicates the number of packets worth of 1975socket buffer space to reserve on an NFS client. 1976The kernel default is typically 4. 1977Using a higher number may be 1978useful on gigabit networks to improve performance. 1979The minimum value is 19802 and the maximum is 64. 1981.It Va rpc_lockd_enable 1982.Pq Vt bool 1983If set to 1984.Dq Li YES 1985and also an NFS server or client, run 1986.Xr rpc.lockd 8 1987at boot time. 1988.It Va rpc_lockd_flags 1989.Pq Vt str 1990If 1991.Va rpc_lockd_enable 1992is set to 1993.Dq Li YES , 1994these are the flags to pass to the 1995.Xr rpc.lockd 8 1996daemon. 1997.It Va rpc_statd_enable 1998.Pq Vt bool 1999If set to 2000.Dq Li YES 2001and also an NFS server or client, run 2002.Xr rpc.statd 8 2003at boot time. 2004.It Va rpc_statd_flags 2005.Pq Vt str 2006If 2007.Va rpc_statd_enable 2008is set to 2009.Dq Li YES , 2010these are the flags to pass to the 2011.Xr rpc.statd 8 2012daemon. 2013.It Va rpcbind_program 2014.Pq Vt str 2015Path to 2016.Xr rpcbind 8 2017(default 2018.Pa /usr/sbin/rpcbind ) . 2019.It Va rpcbind_enable 2020.Pq Vt bool 2021If set to 2022.Dq Li YES , 2023run the 2024.Xr rpcbind 8 2025service at boot time. 2026.It Va rpcbind_flags 2027.Pq Vt str 2028If 2029.Va rpcbind_enable 2030is set to 2031.Dq Li YES , 2032these are the flags to pass to the 2033.Xr rpcbind 8 2034daemon. 2035.It Va keyserv_enable 2036.Pq Vt bool 2037If set to 2038.Dq Li YES , 2039run the 2040.Xr keyserv 8 2041daemon on boot for running Secure RPC. 2042.It Va keyserv_flags 2043.Pq Vt str 2044If 2045.Va keyserv_enable 2046is set to 2047.Dq Li YES , 2048these are the flags to pass to 2049.Xr keyserv 8 2050daemon. 2051.It Va pppoed_enable 2052.Pq Vt bool 2053If set to 2054.Dq Li YES , 2055run the 2056.Xr pppoed 8 2057daemon at boot time to provide PPP over Ethernet services. 2058.It Va pppoed_ Ns Aq Ar provider 2059.Pq Vt str 2060.Xr pppoed 8 2061listens to requests to this 2062.Ar provider 2063and ultimately runs 2064.Xr ppp 8 2065with a 2066.Ar system 2067argument of the same name. 2068.It Va pppoed_flags 2069.Pq Vt str 2070Additional flags to pass to 2071.Xr pppoed 8 . 2072.It Va pppoed_interface 2073.Pq Vt str 2074The network interface to run 2075.Xr pppoed 8 2076on. 2077This is mandatory when 2078.Va pppoed_enable 2079is set to 2080.Dq Li YES . 2081.It Va timed_enable 2082.Pq Vt bool 2083If set to 2084.Dq Li YES , 2085run the 2086.Xr timed 8 2087service at boot time. 2088This command is intended for networks of 2089machines where a consistent 2090.Dq "network time" 2091for all hosts must be established. 2092This is often useful in large NFS 2093environments where time stamps on files are expected to be consistent 2094network-wide. 2095.It Va timed_flags 2096.Pq Vt str 2097If 2098.Va timed_enable 2099is set to 2100.Dq Li YES , 2101these are the flags to pass to the 2102.Xr timed 8 2103service. 2104.It Va ntpdate_enable 2105.Pq Vt bool 2106If set to 2107.Dq Li YES , 2108run 2109.Xr ntpdate 8 2110at system startup. 2111This command is intended to 2112synchronize the system clock only 2113.Em once 2114from some standard reference. 2115An option to set this up initially 2116(from a list of known servers) is also provided by the 2117.Xr sysinstall 8 2118program when the system is first installed. 2119.It Va ntpdate_config 2120.Pq Vt str 2121Configuration file for 2122.Xr ntpdate 8 . 2123Default 2124.Pa /etc/ntp.conf . 2125.It Va ntpdate_hosts 2126.Pq Vt str 2127A whitespace-separated list of NTP servers to synchronize with at startup. 2128The default is to use the servers listed in 2129.Va ntpdate_config , 2130if that file exists. 2131.It Va ntpdate_program 2132.Pq Vt str 2133Path to 2134.Xr ntpdate 8 2135(default 2136.Pa /usr/sbin/ntpdate ) . 2137.It Va ntpdate_flags 2138.Pq Vt str 2139If 2140.Va ntpdate_enable 2141is set to 2142.Dq Li YES , 2143these are the flags to pass to the 2144.Xr ntpdate 8 2145command (typically a hostname). 2146.It Va ntpd_enable 2147.Pq Vt bool 2148If set to 2149.Dq Li YES , 2150run the 2151.Xr ntpd 8 2152command at boot time. 2153.It Va ntpd_program 2154.Pq Vt str 2155Path to 2156.Xr ntpd 8 2157(default 2158.Pa /usr/sbin/ntpd ) . 2159.It Va ntpd_config 2160.Pq Vt str 2161Path to 2162.Xr ntpd 8 2163configuration file. 2164Default 2165.Pa /etc/ntp.conf . 2166.It Va ntpd_flags 2167.Pq Vt str 2168If 2169.Va ntpd_enable 2170is set to 2171.Dq Li YES , 2172these are the flags to pass to the 2173.Xr ntpd 8 2174daemon. 2175.It Va ntpd_sync_on_start 2176.Pq Vt bool 2177If set to 2178.Dq Li YES , 2179.Xr ntpd 8 2180is run with the 2181.Fl g 2182flag, which syncs the system's clock on startup. 2183See 2184.Xr ntpd 8 2185for more information regarding the 2186.Fl g 2187option. 2188This is a preferred alternative to using 2189.Xr ntpdate 8 2190or specifying the 2191.Va ntpdate_enable 2192variable. 2193.It Va nis_client_enable 2194.Pq Vt bool 2195If set to 2196.Dq Li YES , 2197run the 2198.Xr ypbind 8 2199service at system boot time. 2200.It Va nis_client_flags 2201.Pq Vt str 2202If 2203.Va nis_client_enable 2204is set to 2205.Dq Li YES , 2206these are the flags to pass to the 2207.Xr ypbind 8 2208service. 2209.It Va nis_ypset_enable 2210.Pq Vt bool 2211If set to 2212.Dq Li YES , 2213run the 2214.Xr ypset 8 2215daemon at system boot time. 2216.It Va nis_ypset_flags 2217.Pq Vt str 2218If 2219.Va nis_ypset_enable 2220is set to 2221.Dq Li YES , 2222these are the flags to pass to the 2223.Xr ypset 8 2224daemon. 2225.It Va nis_server_enable 2226.Pq Vt bool 2227If set to 2228.Dq Li YES , 2229run the 2230.Xr ypserv 8 2231daemon at system boot time. 2232.It Va nis_server_flags 2233.Pq Vt str 2234If 2235.Va nis_server_enable 2236is set to 2237.Dq Li YES , 2238these are the flags to pass to the 2239.Xr ypserv 8 2240daemon. 2241.It Va nis_ypxfrd_enable 2242.Pq Vt bool 2243If set to 2244.Dq Li YES , 2245run the 2246.Xr rpc.ypxfrd 8 2247daemon at system boot time. 2248.It Va nis_ypxfrd_flags 2249.Pq Vt str 2250If 2251.Va nis_ypxfrd_enable 2252is set to 2253.Dq Li YES , 2254these are the flags to pass to the 2255.Xr rpc.ypxfrd 8 2256daemon. 2257.It Va nis_yppasswdd_enable 2258.Pq Vt bool 2259If set to 2260.Dq Li YES , 2261run the 2262.Xr rpc.yppasswdd 8 2263daemon at system boot time. 2264.It Va nis_yppasswdd_flags 2265.Pq Vt str 2266If 2267.Va nis_yppasswdd_enable 2268is set to 2269.Dq Li YES , 2270these are the flags to pass to the 2271.Xr rpc.yppasswdd 8 2272daemon. 2273.It Va rpc_ypupdated_enable 2274.Pq Vt bool 2275If set to 2276.Dq Li YES , 2277run the 2278.Nm rpc.ypupdated 2279daemon at system boot time. 2280.It Va bsnmpd_enable 2281.Pq Vt bool 2282If set to 2283.Dq Li YES , 2284run the 2285.Xr bsnmpd 1 2286daemon at system boot time. 2287Be sure to understand the security implications of running SNMP daemon 2288on your host. 2289.It Va bsnmpd_flags 2290.Pq Vt str 2291If 2292.Va bsnmpd_enable 2293is set to 2294.Dq Li YES , 2295these are the flags to pass to the 2296.Xr bsnmpd 1 2297daemon. 2298.It Va defaultrouter 2299.Pq Vt str 2300If not set to 2301.Dq Li NO , 2302create a default route to this host name or IP address 2303(use an IP address if this router is also required to get to the 2304name server!). 2305.It Va ipv6_defaultrouter 2306.Pq Vt str 2307The IPv6 equivalent of 2308.Va defaultrouter . 2309.It Va static_arp_pairs 2310.Pq Vt str 2311Set to the list of static ARP pairs that are to be added at system 2312boot time. 2313For each whitespace separated 2314.Ar element 2315in the value, a 2316.Va static_arp_ Ns Aq Ar element 2317variable is assumed to exist whose contents will later be passed to a 2318.Dq Nm arp Cm -S 2319operation. 2320For example 2321.Bd -literal 2322static_arp_pairs="gw" 2323static_arp_gw="192.168.1.1 00:01:02:03:04:05" 2324.Ed 2325.It Va static_routes 2326.Pq Vt str 2327Set to the list of static routes that are to be added at system 2328boot time. 2329If not set to 2330.Dq Li NO 2331then for each whitespace separated 2332.Ar element 2333in the value, a 2334.Va route_ Ns Aq Ar element 2335variable is assumed to exist 2336whose contents will later be passed to a 2337.Dq Nm route Cm add 2338operation. 2339For example: 2340.Bd -literal 2341static_routes="mcast gif0local" 2342route_mcast="-net 224.0.0.0/4 -iface gif0" 2343route_gif0local="-host 169.254.1.1 -iface lo0" 2344.Ed 2345.It Va ipv6_static_routes 2346.Pq Vt str 2347The IPv6 equivalent of 2348.Va static_routes . 2349If not set to 2350.Dq Li NO 2351then for each whitespace separated 2352.Ar element 2353in the value, a 2354.Va ipv6_route_ Ns Aq Ar element 2355variable is assumed to exist 2356whose contents will later be passed to a 2357.Dq Nm route Cm add Fl inet6 2358operation. 2359.It Va natm_static_routes 2360.Pq Vt str 2361The 2362.Xr natmip 4 2363equivalent of 2364.Va static_routes . 2365If not empty then for each whitespace separated 2366.Ar element 2367in the value, a 2368.Va route_ Ns Aq Ar element 2369variable is assumed to exist whose contents will later be passed to a 2370.Dq Nm atmconfig Cm natm Cm add 2371operation. 2372.It Va gateway_enable 2373.Pq Vt bool 2374If set to 2375.Dq Li YES , 2376configure host to act as an IP router, e.g.\& to forward packets 2377between interfaces. 2378.It Va ipv6_gateway_enable 2379.Pq Vt bool 2380The IPv6 equivalent of 2381.Va gateway_enable . 2382.It Va routed_enable 2383.Pq Vt bool 2384If set to 2385.Dq Li YES , 2386run a routing daemon of some sort, based on the 2387settings of 2388.Va routed_program 2389and 2390.Va routed_flags . 2391.It Va route6d_enable 2392.Pq Vt bool 2393The IPv6 equivalent of 2394.Va routed_enable . 2395If set to 2396.Dq Li YES , 2397run a routing daemon of some sort, based on the 2398settings of 2399.Va route6d_program 2400and 2401.Va route6d_flags . 2402.It Va routed_program 2403.Pq Vt str 2404If 2405.Va routed_enable 2406is set to 2407.Dq Li YES , 2408this is the name of the routing daemon to use. 2409.It Va route6d_program 2410.Pq Vt str 2411The IPv6 equivalent of 2412.Va routed_program . 2413.It Va routed_flags 2414.Pq Vt str 2415If 2416.Va routed_enable 2417is set to 2418.Dq Li YES , 2419these are the flags to pass to the routing daemon. 2420.It Va route6d_flags 2421.Pq Vt str 2422The IPv6 equivalent of 2423.Va routed_flags . 2424.It Va mrouted_enable 2425.Pq Vt bool 2426If set to 2427.Dq Li YES , 2428run the multicast routing daemon, 2429.Xr mrouted 8 . 2430.It Va mroute6d_enable 2431.Pq Vt bool 2432The IPv6 equivalent of 2433.Va mrouted_enable . 2434If set to 2435.Dq Li YES , 2436run the IPv6 multicast routing daemon. 2437.Pp 2438Note that multicast routing daemons are no longer included in the 2439.Fx 2440base system, however, both 2441.Xr mrouted 8 2442and 2443.Xr pim6dd 8 2444may be installed from the 2445.Fx 2446Ports Collection. 2447.It Va mrouted_flags 2448.Pq Vt str 2449If 2450.Va mrouted_enable 2451is set to 2452.Dq Li YES , 2453these are the flags to pass to the 2454.Xr mrouted 8 2455daemon. 2456.It Va mroute6d_flags 2457.Pq Vt str 2458The IPv6 equivalent of 2459.Va mrouted_flags . 2460If 2461.Va mroute6d_enable 2462is set to 2463.Dq Li YES , 2464these are the flags passed to the IPv6 multicast routing daemon. 2465.It Va mroute6d_program 2466.Pq Vt str 2467If 2468.Va mroute6d_enable 2469is set to 2470.Dq Li YES , 2471this is the path to the IPv6 multicast routing daemon. 2472.It Va rtadvd_enable 2473.Pq Vt bool 2474If set to 2475.Dq Li YES , 2476run the 2477.Xr rtadvd 8 2478daemon at boot time. 2479.Xr rtadvd 8 2480will only run if 2481.Va ipv6_gateway_enable 2482is also set to 2483.Dq Li YES . 2484The 2485.Xr rtadvd 8 2486utility sends router advertisement packets to the interfaces specified in 2487.Va rtadvd_interfaces 2488and should only be enabled with great care. 2489You may want to fine-tune 2490.Xr rtadvd.conf 5 . 2491.It Va rtadvd_interfaces 2492.Pq Vt str 2493If 2494.Va rtadvd_enable 2495is set to 2496.Dq Li YES 2497this is the list of interfaces to use. 2498.It Va ipxgateway_enable 2499.Pq Vt bool 2500If set to 2501.Dq Li YES , 2502enable the routing of IPX traffic. 2503.It Va ipxrouted_enable 2504.Pq Vt bool 2505If set to 2506.Dq Li YES , 2507run the 2508.Xr IPXrouted 8 2509daemon at system boot time. 2510.It Va ipxrouted_flags 2511.Pq Vt str 2512If 2513.Va ipxrouted_enable 2514is set to 2515.Dq Li YES , 2516these are the flags to pass to the 2517.Xr IPXrouted 8 2518daemon. 2519.It Va arpproxy_all 2520.Pq Vt bool 2521If set to 2522.Dq Li YES , 2523enable global proxy ARP. 2524.It Va forward_sourceroute 2525.Pq Vt bool 2526If set to 2527.Dq Li YES 2528and 2529.Va gateway_enable 2530is also set to 2531.Dq Li YES , 2532source-routed packets are forwarded. 2533.It Va accept_sourceroute 2534.Pq Vt bool 2535If set to 2536.Dq Li YES , 2537the system will accept source-routed packets directed at it. 2538.It Va rarpd_enable 2539.Pq Vt bool 2540If set to 2541.Dq Li YES , 2542run the 2543.Xr rarpd 8 2544daemon at system boot time. 2545.It Va rarpd_flags 2546.Pq Vt str 2547If 2548.Va rarpd_enable 2549is set to 2550.Dq Li YES , 2551these are the flags to pass to the 2552.Xr rarpd 8 2553daemon. 2554.It Va bootparamd_enable 2555.Pq Vt bool 2556If set to 2557.Dq Li YES , 2558run the 2559.Xr bootparamd 8 2560daemon at system boot time. 2561.It Va bootparamd_flags 2562.Pq Vt str 2563If 2564.Va bootparamd_enable 2565is set to 2566.Dq Li YES , 2567these are the flags to pass to the 2568.Xr bootparamd 8 2569daemon. 2570.It Va stf_interface_ipv4addr 2571.Pq Vt str 2572If not set to 2573.Dq Li NO , 2574this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 2575interface). 2576Specify this entry to enable the 6to4 interface. 2577.It Va stf_interface_ipv4plen 2578.Pq Vt int 2579Prefix length for 6to4 IPv4 addresses, to limit peer address range. 2580An effective value is 0-31. 2581.It Va stf_interface_ipv6_ifid 2582.Pq Vt str 2583IPv6 interface ID for 2584.Xr stf 4 . 2585This can be set to 2586.Dq Li AUTO . 2587.It Va stf_interface_ipv6_slaid 2588.Pq Vt str 2589IPv6 Site Level Aggregator for 2590.Xr stf 4 . 2591.It Va ipv6_faith_prefix 2592.Pq Vt str 2593If not set to 2594.Dq Li NO , 2595this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 2596translator. 2597You also need 2598.Xr faithd 8 2599setup. 2600.It Va ipv6_ipv4mapping 2601.Pq Vt bool 2602If set to 2603.Dq Li YES 2604this enables IPv4 mapped IPv6 address communication (like 2605.Li ::ffff:a.b.c.d ) . 2606.It Va atm_enable 2607.Pq Vt bool 2608Set to 2609.Dq Li YES 2610to enable the configuration of ATM interfaces at system boot time. 2611For all of the ATM variables described below, please refer to the 2612.Xr atm 8 2613manual page for further details on the available command parameters. 2614Also refer to the files in 2615.Pa /usr/share/examples/atm 2616for more detailed configuration information. 2617.It Va atm_load 2618.Pq Vt str 2619This is a list of physical ATM interface drivers to load. 2620Typical values are 2621.Dq Li hfa_pci 2622and/or 2623.Dq Li hea_pci . 2624.It Va atm_netif_ Ns Aq Ar intf 2625.Pq Vt str 2626For the ATM physical interface 2627.Ar intf , 2628this variable defines the name prefix and count for the ATM network 2629interfaces to be created. 2630The value will be passed as the parameters of an 2631.Dq Nm atm Cm "set netif" Ar intf 2632command. 2633.It Va atm_sigmgr_ Ns Aq Ar intf 2634.Pq Vt str 2635For the ATM physical interface 2636.Ar intf , 2637this variable defines the ATM signalling manager to be used. 2638The value will be passed as the parameters of an 2639.Dq Nm atm Cm attach Ar intf 2640command. 2641.It Va atm_prefix_ Ns Aq Ar intf 2642.Pq Vt str 2643For the ATM physical interface 2644.Ar intf , 2645this variable defines the NSAP prefix for interfaces using a UNI signalling 2646manager. 2647If set to 2648.Dq Li ILMI , 2649the prefix will automatically be set via the 2650.Xr ilmid 8 2651daemon. 2652Otherwise, the value will be passed as the parameters of an 2653.Dq Nm atm Cm "set prefix" Ar intf 2654command. 2655.It Va atm_macaddr_ Ns Aq Ar intf 2656.Pq Vt str 2657For the ATM physical interface 2658.Ar intf , 2659this variable defines the MAC address for interfaces using a UNI signalling 2660manager. 2661If set to 2662.Dq Li NO , 2663the hardware MAC address contained in the ATM interface card will be used. 2664Otherwise, the value will be passed as the parameters of an 2665.Dq Nm atm Cm "set mac" Ar intf 2666command. 2667.It Va atm_arpserver_ Ns Aq Ar netif 2668.Pq Vt str 2669For the ATM network interface 2670.Ar netif , 2671this variable defines the ATM address for a host which is to provide ATMARP 2672service. 2673This variable is only applicable to interfaces using a UNI signalling 2674manager. 2675If set to 2676.Dq Li local , 2677this host will become an ATMARP server. 2678The value will be passed as the parameters of an 2679.Dq Nm atm Cm "set arpserver" Ar netif 2680command. 2681.It Va atm_scsparp_ Ns Aq Ar netif 2682.Pq Vt bool 2683If set to 2684.Dq Li YES , 2685SCSP/ATMARP service for the network interface 2686.Ar netif 2687will be initiated using the 2688.Xr scspd 8 2689and 2690.Xr atmarpd 8 2691daemons. 2692This variable is only applicable if 2693.Va atm_arpserver_ Ns Aq Ar netif 2694is set to 2695.Dq Li local . 2696.It Va atm_pvcs 2697.Pq Vt str 2698Set to the list of ATM PVCs to be added at system 2699boot time. 2700For each whitespace separated 2701.Ar element 2702in the value, an 2703.Va atm_pvc_ Ns Aq Ar element 2704variable is assumed to exist. 2705The value of each of these variables 2706will be passed as the parameters of an 2707.Dq Nm atm Cm "add pvc" 2708command. 2709.It Va atm_arps 2710.Pq Vt str 2711Set to the list of permanent ATM ARP entries to be added 2712at system boot time. 2713For each whitespace separated 2714.Ar element 2715in the value, an 2716.Va atm_arp_ Ns Aq Ar element 2717variable is assumed to exist. 2718The value of each of these variables 2719will be passed as the parameters of an 2720.Dq Nm atm Cm "add arp" 2721command. 2722.It Va natm_interfaces 2723.Pq Vt str 2724Set to the list of 2725.Xr natm 4 2726interfaces that will also be used for HARP through 2727.Xr harp 4 . 2728If this list is not empty all interfaces in the list will be brought up 2729with 2730.Xr ifconfig 8 2731and 2732.Xr harp 4 2733will be loaded. 2734For this to work the interface drivers must be either compiled into the 2735kernel or must reside on the root partition. 2736.It Va keybell 2737.Pq Vt str 2738The keyboard bell sound. 2739Set to 2740.Dq Li normal , 2741.Dq Li visual , 2742.Dq Li off , 2743or 2744.Dq Li NO 2745if the default behavior is desired. 2746For details, refer to the 2747.Xr kbdcontrol 1 2748manpage. 2749.It Va keyboard 2750.Pq Vt str 2751If set to a non-null string, the virtual console's keyboard input is 2752set to this device. 2753.It Va keymap 2754.Pq Vt str 2755If set to 2756.Dq Li NO , 2757no keymap is installed, otherwise the value is used to install 2758the keymap file in 2759.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2760.It Va keyrate 2761.Pq Vt str 2762The keyboard repeat speed. 2763Set to 2764.Dq Li slow , 2765.Dq Li normal , 2766.Dq Li fast , 2767or 2768.Dq Li NO 2769if the default behavior is desired. 2770.It Va keychange 2771.Pq Vt str 2772If not set to 2773.Dq Li NO , 2774attempt to program the function keys with the value. 2775The value should 2776be a single string of the form: 2777.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2778.It Va cursor 2779.Pq Vt str 2780Can be set to the value of 2781.Dq Li normal , 2782.Dq Li blink , 2783.Dq Li destructive , 2784or 2785.Dq Li NO 2786to set the cursor behavior explicitly or choose the default behavior. 2787.It Va scrnmap 2788.Pq Vt str 2789If set to 2790.Dq Li NO , 2791no screen map is installed, otherwise the value is used to install 2792the screen map file in 2793.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2794.It Va font8x16 2795.Pq Vt str 2796If set to 2797.Dq Li NO , 2798the default 8x16 font value is used for screen size requests, otherwise 2799the value in 2800.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2801is used. 2802.It Va font8x14 2803.Pq Vt str 2804If set to 2805.Dq Li NO , 2806the default 8x14 font value is used for screen size requests, otherwise 2807the value in 2808.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2809is used. 2810.It Va font8x8 2811.Pq Vt str 2812If set to 2813.Dq Li NO , 2814the default 8x8 font value is used for screen size requests, otherwise 2815the value in 2816.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2817is used. 2818.It Va blanktime 2819.Pq Vt int 2820If set to 2821.Dq Li NO , 2822the default screen blanking interval is used, otherwise it is set 2823to 2824.Ar value 2825seconds. 2826.It Va saver 2827.Pq Vt str 2828If not set to 2829.Dq Li NO , 2830this is the actual screen saver to use 2831.Li ( blank , snake , daemon , 2832etc). 2833.It Va moused_nondefault_enable 2834.Pq Vt str 2835If set to 2836.Dq Li NO , 2837the mouse device specified on 2838the command line is not automatically treated as enabled by the 2839.Pa /etc/rc.d/moused 2840script. 2841Having this variable set to 2842.Dq Li YES 2843allows a 2844.Xr usb 4 2845mouse, 2846for example, 2847to be enabled as soon as it is plugged in. 2848.It Va moused_enable 2849.Pq Vt str 2850If set to 2851.Dq Li YES , 2852the 2853.Xr moused 8 2854daemon is started for doing cut/paste selection on the console. 2855.It Va moused_type 2856.Pq Vt str 2857This is the protocol type of the mouse connected to this host. 2858This variable must be set if 2859.Va moused_enable 2860is set to 2861.Dq Li YES . 2862The 2863.Xr moused 8 2864daemon 2865is able to detect the appropriate mouse type automatically in many cases. 2866Set this variable to 2867.Dq Li auto 2868to let the daemon detect it, or 2869select one from the following list if the automatic detection fails. 2870.Pp 2871If the mouse is attached to the PS/2 mouse port, choose 2872.Dq Li auto 2873or 2874.Dq Li ps/2 , 2875regardless of the brand and model of the mouse. 2876Likewise, if the 2877mouse is attached to the bus mouse port, choose 2878.Dq Li auto 2879or 2880.Dq Li busmouse . 2881All other protocols are for serial mice and will not work with 2882the PS/2 and bus mice. 2883If this is a USB mouse, 2884.Dq Li auto 2885is the only protocol type which will work. 2886.Pp 2887.Bl -tag -width ".Li x10mouseremote" -compact 2888.It Li microsoft 2889Microsoft mouse (serial) 2890.It Li intellimouse 2891Microsoft IntelliMouse (serial) 2892.It Li mousesystems 2893Mouse systems Corp.\& mouse (serial) 2894.It Li mmseries 2895MM Series mouse (serial) 2896.It Li logitech 2897Logitech mouse (serial) 2898.It Li busmouse 2899A bus mouse 2900.It Li mouseman 2901Logitech MouseMan and TrackMan (serial) 2902.It Li glidepoint 2903ALPS GlidePoint (serial) 2904.It Li thinkingmouse 2905Kensington ThinkingMouse (serial) 2906.It Li ps/2 2907PS/2 mouse 2908.It Li mmhittab 2909MM HitTablet (serial) 2910.It Li x10mouseremote 2911X10 MouseRemote (serial) 2912.It Li versapad 2913Interlink VersaPad (serial) 2914.El 2915.Pp 2916Even if the mouse is not in the above list, it may be compatible 2917with one in the list. 2918Refer to the manual page for 2919.Xr moused 8 2920for compatibility information. 2921.Pp 2922It should also be noted that while this is enabled, any 2923other client of the mouse (such as an X server) should access 2924the mouse through the virtual mouse device, 2925.Pa /dev/sysmouse , 2926and configure it as a 2927.Dq Li sysmouse 2928type mouse, since all 2929mouse data is converted to this single canonical format when 2930using 2931.Xr moused 8 . 2932If the client program does not support the 2933.Dq Li sysmouse 2934type, 2935specify the 2936.Dq Li mousesystems 2937type. 2938It is the second preferred type. 2939.It Va moused_port 2940.Pq Vt str 2941If 2942.Va moused_enable 2943is set to 2944.Dq Li YES , 2945this is the actual port the mouse is on. 2946It might be 2947.Pa /dev/cuad0 2948for a COM1 serial mouse, 2949.Pa /dev/psm0 2950for a PS/2 mouse or 2951.Pa /dev/mse0 2952for a bus mouse, for example. 2953.It Va moused_flags 2954.Pq Vt str 2955If 2956.Va moused_flags 2957is set, its value is used as an additional set of flags to pass to the 2958.Xr moused 8 2959daemon. 2960.It Va "moused_" Ns Ar XXX Ns Va "_flags" 2961When 2962.Va moused_nondefault_enable 2963is enabled, and a 2964.Xr moused 8 2965daemon is started for a non-default port, the 2966.Va "moused_" Ns Ar XXX Ns Va "_flags" 2967set of options has precedence over and replaces the default 2968.Va moused_flags (where 2969.Ar XXX 2970is the name of the non-default port, i.e.\& 2971.Ar ums0 ) . 2972By setting 2973.Va "moused_" Ns Ar XXX Ns Va "_flags" 2974it is possible to set up a different set of default flags for each 2975.Xr moused 8 2976instance. 2977For example, you can use 2978.Dq Li "-3" 2979for the default 2980.Va moused_flags 2981to make your laptop's touchpad more comfortable to use, 2982but an empty set of options for 2983.Va moused_ums0_flags 2984when your 2985.Xr usb 4 2986mouse has three or more buttons. 2987.It Va mousechar_start 2988.Pq Vt int 2989If set to 2990.Dq Li NO , 2991the default mouse cursor character range 2992.Li 0xd0 Ns - Ns Li 0xd3 2993is used, 2994otherwise the range start is set 2995to 2996.Ar value 2997character, see 2998.Xr vidcontrol 1 . 2999Use if the default range is occupied in the language code table. 3000.It Va allscreens_flags 3001.Pq Vt str 3002If set, 3003.Xr vidcontrol 1 3004is run with these options for each of the virtual terminals 3005.Pq Pa /dev/ttyv* . 3006For example, 3007.Dq Fl m Cm on 3008will enable the mouse pointer on all virtual terminals 3009if 3010.Va moused_enable 3011is set to 3012.Dq Li YES . 3013.It Va allscreens_kbdflags 3014.Pq Vt str 3015If set, 3016.Xr kbdcontrol 1 3017is run with these options for each of the virtual terminals 3018.Pq Pa /dev/ttyv* . 3019For example, 3020.Dq Fl h Li 200 3021will set the 3022.Xr syscons 4 3023scrollback (history) buffer to 200 lines. 3024.It Va cron_enable 3025.Pq Vt bool 3026If set to 3027.Dq Li YES , 3028run the 3029.Xr cron 8 3030daemon at system boot time. 3031.It Va cron_program 3032.Pq Vt str 3033Path to 3034.Xr cron 8 3035(default 3036.Pa /usr/sbin/cron ) . 3037.It Va cron_flags 3038.Pq Vt str 3039If 3040.Va cron_enable 3041is set to 3042.Dq Li YES , 3043these are the flags to pass to 3044.Xr cron 8 . 3045.It Va cron_dst 3046.Pq Vt bool 3047If set to 3048.Dq Li YES , 3049enable the special handling of transitions to and from the 3050Daylight Saving Time in 3051.Xr cron 8 3052(equivalent to using the flag 3053.Fl s ) . 3054.It Va lpd_program 3055.Pq Vt str 3056Path to 3057.Xr lpd 8 3058(default 3059.Pa /usr/sbin/lpd ) . 3060.It Va lpd_enable 3061.Pq Vt bool 3062If set to 3063.Dq Li YES , 3064run the 3065.Xr lpd 8 3066daemon at system boot time. 3067.It Va lpd_flags 3068.Pq Vt str 3069If 3070.Va lpd_enable 3071is set to 3072.Dq Li YES , 3073these are the flags to pass to the 3074.Xr lpd 8 3075daemon. 3076.It Va chkprintcap_enable 3077.Pq Vt bool 3078If set to 3079.Dq Li YES , 3080run the 3081.Xr chkprintcap 8 3082command before starting the 3083.Xr lpd 8 3084daemon. 3085.It Va chkprintcap_flags 3086.Pq Vt str 3087If 3088.Va lpd_enable 3089and 3090.Va chkprintcap_enable 3091are set to 3092.Dq Li YES , 3093these are the flags to pass to the 3094.Xr chkprintcap 8 3095program. 3096The default is 3097.Dq Li -d , 3098which causes missing directories to be created. 3099.It Va mta_start_script 3100.Pq Vt str 3101This variable specifies the full path to the script to run to start 3102a mail transfer agent. 3103The default is 3104.Pa /etc/rc.sendmail . 3105The 3106.Va sendmail_* 3107variables which 3108.Pa /etc/rc.sendmail 3109uses are documented in the 3110.Xr rc.sendmail 8 3111manual page. 3112.It Va dumpdev 3113.Pq Vt str 3114Indicates the device (usually a swap partition) to which a crash dump 3115should be written in the event of a system crash. 3116If the value of this variable is 3117.Dq Li AUTO , 3118the first suitable swap device listed in 3119.Pa /etc/fstab 3120will be used as dump device. 3121Otherwise, the value of this variable is passed as the argument to 3122.Xr dumpon 8 . 3123To disable crash dumps, set this variable to 3124.Dq Li NO . 3125.It Va dumpdir 3126.Pq Vt str 3127When the system reboots after a crash and a crash dump is found on the 3128device specified by the 3129.Va dumpdev 3130variable, 3131.Xr savecore 8 3132will save that crash dump and a copy of the kernel to the directory 3133specified by the 3134.Va dumpdir 3135variable. 3136The default value is 3137.Pa /var/crash . 3138Set to 3139.Dq Li NO 3140to not run 3141.Xr savecore 8 3142at boot time when 3143.Va dumpdir 3144is set. 3145.It Va savecore_flags 3146.Pq Vt str 3147If crash dumps are enabled, these are the flags to pass to the 3148.Xr savecore 8 3149utility. 3150.It Va quota_enable 3151.Pq Vt bool 3152Set to 3153.Dq Li YES 3154to turn on user and group disk quotas on system startup via the 3155.Xr quotaon 8 3156command for all file systems marked as having quotas enabled in 3157.Pa /etc/fstab . 3158The kernel must be built with 3159.Cd "options QUOTA" 3160for disk quotas to function. 3161.It Va check_quotas 3162.Pq Vt bool 3163Set to 3164.Dq Li YES 3165to enable user and group disk quota checking via the 3166.Xr quotacheck 8 3167command. 3168.It Va quotacheck_flags 3169.Pq Vt str 3170If 3171.Va quota_enable 3172is set to 3173.Dq Li YES , 3174and 3175.Va check_quotas 3176is set to 3177.Dq Li YES , 3178these are the flags to pass to the 3179.Xr quotacheck 8 3180utility. 3181The default is 3182.Dq Li "-a" , 3183which checks quotas for all file systems with quotas enabled in 3184.Pa /etc/fstab . 3185.It Va quotaon_flags 3186.Pq Vt str 3187If 3188.Va quota_enable 3189is set to 3190.Dq Li YES , 3191these are the flags to pass to the 3192.Xr quotaon 8 3193utility. 3194The default is 3195.Dq Li "-a" , 3196which enables quotas for all file systems with quotas enabled in 3197.Pa /etc/fstab . 3198.It Va quotaoff_flags 3199.Pq Vt str 3200If 3201.Va quota_enable 3202is set to 3203.Dq Li YES , 3204these are the flags to pass to the 3205.Xr quotaoff 8 3206utility when shutting down the quota system. 3207The default is 3208.Dq Li "-a" , 3209which disables quotas for all file systems with quotas enabled in 3210.Pa /etc/fstab . 3211.It Va accounting_enable 3212.Pq Vt bool 3213Set to 3214.Dq Li YES 3215to enable system accounting through the 3216.Xr accton 8 3217facility. 3218.It Va ibcs2_enable 3219.Pq Vt bool 3220Set to 3221.Dq Li YES 3222to enable iBCS2 (SCO) binary emulation at system initial boot 3223time. 3224.It Va ibcs2_loaders 3225.Pq Vt str 3226If not set to 3227.Dq Li NO 3228and if 3229.Va ibcs2_enable 3230is set to 3231.Dq Li YES , 3232this specifies a list of additional iBCS2 loaders to enable. 3233.It Va linux_enable 3234.Pq Vt bool 3235Set to 3236.Dq Li YES 3237to enable Linux/ELF binary emulation at system initial 3238boot time. 3239.It Va svr4_enable 3240.Pq Vt bool 3241If set to 3242.Dq Li YES , 3243enable SysVR4 emulation at boot time. 3244.It Va sysvipc_enable 3245.Pq Vt bool 3246If set to 3247.Dq Li YES , 3248load System V IPC primitives at boot time. 3249.It Va clear_tmp_enable 3250.Pq Vt bool 3251Set to 3252.Dq Li YES 3253to have 3254.Pa /tmp 3255cleaned at startup. 3256.It Va clear_tmp_X 3257.Pq Vt bool 3258Set to 3259.Dq Li NO 3260to disable removing of X11 lock files, 3261and the removal and (secure) recreation 3262of the various socket directories for X11 3263related programs. 3264.It Va ldconfig_paths 3265.Pq Vt str 3266Set to the list of shared library paths to use with 3267.Xr ldconfig 8 . 3268NOTE: 3269.Pa /usr/lib 3270will always be added first, so it need not appear in this list. 3271.It Va ldconfig32_paths 3272.Pq Vt str 3273Set to the list of 32-bit compatibility shared library paths to 3274use with 3275.Xr ldconfig 8 . 3276.It Va ldconfig_paths_aout 3277.Pq Vt str 3278Set to the list of shared library paths to use with 3279.Xr ldconfig 8 3280legacy 3281.Xr a.out 5 3282support. 3283.It Va ldconfig_insecure 3284.Pq Vt bool 3285The 3286.Xr ldconfig 8 3287utility normally refuses to use directories 3288which are writable by anyone except root. 3289Set this variable to 3290.Dq Li YES 3291to disable that security check during system startup. 3292.It Va ldconfig_local_dirs 3293.Pq Vt str 3294Set to the list of local 3295.Xr ldconfig 8 3296directories. 3297The names of all files in the directories listed will be 3298passed as arguments to 3299.Xr ldconfig 8 . 3300.It Va ldconfig_local32_dirs 3301.Pq Vt str 3302Set to the list of local 32-bit compatibility 3303.Xr ldconfig 8 3304directories. 3305The names of all files in the directories listed will be 3306passed as arguments to 3307.Dq Nm ldconfig Fl 32 . 3308.It Va kern_securelevel_enable 3309.Pq Vt bool 3310Set to 3311.Dq Li YES 3312to set the kernel security level at system startup. 3313.It Va kern_securelevel 3314.Pq Vt int 3315The kernel security level to set at startup. 3316The allowed range of 3317.Ar value 3318ranges from \-1 (the compile time default) to 3 (the 3319most secure). 3320See 3321.Xr security 7 3322for the list of possible security levels and their effect 3323on system operation. 3324.It Va sshd_program 3325.Pq Vt str 3326Path to the SSH server program 3327.Pa ( /usr/sbin/sshd 3328is the default). 3329.It Va sshd_enable 3330.Pq Vt bool 3331Set to 3332.Dq Li YES 3333to start 3334.Xr sshd 8 3335at system boot time. 3336.It Va sshd_flags 3337.Pq Vt str 3338If 3339.Va sshd_enable 3340is set to 3341.Dq Li YES , 3342these are the flags to pass to the 3343.Xr sshd 8 3344daemon. 3345.It Va ftpd_program 3346.Pq Vt str 3347Path to the FTP server program 3348.Pa ( /usr/libexec/ftpd 3349is the default). 3350.It Va ftpd_enable 3351.Pq Vt bool 3352Set to 3353.Dq Li YES 3354to start 3355.Xr ftpd 8 3356as a stand-alone daemon at system boot time. 3357.It Va ftpd_flags 3358.Pq Vt str 3359If 3360.Va ftpd_enable 3361is set to 3362.Dq Li YES , 3363these are the additional flags to pass to the 3364.Xr ftpd 8 3365daemon. 3366.It Va watchdogd_enable 3367.Pq Vt bool 3368If set to 3369.Dq Li YES , 3370start the 3371.Xr watchdogd 8 3372daemon at boot time. 3373This requires that the kernel have been compiled with a 3374.Xr watchdog 4 3375compatible device. 3376.It Va watchdogd_flags 3377.Pq Vt str 3378If 3379.Va watchdogd_enable 3380is set to 3381.Dq Li YES , 3382these are the flags passed to the 3383.Xr watchdogd 8 3384daemon. 3385.It Va performance_cx_lowest 3386.Pq Vt str 3387CPU idle state to use while on AC power. 3388The string 3389.Dq Li LOW 3390indicates that 3391.Xr acpi 4 3392should use the lowest power state available while 3393.Dq Li HIGH 3394indicates that the lowest latency state (less power savings) should be used. 3395.It Va performance_cpu_freq 3396.Pq Vt str 3397CPU clock frequency to use while on AC power. 3398The string 3399.Dq Li LOW 3400indicates that 3401.Xr cpufreq 4 3402should use the lowest frequency available while 3403.Dq Li HIGH 3404indicates that the highest frequency (less power savings) should be used. 3405.It Va economy_cx_lowest 3406.Pq Vt str 3407CPU idle state to use when off AC power. 3408The string 3409.Dq Li LOW 3410indicates that 3411.Xr acpi 4 3412should use the lowest power state available while 3413.Dq Li HIGH 3414indicates that the lowest latency state (less power savings) should be used. 3415.It Va economy_cpu_freq 3416.Pq Vt str 3417CPU clock frequency to use when off AC power. 3418The string 3419.Dq Li LOW 3420indicates that 3421.Xr cpufreq 4 3422should use the lowest frequency available while 3423.Dq Li HIGH 3424indicates that the highest frequency (less power savings) should be used. 3425.It Va jail_enable 3426.Pq Vt bool 3427If set to 3428.Dq Li NO , 3429any configured jails will not be started. 3430.It Va jail_list 3431.Pq Vt str 3432A space separated list of names for jails. 3433This is purely a configuration aid to help identify and 3434configure multiple jails. 3435The names specified in this list will be used to 3436identify settings common to an instance of a jail. 3437Assuming that the jail in question was named 3438.Li vjail , 3439you would have the following dependent variables: 3440.Bd -literal 3441jail_vjail_hostname="jail.example.com" 3442jail_vjail_ip="192.0.2.100" 3443jail_vjail_rootdir="/var/jails/vjail/root" 3444.Ed 3445.Pp 3446.It Va jail_flags 3447.Pq Vt str 3448Unset by default. 3449When set, use as default value for 3450.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3451for every jail in 3452.Va jail_list . 3453.It Va jail_interface 3454.Pq Vt str 3455Unset by default. 3456When set, use as default value for 3457.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3458for every jail in 3459.Va jail_list . 3460.It Va jail_fstab 3461.Pq Vt str 3462Unset by default. 3463When set, use as default value for 3464.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3465for every jail in 3466.Va jail_list . 3467.It Va jail_mount_enable 3468.Pq Vt bool 3469Set to 3470.Dq Li NO 3471by default. 3472When set to 3473.Dq Li YES , 3474sets 3475.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3476to 3477.Dq Li YES 3478by default for every jail in 3479.Va jail_list . 3480.It Va jail_devfs_ruleset 3481.Pq Vt str 3482Unset by default. 3483When set, sets 3484.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3485to given value for every jail in 3486.Va jail_list . 3487.It Va jail_devfs_enable 3488.Pq Vt bool 3489Set to 3490.Dq Li NO 3491by default. 3492When set to 3493.Dq Li YES , 3494sets 3495.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3496to 3497.Dq Li YES 3498by default for every jail in 3499.Va jail_list . 3500.It Va jail_fdescfs_enable 3501.Pq Vt bool 3502Set to 3503.Dq Li NO 3504by default. 3505When set to 3506.Dq Li YES , 3507sets 3508.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3509to 3510.Dq Li YES 3511by default for every jail in 3512.Va jail_list . 3513.It Va jail_procfs_enable 3514.Pq Vt bool 3515Set to 3516.Dq Li NO 3517by default. 3518When set to 3519.Dq Li YES , 3520sets 3521.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3522to 3523.Dq Li YES 3524by default for every jail in 3525.Va jail_list . 3526.It Va jail_exec_prestart Ns Aq Ar N 3527.Pq Vt str 3528Unset by default. 3529When set, use as default value for 3530.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestart Ns Aq Ar N 3531for every jail in 3532.Va jail_list . 3533.It Va jail_exec_start 3534.Pq Vt str 3535Unset by default. 3536When set, use as default value for 3537.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3538for every jail in 3539.Va jail_list . 3540.It Va jail_exec_afterstart Ns Aq Ar N 3541.Pq Vt str 3542Unset by default. 3543When set, use as default value for 3544.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3545for every jail in 3546.Va jail_list . 3547.It Va jail_exec_poststart Ns Aq Ar N 3548.Pq Vt str 3549Unset by default. 3550When set, use as default value for 3551.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststart Ns Aq Ar N 3552for every jail in 3553.Va jail_list . 3554.It Va jail_exec_prestop Ns Aq Ar N 3555.Pq Vt str 3556Unset by default. 3557When set, use as default value for 3558.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestop Ns Aq Ar N 3559for every jail in 3560.Va jail_list . 3561.It Va jail_exec_stop 3562Unset by default. 3563When set, use as default value for 3564.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3565for every jail in 3566.Va jail_list . 3567.It Va jail_exec_poststop Ns Aq Ar N 3568.Pq Vt str 3569Unset by default. 3570When set, use as default value for 3571.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststop Ns Aq Ar N 3572for every jail in 3573.Va jail_list . 3574.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 3575.Pq Vt str 3576Unset by default. 3577Set to the root directory used by jail 3578.Va jname . 3579.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 3580.Pq Vt str 3581Unset by default. 3582Set to the fully qualified domain name (FQDN) assigned to jail 3583.Va jname . 3584.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 3585.Pq Vt str 3586Unset by default. 3587Set to the (primary) IPv4 and/or IPv6 address(es) assigned to the jail. 3588The argument can be a sole address or a comma separated list of addresses. 3589Additionally each address can be prefixed by the name of an interface 3590followed by a pipe to overwrite 3591.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3592or 3593.Va jail_interface 3594and/or suffixed by a netmask, prefixlen or prefix. 3595In case no netmask, prefixlen or prefix is given, 3596.Sq /32 3597will be used for IPv4 and 3598.Sq /128 3599will be used for an IPv6 address. 3600If no address is given for the jail then the jail will be started with 3601no networking support. 3602.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip_multi Ns Aq Ar n 3603.Pq Vt str 3604Unset by default. 3605Set additional IPv4 and/or IPv6 address(es) assigned to the jail. 3606The sequence starts with 3607.Dq Li _multi0 3608and the numbers have to be strictly ascending. 3609These entries follow the same syntax as their primary 3610.Va jail_ Ns Ao Ar jname Ac Ns Va _ip 3611entry. 3612The order of the entries can be important as the first address for 3613each address family found will be the primary address of the jail. 3614See 3615.Va ip-addresses 3616option in 3617.Xr jail 8 3618for more details. 3619.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3620.Pq Vt str 3621Set to 3622.Dq Li -l -U root 3623by default. 3624These are flags to pass to 3625.Xr jail . 3626.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3627.Pq Vt str 3628Unset by default. 3629When set, sets the interface to use when setting IP address alias. 3630Note that the alias is created at jail startup and removed at jail shutdown. 3631.It Va jail_ Ns Ao Ar jname Ac Ns Va _fib 3632.Pq Vt str 3633Unset by default. 3634When set, the jail is started with the specified forwarding table (sometimes 3635referred to as a routing table) via 3636.Xr setfib 1 . 3637.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3638.Pq Vt str 3639Set to 3640.Pa /etc/fstab. Ns Aq Ar jname 3641by default. 3642This is the file system information file to use for jail 3643.Va jname . 3644.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3645.Pq Vt bool 3646Set to 3647.Dq Li NO 3648by default. 3649When set to 3650.Dq Li YES , 3651mount all file systems from 3652.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3653at jail startup. 3654.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3655.Pq Vt str 3656Unset by default. 3657When set, defines the device file system ruleset file to use for jail 3658.Va jname . 3659.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3660.Pq Vt bool 3661Set to 3662.Dq Li NO 3663by default. 3664When set to 3665.Dq Li YES , 3666mount the device file system inside jail 3667.Ar jname 3668at jail startup. 3669.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3670.Pq Vt bool 3671Set to 3672.Dq Li NO 3673by default. 3674When set to 3675.Dq Li YES , 3676mount the file-descriptor file system inside jail 3677.Ar jname 3678at jail startup. 3679.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 3680.Pq Vt bool 3681Set to 3682.Dq Li NO 3683by default. 3684When set to 3685.Dq Li YES , 3686mount the process file system inside jail 3687.Ar jname 3688at jail startup. 3689.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestart Ns Aq Ar N 3690.Pq Vt str 3691Unset by default. 3692This is the command run as 3693.Ar N Ns 3694th command 3695before jail startup, where 3696.Ar N 3697is 0, 1, and so on. 3698It is run outside the jail. 3699.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3700.Pq Vt str 3701Set to 3702.Dq Li /bin/sh /etc/rc 3703by default. 3704This is the command executed in a jail at jail startup. 3705.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3706.Pq Vt str 3707Unset by default. 3708This is the command run as 3709.Ar N Ns 3710th command 3711in a jail 3712after jail startup, where 3713.Ar N 3714is 1, 2, and so on. 3715.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststart Ns Aq Ar N 3716.Pq Vt str 3717Unset by default. 3718This is the command run as 3719.Ar N Ns 3720th command 3721after jail startup, where 3722.Ar N 3723is 0, 1, and so on. 3724It is run outside the jail. 3725.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_prestop Ns Aq Ar N 3726.Pq Vt str 3727Unset by default. 3728This is the command run as 3729.Ar N Ns 3730th command 3731before jail shutdown, where 3732.Ar N 3733is 0, 1, and so on. 3734It is run outside the jail. 3735.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3736.Pq Vt str 3737Set to 3738.Dq Li /bin/sh /etc/rc.shutdown 3739by default. 3740This is the command executed in a jail at jail shutdown. 3741.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_poststop Ns Aq Ar N 3742.Pq Vt str 3743Unset by default. 3744This is the command run as 3745.Ar N Ns 3746th command 3747after jail shutdown, where 3748.Ar N 3749is 0, 1, and so on. 3750It is run outside the jail. 3751.It Va jail_set_hostname_allow 3752.Pq Vt bool 3753If set to 3754.Dq Li NO , 3755do not allow the root user in a jail to set its hostname. 3756.It Va jail_socket_unixiproute_only 3757.Pq Vt bool 3758If set to 3759.Dq Li YES , 3760do not allow any sockets, 3761besides UNIX/IP/route sockets, 3762to be used within a jail. 3763.It Va jail_sysvipc_allow 3764.Pq Vt bool 3765If set to 3766.Dq Li YES , 3767allow applications within a jail to use System V IPC. 3768.\" ----------------------------------------------------- 3769.It Va harvest_interrupt 3770.Pq Vt bool 3771Set to 3772.Dq Li YES 3773to use hardware interrupts as an entropy source. 3774Refer to 3775.Xr random 4 3776for more information. 3777.It Va harvest_ethernet 3778.Pq Vt bool 3779Set to 3780.Dq Li YES 3781to use LAN traffic as an entropy source. 3782Refer to 3783.Xr random 4 3784for more information. 3785.It Va harvest_p_to_p 3786.Pq Vt bool 3787Set to 3788.Dq Li YES 3789to use serial line traffic as an entropy source. 3790Refer to 3791.Xr random 4 3792for more information. 3793.It Va entropy_dir 3794.Pq Vt str 3795Set to 3796.Dq Li NO 3797to disable caching entropy via 3798.Xr cron 8 . 3799Otherwise set to the directory used to store entropy files in. 3800.It Va entropy_file 3801.Pq Vt str 3802Set to 3803.Dq Li NO 3804to disable caching entropy through reboots. 3805Otherwise set to the filename used to store cached entropy through 3806reboots. 3807This file should be located on the root file system to seed the 3808.Xr random 4 3809device as early as possible in the boot process. 3810.It Va entropy_save_sz 3811.Pq Vt int 3812Size of the entropy cache files saved by 3813.Nm save-entropy 3814periodically. 3815.It Va entropy_save_num 3816.Pq Vt int 3817Number of entropy cache files to save by 3818.Nm save-entropy 3819periodically. 3820.It Va ipsec_enable 3821.Pq Vt bool 3822Set to 3823.Dq Li YES 3824to run 3825.Xr setkey 8 3826on 3827.Va ipsec_file 3828at boot time. 3829.It Va ipsec_file 3830.Pq Vt str 3831Configuration file for 3832.Xr setkey 8 . 3833.It Va dmesg_enable 3834.Pq Vt bool 3835Set to 3836.Dq Li YES 3837to save 3838.Xr dmesg 8 3839to 3840.Pa /var/run/dmesg.boot 3841on boot. 3842.It Va rcshutdown_timeout 3843.Pq Vt int 3844If set, start a watchdog timer in the background which will terminate 3845.Pa rc.shutdown 3846if 3847.Xr shutdown 8 3848has not completed within the specified time (in seconds). 3849Notice that in addition to this soft timeout, 3850.Xr init 8 3851also applies a hard timeout for the execution of 3852.Pa rc.shutdown . 3853This is configured via 3854.Xr sysctl 8 3855variable 3856.Va kern.init_shutdown_timeout 3857and defaults to 120 seconds. 3858Setting the value of 3859.Va rcshutdown_timeout 3860to more than 120 seconds will have no effect until the 3861.Xr sysctl 8 3862variable 3863.Va kern.init_shutdown_timeout 3864is also increased. 3865.It Va virecover_enable 3866.Pq Vt bool 3867Set to 3868.Dq Li NO 3869to prevent the system from trying to 3870recover pre-maturely terminated 3871.Xr vi 1 3872sessions. 3873.It Va ugidfw_enable 3874.Pq Vt bool 3875Set to 3876.Dq Li YES 3877to load the 3878.Xr mac_bsdextended 4 3879module upon system initialization and load a default 3880ruleset file. 3881.It Va bsdextended_script 3882.Pq Vt str 3883The default 3884.Xr mac_bsdextended 4 3885ruleset file to load. 3886The default value of this variable is 3887.Pa /etc/rc.bsdextended . 3888.It Va newsyslog_enable 3889.Pq Vt bool 3890If set to 3891.Dq Li YES , 3892run 3893.Xr newsyslog 8 3894command at startup. 3895.It Va newsyslog_flags 3896.Pq Vt str 3897If 3898.Va newsyslog_enable 3899is set to 3900.Dq Li YES , 3901these are the flags to pass to the 3902.Xr newsyslog 8 3903program. 3904The default is 3905.Dq Li -CN , 3906which causes log files flagged with a 3907.Cm C 3908to be created. 3909.It Va mdconfig_md Ns Aq Ar X 3910.Pq Vt str 3911Arguments to 3912.Xr mdconfig 8 3913for 3914.Xr md 4 3915device 3916.Ar X . 3917At minimum a 3918.Fl t Ar type 3919must be specified and either a 3920.Fl s Ar size 3921for malloc or swap backed 3922.Xr md 4 3923devices or a 3924.Fl f Ar file 3925for vnode backed 3926.Xr md 4 3927devices. 3928Note that 3929.Va mdconfig_md Ns Aq Ar X 3930variables are evaluated until one variable is unset or null. 3931.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _newfs 3932.Pq Vt str 3933Optional arguments passed to 3934.Xr newfs 8 3935to initialize 3936.Xr md 4 3937device 3938.Ar X . 3939.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _owner 3940.Pq Vt str 3941An ownership specification passed to 3942.Xr chown 8 3943after the specified 3944.Xr md 4 3945device 3946.Ar X 3947has been mounted. 3948Both the 3949.Xr md 4 3950device and the mount point will be changed. 3951.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _perms 3952.Pq Vt str 3953A mode string passed to 3954.Xr chmod 1 3955after the specified 3956.Xr md 4 3957device 3958.Ar X 3959has been mounted. 3960Both the 3961.Xr md 4 3962device and the mount point will be changed. 3963.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _files 3964.Pq Vt str 3965Files to be copied to the mount point of the 3966.Xr md 4 3967device 3968.Ar X 3969after it has been mounted. 3970.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _cmd 3971.Pq Vt str 3972Command to execute after the specified 3973.Xr md 4 3974device 3975.Ar X 3976has been mounted. 3977Note that the command is passed to 3978.Ic eval 3979and that both 3980.Va _dev 3981and 3982.Va _mp 3983variables can be used to reference respectively the 3984.Xr md 4 3985device and the mount point. 3986Assuming that the 3987.Xr md 4 3988device is 3989.Li md0 , 3990one could set the following: 3991.Bd -literal 3992mdconfig_md0_cmd="tar xfzC /var/file.tgz \e${_mp}" 3993.Ed 3994.It Va ramdisk_units 3995.Pq Vt str 3996A list of one or more ramdisk units to configure with 3997.Xr mdconfig 8 3998and 3999.Xr newfs 8 4000in time to be mounted from 4001.Xr fstab 5 . 4002Each listed unit 4003.Ar X 4004must specify at least a 4005.Ar type 4006in a 4007.Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 4008variable. 4009Note that this way to configure ramdisks has been deprecated 4010in favor of new 4011.Va mdconfig_md* 4012variables (see above). 4013.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 4014.Pq Vt str 4015Arguments to 4016.Xr mdconfig 8 4017for ramdisk 4018.Ar X . 4019At minimum a 4020.Fl t Ar type 4021must be specified, where 4022.Ar type 4023must be one of 4024.Cm malloc 4025or 4026.Cm swap . 4027.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _newfs 4028.Pq Vt str 4029Optional arguments passed to 4030.Xr newfs 8 4031to initialize ramdisk 4032.Ar X . 4033.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _owner 4034.Pq Vt str 4035An ownership specification passed to 4036.Xr chown 8 4037after the specified ramdisk unit 4038.Ar X 4039has been mounted. 4040Both the 4041.Xr md 4 4042device and the mount point will be changed. 4043.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _perms 4044.Pq Vt str 4045A mode string passed to 4046.Xr chmod 1 4047after the specified ramdisk unit 4048.Ar X 4049has been mounted. 4050Both the 4051.Xr md 4 4052device and the mount point will be changed. 4053.It Va autobridge_interfaces 4054.Pq Vt str 4055Set to the list of bridge interfaces that will have newly arriving interfaces 4056checked against to be automatically added. 4057If not set to 4058.Dq Li NO 4059then for each whitespace separated 4060.Ar element 4061in the value, a 4062.Va autobridge_ Ns Aq Ar element 4063variable is assumed to exist which has a whitespace separated list of interface 4064names to match, these names can use wildcards. 4065For example: 4066.Bd -literal 4067autobridge_interfaces="bridge0" 4068autobridge_bridge0="tap* dc0 vlan[345]" 4069.Ed 4070.It Va mixer_enable 4071.Pq Vt bool 4072If set to 4073.Dq Li YES , 4074enable support for sound mixer. 4075.It Va hcsecd_enable 4076.Pq Vt bool 4077If set to 4078.Dq Li YES , 4079enable Bluetooth security daemon. 4080.It Va hcsecd_config 4081.Pq Vt str 4082Configuration file for 4083.Xr hcsecd 8 . 4084Default 4085.Pa /etc/bluetooth/hcsecd.conf . 4086.It Va sdpd_enable 4087.Pq Vt bool 4088If set to 4089.Dq Li YES , 4090enable Bluetooth Service Discovery Protocol daemon. 4091.It Va sdpd_control 4092.Pq Vt str 4093Path to 4094.Xr sdpd 8 4095control socket. 4096Default 4097.Pa /var/run/sdp . 4098.It Va sdpd_groupname 4099.Pq Vt str 4100Sets 4101.Xr sdpd 8 4102group to run as after it initializes. 4103Default 4104.Dq Li nobody . 4105.It Va sdpd_username 4106.Pq Vt str 4107Sets 4108.Xr sdpd 8 4109user to run as after it initializes. 4110Default 4111.Dq Li nobody . 4112.It Va bthidd_enable 4113.Pq Vt bool 4114If set to 4115.Dq Li YES , 4116enable Bluetooth Human Interface Device daemon. 4117.It Va bthidd_config 4118.Pq Vt str 4119Configuration file for 4120.Xr bthidd 8 . 4121Default 4122.Pa /etc/bluetooth/bthidd.conf . 4123.It Va bthidd_hids 4124.Pq Vt str 4125Path to a file, where 4126.Xr bthidd 8 4127will store information about known HID devices. 4128Default 4129.Pa /var/db/bthidd.hids . 4130.It Va rfcomm_pppd_server_enable 4131.Pq Vt bool 4132If set to 4133.Dq Li YES , 4134enable Bluetooth RFCOMM PPP wrapper daemon. 4135.It Va rfcomm_pppd_server_profile 4136.Pq Vt str 4137The name of the profile to use from 4138.Pa /etc/ppp/ppp.conf . 4139Multiple profiles can be specified here. 4140Also used to specify per-profile overrides. 4141When the profile name contains any of the characters 4142.Dq Li .-/+ 4143they are translated to 4144.Dq Li _ 4145for the proposes of the override variable names. 4146.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _bdaddr 4147.Pq Vt str 4148Overrides local address to listen on. 4149By default 4150.Xr rfcomm_pppd 8 4151will listen on 4152.Dq Li ANY 4153address. 4154The address can be specified as BD_ADDR or name. 4155.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _channel 4156.Pq Vt str 4157Overrides local RFCOMM channel to listen on. 4158By default 4159.Xr rfcomm_pppd 8 4160will listen on RFCOMM channel 1. 4161Must set properly if multiple profiles used in the same time. 4162.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _register_sp 4163.Pq Vt bool 4164Tells 4165.Xr rfcomm_pppd 8 4166if it should register Serial Port service on the speficied RFCOMM channel. 4167Default 4168.Dq Li NO . 4169.It Va rfcomm_pppd_server_ Ns Ao Ar profile Ac Ns _register_dun 4170.Pq Vt bool 4171Tells 4172.Xr rfcomm_pppd 8 4173if it should register Dial-Up Networking service on the speficied 4174RFCOMM channel. 4175Default 4176.Dq Li NO . 4177.El 4178.Sh FILES 4179.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 4180.It Pa /etc/defaults/rc.conf 4181.It Pa /etc/rc.conf 4182.It Pa /etc/rc.conf.local 4183.El 4184.Sh SEE ALSO 4185.Xr catman 1 , 4186.Xr chmod 1 , 4187.Xr gdb 1 , 4188.Xr info 1 , 4189.Xr kbdcontrol 1 , 4190.Xr makewhatis 1 , 4191.Xr sh 1 , 4192.Xr vi 1 , 4193.Xr vidcontrol 1 , 4194.Xr bridge 4 , 4195.Xr dummynet 4 , 4196.Xr ip 4 , 4197.Xr ipf 4 , 4198.Xr ipfw 4 , 4199.Xr ipnat 4 , 4200.Xr kld 4 , 4201.Xr pf 4 , 4202.Xr pflog 4 , 4203.Xr pfsync 4 , 4204.Xr tcp 4 , 4205.Xr udp 4 , 4206.Xr exports 5 , 4207.Xr fstab 5 , 4208.Xr ipf 5 , 4209.Xr ipnat 5 , 4210.Xr motd 5 , 4211.Xr newsyslog.conf 5 , 4212.Xr pf.conf 5 , 4213.Xr security 7 , 4214.Xr accton 8 , 4215.Xr amd 8 , 4216.Xr apm 8 , 4217.Xr atm 8 , 4218.Xr bthidd 8 , 4219.Xr chkprintcap 8 , 4220.Xr chown 8 , 4221.Xr cron 8 , 4222.Xr dhclient 8 , 4223.Xr ftpd 8 , 4224.Xr geli 8 , 4225.Xr hcsecd 8 , 4226.Xr ifconfig 8 , 4227.Xr inetd 8 , 4228.Xr ipf 8 , 4229.Xr ipfw 8 , 4230.Xr ipnat 8 , 4231.Xr jail 8 , 4232.Xr kldxref 8 , 4233.Xr lpd 8 , 4234.Xr mdconfig 8 , 4235.Xr mdmfs 8 , 4236.Xr mixer 8 , 4237.Xr mountd 8 , 4238.Xr moused 8 , 4239.Xr mrouted 8 , 4240.Xr named 8 , 4241.Xr newfs 8 , 4242.Xr newsyslog 8 , 4243.Xr nfsd 8 , 4244.Xr ntpd 8 , 4245.Xr ntpdate 8 , 4246.Xr pfctl 8 , 4247.Xr pflogd 8 , 4248.Xr powerd 8 , 4249.Xr quotacheck 8 , 4250.Xr quotaon 8 , 4251.Xr rc 8 , 4252.Xr rc.sendmail 8 , 4253.Xr rfcomm_pppd 8 , 4254.Xr route 8 , 4255.Xr routed 8 , 4256.Xr rpcbind 8 , 4257.Xr rpc.lockd 8 , 4258.Xr rpc.statd 8 , 4259.Xr rwhod 8 , 4260.Xr savecore 8 , 4261.Xr sdpd 8 , 4262.Xr sshd 8 , 4263.Xr swapon 8 , 4264.Xr sysctl 8 , 4265.Xr syslogd 8 , 4266.Xr timed 8 , 4267.Xr wlandebug 8 , 4268.Xr yp 8 , 4269.Xr ypbind 8 , 4270.Xr ypserv 8 , 4271.Xr ypset 8 4272.Sh HISTORY 4273The 4274.Nm 4275file appeared in 4276.Fx 2.2.2 . 4277.Sh AUTHORS 4278.An Jordan K. Hubbard . 4279