1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd April 18, 2005 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67See the 68.Va rc_conf_files 69variable below. 70.Pp 71The following list provides a name and short description for each 72variable that can be set in the 73.Nm 74file: 75.Bl -tag -width indent-two 76.It Va rc_debug 77.Pq Vt bool 78If set to 79.Dq Li YES , 80enable output of debug messages from rc scripts. 81This variable can be helpful in diagnosing mistakes when 82editing or integrating new scripts. 83Beware that this produces copious output to the terminal and 84.Xr syslog 3 . 85.It Va rc_info 86.Pq Vt bool 87If set to 88.Dq Li NO , 89disable informational messages from the rc scripts. 90Informational messages are displayed when 91a condition that is not serious enough to warrant a warning or 92an error occurs. 93.It Va swapfile 94.Pq Vt str 95If set to 96.Dq Li NO , 97no swapfile is installed, otherwise the value is used as the full 98pathname to a file to use for additional swap space. 99.It Va apm_enable 100.Pq Vt bool 101If set to 102.Dq Li YES , 103enable support for Automatic Power Management with 104the 105.Xr apm 8 106command. 107.It Va apmd_enable 108.Pq Vt bool 109Run 110.Xr apmd 8 111to handle APM event from userland. 112This also enables support for APM. 113.It Va apmd_flags 114.Pq Vt str 115If 116.Va apmd_enable 117is set to 118.Dq Li YES , 119these are the flags to pass to the 120.Xr apmd 8 121daemon. 122.It Va devd_enable 123.Pq Vt bool 124Run 125.Xr devd 8 126to handle device added, removed or unknown events from the kernel. 127.It Va kldxref_enable 128.Pq Vt bool 129Set to 130.Dq Li NO 131by default. 132Set to 133.Dq Li YES 134to automatically rebuild 135.Pa linker.hints 136files with 137.Xr kldxref 8 138at boot time. 139.It Va kldxref_clobber 140.Pq Vt bool 141Set to 142.Dq Li NO 143by default. 144If 145.Va kldxref_enable 146is true, 147setting to 148.Dq Li YES 149will overwrite existing 150.Pa linker.hints 151files at boot time. 152Otherwise, 153only missing 154.Pa linker.hints 155files are generated. 156.It Va kldxref_module_path 157.Pq Vt str 158Empty by default. 159A semi-colon 160.Pq Ql \&; 161delimited list of paths containing 162.Xr kld 4 163modules. 164If empty, 165the contents of the 166.Va kern.module_path 167.Xr sysctl 8 168are used. 169.It Va pccard_enable 170.Pq Vt bool 171If set to 172.Dq Li YES , 173enable PCCARD support at boot time. 174.It Va pccard_mem 175.Pq Vt str 176Set to PCCARD controller memory address or 177.Dq Li DEFAULT 178for the default value. 179.It Va pccard_ifconfig 180.Pq Vt str 181List of arguments to be passed to 182.Xr ifconfig 8 183at boot time or on 184insertion of the card (e.g.\& 185.Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0 186for a fixed address or 187.Dq Li DHCP 188for a DHCP client). 189.It Va pccard_beep 190.Pq Vt int 191If 0, 192set the PCCARD controller to silent mode. 193If 1, 194set it to beep mode. 195If 2, 196set it to melody mode. 197.It Va pccard_conf 198.Pq Vt str 199Path to the configuration file for the 200.Xr pccardd 8 201daemon (e.g.\& 202.Pa /etc/pccard.conf.sample ) . 203.It Va pccardd_flags 204.Pq Vt str 205If 206.Va pccard_enable 207is set to 208.Dq Li YES , 209these are the flags to pass to the 210.Xr pccardd 8 211daemon. 212.It Va pccard_ether_delay 213.Pq Vt str 214Set the delay before starting 215.Xr dhclient 8 216in the 217.Pa /etc/pccard_ether 218script. 219This defaults to 5 seconds to work around a bug in the 220.Xr ed 4 221driver which can lead to system hangs when using some newer 222.Xr ed 4 223based cards. 224.It Va powerd_enable 225.Pq Vt bool 226If set to 227.Dq Li YES , 228enable the system power control facility with the 229.Xr powerd 8 230daemon. 231.It Va removable_interfaces 232.Pq Vt str 233List of removable network interfaces to be supported by 234.Pa /etc/pccard_ether . 235.It Va tmpmfs 236Controls the creation of a 237.Pa /tmp 238memory file system. 239Always happens if set to 240.Dq Li YES 241and never happens if set to 242.Dq Li NO . 243If set to anything else, a memory file system is created if 244.Pa /tmp 245is not writable. 246.It Va tmpsize 247Controls the size of a created 248.Pa /tmp 249memory file system. 250.It Va tmpmfs_flags 251Extra options passed to the 252.Xr mdmfs 8 253utility when the memory file system for 254.Pa /tmp 255is created. 256The default is 257.Dq Li -S , 258which inhibits the use of softupdates on 259.Pa /tmp 260to waste as little space as possible. 261See 262.Xr mdmfs 8 263for other options you can use in 264.Va tmpmfs_flags . 265.It Va varmfs 266Controls the creation of a 267.Pa /var 268memory file system. 269Always happens if set to 270.Dq Li YES 271and never happens if set to 272.Dq Li NO . 273If set to anything else, a memory file system is created if 274.Pa /var 275is not writable. 276.It Va varsize 277Controls the size of a created 278.Pa /var 279memory file system. 280.It Va varmfs_flags 281Extra options passed to the 282.Xr mdmfs 8 283utility when the memory file system for 284.Pa /var 285is created. 286The default is 287.Dq Li -S , 288which inhibits the use of softupdates on 289.Pa /var 290to waste as little space as possible. 291See 292.Xr mdmfs 8 293for other options you can use in 294.Va varmfs_flags . 295.It Va populate_var 296Controls the automatic population of the 297.Pa /var 298file system. 299Always happens if set to 300.Dq Li YES 301and never happens if set to 302.Dq Li NO . 303If set to anything else, a memory file system is created if 304.Pa /var 305is not writable. 306Note that this process requires access to certain commands in 307.Pa /usr 308before 309.Pa /usr 310is mounted on normal systems. 311.It Va local_startup 312.Pq Vt str 313List of directories to search for startup script files. 314.It Va script_name_sep 315.Pq Vt str 316The field separator to use for breaking down the list of startup script files 317into individual filenames. 318The default is a space. 319It is not necessary to change this unless there are startup scripts with names 320containing spaces. 321.It Va hostname 322.Pq Vt str 323The fully qualified domain name (FQDN) of this host on the network. 324This should almost certainly be set to something meaningful, even if 325there is no network connection. 326If 327.Xr dhclient 8 328is used to set the hostname via DHCP, 329this variable should be set to an empty string. 330.It Va ipv6_enable 331.Pq Vt bool 332Enable support for IPv6 networking. 333Note that this requires that the kernel have been compiled with 334.Cd "options INET6" . 335.It Va nisdomainname 336.Pq Vt str 337The NIS domain name of this host, or 338.Dq Li NO 339if NIS is not used. 340.It Va dhclient_program 341.Pq Vt str 342Path to the DHCP client program 343.Pa ( /sbin/dhclient , 344the ISC DHCP client, 345is the default). 346.It Va dhclient_flags 347.Pq Vt str 348Additional flags to pass to the DHCP client program. 349For the ISC DHCP client, see the 350.Xr dhclient 8 351manpage for a description of the command line options available. 352.It Va background_dhclient 353.Pq Vt bool 354Set to 355.Dq Li YES 356to start the dhcp client in background. 357This can cause trouble with applications depending on 358a working network, but it will provide a faster startup 359in many cases. 360.It Va firewall_enable 361.Pq Vt bool 362Set to 363.Dq Li YES 364to load firewall rules at startup. 365If the kernel was not built with 366.Cd "options IPFIREWALL" , 367the 368.Pa ipfw.ko 369kernel module will be loaded. 370See also 371.Va ipfilter_enable . 372.It Va ipv6_firewall_enable 373.Pq Vt bool 374The IPv6 equivalent of 375.Va firewall_enable . 376Set to 377.Dq Li YES 378to load IPv6 firewall rules at startup. 379If the kernel was not built with 380.Cd "options IPV6FIREWALL" , 381the 382.Pa ip6fw.ko 383kernel module will be loaded. 384.It Va firewall_script 385.Pq Vt str 386This variable specifies the full path to the firewall script to run. 387The default is 388.Pa /etc/rc.firewall . 389.It Va ipv6_firewall_script 390.Pq Vt str 391The IPv6 equivalent of 392.Va firewall_script . 393.It Va firewall_type 394.Pq Vt str 395Names the firewall type from the selection in 396.Pa /etc/rc.firewall , 397or the file which contains the local firewall ruleset. 398Valid selections from 399.Pa /etc/rc.firewall 400are: 401.Pp 402.Bl -tag -width ".Li simple" -compact 403.It Li open 404unrestricted IP access 405.It Li closed 406all IP services disabled, except via 407.Dq Li lo0 408.It Li client 409basic protection for a workstation 410.It Li simple 411basic protection for a LAN. 412.El 413.Pp 414If a filename is specified, the full path 415must be given. 416.It Va ipv6_firewall_type 417.Pq Vt str 418The IPv6 equivalent of 419.Va firewall_type . 420.It Va firewall_quiet 421.Pq Vt bool 422Set to 423.Dq Li YES 424to disable the display of firewall rules on the console during boot. 425.It Va ipv6_firewall_quiet 426.Pq Vt bool 427The IPv6 equivalent of 428.Va firewall_quiet . 429.It Va firewall_logging 430.Pq Vt bool 431Set to 432.Dq Li YES 433to enable firewall event logging. 434This is equivalent to the 435.Dv IPFIREWALL_VERBOSE 436kernel option. 437.It Va ipv6_firewall_logging 438.Pq Vt bool 439The IPv6 equivalent of 440.Va firewall_logging . 441.It Va firewall_flags 442.Pq Vt str 443Flags passed to 444.Xr ipfw 8 445if 446.Va firewall_type 447specifies a filename. 448.It Va ipv6_firewall_flags 449.Pq Vt str 450The IPv6 equivalent of 451.Va firewall_flags . 452.It Va natd_program 453.Pq Vt str 454Path to 455.Xr natd 8 . 456.It Va natd_enable 457.Pq Vt bool 458Set to 459.Dq Li YES 460to enable 461.Xr natd 8 . 462.Va firewall_enable 463must also be set to 464.Dq Li YES , 465and 466.Xr divert 4 467sockets must be enabled in the kernel. 468If the kernel was not built with 469.Cd "options IPDIVERT" , 470the 471.Pa ipdivert.ko 472kernel module will be loaded. 473.It Va natd_interface 474.Pq Vt str 475This is the name of the public interface on which 476.Xr natd 8 477should run. 478The interface may be given as an interface name or as an IP address. 479.It Va natd_flags 480.Pq Vt str 481Additional 482.Xr natd 8 483flags should be placed here. 484The 485.Fl n 486or 487.Fl a 488flag is automatically added with the above 489.Va natd_interface 490as an argument. 491.\" ----- ipfilter_enable setting -------------------------------- 492.It Va ipfilter_enable 493.Pq Vt bool 494Set to 495.Dq Li NO 496by default. 497Setting this to 498.Dq Li YES 499enables 500.Xr ipf 8 501packet filtering. 502.Pp 503Typical usage will require putting 504.Bd -literal 505ipfilter_enable="YES" 506ipnat_enable="YES" 507ipmon_enable="YES" 508ipfs_enable="YES" 509.Ed 510.Pp 511into 512.Pa /etc/rc.conf 513and editing 514.Pa /etc/ipf.rules 515and 516.Pa /etc/ipnat.rules 517appropriately. 518.Pp 519Note that 520.Va ipfilter_enable 521and 522.Va ipnat_enable 523can be enabled independently. 524.Va ipmon_enable 525and 526.Va ipfs_enable 527both require at least one of 528.Va ipfilter_enable 529and 530.Va ipnat_enable 531to be enabled. 532.Pp 533Having 534.Bd -literal 535options IPFILTER 536options IPFILTER_LOG 537options IPFILTER_DEFAULT_BLOCK 538.Ed 539.Pp 540in the kernel configuration file is a good idea, too. 541.\" ----- ipfilter_program setting ------------------------------ 542.It Va ipfilter_program 543.Pq Vt str 544Path to 545.Xr ipf 8 546(default 547.Pa /sbin/ipf ) . 548.\" ----- ipfilter_rules setting -------------------------------- 549.It Va ipfilter_rules 550.Pq Vt str 551Set to 552.Pa /etc/ipf.rules 553by default. 554This variable contains the name of the filter rule definition file. 555The file is expected to be readable for the 556.Xr ipf 8 557command to execute. 558.\" ----- ipv6_ipfilter_rules setting --------------------------- 559.It Va ipv6_ipfilter_rules 560.Pq Vt str 561Set to 562.Pa /etc/ipf6.rules 563by default. 564This variable contains the IPv6 filter rule definition file. 565The file is expected to be readable for the 566.Xr ipf 8 567command to execute. 568.\" ----- ipfilter_flags setting -------------------------------- 569.It Va ipfilter_flags 570.Pq Vt str 571Empty by default. 572This variable contains flags passed to the 573.Xr ipf 8 574program. 575.\" ----- ipnat_enable setting ---------------------------------- 576.It Va ipnat_enable 577.Pq Vt bool 578Set to 579.Dq Li NO 580by default. 581Set it to 582.Dq Li YES 583to enable 584.Xr ipnat 1 585network address translation. 586See 587.Va ipfilter_enable 588for a detailed discussion. 589.\" ----- ipnat_program setting --------------------------------- 590.It Va ipnat_program 591.Pq Vt str 592Path to 593.Xr ipnat 1 594(default 595.Pa /sbin/ipnat ) . 596.\" ----- ipnat_rules setting ----------------------------------- 597.It Va ipnat_rules 598.Pq Vt str 599Set to 600.Pa /etc/ipnat.rules 601by default. 602This variable contains the name of the file 603holding the network address translation definition. 604This file is expected to be readable for the 605.Xr ipnat 1 606command to execute. 607.\" ----- ipnat_flags setting ----------------------------------- 608.It Va ipnat_flags 609.Pq Vt str 610Empty by default. 611This variable contains flags passed to the 612.Xr ipnat 1 613program. 614.\" ----- ipmon_enable setting ---------------------------------- 615.It Va ipmon_enable 616.Pq Vt bool 617Set to 618.Dq Li NO 619by default. 620Set it to 621.Dq Li YES 622to enable 623.Xr ipmon 8 624monitoring (logging 625.Xr ipf 8 626and 627.Xr ipnat 1 628events). 629Setting this variable needs setting 630.Va ipfilter_enable 631or 632.Va ipnat_enable 633too. 634See 635.Va ipfilter_enable 636for a detailed discussion. 637.\" ----- ipmon_program setting --------------------------------- 638.It Va ipmon_program 639.Pq Vt str 640Path to 641.Xr ipmon 8 642(default 643.Pa /sbin/ipmon ) . 644.\" ----- ipmon_flags setting ----------------------------------- 645.It Va ipmon_flags 646.Pq Vt str 647Set to 648.Dq Li -Ds 649by default. 650This variable contains flags passed to the 651.Xr ipmon 8 652program. 653Another typical example would be 654.Dq Fl D Pa /var/log/ipflog 655to have 656.Xr ipmon 8 657log directly to a file bypassing 658.Xr syslogd 8 . 659Make sure to adjust 660.Pa /etc/newsyslog.conf 661in such case like this: 662.Bd -literal 663/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 664.Ed 665.\" ----- ipfs_enable setting ----------------------------------- 666.It Va ipfs_enable 667.Pq Vt bool 668Set to 669.Dq Li NO 670by default. 671Set it to 672.Dq Li YES 673to enable 674.Xr ipfs 8 675saving the filter and NAT state tables during shutdown 676and reloading them during startup again. 677Setting this variable needs setting 678.Va ipfilter_enable 679or 680.Va ipnat_enable 681to 682.Dq Li YES 683too. 684See 685.Va ipfilter_enable 686for a detailed discussion. 687Note that if 688.Va kern_securelevel 689is set to 3, 690.Va ipfs_enable 691cannot be used 692because the raised securelevel will prevent 693.Xr ipfs 8 694from saving the state tables at shutdown time. 695.\" ----- ipfs_program setting ---------------------------------- 696.It Va ipfs_program 697.Pq Vt str 698Path to 699.Xr ipfs 8 700(default 701.Pa /sbin/ipfs ) . 702.\" ----- ipfs_flags setting ------------------------------------ 703.It Va ipfs_flags 704.Pq Vt str 705Empty by default. 706This variable contains flags passed to the 707.Xr ipfs 8 708program. 709.\" ----- end of added ipf hook --------------------------------- 710.It Va pf_enable 711.Pq Vt bool 712Set to 713.Dq Li NO 714by default. 715Setting this to 716.Dq Li YES 717enables 718.Xr pf 4 719packet filtering. 720.Pp 721Typical usage will require putting 722.Pp 723.Dl pf_enable="YES" 724.Pp 725into 726.Pa /etc/rc.conf 727and editing 728.Pa /etc/pf.conf 729appropriately. 730.Pp 731.Dl "device pf" 732.Pp 733builds 734.Xr pf 4 735into the kernel. 736Otherwise it is loaded from a module. 737.It Va pf_rules 738.Pq Vt str 739Path to 740.Xr pf 4 741ruleset configuration file 742(default 743.Pa /etc/pf.conf ) . 744.It Va pf_program 745.Pq Vt str 746Path to 747.Xr pfctl 8 748(default 749.Pa /sbin/pfctl ) . 750.It Va pf_flags 751.Pq Vt str 752If 753.Va pf_enable 754is set to 755.Dq Li YES , 756these flags are passed to the 757.Xr pfctl 8 758program when loading the ruleset. 759.It Va pflog_enable 760.Pq Vt bool 761Set to 762.Dq Li NO 763by default. 764Setting this to 765.Dq Li YES 766enables 767.Xr pflogd 8 768which logs packtes from the 769.Xr pf 4 770packet filter. 771.It Va pflog_logfile 772.Pq Vt str 773If 774.Va pflog_enable 775is set to 776.Dq Li YES 777this controls where 778.Xr pflogd 8 779stores the logfile 780(default 781.Pa /var/log/pflog ) . 782Check 783.Pa /etc/newsyslog.conf 784to adjust logfile rotation for this. 785.It Va pflog_program 786.Pq Vt str 787Path to 788.Xr pflogd 8 789(default 790.Pa /sbin/pflogd ) . 791.It Va pflog_flags 792.Pq Vt str 793Empty by default. 794This variable contains additional flags passed to the 795.Xr pflogd 8 796program. 797.It Va tcp_extensions 798.Pq Vt bool 799Set to 800.Dq Li YES 801by default. 802Setting this to 803.Dq Li NO 804disables certain TCP options as described by 805.Rs 806.%T "RFC 1323" 807.Re 808Setting this to 809.Dq Li NO 810might help remedy such problems with connections as randomly hanging 811or other weird behavior. 812Some network devices are known 813to be broken with respect to these options. 814.It Va log_in_vain 815.Pq Vt int 816Set to 0 by default. 817The 818.Xr sysctl 8 819variables, 820.Va net.inet.tcp.log_in_vain 821and 822.Va net.inet.udp.log_in_vain , 823as described in 824.Xr tcp 4 825and 826.Xr udp 4 , 827are set to the given value. 828.It Va tcp_keepalive 829.Pq Vt bool 830Set to 831.Dq Li YES 832by default. 833Setting to 834.Dq Li NO 835will disable probing idle TCP connections to verify that the 836peer is still up and reachable. 837.It Va tcp_drop_synfin 838.Pq Vt bool 839Set to 840.Dq Li NO 841by default. 842Setting to 843.Dq Li YES 844will cause the kernel to ignore TCP frames that have both 845the SYN and FIN flags set. 846This prevents OS fingerprinting, but may 847break some legitimate applications. 848This option is only available if the 849kernel was built with the 850.Dv TCP_DROP_SYNFIN 851option. 852.It Va icmp_drop_redirect 853.Pq Vt bool 854Set to 855.Dq Li NO 856by default. 857Setting to 858.Dq Li YES 859will cause the kernel to ignore ICMP REDIRECT packets. 860Refer to 861.Xr icmp 4 862for more information. 863.It Va icmp_log_redirect 864.Pq Vt bool 865Set to 866.Dq Li NO 867by default. 868Setting to 869.Dq Li YES 870will cause the kernel to log ICMP REDIRECT packets. 871Note that 872the log messages are not rate-limited, so this option should only be used 873for troubleshooting networks. 874Refer to 875.Xr icmp 4 876for more information. 877.It Va icmp_bmcastecho 878.Pq Vt bool 879Set to 880.Dq Li YES 881to respond to broadcast or multicast ICMP ping packets. 882Refer to 883.Xr icmp 4 884for more information. 885.It Va ip_portrange_first 886.Pq Vt int 887If not set to 888.Dq Li NO , 889this is the first port in the default portrange. 890Refer to 891.Xr ip 4 892for more information. 893.It Va ip_portrange_last 894.Pq Vt int 895If not set to 896.Dq Li NO , 897this is the last port in the default portrange. 898Refer to 899.Xr ip 4 900for more information. 901.It Va network_interfaces 902.Pq Vt str 903Set to the list of network interfaces to configure on this host. 904For example, if the only network devices in the system are the loopback 905device 906.Pq Li lo0 907and a NIC using the 908.Xr ed 4 909driver, 910this could be set to 911.Dq Li "lo0 ed0" . 912An 913.Va ifconfig_ Ns Aq Ar interface 914variable is also assumed to exist for each value of 915.Ar interface . 916It is also possible to add IP alias entries here in cases where 917multiple IP addresses registered against a single interface 918are desired. 919Assuming that the interface in question was 920.Li ed0 , 921it might look 922something like this: 923.Bd -literal 924ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 925ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 926.Ed 927.Pp 928And so on. 929For each 930.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 931entry that is found, 932its contents are passed to 933.Xr ifconfig 8 . 934Execution stops at the first unsuccessful access, so if 935something like this is present: 936.Bd -literal 937ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 938ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 939ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 940ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 941.Ed 942.Pp 943Then note that alias4 would 944.Em not 945be added since the search would 946stop with the missing alias3 entry. 947.Pp 948If the 949.Pa /etc/start_if. Ns Aq Ar interface 950file is present, it is read and executed by the 951.Xr sh 1 952interpreter 953before configuring the interface as specified in the 954.Va ifconfig_ Ns Aq Ar interface 955and 956.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 957variables. 958.Pp 959It is possible to bring up an interface with DHCP by setting the 960.Va ifconfig_ Ns Aq Ar interface 961variable to 962.Dq Li DHCP . 963For instance, to initialize the 964.Li ed0 965device via DHCP, 966it is possible to use something like: 967.Bd -literal 968ifconfig_ed0="DHCP" 969.Ed 970.Pp 971It is also possible to rename interface by doing: 972.Bd -literal 973ifconfig_ed0_name="net0" 974ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 975.Ed 976.It Va ipv6_network_interfaces 977.Pq Vt str 978This is the IPv6 equivalent of 979.Va network_interfaces . 980Instead of setting the ifconfig variables as 981.Va ifconfig_ Ns Aq Ar interface 982they should be set as 983.Va ipv6_ifconfig_ Ns Aq Ar interface . 984Aliases should be set as 985.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 986.Va ipv6_prefix_ Ns Aq Ar interface 987does something. 988Interfaces that do not have a 989.Va ipv6_ifconfig_ Ns Aq Ar interface 990setting will be auto configured by 991.Xr rtsol 8 992if the 993.Va ipv6_gateway_enable 994is set to 995.Dq Li NO . 996Note that the IPv6 networking code does not support the 997.Pa /etc/start_if. Ns Aq Ar interface 998files. 999.It Va ipv6_default_interface 1000.Pq Vt str 1001If not set to 1002.Dq Li NO , 1003this is the default output interface for scoped addresses. 1004Now this works only for IPv6 link local multicast addresses. 1005.It Va cloned_interfaces 1006.Pq Vt str 1007Set to the list of clonable network interfaces to create on this host. 1008Entries in 1009.Va cloned_interfaces 1010are automatically appended to 1011.Va network_interfaces 1012for configuration. 1013.It Va gif_interfaces 1014.Pq Vt str 1015Set to the list of 1016.Xr gif 4 1017tunnel interfaces to configure on this host. 1018A 1019.Va gifconfig_ Ns Aq Ar interface 1020variable is assumed to exist for each value of 1021.Ar interface . 1022The value of this variable is used to configure the link layer of the 1023tunnel according to the syntax of the 1024.Cm tunnel 1025option to 1026.Xr ifconfig 8 . 1027Additionally, this option ensures that each listed interface is created 1028via the 1029.Cm create 1030option to 1031.Xr ifconfig 8 1032before attempting to configure it. 1033.It Va sppp_interfaces 1034.Pq Vt str 1035Set to the list of 1036.Xr sppp 4 1037interfaces to configure on this host. 1038A 1039.Va spppconfig_ Ns Aq Ar interface 1040variable is assumed to exist for each value of 1041.Ar interface . 1042Each interface should also be configured by a general 1043.Va ifconfig_ Ns Aq Ar interface 1044setting. 1045Refer to 1046.Xr spppcontrol 8 1047for more information about available options. 1048.It Va ppp_enable 1049.Pq Vt bool 1050If set to 1051.Dq Li YES , 1052run the 1053.Xr ppp 8 1054daemon. 1055.It Va ppp_mode 1056.Pq Vt str 1057Mode in which to run the 1058.Xr ppp 8 1059daemon. 1060Accepted modes are 1061.Dq Li auto , 1062.Dq Li ddial , 1063.Dq Li direct 1064and 1065.Dq Li dedicated . 1066See the manual for a full description. 1067.It Va ppp_nat 1068.Pq Vt bool 1069If set to 1070.Dq Li YES , 1071enables network address translation. 1072Used in conjunction with 1073.Va gateway_enable 1074allows hosts on private network addresses access to the Internet using 1075this host as a network address translating router. 1076.It Va ppp_profile 1077.Pq Vt str 1078The name of the profile to use from 1079.Pa /etc/ppp/ppp.conf . 1080.It Va ppp_user 1081.Pq Vt str 1082The name of the user under which 1083.Xr ppp 8 1084should be started. 1085By 1086default, 1087.Xr ppp 8 1088is started as 1089.Dq Li root . 1090.It Va rc_conf_files 1091.Pq Vt str 1092This option is used to specify a list of files that will override 1093the settings in 1094.Pa /etc/defaults/rc.conf . 1095The files will be read in the order in which they are specified and should 1096include the full path to the file. 1097By default, the files specified are 1098.Pa /etc/rc.conf 1099and 1100.Pa /etc/rc.conf.local 1101.It Va gbde_autoattach_all 1102.Pq Vt bool 1103If set to 1104.Dq Li YES , 1105.Pa /etc/rc.d/gbde 1106will attempt to automatically initialize your .bde devices in 1107.Pa /etc/fstab . 1108.It Va gbde_devices 1109.Pq Vt str 1110List the devices that the script should try to attach, 1111or 1112.Dq Li AUTO . 1113.It Va gbde_lockdir 1114.Pq Vt str 1115The directory where the 1116.Xr gbde 4 1117lockfiles are located. 1118The default lockfile directory is 1119.Pa /etc . 1120.Pp 1121The lockfile for each individual 1122.Xr gbde 4 1123device can be overridden by setting the variable 1124.Va gbde_lock_ Ns Aq Ar device , 1125where 1126.Ar device 1127is the encrypted device without the 1128.Dq Pa /dev/ 1129and 1130.Dq Pa .bde 1131parts. 1132.It Va gbde_attach_attempts 1133.Pq Vt int 1134Number of times to attempt attaching to a 1135.Xr gbde 4 1136device, i.e., how many times the user is asked for the pass-phrase. 1137Default is 3. 1138.It Va gbde_swap_enable 1139.Pq Vt bool 1140If set to 1141.Dq Li YES , 1142any .bde swap devices listed in 1143.Pa /etc/fstab 1144will be initialized with a random, one-shot key. 1145Note that this makes recovery of kernel dumps impossible. 1146.It Va root_rw_mount 1147.Pq Vt bool 1148Set to 1149.Dq Li YES 1150by default. 1151After the file systems are checked at boot time, the root file system 1152is remounted as read-write if this is set to 1153.Dq Li YES . 1154Diskless systems that mount their root file system from a read-only remote 1155NFS share should set this to 1156.Dq Li NO 1157in their 1158.Pa rc.conf . 1159.It Va fsck_y_enable 1160.Pq Vt bool 1161If set to 1162.Dq Li YES , 1163.Xr fsck 8 1164will be run with the 1165.Fl y 1166flag if the initial preen 1167of the file systems fails. 1168.It Va background_fsck 1169.Pq Vt bool 1170If set to 1171.Dq Li YES , 1172the system will attempt to run 1173.Xr fsck 8 1174in the background where possible. 1175.It Va background_fsck_delay 1176.Pq Vt int 1177The amount of time in seconds to sleep before starting a background 1178.Xr fsck 8 . 1179It defaults to sixty seconds to allow large applications such as 1180the X server to start before disk I/O bandwidth is monopolized by 1181.Xr fsck 8 . 1182.It Va netfs_types 1183.Pq Vt str 1184List of file system types that are network-based. 1185This list should generally not be modified by end users. 1186Use 1187.Va extra_netfs_types 1188instead. 1189.It Va extra_netfs_types 1190.Pq Vt str 1191If set to something other than 1192.Dq Li NO 1193(the default), 1194this variable extends the list of file system types 1195for which automatic mounting at startup by 1196.Xr rc 8 1197should be delayed until the network is initialized. 1198It should contain 1199a whitespace-separated list of network file system descriptor pairs, 1200each consisting of a file system type as passed to 1201.Xr mount 8 1202and a human-readable, one-word description, 1203joined with a colon 1204.Pq Ql \&: . 1205Extending the default list in this way is only necessary 1206when third party file system types are used. 1207.It Va syslogd_enable 1208.Pq Vt bool 1209If set to 1210.Dq Li YES , 1211run the 1212.Xr syslogd 8 1213daemon. 1214.It Va syslogd_program 1215.Pq Vt str 1216Path to 1217.Xr syslogd 8 1218(default 1219.Pa /usr/sbin/syslogd ) . 1220.It Va syslogd_flags 1221.Pq Vt str 1222If 1223.Va syslogd_enable 1224is set to 1225.Dq Li YES , 1226these are the flags to pass to 1227.Xr syslogd 8 . 1228.It Va inetd_enable 1229.Pq Vt bool 1230If set to 1231.Dq Li YES , 1232run the 1233.Xr inetd 8 1234daemon. 1235.It Va inetd_program 1236.Pq Vt str 1237Path to 1238.Xr inetd 8 1239(default 1240.Pa /usr/sbin/inetd ) . 1241.It Va inetd_flags 1242.Pq Vt str 1243If 1244.Va inetd_enable 1245is set to 1246.Dq Li YES , 1247these are the flags to pass to 1248.Xr inetd 8 . 1249.It Va named_enable 1250.Pq Vt bool 1251If set to 1252.Dq Li YES , 1253run the 1254.Xr named 8 1255daemon. 1256.It Va named_program 1257.Pq Vt str 1258Path to 1259.Xr named 8 1260(default 1261.Pa /usr/sbin/named ) . 1262.It Va named_flags 1263.Pq Vt str 1264If 1265.Va named_enable 1266is set to 1267.Dq Li YES , 1268these are the flags to pass to 1269.Xr named 8 . 1270.It Va named_pidfile 1271.Pq Vt str 1272This is the default path to the 1273.Xr named 8 1274daemon's PID file. 1275Change it if you change the location in 1276.Xr named.conf 5 . 1277.It Va named_chrootdir 1278.Pq Vt str 1279The root directory for a name server run in a 1280.Xr chroot 8 1281environment (default 1282.Pa /var/named ) . 1283If left empty 1284.Xr named 8 1285will not be run in a 1286.Xr chroot 8 1287environment. 1288.It Va named_chroot_autoupdate 1289.Pq Vt bool 1290Set to 1291.Dq Li NO 1292to disable automatic update of the 1293.Xr chroot 8 1294environment. 1295.It Va named_symlink_enable 1296.Pq Vt bool 1297Set to 1298.Dq Li NO 1299to disable symlinking of 1300daemon's PID file 1301into the 1302.Xr chroot 8 1303environment. 1304.It Va kerberos5_server_enable 1305.Pq Vt bool 1306Set to 1307.Dq Li YES 1308to start a Kerberos 5 authentication server 1309at boot time. 1310.It Va kerberos5_server 1311.Pq Vt str 1312If 1313.Va kerberos5_server_enable 1314is set to 1315.Dq Li YES 1316this is the path to Kerberos 5 Authentication Server. 1317.It Va kadmind5_server_enable 1318.Pq Vt bool 1319Set to 1320.Dq Li YES 1321to start 1322.Xr kadmind 8 , 1323the Kerberos 5 Administration Daemon; set to 1324.Dq Li NO 1325on a slave server. 1326.It Va kadmind5_server 1327.Pq Vt str 1328If 1329.Va kadmind5_server_enable 1330is set to 1331.Dq Li YES 1332this is the path to Kerberos 5 Administration Daemon. 1333.It Va kpasswdd_server_enable 1334.Pq Vt bool 1335Set to 1336.Dq Li YES 1337to start 1338.Xr kpasswdd 8 , 1339the Kerberos 5 Password-Changing Daemon; set to 1340.Dq Li NO 1341on a slave server. 1342.It Va kpasswdd_server 1343.Pq Vt str 1344If 1345.Va kpasswdd_server_enable 1346is set to 1347.Dq Li YES 1348this is the path to Kerberos 5 Password-Changing Daemon. 1349.It Va rwhod_enable 1350.Pq Vt bool 1351If set to 1352.Dq Li YES , 1353run the 1354.Xr rwhod 8 1355daemon at boot time. 1356.It Va rwhod_flags 1357.Pq Vt str 1358If 1359.Va rwhod_enable 1360is set to 1361.Dq Li YES , 1362these are the flags to pass to it. 1363.It Va amd_enable 1364.Pq Vt bool 1365If set to 1366.Dq Li YES , 1367run the 1368.Xr amd 8 1369daemon at boot time. 1370.It Va amd_flags 1371.Pq Vt str 1372If 1373.Va amd_enable 1374is set to 1375.Dq Li YES , 1376these are the flags to pass to it. 1377See the 1378.Xr amd 8 1379manpage for more information. 1380.It Va amd_map_program 1381.Pq Vt str 1382If set, 1383the specified program is run to get the list of 1384.Xr amd 8 1385maps. 1386For example, if the 1387.Xr amd 8 1388maps are stored in NIS, one can set this to 1389run 1390.Xr ypcat 1 1391to get a list of 1392.Xr amd 8 1393maps from the 1394.Pa amd.master 1395NIS map. 1396.It Va update_motd 1397.Pq Vt bool 1398If set to 1399.Dq Li YES , 1400.Pa /etc/motd 1401will be updated at boot time to reflect the kernel release 1402being run. 1403If set to 1404.Dq Li NO , 1405.Pa /etc/motd 1406will not be updated. 1407.It Va nfs_client_enable 1408.Pq Vt bool 1409If set to 1410.Dq Li YES , 1411run the NFS client daemons at boot time. 1412.It Va nfs_access_cache 1413.Pq Vt int 1414If 1415.Va nfs_client_enable 1416is set to 1417.Dq Li YES , 1418this can be set to 1419.Dq Li 0 1420to disable NFS ACCESS RPC caching, or to the number of seconds for which 1421NFS ACCESS 1422results should be cached. 1423A value of 2-10 seconds will substantially reduce network 1424traffic for many NFS operations. 1425.It Va nfs_server_enable 1426.Pq Vt bool 1427If set to 1428.Dq Li YES , 1429run the NFS server daemons at boot time. 1430.It Va nfs_server_flags 1431.Pq Vt str 1432If 1433.Va nfs_server_enable 1434is set to 1435.Dq Li YES , 1436these are the flags to pass to the 1437.Xr nfsd 8 1438daemon. 1439.It Va mountd_enable 1440.Pq Vt bool 1441If set to 1442.Dq Li YES , 1443and no 1444.Va nfs_server_enable 1445is set, start 1446.Xr mountd 8 , 1447but not 1448.Xr nfsd 8 1449daemon. 1450It is commonly needed to run CFS without real NFS used. 1451.It Va mountd_flags 1452.Pq Vt str 1453If 1454.Va mountd_enable 1455is set to 1456.Dq Li YES , 1457these are the flags to pass to the 1458.Xr mountd 8 1459daemon. 1460.It Va weak_mountd_authentication 1461.Pq Vt bool 1462If set to 1463.Dq Li YES , 1464allow services like PCNFSD to make non-privileged mount 1465requests. 1466.It Va nfs_reserved_port_only 1467.Pq Vt bool 1468If set to 1469.Dq Li YES , 1470provide NFS services only on a secure port. 1471.It Va nfs_bufpackets 1472.Pq Vt int 1473If set to a number, indicates the number of packets worth of 1474socket buffer space to reserve on an NFS client. 1475The kernel default is typically 4. 1476Using a higher number may be 1477useful on gigabit networks to improve performance. 1478The minimum value is 14792 and the maximum is 64. 1480.It Va rpc_lockd_enable 1481.Pq Vt bool 1482If set to 1483.Dq Li YES 1484and also an NFS server, run 1485.Xr rpc.lockd 8 1486at boot time. 1487.It Va rpc_statd_enable 1488.Pq Vt bool 1489If set to 1490.Dq Li YES 1491and also an NFS server, run 1492.Xr rpc.statd 8 1493at boot time. 1494.It Va rpcbind_program 1495.Pq Vt str 1496Path to 1497.Xr rpcbind 8 1498(default 1499.Pa /usr/sbin/rpcbind ) . 1500.It Va rpcbind_enable 1501.Pq Vt bool 1502If set to 1503.Dq Li YES , 1504run the 1505.Xr rpcbind 8 1506service at boot time. 1507.It Va rpcbind_flags 1508.Pq Vt str 1509If 1510.Va rpcbind_enable 1511is set to 1512.Dq Li YES , 1513these are the flags to pass to the 1514.Xr rpcbind 8 1515daemon. 1516.It Va keyserv_enable 1517.Pq Vt bool 1518If set to 1519.Dq Li YES , 1520run the 1521.Xr keyserv 8 1522daemon on boot for running Secure RPC. 1523.It Va keyserv_flags 1524.Pq Vt str 1525If 1526.Va keyserv_enable 1527is set to 1528.Dq Li YES , 1529these are the flags to pass to 1530.Xr keyserv 8 1531daemon. 1532.It Va pppoed_enable 1533.Pq Vt bool 1534If set to 1535.Dq Li YES , 1536run the 1537.Xr pppoed 8 1538daemon at boot time to provide PPP over Ethernet services. 1539.It Va pppoed_ Ns Ar provider 1540.Pq Vt str 1541.Xr pppoed 8 1542listens to requests to this 1543.Ar provider 1544and ultimately runs 1545.Xr ppp 8 1546with a 1547.Ar system 1548argument of the same name. 1549.It Va pppoed_flags 1550.Pq Vt str 1551Additional flags to pass to 1552.Xr pppoed 8 . 1553.It Va pppoed_interface 1554.Pq Vt str 1555The network interface to run 1556.Xr pppoed 8 1557on. 1558This is mandatory when 1559.Va pppoed_enable 1560is set to 1561.Dq Li YES . 1562.It Va timed_enable 1563.Pq Vt bool 1564If set to 1565.Dq Li YES , 1566run the 1567.Xr timed 8 1568service at boot time. 1569This command is intended for networks of 1570machines where a consistent 1571.Dq "network time" 1572for all hosts must be established. 1573This is often useful in large NFS 1574environments where time stamps on files are expected to be consistent 1575network-wide. 1576.It Va timed_flags 1577.Pq Vt str 1578If 1579.Va timed_enable 1580is set to 1581.Dq Li YES , 1582these are the flags to pass to the 1583.Xr timed 8 1584service. 1585.It Va ntpdate_enable 1586.Pq Vt bool 1587If set to 1588.Dq Li YES , 1589run 1590.Xr ntpdate 8 1591at system startup. 1592This command is intended to 1593synchronize the system clock only 1594.Em once 1595from some standard reference. 1596An option to set this up initially 1597(from a list of known servers) is also provided by the 1598.Xr sysinstall 8 1599program when the system is first installed. 1600.It Va ntpdate_hosts 1601.Pq Vt str 1602A whitespace-separated list of NTP servers to synchronize with at startup. 1603The default is to use the servers listed in 1604.Pa /etc/ntp.conf , 1605if that file exists. 1606.It Va ntpdate_program 1607.Pq Vt str 1608Path to 1609.Xr ntpdate 8 1610(default 1611.Pa /usr/sbin/ntpdate ) . 1612.It Va ntpdate_flags 1613.Pq Vt str 1614If 1615.Va ntpdate_enable 1616is set to 1617.Dq Li YES , 1618these are the flags to pass to the 1619.Xr ntpdate 8 1620command (typically a hostname). 1621.It Va ntpd_enable 1622.Pq Vt bool 1623If set to 1624.Dq Li YES , 1625run the 1626.Xr ntpd 8 1627command at boot time. 1628.It Va ntpd_program 1629.Pq Vt str 1630Path to 1631.Xr ntpd 8 1632(default 1633.Pa /usr/sbin/ntpd ) . 1634.It Va ntpd_flags 1635.Pq Vt str 1636If 1637.Va ntpd_enable 1638is set to 1639.Dq Li YES , 1640these are the flags to pass to the 1641.Xr ntpd 8 1642daemon. 1643.It Va ntpd_sync_on_start 1644.Pq Vt bool 1645If set to 1646.Dq Li YES , 1647.Xr ntpd 8 1648is run with the 1649.Fl g 1650flag, which syncs the system's clock on startup. 1651See 1652.Xr ntpd 8 1653for more information regarding the 1654.Fl g 1655option. 1656This is a preferred alternative to using 1657.Xr ntpdate 8 1658or specifying the 1659.Va ntpdate_enable 1660variable. 1661.It Va nis_client_enable 1662.Pq Vt bool 1663If set to 1664.Dq Li YES , 1665run the 1666.Xr ypbind 8 1667service at system boot time. 1668.It Va nis_client_flags 1669.Pq Vt str 1670If 1671.Va nis_client_enable 1672is set to 1673.Dq Li YES , 1674these are the flags to pass to the 1675.Xr ypbind 8 1676service. 1677.It Va nis_ypset_enable 1678.Pq Vt bool 1679If set to 1680.Dq Li YES , 1681run the 1682.Xr ypset 8 1683daemon at system boot time. 1684.It Va nis_ypset_flags 1685.Pq Vt str 1686If 1687.Va nis_ypset_enable 1688is set to 1689.Dq Li YES , 1690these are the flags to pass to the 1691.Xr ypset 8 1692daemon. 1693.It Va nis_server_enable 1694.Pq Vt bool 1695If set to 1696.Dq Li YES , 1697run the 1698.Xr ypserv 8 1699daemon at system boot time. 1700.It Va nis_server_flags 1701.Pq Vt str 1702If 1703.Va nis_server_enable 1704is set to 1705.Dq Li YES , 1706these are the flags to pass to the 1707.Xr ypserv 8 1708daemon. 1709.It Va nis_ypxfrd_enable 1710.Pq Vt bool 1711If set to 1712.Dq Li YES , 1713run the 1714.Xr rpc.ypxfrd 8 1715daemon at system boot time. 1716.It Va nis_ypxfrd_flags 1717.Pq Vt str 1718If 1719.Va nis_ypxfrd_enable 1720is set to 1721.Dq Li YES , 1722these are the flags to pass to the 1723.Xr rpc.ypxfrd 8 1724daemon. 1725.It Va nis_yppasswdd_enable 1726.Pq Vt bool 1727If set to 1728.Dq Li YES , 1729run the 1730.Xr rpc.yppasswdd 8 1731daemon at system boot time. 1732.It Va nis_yppasswdd_flags 1733.Pq Vt str 1734If 1735.Va nis_yppasswdd_enable 1736is set to 1737.Dq Li YES , 1738these are the flags to pass to the 1739.Xr rpc.yppasswdd 8 1740daemon. 1741.It Va rpc_ypupdated_enable 1742.Pq Vt bool 1743If set to 1744.Dq Li YES , 1745run the 1746.Nm rpc.ypupdated 1747daemon at system boot time. 1748.It Va bsnmpd_enable 1749.Pq Vt bool 1750If set to 1751.Dq Li YES , 1752run the 1753.Xr bsnmpd 1 1754daemon at system boot time. 1755Be sure to understand the security implications of running SNMP daemon 1756on your host. 1757.It Va bsnmpd_flags 1758.Pq Vt str 1759If 1760.Va bsnmpd_enable 1761is set to 1762.Dq Li YES , 1763these are the flags to pass to the 1764.Xr bsnmpd 1 1765daemon. 1766.It Va defaultrouter 1767.Pq Vt str 1768If not set to 1769.Dq Li NO , 1770create a default route to this host name or IP address 1771(use an IP address if this router is also required to get to the 1772name server!). 1773.It Va ipv6_defaultrouter 1774.Pq Vt str 1775The IPv6 equivalent of 1776.Va defaultrouter . 1777.It Va static_routes 1778.Pq Vt str 1779Set to the list of static routes that are to be added at system 1780boot time. 1781If not set to 1782.Dq Li NO 1783then for each whitespace separated 1784.Ar element 1785in the value, a 1786.Va route_ Ns Aq Ar element 1787variable is assumed to exist 1788whose contents will later be passed to a 1789.Dq Nm route Cm add 1790operation. 1791For example: 1792.Bd -literal 1793static_routes="mcast gif0local" 1794route_mcast="-net 224.0.0.0/4 -iface gif0" 1795route_gif0local="-host 169.254.1.1 -iface lo0" 1796.Ed 1797.It Va ipv6_static_routes 1798.Pq Vt str 1799The IPv6 equivalent of 1800.Va static_routes . 1801If not set to 1802.Dq Li NO 1803then for each whitespace separated 1804.Ar element 1805in the value, a 1806.Va ipv6_route_ Ns Aq Ar element 1807variable is assumed to exist 1808whose contents will later be passed to a 1809.Dq Nm route Cm add Fl inet6 1810operation. 1811.It Va natm_static_routes 1812.Pq Vt str 1813The 1814.Xr natmip 4 1815equivalent of 1816.Va static_routes . 1817If not empty then for each whitespace separated 1818.Ar element 1819in the value, a 1820.Va route_ Ns Aq Ar element 1821variable is assumed to exist whose contents will later be passed to a 1822.Dq Nm atmconfig Cm natm Cm add 1823operation. 1824.It Va gateway_enable 1825.Pq Vt bool 1826If set to 1827.Dq Li YES , 1828configure host to act as an IP router, e.g.\& to forward packets 1829between interfaces. 1830.It Va ipv6_gateway_enable 1831.Pq Vt bool 1832The IPv6 equivalent of 1833.Va gateway_enable . 1834.It Va router_enable 1835.Pq Vt bool 1836If set to 1837.Dq Li YES , 1838run a routing daemon of some sort, based on the 1839settings of 1840.Va router 1841and 1842.Va router_flags . 1843.It Va ipv6_router_enable 1844.Pq Vt bool 1845The IPv6 equivalent of 1846.Va router_enable . 1847If set to 1848.Dq Li YES , 1849run a routing daemon of some sort, based on the 1850settings of 1851.Va ipv6_router 1852and 1853.Va ipv6_router_flags . 1854.It Va router 1855.Pq Vt str 1856If 1857.Va router_enable 1858is set to 1859.Dq Li YES , 1860this is the name of the routing daemon to use. 1861.It Va ipv6_router 1862.Pq Vt str 1863The IPv6 equivalent of 1864.Va router . 1865.It Va router_flags 1866.Pq Vt str 1867If 1868.Va router_enable 1869is set to 1870.Dq Li YES , 1871these are the flags to pass to the routing daemon. 1872.It Va ipv6_router_flags 1873.Pq Vt str 1874The IPv6 equivalent of 1875.Va router_flags . 1876.It Va mrouted_enable 1877.Pq Vt bool 1878If set to 1879.Dq Li YES , 1880run the multicast routing daemon, 1881.Xr mrouted 8 . 1882.It Va mroute6d_enable 1883.Pq Vt bool 1884The IPv6 equivalent of 1885.Va mrouted_enable . 1886If set to 1887.Dq Li YES , 1888run the IPv6 multicast routing daemon. 1889Note that no IPv6 multicast routing daemon is included in the 1890.Fx 1891base system but 1892.Xr pim6dd 8 1893can be installed from the 1894.Fx 1895Ports Collection. 1896.It Va mrouted_flags 1897.Pq Vt str 1898If 1899.Va mrouted_enable 1900is set to 1901.Dq Li YES , 1902these are the flags to pass to the 1903.Xr mrouted 8 1904daemon. 1905.It Va mroute6d_flags 1906.Pq Vt str 1907The IPv6 equivalent of 1908.Va mrouted_flags . 1909If 1910.Va mroute6d_enable 1911is set to 1912.Dq Li YES , 1913these are the flags passed to the IPv6 multicast routing daemon. 1914.It Va mroute6d_program 1915.Pq Vt str 1916If 1917.Va mroute6d_enable 1918is set to 1919.Dq Li YES , 1920this is the path to the IPv6 multicast routing daemon. 1921.It Va rtadvd_enable 1922.Pq Vt bool 1923If set to 1924.Dq Li YES , 1925run the 1926.Xr rtadvd 8 1927daemon at boot time. 1928.Xr rtadvd 8 1929will only run if 1930.Va ipv6_gateway_enable 1931is also set to 1932.Dq Li YES . 1933The 1934.Xr rtadvd 8 1935utility sends router advertisement packets to the interfaces specified in 1936.Va rtadvd_interfaces 1937and should only be enabled with great care. 1938You may want to fine-tune 1939.Xr rtadvd.conf 5 . 1940.It Va rtadvd_interfaces 1941.Pq Vt str 1942If 1943.Va rtadvd_enable 1944is set to 1945.Dq Li YES 1946this is the list of interfaces to use. 1947.It Va ipxgateway_enable 1948.Pq Vt bool 1949If set to 1950.Dq Li YES , 1951enable the routing of IPX traffic. 1952.It Va ipxrouted_enable 1953.Pq Vt bool 1954If set to 1955.Dq Li YES , 1956run the 1957.Xr IPXrouted 8 1958daemon at system boot time. 1959.It Va ipxrouted_flags 1960.Pq Vt str 1961If 1962.Va ipxrouted_enable 1963is set to 1964.Dq Li YES , 1965these are the flags to pass to the 1966.Xr IPXrouted 8 1967daemon. 1968.It Va arpproxy_all 1969.Pq Vt bool 1970If set to 1971.Dq Li YES , 1972enable global proxy ARP. 1973.It Va forward_sourceroute 1974.Pq Vt bool 1975If set to 1976.Dq Li YES 1977and 1978.Va gateway_enable 1979is also set to 1980.Dq Li YES , 1981source-routed packets are forwarded. 1982.It Va accept_sourceroute 1983.Pq Vt bool 1984If set to 1985.Dq Li YES , 1986the system will accept source-routed packets directed at it. 1987.It Va rarpd_enable 1988.Pq Vt bool 1989If set to 1990.Dq Li YES , 1991run the 1992.Xr rarpd 8 1993daemon at system boot time. 1994.It Va rarpd_flags 1995.Pq Vt str 1996If 1997.Va rarpd_enable 1998is set to 1999.Dq Li YES , 2000these are the flags to pass to the 2001.Xr rarpd 8 2002daemon. 2003.It Va bootparamd_enable 2004.Pq Vt bool 2005If set to 2006.Dq Li YES , 2007run the 2008.Xr bootparamd 8 2009daemon at system boot time. 2010.It Va bootparamd_flags 2011.Pq Vt str 2012If 2013.Va bootparamd_enable 2014is set to 2015.Dq Li YES , 2016these are the flags to pass to the 2017.Xr bootparamd 8 2018daemon. 2019.It Va stf_interface_ipv4addr 2020.Pq Vt str 2021If not set to 2022.Dq Li NO , 2023this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 2024interface). 2025Specify this entry to enable the 6to4 interface. 2026.It Va stf_interface_ipv4plen 2027.Pq Vt int 2028Prefix length for 6to4 IPv4 addresses, to limit peer address range. 2029An effective value is 0-31. 2030.It Va stf_interface_ipv6_ifid 2031.Pq Vt str 2032IPv6 interface ID for 2033.Xr stf 4 . 2034This can be set to 2035.Dq Li AUTO . 2036.It Va stf_interface_ipv6_slaid 2037.Pq Vt str 2038IPv6 Site Level Aggregator for 2039.Xr stf 4 . 2040.It Va ipv6_faith_prefix 2041.Pq Vt str 2042If not set to 2043.Dq Li NO , 2044this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 2045translator. 2046You also need 2047.Xr faithd 8 2048setup. 2049.It Va ipv6_ipv4mapping 2050.Pq Vt bool 2051If set to 2052.Dq Li YES 2053this enables IPv4 mapped IPv6 address communication (like 2054.Li ::ffff:a.b.c.d ) . 2055.It Va atm_enable 2056.Pq Vt bool 2057Set to 2058.Dq Li YES 2059to enable the configuration of ATM interfaces at system boot time. 2060For all of the ATM variables described below, please refer to the 2061.Xr atm 8 2062man page for further details on the available command parameters. 2063Also refer to the files in 2064.Pa /usr/share/examples/atm 2065for more detailed configuration information. 2066.It Va atm_load 2067.Pq Vt str 2068This is a list of physical ATM interface drivers to load. 2069Typical values are 2070.Dq Li hfa_pci 2071and/or 2072.Dq Li hea_pci . 2073.It Va atm_netif_ Ns Aq Ar intf 2074.Pq Vt str 2075For the ATM physical interface 2076.Ar intf , 2077this variable defines the name prefix and count for the ATM network 2078interfaces to be created. 2079The value will be passed as the parameters of an 2080.Dq Nm atm Cm "set netif" Ar intf 2081command. 2082.It Va atm_sigmgr_ Ns Aq Ar intf 2083.Pq Vt str 2084For the ATM physical interface 2085.Ar intf , 2086this variable defines the ATM signalling manager to be used. 2087The value will be passed as the parameters of an 2088.Dq Nm atm Cm attach Ar intf 2089command. 2090.It Va atm_prefix_ Ns Aq Ar intf 2091.Pq Vt str 2092For the ATM physical interface 2093.Ar intf , 2094this variable defines the NSAP prefix for interfaces using a UNI signalling 2095manager. 2096If set to 2097.Dq Li ILMI , 2098the prefix will automatically be set via the 2099.Xr ilmid 8 2100daemon. 2101Otherwise, the value will be passed as the parameters of an 2102.Dq Nm atm Cm "set prefix" Ar intf 2103command. 2104.It Va atm_macaddr_ Ns Aq Ar intf 2105.Pq Vt str 2106For the ATM physical interface 2107.Ar intf , 2108this variable defines the MAC address for interfaces using a UNI signalling 2109manager. 2110If set to 2111.Dq Li NO , 2112the hardware MAC address contained in the ATM interface card will be used. 2113Otherwise, the value will be passed as the parameters of an 2114.Dq Nm atm Cm "set mac" Ar intf 2115command. 2116.It Va atm_arpserver_ Ns Aq Ar netif 2117.Pq Vt str 2118For the ATM network interface 2119.Ar netif , 2120this variable defines the ATM address for a host which is to provide ATMARP 2121service. 2122This variable is only applicable to interfaces using a UNI signalling 2123manager. 2124If set to 2125.Dq Li local , 2126this host will become an ATMARP server. 2127The value will be passed as the parameters of an 2128.Dq Nm atm Cm "set arpserver" Ar netif 2129command. 2130.It Va atm_scsparp_ Ns Aq Ar netif 2131.Pq Vt bool 2132If set to 2133.Dq Li YES , 2134SCSP/ATMARP service for the network interface 2135.Ar netif 2136will be initiated using the 2137.Xr scspd 8 2138and 2139.Xr atmarpd 8 2140daemons. 2141This variable is only applicable if 2142.Va atm_arpserver_ Ns Aq Ar netif 2143is set to 2144.Dq Li local . 2145.It Va atm_pvcs 2146.Pq Vt str 2147Set to the list of ATM PVCs to be added at system 2148boot time. 2149For each whitespace separated 2150.Ar element 2151in the value, an 2152.Va atm_pvc_ Ns Aq Ar element 2153variable is assumed to exist. 2154The value of each of these variables 2155will be passed as the parameters of an 2156.Dq Nm atm Cm "add pvc" 2157command. 2158.It Va atm_arps 2159.Pq Vt str 2160Set to the list of permanent ATM ARP entries to be added 2161at system boot time. 2162For each whitespace separated 2163.Ar element 2164in the value, an 2165.Va atm_arp_ Ns Aq Ar element 2166variable is assumed to exist. 2167The value of each of these variables 2168will be passed as the parameters of an 2169.Dq Nm atm Cm "add arp" 2170command. 2171.It Va natm_interfaces 2172.Pq Vt str 2173Set to the list of 2174.Xr natm 4 2175interfaces that will also be used for HARP through 2176.Xr harp 4 . 2177If this list is not empty all interfaces in the list will be brought up 2178with 2179.Xr ifconfig 8 2180and 2181.Xr harp 4 2182will be loaded. 2183For this to work the interface drivers must be either compiled into the 2184kernel or must reside on the root partition. 2185.It Va keybell 2186.Pq Vt str 2187The keyboard bell sound. 2188Set to 2189.Dq Li normal , 2190.Dq Li visual , 2191.Dq Li off , 2192or 2193.Dq Li NO 2194if the default behavior is desired. 2195For details, refer to the 2196.Xr kbdcontrol 1 2197manpage. 2198.It Va keyboard 2199.Pq Vt str 2200If set to a non-null string, the virtual console's keyboard input is 2201set to this device. 2202.It Va keymap 2203.Pq Vt str 2204If set to 2205.Dq Li NO , 2206no keymap is installed, otherwise the value is used to install 2207the keymap file in 2208.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2209.It Va keyrate 2210.Pq Vt str 2211The keyboard repeat speed. 2212Set to 2213.Dq Li slow , 2214.Dq Li normal , 2215.Dq Li fast , 2216or 2217.Dq Li NO 2218if the default behavior is desired. 2219.It Va keychange 2220.Pq Vt str 2221If not set to 2222.Dq Li NO , 2223attempt to program the function keys with the value. 2224The value should 2225be a single string of the form: 2226.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2227.It Va cursor 2228.Pq Vt str 2229Can be set to the value of 2230.Dq Li normal , 2231.Dq Li blink , 2232.Dq Li destructive , 2233or 2234.Dq Li NO 2235to set the cursor behavior explicitly or choose the default behavior. 2236.It Va scrnmap 2237.Pq Vt str 2238If set to 2239.Dq Li NO , 2240no screen map is installed, otherwise the value is used to install 2241the screen map file in 2242.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2243.It Va font8x16 2244.Pq Vt str 2245If set to 2246.Dq Li NO , 2247the default 8x16 font value is used for screen size requests, otherwise 2248the value in 2249.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2250is used. 2251.It Va font8x14 2252.Pq Vt str 2253If set to 2254.Dq Li NO , 2255the default 8x14 font value is used for screen size requests, otherwise 2256the value in 2257.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2258is used. 2259.It Va font8x8 2260.Pq Vt str 2261If set to 2262.Dq Li NO , 2263the default 8x8 font value is used for screen size requests, otherwise 2264the value in 2265.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2266is used. 2267.It Va blanktime 2268.Pq Vt int 2269If set to 2270.Dq Li NO , 2271the default screen blanking interval is used, otherwise it is set 2272to 2273.Ar value 2274seconds. 2275.It Va saver 2276.Pq Vt str 2277If not set to 2278.Dq Li NO , 2279this is the actual screen saver to use 2280.Li ( blank , snake , daemon , 2281etc). 2282.It Va moused_nondefault_enable 2283.Pq Vt str 2284If set to 2285.Dq Li NO , 2286the mouse device specified on 2287the command line is not automatically treated as enabled by the 2288.Pa /etc/rc.d/moused 2289script. 2290Having this variable set to 2291.Dq Li YES 2292allows a 2293.Xr usb 4 2294mouse, 2295for example, 2296to be enabled as soon as it is plugged in. 2297.It Va moused_enable 2298.Pq Vt str 2299If set to 2300.Dq Li YES , 2301the 2302.Xr moused 8 2303daemon is started for doing cut/paste selection on the console. 2304.It Va moused_type 2305.Pq Vt str 2306This is the protocol type of the mouse connected to this host. 2307This variable must be set if 2308.Va moused_enable 2309is set to 2310.Dq Li YES . 2311The 2312.Xr moused 8 2313daemon 2314is able to detect the appropriate mouse type automatically in many cases. 2315Set this variable to 2316.Dq Li auto 2317to let the daemon detect it, or 2318select one from the following list if the automatic detection fails. 2319.Pp 2320If the mouse is attached to the PS/2 mouse port, choose 2321.Dq Li auto 2322or 2323.Dq Li ps/2 , 2324regardless of the brand and model of the mouse. 2325Likewise, if the 2326mouse is attached to the bus mouse port, choose 2327.Dq Li auto 2328or 2329.Dq Li busmouse . 2330All other protocols are for serial mice and will not work with 2331the PS/2 and bus mice. 2332If this is a USB mouse, 2333.Dq Li auto 2334is the only protocol type which will work. 2335.Pp 2336.Bl -tag -width ".Li x10mouseremote" -compact 2337.It Li microsoft 2338Microsoft mouse (serial) 2339.It Li intellimouse 2340Microsoft IntelliMouse (serial) 2341.It Li mousesystems 2342Mouse systems Corp.\& mouse (serial) 2343.It Li mmseries 2344MM Series mouse (serial) 2345.It Li logitech 2346Logitech mouse (serial) 2347.It Li busmouse 2348A bus mouse 2349.It Li mouseman 2350Logitech MouseMan and TrackMan (serial) 2351.It Li glidepoint 2352ALPS GlidePoint (serial) 2353.It Li thinkingmouse 2354Kensington ThinkingMouse (serial) 2355.It Li ps/2 2356PS/2 mouse 2357.It Li mmhittab 2358MM HitTablet (serial) 2359.It Li x10mouseremote 2360X10 MouseRemote (serial) 2361.It Li versapad 2362Interlink VersaPad (serial) 2363.El 2364.Pp 2365Even if the mouse is not in the above list, it may be compatible 2366with one in the list. 2367Refer to the man page for 2368.Xr moused 8 2369for compatibility information. 2370.Pp 2371It should also be noted that while this is enabled, any 2372other client of the mouse (such as an X server) should access 2373the mouse through the virtual mouse device, 2374.Pa /dev/sysmouse , 2375and configure it as a 2376.Dq Li sysmouse 2377type mouse, since all 2378mouse data is converted to this single canonical format when 2379using 2380.Xr moused 8 . 2381If the client program does not support the 2382.Dq Li sysmouse 2383type, 2384specify the 2385.Dq Li mousesystems 2386type. 2387It is the second preferred type. 2388.It Va moused_port 2389.Pq Vt str 2390If 2391.Va moused_enable 2392is set to 2393.Dq Li YES , 2394this is the actual port the mouse is on. 2395It might be 2396.Pa /dev/cuad0 2397for a COM1 serial mouse, 2398.Pa /dev/psm0 2399for a PS/2 mouse or 2400.Pa /dev/mse0 2401for a bus mouse, for example. 2402.It Va moused_flags 2403.Pq Vt str 2404If 2405.Va moused_type 2406is set, these are the additional flags to pass to the 2407.Xr moused 8 2408daemon. 2409.It Va mousechar_start 2410.Pq Vt int 2411If set to 2412.Dq Li NO , 2413the default mouse cursor character range 2414.Li 0xd0 Ns - Ns Li 0xd3 2415is used, 2416otherwise the range start is set 2417to 2418.Ar value 2419character, see 2420.Xr vidcontrol 1 . 2421Use if the default range is occupied in the language code table. 2422.It Va allscreens_flags 2423.Pq Vt str 2424If set, 2425.Xr vidcontrol 1 2426is run with these options for each of the virtual terminals 2427.Pq Pa /dev/ttyv* . 2428For example, 2429.Dq Fl m Cm on 2430will enable the mouse pointer on all virtual terminals 2431if 2432.Va moused_enable 2433is set to 2434.Dq Li YES . 2435.It Va allscreens_kbdflags 2436.Pq Vt str 2437If set, 2438.Xr kbdcontrol 1 2439is run with these options for each of the virtual terminals 2440.Pq Pa /dev/ttyv* . 2441For example, 2442.Dq Fl h Li 200 2443will set the 2444.Xr syscons 4 2445scrollback (history) buffer to 200 lines. 2446.It Va cron_enable 2447.Pq Vt bool 2448If set to 2449.Dq Li YES , 2450run the 2451.Xr cron 8 2452daemon at system boot time. 2453.It Va cron_program 2454.Pq Vt str 2455Path to 2456.Xr cron 8 2457(default 2458.Pa /usr/sbin/cron ) . 2459.It Va cron_flags 2460.Pq Vt str 2461If 2462.Va cron_enable 2463is set to 2464.Dq Li YES , 2465these are the flags to pass to 2466.Xr cron 8 . 2467.It Va cron_dst 2468.Pq Vt bool 2469If set to 2470.Dq Li YES , 2471enable the special handling of transitions to and from the 2472Daylight Saving Time in 2473.Xr cron 8 2474(equivalent to using the flag 2475.Fl s ) . 2476.It Va lpd_program 2477.Pq Vt str 2478Path to 2479.Xr lpd 8 2480(default 2481.Pa /usr/sbin/lpd ) . 2482.It Va lpd_enable 2483.Pq Vt bool 2484If set to 2485.Dq Li YES , 2486run the 2487.Xr lpd 8 2488daemon at system boot time. 2489.It Va lpd_flags 2490.Pq Vt str 2491If 2492.Va lpd_enable 2493is set to 2494.Dq Li YES , 2495these are the flags to pass to the 2496.Xr lpd 8 2497daemon. 2498.It Va chkprintcap_enable 2499.Pq Vt bool 2500If set to 2501.Dq Li YES , 2502run the 2503.Xr chkprintcap 8 2504command before starting the 2505.Xr lpd 8 2506daemon. 2507.It Va chkprintcap_flags 2508.Pq Vt str 2509If 2510.Va lpd_enable 2511and 2512.Va chkprintcap_enable 2513are set to 2514.Dq Li YES , 2515these are the flags to pass to the 2516.Xr chkprintcap 8 2517program. 2518The default is 2519.Dq Li -d , 2520which causes missing directories to be created. 2521.It Va mta_start_script 2522.Pq Vt str 2523This variable specifies the full path to the script to run to start 2524a mail transfer agent. 2525The default is 2526.Pa /etc/rc.sendmail . 2527The 2528.Va sendmail_* 2529variables which 2530.Pa /etc/rc.sendmail 2531uses are documented in the 2532.Xr rc.sendmail 8 2533man page. 2534.It Va dumpdev 2535.Pq Vt str 2536Indicates the device (usually a swap partition) to which a crash dump 2537should be written in the event of a system crash. 2538If the value of this variable is 2539.Dq Li AUTO , 2540the first suitable swap device listed in 2541.Pa /etc/fstab 2542will be used as dump device. 2543Otherwise, the value of this variable is passed as the argument to 2544.Xr dumpon 8 . 2545To disable crash dumps, set this variable to 2546.Dq Li NO . 2547.It Va dumpdir 2548.Pq Vt str 2549When the system reboots after a crash and a crash dump is found on the 2550device specified by the 2551.Va dumpdev 2552variable, 2553.Xr savecore 8 2554will save that crash dump and a copy of the kernel to the directory 2555specified by the 2556.Va dumpdir 2557variable. 2558The default value is 2559.Pa /var/crash . 2560Set to 2561.Dq Li NO 2562to not run 2563.Xr savecore 8 2564at boot time when 2565.Va dumpdir 2566is set. 2567.It Va savecore_flags 2568.Pq Vt str 2569If crash dumps are enabled, these are the flags to pass to the 2570.Xr savecore 8 2571utility. 2572.It Va enable_quotas 2573.Pq Vt bool 2574Set to 2575.Dq Li YES 2576to turn on user disk quotas on system startup via the 2577.Xr quotaon 8 2578command. 2579.It Va check_quotas 2580.Pq Vt bool 2581Set to 2582.Dq Li YES 2583to enable user disk quota checking via the 2584.Xr quotacheck 8 2585command. 2586.It Va accounting_enable 2587.Pq Vt bool 2588Set to 2589.Dq Li YES 2590to enable system accounting through the 2591.Xr accton 8 2592facility. 2593.It Va ibcs2_enable 2594.Pq Vt bool 2595Set to 2596.Dq Li YES 2597to enable iBCS2 (SCO) binary emulation at system initial boot 2598time. 2599.It Va ibcs2_loaders 2600.Pq Vt str 2601If not set to 2602.Dq Li NO 2603and if 2604.Va ibcs2_enable 2605is set to 2606.Dq Li YES , 2607this specifies a list of additional iBCS2 loaders to enable. 2608.It Va linux_enable 2609.Pq Vt bool 2610Set to 2611.Dq Li YES 2612to enable Linux/ELF binary emulation at system initial 2613boot time. 2614.It Va osf1_enable 2615.Pq Vt bool 2616Set to 2617.Dq Li YES 2618to enable OSF/1 (Digital UNIX) binary emulation at system 2619initial boot time. 2620(alpha) 2621.It Va svr4_enable 2622.Pq Vt bool 2623If set to 2624.Dq Li YES , 2625enable SysVR4 emulation at boot time. 2626.It Va sysvipc_enable 2627.Pq Vt bool 2628If set to 2629.Dq Li YES , 2630load System V IPC primitives at boot time. 2631.It Va clear_tmp_enable 2632.Pq Vt bool 2633Set to 2634.Dq Li YES 2635to have 2636.Pa /tmp 2637cleaned at startup. 2638.It Va ldconfig_paths 2639.Pq Vt str 2640Set to the list of shared library paths to use with 2641.Xr ldconfig 8 . 2642NOTE: 2643.Pa /usr/lib 2644will always be added first, so it need not appear in this list. 2645.It Va ldconfig_paths_aout 2646.Pq Vt str 2647Set to the list of shared library paths to use with 2648.Xr ldconfig 8 2649legacy 2650.Xr a.out 5 2651support. 2652.It Va ldconfig_insecure 2653.Pq Vt bool 2654The 2655.Xr ldconfig 8 2656utility normally refuses to use directories 2657which are writable by anyone except root. 2658Set this variable to 2659.Dq Li YES 2660to disable that security check during system startup. 2661.It Va kern_securelevel_enable 2662.Pq Vt bool 2663Set to 2664.Dq Li YES 2665to set the kernel security level at system startup. 2666.It Va kern_securelevel 2667.Pq Vt int 2668The kernel security level to set at startup. 2669The allowed range of 2670.Ar value 2671ranges from \-1 (the compile time default) to 3 (the 2672most secure). 2673See 2674.Xr init 8 2675for the list of possible security levels and their effect 2676on system operation. 2677.It Va sshd_program 2678.Pq Vt str 2679Path to the SSH server program 2680.Pa ( /usr/sbin/sshd 2681is the default). 2682.It Va sshd_enable 2683.Pq Vt bool 2684Set to 2685.Dq Li YES 2686to start 2687.Xr sshd 8 2688at system boot time. 2689.It Va sshd_flags 2690.Pq Vt str 2691If 2692.Va sshd_enable 2693is set to 2694.Dq Li YES , 2695these are the flags to pass to the 2696.Xr sshd 8 2697daemon. 2698.It Va usbd_enable 2699.Pq Vt bool 2700If set to 2701.Dq Li YES , 2702run the 2703.Xr usbd 8 2704daemon at boot time. 2705.It Va usbd_flags 2706.Pq Vt str 2707If 2708.Va usbd_enable 2709is set to 2710.Dq Li YES , 2711these are the flags passed to the 2712.Xr usbd 8 2713daemon. 2714.It Va watchdogd_enable 2715.Pq Vt bool 2716If set to 2717.Dq Li YES , 2718start the 2719.Xr watchdogd 8 2720daemon at boot time. 2721This requires that the kernel have been compiled with a 2722.Xr watchdog 4 2723compatible device. 2724.It Va watchdogd_flags 2725.Pq Vt str 2726If 2727.Va watchdogd_enable 2728is set to 2729.Dq Li YES , 2730these are the flags passed to the 2731.Xr watchdogd 8 2732daemon. 2733.It Va performance_cx_lowest 2734.Pq Vt str 2735CPU idle state to use while on AC power. 2736The string 2737.Dq Li LOW 2738indicates that 2739.Xr acpi 4 2740should use the lowest power state available while 2741.Dq Li HIGH 2742indicates that the lowest latency state (less power savings) should be used. 2743.It Va performance_cpu_freq 2744.Pq Vt str 2745CPU clock frequency to use while on AC power. 2746The string 2747.Dq Li LOW 2748indicates that 2749.Xr cpufreq 4 2750should use the lowest frequency available while 2751.Dq Li HIGH 2752indicates that the highest frequency (less power savings) should be used. 2753.It Va economy_cx_lowest 2754.Pq Vt str 2755CPU idle state to use when off AC power. 2756The string 2757.Dq Li LOW 2758indicates that 2759.Xr acpi 4 2760should use the lowest power state available while 2761.Dq Li HIGH 2762indicates that the lowest latency state (less power savings) should be used. 2763.It Va economy_cpu_freq 2764.Pq Vt str 2765CPU clock frequency to use when off AC power. 2766The string 2767.Dq Li LOW 2768indicates that 2769.Xr cpufreq 4 2770should use the lowest frequency available while 2771.Dq Li HIGH 2772indicates that the highest frequency (less power savings) should be used. 2773.It Va jail_enable 2774.Pq Vt bool 2775If set to 2776.Dq Li NO , 2777any configured jails will not be started. 2778.It Va jail_list 2779.Pq Vt str 2780A space separated list of names for jails. 2781This is purely a configuration aid to help identify and 2782configure multiple jails. 2783The names specified in this list will be used to 2784identify settings common to an instance of a jail. 2785Assuming that the jail in question was named 2786.Li vjail , 2787you would have the following dependant variables: 2788.Bd -literal 2789jail_vjail_hostname="jail.example.com" 2790jail_vjail_ip="192.168.1.100" 2791jail_vjail_rootdir="/var/jails/vjail/root" 2792jail_vjail_exec="/bin/sh /etc/rc" 2793.Ed 2794.Pp 2795The last one is optional. 2796It defaults to 2797.Pa /etc/rc 2798if it is not set. 2799.It Va jail_set_hostname_allow 2800.Pq Vt bool 2801If set to 2802.Dq Li NO , 2803do not allow the root user in a jail to set its hostname. 2804.It Va jail_socket_unixiproute_only 2805.Pq Vt bool 2806If set to 2807.Dq Li NO , 2808do not allow any protocol, 2809besides TCP/IP, 2810to be used within a jail. 2811.It Va jail_sysvipc_allow 2812.Pq Vt bool 2813If set to 2814.Dq Li YES , 2815allow applications within a jail to use System V IPC. 2816.It Va unaligned_print 2817.Pq Vt bool 2818If set to 2819.Dq Li NO , 2820unaligned access warnings will not be printed. 2821(alpha) 2822.\" ----- isdn settings --------------------------------- 2823.It Va isdn_enable 2824.Pq Vt bool 2825Set to 2826.Dq Li NO 2827by default. 2828When set to 2829.Dq Li YES , 2830starts the 2831.Xr isdnd 8 2832daemon 2833at system boot time. 2834.It Va isdn_flags 2835.Pq Vt str 2836Set to 2837.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 2838by default. 2839Additional flags to pass to 2840.Xr isdnd 8 2841(but see 2842.Va isdn_fsdev 2843and 2844.Va isdn_ttype 2845for certain tunable parameters). 2846.It Va isdn_ttype 2847.Pq Vt str 2848Set to 2849.Dq Li cons25 2850by default. 2851The terminal type of the output device when 2852.Xr isdnd 8 2853operates in full-screen mode. 2854.It Va isdn_screenflags 2855.Pq Vt str 2856Set to 2857.Dq Li NO 2858by default. 2859The video mode for full-screen mode (only for 2860.Xr syscons 4 2861console driver, see 2862.Xr vidcontrol 1 2863for valid modes). 2864.It Va isdn_fsdev 2865.Pq Vt str 2866Set to 2867.Dq Li NO 2868by default. 2869The output device for 2870.Xr isdnd 8 2871in full-screen mode (or 2872.Dq Li NO 2873for daemon mode). 2874.It Va isdn_trace 2875.Pq Vt bool 2876Set to 2877.Dq Li NO 2878by default. 2879When set to 2880.Dq Li YES , 2881enables the ISDN protocol trace utility 2882.Xr isdntrace 8 2883at system boot time. 2884.It Va isdn_traceflags 2885.Pq Vt str 2886Set to 2887.Dq Fl f Pa /var/tmp/isdntrace0 2888by default. 2889Flags for 2890.Xr isdntrace 8 . 2891.\" ----------------------------------------------------- 2892.It Va pcvt_verbose 2893.Pq Vt bool 2894Set to 2895.Dq Li NO 2896by default. 2897When set to 2898.Dq Li YES , 2899verbose messages about the actions done by the start script are displayed. 2900.Em Note : 2901the 2902.Xr pcvt 4 2903driver must be compiled into the kernel before the 2904.Xr pcvt 4 2905related 2906options described here take any effect. 2907.It Va pcvt_keymap 2908.Pq Vt str 2909Set to 2910.Dq Li NO 2911by default. 2912Use this to configure a national keyboard mapping found in the 2913.Pa /usr/share/misc/keycap.pcvt 2914file of keyboard mappings. 2915(See also the manual pages 2916.Xr keycap 5 2917and 2918.Xr keycap 3 2919for usage of 2920.Xr pcvt 4 Ns 's 2921keycap database and the manual page 2922.Xr kcon 1 2923option 2924.Fl m 2925for national keyboard mapping configuration.) 2926.It Va pcvt_keydel 2927.Pq Vt int 2928Set to 2929.Dq Li NO 2930by default. 2931Used to set the keyboard key repeat delay value. 2932Valid values are 2933in the range 0..3 for delay values of 250, 500, 750 and 1000 msec. 2934(See also the 2935.Xr kcon 1 2936manual page.) 2937.It Va pcvt_keyrate 2938.Pq Vt int 2939Set to 2940.Dq Li NO 2941by default. 2942Used to set the keyboard key repetition rate value. 2943Valid values are 2944in the range 0..31 for repetition values of 2..30 characters per second. 2945.It Va pcvt_keyrepeat 2946.Pq Vt bool 2947Set to 2948.Dq Li NO 2949by default. 2950Set to 2951.Dq Li YES 2952to enable automatic keyboard key repeating. 2953.It Va pcvt_force24 2954.Pq Vt bool 2955Set to 2956.Dq Li NO 2957by default. 2958Set to 2959.Dq Li YES 2960to force 2961.Xr pcvt 4 2962to use 24 lines only (in 25 lines mode) for compatibility 2963with the original 2964.Tn VT220 2965terminal. 2966.It Va pcvt_hpext 2967.Pq Vt bool 2968Set to 2969.Dq Li NO 2970by default. 2971Set to 2972.Dq Li YES 2973to enable the display and functionality of function key labels (as found 2974on 2975.Tn Hewlett-Packard 2976terminals such as the 2977.Tn HP2392A 2978and the 2979.Tn HP700/92 2980in 2981.Tn ANSI 2982mode). 2983.It Va pcvt_lines 2984.Pq Vt int 2985Set to 2986.Dq Li NO 2987by default resulting in a value of 25. 2988Used to set the number of lines on the screen. 2989For VGA displays, valid 2990values are 25, 28, 40 and 50 lines. 2991(See also the 2992.Xr scon 1 2993manual page.) 2994.It Va pcvt_blanktime 2995.Pq Vt int 2996Set to 2997.Dq Li NO 2998by default. 2999Used to set the screen saver timeout in seconds for values greater than 3000zero. 3001.It Va pcvt_cursorh 3002.Pq Vt int 3003Set to 3004.Dq Li NO 3005by default. 3006Used to set the cursor top scanline. 3007(See also the 3008.Xr cursor 1 3009manual page.) 3010.It Va pcvt_cursorl 3011.Pq Vt int 3012Set to 3013.Dq Li NO 3014by default. 3015Used to set the cursor bottom scanline. 3016.It Va pcvt_monohigh 3017.Pq Vt bool 3018Set to 3019.Dq Li NO 3020by default. 3021Set to 3022.Dq Li YES 3023to set intensity to high on monochrome monitors. 3024(See also the 3025.Xr scon 1 3026manual page, option 3027.Fl p , 3028for more information on changing VGA palette 3029values.) 3030.It Va harvest_interrupt 3031.Pq Vt bool 3032Set to 3033.Dq Li YES 3034to use hardware interrupts as an entropy source. 3035Refer to 3036.Xr random 4 3037for more information. 3038.It Va harvest_ethernet 3039.Pq Vt bool 3040Set to 3041.Dq Li YES 3042to use LAN traffic as an entropy source. 3043Refer to 3044.Xr random 4 3045for more information. 3046.It Va harvest_p_to_p 3047.Pq Vt bool 3048Set to 3049.Dq Li YES 3050to use serial line traffic as an entropy source. 3051Refer to 3052.Xr random 4 3053for more information. 3054.It Va entropy_dir 3055.Pq Vt str 3056Set to 3057.Dq Li NO 3058to disable caching entropy via 3059.Xr cron 8 . 3060Otherwise set to the directory used to store entropy files in. 3061.It Va entropy_file 3062.Pq Vt str 3063Set to 3064.Dq Li NO 3065to disable caching entropy through reboots. 3066Otherwise set to the filename used to store cached entropy through 3067reboots. 3068This file should be located on the root file system to seed the 3069.Xr random 4 3070device as early as possible in the boot process. 3071.It Va entropy_save_sz 3072.Pq Vt int 3073Size of the entropy cache files saved by 3074.Nm save-entropy 3075periodically. 3076.It Va entropy_save_num 3077.Pq Vt int 3078Number of entropy cache files to save by 3079.Nm save-entropy 3080periodically. 3081.It Va ipsec_enable 3082.Pq Vt bool 3083Set to 3084.Dq Li YES 3085to run 3086.Xr setkey 8 3087on 3088.Va ipsec_file 3089at boot time. 3090.It Va ipsec_file 3091.Pq Vt str 3092Configuration file for 3093.Xr setkey 8 . 3094.It Va dmesg_enable 3095.Pq Vt bool 3096Set to 3097.Dq Li YES 3098to save 3099.Xr dmesg 8 3100to 3101.Pa /var/run/dmesg.boot 3102on boot. 3103.It Va rcshutdown_timeout 3104.Pq Vt int 3105If set, start a watchdog timer in the background which will terminate 3106.Pa rc.shutdown 3107if 3108.Xr shutdown 8 3109has not completed within the specified time (in seconds). 3110.It Va virecover_enable 3111.Pq Vt bool 3112Set to 3113.Dq Li NO 3114to prevent the system from trying to 3115recover pre-maturely terminated 3116.Xr vi 1 3117sessions. 3118.It Va ugidfw_enable 3119.Pq Vt bool 3120Set to 3121.Dq Li YES 3122to load the 3123.Xr mac_bsdextended 4 3124module upon system initialization and load a default 3125ruleset file. 3126.It Va bsdextended_script 3127.Pq Vt str 3128The default 3129.Xr mac_bsdextended 4 3130ruleset file to load. 3131The default value of this variable is 3132.Pa /etc/rc.bsdextended . 3133.It Va newsyslog_enable 3134.Pq Vt bool 3135If set to 3136.Dq Li YES , 3137run 3138.Xr newsyslog 8 3139command at startup. 3140.It Va newsyslog_flags 3141.Pq Vt str 3142If 3143.Va newsyslog_enable 3144is set to 3145.Dq Li YES , 3146these are the flags to pass to the 3147.Xr newsyslog 8 3148program. 3149The default is 3150.Dq Li -CN , 3151which causes log files flagged with a 3152.Cm C 3153to be created. 3154.It Va ramdisk_units 3155.Pq Vt str 3156A list of one or more ramdisk units to configure with 3157.Xr mdconfig 8 3158and 3159.Xr newfs 8 3160in time to be mounted from 3161.Xr fstab 5 . 3162Each listed unit 3163.Ar X 3164must specify at least a 3165.Ar type 3166in a 3167.Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 3168variable. 3169.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 3170.Pq Vt str 3171Arguments to 3172.Xr mdconfig 8 3173for ramdisk 3174.Ar X . 3175At minimum a 3176.Fl t Ar type 3177must be specified, where 3178.Ar type 3179must be one of 3180.Cm malloc 3181or 3182.Cm swap . 3183.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _newfs 3184.Pq Vt str 3185Optional arguments passed to 3186.Xr newfs 8 3187to initialize ramdisk 3188.Ar X . 3189.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _owner 3190.Pq Vt str 3191An ownership specification passed to 3192.Xr chown 8 3193after the specified ramdisk unit 3194.Ar X 3195has been mounted. 3196Both the 3197.Xr md 4 3198device and the mount point will be changed. 3199.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _perms 3200.Pq Vt str 3201A mode string passed to 3202.Xr chmod 1 3203after the specified ramdisk unit 3204.Ar X 3205has been mounted. 3206Both the 3207.Xr md 4 3208device and the mount point will be changed. 3209.El 3210.Sh FILES 3211.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 3212.It Pa /etc/defaults/rc.conf 3213.It Pa /etc/rc.conf 3214.It Pa /etc/rc.conf.local 3215.El 3216.Sh SEE ALSO 3217.Xr catman 1 , 3218.Xr chmod 1 , 3219.Xr gdb 1 , 3220.Xr info 1 , 3221.Xr kbdcontrol 1 , 3222.Xr makewhatis 1 , 3223.Xr vi 1 , 3224.Xr vidcontrol 1 , 3225.Xr ip 4 , 3226.Xr kld 4 , 3227.Xr tcp 4 , 3228.Xr udp 4 , 3229.Xr exports 5 , 3230.Xr motd 5 , 3231.Xr newsyslog.conf 5 , 3232.Xr accton 8 , 3233.Xr amd 8 , 3234.Xr apm 8 , 3235.Xr atm 8 , 3236.Xr chkprintcap 8 , 3237.Xr chown 8 , 3238.Xr cron 8 , 3239.Xr dhclient 8 , 3240.Xr ifconfig 8 , 3241.Xr inetd 8 , 3242.Xr isdnd 8 , 3243.Xr isdntrace 8 , 3244.Xr kldxref 8 , 3245.Xr lpd 8 , 3246.Xr mdconfig 8 , 3247.Xr mdmfs 8 , 3248.Xr mountd 8 , 3249.Xr moused 8 , 3250.Xr mrouted 8 , 3251.Xr named 8 , 3252.Xr newfs 8 , 3253.Xr newsyslog 8 , 3254.Xr nfsd 8 , 3255.Xr ntpd 8 , 3256.Xr ntpdate 8 , 3257.Xr pcnfsd 8 , 3258.Xr quotacheck 8 , 3259.Xr quotaon 8 , 3260.Xr rc 8 , 3261.Xr rc.sendmail 8 , 3262.Xr route 8 , 3263.Xr routed 8 , 3264.Xr rpcbind 8 , 3265.Xr rpc.lockd 8 , 3266.Xr rpc.statd 8 , 3267.Xr rwhod 8 , 3268.Xr savecore 8 , 3269.Xr sshd 8 , 3270.Xr swapon 8 , 3271.Xr sysctl 8 , 3272.Xr syslogd 8 , 3273.Xr timed 8 , 3274.Xr usbd 8 , 3275.Xr yp 8 , 3276.Xr ypbind 8 , 3277.Xr ypserv 8 , 3278.Xr ypset 8 3279.Sh HISTORY 3280The 3281.Nm 3282file appeared in 3283.Fx 2.2.2 . 3284.Sh AUTHORS 3285.An Jordan K. Hubbard . 3286