1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd March 6, 2007 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67See the 68.Va rc_conf_files 69variable below. 70.Pp 71Options are set with 72.Dq Ar name Ns Li = Ns Ar value 73assignments that use 74.Xr sh 1 75syntax. 76The following list provides a name and short description for each 77variable that can be set in the 78.Nm 79file: 80.Bl -tag -width indent-two 81.It Va rc_debug 82.Pq Vt bool 83If set to 84.Dq Li YES , 85enable output of debug messages from rc scripts. 86This variable can be helpful in diagnosing mistakes when 87editing or integrating new scripts. 88Beware that this produces copious output to the terminal and 89.Xr syslog 3 . 90.It Va rc_info 91.Pq Vt bool 92If set to 93.Dq Li NO , 94disable informational messages from the rc scripts. 95Informational messages are displayed when 96a condition that is not serious enough to warrant a warning or 97an error occurs. 98.It Va early_late_divider 99.Pq Vt str 100The name of the script that should be used as the 101delimiter between the 102.Dq early 103and 104.Dq late 105stages of the boot process. 106The early stage should contain all the services needed to 107get the disks (local or remote) mounted so that the late 108stage can include scripts contained in the directories 109listed in the 110.Va local_startup 111variable (see below). 112Thus, the two likely candidates for this value are 113.Pa mountcritlocal 114for the typical system, and 115.Pa mountcritremote 116if the system needs remote file 117systems mounted to get access to the 118.Va local_startup 119directories; for example when 120.Pa /usr/local 121is NFS mounted. 122For 123.Pa rc.conf 124within a 125.Xr jail 8 126.Pa NETWORKING 127is likely to be an appropriate value. 128Extreme care should be taken when changing this value, 129and before changing it one should ensure that there are 130adequate provisions to recover from a failed boot 131(such as physical contact with the machine, 132or reliable remote console access). 133.It Va swapfile 134.Pq Vt str 135If set to 136.Dq Li NO , 137no swapfile is installed, otherwise the value is used as the full 138pathname to a file to use for additional swap space. 139.It Va apm_enable 140.Pq Vt bool 141If set to 142.Dq Li YES , 143enable support for Automatic Power Management with 144the 145.Xr apm 8 146command. 147.It Va apmd_enable 148.Pq Vt bool 149Run 150.Xr apmd 8 151to handle APM event from userland. 152This also enables support for APM. 153.It Va apmd_flags 154.Pq Vt str 155If 156.Va apmd_enable 157is set to 158.Dq Li YES , 159these are the flags to pass to the 160.Xr apmd 8 161daemon. 162.It Va devd_enable 163.Pq Vt bool 164Run 165.Xr devd 8 166to handle device added, removed or unknown events from the kernel. 167.It Va kldxref_enable 168.Pq Vt bool 169Set to 170.Dq Li NO 171by default. 172Set to 173.Dq Li YES 174to automatically rebuild 175.Pa linker.hints 176files with 177.Xr kldxref 8 178at boot time. 179.It Va kldxref_clobber 180.Pq Vt bool 181Set to 182.Dq Li NO 183by default. 184If 185.Va kldxref_enable 186is true, 187setting to 188.Dq Li YES 189will overwrite existing 190.Pa linker.hints 191files at boot time. 192Otherwise, 193only missing 194.Pa linker.hints 195files are generated. 196.It Va kldxref_module_path 197.Pq Vt str 198Empty by default. 199A semi-colon 200.Pq Ql \&; 201delimited list of paths containing 202.Xr kld 4 203modules. 204If empty, 205the contents of the 206.Va kern.module_path 207.Xr sysctl 8 208are used. 209.It Va powerd_enable 210.Pq Vt bool 211If set to 212.Dq Li YES , 213enable the system power control facility with the 214.Xr powerd 8 215daemon. 216.It Va powerd_flags 217.Pq Vt str 218If 219.Va powerd_enable 220is set to 221.Dq Li YES , 222these are the flags to pass to the 223.Xr powerd 8 224daemon. 225.It Va tmpmfs 226Controls the creation of a 227.Pa /tmp 228memory file system. 229Always happens if set to 230.Dq Li YES 231and never happens if set to 232.Dq Li NO . 233If set to anything else, a memory file system is created if 234.Pa /tmp 235is not writable. 236.It Va tmpsize 237Controls the size of a created 238.Pa /tmp 239memory file system. 240.It Va tmpmfs_flags 241Extra options passed to the 242.Xr mdmfs 8 243utility when the memory file system for 244.Pa /tmp 245is created. 246The default is 247.Dq Li "-S" , 248which inhibits the use of softupdates on 249.Pa /tmp 250so that file system space is freed without delay 251after file truncation or deletion. 252See 253.Xr mdmfs 8 254for other options you can use in 255.Va tmpmfs_flags . 256.It Va varmfs 257Controls the creation of a 258.Pa /var 259memory file system. 260Always happens if set to 261.Dq Li YES 262and never happens if set to 263.Dq Li NO . 264If set to anything else, a memory file system is created if 265.Pa /var 266is not writable. 267.It Va varsize 268Controls the size of a created 269.Pa /var 270memory file system. 271.It Va varmfs_flags 272Extra options passed to the 273.Xr mdmfs 8 274utility when the memory file system for 275.Pa /var 276is created. 277The default is 278.Dq Li "-S" , 279which inhibits the use of softupdates on 280.Pa /var 281so that file system space is freed without delay 282after file truncation or deletion. 283See 284.Xr mdmfs 8 285for other options you can use in 286.Va varmfs_flags . 287.It Va populate_var 288Controls the automatic population of the 289.Pa /var 290file system. 291Always happens if set to 292.Dq Li YES 293and never happens if set to 294.Dq Li NO . 295If set to anything else, a memory file system is created if 296.Pa /var 297is not writable. 298Note that this process requires access to certain commands in 299.Pa /usr 300before 301.Pa /usr 302is mounted on normal systems. 303.It Va cleanvar_enable 304.Pq Vt bool 305Clean the 306.Pa /var 307directory. 308.It Va local_startup 309.Pq Vt str 310List of directories to search for startup script files. 311.It Va script_name_sep 312.Pq Vt str 313The field separator to use for breaking down the list of startup script files 314into individual filenames. 315The default is a space. 316It is not necessary to change this unless there are startup scripts with names 317containing spaces. 318.It Va hostapd_enable 319.Pq Vt bool 320Set to 321.Dq Li YES 322to start 323.Xr hostapd 8 324at system boot time. 325.It Va hostname 326.Pq Vt str 327The fully qualified domain name (FQDN) of this host on the network. 328This should almost certainly be set to something meaningful, even if 329there is no network connection. 330If 331.Xr dhclient 8 332is used to set the hostname via DHCP, 333this variable should be set to an empty string. 334.It Va ipv6_enable 335.Pq Vt bool 336Enable support for IPv6 networking. 337Note that this requires that the kernel has been compiled with 338.Cd "options INET6" . 339.It Va nisdomainname 340.Pq Vt str 341The NIS domain name of this host, or 342.Dq Li NO 343if NIS is not used. 344.It Va dhclient_program 345.Pq Vt str 346Path to the DHCP client program 347.Pa ( /sbin/dhclient , 348the 349.Ox 350DHCP client, 351is the default). 352.It Va dhclient_flags 353.Pq Vt str 354Additional flags to pass to the DHCP client program. 355For the 356.Ox 357DHCP client, see the 358.Xr dhclient 8 359manpage for a description of the command line options available. 360.It Va dhclient_flags_ Ns Aq Ar iface 361Additional flags to pass to the DHCP client program running on 362.Ar iface 363only. 364When specified, this variable overrides 365.Va dhclient_flags . 366.It Va background_dhclient 367.Pq Vt bool 368Set to 369.Dq Li YES 370to start the DHCP client in background. 371This can cause trouble with applications depending on 372a working network, but it will provide a faster startup 373in many cases. 374.It Va background_dhclient_ Ns Aq Ar iface 375When specified, this variable overrides the 376.Va background_dhclient 377variable for interface 378.Ar iface 379only. 380.It Va synchronous_dhclient 381.Pq Bt bool 382Set to 383.Dq Li NO 384to start 385.Xr dhclient 8 386only in response to interface events and not synchronously at startup. 387This behavior can be overridden on a per-interface basis by replacing 388the 389.Dq Li DHCP 390keyword in the 391.Va ifconfig_ Ns Aq Ar interface 392variable with 393.Dq Li SYNCDHCP 394or 395.Dq Li NOSYNCDHCP . 396.It Va firewall_enable 397.Pq Vt bool 398Set to 399.Dq Li YES 400to load firewall rules at startup. 401If the kernel was not built with 402.Cd "options IPFIREWALL" , 403the 404.Pa ipfw.ko 405kernel module will be loaded. 406See also 407.Va ipfilter_enable . 408.It Va ipv6_firewall_enable 409.Pq Vt bool 410The IPv6 equivalent of 411.Va firewall_enable . 412Set to 413.Dq Li YES 414to load IPv6 firewall rules at startup. 415If the kernel was not built with 416.Cd "options IPV6FIREWALL" , 417the 418.Pa ipfw.ko 419kernel module will be loaded. 420.It Va firewall_script 421.Pq Vt str 422This variable specifies the full path to the firewall script to run. 423The default is 424.Pa /etc/rc.firewall . 425.It Va ipv6_firewall_script 426.Pq Vt str 427The IPv6 equivalent of 428.Va firewall_script . 429.It Va firewall_type 430.Pq Vt str 431Names the firewall type from the selection in 432.Pa /etc/rc.firewall , 433or the file which contains the local firewall ruleset. 434Valid selections from 435.Pa /etc/rc.firewall 436are: 437.Pp 438.Bl -tag -width ".Li simple" -compact 439.It Li open 440unrestricted IP access 441.It Li closed 442all IP services disabled, except via 443.Dq Li lo0 444.It Li client 445basic protection for a workstation 446.It Li simple 447basic protection for a LAN. 448.El 449.Pp 450If a filename is specified, the full path 451must be given. 452.It Va ipv6_firewall_type 453.Pq Vt str 454The IPv6 equivalent of 455.Va firewall_type . 456.It Va firewall_quiet 457.Pq Vt bool 458Set to 459.Dq Li YES 460to disable the display of firewall rules on the console during boot. 461.It Va ipv6_firewall_quiet 462.Pq Vt bool 463The IPv6 equivalent of 464.Va firewall_quiet . 465.It Va firewall_logging 466.Pq Vt bool 467Set to 468.Dq Li YES 469to enable firewall event logging. 470This is equivalent to the 471.Dv IPFIREWALL_VERBOSE 472kernel option. 473.It Va ipv6_firewall_logging 474.Pq Vt bool 475The IPv6 equivalent of 476.Va firewall_logging . 477.It Va firewall_flags 478.Pq Vt str 479Flags passed to 480.Xr ipfw 8 481if 482.Va firewall_type 483specifies a filename. 484.It Va ipv6_firewall_flags 485.Pq Vt str 486The IPv6 equivalent of 487.Va firewall_flags . 488.It Va natd_program 489.Pq Vt str 490Path to 491.Xr natd 8 . 492.It Va natd_enable 493.Pq Vt bool 494Set to 495.Dq Li YES 496to enable 497.Xr natd 8 . 498.Va firewall_enable 499must also be set to 500.Dq Li YES , 501and 502.Xr divert 4 503sockets must be enabled in the kernel. 504If the kernel was not built with 505.Cd "options IPDIVERT" , 506the 507.Pa ipdivert.ko 508kernel module will be loaded. 509.It Va natd_interface 510.Pq Vt str 511This is the name of the public interface on which 512.Xr natd 8 513should run. 514The interface may be given as an interface name or as an IP address. 515.It Va natd_flags 516.Pq Vt str 517Additional 518.Xr natd 8 519flags should be placed here. 520The 521.Fl n 522or 523.Fl a 524flag is automatically added with the above 525.Va natd_interface 526as an argument. 527.\" ----- ipfilter_enable setting -------------------------------- 528.It Va ipfilter_enable 529.Pq Vt bool 530Set to 531.Dq Li NO 532by default. 533Setting this to 534.Dq Li YES 535enables 536.Xr ipf 8 537packet filtering. 538.Pp 539Typical usage will require putting 540.Bd -literal 541ipfilter_enable="YES" 542ipnat_enable="YES" 543ipmon_enable="YES" 544ipfs_enable="YES" 545.Ed 546.Pp 547into 548.Pa /etc/rc.conf 549and editing 550.Pa /etc/ipf.rules 551and 552.Pa /etc/ipnat.rules 553appropriately. 554.Pp 555Note that 556.Va ipfilter_enable 557and 558.Va ipnat_enable 559can be enabled independently. 560.Va ipmon_enable 561and 562.Va ipfs_enable 563both require at least one of 564.Va ipfilter_enable 565and 566.Va ipnat_enable 567to be enabled. 568.Pp 569Having 570.Bd -literal 571options IPFILTER 572options IPFILTER_LOG 573options IPFILTER_DEFAULT_BLOCK 574.Ed 575.Pp 576in the kernel configuration file is a good idea, too. 577.\" ----- ipfilter_program setting ------------------------------ 578.It Va ipfilter_program 579.Pq Vt str 580Path to 581.Xr ipf 8 582(default 583.Pa /sbin/ipf ) . 584.\" ----- ipfilter_rules setting -------------------------------- 585.It Va ipfilter_rules 586.Pq Vt str 587Set to 588.Pa /etc/ipf.rules 589by default. 590This variable contains the name of the filter rule definition file. 591The file is expected to be readable for the 592.Xr ipf 8 593command to execute. 594.\" ----- ipv6_ipfilter_rules setting --------------------------- 595.It Va ipv6_ipfilter_rules 596.Pq Vt str 597Set to 598.Pa /etc/ipf6.rules 599by default. 600This variable contains the IPv6 filter rule definition file. 601The file is expected to be readable for the 602.Xr ipf 8 603command to execute. 604.\" ----- ipfilter_flags setting -------------------------------- 605.It Va ipfilter_flags 606.Pq Vt str 607Empty by default. 608This variable contains flags passed to the 609.Xr ipf 8 610program. 611.\" ----- ipnat_enable setting ---------------------------------- 612.It Va ipnat_enable 613.Pq Vt bool 614Set to 615.Dq Li NO 616by default. 617Set it to 618.Dq Li YES 619to enable 620.Xr ipnat 8 621network address translation. 622See 623.Va ipfilter_enable 624for a detailed discussion. 625.\" ----- ipnat_program setting --------------------------------- 626.It Va ipnat_program 627.Pq Vt str 628Path to 629.Xr ipnat 8 630(default 631.Pa /sbin/ipnat ) . 632.\" ----- ipnat_rules setting ----------------------------------- 633.It Va ipnat_rules 634.Pq Vt str 635Set to 636.Pa /etc/ipnat.rules 637by default. 638This variable contains the name of the file 639holding the network address translation definition. 640This file is expected to be readable for the 641.Xr ipnat 8 642command to execute. 643.\" ----- ipnat_flags setting ----------------------------------- 644.It Va ipnat_flags 645.Pq Vt str 646Empty by default. 647This variable contains flags passed to the 648.Xr ipnat 8 649program. 650.\" ----- ipmon_enable setting ---------------------------------- 651.It Va ipmon_enable 652.Pq Vt bool 653Set to 654.Dq Li NO 655by default. 656Set it to 657.Dq Li YES 658to enable 659.Xr ipmon 8 660monitoring (logging 661.Xr ipf 8 662and 663.Xr ipnat 8 664events). 665Setting this variable needs setting 666.Va ipfilter_enable 667or 668.Va ipnat_enable 669too. 670See 671.Va ipfilter_enable 672for a detailed discussion. 673.\" ----- ipmon_program setting --------------------------------- 674.It Va ipmon_program 675.Pq Vt str 676Path to 677.Xr ipmon 8 678(default 679.Pa /sbin/ipmon ) . 680.\" ----- ipmon_flags setting ----------------------------------- 681.It Va ipmon_flags 682.Pq Vt str 683Set to 684.Dq Li -Ds 685by default. 686This variable contains flags passed to the 687.Xr ipmon 8 688program. 689Another typical example would be 690.Dq Fl D Pa /var/log/ipflog 691to have 692.Xr ipmon 8 693log directly to a file bypassing 694.Xr syslogd 8 . 695Make sure to adjust 696.Pa /etc/newsyslog.conf 697in such case like this: 698.Bd -literal 699/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 700.Ed 701.\" ----- ipfs_enable setting ----------------------------------- 702.It Va ipfs_enable 703.Pq Vt bool 704Set to 705.Dq Li NO 706by default. 707Set it to 708.Dq Li YES 709to enable 710.Xr ipfs 8 711saving the filter and NAT state tables during shutdown 712and reloading them during startup again. 713Setting this variable needs setting 714.Va ipfilter_enable 715or 716.Va ipnat_enable 717to 718.Dq Li YES 719too. 720See 721.Va ipfilter_enable 722for a detailed discussion. 723Note that if 724.Va kern_securelevel 725is set to 3, 726.Va ipfs_enable 727cannot be used 728because the raised securelevel will prevent 729.Xr ipfs 8 730from saving the state tables at shutdown time. 731.\" ----- ipfs_program setting ---------------------------------- 732.It Va ipfs_program 733.Pq Vt str 734Path to 735.Xr ipfs 8 736(default 737.Pa /sbin/ipfs ) . 738.\" ----- ipfs_flags setting ------------------------------------ 739.It Va ipfs_flags 740.Pq Vt str 741Empty by default. 742This variable contains flags passed to the 743.Xr ipfs 8 744program. 745.\" ----- end of added ipf hook --------------------------------- 746.It Va pf_enable 747.Pq Vt bool 748Set to 749.Dq Li NO 750by default. 751Setting this to 752.Dq Li YES 753enables 754.Xr pf 4 755packet filtering. 756.Pp 757Typical usage will require putting 758.Pp 759.Dl pf_enable="YES" 760.Pp 761into 762.Pa /etc/rc.conf 763and editing 764.Pa /etc/pf.conf 765appropriately. 766.Pp 767.Dl "device pf" 768.Pp 769builds 770.Xr pf 4 771into the kernel. 772Otherwise it is loaded from a module. 773.It Va pf_rules 774.Pq Vt str 775Path to 776.Xr pf 4 777ruleset configuration file 778(default 779.Pa /etc/pf.conf ) . 780.It Va pf_program 781.Pq Vt str 782Path to 783.Xr pfctl 8 784(default 785.Pa /sbin/pfctl ) . 786.It Va pf_flags 787.Pq Vt str 788If 789.Va pf_enable 790is set to 791.Dq Li YES , 792these flags are passed to the 793.Xr pfctl 8 794program when loading the ruleset. 795.It Va pflog_enable 796.Pq Vt bool 797Set to 798.Dq Li NO 799by default. 800Setting this to 801.Dq Li YES 802enables 803.Xr pflogd 8 804which logs packets from the 805.Xr pf 4 806packet filter. 807.It Va pflog_logfile 808.Pq Vt str 809If 810.Va pflog_enable 811is set to 812.Dq Li YES 813this controls where 814.Xr pflogd 8 815stores the logfile 816(default 817.Pa /var/log/pflog ) . 818Check 819.Pa /etc/newsyslog.conf 820to adjust logfile rotation for this. 821.It Va pflog_program 822.Pq Vt str 823Path to 824.Xr pflogd 8 825(default 826.Pa /sbin/pflogd ) . 827.It Va pflog_flags 828.Pq Vt str 829Empty by default. 830This variable contains additional flags passed to the 831.Xr pflogd 8 832program. 833.It Va pfsync_enable 834.Pq Vt bool 835Set to 836.Dq Li NO 837by default. 838Setting this to 839.Dq Li YES 840enables exposing 841.Xr pf 4 842state changes to other hosts over the network by means of 843.Xr pfsync 4 . 844The 845.Va pfsync_syncdev 846variable 847must also be set then. 848.It Va pfsync_syncdev 849.Pq Vt str 850Empty by default. 851This variable specifies the name of the network interface 852.Xr pfsync 4 853should operate through. 854It must be set accordingly if 855.Va pfsync_enable 856is set to 857.Dq Li YES . 858.It Va pfsync_ifconfig 859.Pq Vt str 860Empty by default. 861This variable can contain additional options to be passed to the 862.Xr ifconfig 8 863command used to set up 864.Xr pfsync 4 . 865.It Va tcp_extensions 866.Pq Vt bool 867Set to 868.Dq Li YES 869by default. 870Setting this to 871.Dq Li NO 872disables certain TCP options as described by 873.Rs 874.%T "RFC 1323" 875.Re 876Setting this to 877.Dq Li NO 878might help remedy such problems with connections as randomly hanging 879or other weird behavior. 880Some network devices are known 881to be broken with respect to these options. 882.It Va log_in_vain 883.Pq Vt int 884Set to 0 by default. 885The 886.Xr sysctl 8 887variables, 888.Va net.inet.tcp.log_in_vain 889and 890.Va net.inet.udp.log_in_vain , 891as described in 892.Xr tcp 4 893and 894.Xr udp 4 , 895are set to the given value. 896.It Va tcp_keepalive 897.Pq Vt bool 898Set to 899.Dq Li YES 900by default. 901Setting to 902.Dq Li NO 903will disable probing idle TCP connections to verify that the 904peer is still up and reachable. 905.It Va tcp_drop_synfin 906.Pq Vt bool 907Set to 908.Dq Li NO 909by default. 910Setting to 911.Dq Li YES 912will cause the kernel to ignore TCP frames that have both 913the SYN and FIN flags set. 914This prevents OS fingerprinting, but may 915break some legitimate applications. 916This option is only available if the 917kernel was built with the 918.Dv TCP_DROP_SYNFIN 919option. 920.It Va icmp_drop_redirect 921.Pq Vt bool 922Set to 923.Dq Li NO 924by default. 925Setting to 926.Dq Li YES 927will cause the kernel to ignore ICMP REDIRECT packets. 928Refer to 929.Xr icmp 4 930for more information. 931.It Va icmp_log_redirect 932.Pq Vt bool 933Set to 934.Dq Li NO 935by default. 936Setting to 937.Dq Li YES 938will cause the kernel to log ICMP REDIRECT packets. 939Note that 940the log messages are not rate-limited, so this option should only be used 941for troubleshooting networks. 942Refer to 943.Xr icmp 4 944for more information. 945.It Va icmp_bmcastecho 946.Pq Vt bool 947Set to 948.Dq Li YES 949to respond to broadcast or multicast ICMP ping packets. 950Refer to 951.Xr icmp 4 952for more information. 953.It Va ip_portrange_first 954.Pq Vt int 955If not set to 956.Dq Li NO , 957this is the first port in the default portrange. 958Refer to 959.Xr ip 4 960for more information. 961.It Va ip_portrange_last 962.Pq Vt int 963If not set to 964.Dq Li NO , 965this is the last port in the default portrange. 966Refer to 967.Xr ip 4 968for more information. 969.It Va network_interfaces 970.Pq Vt str 971Set to the list of network interfaces to configure on this host or 972.Dq Li AUTO 973(the default) for all current interfaces. 974Setting the 975.Va network_interfaces 976variable to anything other than the default is deprecated. 977Interfaces that the administrator wishes to store configuration for, 978but not start at boot should be configured with the 979.Dq Li NOAUTO 980keyword in their 981.Va ifconfig_ Ns Aq Ar interface 982variables as described below. 983.Pp 984An 985.Va ifconfig_ Ns Aq Ar interface 986variable is also assumed to exist for each value of 987.Ar interface . 988When an interface name contains any of the characters 989.Dq Li .-/+ 990they are translated to 991.Dq Li _ 992before lookup. 993The variable can contain arguments to 994.Xr ifconfig 8 , 995as well as special case-insensitive keywords described below. 996Such keywords are removed before passing the value to 997.Xr ifconfig 8 998while the order of the other arguments is preserved. 999.Pp 1000One can configure more than one IPv4 address with the 1001.Va ipv4_addrs_ Ns Aq Ar interface 1002variable. 1003One or more IP addresses must be provided in Classless Inter-Domain 1004Routing (CIDR) address notation, whose last byte can be a range like 1005192.168.0.5-23/24. 1006In this case the address 192.168.0.5 will be configured with the 1007netmask /24 and the addresses 192.168.0.6 to 192.168.0.23 with 1008the non-conflicting netmask /32 as explained in the 1009.Xr ifconfig 8 1010alias section. 1011With the interface in question being 1012.Li ed0 , 1013an example could look like: 1014.Bd -literal 1015ipv4_addrs_ed0="192.168.0.1/24 192.168.1.1-5/28" 1016.Ed 1017.Pp 1018It is also possible to add IP alias entries using 1019.Xr ifconfig 8 1020syntax. 1021Assuming that the interface in question was 1022.Li ed0 , 1023it might look 1024something like this: 1025.Bd -literal 1026ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 1027ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 1028.Ed 1029.Pp 1030And so on. 1031For each 1032.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1033entry that is found, 1034its contents are passed to 1035.Xr ifconfig 8 . 1036Execution stops at the first unsuccessful access, so if 1037something like this is present: 1038.Bd -literal 1039ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 1040ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 1041ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 1042ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 1043.Ed 1044.Pp 1045Then note that alias4 would 1046.Em not 1047be added since the search would 1048stop with the missing 1049.Dq Li alias3 1050entry. 1051Due to this difficult to manage behavior, the 1052.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1053form is deprecated. 1054.Pp 1055If the 1056.Pa /etc/start_if. Ns Aq Ar interface 1057file is present, it is read and executed by the 1058.Xr sh 1 1059interpreter 1060before configuring the interface as specified in the 1061.Va ifconfig_ Ns Aq Ar interface 1062and 1063.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1064variables. 1065.Pp 1066If the 1067.Va ifconfig_ Ns Aq Ar interface 1068contains the keyword 1069.Dq Li NOAUTO 1070then the interface will not be configured 1071at boot or by 1072.Pa /etc/pccard_ether 1073when 1074.Va network_interfaces 1075is set to 1076.Dq Li AUTO . 1077.Pp 1078It is possible to bring up an interface with DHCP by adding 1079.Dq Li DHCP 1080to the 1081.Va ifconfig_ Ns Aq Ar interface 1082variable. 1083For instance, to initialize the 1084.Li ed0 1085device via DHCP, 1086it is possible to use something like: 1087.Bd -literal 1088ifconfig_ed0="DHCP" 1089.Ed 1090.Pp 1091Also, if your interface needs WPA authentication, it is possible to add 1092.Dq Li WPA 1093to the 1094.Va ifconfig_ Ns Aq Ar interface 1095variable. 1096.Pp 1097Finally, you can add 1098.Xr ifconfig 8 1099options in this variable, in addition to the 1100.Pa /etc/start_if. Ns Aq Ar interface 1101file. 1102For instance, to initialize the 1103.Li wi0 1104device via DHCP, using WPA authentication and 802.11b mode, it is 1105possible to use something like: 1106.Bd -literal 1107ifconfig_wi0="DHCP WPA mode 11b" 1108.Ed 1109.Pp 1110In addition to the 1111.Va ifconfig_ Ns Aq Ar interface 1112form, a fallback variable 1113.Va ifconfig_DEFAULT 1114may be configured. 1115It will be used for all interfaces with no 1116.Va ifconfig_ Ns Aq Ar interface 1117variable. 1118This is intended to replace the no longer supported 1119.Va pccard_ifconfig 1120variable. 1121.Pp 1122It is also possible to rename interface by doing: 1123.Bd -literal 1124ifconfig_ed0_name="net0" 1125ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 1126.Ed 1127.It Va ipv6_network_interfaces 1128.Pq Vt str 1129This is the IPv6 equivalent of 1130.Va network_interfaces . 1131Instead of setting the ifconfig variables as 1132.Va ifconfig_ Ns Aq Ar interface 1133they should be set as 1134.Va ipv6_ifconfig_ Ns Aq Ar interface . 1135Aliases should be set as 1136.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 1137.Va ipv6_prefix_ Ns Aq Ar interface 1138does something. 1139Interfaces that do not have a 1140.Va ipv6_ifconfig_ Ns Aq Ar interface 1141setting will be auto configured by 1142.Xr rtsol 8 1143if the 1144.Va ipv6_gateway_enable 1145is set to 1146.Dq Li NO . 1147Note that the IPv6 networking code does not support the 1148.Pa /etc/start_if. Ns Aq Ar interface 1149files. 1150.It Va ipv6_default_interface 1151.Pq Vt str 1152If not set to 1153.Dq Li NO , 1154this is the default output interface for scoped addresses. 1155Now this works only for IPv6 link local multicast addresses. 1156.It Va cloned_interfaces 1157.Pq Vt str 1158Set to the list of clonable network interfaces to create on this host. 1159Entries in 1160.Va cloned_interfaces 1161are automatically appended to 1162.Va network_interfaces 1163for configuration. 1164.It Va fec_interfaces 1165.Pq Vt str 1166Set to the list of 1167.Xr ng_fec 4 1168Fast EtherChannel interfaces to configure on this host. 1169A 1170.Va fecconfig_ Ns Aq Ar interface 1171variable is assumed to exist for each value of 1172.Ar interface . 1173The value of this variable is used to configure link aggregated interfaces 1174according to the syntax of the 1175.Cm NGM_FEC_ADD_IFACE 1176to 1177.Xr ngctl 8 1178msg. 1179Additionally, this option ensures that each listed interface is created 1180via the 1181.Cm mkpeer 1182command to 1183.Xr ngctl 8 1184before attempting to configure it. 1185For example: 1186.Bd -literal 1187fec_interfaces="fec0" 1188fecconfig_fec0="em0 em1" 1189ifconfig_fec0="DHCP" 1190.Ed 1191.It Va gif_interfaces 1192.Pq Vt str 1193Set to the list of 1194.Xr gif 4 1195tunnel interfaces to configure on this host. 1196A 1197.Va gifconfig_ Ns Aq Ar interface 1198variable is assumed to exist for each value of 1199.Ar interface . 1200The value of this variable is used to configure the link layer of the 1201tunnel according to the syntax of the 1202.Cm tunnel 1203option to 1204.Xr ifconfig 8 . 1205Additionally, this option ensures that each listed interface is created 1206via the 1207.Cm create 1208option to 1209.Xr ifconfig 8 1210before attempting to configure it. 1211.It Va sppp_interfaces 1212.Pq Vt str 1213Set to the list of 1214.Xr sppp 4 1215interfaces to configure on this host. 1216A 1217.Va spppconfig_ Ns Aq Ar interface 1218variable is assumed to exist for each value of 1219.Ar interface . 1220Each interface should also be configured by a general 1221.Va ifconfig_ Ns Aq Ar interface 1222setting. 1223Refer to 1224.Xr spppcontrol 8 1225for more information about available options. 1226.It Va ppp_enable 1227.Pq Vt bool 1228If set to 1229.Dq Li YES , 1230run the 1231.Xr ppp 8 1232daemon. 1233.It Va ppp_mode 1234.Pq Vt str 1235Mode in which to run the 1236.Xr ppp 8 1237daemon. 1238Accepted modes are 1239.Dq Li auto , 1240.Dq Li ddial , 1241.Dq Li direct 1242and 1243.Dq Li dedicated . 1244See the manual for a full description. 1245.It Va ppp_nat 1246.Pq Vt bool 1247If set to 1248.Dq Li YES , 1249enables network address translation. 1250Used in conjunction with 1251.Va gateway_enable 1252allows hosts on private network addresses access to the Internet using 1253this host as a network address translating router. 1254.It Va ppp_profile 1255.Pq Vt str 1256The name of the profile to use from 1257.Pa /etc/ppp/ppp.conf . 1258.It Va ppp_user 1259.Pq Vt str 1260The name of the user under which 1261.Xr ppp 8 1262should be started. 1263By 1264default, 1265.Xr ppp 8 1266is started as 1267.Dq Li root . 1268.It Va rc_conf_files 1269.Pq Vt str 1270This option is used to specify a list of files that will override 1271the settings in 1272.Pa /etc/defaults/rc.conf . 1273The files will be read in the order in which they are specified and should 1274include the full path to the file. 1275By default, the files specified are 1276.Pa /etc/rc.conf 1277and 1278.Pa /etc/rc.conf.local 1279.It Va gbde_autoattach_all 1280.Pq Vt bool 1281If set to 1282.Dq Li YES , 1283.Pa /etc/rc.d/gbde 1284will attempt to automatically initialize your .bde devices in 1285.Pa /etc/fstab . 1286.It Va gbde_devices 1287.Pq Vt str 1288List the devices that the script should try to attach, 1289or 1290.Dq Li AUTO . 1291.It Va gbde_lockdir 1292.Pq Vt str 1293The directory where the 1294.Xr gbde 4 1295lockfiles are located. 1296The default lockfile directory is 1297.Pa /etc . 1298.Pp 1299The lockfile for each individual 1300.Xr gbde 4 1301device can be overridden by setting the variable 1302.Va gbde_lock_ Ns Aq Ar device , 1303where 1304.Ar device 1305is the encrypted device without the 1306.Dq Pa /dev/ 1307and 1308.Dq Pa .bde 1309parts. 1310.It Va gbde_attach_attempts 1311.Pq Vt int 1312Number of times to attempt attaching to a 1313.Xr gbde 4 1314device, i.e., how many times the user is asked for the pass-phrase. 1315Default is 3. 1316.It Va geli_devices 1317.Pq Vt str 1318List of devices to automatically attach on boot. 1319Note that .eli devices from 1320.Pa /etc/fstab 1321are automatically appended to this list. 1322.It Va geli_tries 1323.Pq Vt int 1324Number of times user is asked for the pass-phrase. 1325If empty, it will be taken from 1326.Va kern.geom.eli.tries 1327sysctl variable. 1328.It Va geli_default_flags 1329.Pq Vt str 1330Default flags to use by 1331.Xr geli 8 1332when configuring disk encryption. 1333Flags can be configured for every device separately by defining 1334.Va geli_ Ns Ao Ar device Ac Ns Va _flags 1335variable. 1336.It Va geli_autodetach 1337.Pq Vt str 1338Specifies if GELI devices should be marked for detach on last close after 1339file systems are mounted. 1340Default is 1341.Dq Li YES . 1342This can be changed for every device separately by defining 1343.Va geli_ Ns Ao Ar device Ac Ns Va _autodetach 1344variable. 1345.It Va geli_swap_flags 1346Options passed to the 1347.Xr geli 8 1348utility when encrypted GEOM providers for swap partitions are created. 1349The default is 1350.Dq Li "-a aes -l 256 -s 4096 -d" . 1351.It Va root_rw_mount 1352.Pq Vt bool 1353Set to 1354.Dq Li YES 1355by default. 1356After the file systems are checked at boot time, the root file system 1357is remounted as read-write if this is set to 1358.Dq Li YES . 1359Diskless systems that mount their root file system from a read-only remote 1360NFS share should set this to 1361.Dq Li NO 1362in their 1363.Pa rc.conf . 1364.It Va fsck_y_enable 1365.Pq Vt bool 1366If set to 1367.Dq Li YES , 1368.Xr fsck 8 1369will be run with the 1370.Fl y 1371flag if the initial preen 1372of the file systems fails. 1373.It Va background_fsck 1374.Pq Vt bool 1375If set to 1376.Dq Li YES , 1377the system will attempt to run 1378.Xr fsck 8 1379in the background where possible. 1380.It Va background_fsck_delay 1381.Pq Vt int 1382The amount of time in seconds to sleep before starting a background 1383.Xr fsck 8 . 1384It defaults to sixty seconds to allow large applications such as 1385the X server to start before disk I/O bandwidth is monopolized by 1386.Xr fsck 8 . 1387.It Va netfs_types 1388.Pq Vt str 1389List of file system types that are network-based. 1390This list should generally not be modified by end users. 1391Use 1392.Va extra_netfs_types 1393instead. 1394.It Va extra_netfs_types 1395.Pq Vt str 1396If set to something other than 1397.Dq Li NO 1398(the default), 1399this variable extends the list of file system types 1400for which automatic mounting at startup by 1401.Xr rc 8 1402should be delayed until the network is initialized. 1403It should contain 1404a whitespace-separated list of network file system descriptor pairs, 1405each consisting of a file system type as passed to 1406.Xr mount 8 1407and a human-readable, one-word description, 1408joined with a colon 1409.Pq Ql \&: . 1410Extending the default list in this way is only necessary 1411when third party file system types are used. 1412.It Va syslogd_enable 1413.Pq Vt bool 1414If set to 1415.Dq Li YES , 1416run the 1417.Xr syslogd 8 1418daemon. 1419.It Va syslogd_program 1420.Pq Vt str 1421Path to 1422.Xr syslogd 8 1423(default 1424.Pa /usr/sbin/syslogd ) . 1425.It Va syslogd_flags 1426.Pq Vt str 1427If 1428.Va syslogd_enable 1429is set to 1430.Dq Li YES , 1431these are the flags to pass to 1432.Xr syslogd 8 . 1433.It Va inetd_enable 1434.Pq Vt bool 1435If set to 1436.Dq Li YES , 1437run the 1438.Xr inetd 8 1439daemon. 1440.It Va inetd_program 1441.Pq Vt str 1442Path to 1443.Xr inetd 8 1444(default 1445.Pa /usr/sbin/inetd ) . 1446.It Va inetd_flags 1447.Pq Vt str 1448If 1449.Va inetd_enable 1450is set to 1451.Dq Li YES , 1452these are the flags to pass to 1453.Xr inetd 8 . 1454.It Va named_enable 1455.Pq Vt bool 1456If set to 1457.Dq Li YES , 1458run the 1459.Xr named 8 1460daemon. 1461.It Va named_program 1462.Pq Vt str 1463Path to 1464.Xr named 8 1465(default 1466.Pa /usr/sbin/named ) . 1467.It Va named_flags 1468.Pq Vt str 1469If 1470.Va named_enable 1471is set to 1472.Dq Li YES , 1473these are the flags to pass to 1474.Xr named 8 . 1475.It Va named_pidfile 1476.Pq Vt str 1477This is the default path to the 1478.Xr named 8 1479daemon's PID file. 1480This must match the location in 1481.Xr named.conf 5 . 1482.It Va named_uid 1483.Pq Vt str 1484The user that the 1485.Xr named 8 1486process should be run as. 1487.It Va named_chrootdir 1488.Pq Vt str 1489The root directory for a name server run in a 1490.Xr chroot 8 1491environment (default 1492.Pa /var/named ) . 1493If left empty 1494.Xr named 8 1495will not be run in a 1496.Xr chroot 8 1497environment. 1498.It Va named_chroot_autoupdate 1499.Pq Vt bool 1500Set to 1501.Dq Li NO 1502to disable automatic update of the 1503.Xr chroot 8 1504environment. 1505.It Va named_symlink_enable 1506.Pq Vt bool 1507Set to 1508.Dq Li NO 1509to disable symlinking of 1510daemon's PID file 1511into the 1512.Xr chroot 8 1513environment. 1514.It Va kerberos5_server_enable 1515.Pq Vt bool 1516Set to 1517.Dq Li YES 1518to start a Kerberos 5 authentication server 1519at boot time. 1520.It Va kerberos5_server 1521.Pq Vt str 1522If 1523.Va kerberos5_server_enable 1524is set to 1525.Dq Li YES 1526this is the path to Kerberos 5 Authentication Server. 1527.It Va kerberos5_server_flags 1528.Pq Vt str 1529Empty by default. 1530This variable contains additional flags to be passed to the Kerberos 5 1531authentication server. 1532.It Va kadmind5_server_enable 1533.Pq Vt bool 1534Set to 1535.Dq Li YES 1536to start 1537.Xr kadmind 8 , 1538the Kerberos 5 Administration Daemon; set to 1539.Dq Li NO 1540on a slave server. 1541.It Va kadmind5_server 1542.Pq Vt str 1543If 1544.Va kadmind5_server_enable 1545is set to 1546.Dq Li YES 1547this is the path to Kerberos 5 Administration Daemon. 1548.It Va kpasswdd_server_enable 1549.Pq Vt bool 1550Set to 1551.Dq Li YES 1552to start 1553.Xr kpasswdd 8 , 1554the Kerberos 5 Password-Changing Daemon; set to 1555.Dq Li NO 1556on a slave server. 1557.It Va kpasswdd_server 1558.Pq Vt str 1559If 1560.Va kpasswdd_server_enable 1561is set to 1562.Dq Li YES 1563this is the path to Kerberos 5 Password-Changing Daemon. 1564.It Va rwhod_enable 1565.Pq Vt bool 1566If set to 1567.Dq Li YES , 1568run the 1569.Xr rwhod 8 1570daemon at boot time. 1571.It Va rwhod_flags 1572.Pq Vt str 1573If 1574.Va rwhod_enable 1575is set to 1576.Dq Li YES , 1577these are the flags to pass to it. 1578.It Va amd_enable 1579.Pq Vt bool 1580If set to 1581.Dq Li YES , 1582run the 1583.Xr amd 8 1584daemon at boot time. 1585.It Va amd_flags 1586.Pq Vt str 1587If 1588.Va amd_enable 1589is set to 1590.Dq Li YES , 1591these are the flags to pass to it. 1592See the 1593.Xr amd 8 1594manpage for more information. 1595.It Va amd_map_program 1596.Pq Vt str 1597If set, 1598the specified program is run to get the list of 1599.Xr amd 8 1600maps. 1601For example, if the 1602.Xr amd 8 1603maps are stored in NIS, one can set this to 1604run 1605.Xr ypcat 1 1606to get a list of 1607.Xr amd 8 1608maps from the 1609.Pa amd.master 1610NIS map. 1611.It Va update_motd 1612.Pq Vt bool 1613If set to 1614.Dq Li YES , 1615.Pa /etc/motd 1616will be updated at boot time to reflect the kernel release 1617being run. 1618If set to 1619.Dq Li NO , 1620.Pa /etc/motd 1621will not be updated. 1622.It Va nfs_client_enable 1623.Pq Vt bool 1624If set to 1625.Dq Li YES , 1626run the NFS client daemons at boot time. 1627.It Va nfs_access_cache 1628.Pq Vt int 1629If 1630.Va nfs_client_enable 1631is set to 1632.Dq Li YES , 1633this can be set to 1634.Dq Li 0 1635to disable NFS ACCESS RPC caching, or to the number of seconds for which 1636NFS ACCESS 1637results should be cached. 1638A value of 2-10 seconds will substantially reduce network 1639traffic for many NFS operations. 1640.It Va nfs_server_enable 1641.Pq Vt bool 1642If set to 1643.Dq Li YES , 1644run the NFS server daemons at boot time. 1645.It Va nfs_server_flags 1646.Pq Vt str 1647If 1648.Va nfs_server_enable 1649is set to 1650.Dq Li YES , 1651these are the flags to pass to the 1652.Xr nfsd 8 1653daemon. 1654.It Va idmapd_enable 1655.Pq Vt bool 1656If set to 1657.Dq Li YES , 1658run the ID mapping daemon for NFS version 4. 1659.It Va idmapd_flags 1660.Pq Vt str 1661If 1662.Va idmapd_enable 1663is set to 1664.Dq Li YES , 1665these are the flags to pass to the 1666.Xr idmapd 8 1667daemon. 1668.It Va mountd_enable 1669.Pq Vt bool 1670If set to 1671.Dq Li YES , 1672and no 1673.Va nfs_server_enable 1674is set, start 1675.Xr mountd 8 , 1676but not 1677.Xr nfsd 8 1678daemon. 1679It is commonly needed to run CFS without real NFS used. 1680.It Va mountd_flags 1681.Pq Vt str 1682If 1683.Va mountd_enable 1684is set to 1685.Dq Li YES , 1686these are the flags to pass to the 1687.Xr mountd 8 1688daemon. 1689.It Va weak_mountd_authentication 1690.Pq Vt bool 1691If set to 1692.Dq Li YES , 1693allow services like PCNFSD to make non-privileged mount 1694requests. 1695.It Va nfs_reserved_port_only 1696.Pq Vt bool 1697If set to 1698.Dq Li YES , 1699provide NFS services only on a secure port. 1700.It Va nfs_bufpackets 1701.Pq Vt int 1702If set to a number, indicates the number of packets worth of 1703socket buffer space to reserve on an NFS client. 1704The kernel default is typically 4. 1705Using a higher number may be 1706useful on gigabit networks to improve performance. 1707The minimum value is 17082 and the maximum is 64. 1709.It Va rpc_lockd_enable 1710.Pq Vt bool 1711If set to 1712.Dq Li YES 1713and also an NFS server or client, run 1714.Xr rpc.lockd 8 1715at boot time. 1716.It Va rpc_statd_enable 1717.Pq Vt bool 1718If set to 1719.Dq Li YES 1720and also an NFS server or client, run 1721.Xr rpc.statd 8 1722at boot time. 1723.It Va rpcbind_program 1724.Pq Vt str 1725Path to 1726.Xr rpcbind 8 1727(default 1728.Pa /usr/sbin/rpcbind ) . 1729.It Va rpcbind_enable 1730.Pq Vt bool 1731If set to 1732.Dq Li YES , 1733run the 1734.Xr rpcbind 8 1735service at boot time. 1736.It Va rpcbind_flags 1737.Pq Vt str 1738If 1739.Va rpcbind_enable 1740is set to 1741.Dq Li YES , 1742these are the flags to pass to the 1743.Xr rpcbind 8 1744daemon. 1745.It Va keyserv_enable 1746.Pq Vt bool 1747If set to 1748.Dq Li YES , 1749run the 1750.Xr keyserv 8 1751daemon on boot for running Secure RPC. 1752.It Va keyserv_flags 1753.Pq Vt str 1754If 1755.Va keyserv_enable 1756is set to 1757.Dq Li YES , 1758these are the flags to pass to 1759.Xr keyserv 8 1760daemon. 1761.It Va pppoed_enable 1762.Pq Vt bool 1763If set to 1764.Dq Li YES , 1765run the 1766.Xr pppoed 8 1767daemon at boot time to provide PPP over Ethernet services. 1768.It Va pppoed_ Ns Aq Ar provider 1769.Pq Vt str 1770.Xr pppoed 8 1771listens to requests to this 1772.Ar provider 1773and ultimately runs 1774.Xr ppp 8 1775with a 1776.Ar system 1777argument of the same name. 1778.It Va pppoed_flags 1779.Pq Vt str 1780Additional flags to pass to 1781.Xr pppoed 8 . 1782.It Va pppoed_interface 1783.Pq Vt str 1784The network interface to run 1785.Xr pppoed 8 1786on. 1787This is mandatory when 1788.Va pppoed_enable 1789is set to 1790.Dq Li YES . 1791.It Va timed_enable 1792.Pq Vt bool 1793If set to 1794.Dq Li YES , 1795run the 1796.Xr timed 8 1797service at boot time. 1798This command is intended for networks of 1799machines where a consistent 1800.Dq "network time" 1801for all hosts must be established. 1802This is often useful in large NFS 1803environments where time stamps on files are expected to be consistent 1804network-wide. 1805.It Va timed_flags 1806.Pq Vt str 1807If 1808.Va timed_enable 1809is set to 1810.Dq Li YES , 1811these are the flags to pass to the 1812.Xr timed 8 1813service. 1814.It Va ntpdate_enable 1815.Pq Vt bool 1816If set to 1817.Dq Li YES , 1818run 1819.Xr ntpdate 8 1820at system startup. 1821This command is intended to 1822synchronize the system clock only 1823.Em once 1824from some standard reference. 1825An option to set this up initially 1826(from a list of known servers) is also provided by the 1827.Xr sysinstall 8 1828program when the system is first installed. 1829.It Va ntpdate_config 1830.Pq Vt str 1831Configuration file for 1832.Xr ntpdate 8 . 1833Default 1834.Pa /etc/ntp.conf . 1835.It Va ntpdate_hosts 1836.Pq Vt str 1837A whitespace-separated list of NTP servers to synchronize with at startup. 1838The default is to use the servers listed in 1839.Va ntpdate_config , 1840if that file exists. 1841.It Va ntpdate_program 1842.Pq Vt str 1843Path to 1844.Xr ntpdate 8 1845(default 1846.Pa /usr/sbin/ntpdate ) . 1847.It Va ntpdate_flags 1848.Pq Vt str 1849If 1850.Va ntpdate_enable 1851is set to 1852.Dq Li YES , 1853these are the flags to pass to the 1854.Xr ntpdate 8 1855command (typically a hostname). 1856.It Va ntpd_enable 1857.Pq Vt bool 1858If set to 1859.Dq Li YES , 1860run the 1861.Xr ntpd 8 1862command at boot time. 1863.It Va ntpd_program 1864.Pq Vt str 1865Path to 1866.Xr ntpd 8 1867(default 1868.Pa /usr/sbin/ntpd ) . 1869.It Va ntpd_config 1870.Pq Vt str 1871Path to 1872.Xr ntpd 8 1873configuration file. 1874Default 1875.Pa /etc/ntp.conf . 1876.It Va ntpd_flags 1877.Pq Vt str 1878If 1879.Va ntpd_enable 1880is set to 1881.Dq Li YES , 1882these are the flags to pass to the 1883.Xr ntpd 8 1884daemon. 1885.It Va ntpd_sync_on_start 1886.Pq Vt bool 1887If set to 1888.Dq Li YES , 1889.Xr ntpd 8 1890is run with the 1891.Fl g 1892flag, which syncs the system's clock on startup. 1893See 1894.Xr ntpd 8 1895for more information regarding the 1896.Fl g 1897option. 1898This is a preferred alternative to using 1899.Xr ntpdate 8 1900or specifying the 1901.Va ntpdate_enable 1902variable. 1903.It Va nis_client_enable 1904.Pq Vt bool 1905If set to 1906.Dq Li YES , 1907run the 1908.Xr ypbind 8 1909service at system boot time. 1910.It Va nis_client_flags 1911.Pq Vt str 1912If 1913.Va nis_client_enable 1914is set to 1915.Dq Li YES , 1916these are the flags to pass to the 1917.Xr ypbind 8 1918service. 1919.It Va nis_ypset_enable 1920.Pq Vt bool 1921If set to 1922.Dq Li YES , 1923run the 1924.Xr ypset 8 1925daemon at system boot time. 1926.It Va nis_ypset_flags 1927.Pq Vt str 1928If 1929.Va nis_ypset_enable 1930is set to 1931.Dq Li YES , 1932these are the flags to pass to the 1933.Xr ypset 8 1934daemon. 1935.It Va nis_server_enable 1936.Pq Vt bool 1937If set to 1938.Dq Li YES , 1939run the 1940.Xr ypserv 8 1941daemon at system boot time. 1942.It Va nis_server_flags 1943.Pq Vt str 1944If 1945.Va nis_server_enable 1946is set to 1947.Dq Li YES , 1948these are the flags to pass to the 1949.Xr ypserv 8 1950daemon. 1951.It Va nis_ypxfrd_enable 1952.Pq Vt bool 1953If set to 1954.Dq Li YES , 1955run the 1956.Xr rpc.ypxfrd 8 1957daemon at system boot time. 1958.It Va nis_ypxfrd_flags 1959.Pq Vt str 1960If 1961.Va nis_ypxfrd_enable 1962is set to 1963.Dq Li YES , 1964these are the flags to pass to the 1965.Xr rpc.ypxfrd 8 1966daemon. 1967.It Va nis_yppasswdd_enable 1968.Pq Vt bool 1969If set to 1970.Dq Li YES , 1971run the 1972.Xr rpc.yppasswdd 8 1973daemon at system boot time. 1974.It Va nis_yppasswdd_flags 1975.Pq Vt str 1976If 1977.Va nis_yppasswdd_enable 1978is set to 1979.Dq Li YES , 1980these are the flags to pass to the 1981.Xr rpc.yppasswdd 8 1982daemon. 1983.It Va rpc_ypupdated_enable 1984.Pq Vt bool 1985If set to 1986.Dq Li YES , 1987run the 1988.Nm rpc.ypupdated 1989daemon at system boot time. 1990.It Va bsnmpd_enable 1991.Pq Vt bool 1992If set to 1993.Dq Li YES , 1994run the 1995.Xr bsnmpd 1 1996daemon at system boot time. 1997Be sure to understand the security implications of running SNMP daemon 1998on your host. 1999.It Va bsnmpd_flags 2000.Pq Vt str 2001If 2002.Va bsnmpd_enable 2003is set to 2004.Dq Li YES , 2005these are the flags to pass to the 2006.Xr bsnmpd 1 2007daemon. 2008.It Va defaultrouter 2009.Pq Vt str 2010If not set to 2011.Dq Li NO , 2012create a default route to this host name or IP address 2013(use an IP address if this router is also required to get to the 2014name server!). 2015.It Va ipv6_defaultrouter 2016.Pq Vt str 2017The IPv6 equivalent of 2018.Va defaultrouter . 2019.It Va static_routes 2020.Pq Vt str 2021Set to the list of static routes that are to be added at system 2022boot time. 2023If not set to 2024.Dq Li NO 2025then for each whitespace separated 2026.Ar element 2027in the value, a 2028.Va route_ Ns Aq Ar element 2029variable is assumed to exist 2030whose contents will later be passed to a 2031.Dq Nm route Cm add 2032operation. 2033For example: 2034.Bd -literal 2035static_routes="mcast gif0local" 2036route_mcast="-net 224.0.0.0/4 -iface gif0" 2037route_gif0local="-host 169.254.1.1 -iface lo0" 2038.Ed 2039.It Va ipv6_static_routes 2040.Pq Vt str 2041The IPv6 equivalent of 2042.Va static_routes . 2043If not set to 2044.Dq Li NO 2045then for each whitespace separated 2046.Ar element 2047in the value, a 2048.Va ipv6_route_ Ns Aq Ar element 2049variable is assumed to exist 2050whose contents will later be passed to a 2051.Dq Nm route Cm add Fl inet6 2052operation. 2053.It Va natm_static_routes 2054.Pq Vt str 2055The 2056.Xr natmip 4 2057equivalent of 2058.Va static_routes . 2059If not empty then for each whitespace separated 2060.Ar element 2061in the value, a 2062.Va route_ Ns Aq Ar element 2063variable is assumed to exist whose contents will later be passed to a 2064.Dq Nm atmconfig Cm natm Cm add 2065operation. 2066.It Va gateway_enable 2067.Pq Vt bool 2068If set to 2069.Dq Li YES , 2070configure host to act as an IP router, e.g.\& to forward packets 2071between interfaces. 2072.It Va ipv6_gateway_enable 2073.Pq Vt bool 2074The IPv6 equivalent of 2075.Va gateway_enable . 2076.It Va router_enable 2077.Pq Vt bool 2078If set to 2079.Dq Li YES , 2080run a routing daemon of some sort, based on the 2081settings of 2082.Va router 2083and 2084.Va router_flags . 2085.It Va ipv6_router_enable 2086.Pq Vt bool 2087The IPv6 equivalent of 2088.Va router_enable . 2089If set to 2090.Dq Li YES , 2091run a routing daemon of some sort, based on the 2092settings of 2093.Va ipv6_router 2094and 2095.Va ipv6_router_flags . 2096.It Va router 2097.Pq Vt str 2098If 2099.Va router_enable 2100is set to 2101.Dq Li YES , 2102this is the name of the routing daemon to use. 2103.It Va ipv6_router 2104.Pq Vt str 2105The IPv6 equivalent of 2106.Va router . 2107.It Va router_flags 2108.Pq Vt str 2109If 2110.Va router_enable 2111is set to 2112.Dq Li YES , 2113these are the flags to pass to the routing daemon. 2114.It Va ipv6_router_flags 2115.Pq Vt str 2116The IPv6 equivalent of 2117.Va router_flags . 2118.It Va mrouted_enable 2119.Pq Vt bool 2120If set to 2121.Dq Li YES , 2122run the multicast routing daemon, 2123.Xr mrouted 8 . 2124.It Va mroute6d_enable 2125.Pq Vt bool 2126The IPv6 equivalent of 2127.Va mrouted_enable . 2128If set to 2129.Dq Li YES , 2130run the IPv6 multicast routing daemon. 2131.Pp 2132Note that multicast routing daemons are no longer included in the 2133.Fx 2134base system, however, both 2135.Xr mrouted 8 2136and 2137.Xr pim6dd 8 2138may be installed from the 2139.Fx 2140Ports Collection. 2141.It Va mrouted_flags 2142.Pq Vt str 2143If 2144.Va mrouted_enable 2145is set to 2146.Dq Li YES , 2147these are the flags to pass to the 2148.Xr mrouted 8 2149daemon. 2150.It Va mroute6d_flags 2151.Pq Vt str 2152The IPv6 equivalent of 2153.Va mrouted_flags . 2154If 2155.Va mroute6d_enable 2156is set to 2157.Dq Li YES , 2158these are the flags passed to the IPv6 multicast routing daemon. 2159.It Va mroute6d_program 2160.Pq Vt str 2161If 2162.Va mroute6d_enable 2163is set to 2164.Dq Li YES , 2165this is the path to the IPv6 multicast routing daemon. 2166.It Va rtadvd_enable 2167.Pq Vt bool 2168If set to 2169.Dq Li YES , 2170run the 2171.Xr rtadvd 8 2172daemon at boot time. 2173.Xr rtadvd 8 2174will only run if 2175.Va ipv6_gateway_enable 2176is also set to 2177.Dq Li YES . 2178The 2179.Xr rtadvd 8 2180utility sends router advertisement packets to the interfaces specified in 2181.Va rtadvd_interfaces 2182and should only be enabled with great care. 2183You may want to fine-tune 2184.Xr rtadvd.conf 5 . 2185.It Va rtadvd_interfaces 2186.Pq Vt str 2187If 2188.Va rtadvd_enable 2189is set to 2190.Dq Li YES 2191this is the list of interfaces to use. 2192.It Va ipxgateway_enable 2193.Pq Vt bool 2194If set to 2195.Dq Li YES , 2196enable the routing of IPX traffic. 2197.It Va ipxrouted_enable 2198.Pq Vt bool 2199If set to 2200.Dq Li YES , 2201run the 2202.Xr IPXrouted 8 2203daemon at system boot time. 2204.It Va ipxrouted_flags 2205.Pq Vt str 2206If 2207.Va ipxrouted_enable 2208is set to 2209.Dq Li YES , 2210these are the flags to pass to the 2211.Xr IPXrouted 8 2212daemon. 2213.It Va arpproxy_all 2214.Pq Vt bool 2215If set to 2216.Dq Li YES , 2217enable global proxy ARP. 2218.It Va forward_sourceroute 2219.Pq Vt bool 2220If set to 2221.Dq Li YES 2222and 2223.Va gateway_enable 2224is also set to 2225.Dq Li YES , 2226source-routed packets are forwarded. 2227.It Va accept_sourceroute 2228.Pq Vt bool 2229If set to 2230.Dq Li YES , 2231the system will accept source-routed packets directed at it. 2232.It Va rarpd_enable 2233.Pq Vt bool 2234If set to 2235.Dq Li YES , 2236run the 2237.Xr rarpd 8 2238daemon at system boot time. 2239.It Va rarpd_flags 2240.Pq Vt str 2241If 2242.Va rarpd_enable 2243is set to 2244.Dq Li YES , 2245these are the flags to pass to the 2246.Xr rarpd 8 2247daemon. 2248.It Va bootparamd_enable 2249.Pq Vt bool 2250If set to 2251.Dq Li YES , 2252run the 2253.Xr bootparamd 8 2254daemon at system boot time. 2255.It Va bootparamd_flags 2256.Pq Vt str 2257If 2258.Va bootparamd_enable 2259is set to 2260.Dq Li YES , 2261these are the flags to pass to the 2262.Xr bootparamd 8 2263daemon. 2264.It Va stf_interface_ipv4addr 2265.Pq Vt str 2266If not set to 2267.Dq Li NO , 2268this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 2269interface). 2270Specify this entry to enable the 6to4 interface. 2271.It Va stf_interface_ipv4plen 2272.Pq Vt int 2273Prefix length for 6to4 IPv4 addresses, to limit peer address range. 2274An effective value is 0-31. 2275.It Va stf_interface_ipv6_ifid 2276.Pq Vt str 2277IPv6 interface ID for 2278.Xr stf 4 . 2279This can be set to 2280.Dq Li AUTO . 2281.It Va stf_interface_ipv6_slaid 2282.Pq Vt str 2283IPv6 Site Level Aggregator for 2284.Xr stf 4 . 2285.It Va ipv6_faith_prefix 2286.Pq Vt str 2287If not set to 2288.Dq Li NO , 2289this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 2290translator. 2291You also need 2292.Xr faithd 8 2293setup. 2294.It Va ipv6_ipv4mapping 2295.Pq Vt bool 2296If set to 2297.Dq Li YES 2298this enables IPv4 mapped IPv6 address communication (like 2299.Li ::ffff:a.b.c.d ) . 2300.It Va atm_enable 2301.Pq Vt bool 2302Set to 2303.Dq Li YES 2304to enable the configuration of ATM interfaces at system boot time. 2305For all of the ATM variables described below, please refer to the 2306.Xr atm 8 2307manual page for further details on the available command parameters. 2308Also refer to the files in 2309.Pa /usr/share/examples/atm 2310for more detailed configuration information. 2311.It Va atm_load 2312.Pq Vt str 2313This is a list of physical ATM interface drivers to load. 2314Typical values are 2315.Dq Li hfa_pci 2316and/or 2317.Dq Li hea_pci . 2318.It Va atm_netif_ Ns Aq Ar intf 2319.Pq Vt str 2320For the ATM physical interface 2321.Ar intf , 2322this variable defines the name prefix and count for the ATM network 2323interfaces to be created. 2324The value will be passed as the parameters of an 2325.Dq Nm atm Cm "set netif" Ar intf 2326command. 2327.It Va atm_sigmgr_ Ns Aq Ar intf 2328.Pq Vt str 2329For the ATM physical interface 2330.Ar intf , 2331this variable defines the ATM signalling manager to be used. 2332The value will be passed as the parameters of an 2333.Dq Nm atm Cm attach Ar intf 2334command. 2335.It Va atm_prefix_ Ns Aq Ar intf 2336.Pq Vt str 2337For the ATM physical interface 2338.Ar intf , 2339this variable defines the NSAP prefix for interfaces using a UNI signalling 2340manager. 2341If set to 2342.Dq Li ILMI , 2343the prefix will automatically be set via the 2344.Xr ilmid 8 2345daemon. 2346Otherwise, the value will be passed as the parameters of an 2347.Dq Nm atm Cm "set prefix" Ar intf 2348command. 2349.It Va atm_macaddr_ Ns Aq Ar intf 2350.Pq Vt str 2351For the ATM physical interface 2352.Ar intf , 2353this variable defines the MAC address for interfaces using a UNI signalling 2354manager. 2355If set to 2356.Dq Li NO , 2357the hardware MAC address contained in the ATM interface card will be used. 2358Otherwise, the value will be passed as the parameters of an 2359.Dq Nm atm Cm "set mac" Ar intf 2360command. 2361.It Va atm_arpserver_ Ns Aq Ar netif 2362.Pq Vt str 2363For the ATM network interface 2364.Ar netif , 2365this variable defines the ATM address for a host which is to provide ATMARP 2366service. 2367This variable is only applicable to interfaces using a UNI signalling 2368manager. 2369If set to 2370.Dq Li local , 2371this host will become an ATMARP server. 2372The value will be passed as the parameters of an 2373.Dq Nm atm Cm "set arpserver" Ar netif 2374command. 2375.It Va atm_scsparp_ Ns Aq Ar netif 2376.Pq Vt bool 2377If set to 2378.Dq Li YES , 2379SCSP/ATMARP service for the network interface 2380.Ar netif 2381will be initiated using the 2382.Xr scspd 8 2383and 2384.Xr atmarpd 8 2385daemons. 2386This variable is only applicable if 2387.Va atm_arpserver_ Ns Aq Ar netif 2388is set to 2389.Dq Li local . 2390.It Va atm_pvcs 2391.Pq Vt str 2392Set to the list of ATM PVCs to be added at system 2393boot time. 2394For each whitespace separated 2395.Ar element 2396in the value, an 2397.Va atm_pvc_ Ns Aq Ar element 2398variable is assumed to exist. 2399The value of each of these variables 2400will be passed as the parameters of an 2401.Dq Nm atm Cm "add pvc" 2402command. 2403.It Va atm_arps 2404.Pq Vt str 2405Set to the list of permanent ATM ARP entries to be added 2406at system boot time. 2407For each whitespace separated 2408.Ar element 2409in the value, an 2410.Va atm_arp_ Ns Aq Ar element 2411variable is assumed to exist. 2412The value of each of these variables 2413will be passed as the parameters of an 2414.Dq Nm atm Cm "add arp" 2415command. 2416.It Va natm_interfaces 2417.Pq Vt str 2418Set to the list of 2419.Xr natm 4 2420interfaces that will also be used for HARP through 2421.Xr harp 4 . 2422If this list is not empty all interfaces in the list will be brought up 2423with 2424.Xr ifconfig 8 2425and 2426.Xr harp 4 2427will be loaded. 2428For this to work the interface drivers must be either compiled into the 2429kernel or must reside on the root partition. 2430.It Va keybell 2431.Pq Vt str 2432The keyboard bell sound. 2433Set to 2434.Dq Li normal , 2435.Dq Li visual , 2436.Dq Li off , 2437or 2438.Dq Li NO 2439if the default behavior is desired. 2440For details, refer to the 2441.Xr kbdcontrol 1 2442manpage. 2443.It Va keyboard 2444.Pq Vt str 2445If set to a non-null string, the virtual console's keyboard input is 2446set to this device. 2447.It Va keymap 2448.Pq Vt str 2449If set to 2450.Dq Li NO , 2451no keymap is installed, otherwise the value is used to install 2452the keymap file in 2453.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2454.It Va keyrate 2455.Pq Vt str 2456The keyboard repeat speed. 2457Set to 2458.Dq Li slow , 2459.Dq Li normal , 2460.Dq Li fast , 2461or 2462.Dq Li NO 2463if the default behavior is desired. 2464.It Va keychange 2465.Pq Vt str 2466If not set to 2467.Dq Li NO , 2468attempt to program the function keys with the value. 2469The value should 2470be a single string of the form: 2471.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2472.It Va cursor 2473.Pq Vt str 2474Can be set to the value of 2475.Dq Li normal , 2476.Dq Li blink , 2477.Dq Li destructive , 2478or 2479.Dq Li NO 2480to set the cursor behavior explicitly or choose the default behavior. 2481.It Va scrnmap 2482.Pq Vt str 2483If set to 2484.Dq Li NO , 2485no screen map is installed, otherwise the value is used to install 2486the screen map file in 2487.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2488.It Va font8x16 2489.Pq Vt str 2490If set to 2491.Dq Li NO , 2492the default 8x16 font value is used for screen size requests, otherwise 2493the value in 2494.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2495is used. 2496.It Va font8x14 2497.Pq Vt str 2498If set to 2499.Dq Li NO , 2500the default 8x14 font value is used for screen size requests, otherwise 2501the value in 2502.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2503is used. 2504.It Va font8x8 2505.Pq Vt str 2506If set to 2507.Dq Li NO , 2508the default 8x8 font value is used for screen size requests, otherwise 2509the value in 2510.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2511is used. 2512.It Va blanktime 2513.Pq Vt int 2514If set to 2515.Dq Li NO , 2516the default screen blanking interval is used, otherwise it is set 2517to 2518.Ar value 2519seconds. 2520.It Va saver 2521.Pq Vt str 2522If not set to 2523.Dq Li NO , 2524this is the actual screen saver to use 2525.Li ( blank , snake , daemon , 2526etc). 2527.It Va moused_nondefault_enable 2528.Pq Vt str 2529If set to 2530.Dq Li NO , 2531the mouse device specified on 2532the command line is not automatically treated as enabled by the 2533.Pa /etc/rc.d/moused 2534script. 2535Having this variable set to 2536.Dq Li YES 2537allows a 2538.Xr usb 4 2539mouse, 2540for example, 2541to be enabled as soon as it is plugged in. 2542.It Va moused_enable 2543.Pq Vt str 2544If set to 2545.Dq Li YES , 2546the 2547.Xr moused 8 2548daemon is started for doing cut/paste selection on the console. 2549.It Va moused_type 2550.Pq Vt str 2551This is the protocol type of the mouse connected to this host. 2552This variable must be set if 2553.Va moused_enable 2554is set to 2555.Dq Li YES . 2556The 2557.Xr moused 8 2558daemon 2559is able to detect the appropriate mouse type automatically in many cases. 2560Set this variable to 2561.Dq Li auto 2562to let the daemon detect it, or 2563select one from the following list if the automatic detection fails. 2564.Pp 2565If the mouse is attached to the PS/2 mouse port, choose 2566.Dq Li auto 2567or 2568.Dq Li ps/2 , 2569regardless of the brand and model of the mouse. 2570Likewise, if the 2571mouse is attached to the bus mouse port, choose 2572.Dq Li auto 2573or 2574.Dq Li busmouse . 2575All other protocols are for serial mice and will not work with 2576the PS/2 and bus mice. 2577If this is a USB mouse, 2578.Dq Li auto 2579is the only protocol type which will work. 2580.Pp 2581.Bl -tag -width ".Li x10mouseremote" -compact 2582.It Li microsoft 2583Microsoft mouse (serial) 2584.It Li intellimouse 2585Microsoft IntelliMouse (serial) 2586.It Li mousesystems 2587Mouse systems Corp.\& mouse (serial) 2588.It Li mmseries 2589MM Series mouse (serial) 2590.It Li logitech 2591Logitech mouse (serial) 2592.It Li busmouse 2593A bus mouse 2594.It Li mouseman 2595Logitech MouseMan and TrackMan (serial) 2596.It Li glidepoint 2597ALPS GlidePoint (serial) 2598.It Li thinkingmouse 2599Kensington ThinkingMouse (serial) 2600.It Li ps/2 2601PS/2 mouse 2602.It Li mmhittab 2603MM HitTablet (serial) 2604.It Li x10mouseremote 2605X10 MouseRemote (serial) 2606.It Li versapad 2607Interlink VersaPad (serial) 2608.El 2609.Pp 2610Even if the mouse is not in the above list, it may be compatible 2611with one in the list. 2612Refer to the manual page for 2613.Xr moused 8 2614for compatibility information. 2615.Pp 2616It should also be noted that while this is enabled, any 2617other client of the mouse (such as an X server) should access 2618the mouse through the virtual mouse device, 2619.Pa /dev/sysmouse , 2620and configure it as a 2621.Dq Li sysmouse 2622type mouse, since all 2623mouse data is converted to this single canonical format when 2624using 2625.Xr moused 8 . 2626If the client program does not support the 2627.Dq Li sysmouse 2628type, 2629specify the 2630.Dq Li mousesystems 2631type. 2632It is the second preferred type. 2633.It Va moused_port 2634.Pq Vt str 2635If 2636.Va moused_enable 2637is set to 2638.Dq Li YES , 2639this is the actual port the mouse is on. 2640It might be 2641.Pa /dev/cuad0 2642for a COM1 serial mouse, 2643.Pa /dev/psm0 2644for a PS/2 mouse or 2645.Pa /dev/mse0 2646for a bus mouse, for example. 2647.It Va moused_flags 2648.Pq Vt str 2649If 2650.Va moused_type 2651is set, these are the additional flags to pass to the 2652.Xr moused 8 2653daemon. 2654.It Va mousechar_start 2655.Pq Vt int 2656If set to 2657.Dq Li NO , 2658the default mouse cursor character range 2659.Li 0xd0 Ns - Ns Li 0xd3 2660is used, 2661otherwise the range start is set 2662to 2663.Ar value 2664character, see 2665.Xr vidcontrol 1 . 2666Use if the default range is occupied in the language code table. 2667.It Va allscreens_flags 2668.Pq Vt str 2669If set, 2670.Xr vidcontrol 1 2671is run with these options for each of the virtual terminals 2672.Pq Pa /dev/ttyv* . 2673For example, 2674.Dq Fl m Cm on 2675will enable the mouse pointer on all virtual terminals 2676if 2677.Va moused_enable 2678is set to 2679.Dq Li YES . 2680.It Va allscreens_kbdflags 2681.Pq Vt str 2682If set, 2683.Xr kbdcontrol 1 2684is run with these options for each of the virtual terminals 2685.Pq Pa /dev/ttyv* . 2686For example, 2687.Dq Fl h Li 200 2688will set the 2689.Xr syscons 4 2690scrollback (history) buffer to 200 lines. 2691.It Va cron_enable 2692.Pq Vt bool 2693If set to 2694.Dq Li YES , 2695run the 2696.Xr cron 8 2697daemon at system boot time. 2698.It Va cron_program 2699.Pq Vt str 2700Path to 2701.Xr cron 8 2702(default 2703.Pa /usr/sbin/cron ) . 2704.It Va cron_flags 2705.Pq Vt str 2706If 2707.Va cron_enable 2708is set to 2709.Dq Li YES , 2710these are the flags to pass to 2711.Xr cron 8 . 2712.It Va cron_dst 2713.Pq Vt bool 2714If set to 2715.Dq Li YES , 2716enable the special handling of transitions to and from the 2717Daylight Saving Time in 2718.Xr cron 8 2719(equivalent to using the flag 2720.Fl s ) . 2721.It Va lpd_program 2722.Pq Vt str 2723Path to 2724.Xr lpd 8 2725(default 2726.Pa /usr/sbin/lpd ) . 2727.It Va lpd_enable 2728.Pq Vt bool 2729If set to 2730.Dq Li YES , 2731run the 2732.Xr lpd 8 2733daemon at system boot time. 2734.It Va lpd_flags 2735.Pq Vt str 2736If 2737.Va lpd_enable 2738is set to 2739.Dq Li YES , 2740these are the flags to pass to the 2741.Xr lpd 8 2742daemon. 2743.It Va chkprintcap_enable 2744.Pq Vt bool 2745If set to 2746.Dq Li YES , 2747run the 2748.Xr chkprintcap 8 2749command before starting the 2750.Xr lpd 8 2751daemon. 2752.It Va chkprintcap_flags 2753.Pq Vt str 2754If 2755.Va lpd_enable 2756and 2757.Va chkprintcap_enable 2758are set to 2759.Dq Li YES , 2760these are the flags to pass to the 2761.Xr chkprintcap 8 2762program. 2763The default is 2764.Dq Li -d , 2765which causes missing directories to be created. 2766.It Va mta_start_script 2767.Pq Vt str 2768This variable specifies the full path to the script to run to start 2769a mail transfer agent. 2770The default is 2771.Pa /etc/rc.sendmail . 2772The 2773.Va sendmail_* 2774variables which 2775.Pa /etc/rc.sendmail 2776uses are documented in the 2777.Xr rc.sendmail 8 2778manual page. 2779.It Va dumpdev 2780.Pq Vt str 2781Indicates the device (usually a swap partition) to which a crash dump 2782should be written in the event of a system crash. 2783If the value of this variable is 2784.Dq Li AUTO , 2785the first suitable swap device listed in 2786.Pa /etc/fstab 2787will be used as dump device. 2788Otherwise, the value of this variable is passed as the argument to 2789.Xr dumpon 8 . 2790To disable crash dumps, set this variable to 2791.Dq Li NO . 2792.It Va dumpdir 2793.Pq Vt str 2794When the system reboots after a crash and a crash dump is found on the 2795device specified by the 2796.Va dumpdev 2797variable, 2798.Xr savecore 8 2799will save that crash dump and a copy of the kernel to the directory 2800specified by the 2801.Va dumpdir 2802variable. 2803The default value is 2804.Pa /var/crash . 2805Set to 2806.Dq Li NO 2807to not run 2808.Xr savecore 8 2809at boot time when 2810.Va dumpdir 2811is set. 2812.It Va savecore_flags 2813.Pq Vt str 2814If crash dumps are enabled, these are the flags to pass to the 2815.Xr savecore 8 2816utility. 2817.It Va enable_quotas 2818.Pq Vt bool 2819Set to 2820.Dq Li YES 2821to turn on user and group disk quotas on system startup via the 2822.Xr quotaon 8 2823command for all file systems marked as having quotas enabled in 2824.Pa /etc/fstab . 2825The kernel must be built with 2826.Cd "options QUOTA" 2827for disk quotas to function. 2828.It Va check_quotas 2829.Pq Vt bool 2830Set to 2831.Dq Li YES 2832to enable user and group disk quota checking via the 2833.Xr quotacheck 8 2834command. 2835.It Va quotacheck_flags 2836.Pq Vt str 2837If 2838.Va enable_quotas 2839is set to 2840.Dq Li YES , 2841and 2842.Va check_quotas 2843is set to 2844.Dq Li YES , 2845these are the flags to pass to the 2846.Xr quotacheck 8 2847utility. 2848The default is 2849.Dq Li "-a" , 2850which checks quotas for all file systems with quotas enabled in 2851.Pa /etc/fstab . 2852.It Va quotaon_flags 2853.Pq Vt str 2854If 2855.Va enable_quotas 2856is set to 2857.Dq Li YES , 2858these are the flags to pass to the 2859.Xr quotaon 8 2860utility. 2861The default is 2862.Dq Li "-a" , 2863which enables quotas for all file systems with quotas enabled in 2864.Pa /etc/fstab . 2865.It Va quotaoff_flags 2866.Pq Vt str 2867If 2868.Va enable_quotas 2869is set to 2870.Dq Li YES , 2871these are the flags to pass to the 2872.Xr quotaoff 8 2873utility when shutting down the quota system. 2874The default is 2875.Dq Li "-a" , 2876which disables quotas for all file systems with quotas enabled in 2877.Pa /etc/fstab . 2878.It Va accounting_enable 2879.Pq Vt bool 2880Set to 2881.Dq Li YES 2882to enable system accounting through the 2883.Xr accton 8 2884facility. 2885.It Va ibcs2_enable 2886.Pq Vt bool 2887Set to 2888.Dq Li YES 2889to enable iBCS2 (SCO) binary emulation at system initial boot 2890time. 2891.It Va ibcs2_loaders 2892.Pq Vt str 2893If not set to 2894.Dq Li NO 2895and if 2896.Va ibcs2_enable 2897is set to 2898.Dq Li YES , 2899this specifies a list of additional iBCS2 loaders to enable. 2900.It Va linux_enable 2901.Pq Vt bool 2902Set to 2903.Dq Li YES 2904to enable Linux/ELF binary emulation at system initial 2905boot time. 2906.It Va svr4_enable 2907.Pq Vt bool 2908If set to 2909.Dq Li YES , 2910enable SysVR4 emulation at boot time. 2911.It Va sysvipc_enable 2912.Pq Vt bool 2913If set to 2914.Dq Li YES , 2915load System V IPC primitives at boot time. 2916.It Va clear_tmp_enable 2917.Pq Vt bool 2918Set to 2919.Dq Li YES 2920to have 2921.Pa /tmp 2922cleaned at startup. 2923.It Va clear_tmp_X 2924.Pq Vt bool 2925Set to 2926.Dq Li NO 2927to disable removing of X11 lock files, 2928and the removal and (secure) recreation 2929of the various socket directories for X11 2930related programs. 2931.It Va ldconfig_paths 2932.Pq Vt str 2933Set to the list of shared library paths to use with 2934.Xr ldconfig 8 . 2935NOTE: 2936.Pa /usr/lib 2937will always be added first, so it need not appear in this list. 2938.It Va ldconfig32_paths 2939.Pq Vt str 2940Set to the list of 32-bit compatibility shared library paths to 2941use with 2942.Xr ldconfig 8 . 2943.It Va ldconfig_paths_aout 2944.Pq Vt str 2945Set to the list of shared library paths to use with 2946.Xr ldconfig 8 2947legacy 2948.Xr a.out 5 2949support. 2950.It Va ldconfig_insecure 2951.Pq Vt bool 2952The 2953.Xr ldconfig 8 2954utility normally refuses to use directories 2955which are writable by anyone except root. 2956Set this variable to 2957.Dq Li YES 2958to disable that security check during system startup. 2959.It Va ldconfig_local_dirs 2960.Pq Vt str 2961Set to the list of local 2962.Xr ldconfig 8 2963directories. 2964The names of all files in the directories listed will be 2965passed as arguments to 2966.Xr ldconfig 8 . 2967.It Va ldconfig_local32_dirs 2968.Pq Vt str 2969Set to the list of local 32-bit compatibility 2970.Xr ldconfig 8 2971directories. 2972The names of all files in the directories listed will be 2973passed as arguments to 2974.Dq Nm ldconfig Fl 32 . 2975.It Va kern_securelevel_enable 2976.Pq Vt bool 2977Set to 2978.Dq Li YES 2979to set the kernel security level at system startup. 2980.It Va kern_securelevel 2981.Pq Vt int 2982The kernel security level to set at startup. 2983The allowed range of 2984.Ar value 2985ranges from \-1 (the compile time default) to 3 (the 2986most secure). 2987See 2988.Xr init 8 2989for the list of possible security levels and their effect 2990on system operation. 2991.It Va sshd_program 2992.Pq Vt str 2993Path to the SSH server program 2994.Pa ( /usr/sbin/sshd 2995is the default). 2996.It Va sshd_enable 2997.Pq Vt bool 2998Set to 2999.Dq Li YES 3000to start 3001.Xr sshd 8 3002at system boot time. 3003.It Va sshd_flags 3004.Pq Vt str 3005If 3006.Va sshd_enable 3007is set to 3008.Dq Li YES , 3009these are the flags to pass to the 3010.Xr sshd 8 3011daemon. 3012.It Va ftpd_program 3013.Pq Vt str 3014Path to the FTP server program 3015.Pa ( /usr/libexec/ftpd 3016is the default). 3017.It Va ftpd_enable 3018.Pq Vt bool 3019Set to 3020.Dq Li YES 3021to start 3022.Xr ftpd 8 3023as a stand-alone daemon at system boot time. 3024.It Va ftpd_flags 3025.Pq Vt str 3026If 3027.Va ftpd_enable 3028is set to 3029.Dq Li YES , 3030these are the additional flags to pass to the 3031.Xr ftpd 8 3032daemon. 3033.It Va watchdogd_enable 3034.Pq Vt bool 3035If set to 3036.Dq Li YES , 3037start the 3038.Xr watchdogd 8 3039daemon at boot time. 3040This requires that the kernel have been compiled with a 3041.Xr watchdog 4 3042compatible device. 3043.It Va watchdogd_flags 3044.Pq Vt str 3045If 3046.Va watchdogd_enable 3047is set to 3048.Dq Li YES , 3049these are the flags passed to the 3050.Xr watchdogd 8 3051daemon. 3052.It Va performance_cx_lowest 3053.Pq Vt str 3054CPU idle state to use while on AC power. 3055The string 3056.Dq Li LOW 3057indicates that 3058.Xr acpi 4 3059should use the lowest power state available while 3060.Dq Li HIGH 3061indicates that the lowest latency state (less power savings) should be used. 3062.It Va performance_cpu_freq 3063.Pq Vt str 3064CPU clock frequency to use while on AC power. 3065The string 3066.Dq Li LOW 3067indicates that 3068.Xr cpufreq 4 3069should use the lowest frequency available while 3070.Dq Li HIGH 3071indicates that the highest frequency (less power savings) should be used. 3072.It Va economy_cx_lowest 3073.Pq Vt str 3074CPU idle state to use when off AC power. 3075The string 3076.Dq Li LOW 3077indicates that 3078.Xr acpi 4 3079should use the lowest power state available while 3080.Dq Li HIGH 3081indicates that the lowest latency state (less power savings) should be used. 3082.It Va economy_cpu_freq 3083.Pq Vt str 3084CPU clock frequency to use when off AC power. 3085The string 3086.Dq Li LOW 3087indicates that 3088.Xr cpufreq 4 3089should use the lowest frequency available while 3090.Dq Li HIGH 3091indicates that the highest frequency (less power savings) should be used. 3092.It Va jail_enable 3093.Pq Vt bool 3094If set to 3095.Dq Li NO , 3096any configured jails will not be started. 3097.It Va jail_list 3098.Pq Vt str 3099A space separated list of names for jails. 3100This is purely a configuration aid to help identify and 3101configure multiple jails. 3102The names specified in this list will be used to 3103identify settings common to an instance of a jail. 3104Assuming that the jail in question was named 3105.Li vjail , 3106you would have the following dependent variables: 3107.Bd -literal 3108jail_vjail_hostname="jail.example.com" 3109jail_vjail_ip="192.168.1.100" 3110jail_vjail_rootdir="/var/jails/vjail/root" 3111.Ed 3112.Pp 3113.It Va jail_flags 3114.Pq Vt str 3115Unset by default. 3116When set, use as default value for 3117.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3118for every jail in 3119.Va jail_list . 3120.It Va jail_interface 3121.Pq Vt str 3122Unset by default. 3123When set, use as default value for 3124.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3125for every jail in 3126.Va jail_list . 3127.It Va jail_fstab 3128.Pq Vt str 3129Unset by default. 3130When set, use as default value for 3131.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3132for every jail in 3133.Va jail_list . 3134.It Va jail_mount_enable 3135.Pq Vt bool 3136Set to 3137.Dq Li NO 3138by default. 3139When set to 3140.Dq Li YES , 3141sets 3142.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3143to 3144.Dq Li YES 3145by default for every jail in 3146.Va jail_list . 3147.It Va jail_devfs_ruleset 3148.Pq Vt str 3149Unset by default. 3150When set, sets 3151.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3152to given value for every jail in 3153.Va jail_list . 3154.It Va jail_devfs_enable 3155.Pq Vt bool 3156Set to 3157.Dq Li NO 3158by default. 3159When set to 3160.Dq Li YES , 3161sets 3162.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3163to 3164.Dq Li YES 3165by default for every jail in 3166.Va jail_list . 3167.It Va jail_fdescfs_enable 3168.Pq Vt bool 3169Set to 3170.Dq Li NO 3171by default. 3172When set to 3173.Dq Li YES , 3174sets 3175.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3176to 3177.Dq Li YES 3178by default for every jail in 3179.Va jail_list . 3180.It Va jail_procfs_enable 3181.Pq Vt bool 3182Set to 3183.Dq Li NO 3184by default. 3185When set to 3186.Dq Li YES , 3187sets 3188.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3189to 3190.Dq Li YES 3191by default for every jail in 3192.Va jail_list . 3193.It Va jail_exec_start 3194.Pq Vt str 3195Unset by default. 3196When set, use as default value for 3197.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3198for every jail in 3199.Va jail_list . 3200.It Va jail_exec_afterstart Ns Aq Ar N 3201.Pq Vt str 3202Unset by default. 3203When set, use as default value for 3204.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3205for every jail in 3206.Va jail_list . 3207.It Va jail_exec_stop 3208Unset by default. 3209When set, use as default value for 3210.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3211for every jail in 3212.Va jail_list . 3213.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 3214.Pq Vt str 3215Unset by default. 3216Set to the root directory used by jail 3217.Va jname . 3218.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 3219.Pq Vt str 3220Unset by default. 3221Set to the fully qualified domain name (FQDN) assigned to jail 3222.Va jname . 3223.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 3224.Pq Vt str 3225Unset by default. 3226Set to the IP address assigned to jail 3227.Va jname . 3228.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3229.Pq Vt str 3230Set to 3231.Dq Li -l -U root 3232by default. 3233These are flags to pass to 3234.Xr jail . 3235.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3236.Pq Vt str 3237Unset by default. 3238When set, sets the interface to use when setting IP address alias. 3239Note that the alias is created at jail startup and removed at jail shutdown. 3240.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3241.Pq Vt str 3242Set to 3243.Pa /etc/fstab. Ns Aq Ar jname 3244by default. 3245This is the file system information file to use for jail 3246.Va jname . 3247.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3248.Pq Vt bool 3249Set to 3250.Dq Li NO 3251by default. 3252When set to 3253.Dq Li YES , 3254mount all file systems from 3255.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3256at jail startup. 3257.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3258.Pq Vt str 3259Unset by default. 3260When set, defines the device file system ruleset file to use for jail 3261.Va jname . 3262.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3263.Pq Vt bool 3264Set to 3265.Dq Li NO 3266by default. 3267When set to 3268.Dq Li YES , 3269mount the device file system inside jail 3270.Ar jname 3271at jail startup. 3272.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3273.Pq Vt bool 3274Set to 3275.Dq Li NO 3276by default. 3277When set to 3278.Dq Li YES , 3279mount the file-descriptor file system inside jail 3280.Ar jname 3281at jail startup. 3282.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 3283.Pq Vt bool 3284Set to 3285.Dq Li NO 3286by default. 3287When set to 3288.Dq Li YES , 3289mount the process file system inside jail 3290.Ar jname 3291at jail startup. 3292.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3293.Pq Vt str 3294Set to 3295.Dq Li /bin/sh /etc/rc 3296by default. 3297This is the command executed at jail startup. 3298.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3299.Pq Vt str 3300Unset by default. 3301This is the command run as 3302.Ar N Ns 3303th command 3304after jail startup, where 3305.Ar N 3306is 1, 2, and so on. 3307.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3308.Pq Vt str 3309Set to 3310.Dq Li /bin/sh /etc/rc.shutdown 3311by default. 3312This is the command executed at jail shutdown. 3313.It Va jail_set_hostname_allow 3314.Pq Vt bool 3315If set to 3316.Dq Li NO , 3317do not allow the root user in a jail to set its hostname. 3318.It Va jail_socket_unixiproute_only 3319.Pq Vt bool 3320If set to 3321.Dq Li YES , 3322do not allow any sockets, 3323besides UNIX/IP/route sockets, 3324to be used within a jail. 3325.It Va jail_sysvipc_allow 3326.Pq Vt bool 3327If set to 3328.Dq Li YES , 3329allow applications within a jail to use System V IPC. 3330.\" ----- ISDN settings --------------------------------- 3331.It Va isdn_enable 3332.Pq Vt bool 3333Set to 3334.Dq Li NO 3335by default. 3336When set to 3337.Dq Li YES , 3338starts the 3339.Xr isdnd 8 3340daemon 3341at system boot time. 3342.It Va isdn_flags 3343.Pq Vt str 3344Set to 3345.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 3346by default. 3347Additional flags to pass to 3348.Xr isdnd 8 3349(but see 3350.Va isdn_fsdev 3351and 3352.Va isdn_ttype 3353for certain tunable parameters). 3354.It Va isdn_ttype 3355.Pq Vt str 3356Set to 3357.Dq Li cons25 3358by default. 3359The terminal type of the output device when 3360.Xr isdnd 8 3361operates in full-screen mode. 3362.It Va isdn_screenflags 3363.Pq Vt str 3364Set to 3365.Dq Li NO 3366by default. 3367The video mode for full-screen mode (only for 3368.Xr syscons 4 3369console driver, see 3370.Xr vidcontrol 1 3371for valid modes). 3372.It Va isdn_fsdev 3373.Pq Vt str 3374Set to 3375.Dq Li NO 3376by default. 3377The output device for 3378.Xr isdnd 8 3379in full-screen mode (or 3380.Dq Li NO 3381for daemon mode). 3382.It Va isdn_trace 3383.Pq Vt bool 3384Set to 3385.Dq Li NO 3386by default. 3387When set to 3388.Dq Li YES , 3389enables the ISDN protocol trace utility 3390.Xr isdntrace 8 3391at system boot time. 3392.It Va isdn_traceflags 3393.Pq Vt str 3394Set to 3395.Dq Fl f Pa /var/tmp/isdntrace0 3396by default. 3397Flags for 3398.Xr isdntrace 8 . 3399.\" ----------------------------------------------------- 3400.It Va harvest_interrupt 3401.Pq Vt bool 3402Set to 3403.Dq Li YES 3404to use hardware interrupts as an entropy source. 3405Refer to 3406.Xr random 4 3407for more information. 3408.It Va harvest_ethernet 3409.Pq Vt bool 3410Set to 3411.Dq Li YES 3412to use LAN traffic as an entropy source. 3413Refer to 3414.Xr random 4 3415for more information. 3416.It Va harvest_p_to_p 3417.Pq Vt bool 3418Set to 3419.Dq Li YES 3420to use serial line traffic as an entropy source. 3421Refer to 3422.Xr random 4 3423for more information. 3424.It Va entropy_dir 3425.Pq Vt str 3426Set to 3427.Dq Li NO 3428to disable caching entropy via 3429.Xr cron 8 . 3430Otherwise set to the directory used to store entropy files in. 3431.It Va entropy_file 3432.Pq Vt str 3433Set to 3434.Dq Li NO 3435to disable caching entropy through reboots. 3436Otherwise set to the filename used to store cached entropy through 3437reboots. 3438This file should be located on the root file system to seed the 3439.Xr random 4 3440device as early as possible in the boot process. 3441.It Va entropy_save_sz 3442.Pq Vt int 3443Size of the entropy cache files saved by 3444.Nm save-entropy 3445periodically. 3446.It Va entropy_save_num 3447.Pq Vt int 3448Number of entropy cache files to save by 3449.Nm save-entropy 3450periodically. 3451.It Va ipsec_enable 3452.Pq Vt bool 3453Set to 3454.Dq Li YES 3455to run 3456.Xr setkey 8 3457on 3458.Va ipsec_file 3459at boot time. 3460.It Va ipsec_file 3461.Pq Vt str 3462Configuration file for 3463.Xr setkey 8 . 3464.It Va dmesg_enable 3465.Pq Vt bool 3466Set to 3467.Dq Li YES 3468to save 3469.Xr dmesg 8 3470to 3471.Pa /var/run/dmesg.boot 3472on boot. 3473.It Va rcshutdown_timeout 3474.Pq Vt int 3475If set, start a watchdog timer in the background which will terminate 3476.Pa rc.shutdown 3477if 3478.Xr shutdown 8 3479has not completed within the specified time (in seconds). 3480Notice that in addition to this soft timeout, 3481.Xr init 8 3482also applies a hard timeout for the execution of 3483.Pa rc.shutdown . 3484This is configured via 3485.Xr sysctl 8 3486variable 3487.Va kern.init_shutdown_timeout 3488and defaults to 120 seconds. 3489Setting the value of 3490.Va rcshutdown_timeout 3491to more than 120 seconds will have no effect until the 3492.Xr sysctl 8 3493variable 3494.Va kern.init_shutdown_timeout 3495is also increased. 3496.It Va virecover_enable 3497.Pq Vt bool 3498Set to 3499.Dq Li NO 3500to prevent the system from trying to 3501recover pre-maturely terminated 3502.Xr vi 1 3503sessions. 3504.It Va ugidfw_enable 3505.Pq Vt bool 3506Set to 3507.Dq Li YES 3508to load the 3509.Xr mac_bsdextended 4 3510module upon system initialization and load a default 3511ruleset file. 3512.It Va bsdextended_script 3513.Pq Vt str 3514The default 3515.Xr mac_bsdextended 4 3516ruleset file to load. 3517The default value of this variable is 3518.Pa /etc/rc.bsdextended . 3519.It Va newsyslog_enable 3520.Pq Vt bool 3521If set to 3522.Dq Li YES , 3523run 3524.Xr newsyslog 8 3525command at startup. 3526.It Va newsyslog_flags 3527.Pq Vt str 3528If 3529.Va newsyslog_enable 3530is set to 3531.Dq Li YES , 3532these are the flags to pass to the 3533.Xr newsyslog 8 3534program. 3535The default is 3536.Dq Li -CN , 3537which causes log files flagged with a 3538.Cm C 3539to be created. 3540.It Va mdconfig_md Ns Aq Ar X 3541.Pq Vt str 3542Arguments to 3543.Xr mdconfig 8 3544for 3545.Xr md 4 3546device 3547.Ar X . 3548At minimum a 3549.Fl t Ar type 3550must be specified and either a 3551.Fl s Ar size 3552for malloc or swap backed 3553.Xr md 4 3554devices or a 3555.Fl f Ar file 3556for vnode backed 3557.Xr md 4 3558devices. 3559Note that 3560.Va mdconfig_md Ns Aq Ar X 3561variables are evaluated until one variable is unset or null. 3562.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _newfs 3563.Pq Vt str 3564Optional arguments passed to 3565.Xr newfs 8 3566to initialize 3567.Xr md 4 3568device 3569.Ar X . 3570.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _owner 3571.Pq Vt str 3572An ownership specification passed to 3573.Xr chown 8 3574after the specified 3575.Xr md 4 3576device 3577.Ar X 3578has been mounted. 3579Both the 3580.Xr md 4 3581device and the mount point will be changed. 3582.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _perms 3583.Pq Vt str 3584A mode string passed to 3585.Xr chmod 1 3586after the specified 3587.Xr md 4 3588device 3589.Ar X 3590has been mounted. 3591Both the 3592.Xr md 4 3593device and the mount point will be changed. 3594.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _files 3595.Pq Vt str 3596Files to be copied to the mount point of the 3597.Xr md 4 3598device 3599.Ar X 3600after it has been mounted. 3601.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _cmd 3602.Pq Vt str 3603Command to execute after the specified 3604.Xr md 4 3605device 3606.Ar X 3607has been mounted. 3608Note that the command is passed to 3609.Ic eval 3610and that both 3611.Va _dev 3612and 3613.Va _mp 3614variables can be used to reference respectively the 3615.Xr md 4 3616device and the mount point. 3617Assuming that the 3618.Xr md 4 3619device is 3620.Li md0 , 3621one could set the following: 3622.Bd -literal 3623mdconfig_md0_cmd="tar xfzC /var/file.tgz \e${_mp}" 3624.Ed 3625.It Va ramdisk_units 3626.Pq Vt str 3627A list of one or more ramdisk units to configure with 3628.Xr mdconfig 8 3629and 3630.Xr newfs 8 3631in time to be mounted from 3632.Xr fstab 5 . 3633Each listed unit 3634.Ar X 3635must specify at least a 3636.Ar type 3637in a 3638.Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 3639variable. 3640Note that this way to configure ramdisks has been deprecated 3641in favor of new 3642.Va mdconfig_md* 3643variables (see above). 3644.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 3645.Pq Vt str 3646Arguments to 3647.Xr mdconfig 8 3648for ramdisk 3649.Ar X . 3650At minimum a 3651.Fl t Ar type 3652must be specified, where 3653.Ar type 3654must be one of 3655.Cm malloc 3656or 3657.Cm swap . 3658.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _newfs 3659.Pq Vt str 3660Optional arguments passed to 3661.Xr newfs 8 3662to initialize ramdisk 3663.Ar X . 3664.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _owner 3665.Pq Vt str 3666An ownership specification passed to 3667.Xr chown 8 3668after the specified ramdisk unit 3669.Ar X 3670has been mounted. 3671Both the 3672.Xr md 4 3673device and the mount point will be changed. 3674.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _perms 3675.Pq Vt str 3676A mode string passed to 3677.Xr chmod 1 3678after the specified ramdisk unit 3679.Ar X 3680has been mounted. 3681Both the 3682.Xr md 4 3683device and the mount point will be changed. 3684.It Va autobridge_interfaces 3685.Pq Vt str 3686Set to the list of bridge interfaces that will have newly arriving interfaces 3687checked against to be automatically added. 3688If not set to 3689.Dq Li NO 3690then for each whitespace separated 3691.Ar element 3692in the value, a 3693.Va autobridge_ Ns Aq Ar element 3694variable is assumed to exist which has a whitespace separated list of interface 3695names to match, these names can use wildcards. 3696For example: 3697.Bd -literal 3698autobridge_interfaces="bridge0" 3699autobridge_bridge0="tap* dc0 vlan[345]" 3700.Ed 3701.It Va mixer_enable 3702.Pq Vt bool 3703If set to 3704.Dq Li YES , 3705enable support for sound mixer. 3706.El 3707.Sh FILES 3708.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 3709.It Pa /etc/defaults/rc.conf 3710.It Pa /etc/rc.conf 3711.It Pa /etc/rc.conf.local 3712.El 3713.Sh SEE ALSO 3714.Xr catman 1 , 3715.Xr chmod 1 , 3716.Xr gdb 1 , 3717.Xr info 1 , 3718.Xr kbdcontrol 1 , 3719.Xr makewhatis 1 , 3720.Xr sh 1 , 3721.Xr vi 1 , 3722.Xr vidcontrol 1 , 3723.Xr bridge 4 , 3724.Xr ip 4 , 3725.Xr ipf 4 , 3726.Xr ipfw 4 , 3727.Xr ipnat 4 , 3728.Xr kld 4 , 3729.Xr pf 4 , 3730.Xr pflog 4 , 3731.Xr pfsync 4 , 3732.Xr tcp 4 , 3733.Xr udp 4 , 3734.Xr exports 5 , 3735.Xr fstab 5 , 3736.Xr ipf 5 , 3737.Xr ipnat 5 , 3738.Xr motd 5 , 3739.Xr newsyslog.conf 5 , 3740.Xr pf.conf 5 , 3741.Xr accton 8 , 3742.Xr amd 8 , 3743.Xr apm 8 , 3744.Xr atm 8 , 3745.Xr chkprintcap 8 , 3746.Xr chown 8 , 3747.Xr cron 8 , 3748.Xr dhclient 8 , 3749.Xr ftpd 8 , 3750.Xr geli 8 , 3751.Xr ifconfig 8 , 3752.Xr inetd 8 , 3753.Xr ipf 8 , 3754.Xr ipfw 8 , 3755.Xr ipnat 8 , 3756.Xr isdnd 8 , 3757.Xr isdntrace 8 , 3758.Xr jail 8 , 3759.Xr kldxref 8 , 3760.Xr lpd 8 , 3761.Xr mdconfig 8 , 3762.Xr mdmfs 8 , 3763.Xr mixer 8 , 3764.Xr mountd 8 , 3765.Xr moused 8 , 3766.Xr mrouted 8 , 3767.Xr named 8 , 3768.Xr newfs 8 , 3769.Xr newsyslog 8 , 3770.Xr nfsd 8 , 3771.Xr ntpd 8 , 3772.Xr ntpdate 8 , 3773.Xr pfctl 8 , 3774.Xr pflogd 8 , 3775.Xr powerd 8 , 3776.Xr quotacheck 8 , 3777.Xr quotaon 8 , 3778.Xr rc 8 , 3779.Xr rc.sendmail 8 , 3780.Xr route 8 , 3781.Xr routed 8 , 3782.Xr rpcbind 8 , 3783.Xr rpc.lockd 8 , 3784.Xr rpc.statd 8 , 3785.Xr rwhod 8 , 3786.Xr savecore 8 , 3787.Xr sshd 8 , 3788.Xr swapon 8 , 3789.Xr sysctl 8 , 3790.Xr syslogd 8 , 3791.Xr timed 8 , 3792.Xr yp 8 , 3793.Xr ypbind 8 , 3794.Xr ypserv 8 , 3795.Xr ypset 8 3796.Sh HISTORY 3797The 3798.Nm 3799file appeared in 3800.Fx 2.2.2 . 3801.Sh AUTHORS 3802.An Jordan K. Hubbard . 3803