1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd March 11, 2007 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67See the 68.Va rc_conf_files 69variable below. 70.Pp 71Options are set with 72.Dq Ar name Ns Li = Ns Ar value 73assignments that use 74.Xr sh 1 75syntax. 76The following list provides a name and short description for each 77variable that can be set in the 78.Nm 79file: 80.Bl -tag -width indent-two 81.It Va rc_debug 82.Pq Vt bool 83If set to 84.Dq Li YES , 85enable output of debug messages from rc scripts. 86This variable can be helpful in diagnosing mistakes when 87editing or integrating new scripts. 88Beware that this produces copious output to the terminal and 89.Xr syslog 3 . 90.It Va rc_info 91.Pq Vt bool 92If set to 93.Dq Li NO , 94disable informational messages from the rc scripts. 95Informational messages are displayed when 96a condition that is not serious enough to warrant a warning or 97an error occurs. 98.It Va early_late_divider 99.Pq Vt str 100The name of the script that should be used as the 101delimiter between the 102.Dq early 103and 104.Dq late 105stages of the boot process. 106The early stage should contain all the services needed to 107get the disks (local or remote) mounted so that the late 108stage can include scripts contained in the directories 109listed in the 110.Va local_startup 111variable (see below). 112Thus, the two likely candidates for this value are 113.Pa mountcritlocal 114for the typical system, and 115.Pa mountcritremote 116if the system needs remote file 117systems mounted to get access to the 118.Va local_startup 119directories; for example when 120.Pa /usr/local 121is NFS mounted. 122For 123.Pa rc.conf 124within a 125.Xr jail 8 126.Pa NETWORKING 127is likely to be an appropriate value. 128Extreme care should be taken when changing this value, 129and before changing it one should ensure that there are 130adequate provisions to recover from a failed boot 131(such as physical contact with the machine, 132or reliable remote console access). 133.It Va swapfile 134.Pq Vt str 135If set to 136.Dq Li NO , 137no swapfile is installed, otherwise the value is used as the full 138pathname to a file to use for additional swap space. 139.It Va apm_enable 140.Pq Vt bool 141If set to 142.Dq Li YES , 143enable support for Automatic Power Management with 144the 145.Xr apm 8 146command. 147.It Va apmd_enable 148.Pq Vt bool 149Run 150.Xr apmd 8 151to handle APM event from userland. 152This also enables support for APM. 153.It Va apmd_flags 154.Pq Vt str 155If 156.Va apmd_enable 157is set to 158.Dq Li YES , 159these are the flags to pass to the 160.Xr apmd 8 161daemon. 162.It Va devd_enable 163.Pq Vt bool 164Run 165.Xr devd 8 166to handle device added, removed or unknown events from the kernel. 167.It Va kldxref_enable 168.Pq Vt bool 169Set to 170.Dq Li NO 171by default. 172Set to 173.Dq Li YES 174to automatically rebuild 175.Pa linker.hints 176files with 177.Xr kldxref 8 178at boot time. 179.It Va kldxref_clobber 180.Pq Vt bool 181Set to 182.Dq Li NO 183by default. 184If 185.Va kldxref_enable 186is true, 187setting to 188.Dq Li YES 189will overwrite existing 190.Pa linker.hints 191files at boot time. 192Otherwise, 193only missing 194.Pa linker.hints 195files are generated. 196.It Va kldxref_module_path 197.Pq Vt str 198Empty by default. 199A semi-colon 200.Pq Ql \&; 201delimited list of paths containing 202.Xr kld 4 203modules. 204If empty, 205the contents of the 206.Va kern.module_path 207.Xr sysctl 8 208are used. 209.It Va powerd_enable 210.Pq Vt bool 211If set to 212.Dq Li YES , 213enable the system power control facility with the 214.Xr powerd 8 215daemon. 216.It Va powerd_flags 217.Pq Vt str 218If 219.Va powerd_enable 220is set to 221.Dq Li YES , 222these are the flags to pass to the 223.Xr powerd 8 224daemon. 225.It Va tmpmfs 226Controls the creation of a 227.Pa /tmp 228memory file system. 229Always happens if set to 230.Dq Li YES 231and never happens if set to 232.Dq Li NO . 233If set to anything else, a memory file system is created if 234.Pa /tmp 235is not writable. 236.It Va tmpsize 237Controls the size of a created 238.Pa /tmp 239memory file system. 240.It Va tmpmfs_flags 241Extra options passed to the 242.Xr mdmfs 8 243utility when the memory file system for 244.Pa /tmp 245is created. 246The default is 247.Dq Li "-S" , 248which inhibits the use of softupdates on 249.Pa /tmp 250so that file system space is freed without delay 251after file truncation or deletion. 252See 253.Xr mdmfs 8 254for other options you can use in 255.Va tmpmfs_flags . 256.It Va varmfs 257Controls the creation of a 258.Pa /var 259memory file system. 260Always happens if set to 261.Dq Li YES 262and never happens if set to 263.Dq Li NO . 264If set to anything else, a memory file system is created if 265.Pa /var 266is not writable. 267.It Va varsize 268Controls the size of a created 269.Pa /var 270memory file system. 271.It Va varmfs_flags 272Extra options passed to the 273.Xr mdmfs 8 274utility when the memory file system for 275.Pa /var 276is created. 277The default is 278.Dq Li "-S" , 279which inhibits the use of softupdates on 280.Pa /var 281so that file system space is freed without delay 282after file truncation or deletion. 283See 284.Xr mdmfs 8 285for other options you can use in 286.Va varmfs_flags . 287.It Va populate_var 288Controls the automatic population of the 289.Pa /var 290file system. 291Always happens if set to 292.Dq Li YES 293and never happens if set to 294.Dq Li NO . 295If set to anything else, a memory file system is created if 296.Pa /var 297is not writable. 298Note that this process requires access to certain commands in 299.Pa /usr 300before 301.Pa /usr 302is mounted on normal systems. 303.It Va cleanvar_enable 304.Pq Vt bool 305Clean the 306.Pa /var 307directory. 308.It Va local_startup 309.Pq Vt str 310List of directories to search for startup script files. 311.It Va script_name_sep 312.Pq Vt str 313The field separator to use for breaking down the list of startup script files 314into individual filenames. 315The default is a space. 316It is not necessary to change this unless there are startup scripts with names 317containing spaces. 318.It Va hostapd_enable 319.Pq Vt bool 320Set to 321.Dq Li YES 322to start 323.Xr hostapd 8 324at system boot time. 325.It Va hostname 326.Pq Vt str 327The fully qualified domain name (FQDN) of this host on the network. 328This should almost certainly be set to something meaningful, even if 329there is no network connection. 330If 331.Xr dhclient 8 332is used to set the hostname via DHCP, 333this variable should be set to an empty string. 334.It Va ipv6_enable 335.Pq Vt bool 336Enable support for IPv6 networking. 337Note that this requires that the kernel has been compiled with 338.Cd "options INET6" . 339.It Va nisdomainname 340.Pq Vt str 341The NIS domain name of this host, or 342.Dq Li NO 343if NIS is not used. 344.It Va dhclient_program 345.Pq Vt str 346Path to the DHCP client program 347.Pa ( /sbin/dhclient , 348the 349.Ox 350DHCP client, 351is the default). 352.It Va dhclient_flags 353.Pq Vt str 354Additional flags to pass to the DHCP client program. 355For the 356.Ox 357DHCP client, see the 358.Xr dhclient 8 359manpage for a description of the command line options available. 360.It Va dhclient_flags_ Ns Aq Ar iface 361Additional flags to pass to the DHCP client program running on 362.Ar iface 363only. 364When specified, this variable overrides 365.Va dhclient_flags . 366.It Va background_dhclient 367.Pq Vt bool 368Set to 369.Dq Li YES 370to start the DHCP client in background. 371This can cause trouble with applications depending on 372a working network, but it will provide a faster startup 373in many cases. 374.It Va background_dhclient_ Ns Aq Ar iface 375When specified, this variable overrides the 376.Va background_dhclient 377variable for interface 378.Ar iface 379only. 380.It Va synchronous_dhclient 381.Pq Bt bool 382Set to 383.Dq Li NO 384to start 385.Xr dhclient 8 386only in response to interface events and not synchronously at startup. 387This behavior can be overridden on a per-interface basis by replacing 388the 389.Dq Li DHCP 390keyword in the 391.Va ifconfig_ Ns Aq Ar interface 392variable with 393.Dq Li SYNCDHCP 394or 395.Dq Li NOSYNCDHCP . 396.It Va firewall_enable 397.Pq Vt bool 398Set to 399.Dq Li YES 400to load firewall rules at startup. 401If the kernel was not built with 402.Cd "options IPFIREWALL" , 403the 404.Pa ipfw.ko 405kernel module will be loaded. 406See also 407.Va ipfilter_enable . 408.It Va ipv6_firewall_enable 409.Pq Vt bool 410The IPv6 equivalent of 411.Va firewall_enable . 412Set to 413.Dq Li YES 414to load IPv6 firewall rules at startup. 415If the kernel was not built with 416.Cd "options IPV6FIREWALL" , 417the 418.Pa ipfw.ko 419kernel module will be loaded. 420.It Va firewall_script 421.Pq Vt str 422This variable specifies the full path to the firewall script to run. 423The default is 424.Pa /etc/rc.firewall . 425.It Va ipv6_firewall_script 426.Pq Vt str 427The IPv6 equivalent of 428.Va firewall_script . 429.It Va firewall_type 430.Pq Vt str 431Names the firewall type from the selection in 432.Pa /etc/rc.firewall , 433or the file which contains the local firewall ruleset. 434Valid selections from 435.Pa /etc/rc.firewall 436are: 437.Pp 438.Bl -tag -width ".Li simple" -compact 439.It Li open 440unrestricted IP access 441.It Li closed 442all IP services disabled, except via 443.Dq Li lo0 444.It Li client 445basic protection for a workstation 446.It Li simple 447basic protection for a LAN. 448.El 449.Pp 450If a filename is specified, the full path 451must be given. 452.It Va ipv6_firewall_type 453.Pq Vt str 454The IPv6 equivalent of 455.Va firewall_type . 456.It Va firewall_quiet 457.Pq Vt bool 458Set to 459.Dq Li YES 460to disable the display of firewall rules on the console during boot. 461.It Va ipv6_firewall_quiet 462.Pq Vt bool 463The IPv6 equivalent of 464.Va firewall_quiet . 465.It Va firewall_logging 466.Pq Vt bool 467Set to 468.Dq Li YES 469to enable firewall event logging. 470This is equivalent to the 471.Dv IPFIREWALL_VERBOSE 472kernel option. 473.It Va ipv6_firewall_logging 474.Pq Vt bool 475The IPv6 equivalent of 476.Va firewall_logging . 477.It Va firewall_flags 478.Pq Vt str 479Flags passed to 480.Xr ipfw 8 481if 482.Va firewall_type 483specifies a filename. 484.It Va ipv6_firewall_flags 485.Pq Vt str 486The IPv6 equivalent of 487.Va firewall_flags . 488.It Va natd_program 489.Pq Vt str 490Path to 491.Xr natd 8 . 492.It Va natd_enable 493.Pq Vt bool 494Set to 495.Dq Li YES 496to enable 497.Xr natd 8 . 498.Va firewall_enable 499must also be set to 500.Dq Li YES , 501and 502.Xr divert 4 503sockets must be enabled in the kernel. 504If the kernel was not built with 505.Cd "options IPDIVERT" , 506the 507.Pa ipdivert.ko 508kernel module will be loaded. 509.It Va natd_interface 510.Pq Vt str 511This is the name of the public interface on which 512.Xr natd 8 513should run. 514The interface may be given as an interface name or as an IP address. 515.It Va natd_flags 516.Pq Vt str 517Additional 518.Xr natd 8 519flags should be placed here. 520The 521.Fl n 522or 523.Fl a 524flag is automatically added with the above 525.Va natd_interface 526as an argument. 527.\" ----- ipfilter_enable setting -------------------------------- 528.It Va ipfilter_enable 529.Pq Vt bool 530Set to 531.Dq Li NO 532by default. 533Setting this to 534.Dq Li YES 535enables 536.Xr ipf 8 537packet filtering. 538.Pp 539Typical usage will require putting 540.Bd -literal 541ipfilter_enable="YES" 542ipnat_enable="YES" 543ipmon_enable="YES" 544ipfs_enable="YES" 545.Ed 546.Pp 547into 548.Pa /etc/rc.conf 549and editing 550.Pa /etc/ipf.rules 551and 552.Pa /etc/ipnat.rules 553appropriately. 554.Pp 555Note that 556.Va ipfilter_enable 557and 558.Va ipnat_enable 559can be enabled independently. 560.Va ipmon_enable 561and 562.Va ipfs_enable 563both require at least one of 564.Va ipfilter_enable 565and 566.Va ipnat_enable 567to be enabled. 568.Pp 569Having 570.Bd -literal 571options IPFILTER 572options IPFILTER_LOG 573options IPFILTER_DEFAULT_BLOCK 574.Ed 575.Pp 576in the kernel configuration file is a good idea, too. 577.\" ----- ipfilter_program setting ------------------------------ 578.It Va ipfilter_program 579.Pq Vt str 580Path to 581.Xr ipf 8 582(default 583.Pa /sbin/ipf ) . 584.\" ----- ipfilter_rules setting -------------------------------- 585.It Va ipfilter_rules 586.Pq Vt str 587Set to 588.Pa /etc/ipf.rules 589by default. 590This variable contains the name of the filter rule definition file. 591The file is expected to be readable for the 592.Xr ipf 8 593command to execute. 594.\" ----- ipv6_ipfilter_rules setting --------------------------- 595.It Va ipv6_ipfilter_rules 596.Pq Vt str 597Set to 598.Pa /etc/ipf6.rules 599by default. 600This variable contains the IPv6 filter rule definition file. 601The file is expected to be readable for the 602.Xr ipf 8 603command to execute. 604.\" ----- ipfilter_flags setting -------------------------------- 605.It Va ipfilter_flags 606.Pq Vt str 607Empty by default. 608This variable contains flags passed to the 609.Xr ipf 8 610program. 611.\" ----- ipnat_enable setting ---------------------------------- 612.It Va ipnat_enable 613.Pq Vt bool 614Set to 615.Dq Li NO 616by default. 617Set it to 618.Dq Li YES 619to enable 620.Xr ipnat 8 621network address translation. 622See 623.Va ipfilter_enable 624for a detailed discussion. 625.\" ----- ipnat_program setting --------------------------------- 626.It Va ipnat_program 627.Pq Vt str 628Path to 629.Xr ipnat 8 630(default 631.Pa /sbin/ipnat ) . 632.\" ----- ipnat_rules setting ----------------------------------- 633.It Va ipnat_rules 634.Pq Vt str 635Set to 636.Pa /etc/ipnat.rules 637by default. 638This variable contains the name of the file 639holding the network address translation definition. 640This file is expected to be readable for the 641.Xr ipnat 8 642command to execute. 643.\" ----- ipnat_flags setting ----------------------------------- 644.It Va ipnat_flags 645.Pq Vt str 646Empty by default. 647This variable contains flags passed to the 648.Xr ipnat 8 649program. 650.\" ----- ipmon_enable setting ---------------------------------- 651.It Va ipmon_enable 652.Pq Vt bool 653Set to 654.Dq Li NO 655by default. 656Set it to 657.Dq Li YES 658to enable 659.Xr ipmon 8 660monitoring (logging 661.Xr ipf 8 662and 663.Xr ipnat 8 664events). 665Setting this variable needs setting 666.Va ipfilter_enable 667or 668.Va ipnat_enable 669too. 670See 671.Va ipfilter_enable 672for a detailed discussion. 673.\" ----- ipmon_program setting --------------------------------- 674.It Va ipmon_program 675.Pq Vt str 676Path to 677.Xr ipmon 8 678(default 679.Pa /sbin/ipmon ) . 680.\" ----- ipmon_flags setting ----------------------------------- 681.It Va ipmon_flags 682.Pq Vt str 683Set to 684.Dq Li -Ds 685by default. 686This variable contains flags passed to the 687.Xr ipmon 8 688program. 689Another typical example would be 690.Dq Fl D Pa /var/log/ipflog 691to have 692.Xr ipmon 8 693log directly to a file bypassing 694.Xr syslogd 8 . 695Make sure to adjust 696.Pa /etc/newsyslog.conf 697in such case like this: 698.Bd -literal 699/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 700.Ed 701.\" ----- ipfs_enable setting ----------------------------------- 702.It Va ipfs_enable 703.Pq Vt bool 704Set to 705.Dq Li NO 706by default. 707Set it to 708.Dq Li YES 709to enable 710.Xr ipfs 8 711saving the filter and NAT state tables during shutdown 712and reloading them during startup again. 713Setting this variable needs setting 714.Va ipfilter_enable 715or 716.Va ipnat_enable 717to 718.Dq Li YES 719too. 720See 721.Va ipfilter_enable 722for a detailed discussion. 723Note that if 724.Va kern_securelevel 725is set to 3, 726.Va ipfs_enable 727cannot be used 728because the raised securelevel will prevent 729.Xr ipfs 8 730from saving the state tables at shutdown time. 731.\" ----- ipfs_program setting ---------------------------------- 732.It Va ipfs_program 733.Pq Vt str 734Path to 735.Xr ipfs 8 736(default 737.Pa /sbin/ipfs ) . 738.\" ----- ipfs_flags setting ------------------------------------ 739.It Va ipfs_flags 740.Pq Vt str 741Empty by default. 742This variable contains flags passed to the 743.Xr ipfs 8 744program. 745.\" ----- end of added ipf hook --------------------------------- 746.It Va pf_enable 747.Pq Vt bool 748Set to 749.Dq Li NO 750by default. 751Setting this to 752.Dq Li YES 753enables 754.Xr pf 4 755packet filtering. 756.Pp 757Typical usage will require putting 758.Pp 759.Dl pf_enable="YES" 760.Pp 761into 762.Pa /etc/rc.conf 763and editing 764.Pa /etc/pf.conf 765appropriately. 766.Pp 767.Dl "device pf" 768.Pp 769builds 770.Xr pf 4 771into the kernel. 772Otherwise it is loaded from a module. 773.It Va pf_rules 774.Pq Vt str 775Path to 776.Xr pf 4 777ruleset configuration file 778(default 779.Pa /etc/pf.conf ) . 780.It Va pf_program 781.Pq Vt str 782Path to 783.Xr pfctl 8 784(default 785.Pa /sbin/pfctl ) . 786.It Va pf_flags 787.Pq Vt str 788If 789.Va pf_enable 790is set to 791.Dq Li YES , 792these flags are passed to the 793.Xr pfctl 8 794program when loading the ruleset. 795.It Va pflog_enable 796.Pq Vt bool 797Set to 798.Dq Li NO 799by default. 800Setting this to 801.Dq Li YES 802enables 803.Xr pflogd 8 804which logs packets from the 805.Xr pf 4 806packet filter. 807.It Va pflog_logfile 808.Pq Vt str 809If 810.Va pflog_enable 811is set to 812.Dq Li YES 813this controls where 814.Xr pflogd 8 815stores the logfile 816(default 817.Pa /var/log/pflog ) . 818Check 819.Pa /etc/newsyslog.conf 820to adjust logfile rotation for this. 821.It Va pflog_program 822.Pq Vt str 823Path to 824.Xr pflogd 8 825(default 826.Pa /sbin/pflogd ) . 827.It Va pflog_flags 828.Pq Vt str 829Empty by default. 830This variable contains additional flags passed to the 831.Xr pflogd 8 832program. 833.It Va pfsync_enable 834.Pq Vt bool 835Set to 836.Dq Li NO 837by default. 838Setting this to 839.Dq Li YES 840enables exposing 841.Xr pf 4 842state changes to other hosts over the network by means of 843.Xr pfsync 4 . 844The 845.Va pfsync_syncdev 846variable 847must also be set then. 848.It Va pfsync_syncdev 849.Pq Vt str 850Empty by default. 851This variable specifies the name of the network interface 852.Xr pfsync 4 853should operate through. 854It must be set accordingly if 855.Va pfsync_enable 856is set to 857.Dq Li YES . 858.It Va pfsync_ifconfig 859.Pq Vt str 860Empty by default. 861This variable can contain additional options to be passed to the 862.Xr ifconfig 8 863command used to set up 864.Xr pfsync 4 . 865.It Va tcp_extensions 866.Pq Vt bool 867Set to 868.Dq Li YES 869by default. 870Setting this to 871.Dq Li NO 872disables certain TCP options as described by 873.Rs 874.%T "RFC 1323" 875.Re 876Setting this to 877.Dq Li NO 878might help remedy such problems with connections as randomly hanging 879or other weird behavior. 880Some network devices are known 881to be broken with respect to these options. 882.It Va log_in_vain 883.Pq Vt int 884Set to 0 by default. 885The 886.Xr sysctl 8 887variables, 888.Va net.inet.tcp.log_in_vain 889and 890.Va net.inet.udp.log_in_vain , 891as described in 892.Xr tcp 4 893and 894.Xr udp 4 , 895are set to the given value. 896.It Va tcp_keepalive 897.Pq Vt bool 898Set to 899.Dq Li YES 900by default. 901Setting to 902.Dq Li NO 903will disable probing idle TCP connections to verify that the 904peer is still up and reachable. 905.It Va tcp_drop_synfin 906.Pq Vt bool 907Set to 908.Dq Li NO 909by default. 910Setting to 911.Dq Li YES 912will cause the kernel to ignore TCP frames that have both 913the SYN and FIN flags set. 914This prevents OS fingerprinting, but may 915break some legitimate applications. 916This option is only available if the 917kernel was built with the 918.Dv TCP_DROP_SYNFIN 919option. 920.It Va icmp_drop_redirect 921.Pq Vt bool 922Set to 923.Dq Li NO 924by default. 925Setting to 926.Dq Li YES 927will cause the kernel to ignore ICMP REDIRECT packets. 928Refer to 929.Xr icmp 4 930for more information. 931.It Va icmp_log_redirect 932.Pq Vt bool 933Set to 934.Dq Li NO 935by default. 936Setting to 937.Dq Li YES 938will cause the kernel to log ICMP REDIRECT packets. 939Note that 940the log messages are not rate-limited, so this option should only be used 941for troubleshooting networks. 942Refer to 943.Xr icmp 4 944for more information. 945.It Va icmp_bmcastecho 946.Pq Vt bool 947Set to 948.Dq Li YES 949to respond to broadcast or multicast ICMP ping packets. 950Refer to 951.Xr icmp 4 952for more information. 953.It Va ip_portrange_first 954.Pq Vt int 955If not set to 956.Dq Li NO , 957this is the first port in the default portrange. 958Refer to 959.Xr ip 4 960for more information. 961.It Va ip_portrange_last 962.Pq Vt int 963If not set to 964.Dq Li NO , 965this is the last port in the default portrange. 966Refer to 967.Xr ip 4 968for more information. 969.It Va network_interfaces 970.Pq Vt str 971Set to the list of network interfaces to configure on this host or 972.Dq Li AUTO 973(the default) for all current interfaces. 974Setting the 975.Va network_interfaces 976variable to anything other than the default is deprecated. 977Interfaces that the administrator wishes to store configuration for, 978but not start at boot should be configured with the 979.Dq Li NOAUTO 980keyword in their 981.Va ifconfig_ Ns Aq Ar interface 982variables as described below. 983.Pp 984An 985.Va ifconfig_ Ns Aq Ar interface 986variable is also assumed to exist for each value of 987.Ar interface . 988When an interface name contains any of the characters 989.Dq Li .-/+ 990they are translated to 991.Dq Li _ 992before lookup. 993The variable can contain arguments to 994.Xr ifconfig 8 , 995as well as special case-insensitive keywords described below. 996Such keywords are removed before passing the value to 997.Xr ifconfig 8 998while the order of the other arguments is preserved. 999.Pp 1000One can configure more than one IPv4 address with the 1001.Va ipv4_addrs_ Ns Aq Ar interface 1002variable. 1003One or more IP addresses must be provided in Classless Inter-Domain 1004Routing (CIDR) address notation, whose last byte can be a range like 1005192.168.0.5-23/24. 1006In this case the address 192.168.0.5 will be configured with the 1007netmask /24 and the addresses 192.168.0.6 to 192.168.0.23 with 1008the non-conflicting netmask /32 as explained in the 1009.Xr ifconfig 8 1010alias section. 1011With the interface in question being 1012.Li ed0 , 1013an example could look like: 1014.Bd -literal 1015ipv4_addrs_ed0="192.168.0.1/24 192.168.1.1-5/28" 1016.Ed 1017.Pp 1018It is also possible to add IP alias entries using 1019.Xr ifconfig 8 1020syntax. 1021Assuming that the interface in question was 1022.Li ed0 , 1023it might look 1024something like this: 1025.Bd -literal 1026ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 1027ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 1028.Ed 1029.Pp 1030And so on. 1031For each 1032.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1033entry that is found, 1034its contents are passed to 1035.Xr ifconfig 8 . 1036Execution stops at the first unsuccessful access, so if 1037something like this is present: 1038.Bd -literal 1039ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 1040ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 1041ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 1042ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 1043.Ed 1044.Pp 1045Then note that alias4 would 1046.Em not 1047be added since the search would 1048stop with the missing 1049.Dq Li alias3 1050entry. 1051Due to this difficult to manage behavior, the 1052.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1053form is deprecated. 1054.Pp 1055If the 1056.Pa /etc/start_if. Ns Aq Ar interface 1057file is present, it is read and executed by the 1058.Xr sh 1 1059interpreter 1060before configuring the interface as specified in the 1061.Va ifconfig_ Ns Aq Ar interface 1062and 1063.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1064variables. 1065.Pp 1066If the 1067.Va ifconfig_ Ns Aq Ar interface 1068contains the keyword 1069.Dq Li NOAUTO 1070then the interface will not be configured 1071at boot or by 1072.Pa /etc/pccard_ether 1073when 1074.Va network_interfaces 1075is set to 1076.Dq Li AUTO . 1077.Pp 1078It is possible to bring up an interface with DHCP by adding 1079.Dq Li DHCP 1080to the 1081.Va ifconfig_ Ns Aq Ar interface 1082variable. 1083For instance, to initialize the 1084.Li ed0 1085device via DHCP, 1086it is possible to use something like: 1087.Bd -literal 1088ifconfig_ed0="DHCP" 1089.Ed 1090.Pp 1091Also, if your interface needs WPA authentication, it is possible to add 1092.Dq Li WPA 1093to the 1094.Va ifconfig_ Ns Aq Ar interface 1095variable. 1096.Pp 1097Finally, you can add 1098.Xr ifconfig 8 1099options in this variable, in addition to the 1100.Pa /etc/start_if. Ns Aq Ar interface 1101file. 1102For instance, to initialize the 1103.Li wi0 1104device via DHCP, using WPA authentication and 802.11b mode, it is 1105possible to use something like: 1106.Bd -literal 1107ifconfig_wi0="DHCP WPA mode 11b" 1108.Ed 1109.Pp 1110In addition to the 1111.Va ifconfig_ Ns Aq Ar interface 1112form, a fallback variable 1113.Va ifconfig_DEFAULT 1114may be configured. 1115It will be used for all interfaces with no 1116.Va ifconfig_ Ns Aq Ar interface 1117variable. 1118This is intended to replace the no longer supported 1119.Va pccard_ifconfig 1120variable. 1121.Pp 1122It is also possible to rename interface by doing: 1123.Bd -literal 1124ifconfig_ed0_name="net0" 1125ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 1126.Ed 1127.It Va ipv6_network_interfaces 1128.Pq Vt str 1129This is the IPv6 equivalent of 1130.Va network_interfaces . 1131Instead of setting the ifconfig variables as 1132.Va ifconfig_ Ns Aq Ar interface 1133they should be set as 1134.Va ipv6_ifconfig_ Ns Aq Ar interface . 1135Aliases should be set as 1136.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 1137.Va ipv6_prefix_ Ns Aq Ar interface 1138does something. 1139Interfaces that do not have a 1140.Va ipv6_ifconfig_ Ns Aq Ar interface 1141setting will be auto configured by 1142.Xr rtsol 8 1143if the 1144.Va ipv6_gateway_enable 1145is set to 1146.Dq Li NO . 1147Note that the IPv6 networking code does not support the 1148.Pa /etc/start_if. Ns Aq Ar interface 1149files. 1150.It Va ipv6_default_interface 1151.Pq Vt str 1152If not set to 1153.Dq Li NO , 1154this is the default output interface for scoped addresses. 1155Now this works only for IPv6 link local multicast addresses. 1156.It Va cloned_interfaces 1157.Pq Vt str 1158Set to the list of clonable network interfaces to create on this host. 1159Entries in 1160.Va cloned_interfaces 1161are automatically appended to 1162.Va network_interfaces 1163for configuration. 1164.It Va fec_interfaces 1165.Pq Vt str 1166Set to the list of 1167.Xr ng_fec 4 1168Fast EtherChannel interfaces to configure on this host. 1169A 1170.Va fecconfig_ Ns Aq Ar interface 1171variable is assumed to exist for each value of 1172.Ar interface . 1173The value of this variable is used to configure link aggregated interfaces 1174according to the syntax of the 1175.Cm NGM_FEC_ADD_IFACE 1176to 1177.Xr ngctl 8 1178msg. 1179Additionally, this option ensures that each listed interface is created 1180via the 1181.Cm mkpeer 1182command to 1183.Xr ngctl 8 1184before attempting to configure it. 1185For example: 1186.Bd -literal 1187fec_interfaces="fec0" 1188fecconfig_fec0="em0 em1" 1189ifconfig_fec0="DHCP" 1190.Ed 1191.It Va gif_interfaces 1192.Pq Vt str 1193Set to the list of 1194.Xr gif 4 1195tunnel interfaces to configure on this host. 1196A 1197.Va gifconfig_ Ns Aq Ar interface 1198variable is assumed to exist for each value of 1199.Ar interface . 1200The value of this variable is used to configure the link layer of the 1201tunnel according to the syntax of the 1202.Cm tunnel 1203option to 1204.Xr ifconfig 8 . 1205Additionally, this option ensures that each listed interface is created 1206via the 1207.Cm create 1208option to 1209.Xr ifconfig 8 1210before attempting to configure it. 1211.It Va sppp_interfaces 1212.Pq Vt str 1213Set to the list of 1214.Xr sppp 4 1215interfaces to configure on this host. 1216A 1217.Va spppconfig_ Ns Aq Ar interface 1218variable is assumed to exist for each value of 1219.Ar interface . 1220Each interface should also be configured by a general 1221.Va ifconfig_ Ns Aq Ar interface 1222setting. 1223Refer to 1224.Xr spppcontrol 8 1225for more information about available options. 1226.It Va ppp_enable 1227.Pq Vt bool 1228If set to 1229.Dq Li YES , 1230run the 1231.Xr ppp 8 1232daemon. 1233.It Va ppp_mode 1234.Pq Vt str 1235Mode in which to run the 1236.Xr ppp 8 1237daemon. 1238Accepted modes are 1239.Dq Li auto , 1240.Dq Li ddial , 1241.Dq Li direct 1242and 1243.Dq Li dedicated . 1244See the manual for a full description. 1245.It Va ppp_nat 1246.Pq Vt bool 1247If set to 1248.Dq Li YES , 1249enables network address translation. 1250Used in conjunction with 1251.Va gateway_enable 1252allows hosts on private network addresses access to the Internet using 1253this host as a network address translating router. 1254.It Va ppp_profile 1255.Pq Vt str 1256The name of the profile to use from 1257.Pa /etc/ppp/ppp.conf . 1258.It Va ppp_user 1259.Pq Vt str 1260The name of the user under which 1261.Xr ppp 8 1262should be started. 1263By 1264default, 1265.Xr ppp 8 1266is started as 1267.Dq Li root . 1268.It Va rc_conf_files 1269.Pq Vt str 1270This option is used to specify a list of files that will override 1271the settings in 1272.Pa /etc/defaults/rc.conf . 1273The files will be read in the order in which they are specified and should 1274include the full path to the file. 1275By default, the files specified are 1276.Pa /etc/rc.conf 1277and 1278.Pa /etc/rc.conf.local 1279.It Va gbde_autoattach_all 1280.Pq Vt bool 1281If set to 1282.Dq Li YES , 1283.Pa /etc/rc.d/gbde 1284will attempt to automatically initialize your .bde devices in 1285.Pa /etc/fstab . 1286.It Va gbde_devices 1287.Pq Vt str 1288List the devices that the script should try to attach, 1289or 1290.Dq Li AUTO . 1291.It Va gbde_lockdir 1292.Pq Vt str 1293The directory where the 1294.Xr gbde 4 1295lockfiles are located. 1296The default lockfile directory is 1297.Pa /etc . 1298.Pp 1299The lockfile for each individual 1300.Xr gbde 4 1301device can be overridden by setting the variable 1302.Va gbde_lock_ Ns Aq Ar device , 1303where 1304.Ar device 1305is the encrypted device without the 1306.Dq Pa /dev/ 1307and 1308.Dq Pa .bde 1309parts. 1310.It Va gbde_attach_attempts 1311.Pq Vt int 1312Number of times to attempt attaching to a 1313.Xr gbde 4 1314device, i.e., how many times the user is asked for the pass-phrase. 1315Default is 3. 1316.It Va geli_devices 1317.Pq Vt str 1318List of devices to automatically attach on boot. 1319Note that .eli devices from 1320.Pa /etc/fstab 1321are automatically appended to this list. 1322.It Va geli_tries 1323.Pq Vt int 1324Number of times user is asked for the pass-phrase. 1325If empty, it will be taken from 1326.Va kern.geom.eli.tries 1327sysctl variable. 1328.It Va geli_default_flags 1329.Pq Vt str 1330Default flags to use by 1331.Xr geli 8 1332when configuring disk encryption. 1333Flags can be configured for every device separately by defining 1334.Va geli_ Ns Ao Ar device Ac Ns Va _flags 1335variable. 1336.It Va geli_autodetach 1337.Pq Vt str 1338Specifies if GELI devices should be marked for detach on last close after 1339file systems are mounted. 1340Default is 1341.Dq Li YES . 1342This can be changed for every device separately by defining 1343.Va geli_ Ns Ao Ar device Ac Ns Va _autodetach 1344variable. 1345.It Va geli_swap_flags 1346Options passed to the 1347.Xr geli 8 1348utility when encrypted GEOM providers for swap partitions are created. 1349The default is 1350.Dq Li "-a aes -l 256 -s 4096 -d" . 1351.It Va root_rw_mount 1352.Pq Vt bool 1353Set to 1354.Dq Li YES 1355by default. 1356After the file systems are checked at boot time, the root file system 1357is remounted as read-write if this is set to 1358.Dq Li YES . 1359Diskless systems that mount their root file system from a read-only remote 1360NFS share should set this to 1361.Dq Li NO 1362in their 1363.Pa rc.conf . 1364.It Va fsck_y_enable 1365.Pq Vt bool 1366If set to 1367.Dq Li YES , 1368.Xr fsck 8 1369will be run with the 1370.Fl y 1371flag if the initial preen 1372of the file systems fails. 1373.It Va background_fsck 1374.Pq Vt bool 1375If set to 1376.Dq Li YES , 1377the system will attempt to run 1378.Xr fsck 8 1379in the background where possible. 1380.It Va background_fsck_delay 1381.Pq Vt int 1382The amount of time in seconds to sleep before starting a background 1383.Xr fsck 8 . 1384It defaults to sixty seconds to allow large applications such as 1385the X server to start before disk I/O bandwidth is monopolized by 1386.Xr fsck 8 . 1387If set to a negative number, the background file system check will be 1388delayed indefinitely to allow the administrator to run it at a more 1389convenient time. 1390For example it may be run from 1391.Xr cron 8 1392by adding a line like 1393.Pp 1394.Dl "0 4 * * * root /etc/rc.d/bgfsck forcestart" 1395.Pp 1396to 1397.Pa /etc/crontab . 1398.It Va netfs_types 1399.Pq Vt str 1400List of file system types that are network-based. 1401This list should generally not be modified by end users. 1402Use 1403.Va extra_netfs_types 1404instead. 1405.It Va extra_netfs_types 1406.Pq Vt str 1407If set to something other than 1408.Dq Li NO 1409(the default), 1410this variable extends the list of file system types 1411for which automatic mounting at startup by 1412.Xr rc 8 1413should be delayed until the network is initialized. 1414It should contain 1415a whitespace-separated list of network file system descriptor pairs, 1416each consisting of a file system type as passed to 1417.Xr mount 8 1418and a human-readable, one-word description, 1419joined with a colon 1420.Pq Ql \&: . 1421Extending the default list in this way is only necessary 1422when third party file system types are used. 1423.It Va syslogd_enable 1424.Pq Vt bool 1425If set to 1426.Dq Li YES , 1427run the 1428.Xr syslogd 8 1429daemon. 1430.It Va syslogd_program 1431.Pq Vt str 1432Path to 1433.Xr syslogd 8 1434(default 1435.Pa /usr/sbin/syslogd ) . 1436.It Va syslogd_flags 1437.Pq Vt str 1438If 1439.Va syslogd_enable 1440is set to 1441.Dq Li YES , 1442these are the flags to pass to 1443.Xr syslogd 8 . 1444.It Va inetd_enable 1445.Pq Vt bool 1446If set to 1447.Dq Li YES , 1448run the 1449.Xr inetd 8 1450daemon. 1451.It Va inetd_program 1452.Pq Vt str 1453Path to 1454.Xr inetd 8 1455(default 1456.Pa /usr/sbin/inetd ) . 1457.It Va inetd_flags 1458.Pq Vt str 1459If 1460.Va inetd_enable 1461is set to 1462.Dq Li YES , 1463these are the flags to pass to 1464.Xr inetd 8 . 1465.It Va named_enable 1466.Pq Vt bool 1467If set to 1468.Dq Li YES , 1469run the 1470.Xr named 8 1471daemon. 1472.It Va named_program 1473.Pq Vt str 1474Path to 1475.Xr named 8 1476(default 1477.Pa /usr/sbin/named ) . 1478.It Va named_flags 1479.Pq Vt str 1480If 1481.Va named_enable 1482is set to 1483.Dq Li YES , 1484these are the flags to pass to 1485.Xr named 8 . 1486.It Va named_pidfile 1487.Pq Vt str 1488This is the default path to the 1489.Xr named 8 1490daemon's PID file. 1491This must match the location in 1492.Xr named.conf 5 . 1493.It Va named_uid 1494.Pq Vt str 1495The user that the 1496.Xr named 8 1497process should be run as. 1498.It Va named_chrootdir 1499.Pq Vt str 1500The root directory for a name server run in a 1501.Xr chroot 8 1502environment (default 1503.Pa /var/named ) . 1504If left empty 1505.Xr named 8 1506will not be run in a 1507.Xr chroot 8 1508environment. 1509.It Va named_chroot_autoupdate 1510.Pq Vt bool 1511Set to 1512.Dq Li NO 1513to disable automatic update of the 1514.Xr chroot 8 1515environment. 1516.It Va named_symlink_enable 1517.Pq Vt bool 1518Set to 1519.Dq Li NO 1520to disable symlinking of 1521daemon's PID file 1522into the 1523.Xr chroot 8 1524environment. 1525.It Va kerberos5_server_enable 1526.Pq Vt bool 1527Set to 1528.Dq Li YES 1529to start a Kerberos 5 authentication server 1530at boot time. 1531.It Va kerberos5_server 1532.Pq Vt str 1533If 1534.Va kerberos5_server_enable 1535is set to 1536.Dq Li YES 1537this is the path to Kerberos 5 Authentication Server. 1538.It Va kerberos5_server_flags 1539.Pq Vt str 1540Empty by default. 1541This variable contains additional flags to be passed to the Kerberos 5 1542authentication server. 1543.It Va kadmind5_server_enable 1544.Pq Vt bool 1545Set to 1546.Dq Li YES 1547to start 1548.Xr kadmind 8 , 1549the Kerberos 5 Administration Daemon; set to 1550.Dq Li NO 1551on a slave server. 1552.It Va kadmind5_server 1553.Pq Vt str 1554If 1555.Va kadmind5_server_enable 1556is set to 1557.Dq Li YES 1558this is the path to Kerberos 5 Administration Daemon. 1559.It Va kpasswdd_server_enable 1560.Pq Vt bool 1561Set to 1562.Dq Li YES 1563to start 1564.Xr kpasswdd 8 , 1565the Kerberos 5 Password-Changing Daemon; set to 1566.Dq Li NO 1567on a slave server. 1568.It Va kpasswdd_server 1569.Pq Vt str 1570If 1571.Va kpasswdd_server_enable 1572is set to 1573.Dq Li YES 1574this is the path to Kerberos 5 Password-Changing Daemon. 1575.It Va rwhod_enable 1576.Pq Vt bool 1577If set to 1578.Dq Li YES , 1579run the 1580.Xr rwhod 8 1581daemon at boot time. 1582.It Va rwhod_flags 1583.Pq Vt str 1584If 1585.Va rwhod_enable 1586is set to 1587.Dq Li YES , 1588these are the flags to pass to it. 1589.It Va amd_enable 1590.Pq Vt bool 1591If set to 1592.Dq Li YES , 1593run the 1594.Xr amd 8 1595daemon at boot time. 1596.It Va amd_flags 1597.Pq Vt str 1598If 1599.Va amd_enable 1600is set to 1601.Dq Li YES , 1602these are the flags to pass to it. 1603See the 1604.Xr amd 8 1605manpage for more information. 1606.It Va amd_map_program 1607.Pq Vt str 1608If set, 1609the specified program is run to get the list of 1610.Xr amd 8 1611maps. 1612For example, if the 1613.Xr amd 8 1614maps are stored in NIS, one can set this to 1615run 1616.Xr ypcat 1 1617to get a list of 1618.Xr amd 8 1619maps from the 1620.Pa amd.master 1621NIS map. 1622.It Va update_motd 1623.Pq Vt bool 1624If set to 1625.Dq Li YES , 1626.Pa /etc/motd 1627will be updated at boot time to reflect the kernel release 1628being run. 1629If set to 1630.Dq Li NO , 1631.Pa /etc/motd 1632will not be updated. 1633.It Va nfs_client_enable 1634.Pq Vt bool 1635If set to 1636.Dq Li YES , 1637run the NFS client daemons at boot time. 1638.It Va nfs_access_cache 1639.Pq Vt int 1640If 1641.Va nfs_client_enable 1642is set to 1643.Dq Li YES , 1644this can be set to 1645.Dq Li 0 1646to disable NFS ACCESS RPC caching, or to the number of seconds for which 1647NFS ACCESS 1648results should be cached. 1649A value of 2-10 seconds will substantially reduce network 1650traffic for many NFS operations. 1651.It Va nfs_server_enable 1652.Pq Vt bool 1653If set to 1654.Dq Li YES , 1655run the NFS server daemons at boot time. 1656.It Va nfs_server_flags 1657.Pq Vt str 1658If 1659.Va nfs_server_enable 1660is set to 1661.Dq Li YES , 1662these are the flags to pass to the 1663.Xr nfsd 8 1664daemon. 1665.It Va idmapd_enable 1666.Pq Vt bool 1667If set to 1668.Dq Li YES , 1669run the ID mapping daemon for NFS version 4. 1670.It Va idmapd_flags 1671.Pq Vt str 1672If 1673.Va idmapd_enable 1674is set to 1675.Dq Li YES , 1676these are the flags to pass to the 1677.Xr idmapd 8 1678daemon. 1679.It Va mountd_enable 1680.Pq Vt bool 1681If set to 1682.Dq Li YES , 1683and no 1684.Va nfs_server_enable 1685is set, start 1686.Xr mountd 8 , 1687but not 1688.Xr nfsd 8 1689daemon. 1690It is commonly needed to run CFS without real NFS used. 1691.It Va mountd_flags 1692.Pq Vt str 1693If 1694.Va mountd_enable 1695is set to 1696.Dq Li YES , 1697these are the flags to pass to the 1698.Xr mountd 8 1699daemon. 1700.It Va weak_mountd_authentication 1701.Pq Vt bool 1702If set to 1703.Dq Li YES , 1704allow services like PCNFSD to make non-privileged mount 1705requests. 1706.It Va nfs_reserved_port_only 1707.Pq Vt bool 1708If set to 1709.Dq Li YES , 1710provide NFS services only on a secure port. 1711.It Va nfs_bufpackets 1712.Pq Vt int 1713If set to a number, indicates the number of packets worth of 1714socket buffer space to reserve on an NFS client. 1715The kernel default is typically 4. 1716Using a higher number may be 1717useful on gigabit networks to improve performance. 1718The minimum value is 17192 and the maximum is 64. 1720.It Va rpc_lockd_enable 1721.Pq Vt bool 1722If set to 1723.Dq Li YES 1724and also an NFS server or client, run 1725.Xr rpc.lockd 8 1726at boot time. 1727.It Va rpc_statd_enable 1728.Pq Vt bool 1729If set to 1730.Dq Li YES 1731and also an NFS server or client, run 1732.Xr rpc.statd 8 1733at boot time. 1734.It Va rpcbind_program 1735.Pq Vt str 1736Path to 1737.Xr rpcbind 8 1738(default 1739.Pa /usr/sbin/rpcbind ) . 1740.It Va rpcbind_enable 1741.Pq Vt bool 1742If set to 1743.Dq Li YES , 1744run the 1745.Xr rpcbind 8 1746service at boot time. 1747.It Va rpcbind_flags 1748.Pq Vt str 1749If 1750.Va rpcbind_enable 1751is set to 1752.Dq Li YES , 1753these are the flags to pass to the 1754.Xr rpcbind 8 1755daemon. 1756.It Va keyserv_enable 1757.Pq Vt bool 1758If set to 1759.Dq Li YES , 1760run the 1761.Xr keyserv 8 1762daemon on boot for running Secure RPC. 1763.It Va keyserv_flags 1764.Pq Vt str 1765If 1766.Va keyserv_enable 1767is set to 1768.Dq Li YES , 1769these are the flags to pass to 1770.Xr keyserv 8 1771daemon. 1772.It Va pppoed_enable 1773.Pq Vt bool 1774If set to 1775.Dq Li YES , 1776run the 1777.Xr pppoed 8 1778daemon at boot time to provide PPP over Ethernet services. 1779.It Va pppoed_ Ns Aq Ar provider 1780.Pq Vt str 1781.Xr pppoed 8 1782listens to requests to this 1783.Ar provider 1784and ultimately runs 1785.Xr ppp 8 1786with a 1787.Ar system 1788argument of the same name. 1789.It Va pppoed_flags 1790.Pq Vt str 1791Additional flags to pass to 1792.Xr pppoed 8 . 1793.It Va pppoed_interface 1794.Pq Vt str 1795The network interface to run 1796.Xr pppoed 8 1797on. 1798This is mandatory when 1799.Va pppoed_enable 1800is set to 1801.Dq Li YES . 1802.It Va timed_enable 1803.Pq Vt bool 1804If set to 1805.Dq Li YES , 1806run the 1807.Xr timed 8 1808service at boot time. 1809This command is intended for networks of 1810machines where a consistent 1811.Dq "network time" 1812for all hosts must be established. 1813This is often useful in large NFS 1814environments where time stamps on files are expected to be consistent 1815network-wide. 1816.It Va timed_flags 1817.Pq Vt str 1818If 1819.Va timed_enable 1820is set to 1821.Dq Li YES , 1822these are the flags to pass to the 1823.Xr timed 8 1824service. 1825.It Va ntpdate_enable 1826.Pq Vt bool 1827If set to 1828.Dq Li YES , 1829run 1830.Xr ntpdate 8 1831at system startup. 1832This command is intended to 1833synchronize the system clock only 1834.Em once 1835from some standard reference. 1836An option to set this up initially 1837(from a list of known servers) is also provided by the 1838.Xr sysinstall 8 1839program when the system is first installed. 1840.It Va ntpdate_config 1841.Pq Vt str 1842Configuration file for 1843.Xr ntpdate 8 . 1844Default 1845.Pa /etc/ntp.conf . 1846.It Va ntpdate_hosts 1847.Pq Vt str 1848A whitespace-separated list of NTP servers to synchronize with at startup. 1849The default is to use the servers listed in 1850.Va ntpdate_config , 1851if that file exists. 1852.It Va ntpdate_program 1853.Pq Vt str 1854Path to 1855.Xr ntpdate 8 1856(default 1857.Pa /usr/sbin/ntpdate ) . 1858.It Va ntpdate_flags 1859.Pq Vt str 1860If 1861.Va ntpdate_enable 1862is set to 1863.Dq Li YES , 1864these are the flags to pass to the 1865.Xr ntpdate 8 1866command (typically a hostname). 1867.It Va ntpd_enable 1868.Pq Vt bool 1869If set to 1870.Dq Li YES , 1871run the 1872.Xr ntpd 8 1873command at boot time. 1874.It Va ntpd_program 1875.Pq Vt str 1876Path to 1877.Xr ntpd 8 1878(default 1879.Pa /usr/sbin/ntpd ) . 1880.It Va ntpd_config 1881.Pq Vt str 1882Path to 1883.Xr ntpd 8 1884configuration file. 1885Default 1886.Pa /etc/ntp.conf . 1887.It Va ntpd_flags 1888.Pq Vt str 1889If 1890.Va ntpd_enable 1891is set to 1892.Dq Li YES , 1893these are the flags to pass to the 1894.Xr ntpd 8 1895daemon. 1896.It Va ntpd_sync_on_start 1897.Pq Vt bool 1898If set to 1899.Dq Li YES , 1900.Xr ntpd 8 1901is run with the 1902.Fl g 1903flag, which syncs the system's clock on startup. 1904See 1905.Xr ntpd 8 1906for more information regarding the 1907.Fl g 1908option. 1909This is a preferred alternative to using 1910.Xr ntpdate 8 1911or specifying the 1912.Va ntpdate_enable 1913variable. 1914.It Va nis_client_enable 1915.Pq Vt bool 1916If set to 1917.Dq Li YES , 1918run the 1919.Xr ypbind 8 1920service at system boot time. 1921.It Va nis_client_flags 1922.Pq Vt str 1923If 1924.Va nis_client_enable 1925is set to 1926.Dq Li YES , 1927these are the flags to pass to the 1928.Xr ypbind 8 1929service. 1930.It Va nis_ypset_enable 1931.Pq Vt bool 1932If set to 1933.Dq Li YES , 1934run the 1935.Xr ypset 8 1936daemon at system boot time. 1937.It Va nis_ypset_flags 1938.Pq Vt str 1939If 1940.Va nis_ypset_enable 1941is set to 1942.Dq Li YES , 1943these are the flags to pass to the 1944.Xr ypset 8 1945daemon. 1946.It Va nis_server_enable 1947.Pq Vt bool 1948If set to 1949.Dq Li YES , 1950run the 1951.Xr ypserv 8 1952daemon at system boot time. 1953.It Va nis_server_flags 1954.Pq Vt str 1955If 1956.Va nis_server_enable 1957is set to 1958.Dq Li YES , 1959these are the flags to pass to the 1960.Xr ypserv 8 1961daemon. 1962.It Va nis_ypxfrd_enable 1963.Pq Vt bool 1964If set to 1965.Dq Li YES , 1966run the 1967.Xr rpc.ypxfrd 8 1968daemon at system boot time. 1969.It Va nis_ypxfrd_flags 1970.Pq Vt str 1971If 1972.Va nis_ypxfrd_enable 1973is set to 1974.Dq Li YES , 1975these are the flags to pass to the 1976.Xr rpc.ypxfrd 8 1977daemon. 1978.It Va nis_yppasswdd_enable 1979.Pq Vt bool 1980If set to 1981.Dq Li YES , 1982run the 1983.Xr rpc.yppasswdd 8 1984daemon at system boot time. 1985.It Va nis_yppasswdd_flags 1986.Pq Vt str 1987If 1988.Va nis_yppasswdd_enable 1989is set to 1990.Dq Li YES , 1991these are the flags to pass to the 1992.Xr rpc.yppasswdd 8 1993daemon. 1994.It Va rpc_ypupdated_enable 1995.Pq Vt bool 1996If set to 1997.Dq Li YES , 1998run the 1999.Nm rpc.ypupdated 2000daemon at system boot time. 2001.It Va bsnmpd_enable 2002.Pq Vt bool 2003If set to 2004.Dq Li YES , 2005run the 2006.Xr bsnmpd 1 2007daemon at system boot time. 2008Be sure to understand the security implications of running SNMP daemon 2009on your host. 2010.It Va bsnmpd_flags 2011.Pq Vt str 2012If 2013.Va bsnmpd_enable 2014is set to 2015.Dq Li YES , 2016these are the flags to pass to the 2017.Xr bsnmpd 1 2018daemon. 2019.It Va defaultrouter 2020.Pq Vt str 2021If not set to 2022.Dq Li NO , 2023create a default route to this host name or IP address 2024(use an IP address if this router is also required to get to the 2025name server!). 2026.It Va ipv6_defaultrouter 2027.Pq Vt str 2028The IPv6 equivalent of 2029.Va defaultrouter . 2030.It Va static_routes 2031.Pq Vt str 2032Set to the list of static routes that are to be added at system 2033boot time. 2034If not set to 2035.Dq Li NO 2036then for each whitespace separated 2037.Ar element 2038in the value, a 2039.Va route_ Ns Aq Ar element 2040variable is assumed to exist 2041whose contents will later be passed to a 2042.Dq Nm route Cm add 2043operation. 2044For example: 2045.Bd -literal 2046static_routes="mcast gif0local" 2047route_mcast="-net 224.0.0.0/4 -iface gif0" 2048route_gif0local="-host 169.254.1.1 -iface lo0" 2049.Ed 2050.It Va ipv6_static_routes 2051.Pq Vt str 2052The IPv6 equivalent of 2053.Va static_routes . 2054If not set to 2055.Dq Li NO 2056then for each whitespace separated 2057.Ar element 2058in the value, a 2059.Va ipv6_route_ Ns Aq Ar element 2060variable is assumed to exist 2061whose contents will later be passed to a 2062.Dq Nm route Cm add Fl inet6 2063operation. 2064.It Va natm_static_routes 2065.Pq Vt str 2066The 2067.Xr natmip 4 2068equivalent of 2069.Va static_routes . 2070If not empty then for each whitespace separated 2071.Ar element 2072in the value, a 2073.Va route_ Ns Aq Ar element 2074variable is assumed to exist whose contents will later be passed to a 2075.Dq Nm atmconfig Cm natm Cm add 2076operation. 2077.It Va gateway_enable 2078.Pq Vt bool 2079If set to 2080.Dq Li YES , 2081configure host to act as an IP router, e.g.\& to forward packets 2082between interfaces. 2083.It Va ipv6_gateway_enable 2084.Pq Vt bool 2085The IPv6 equivalent of 2086.Va gateway_enable . 2087.It Va router_enable 2088.Pq Vt bool 2089If set to 2090.Dq Li YES , 2091run a routing daemon of some sort, based on the 2092settings of 2093.Va router 2094and 2095.Va router_flags . 2096.It Va ipv6_router_enable 2097.Pq Vt bool 2098The IPv6 equivalent of 2099.Va router_enable . 2100If set to 2101.Dq Li YES , 2102run a routing daemon of some sort, based on the 2103settings of 2104.Va ipv6_router 2105and 2106.Va ipv6_router_flags . 2107.It Va router 2108.Pq Vt str 2109If 2110.Va router_enable 2111is set to 2112.Dq Li YES , 2113this is the name of the routing daemon to use. 2114.It Va ipv6_router 2115.Pq Vt str 2116The IPv6 equivalent of 2117.Va router . 2118.It Va router_flags 2119.Pq Vt str 2120If 2121.Va router_enable 2122is set to 2123.Dq Li YES , 2124these are the flags to pass to the routing daemon. 2125.It Va ipv6_router_flags 2126.Pq Vt str 2127The IPv6 equivalent of 2128.Va router_flags . 2129.It Va mrouted_enable 2130.Pq Vt bool 2131If set to 2132.Dq Li YES , 2133run the multicast routing daemon, 2134.Xr mrouted 8 . 2135.It Va mroute6d_enable 2136.Pq Vt bool 2137The IPv6 equivalent of 2138.Va mrouted_enable . 2139If set to 2140.Dq Li YES , 2141run the IPv6 multicast routing daemon. 2142.Pp 2143Note that multicast routing daemons are no longer included in the 2144.Fx 2145base system, however, both 2146.Xr mrouted 8 2147and 2148.Xr pim6dd 8 2149may be installed from the 2150.Fx 2151Ports Collection. 2152.It Va mrouted_flags 2153.Pq Vt str 2154If 2155.Va mrouted_enable 2156is set to 2157.Dq Li YES , 2158these are the flags to pass to the 2159.Xr mrouted 8 2160daemon. 2161.It Va mroute6d_flags 2162.Pq Vt str 2163The IPv6 equivalent of 2164.Va mrouted_flags . 2165If 2166.Va mroute6d_enable 2167is set to 2168.Dq Li YES , 2169these are the flags passed to the IPv6 multicast routing daemon. 2170.It Va mroute6d_program 2171.Pq Vt str 2172If 2173.Va mroute6d_enable 2174is set to 2175.Dq Li YES , 2176this is the path to the IPv6 multicast routing daemon. 2177.It Va rtadvd_enable 2178.Pq Vt bool 2179If set to 2180.Dq Li YES , 2181run the 2182.Xr rtadvd 8 2183daemon at boot time. 2184.Xr rtadvd 8 2185will only run if 2186.Va ipv6_gateway_enable 2187is also set to 2188.Dq Li YES . 2189The 2190.Xr rtadvd 8 2191utility sends router advertisement packets to the interfaces specified in 2192.Va rtadvd_interfaces 2193and should only be enabled with great care. 2194You may want to fine-tune 2195.Xr rtadvd.conf 5 . 2196.It Va rtadvd_interfaces 2197.Pq Vt str 2198If 2199.Va rtadvd_enable 2200is set to 2201.Dq Li YES 2202this is the list of interfaces to use. 2203.It Va ipxgateway_enable 2204.Pq Vt bool 2205If set to 2206.Dq Li YES , 2207enable the routing of IPX traffic. 2208.It Va ipxrouted_enable 2209.Pq Vt bool 2210If set to 2211.Dq Li YES , 2212run the 2213.Xr IPXrouted 8 2214daemon at system boot time. 2215.It Va ipxrouted_flags 2216.Pq Vt str 2217If 2218.Va ipxrouted_enable 2219is set to 2220.Dq Li YES , 2221these are the flags to pass to the 2222.Xr IPXrouted 8 2223daemon. 2224.It Va arpproxy_all 2225.Pq Vt bool 2226If set to 2227.Dq Li YES , 2228enable global proxy ARP. 2229.It Va forward_sourceroute 2230.Pq Vt bool 2231If set to 2232.Dq Li YES 2233and 2234.Va gateway_enable 2235is also set to 2236.Dq Li YES , 2237source-routed packets are forwarded. 2238.It Va accept_sourceroute 2239.Pq Vt bool 2240If set to 2241.Dq Li YES , 2242the system will accept source-routed packets directed at it. 2243.It Va rarpd_enable 2244.Pq Vt bool 2245If set to 2246.Dq Li YES , 2247run the 2248.Xr rarpd 8 2249daemon at system boot time. 2250.It Va rarpd_flags 2251.Pq Vt str 2252If 2253.Va rarpd_enable 2254is set to 2255.Dq Li YES , 2256these are the flags to pass to the 2257.Xr rarpd 8 2258daemon. 2259.It Va bootparamd_enable 2260.Pq Vt bool 2261If set to 2262.Dq Li YES , 2263run the 2264.Xr bootparamd 8 2265daemon at system boot time. 2266.It Va bootparamd_flags 2267.Pq Vt str 2268If 2269.Va bootparamd_enable 2270is set to 2271.Dq Li YES , 2272these are the flags to pass to the 2273.Xr bootparamd 8 2274daemon. 2275.It Va stf_interface_ipv4addr 2276.Pq Vt str 2277If not set to 2278.Dq Li NO , 2279this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 2280interface). 2281Specify this entry to enable the 6to4 interface. 2282.It Va stf_interface_ipv4plen 2283.Pq Vt int 2284Prefix length for 6to4 IPv4 addresses, to limit peer address range. 2285An effective value is 0-31. 2286.It Va stf_interface_ipv6_ifid 2287.Pq Vt str 2288IPv6 interface ID for 2289.Xr stf 4 . 2290This can be set to 2291.Dq Li AUTO . 2292.It Va stf_interface_ipv6_slaid 2293.Pq Vt str 2294IPv6 Site Level Aggregator for 2295.Xr stf 4 . 2296.It Va ipv6_faith_prefix 2297.Pq Vt str 2298If not set to 2299.Dq Li NO , 2300this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 2301translator. 2302You also need 2303.Xr faithd 8 2304setup. 2305.It Va ipv6_ipv4mapping 2306.Pq Vt bool 2307If set to 2308.Dq Li YES 2309this enables IPv4 mapped IPv6 address communication (like 2310.Li ::ffff:a.b.c.d ) . 2311.It Va atm_enable 2312.Pq Vt bool 2313Set to 2314.Dq Li YES 2315to enable the configuration of ATM interfaces at system boot time. 2316For all of the ATM variables described below, please refer to the 2317.Xr atm 8 2318manual page for further details on the available command parameters. 2319Also refer to the files in 2320.Pa /usr/share/examples/atm 2321for more detailed configuration information. 2322.It Va atm_load 2323.Pq Vt str 2324This is a list of physical ATM interface drivers to load. 2325Typical values are 2326.Dq Li hfa_pci 2327and/or 2328.Dq Li hea_pci . 2329.It Va atm_netif_ Ns Aq Ar intf 2330.Pq Vt str 2331For the ATM physical interface 2332.Ar intf , 2333this variable defines the name prefix and count for the ATM network 2334interfaces to be created. 2335The value will be passed as the parameters of an 2336.Dq Nm atm Cm "set netif" Ar intf 2337command. 2338.It Va atm_sigmgr_ Ns Aq Ar intf 2339.Pq Vt str 2340For the ATM physical interface 2341.Ar intf , 2342this variable defines the ATM signalling manager to be used. 2343The value will be passed as the parameters of an 2344.Dq Nm atm Cm attach Ar intf 2345command. 2346.It Va atm_prefix_ Ns Aq Ar intf 2347.Pq Vt str 2348For the ATM physical interface 2349.Ar intf , 2350this variable defines the NSAP prefix for interfaces using a UNI signalling 2351manager. 2352If set to 2353.Dq Li ILMI , 2354the prefix will automatically be set via the 2355.Xr ilmid 8 2356daemon. 2357Otherwise, the value will be passed as the parameters of an 2358.Dq Nm atm Cm "set prefix" Ar intf 2359command. 2360.It Va atm_macaddr_ Ns Aq Ar intf 2361.Pq Vt str 2362For the ATM physical interface 2363.Ar intf , 2364this variable defines the MAC address for interfaces using a UNI signalling 2365manager. 2366If set to 2367.Dq Li NO , 2368the hardware MAC address contained in the ATM interface card will be used. 2369Otherwise, the value will be passed as the parameters of an 2370.Dq Nm atm Cm "set mac" Ar intf 2371command. 2372.It Va atm_arpserver_ Ns Aq Ar netif 2373.Pq Vt str 2374For the ATM network interface 2375.Ar netif , 2376this variable defines the ATM address for a host which is to provide ATMARP 2377service. 2378This variable is only applicable to interfaces using a UNI signalling 2379manager. 2380If set to 2381.Dq Li local , 2382this host will become an ATMARP server. 2383The value will be passed as the parameters of an 2384.Dq Nm atm Cm "set arpserver" Ar netif 2385command. 2386.It Va atm_scsparp_ Ns Aq Ar netif 2387.Pq Vt bool 2388If set to 2389.Dq Li YES , 2390SCSP/ATMARP service for the network interface 2391.Ar netif 2392will be initiated using the 2393.Xr scspd 8 2394and 2395.Xr atmarpd 8 2396daemons. 2397This variable is only applicable if 2398.Va atm_arpserver_ Ns Aq Ar netif 2399is set to 2400.Dq Li local . 2401.It Va atm_pvcs 2402.Pq Vt str 2403Set to the list of ATM PVCs to be added at system 2404boot time. 2405For each whitespace separated 2406.Ar element 2407in the value, an 2408.Va atm_pvc_ Ns Aq Ar element 2409variable is assumed to exist. 2410The value of each of these variables 2411will be passed as the parameters of an 2412.Dq Nm atm Cm "add pvc" 2413command. 2414.It Va atm_arps 2415.Pq Vt str 2416Set to the list of permanent ATM ARP entries to be added 2417at system boot time. 2418For each whitespace separated 2419.Ar element 2420in the value, an 2421.Va atm_arp_ Ns Aq Ar element 2422variable is assumed to exist. 2423The value of each of these variables 2424will be passed as the parameters of an 2425.Dq Nm atm Cm "add arp" 2426command. 2427.It Va natm_interfaces 2428.Pq Vt str 2429Set to the list of 2430.Xr natm 4 2431interfaces that will also be used for HARP through 2432.Xr harp 4 . 2433If this list is not empty all interfaces in the list will be brought up 2434with 2435.Xr ifconfig 8 2436and 2437.Xr harp 4 2438will be loaded. 2439For this to work the interface drivers must be either compiled into the 2440kernel or must reside on the root partition. 2441.It Va keybell 2442.Pq Vt str 2443The keyboard bell sound. 2444Set to 2445.Dq Li normal , 2446.Dq Li visual , 2447.Dq Li off , 2448or 2449.Dq Li NO 2450if the default behavior is desired. 2451For details, refer to the 2452.Xr kbdcontrol 1 2453manpage. 2454.It Va keyboard 2455.Pq Vt str 2456If set to a non-null string, the virtual console's keyboard input is 2457set to this device. 2458.It Va keymap 2459.Pq Vt str 2460If set to 2461.Dq Li NO , 2462no keymap is installed, otherwise the value is used to install 2463the keymap file in 2464.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2465.It Va keyrate 2466.Pq Vt str 2467The keyboard repeat speed. 2468Set to 2469.Dq Li slow , 2470.Dq Li normal , 2471.Dq Li fast , 2472or 2473.Dq Li NO 2474if the default behavior is desired. 2475.It Va keychange 2476.Pq Vt str 2477If not set to 2478.Dq Li NO , 2479attempt to program the function keys with the value. 2480The value should 2481be a single string of the form: 2482.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2483.It Va cursor 2484.Pq Vt str 2485Can be set to the value of 2486.Dq Li normal , 2487.Dq Li blink , 2488.Dq Li destructive , 2489or 2490.Dq Li NO 2491to set the cursor behavior explicitly or choose the default behavior. 2492.It Va scrnmap 2493.Pq Vt str 2494If set to 2495.Dq Li NO , 2496no screen map is installed, otherwise the value is used to install 2497the screen map file in 2498.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2499.It Va font8x16 2500.Pq Vt str 2501If set to 2502.Dq Li NO , 2503the default 8x16 font value is used for screen size requests, otherwise 2504the value in 2505.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2506is used. 2507.It Va font8x14 2508.Pq Vt str 2509If set to 2510.Dq Li NO , 2511the default 8x14 font value is used for screen size requests, otherwise 2512the value in 2513.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2514is used. 2515.It Va font8x8 2516.Pq Vt str 2517If set to 2518.Dq Li NO , 2519the default 8x8 font value is used for screen size requests, otherwise 2520the value in 2521.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2522is used. 2523.It Va blanktime 2524.Pq Vt int 2525If set to 2526.Dq Li NO , 2527the default screen blanking interval is used, otherwise it is set 2528to 2529.Ar value 2530seconds. 2531.It Va saver 2532.Pq Vt str 2533If not set to 2534.Dq Li NO , 2535this is the actual screen saver to use 2536.Li ( blank , snake , daemon , 2537etc). 2538.It Va moused_nondefault_enable 2539.Pq Vt str 2540If set to 2541.Dq Li NO , 2542the mouse device specified on 2543the command line is not automatically treated as enabled by the 2544.Pa /etc/rc.d/moused 2545script. 2546Having this variable set to 2547.Dq Li YES 2548allows a 2549.Xr usb 4 2550mouse, 2551for example, 2552to be enabled as soon as it is plugged in. 2553.It Va moused_enable 2554.Pq Vt str 2555If set to 2556.Dq Li YES , 2557the 2558.Xr moused 8 2559daemon is started for doing cut/paste selection on the console. 2560.It Va moused_type 2561.Pq Vt str 2562This is the protocol type of the mouse connected to this host. 2563This variable must be set if 2564.Va moused_enable 2565is set to 2566.Dq Li YES . 2567The 2568.Xr moused 8 2569daemon 2570is able to detect the appropriate mouse type automatically in many cases. 2571Set this variable to 2572.Dq Li auto 2573to let the daemon detect it, or 2574select one from the following list if the automatic detection fails. 2575.Pp 2576If the mouse is attached to the PS/2 mouse port, choose 2577.Dq Li auto 2578or 2579.Dq Li ps/2 , 2580regardless of the brand and model of the mouse. 2581Likewise, if the 2582mouse is attached to the bus mouse port, choose 2583.Dq Li auto 2584or 2585.Dq Li busmouse . 2586All other protocols are for serial mice and will not work with 2587the PS/2 and bus mice. 2588If this is a USB mouse, 2589.Dq Li auto 2590is the only protocol type which will work. 2591.Pp 2592.Bl -tag -width ".Li x10mouseremote" -compact 2593.It Li microsoft 2594Microsoft mouse (serial) 2595.It Li intellimouse 2596Microsoft IntelliMouse (serial) 2597.It Li mousesystems 2598Mouse systems Corp.\& mouse (serial) 2599.It Li mmseries 2600MM Series mouse (serial) 2601.It Li logitech 2602Logitech mouse (serial) 2603.It Li busmouse 2604A bus mouse 2605.It Li mouseman 2606Logitech MouseMan and TrackMan (serial) 2607.It Li glidepoint 2608ALPS GlidePoint (serial) 2609.It Li thinkingmouse 2610Kensington ThinkingMouse (serial) 2611.It Li ps/2 2612PS/2 mouse 2613.It Li mmhittab 2614MM HitTablet (serial) 2615.It Li x10mouseremote 2616X10 MouseRemote (serial) 2617.It Li versapad 2618Interlink VersaPad (serial) 2619.El 2620.Pp 2621Even if the mouse is not in the above list, it may be compatible 2622with one in the list. 2623Refer to the manual page for 2624.Xr moused 8 2625for compatibility information. 2626.Pp 2627It should also be noted that while this is enabled, any 2628other client of the mouse (such as an X server) should access 2629the mouse through the virtual mouse device, 2630.Pa /dev/sysmouse , 2631and configure it as a 2632.Dq Li sysmouse 2633type mouse, since all 2634mouse data is converted to this single canonical format when 2635using 2636.Xr moused 8 . 2637If the client program does not support the 2638.Dq Li sysmouse 2639type, 2640specify the 2641.Dq Li mousesystems 2642type. 2643It is the second preferred type. 2644.It Va moused_port 2645.Pq Vt str 2646If 2647.Va moused_enable 2648is set to 2649.Dq Li YES , 2650this is the actual port the mouse is on. 2651It might be 2652.Pa /dev/cuad0 2653for a COM1 serial mouse, 2654.Pa /dev/psm0 2655for a PS/2 mouse or 2656.Pa /dev/mse0 2657for a bus mouse, for example. 2658.It Va moused_flags 2659.Pq Vt str 2660If 2661.Va moused_type 2662is set, these are the additional flags to pass to the 2663.Xr moused 8 2664daemon. 2665.It Va mousechar_start 2666.Pq Vt int 2667If set to 2668.Dq Li NO , 2669the default mouse cursor character range 2670.Li 0xd0 Ns - Ns Li 0xd3 2671is used, 2672otherwise the range start is set 2673to 2674.Ar value 2675character, see 2676.Xr vidcontrol 1 . 2677Use if the default range is occupied in the language code table. 2678.It Va allscreens_flags 2679.Pq Vt str 2680If set, 2681.Xr vidcontrol 1 2682is run with these options for each of the virtual terminals 2683.Pq Pa /dev/ttyv* . 2684For example, 2685.Dq Fl m Cm on 2686will enable the mouse pointer on all virtual terminals 2687if 2688.Va moused_enable 2689is set to 2690.Dq Li YES . 2691.It Va allscreens_kbdflags 2692.Pq Vt str 2693If set, 2694.Xr kbdcontrol 1 2695is run with these options for each of the virtual terminals 2696.Pq Pa /dev/ttyv* . 2697For example, 2698.Dq Fl h Li 200 2699will set the 2700.Xr syscons 4 2701scrollback (history) buffer to 200 lines. 2702.It Va cron_enable 2703.Pq Vt bool 2704If set to 2705.Dq Li YES , 2706run the 2707.Xr cron 8 2708daemon at system boot time. 2709.It Va cron_program 2710.Pq Vt str 2711Path to 2712.Xr cron 8 2713(default 2714.Pa /usr/sbin/cron ) . 2715.It Va cron_flags 2716.Pq Vt str 2717If 2718.Va cron_enable 2719is set to 2720.Dq Li YES , 2721these are the flags to pass to 2722.Xr cron 8 . 2723.It Va cron_dst 2724.Pq Vt bool 2725If set to 2726.Dq Li YES , 2727enable the special handling of transitions to and from the 2728Daylight Saving Time in 2729.Xr cron 8 2730(equivalent to using the flag 2731.Fl s ) . 2732.It Va lpd_program 2733.Pq Vt str 2734Path to 2735.Xr lpd 8 2736(default 2737.Pa /usr/sbin/lpd ) . 2738.It Va lpd_enable 2739.Pq Vt bool 2740If set to 2741.Dq Li YES , 2742run the 2743.Xr lpd 8 2744daemon at system boot time. 2745.It Va lpd_flags 2746.Pq Vt str 2747If 2748.Va lpd_enable 2749is set to 2750.Dq Li YES , 2751these are the flags to pass to the 2752.Xr lpd 8 2753daemon. 2754.It Va chkprintcap_enable 2755.Pq Vt bool 2756If set to 2757.Dq Li YES , 2758run the 2759.Xr chkprintcap 8 2760command before starting the 2761.Xr lpd 8 2762daemon. 2763.It Va chkprintcap_flags 2764.Pq Vt str 2765If 2766.Va lpd_enable 2767and 2768.Va chkprintcap_enable 2769are set to 2770.Dq Li YES , 2771these are the flags to pass to the 2772.Xr chkprintcap 8 2773program. 2774The default is 2775.Dq Li -d , 2776which causes missing directories to be created. 2777.It Va mta_start_script 2778.Pq Vt str 2779This variable specifies the full path to the script to run to start 2780a mail transfer agent. 2781The default is 2782.Pa /etc/rc.sendmail . 2783The 2784.Va sendmail_* 2785variables which 2786.Pa /etc/rc.sendmail 2787uses are documented in the 2788.Xr rc.sendmail 8 2789manual page. 2790.It Va dumpdev 2791.Pq Vt str 2792Indicates the device (usually a swap partition) to which a crash dump 2793should be written in the event of a system crash. 2794If the value of this variable is 2795.Dq Li AUTO , 2796the first suitable swap device listed in 2797.Pa /etc/fstab 2798will be used as dump device. 2799Otherwise, the value of this variable is passed as the argument to 2800.Xr dumpon 8 . 2801To disable crash dumps, set this variable to 2802.Dq Li NO . 2803.It Va dumpdir 2804.Pq Vt str 2805When the system reboots after a crash and a crash dump is found on the 2806device specified by the 2807.Va dumpdev 2808variable, 2809.Xr savecore 8 2810will save that crash dump and a copy of the kernel to the directory 2811specified by the 2812.Va dumpdir 2813variable. 2814The default value is 2815.Pa /var/crash . 2816Set to 2817.Dq Li NO 2818to not run 2819.Xr savecore 8 2820at boot time when 2821.Va dumpdir 2822is set. 2823.It Va savecore_flags 2824.Pq Vt str 2825If crash dumps are enabled, these are the flags to pass to the 2826.Xr savecore 8 2827utility. 2828.It Va enable_quotas 2829.Pq Vt bool 2830Set to 2831.Dq Li YES 2832to turn on user and group disk quotas on system startup via the 2833.Xr quotaon 8 2834command for all file systems marked as having quotas enabled in 2835.Pa /etc/fstab . 2836The kernel must be built with 2837.Cd "options QUOTA" 2838for disk quotas to function. 2839.It Va check_quotas 2840.Pq Vt bool 2841Set to 2842.Dq Li YES 2843to enable user and group disk quota checking via the 2844.Xr quotacheck 8 2845command. 2846.It Va quotacheck_flags 2847.Pq Vt str 2848If 2849.Va enable_quotas 2850is set to 2851.Dq Li YES , 2852and 2853.Va check_quotas 2854is set to 2855.Dq Li YES , 2856these are the flags to pass to the 2857.Xr quotacheck 8 2858utility. 2859The default is 2860.Dq Li "-a" , 2861which checks quotas for all file systems with quotas enabled in 2862.Pa /etc/fstab . 2863.It Va quotaon_flags 2864.Pq Vt str 2865If 2866.Va enable_quotas 2867is set to 2868.Dq Li YES , 2869these are the flags to pass to the 2870.Xr quotaon 8 2871utility. 2872The default is 2873.Dq Li "-a" , 2874which enables quotas for all file systems with quotas enabled in 2875.Pa /etc/fstab . 2876.It Va quotaoff_flags 2877.Pq Vt str 2878If 2879.Va enable_quotas 2880is set to 2881.Dq Li YES , 2882these are the flags to pass to the 2883.Xr quotaoff 8 2884utility when shutting down the quota system. 2885The default is 2886.Dq Li "-a" , 2887which disables quotas for all file systems with quotas enabled in 2888.Pa /etc/fstab . 2889.It Va accounting_enable 2890.Pq Vt bool 2891Set to 2892.Dq Li YES 2893to enable system accounting through the 2894.Xr accton 8 2895facility. 2896.It Va ibcs2_enable 2897.Pq Vt bool 2898Set to 2899.Dq Li YES 2900to enable iBCS2 (SCO) binary emulation at system initial boot 2901time. 2902.It Va ibcs2_loaders 2903.Pq Vt str 2904If not set to 2905.Dq Li NO 2906and if 2907.Va ibcs2_enable 2908is set to 2909.Dq Li YES , 2910this specifies a list of additional iBCS2 loaders to enable. 2911.It Va linux_enable 2912.Pq Vt bool 2913Set to 2914.Dq Li YES 2915to enable Linux/ELF binary emulation at system initial 2916boot time. 2917.It Va svr4_enable 2918.Pq Vt bool 2919If set to 2920.Dq Li YES , 2921enable SysVR4 emulation at boot time. 2922.It Va sysvipc_enable 2923.Pq Vt bool 2924If set to 2925.Dq Li YES , 2926load System V IPC primitives at boot time. 2927.It Va clear_tmp_enable 2928.Pq Vt bool 2929Set to 2930.Dq Li YES 2931to have 2932.Pa /tmp 2933cleaned at startup. 2934.It Va clear_tmp_X 2935.Pq Vt bool 2936Set to 2937.Dq Li NO 2938to disable removing of X11 lock files, 2939and the removal and (secure) recreation 2940of the various socket directories for X11 2941related programs. 2942.It Va ldconfig_paths 2943.Pq Vt str 2944Set to the list of shared library paths to use with 2945.Xr ldconfig 8 . 2946NOTE: 2947.Pa /usr/lib 2948will always be added first, so it need not appear in this list. 2949.It Va ldconfig32_paths 2950.Pq Vt str 2951Set to the list of 32-bit compatibility shared library paths to 2952use with 2953.Xr ldconfig 8 . 2954.It Va ldconfig_paths_aout 2955.Pq Vt str 2956Set to the list of shared library paths to use with 2957.Xr ldconfig 8 2958legacy 2959.Xr a.out 5 2960support. 2961.It Va ldconfig_insecure 2962.Pq Vt bool 2963The 2964.Xr ldconfig 8 2965utility normally refuses to use directories 2966which are writable by anyone except root. 2967Set this variable to 2968.Dq Li YES 2969to disable that security check during system startup. 2970.It Va ldconfig_local_dirs 2971.Pq Vt str 2972Set to the list of local 2973.Xr ldconfig 8 2974directories. 2975The names of all files in the directories listed will be 2976passed as arguments to 2977.Xr ldconfig 8 . 2978.It Va ldconfig_local32_dirs 2979.Pq Vt str 2980Set to the list of local 32-bit compatibility 2981.Xr ldconfig 8 2982directories. 2983The names of all files in the directories listed will be 2984passed as arguments to 2985.Dq Nm ldconfig Fl 32 . 2986.It Va kern_securelevel_enable 2987.Pq Vt bool 2988Set to 2989.Dq Li YES 2990to set the kernel security level at system startup. 2991.It Va kern_securelevel 2992.Pq Vt int 2993The kernel security level to set at startup. 2994The allowed range of 2995.Ar value 2996ranges from \-1 (the compile time default) to 3 (the 2997most secure). 2998See 2999.Xr init 8 3000for the list of possible security levels and their effect 3001on system operation. 3002.It Va sshd_program 3003.Pq Vt str 3004Path to the SSH server program 3005.Pa ( /usr/sbin/sshd 3006is the default). 3007.It Va sshd_enable 3008.Pq Vt bool 3009Set to 3010.Dq Li YES 3011to start 3012.Xr sshd 8 3013at system boot time. 3014.It Va sshd_flags 3015.Pq Vt str 3016If 3017.Va sshd_enable 3018is set to 3019.Dq Li YES , 3020these are the flags to pass to the 3021.Xr sshd 8 3022daemon. 3023.It Va ftpd_program 3024.Pq Vt str 3025Path to the FTP server program 3026.Pa ( /usr/libexec/ftpd 3027is the default). 3028.It Va ftpd_enable 3029.Pq Vt bool 3030Set to 3031.Dq Li YES 3032to start 3033.Xr ftpd 8 3034as a stand-alone daemon at system boot time. 3035.It Va ftpd_flags 3036.Pq Vt str 3037If 3038.Va ftpd_enable 3039is set to 3040.Dq Li YES , 3041these are the additional flags to pass to the 3042.Xr ftpd 8 3043daemon. 3044.It Va watchdogd_enable 3045.Pq Vt bool 3046If set to 3047.Dq Li YES , 3048start the 3049.Xr watchdogd 8 3050daemon at boot time. 3051This requires that the kernel have been compiled with a 3052.Xr watchdog 4 3053compatible device. 3054.It Va watchdogd_flags 3055.Pq Vt str 3056If 3057.Va watchdogd_enable 3058is set to 3059.Dq Li YES , 3060these are the flags passed to the 3061.Xr watchdogd 8 3062daemon. 3063.It Va performance_cx_lowest 3064.Pq Vt str 3065CPU idle state to use while on AC power. 3066The string 3067.Dq Li LOW 3068indicates that 3069.Xr acpi 4 3070should use the lowest power state available while 3071.Dq Li HIGH 3072indicates that the lowest latency state (less power savings) should be used. 3073.It Va performance_cpu_freq 3074.Pq Vt str 3075CPU clock frequency to use while on AC power. 3076The string 3077.Dq Li LOW 3078indicates that 3079.Xr cpufreq 4 3080should use the lowest frequency available while 3081.Dq Li HIGH 3082indicates that the highest frequency (less power savings) should be used. 3083.It Va economy_cx_lowest 3084.Pq Vt str 3085CPU idle state to use when off AC power. 3086The string 3087.Dq Li LOW 3088indicates that 3089.Xr acpi 4 3090should use the lowest power state available while 3091.Dq Li HIGH 3092indicates that the lowest latency state (less power savings) should be used. 3093.It Va economy_cpu_freq 3094.Pq Vt str 3095CPU clock frequency to use when off AC power. 3096The string 3097.Dq Li LOW 3098indicates that 3099.Xr cpufreq 4 3100should use the lowest frequency available while 3101.Dq Li HIGH 3102indicates that the highest frequency (less power savings) should be used. 3103.It Va jail_enable 3104.Pq Vt bool 3105If set to 3106.Dq Li NO , 3107any configured jails will not be started. 3108.It Va jail_list 3109.Pq Vt str 3110A space separated list of names for jails. 3111This is purely a configuration aid to help identify and 3112configure multiple jails. 3113The names specified in this list will be used to 3114identify settings common to an instance of a jail. 3115Assuming that the jail in question was named 3116.Li vjail , 3117you would have the following dependent variables: 3118.Bd -literal 3119jail_vjail_hostname="jail.example.com" 3120jail_vjail_ip="192.168.1.100" 3121jail_vjail_rootdir="/var/jails/vjail/root" 3122.Ed 3123.Pp 3124.It Va jail_flags 3125.Pq Vt str 3126Unset by default. 3127When set, use as default value for 3128.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3129for every jail in 3130.Va jail_list . 3131.It Va jail_interface 3132.Pq Vt str 3133Unset by default. 3134When set, use as default value for 3135.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3136for every jail in 3137.Va jail_list . 3138.It Va jail_fstab 3139.Pq Vt str 3140Unset by default. 3141When set, use as default value for 3142.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3143for every jail in 3144.Va jail_list . 3145.It Va jail_mount_enable 3146.Pq Vt bool 3147Set to 3148.Dq Li NO 3149by default. 3150When set to 3151.Dq Li YES , 3152sets 3153.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3154to 3155.Dq Li YES 3156by default for every jail in 3157.Va jail_list . 3158.It Va jail_devfs_ruleset 3159.Pq Vt str 3160Unset by default. 3161When set, sets 3162.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3163to given value for every jail in 3164.Va jail_list . 3165.It Va jail_devfs_enable 3166.Pq Vt bool 3167Set to 3168.Dq Li NO 3169by default. 3170When set to 3171.Dq Li YES , 3172sets 3173.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3174to 3175.Dq Li YES 3176by default for every jail in 3177.Va jail_list . 3178.It Va jail_fdescfs_enable 3179.Pq Vt bool 3180Set to 3181.Dq Li NO 3182by default. 3183When set to 3184.Dq Li YES , 3185sets 3186.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3187to 3188.Dq Li YES 3189by default for every jail in 3190.Va jail_list . 3191.It Va jail_procfs_enable 3192.Pq Vt bool 3193Set to 3194.Dq Li NO 3195by default. 3196When set to 3197.Dq Li YES , 3198sets 3199.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3200to 3201.Dq Li YES 3202by default for every jail in 3203.Va jail_list . 3204.It Va jail_exec_start 3205.Pq Vt str 3206Unset by default. 3207When set, use as default value for 3208.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3209for every jail in 3210.Va jail_list . 3211.It Va jail_exec_afterstart Ns Aq Ar N 3212.Pq Vt str 3213Unset by default. 3214When set, use as default value for 3215.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3216for every jail in 3217.Va jail_list . 3218.It Va jail_exec_stop 3219Unset by default. 3220When set, use as default value for 3221.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3222for every jail in 3223.Va jail_list . 3224.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 3225.Pq Vt str 3226Unset by default. 3227Set to the root directory used by jail 3228.Va jname . 3229.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 3230.Pq Vt str 3231Unset by default. 3232Set to the fully qualified domain name (FQDN) assigned to jail 3233.Va jname . 3234.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 3235.Pq Vt str 3236Unset by default. 3237Set to the IP address assigned to jail 3238.Va jname . 3239.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3240.Pq Vt str 3241Set to 3242.Dq Li -l -U root 3243by default. 3244These are flags to pass to 3245.Xr jail . 3246.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3247.Pq Vt str 3248Unset by default. 3249When set, sets the interface to use when setting IP address alias. 3250Note that the alias is created at jail startup and removed at jail shutdown. 3251.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3252.Pq Vt str 3253Set to 3254.Pa /etc/fstab. Ns Aq Ar jname 3255by default. 3256This is the file system information file to use for jail 3257.Va jname . 3258.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3259.Pq Vt bool 3260Set to 3261.Dq Li NO 3262by default. 3263When set to 3264.Dq Li YES , 3265mount all file systems from 3266.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3267at jail startup. 3268.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3269.Pq Vt str 3270Unset by default. 3271When set, defines the device file system ruleset file to use for jail 3272.Va jname . 3273.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3274.Pq Vt bool 3275Set to 3276.Dq Li NO 3277by default. 3278When set to 3279.Dq Li YES , 3280mount the device file system inside jail 3281.Ar jname 3282at jail startup. 3283.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3284.Pq Vt bool 3285Set to 3286.Dq Li NO 3287by default. 3288When set to 3289.Dq Li YES , 3290mount the file-descriptor file system inside jail 3291.Ar jname 3292at jail startup. 3293.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 3294.Pq Vt bool 3295Set to 3296.Dq Li NO 3297by default. 3298When set to 3299.Dq Li YES , 3300mount the process file system inside jail 3301.Ar jname 3302at jail startup. 3303.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3304.Pq Vt str 3305Set to 3306.Dq Li /bin/sh /etc/rc 3307by default. 3308This is the command executed at jail startup. 3309.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3310.Pq Vt str 3311Unset by default. 3312This is the command run as 3313.Ar N Ns 3314th command 3315after jail startup, where 3316.Ar N 3317is 1, 2, and so on. 3318.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3319.Pq Vt str 3320Set to 3321.Dq Li /bin/sh /etc/rc.shutdown 3322by default. 3323This is the command executed at jail shutdown. 3324.It Va jail_set_hostname_allow 3325.Pq Vt bool 3326If set to 3327.Dq Li NO , 3328do not allow the root user in a jail to set its hostname. 3329.It Va jail_socket_unixiproute_only 3330.Pq Vt bool 3331If set to 3332.Dq Li YES , 3333do not allow any sockets, 3334besides UNIX/IP/route sockets, 3335to be used within a jail. 3336.It Va jail_sysvipc_allow 3337.Pq Vt bool 3338If set to 3339.Dq Li YES , 3340allow applications within a jail to use System V IPC. 3341.\" ----- ISDN settings --------------------------------- 3342.It Va isdn_enable 3343.Pq Vt bool 3344Set to 3345.Dq Li NO 3346by default. 3347When set to 3348.Dq Li YES , 3349starts the 3350.Xr isdnd 8 3351daemon 3352at system boot time. 3353.It Va isdn_flags 3354.Pq Vt str 3355Set to 3356.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 3357by default. 3358Additional flags to pass to 3359.Xr isdnd 8 3360(but see 3361.Va isdn_fsdev 3362and 3363.Va isdn_ttype 3364for certain tunable parameters). 3365.It Va isdn_ttype 3366.Pq Vt str 3367Set to 3368.Dq Li cons25 3369by default. 3370The terminal type of the output device when 3371.Xr isdnd 8 3372operates in full-screen mode. 3373.It Va isdn_screenflags 3374.Pq Vt str 3375Set to 3376.Dq Li NO 3377by default. 3378The video mode for full-screen mode (only for 3379.Xr syscons 4 3380console driver, see 3381.Xr vidcontrol 1 3382for valid modes). 3383.It Va isdn_fsdev 3384.Pq Vt str 3385Set to 3386.Dq Li NO 3387by default. 3388The output device for 3389.Xr isdnd 8 3390in full-screen mode (or 3391.Dq Li NO 3392for daemon mode). 3393.It Va isdn_trace 3394.Pq Vt bool 3395Set to 3396.Dq Li NO 3397by default. 3398When set to 3399.Dq Li YES , 3400enables the ISDN protocol trace utility 3401.Xr isdntrace 8 3402at system boot time. 3403.It Va isdn_traceflags 3404.Pq Vt str 3405Set to 3406.Dq Fl f Pa /var/tmp/isdntrace0 3407by default. 3408Flags for 3409.Xr isdntrace 8 . 3410.\" ----------------------------------------------------- 3411.It Va harvest_interrupt 3412.Pq Vt bool 3413Set to 3414.Dq Li YES 3415to use hardware interrupts as an entropy source. 3416Refer to 3417.Xr random 4 3418for more information. 3419.It Va harvest_ethernet 3420.Pq Vt bool 3421Set to 3422.Dq Li YES 3423to use LAN traffic as an entropy source. 3424Refer to 3425.Xr random 4 3426for more information. 3427.It Va harvest_p_to_p 3428.Pq Vt bool 3429Set to 3430.Dq Li YES 3431to use serial line traffic as an entropy source. 3432Refer to 3433.Xr random 4 3434for more information. 3435.It Va entropy_dir 3436.Pq Vt str 3437Set to 3438.Dq Li NO 3439to disable caching entropy via 3440.Xr cron 8 . 3441Otherwise set to the directory used to store entropy files in. 3442.It Va entropy_file 3443.Pq Vt str 3444Set to 3445.Dq Li NO 3446to disable caching entropy through reboots. 3447Otherwise set to the filename used to store cached entropy through 3448reboots. 3449This file should be located on the root file system to seed the 3450.Xr random 4 3451device as early as possible in the boot process. 3452.It Va entropy_save_sz 3453.Pq Vt int 3454Size of the entropy cache files saved by 3455.Nm save-entropy 3456periodically. 3457.It Va entropy_save_num 3458.Pq Vt int 3459Number of entropy cache files to save by 3460.Nm save-entropy 3461periodically. 3462.It Va ipsec_enable 3463.Pq Vt bool 3464Set to 3465.Dq Li YES 3466to run 3467.Xr setkey 8 3468on 3469.Va ipsec_file 3470at boot time. 3471.It Va ipsec_file 3472.Pq Vt str 3473Configuration file for 3474.Xr setkey 8 . 3475.It Va dmesg_enable 3476.Pq Vt bool 3477Set to 3478.Dq Li YES 3479to save 3480.Xr dmesg 8 3481to 3482.Pa /var/run/dmesg.boot 3483on boot. 3484.It Va rcshutdown_timeout 3485.Pq Vt int 3486If set, start a watchdog timer in the background which will terminate 3487.Pa rc.shutdown 3488if 3489.Xr shutdown 8 3490has not completed within the specified time (in seconds). 3491Notice that in addition to this soft timeout, 3492.Xr init 8 3493also applies a hard timeout for the execution of 3494.Pa rc.shutdown . 3495This is configured via 3496.Xr sysctl 8 3497variable 3498.Va kern.init_shutdown_timeout 3499and defaults to 120 seconds. 3500Setting the value of 3501.Va rcshutdown_timeout 3502to more than 120 seconds will have no effect until the 3503.Xr sysctl 8 3504variable 3505.Va kern.init_shutdown_timeout 3506is also increased. 3507.It Va virecover_enable 3508.Pq Vt bool 3509Set to 3510.Dq Li NO 3511to prevent the system from trying to 3512recover pre-maturely terminated 3513.Xr vi 1 3514sessions. 3515.It Va ugidfw_enable 3516.Pq Vt bool 3517Set to 3518.Dq Li YES 3519to load the 3520.Xr mac_bsdextended 4 3521module upon system initialization and load a default 3522ruleset file. 3523.It Va bsdextended_script 3524.Pq Vt str 3525The default 3526.Xr mac_bsdextended 4 3527ruleset file to load. 3528The default value of this variable is 3529.Pa /etc/rc.bsdextended . 3530.It Va newsyslog_enable 3531.Pq Vt bool 3532If set to 3533.Dq Li YES , 3534run 3535.Xr newsyslog 8 3536command at startup. 3537.It Va newsyslog_flags 3538.Pq Vt str 3539If 3540.Va newsyslog_enable 3541is set to 3542.Dq Li YES , 3543these are the flags to pass to the 3544.Xr newsyslog 8 3545program. 3546The default is 3547.Dq Li -CN , 3548which causes log files flagged with a 3549.Cm C 3550to be created. 3551.It Va mdconfig_md Ns Aq Ar X 3552.Pq Vt str 3553Arguments to 3554.Xr mdconfig 8 3555for 3556.Xr md 4 3557device 3558.Ar X . 3559At minimum a 3560.Fl t Ar type 3561must be specified and either a 3562.Fl s Ar size 3563for malloc or swap backed 3564.Xr md 4 3565devices or a 3566.Fl f Ar file 3567for vnode backed 3568.Xr md 4 3569devices. 3570Note that 3571.Va mdconfig_md Ns Aq Ar X 3572variables are evaluated until one variable is unset or null. 3573.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _newfs 3574.Pq Vt str 3575Optional arguments passed to 3576.Xr newfs 8 3577to initialize 3578.Xr md 4 3579device 3580.Ar X . 3581.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _owner 3582.Pq Vt str 3583An ownership specification passed to 3584.Xr chown 8 3585after the specified 3586.Xr md 4 3587device 3588.Ar X 3589has been mounted. 3590Both the 3591.Xr md 4 3592device and the mount point will be changed. 3593.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _perms 3594.Pq Vt str 3595A mode string passed to 3596.Xr chmod 1 3597after the specified 3598.Xr md 4 3599device 3600.Ar X 3601has been mounted. 3602Both the 3603.Xr md 4 3604device and the mount point will be changed. 3605.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _files 3606.Pq Vt str 3607Files to be copied to the mount point of the 3608.Xr md 4 3609device 3610.Ar X 3611after it has been mounted. 3612.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _cmd 3613.Pq Vt str 3614Command to execute after the specified 3615.Xr md 4 3616device 3617.Ar X 3618has been mounted. 3619Note that the command is passed to 3620.Ic eval 3621and that both 3622.Va _dev 3623and 3624.Va _mp 3625variables can be used to reference respectively the 3626.Xr md 4 3627device and the mount point. 3628Assuming that the 3629.Xr md 4 3630device is 3631.Li md0 , 3632one could set the following: 3633.Bd -literal 3634mdconfig_md0_cmd="tar xfzC /var/file.tgz \e${_mp}" 3635.Ed 3636.It Va ramdisk_units 3637.Pq Vt str 3638A list of one or more ramdisk units to configure with 3639.Xr mdconfig 8 3640and 3641.Xr newfs 8 3642in time to be mounted from 3643.Xr fstab 5 . 3644Each listed unit 3645.Ar X 3646must specify at least a 3647.Ar type 3648in a 3649.Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 3650variable. 3651Note that this way to configure ramdisks has been deprecated 3652in favor of new 3653.Va mdconfig_md* 3654variables (see above). 3655.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 3656.Pq Vt str 3657Arguments to 3658.Xr mdconfig 8 3659for ramdisk 3660.Ar X . 3661At minimum a 3662.Fl t Ar type 3663must be specified, where 3664.Ar type 3665must be one of 3666.Cm malloc 3667or 3668.Cm swap . 3669.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _newfs 3670.Pq Vt str 3671Optional arguments passed to 3672.Xr newfs 8 3673to initialize ramdisk 3674.Ar X . 3675.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _owner 3676.Pq Vt str 3677An ownership specification passed to 3678.Xr chown 8 3679after the specified ramdisk unit 3680.Ar X 3681has been mounted. 3682Both the 3683.Xr md 4 3684device and the mount point will be changed. 3685.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _perms 3686.Pq Vt str 3687A mode string passed to 3688.Xr chmod 1 3689after the specified ramdisk unit 3690.Ar X 3691has been mounted. 3692Both the 3693.Xr md 4 3694device and the mount point will be changed. 3695.It Va autobridge_interfaces 3696.Pq Vt str 3697Set to the list of bridge interfaces that will have newly arriving interfaces 3698checked against to be automatically added. 3699If not set to 3700.Dq Li NO 3701then for each whitespace separated 3702.Ar element 3703in the value, a 3704.Va autobridge_ Ns Aq Ar element 3705variable is assumed to exist which has a whitespace separated list of interface 3706names to match, these names can use wildcards. 3707For example: 3708.Bd -literal 3709autobridge_interfaces="bridge0" 3710autobridge_bridge0="tap* dc0 vlan[345]" 3711.Ed 3712.It Va mixer_enable 3713.Pq Vt bool 3714If set to 3715.Dq Li YES , 3716enable support for sound mixer. 3717.El 3718.Sh FILES 3719.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 3720.It Pa /etc/defaults/rc.conf 3721.It Pa /etc/rc.conf 3722.It Pa /etc/rc.conf.local 3723.El 3724.Sh SEE ALSO 3725.Xr catman 1 , 3726.Xr chmod 1 , 3727.Xr gdb 1 , 3728.Xr info 1 , 3729.Xr kbdcontrol 1 , 3730.Xr makewhatis 1 , 3731.Xr sh 1 , 3732.Xr vi 1 , 3733.Xr vidcontrol 1 , 3734.Xr bridge 4 , 3735.Xr ip 4 , 3736.Xr ipf 4 , 3737.Xr ipfw 4 , 3738.Xr ipnat 4 , 3739.Xr kld 4 , 3740.Xr pf 4 , 3741.Xr pflog 4 , 3742.Xr pfsync 4 , 3743.Xr tcp 4 , 3744.Xr udp 4 , 3745.Xr exports 5 , 3746.Xr fstab 5 , 3747.Xr ipf 5 , 3748.Xr ipnat 5 , 3749.Xr motd 5 , 3750.Xr newsyslog.conf 5 , 3751.Xr pf.conf 5 , 3752.Xr accton 8 , 3753.Xr amd 8 , 3754.Xr apm 8 , 3755.Xr atm 8 , 3756.Xr chkprintcap 8 , 3757.Xr chown 8 , 3758.Xr cron 8 , 3759.Xr dhclient 8 , 3760.Xr ftpd 8 , 3761.Xr geli 8 , 3762.Xr ifconfig 8 , 3763.Xr inetd 8 , 3764.Xr ipf 8 , 3765.Xr ipfw 8 , 3766.Xr ipnat 8 , 3767.Xr isdnd 8 , 3768.Xr isdntrace 8 , 3769.Xr jail 8 , 3770.Xr kldxref 8 , 3771.Xr lpd 8 , 3772.Xr mdconfig 8 , 3773.Xr mdmfs 8 , 3774.Xr mixer 8 , 3775.Xr mountd 8 , 3776.Xr moused 8 , 3777.Xr mrouted 8 , 3778.Xr named 8 , 3779.Xr newfs 8 , 3780.Xr newsyslog 8 , 3781.Xr nfsd 8 , 3782.Xr ntpd 8 , 3783.Xr ntpdate 8 , 3784.Xr pfctl 8 , 3785.Xr pflogd 8 , 3786.Xr powerd 8 , 3787.Xr quotacheck 8 , 3788.Xr quotaon 8 , 3789.Xr rc 8 , 3790.Xr rc.sendmail 8 , 3791.Xr route 8 , 3792.Xr routed 8 , 3793.Xr rpcbind 8 , 3794.Xr rpc.lockd 8 , 3795.Xr rpc.statd 8 , 3796.Xr rwhod 8 , 3797.Xr savecore 8 , 3798.Xr sshd 8 , 3799.Xr swapon 8 , 3800.Xr sysctl 8 , 3801.Xr syslogd 8 , 3802.Xr timed 8 , 3803.Xr yp 8 , 3804.Xr ypbind 8 , 3805.Xr ypserv 8 , 3806.Xr ypset 8 3807.Sh HISTORY 3808The 3809.Nm 3810file appeared in 3811.Fx 2.2.2 . 3812.Sh AUTHORS 3813.An Jordan K. Hubbard . 3814