1.\" Copyright (c) 1995 2.\" Jordan K. Hubbard 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 13.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND 14.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE 17.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23.\" SUCH DAMAGE. 24.\" 25.\" $FreeBSD$ 26.\" 27.Dd October 15, 2006 28.Dt RC.CONF 5 29.Os 30.Sh NAME 31.Nm rc.conf 32.Nd system configuration information 33.Sh DESCRIPTION 34The file 35.Nm 36contains descriptive information about the local host name, configuration 37details for any potential network interfaces and which services should be 38started up at system initial boot time. 39In new installations, the 40.Nm 41file is generally initialized by the system installation utility, 42.Xr sysinstall 8 . 43.Pp 44The purpose of 45.Nm 46is not to run commands or perform system startup actions 47directly. 48Instead, it is included by the 49various generic startup scripts in 50.Pa /etc 51which conditionalize their 52internal actions according to the settings found there. 53.Pp 54The 55.Pa /etc/rc.conf 56file is included from the file 57.Pa /etc/defaults/rc.conf , 58which specifies the default settings for all the available options. 59Options need only be specified in 60.Pa /etc/rc.conf 61when the system administrator wishes to override these defaults. 62The file 63.Pa /etc/rc.conf.local 64is used to override settings in 65.Pa /etc/rc.conf 66for historical reasons. 67See the 68.Va rc_conf_files 69variable below. 70.Pp 71Options are set with 72.Dq Ar name Ns Li = Ns Ar value 73assignments that use 74.Xr sh 1 75syntax. 76The following list provides a name and short description for each 77variable that can be set in the 78.Nm 79file: 80.Bl -tag -width indent-two 81.It Va rc_debug 82.Pq Vt bool 83If set to 84.Dq Li YES , 85enable output of debug messages from rc scripts. 86This variable can be helpful in diagnosing mistakes when 87editing or integrating new scripts. 88Beware that this produces copious output to the terminal and 89.Xr syslog 3 . 90.It Va rc_info 91.Pq Vt bool 92If set to 93.Dq Li NO , 94disable informational messages from the rc scripts. 95Informational messages are displayed when 96a condition that is not serious enough to warrant a warning or 97an error occurs. 98.It Va early_late_divider 99.Pq Vt str 100The name of the script that should be used as the 101delimiter between the 102.Dq early 103and 104.Dq late 105stages of the boot process. 106The early stage should contain all the services needed to 107get the disks (local or remote) mounted so that the late 108stage can include scripts contained in the directories 109listed in the 110.Va local_startup 111variable (see below). 112Thus, the two likely candidates for this value are 113.Pa mountcritlocal 114for the typical system, and 115.Pa mountcritremote 116if the system needs remote file 117systems mounted to get access to the 118.Va local_startup 119directories; for example when 120.Pa /usr/local 121is NFS mounted. 122For 123.Pa rc.conf 124within a 125.Xr jail 8 126.Pa NETWORKING 127is likely to be an appropriate value. 128Extreme care should be taken when changing this value, 129and before changing it one should ensure that there are 130adequate provisions to recover from a failed boot 131(such as physical contact with the machine, 132or reliable remote console access). 133.It Va swapfile 134.Pq Vt str 135If set to 136.Dq Li NO , 137no swapfile is installed, otherwise the value is used as the full 138pathname to a file to use for additional swap space. 139.It Va apm_enable 140.Pq Vt bool 141If set to 142.Dq Li YES , 143enable support for Automatic Power Management with 144the 145.Xr apm 8 146command. 147.It Va apmd_enable 148.Pq Vt bool 149Run 150.Xr apmd 8 151to handle APM event from userland. 152This also enables support for APM. 153.It Va apmd_flags 154.Pq Vt str 155If 156.Va apmd_enable 157is set to 158.Dq Li YES , 159these are the flags to pass to the 160.Xr apmd 8 161daemon. 162.It Va devd_enable 163.Pq Vt bool 164Run 165.Xr devd 8 166to handle device added, removed or unknown events from the kernel. 167.It Va kldxref_enable 168.Pq Vt bool 169Set to 170.Dq Li NO 171by default. 172Set to 173.Dq Li YES 174to automatically rebuild 175.Pa linker.hints 176files with 177.Xr kldxref 8 178at boot time. 179.It Va kldxref_clobber 180.Pq Vt bool 181Set to 182.Dq Li NO 183by default. 184If 185.Va kldxref_enable 186is true, 187setting to 188.Dq Li YES 189will overwrite existing 190.Pa linker.hints 191files at boot time. 192Otherwise, 193only missing 194.Pa linker.hints 195files are generated. 196.It Va kldxref_module_path 197.Pq Vt str 198Empty by default. 199A semi-colon 200.Pq Ql \&; 201delimited list of paths containing 202.Xr kld 4 203modules. 204If empty, 205the contents of the 206.Va kern.module_path 207.Xr sysctl 8 208are used. 209.It Va powerd_enable 210.Pq Vt bool 211If set to 212.Dq Li YES , 213enable the system power control facility with the 214.Xr powerd 8 215daemon. 216.It Va powerd_flags 217.Pq Vt str 218If 219.Va powerd_enable 220is set to 221.Dq Li YES , 222these are the flags to pass to the 223.Xr powerd 8 224daemon. 225.It Va tmpmfs 226Controls the creation of a 227.Pa /tmp 228memory file system. 229Always happens if set to 230.Dq Li YES 231and never happens if set to 232.Dq Li NO . 233If set to anything else, a memory file system is created if 234.Pa /tmp 235is not writable. 236.It Va tmpsize 237Controls the size of a created 238.Pa /tmp 239memory file system. 240.It Va tmpmfs_flags 241Extra options passed to the 242.Xr mdmfs 8 243utility when the memory file system for 244.Pa /tmp 245is created. 246The default is 247.Dq Li "-S -M" , 248which inhibits the use of softupdates on 249.Pa /tmp 250to waste as little space as possible 251and creates a pure memory backed disk, which will never be swapped out, 252for maximum performance and system stability at low memory conditions. 253See 254.Xr mdmfs 8 255for other options you can use in 256.Va tmpmfs_flags . 257.It Va varmfs 258Controls the creation of a 259.Pa /var 260memory file system. 261Always happens if set to 262.Dq Li YES 263and never happens if set to 264.Dq Li NO . 265If set to anything else, a memory file system is created if 266.Pa /var 267is not writable. 268.It Va varsize 269Controls the size of a created 270.Pa /var 271memory file system. 272.It Va varmfs_flags 273Extra options passed to the 274.Xr mdmfs 8 275utility when the memory file system for 276.Pa /var 277is created. 278The default is 279.Dq Li "-S -M" , 280which inhibits the use of softupdates on 281.Pa /var 282to waste as little space as possible 283and creates a pure memory backed disk, which will never be swapped out, 284for maximum performance and system stability at low memory conditions. 285See 286.Xr mdmfs 8 287for other options you can use in 288.Va varmfs_flags . 289.It Va populate_var 290Controls the automatic population of the 291.Pa /var 292file system. 293Always happens if set to 294.Dq Li YES 295and never happens if set to 296.Dq Li NO . 297If set to anything else, a memory file system is created if 298.Pa /var 299is not writable. 300Note that this process requires access to certain commands in 301.Pa /usr 302before 303.Pa /usr 304is mounted on normal systems. 305.It Va cleanvar_enable 306.Pq Vt bool 307Clean the 308.Pa /var 309directory. 310.It Va local_startup 311.Pq Vt str 312List of directories to search for startup script files. 313.It Va script_name_sep 314.Pq Vt str 315The field separator to use for breaking down the list of startup script files 316into individual filenames. 317The default is a space. 318It is not necessary to change this unless there are startup scripts with names 319containing spaces. 320.It Va hostapd_enable 321.Pq Vt bool 322Set to 323.Dq Li YES 324to start 325.Xr hostapd 8 326at system boot time. 327.It Va hostname 328.Pq Vt str 329The fully qualified domain name (FQDN) of this host on the network. 330This should almost certainly be set to something meaningful, even if 331there is no network connection. 332If 333.Xr dhclient 8 334is used to set the hostname via DHCP, 335this variable should be set to an empty string. 336.It Va ipv6_enable 337.Pq Vt bool 338Enable support for IPv6 networking. 339Note that this requires that the kernel has been compiled with 340.Cd "options INET6" . 341.It Va nisdomainname 342.Pq Vt str 343The NIS domain name of this host, or 344.Dq Li NO 345if NIS is not used. 346.It Va dhclient_program 347.Pq Vt str 348Path to the DHCP client program 349.Pa ( /sbin/dhclient , 350the 351.Ox 352DHCP client, 353is the default). 354.It Va dhclient_flags 355.Pq Vt str 356Additional flags to pass to the DHCP client program. 357For the 358.Ox 359DHCP client, see the 360.Xr dhclient 8 361manpage for a description of the command line options available. 362.It Va dhclient_flags_ Ns Aq Ar iface 363Additional flags to pass to the DHCP client program running on 364.Ar iface 365only. 366When specified, this variable overrides 367.Va dhclient_flags . 368.It Va background_dhclient 369.Pq Vt bool 370Set to 371.Dq Li YES 372to start the DHCP client in background. 373This can cause trouble with applications depending on 374a working network, but it will provide a faster startup 375in many cases. 376.It Va background_dhclient_ Ns Aq Ar iface 377When specified, this variable overrides the 378.Va background_dhclient 379variable for interface 380.Ar iface 381only. 382.It Va synchronous_dhclient 383.Pq Bt bool 384Set to 385.Dq Li NO 386to start 387.Xr dhclient 8 388only in response to interface events and not synchronously at startup. 389This behavior can be overridden on a per-interface basis by replacing 390the 391.Dq Li DHCP 392keyword in the 393.Va ifconfig_ Ns Aq Ar interface 394variable with 395.Dq Li SYNCDHCP 396or 397.Dq Li NOSYNCDHCP . 398.It Va firewall_enable 399.Pq Vt bool 400Set to 401.Dq Li YES 402to load firewall rules at startup. 403If the kernel was not built with 404.Cd "options IPFIREWALL" , 405the 406.Pa ipfw.ko 407kernel module will be loaded. 408See also 409.Va ipfilter_enable . 410.It Va ipv6_firewall_enable 411.Pq Vt bool 412The IPv6 equivalent of 413.Va firewall_enable . 414Set to 415.Dq Li YES 416to load IPv6 firewall rules at startup. 417If the kernel was not built with 418.Cd "options IPV6FIREWALL" , 419the 420.Pa ipfw.ko 421kernel module will be loaded. 422.It Va firewall_script 423.Pq Vt str 424This variable specifies the full path to the firewall script to run. 425The default is 426.Pa /etc/rc.firewall . 427.It Va ipv6_firewall_script 428.Pq Vt str 429The IPv6 equivalent of 430.Va firewall_script . 431.It Va firewall_type 432.Pq Vt str 433Names the firewall type from the selection in 434.Pa /etc/rc.firewall , 435or the file which contains the local firewall ruleset. 436Valid selections from 437.Pa /etc/rc.firewall 438are: 439.Pp 440.Bl -tag -width ".Li simple" -compact 441.It Li open 442unrestricted IP access 443.It Li closed 444all IP services disabled, except via 445.Dq Li lo0 446.It Li client 447basic protection for a workstation 448.It Li simple 449basic protection for a LAN. 450.El 451.Pp 452If a filename is specified, the full path 453must be given. 454.It Va ipv6_firewall_type 455.Pq Vt str 456The IPv6 equivalent of 457.Va firewall_type . 458.It Va firewall_quiet 459.Pq Vt bool 460Set to 461.Dq Li YES 462to disable the display of firewall rules on the console during boot. 463.It Va ipv6_firewall_quiet 464.Pq Vt bool 465The IPv6 equivalent of 466.Va firewall_quiet . 467.It Va firewall_logging 468.Pq Vt bool 469Set to 470.Dq Li YES 471to enable firewall event logging. 472This is equivalent to the 473.Dv IPFIREWALL_VERBOSE 474kernel option. 475.It Va ipv6_firewall_logging 476.Pq Vt bool 477The IPv6 equivalent of 478.Va firewall_logging . 479.It Va firewall_flags 480.Pq Vt str 481Flags passed to 482.Xr ipfw 8 483if 484.Va firewall_type 485specifies a filename. 486.It Va ipv6_firewall_flags 487.Pq Vt str 488The IPv6 equivalent of 489.Va firewall_flags . 490.It Va natd_program 491.Pq Vt str 492Path to 493.Xr natd 8 . 494.It Va natd_enable 495.Pq Vt bool 496Set to 497.Dq Li YES 498to enable 499.Xr natd 8 . 500.Va firewall_enable 501must also be set to 502.Dq Li YES , 503and 504.Xr divert 4 505sockets must be enabled in the kernel. 506If the kernel was not built with 507.Cd "options IPDIVERT" , 508the 509.Pa ipdivert.ko 510kernel module will be loaded. 511.It Va natd_interface 512.Pq Vt str 513This is the name of the public interface on which 514.Xr natd 8 515should run. 516The interface may be given as an interface name or as an IP address. 517.It Va natd_flags 518.Pq Vt str 519Additional 520.Xr natd 8 521flags should be placed here. 522The 523.Fl n 524or 525.Fl a 526flag is automatically added with the above 527.Va natd_interface 528as an argument. 529.\" ----- ipfilter_enable setting -------------------------------- 530.It Va ipfilter_enable 531.Pq Vt bool 532Set to 533.Dq Li NO 534by default. 535Setting this to 536.Dq Li YES 537enables 538.Xr ipf 8 539packet filtering. 540.Pp 541Typical usage will require putting 542.Bd -literal 543ipfilter_enable="YES" 544ipnat_enable="YES" 545ipmon_enable="YES" 546ipfs_enable="YES" 547.Ed 548.Pp 549into 550.Pa /etc/rc.conf 551and editing 552.Pa /etc/ipf.rules 553and 554.Pa /etc/ipnat.rules 555appropriately. 556.Pp 557Note that 558.Va ipfilter_enable 559and 560.Va ipnat_enable 561can be enabled independently. 562.Va ipmon_enable 563and 564.Va ipfs_enable 565both require at least one of 566.Va ipfilter_enable 567and 568.Va ipnat_enable 569to be enabled. 570.Pp 571Having 572.Bd -literal 573options IPFILTER 574options IPFILTER_LOG 575options IPFILTER_DEFAULT_BLOCK 576.Ed 577.Pp 578in the kernel configuration file is a good idea, too. 579.\" ----- ipfilter_program setting ------------------------------ 580.It Va ipfilter_program 581.Pq Vt str 582Path to 583.Xr ipf 8 584(default 585.Pa /sbin/ipf ) . 586.\" ----- ipfilter_rules setting -------------------------------- 587.It Va ipfilter_rules 588.Pq Vt str 589Set to 590.Pa /etc/ipf.rules 591by default. 592This variable contains the name of the filter rule definition file. 593The file is expected to be readable for the 594.Xr ipf 8 595command to execute. 596.\" ----- ipv6_ipfilter_rules setting --------------------------- 597.It Va ipv6_ipfilter_rules 598.Pq Vt str 599Set to 600.Pa /etc/ipf6.rules 601by default. 602This variable contains the IPv6 filter rule definition file. 603The file is expected to be readable for the 604.Xr ipf 8 605command to execute. 606.\" ----- ipfilter_flags setting -------------------------------- 607.It Va ipfilter_flags 608.Pq Vt str 609Empty by default. 610This variable contains flags passed to the 611.Xr ipf 8 612program. 613.\" ----- ipnat_enable setting ---------------------------------- 614.It Va ipnat_enable 615.Pq Vt bool 616Set to 617.Dq Li NO 618by default. 619Set it to 620.Dq Li YES 621to enable 622.Xr ipnat 8 623network address translation. 624See 625.Va ipfilter_enable 626for a detailed discussion. 627.\" ----- ipnat_program setting --------------------------------- 628.It Va ipnat_program 629.Pq Vt str 630Path to 631.Xr ipnat 8 632(default 633.Pa /sbin/ipnat ) . 634.\" ----- ipnat_rules setting ----------------------------------- 635.It Va ipnat_rules 636.Pq Vt str 637Set to 638.Pa /etc/ipnat.rules 639by default. 640This variable contains the name of the file 641holding the network address translation definition. 642This file is expected to be readable for the 643.Xr ipnat 8 644command to execute. 645.\" ----- ipnat_flags setting ----------------------------------- 646.It Va ipnat_flags 647.Pq Vt str 648Empty by default. 649This variable contains flags passed to the 650.Xr ipnat 8 651program. 652.\" ----- ipmon_enable setting ---------------------------------- 653.It Va ipmon_enable 654.Pq Vt bool 655Set to 656.Dq Li NO 657by default. 658Set it to 659.Dq Li YES 660to enable 661.Xr ipmon 8 662monitoring (logging 663.Xr ipf 8 664and 665.Xr ipnat 8 666events). 667Setting this variable needs setting 668.Va ipfilter_enable 669or 670.Va ipnat_enable 671too. 672See 673.Va ipfilter_enable 674for a detailed discussion. 675.\" ----- ipmon_program setting --------------------------------- 676.It Va ipmon_program 677.Pq Vt str 678Path to 679.Xr ipmon 8 680(default 681.Pa /sbin/ipmon ) . 682.\" ----- ipmon_flags setting ----------------------------------- 683.It Va ipmon_flags 684.Pq Vt str 685Set to 686.Dq Li -Ds 687by default. 688This variable contains flags passed to the 689.Xr ipmon 8 690program. 691Another typical example would be 692.Dq Fl D Pa /var/log/ipflog 693to have 694.Xr ipmon 8 695log directly to a file bypassing 696.Xr syslogd 8 . 697Make sure to adjust 698.Pa /etc/newsyslog.conf 699in such case like this: 700.Bd -literal 701/var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid 702.Ed 703.\" ----- ipfs_enable setting ----------------------------------- 704.It Va ipfs_enable 705.Pq Vt bool 706Set to 707.Dq Li NO 708by default. 709Set it to 710.Dq Li YES 711to enable 712.Xr ipfs 8 713saving the filter and NAT state tables during shutdown 714and reloading them during startup again. 715Setting this variable needs setting 716.Va ipfilter_enable 717or 718.Va ipnat_enable 719to 720.Dq Li YES 721too. 722See 723.Va ipfilter_enable 724for a detailed discussion. 725Note that if 726.Va kern_securelevel 727is set to 3, 728.Va ipfs_enable 729cannot be used 730because the raised securelevel will prevent 731.Xr ipfs 8 732from saving the state tables at shutdown time. 733.\" ----- ipfs_program setting ---------------------------------- 734.It Va ipfs_program 735.Pq Vt str 736Path to 737.Xr ipfs 8 738(default 739.Pa /sbin/ipfs ) . 740.\" ----- ipfs_flags setting ------------------------------------ 741.It Va ipfs_flags 742.Pq Vt str 743Empty by default. 744This variable contains flags passed to the 745.Xr ipfs 8 746program. 747.\" ----- end of added ipf hook --------------------------------- 748.It Va pf_enable 749.Pq Vt bool 750Set to 751.Dq Li NO 752by default. 753Setting this to 754.Dq Li YES 755enables 756.Xr pf 4 757packet filtering. 758.Pp 759Typical usage will require putting 760.Pp 761.Dl pf_enable="YES" 762.Pp 763into 764.Pa /etc/rc.conf 765and editing 766.Pa /etc/pf.conf 767appropriately. 768.Pp 769.Dl "device pf" 770.Pp 771builds 772.Xr pf 4 773into the kernel. 774Otherwise it is loaded from a module. 775.It Va pf_rules 776.Pq Vt str 777Path to 778.Xr pf 4 779ruleset configuration file 780(default 781.Pa /etc/pf.conf ) . 782.It Va pf_program 783.Pq Vt str 784Path to 785.Xr pfctl 8 786(default 787.Pa /sbin/pfctl ) . 788.It Va pf_flags 789.Pq Vt str 790If 791.Va pf_enable 792is set to 793.Dq Li YES , 794these flags are passed to the 795.Xr pfctl 8 796program when loading the ruleset. 797.It Va pflog_enable 798.Pq Vt bool 799Set to 800.Dq Li NO 801by default. 802Setting this to 803.Dq Li YES 804enables 805.Xr pflogd 8 806which logs packets from the 807.Xr pf 4 808packet filter. 809.It Va pflog_logfile 810.Pq Vt str 811If 812.Va pflog_enable 813is set to 814.Dq Li YES 815this controls where 816.Xr pflogd 8 817stores the logfile 818(default 819.Pa /var/log/pflog ) . 820Check 821.Pa /etc/newsyslog.conf 822to adjust logfile rotation for this. 823.It Va pflog_program 824.Pq Vt str 825Path to 826.Xr pflogd 8 827(default 828.Pa /sbin/pflogd ) . 829.It Va pflog_flags 830.Pq Vt str 831Empty by default. 832This variable contains additional flags passed to the 833.Xr pflogd 8 834program. 835.It Va pfsync_enable 836.Pq Vt bool 837Set to 838.Dq Li NO 839by default. 840Setting this to 841.Dq Li YES 842enables exposing 843.Xr pf 4 844state changes to other hosts over the network by means of 845.Xr pfsync 4 . 846The 847.Va pfsync_syncdev 848variable 849must also be set then. 850.It Va pfsync_syncdev 851.Pq Vt str 852Empty by default. 853This variable specifies the name of the network interface 854.Xr pfsync 4 855should operate through. 856It must be set accordingly if 857.Va pfsync_enable 858is set to 859.Dq Li YES . 860.It Va pfsync_ifconfig 861.Pq Vt str 862Empty by default. 863This variable can contain additional options to be passed to the 864.Xr ifconfig 8 865command used to set up 866.Xr pfsync 4 . 867.It Va tcp_extensions 868.Pq Vt bool 869Set to 870.Dq Li YES 871by default. 872Setting this to 873.Dq Li NO 874disables certain TCP options as described by 875.Rs 876.%T "RFC 1323" 877.Re 878Setting this to 879.Dq Li NO 880might help remedy such problems with connections as randomly hanging 881or other weird behavior. 882Some network devices are known 883to be broken with respect to these options. 884.It Va log_in_vain 885.Pq Vt int 886Set to 0 by default. 887The 888.Xr sysctl 8 889variables, 890.Va net.inet.tcp.log_in_vain 891and 892.Va net.inet.udp.log_in_vain , 893as described in 894.Xr tcp 4 895and 896.Xr udp 4 , 897are set to the given value. 898.It Va tcp_keepalive 899.Pq Vt bool 900Set to 901.Dq Li YES 902by default. 903Setting to 904.Dq Li NO 905will disable probing idle TCP connections to verify that the 906peer is still up and reachable. 907.It Va tcp_drop_synfin 908.Pq Vt bool 909Set to 910.Dq Li NO 911by default. 912Setting to 913.Dq Li YES 914will cause the kernel to ignore TCP frames that have both 915the SYN and FIN flags set. 916This prevents OS fingerprinting, but may 917break some legitimate applications. 918This option is only available if the 919kernel was built with the 920.Dv TCP_DROP_SYNFIN 921option. 922.It Va icmp_drop_redirect 923.Pq Vt bool 924Set to 925.Dq Li NO 926by default. 927Setting to 928.Dq Li YES 929will cause the kernel to ignore ICMP REDIRECT packets. 930Refer to 931.Xr icmp 4 932for more information. 933.It Va icmp_log_redirect 934.Pq Vt bool 935Set to 936.Dq Li NO 937by default. 938Setting to 939.Dq Li YES 940will cause the kernel to log ICMP REDIRECT packets. 941Note that 942the log messages are not rate-limited, so this option should only be used 943for troubleshooting networks. 944Refer to 945.Xr icmp 4 946for more information. 947.It Va icmp_bmcastecho 948.Pq Vt bool 949Set to 950.Dq Li YES 951to respond to broadcast or multicast ICMP ping packets. 952Refer to 953.Xr icmp 4 954for more information. 955.It Va ip_portrange_first 956.Pq Vt int 957If not set to 958.Dq Li NO , 959this is the first port in the default portrange. 960Refer to 961.Xr ip 4 962for more information. 963.It Va ip_portrange_last 964.Pq Vt int 965If not set to 966.Dq Li NO , 967this is the last port in the default portrange. 968Refer to 969.Xr ip 4 970for more information. 971.It Va network_interfaces 972.Pq Vt str 973Set to the list of network interfaces to configure on this host or 974.Dq Li AUTO 975(the default) for all current interfaces. 976Setting the 977.Va network_interfaces 978variable to anything other than the default is deprecated. 979Interfaces that the administrator wishes to store configuration for, 980but not start at boot should be configured with the 981.Dq Li NOAUTO 982keyword in their 983.Va ifconfig_ Ns Aq Ar interface 984variables as described below. 985.Pp 986An 987.Va ifconfig_ Ns Aq Ar interface 988variable is also assumed to exist for each value of 989.Ar interface . 990When an interface name contains any of the characters 991.Dq Li .-/+ 992they are translated to 993.Dq Li _ 994before lookup. 995The variable can contain arguments to 996.Xr ifconfig 8 , 997as well as special case-insensitive keywords described below. 998Such keywords are removed before passing the value to 999.Xr ifconfig 8 1000while the order of the other arguments is preserved. 1001.Pp 1002One can configure more than one IPv4 address with the 1003.Va ipv4_addrs_ Ns Aq Ar interface 1004variable. 1005One or more IP addresses must be provided in Classless Inter-Domain 1006Routing (CIDR) address notation, whose last byte can be a range like 1007192.168.0.5-23/24. 1008In this case the address 192.168.0.5 will be configured with the 1009netmask /24 and the addresses 192.168.0.6 to 192.168.0.23 with 1010the non-conflicting netmask /32 as explained in the 1011.Xr ifconfig 8 1012alias section. 1013With the interface in question being 1014.Li ed0 , 1015an example could look like: 1016.Bd -literal 1017ipv4_addrs_ed0="192.168.0.1/24 192.168.1.1-5/28" 1018.Ed 1019.Pp 1020It is also possible to add IP alias entries using 1021.Xr ifconfig 8 1022syntax. 1023Assuming that the interface in question was 1024.Li ed0 , 1025it might look 1026something like this: 1027.Bd -literal 1028ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff" 1029ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff" 1030.Ed 1031.Pp 1032And so on. 1033For each 1034.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1035entry that is found, 1036its contents are passed to 1037.Xr ifconfig 8 . 1038Execution stops at the first unsuccessful access, so if 1039something like this is present: 1040.Bd -literal 1041ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff" 1042ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff" 1043ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff" 1044ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff" 1045.Ed 1046.Pp 1047Then note that alias4 would 1048.Em not 1049be added since the search would 1050stop with the missing 1051.Dq Li alias3 1052entry. 1053Due to this difficult to manage behavior, the 1054.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1055form is deprecated. 1056.Pp 1057If the 1058.Pa /etc/start_if. Ns Aq Ar interface 1059file is present, it is read and executed by the 1060.Xr sh 1 1061interpreter 1062before configuring the interface as specified in the 1063.Va ifconfig_ Ns Aq Ar interface 1064and 1065.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n 1066variables. 1067.Pp 1068If the 1069.Va ifconfig_ Ns Aq Ar interface 1070contains the keyword 1071.Dq Li NOAUTO 1072then the interface will not be configured 1073at boot or by 1074.Pa /etc/pccard_ether 1075when 1076.Va network_interfaces 1077is set to 1078.Dq Li AUTO . 1079.Pp 1080It is possible to bring up an interface with DHCP by adding 1081.Dq Li DHCP 1082to the 1083.Va ifconfig_ Ns Aq Ar interface 1084variable. 1085For instance, to initialize the 1086.Li ed0 1087device via DHCP, 1088it is possible to use something like: 1089.Bd -literal 1090ifconfig_ed0="DHCP" 1091.Ed 1092.Pp 1093Also, if your interface needs WPA authentication, it is possible to add 1094.Dq Li WPA 1095to the 1096.Va ifconfig_ Ns Aq Ar interface 1097variable. 1098.Pp 1099Finally, you can add 1100.Xr ifconfig 8 1101options in this variable, in addition to the 1102.Pa /etc/start_if. Ns Aq Ar interface 1103file. 1104For instance, to initialize the 1105.Li wi0 1106device via DHCP, using WPA authentication and 802.11b mode, it is 1107possible to use something like: 1108.Bd -literal 1109ifconfig_wi0="DHCP WPA mode 11b" 1110.Ed 1111.Pp 1112In addition to the 1113.Va ifconfig_ Ns Aq Ar interface 1114form, a fallback variable 1115.Va ifconfig_DEFAULT 1116may be configured. 1117It will be used for all interfaces with no 1118.Va ifconfig_ Ns Aq Ar interface 1119variable. 1120This is intended to replace the no longer supported 1121.Va pccard_ifconfig 1122variable. 1123.Pp 1124It is also possible to rename interface by doing: 1125.Bd -literal 1126ifconfig_ed0_name="net0" 1127ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000" 1128.Ed 1129.It Va ipv6_network_interfaces 1130.Pq Vt str 1131This is the IPv6 equivalent of 1132.Va network_interfaces . 1133Instead of setting the ifconfig variables as 1134.Va ifconfig_ Ns Aq Ar interface 1135they should be set as 1136.Va ipv6_ifconfig_ Ns Aq Ar interface . 1137Aliases should be set as 1138.Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n . 1139.Va ipv6_prefix_ Ns Aq Ar interface 1140does something. 1141Interfaces that do not have a 1142.Va ipv6_ifconfig_ Ns Aq Ar interface 1143setting will be auto configured by 1144.Xr rtsol 8 1145if the 1146.Va ipv6_gateway_enable 1147is set to 1148.Dq Li NO . 1149Note that the IPv6 networking code does not support the 1150.Pa /etc/start_if. Ns Aq Ar interface 1151files. 1152.It Va ipv6_default_interface 1153.Pq Vt str 1154If not set to 1155.Dq Li NO , 1156this is the default output interface for scoped addresses. 1157Now this works only for IPv6 link local multicast addresses. 1158.It Va cloned_interfaces 1159.Pq Vt str 1160Set to the list of clonable network interfaces to create on this host. 1161Entries in 1162.Va cloned_interfaces 1163are automatically appended to 1164.Va network_interfaces 1165for configuration. 1166.It Va gif_interfaces 1167.Pq Vt str 1168Set to the list of 1169.Xr gif 4 1170tunnel interfaces to configure on this host. 1171A 1172.Va gifconfig_ Ns Aq Ar interface 1173variable is assumed to exist for each value of 1174.Ar interface . 1175The value of this variable is used to configure the link layer of the 1176tunnel according to the syntax of the 1177.Cm tunnel 1178option to 1179.Xr ifconfig 8 . 1180Additionally, this option ensures that each listed interface is created 1181via the 1182.Cm create 1183option to 1184.Xr ifconfig 8 1185before attempting to configure it. 1186.It Va sppp_interfaces 1187.Pq Vt str 1188Set to the list of 1189.Xr sppp 4 1190interfaces to configure on this host. 1191A 1192.Va spppconfig_ Ns Aq Ar interface 1193variable is assumed to exist for each value of 1194.Ar interface . 1195Each interface should also be configured by a general 1196.Va ifconfig_ Ns Aq Ar interface 1197setting. 1198Refer to 1199.Xr spppcontrol 8 1200for more information about available options. 1201.It Va ppp_enable 1202.Pq Vt bool 1203If set to 1204.Dq Li YES , 1205run the 1206.Xr ppp 8 1207daemon. 1208.It Va ppp_mode 1209.Pq Vt str 1210Mode in which to run the 1211.Xr ppp 8 1212daemon. 1213Accepted modes are 1214.Dq Li auto , 1215.Dq Li ddial , 1216.Dq Li direct 1217and 1218.Dq Li dedicated . 1219See the manual for a full description. 1220.It Va ppp_nat 1221.Pq Vt bool 1222If set to 1223.Dq Li YES , 1224enables network address translation. 1225Used in conjunction with 1226.Va gateway_enable 1227allows hosts on private network addresses access to the Internet using 1228this host as a network address translating router. 1229.It Va ppp_profile 1230.Pq Vt str 1231The name of the profile to use from 1232.Pa /etc/ppp/ppp.conf . 1233.It Va ppp_user 1234.Pq Vt str 1235The name of the user under which 1236.Xr ppp 8 1237should be started. 1238By 1239default, 1240.Xr ppp 8 1241is started as 1242.Dq Li root . 1243.It Va rc_conf_files 1244.Pq Vt str 1245This option is used to specify a list of files that will override 1246the settings in 1247.Pa /etc/defaults/rc.conf . 1248The files will be read in the order in which they are specified and should 1249include the full path to the file. 1250By default, the files specified are 1251.Pa /etc/rc.conf 1252and 1253.Pa /etc/rc.conf.local 1254.It Va gbde_autoattach_all 1255.Pq Vt bool 1256If set to 1257.Dq Li YES , 1258.Pa /etc/rc.d/gbde 1259will attempt to automatically initialize your .bde devices in 1260.Pa /etc/fstab . 1261.It Va gbde_devices 1262.Pq Vt str 1263List the devices that the script should try to attach, 1264or 1265.Dq Li AUTO . 1266.It Va gbde_lockdir 1267.Pq Vt str 1268The directory where the 1269.Xr gbde 4 1270lockfiles are located. 1271The default lockfile directory is 1272.Pa /etc . 1273.Pp 1274The lockfile for each individual 1275.Xr gbde 4 1276device can be overridden by setting the variable 1277.Va gbde_lock_ Ns Aq Ar device , 1278where 1279.Ar device 1280is the encrypted device without the 1281.Dq Pa /dev/ 1282and 1283.Dq Pa .bde 1284parts. 1285.It Va gbde_attach_attempts 1286.Pq Vt int 1287Number of times to attempt attaching to a 1288.Xr gbde 4 1289device, i.e., how many times the user is asked for the pass-phrase. 1290Default is 3. 1291.It Va geli_devices 1292.Pq Vt str 1293List of devices to automatically attach on boot. 1294Note that .eli devices from 1295.Pa /etc/fstab 1296are automatically appended to this list. 1297.It Va geli_tries 1298.Pq Vt int 1299Number of times user is asked for the pass-phrase. 1300If empty, it will be taken from 1301.Va kern.geom.eli.tries 1302sysctl variable. 1303.It Va geli_default_flags 1304.Pq Vt str 1305Default flags to use by 1306.Xr geli 8 1307when configuring disk encryption. 1308Flags can be configured for every device separately by defining 1309.Va geli_ Ns Ao Ar device Ac Ns Va _flags 1310variable. 1311.It Va geli_autodetach 1312.Pq Vt str 1313Specifies if GELI devices should be marked for detach on last close after 1314file systems are mounted. 1315Default is 1316.Dq Li YES . 1317This can be changed for every device separately by defining 1318.Va geli_ Ns Ao Ar device Ac Ns Va _autodetach 1319variable. 1320.It Va geli_swap_flags 1321Options passed to the 1322.Xr geli 8 1323utility when encrypted GEOM providers for swap partitions are created. 1324The default is 1325.Dq Li "-a aes -l 256 -s 4096 -d" . 1326.It Va root_rw_mount 1327.Pq Vt bool 1328Set to 1329.Dq Li YES 1330by default. 1331After the file systems are checked at boot time, the root file system 1332is remounted as read-write if this is set to 1333.Dq Li YES . 1334Diskless systems that mount their root file system from a read-only remote 1335NFS share should set this to 1336.Dq Li NO 1337in their 1338.Pa rc.conf . 1339.It Va fsck_y_enable 1340.Pq Vt bool 1341If set to 1342.Dq Li YES , 1343.Xr fsck 8 1344will be run with the 1345.Fl y 1346flag if the initial preen 1347of the file systems fails. 1348.It Va background_fsck 1349.Pq Vt bool 1350If set to 1351.Dq Li YES , 1352the system will attempt to run 1353.Xr fsck 8 1354in the background where possible. 1355.It Va background_fsck_delay 1356.Pq Vt int 1357The amount of time in seconds to sleep before starting a background 1358.Xr fsck 8 . 1359It defaults to sixty seconds to allow large applications such as 1360the X server to start before disk I/O bandwidth is monopolized by 1361.Xr fsck 8 . 1362.It Va netfs_types 1363.Pq Vt str 1364List of file system types that are network-based. 1365This list should generally not be modified by end users. 1366Use 1367.Va extra_netfs_types 1368instead. 1369.It Va extra_netfs_types 1370.Pq Vt str 1371If set to something other than 1372.Dq Li NO 1373(the default), 1374this variable extends the list of file system types 1375for which automatic mounting at startup by 1376.Xr rc 8 1377should be delayed until the network is initialized. 1378It should contain 1379a whitespace-separated list of network file system descriptor pairs, 1380each consisting of a file system type as passed to 1381.Xr mount 8 1382and a human-readable, one-word description, 1383joined with a colon 1384.Pq Ql \&: . 1385Extending the default list in this way is only necessary 1386when third party file system types are used. 1387.It Va syslogd_enable 1388.Pq Vt bool 1389If set to 1390.Dq Li YES , 1391run the 1392.Xr syslogd 8 1393daemon. 1394.It Va syslogd_program 1395.Pq Vt str 1396Path to 1397.Xr syslogd 8 1398(default 1399.Pa /usr/sbin/syslogd ) . 1400.It Va syslogd_flags 1401.Pq Vt str 1402If 1403.Va syslogd_enable 1404is set to 1405.Dq Li YES , 1406these are the flags to pass to 1407.Xr syslogd 8 . 1408.It Va inetd_enable 1409.Pq Vt bool 1410If set to 1411.Dq Li YES , 1412run the 1413.Xr inetd 8 1414daemon. 1415.It Va inetd_program 1416.Pq Vt str 1417Path to 1418.Xr inetd 8 1419(default 1420.Pa /usr/sbin/inetd ) . 1421.It Va inetd_flags 1422.Pq Vt str 1423If 1424.Va inetd_enable 1425is set to 1426.Dq Li YES , 1427these are the flags to pass to 1428.Xr inetd 8 . 1429.It Va named_enable 1430.Pq Vt bool 1431If set to 1432.Dq Li YES , 1433run the 1434.Xr named 8 1435daemon. 1436.It Va named_program 1437.Pq Vt str 1438Path to 1439.Xr named 8 1440(default 1441.Pa /usr/sbin/named ) . 1442.It Va named_flags 1443.Pq Vt str 1444If 1445.Va named_enable 1446is set to 1447.Dq Li YES , 1448these are the flags to pass to 1449.Xr named 8 . 1450.It Va named_pidfile 1451.Pq Vt str 1452This is the default path to the 1453.Xr named 8 1454daemon's PID file. 1455This must match the location in 1456.Xr named.conf 5 . 1457.It Va named_uid 1458.Pq Vt str 1459The user that the 1460.Xr named 8 1461process should be run as. 1462.It Va named_chrootdir 1463.Pq Vt str 1464The root directory for a name server run in a 1465.Xr chroot 8 1466environment (default 1467.Pa /var/named ) . 1468If left empty 1469.Xr named 8 1470will not be run in a 1471.Xr chroot 8 1472environment. 1473.It Va named_chroot_autoupdate 1474.Pq Vt bool 1475Set to 1476.Dq Li NO 1477to disable automatic update of the 1478.Xr chroot 8 1479environment. 1480.It Va named_symlink_enable 1481.Pq Vt bool 1482Set to 1483.Dq Li NO 1484to disable symlinking of 1485daemon's PID file 1486into the 1487.Xr chroot 8 1488environment. 1489.It Va kerberos5_server_enable 1490.Pq Vt bool 1491Set to 1492.Dq Li YES 1493to start a Kerberos 5 authentication server 1494at boot time. 1495.It Va kerberos5_server 1496.Pq Vt str 1497If 1498.Va kerberos5_server_enable 1499is set to 1500.Dq Li YES 1501this is the path to Kerberos 5 Authentication Server. 1502.It Va kerberos5_server_flags 1503.Pq Vt str 1504Empty by default. 1505This variable contains additional flags to be passed to the Kerberos 5 1506authentication server. 1507.It Va kadmind5_server_enable 1508.Pq Vt bool 1509Set to 1510.Dq Li YES 1511to start 1512.Xr kadmind 8 , 1513the Kerberos 5 Administration Daemon; set to 1514.Dq Li NO 1515on a slave server. 1516.It Va kadmind5_server 1517.Pq Vt str 1518If 1519.Va kadmind5_server_enable 1520is set to 1521.Dq Li YES 1522this is the path to Kerberos 5 Administration Daemon. 1523.It Va kpasswdd_server_enable 1524.Pq Vt bool 1525Set to 1526.Dq Li YES 1527to start 1528.Xr kpasswdd 8 , 1529the Kerberos 5 Password-Changing Daemon; set to 1530.Dq Li NO 1531on a slave server. 1532.It Va kpasswdd_server 1533.Pq Vt str 1534If 1535.Va kpasswdd_server_enable 1536is set to 1537.Dq Li YES 1538this is the path to Kerberos 5 Password-Changing Daemon. 1539.It Va rwhod_enable 1540.Pq Vt bool 1541If set to 1542.Dq Li YES , 1543run the 1544.Xr rwhod 8 1545daemon at boot time. 1546.It Va rwhod_flags 1547.Pq Vt str 1548If 1549.Va rwhod_enable 1550is set to 1551.Dq Li YES , 1552these are the flags to pass to it. 1553.It Va amd_enable 1554.Pq Vt bool 1555If set to 1556.Dq Li YES , 1557run the 1558.Xr amd 8 1559daemon at boot time. 1560.It Va amd_flags 1561.Pq Vt str 1562If 1563.Va amd_enable 1564is set to 1565.Dq Li YES , 1566these are the flags to pass to it. 1567See the 1568.Xr amd 8 1569manpage for more information. 1570.It Va amd_map_program 1571.Pq Vt str 1572If set, 1573the specified program is run to get the list of 1574.Xr amd 8 1575maps. 1576For example, if the 1577.Xr amd 8 1578maps are stored in NIS, one can set this to 1579run 1580.Xr ypcat 1 1581to get a list of 1582.Xr amd 8 1583maps from the 1584.Pa amd.master 1585NIS map. 1586.It Va update_motd 1587.Pq Vt bool 1588If set to 1589.Dq Li YES , 1590.Pa /etc/motd 1591will be updated at boot time to reflect the kernel release 1592being run. 1593If set to 1594.Dq Li NO , 1595.Pa /etc/motd 1596will not be updated. 1597.It Va nfs_client_enable 1598.Pq Vt bool 1599If set to 1600.Dq Li YES , 1601run the NFS client daemons at boot time. 1602.It Va nfs_access_cache 1603.Pq Vt int 1604If 1605.Va nfs_client_enable 1606is set to 1607.Dq Li YES , 1608this can be set to 1609.Dq Li 0 1610to disable NFS ACCESS RPC caching, or to the number of seconds for which 1611NFS ACCESS 1612results should be cached. 1613A value of 2-10 seconds will substantially reduce network 1614traffic for many NFS operations. 1615.It Va nfs_server_enable 1616.Pq Vt bool 1617If set to 1618.Dq Li YES , 1619run the NFS server daemons at boot time. 1620.It Va nfs_server_flags 1621.Pq Vt str 1622If 1623.Va nfs_server_enable 1624is set to 1625.Dq Li YES , 1626these are the flags to pass to the 1627.Xr nfsd 8 1628daemon. 1629.It Va idmapd_enable 1630.Pq Vt bool 1631If set to 1632.Dq Li YES , 1633run the ID mapping daemon for NFS version 4. 1634.It Va idmapd_flags 1635.Pq Vt str 1636If 1637.Va idmapd_enable 1638is set to 1639.Dq Li YES , 1640these are the flags to pass to the 1641.Xr idmapd 8 1642daemon. 1643.It Va mountd_enable 1644.Pq Vt bool 1645If set to 1646.Dq Li YES , 1647and no 1648.Va nfs_server_enable 1649is set, start 1650.Xr mountd 8 , 1651but not 1652.Xr nfsd 8 1653daemon. 1654It is commonly needed to run CFS without real NFS used. 1655.It Va mountd_flags 1656.Pq Vt str 1657If 1658.Va mountd_enable 1659is set to 1660.Dq Li YES , 1661these are the flags to pass to the 1662.Xr mountd 8 1663daemon. 1664.It Va weak_mountd_authentication 1665.Pq Vt bool 1666If set to 1667.Dq Li YES , 1668allow services like PCNFSD to make non-privileged mount 1669requests. 1670.It Va nfs_reserved_port_only 1671.Pq Vt bool 1672If set to 1673.Dq Li YES , 1674provide NFS services only on a secure port. 1675.It Va nfs_bufpackets 1676.Pq Vt int 1677If set to a number, indicates the number of packets worth of 1678socket buffer space to reserve on an NFS client. 1679The kernel default is typically 4. 1680Using a higher number may be 1681useful on gigabit networks to improve performance. 1682The minimum value is 16832 and the maximum is 64. 1684.It Va rpc_lockd_enable 1685.Pq Vt bool 1686If set to 1687.Dq Li YES 1688and also an NFS server or client, run 1689.Xr rpc.lockd 8 1690at boot time. 1691.It Va rpc_statd_enable 1692.Pq Vt bool 1693If set to 1694.Dq Li YES 1695and also an NFS server or client, run 1696.Xr rpc.statd 8 1697at boot time. 1698.It Va rpcbind_program 1699.Pq Vt str 1700Path to 1701.Xr rpcbind 8 1702(default 1703.Pa /usr/sbin/rpcbind ) . 1704.It Va rpcbind_enable 1705.Pq Vt bool 1706If set to 1707.Dq Li YES , 1708run the 1709.Xr rpcbind 8 1710service at boot time. 1711.It Va rpcbind_flags 1712.Pq Vt str 1713If 1714.Va rpcbind_enable 1715is set to 1716.Dq Li YES , 1717these are the flags to pass to the 1718.Xr rpcbind 8 1719daemon. 1720.It Va keyserv_enable 1721.Pq Vt bool 1722If set to 1723.Dq Li YES , 1724run the 1725.Xr keyserv 8 1726daemon on boot for running Secure RPC. 1727.It Va keyserv_flags 1728.Pq Vt str 1729If 1730.Va keyserv_enable 1731is set to 1732.Dq Li YES , 1733these are the flags to pass to 1734.Xr keyserv 8 1735daemon. 1736.It Va pppoed_enable 1737.Pq Vt bool 1738If set to 1739.Dq Li YES , 1740run the 1741.Xr pppoed 8 1742daemon at boot time to provide PPP over Ethernet services. 1743.It Va pppoed_ Ns Aq Ar provider 1744.Pq Vt str 1745.Xr pppoed 8 1746listens to requests to this 1747.Ar provider 1748and ultimately runs 1749.Xr ppp 8 1750with a 1751.Ar system 1752argument of the same name. 1753.It Va pppoed_flags 1754.Pq Vt str 1755Additional flags to pass to 1756.Xr pppoed 8 . 1757.It Va pppoed_interface 1758.Pq Vt str 1759The network interface to run 1760.Xr pppoed 8 1761on. 1762This is mandatory when 1763.Va pppoed_enable 1764is set to 1765.Dq Li YES . 1766.It Va timed_enable 1767.Pq Vt bool 1768If set to 1769.Dq Li YES , 1770run the 1771.Xr timed 8 1772service at boot time. 1773This command is intended for networks of 1774machines where a consistent 1775.Dq "network time" 1776for all hosts must be established. 1777This is often useful in large NFS 1778environments where time stamps on files are expected to be consistent 1779network-wide. 1780.It Va timed_flags 1781.Pq Vt str 1782If 1783.Va timed_enable 1784is set to 1785.Dq Li YES , 1786these are the flags to pass to the 1787.Xr timed 8 1788service. 1789.It Va ntpdate_enable 1790.Pq Vt bool 1791If set to 1792.Dq Li YES , 1793run 1794.Xr ntpdate 8 1795at system startup. 1796This command is intended to 1797synchronize the system clock only 1798.Em once 1799from some standard reference. 1800An option to set this up initially 1801(from a list of known servers) is also provided by the 1802.Xr sysinstall 8 1803program when the system is first installed. 1804.It Va ntpdate_config 1805.Pq Vt str 1806Configuration file for 1807.Xr ntpdate 8 . 1808Default 1809.Pa /etc/ntp.conf . 1810.It Va ntpdate_hosts 1811.Pq Vt str 1812A whitespace-separated list of NTP servers to synchronize with at startup. 1813The default is to use the servers listed in 1814.Va ntpdate_config , 1815if that file exists. 1816.It Va ntpdate_program 1817.Pq Vt str 1818Path to 1819.Xr ntpdate 8 1820(default 1821.Pa /usr/sbin/ntpdate ) . 1822.It Va ntpdate_flags 1823.Pq Vt str 1824If 1825.Va ntpdate_enable 1826is set to 1827.Dq Li YES , 1828these are the flags to pass to the 1829.Xr ntpdate 8 1830command (typically a hostname). 1831.It Va ntpd_enable 1832.Pq Vt bool 1833If set to 1834.Dq Li YES , 1835run the 1836.Xr ntpd 8 1837command at boot time. 1838.It Va ntpd_program 1839.Pq Vt str 1840Path to 1841.Xr ntpd 8 1842(default 1843.Pa /usr/sbin/ntpd ) . 1844.It Va ntpd_config 1845.Pq Vt str 1846Path to 1847.Xr ntpd 8 1848configuration file. 1849Default 1850.Pa /etc/ntp.conf . 1851.It Va ntpd_flags 1852.Pq Vt str 1853If 1854.Va ntpd_enable 1855is set to 1856.Dq Li YES , 1857these are the flags to pass to the 1858.Xr ntpd 8 1859daemon. 1860.It Va ntpd_sync_on_start 1861.Pq Vt bool 1862If set to 1863.Dq Li YES , 1864.Xr ntpd 8 1865is run with the 1866.Fl g 1867flag, which syncs the system's clock on startup. 1868See 1869.Xr ntpd 8 1870for more information regarding the 1871.Fl g 1872option. 1873This is a preferred alternative to using 1874.Xr ntpdate 8 1875or specifying the 1876.Va ntpdate_enable 1877variable. 1878.It Va nis_client_enable 1879.Pq Vt bool 1880If set to 1881.Dq Li YES , 1882run the 1883.Xr ypbind 8 1884service at system boot time. 1885.It Va nis_client_flags 1886.Pq Vt str 1887If 1888.Va nis_client_enable 1889is set to 1890.Dq Li YES , 1891these are the flags to pass to the 1892.Xr ypbind 8 1893service. 1894.It Va nis_ypset_enable 1895.Pq Vt bool 1896If set to 1897.Dq Li YES , 1898run the 1899.Xr ypset 8 1900daemon at system boot time. 1901.It Va nis_ypset_flags 1902.Pq Vt str 1903If 1904.Va nis_ypset_enable 1905is set to 1906.Dq Li YES , 1907these are the flags to pass to the 1908.Xr ypset 8 1909daemon. 1910.It Va nis_server_enable 1911.Pq Vt bool 1912If set to 1913.Dq Li YES , 1914run the 1915.Xr ypserv 8 1916daemon at system boot time. 1917.It Va nis_server_flags 1918.Pq Vt str 1919If 1920.Va nis_server_enable 1921is set to 1922.Dq Li YES , 1923these are the flags to pass to the 1924.Xr ypserv 8 1925daemon. 1926.It Va nis_ypxfrd_enable 1927.Pq Vt bool 1928If set to 1929.Dq Li YES , 1930run the 1931.Xr rpc.ypxfrd 8 1932daemon at system boot time. 1933.It Va nis_ypxfrd_flags 1934.Pq Vt str 1935If 1936.Va nis_ypxfrd_enable 1937is set to 1938.Dq Li YES , 1939these are the flags to pass to the 1940.Xr rpc.ypxfrd 8 1941daemon. 1942.It Va nis_yppasswdd_enable 1943.Pq Vt bool 1944If set to 1945.Dq Li YES , 1946run the 1947.Xr rpc.yppasswdd 8 1948daemon at system boot time. 1949.It Va nis_yppasswdd_flags 1950.Pq Vt str 1951If 1952.Va nis_yppasswdd_enable 1953is set to 1954.Dq Li YES , 1955these are the flags to pass to the 1956.Xr rpc.yppasswdd 8 1957daemon. 1958.It Va rpc_ypupdated_enable 1959.Pq Vt bool 1960If set to 1961.Dq Li YES , 1962run the 1963.Nm rpc.ypupdated 1964daemon at system boot time. 1965.It Va bsnmpd_enable 1966.Pq Vt bool 1967If set to 1968.Dq Li YES , 1969run the 1970.Xr bsnmpd 1 1971daemon at system boot time. 1972Be sure to understand the security implications of running SNMP daemon 1973on your host. 1974.It Va bsnmpd_flags 1975.Pq Vt str 1976If 1977.Va bsnmpd_enable 1978is set to 1979.Dq Li YES , 1980these are the flags to pass to the 1981.Xr bsnmpd 1 1982daemon. 1983.It Va defaultrouter 1984.Pq Vt str 1985If not set to 1986.Dq Li NO , 1987create a default route to this host name or IP address 1988(use an IP address if this router is also required to get to the 1989name server!). 1990.It Va ipv6_defaultrouter 1991.Pq Vt str 1992The IPv6 equivalent of 1993.Va defaultrouter . 1994.It Va static_routes 1995.Pq Vt str 1996Set to the list of static routes that are to be added at system 1997boot time. 1998If not set to 1999.Dq Li NO 2000then for each whitespace separated 2001.Ar element 2002in the value, a 2003.Va route_ Ns Aq Ar element 2004variable is assumed to exist 2005whose contents will later be passed to a 2006.Dq Nm route Cm add 2007operation. 2008For example: 2009.Bd -literal 2010static_routes="mcast gif0local" 2011route_mcast="-net 224.0.0.0/4 -iface gif0" 2012route_gif0local="-host 169.254.1.1 -iface lo0" 2013.Ed 2014.It Va ipv6_static_routes 2015.Pq Vt str 2016The IPv6 equivalent of 2017.Va static_routes . 2018If not set to 2019.Dq Li NO 2020then for each whitespace separated 2021.Ar element 2022in the value, a 2023.Va ipv6_route_ Ns Aq Ar element 2024variable is assumed to exist 2025whose contents will later be passed to a 2026.Dq Nm route Cm add Fl inet6 2027operation. 2028.It Va natm_static_routes 2029.Pq Vt str 2030The 2031.Xr natmip 4 2032equivalent of 2033.Va static_routes . 2034If not empty then for each whitespace separated 2035.Ar element 2036in the value, a 2037.Va route_ Ns Aq Ar element 2038variable is assumed to exist whose contents will later be passed to a 2039.Dq Nm atmconfig Cm natm Cm add 2040operation. 2041.It Va gateway_enable 2042.Pq Vt bool 2043If set to 2044.Dq Li YES , 2045configure host to act as an IP router, e.g.\& to forward packets 2046between interfaces. 2047.It Va ipv6_gateway_enable 2048.Pq Vt bool 2049The IPv6 equivalent of 2050.Va gateway_enable . 2051.It Va router_enable 2052.Pq Vt bool 2053If set to 2054.Dq Li YES , 2055run a routing daemon of some sort, based on the 2056settings of 2057.Va router 2058and 2059.Va router_flags . 2060.It Va ipv6_router_enable 2061.Pq Vt bool 2062The IPv6 equivalent of 2063.Va router_enable . 2064If set to 2065.Dq Li YES , 2066run a routing daemon of some sort, based on the 2067settings of 2068.Va ipv6_router 2069and 2070.Va ipv6_router_flags . 2071.It Va router 2072.Pq Vt str 2073If 2074.Va router_enable 2075is set to 2076.Dq Li YES , 2077this is the name of the routing daemon to use. 2078.It Va ipv6_router 2079.Pq Vt str 2080The IPv6 equivalent of 2081.Va router . 2082.It Va router_flags 2083.Pq Vt str 2084If 2085.Va router_enable 2086is set to 2087.Dq Li YES , 2088these are the flags to pass to the routing daemon. 2089.It Va ipv6_router_flags 2090.Pq Vt str 2091The IPv6 equivalent of 2092.Va router_flags . 2093.It Va mrouted_enable 2094.Pq Vt bool 2095If set to 2096.Dq Li YES , 2097run the multicast routing daemon, 2098.Xr mrouted 8 . 2099.It Va mroute6d_enable 2100.Pq Vt bool 2101The IPv6 equivalent of 2102.Va mrouted_enable . 2103If set to 2104.Dq Li YES , 2105run the IPv6 multicast routing daemon. 2106.Pp 2107Note that multicast routing daemons are no longer included in the 2108.Fx 2109base system, however, both 2110.Xr mrouted 8 2111and 2112.Xr pim6dd 8 2113may be installed from the 2114.Fx 2115Ports Collection. 2116.It Va mrouted_flags 2117.Pq Vt str 2118If 2119.Va mrouted_enable 2120is set to 2121.Dq Li YES , 2122these are the flags to pass to the 2123.Xr mrouted 8 2124daemon. 2125.It Va mroute6d_flags 2126.Pq Vt str 2127The IPv6 equivalent of 2128.Va mrouted_flags . 2129If 2130.Va mroute6d_enable 2131is set to 2132.Dq Li YES , 2133these are the flags passed to the IPv6 multicast routing daemon. 2134.It Va mroute6d_program 2135.Pq Vt str 2136If 2137.Va mroute6d_enable 2138is set to 2139.Dq Li YES , 2140this is the path to the IPv6 multicast routing daemon. 2141.It Va rtadvd_enable 2142.Pq Vt bool 2143If set to 2144.Dq Li YES , 2145run the 2146.Xr rtadvd 8 2147daemon at boot time. 2148.Xr rtadvd 8 2149will only run if 2150.Va ipv6_gateway_enable 2151is also set to 2152.Dq Li YES . 2153The 2154.Xr rtadvd 8 2155utility sends router advertisement packets to the interfaces specified in 2156.Va rtadvd_interfaces 2157and should only be enabled with great care. 2158You may want to fine-tune 2159.Xr rtadvd.conf 5 . 2160.It Va rtadvd_interfaces 2161.Pq Vt str 2162If 2163.Va rtadvd_enable 2164is set to 2165.Dq Li YES 2166this is the list of interfaces to use. 2167.It Va ipxgateway_enable 2168.Pq Vt bool 2169If set to 2170.Dq Li YES , 2171enable the routing of IPX traffic. 2172.It Va ipxrouted_enable 2173.Pq Vt bool 2174If set to 2175.Dq Li YES , 2176run the 2177.Xr IPXrouted 8 2178daemon at system boot time. 2179.It Va ipxrouted_flags 2180.Pq Vt str 2181If 2182.Va ipxrouted_enable 2183is set to 2184.Dq Li YES , 2185these are the flags to pass to the 2186.Xr IPXrouted 8 2187daemon. 2188.It Va arpproxy_all 2189.Pq Vt bool 2190If set to 2191.Dq Li YES , 2192enable global proxy ARP. 2193.It Va forward_sourceroute 2194.Pq Vt bool 2195If set to 2196.Dq Li YES 2197and 2198.Va gateway_enable 2199is also set to 2200.Dq Li YES , 2201source-routed packets are forwarded. 2202.It Va accept_sourceroute 2203.Pq Vt bool 2204If set to 2205.Dq Li YES , 2206the system will accept source-routed packets directed at it. 2207.It Va rarpd_enable 2208.Pq Vt bool 2209If set to 2210.Dq Li YES , 2211run the 2212.Xr rarpd 8 2213daemon at system boot time. 2214.It Va rarpd_flags 2215.Pq Vt str 2216If 2217.Va rarpd_enable 2218is set to 2219.Dq Li YES , 2220these are the flags to pass to the 2221.Xr rarpd 8 2222daemon. 2223.It Va bootparamd_enable 2224.Pq Vt bool 2225If set to 2226.Dq Li YES , 2227run the 2228.Xr bootparamd 8 2229daemon at system boot time. 2230.It Va bootparamd_flags 2231.Pq Vt str 2232If 2233.Va bootparamd_enable 2234is set to 2235.Dq Li YES , 2236these are the flags to pass to the 2237.Xr bootparamd 8 2238daemon. 2239.It Va stf_interface_ipv4addr 2240.Pq Vt str 2241If not set to 2242.Dq Li NO , 2243this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling 2244interface). 2245Specify this entry to enable the 6to4 interface. 2246.It Va stf_interface_ipv4plen 2247.Pq Vt int 2248Prefix length for 6to4 IPv4 addresses, to limit peer address range. 2249An effective value is 0-31. 2250.It Va stf_interface_ipv6_ifid 2251.Pq Vt str 2252IPv6 interface ID for 2253.Xr stf 4 . 2254This can be set to 2255.Dq Li AUTO . 2256.It Va stf_interface_ipv6_slaid 2257.Pq Vt str 2258IPv6 Site Level Aggregator for 2259.Xr stf 4 . 2260.It Va ipv6_faith_prefix 2261.Pq Vt str 2262If not set to 2263.Dq Li NO , 2264this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP 2265translator. 2266You also need 2267.Xr faithd 8 2268setup. 2269.It Va ipv6_ipv4mapping 2270.Pq Vt bool 2271If set to 2272.Dq Li YES 2273this enables IPv4 mapped IPv6 address communication (like 2274.Li ::ffff:a.b.c.d ) . 2275.It Va atm_enable 2276.Pq Vt bool 2277Set to 2278.Dq Li YES 2279to enable the configuration of ATM interfaces at system boot time. 2280For all of the ATM variables described below, please refer to the 2281.Xr atm 8 2282manual page for further details on the available command parameters. 2283Also refer to the files in 2284.Pa /usr/share/examples/atm 2285for more detailed configuration information. 2286.It Va atm_load 2287.Pq Vt str 2288This is a list of physical ATM interface drivers to load. 2289Typical values are 2290.Dq Li hfa_pci 2291and/or 2292.Dq Li hea_pci . 2293.It Va atm_netif_ Ns Aq Ar intf 2294.Pq Vt str 2295For the ATM physical interface 2296.Ar intf , 2297this variable defines the name prefix and count for the ATM network 2298interfaces to be created. 2299The value will be passed as the parameters of an 2300.Dq Nm atm Cm "set netif" Ar intf 2301command. 2302.It Va atm_sigmgr_ Ns Aq Ar intf 2303.Pq Vt str 2304For the ATM physical interface 2305.Ar intf , 2306this variable defines the ATM signalling manager to be used. 2307The value will be passed as the parameters of an 2308.Dq Nm atm Cm attach Ar intf 2309command. 2310.It Va atm_prefix_ Ns Aq Ar intf 2311.Pq Vt str 2312For the ATM physical interface 2313.Ar intf , 2314this variable defines the NSAP prefix for interfaces using a UNI signalling 2315manager. 2316If set to 2317.Dq Li ILMI , 2318the prefix will automatically be set via the 2319.Xr ilmid 8 2320daemon. 2321Otherwise, the value will be passed as the parameters of an 2322.Dq Nm atm Cm "set prefix" Ar intf 2323command. 2324.It Va atm_macaddr_ Ns Aq Ar intf 2325.Pq Vt str 2326For the ATM physical interface 2327.Ar intf , 2328this variable defines the MAC address for interfaces using a UNI signalling 2329manager. 2330If set to 2331.Dq Li NO , 2332the hardware MAC address contained in the ATM interface card will be used. 2333Otherwise, the value will be passed as the parameters of an 2334.Dq Nm atm Cm "set mac" Ar intf 2335command. 2336.It Va atm_arpserver_ Ns Aq Ar netif 2337.Pq Vt str 2338For the ATM network interface 2339.Ar netif , 2340this variable defines the ATM address for a host which is to provide ATMARP 2341service. 2342This variable is only applicable to interfaces using a UNI signalling 2343manager. 2344If set to 2345.Dq Li local , 2346this host will become an ATMARP server. 2347The value will be passed as the parameters of an 2348.Dq Nm atm Cm "set arpserver" Ar netif 2349command. 2350.It Va atm_scsparp_ Ns Aq Ar netif 2351.Pq Vt bool 2352If set to 2353.Dq Li YES , 2354SCSP/ATMARP service for the network interface 2355.Ar netif 2356will be initiated using the 2357.Xr scspd 8 2358and 2359.Xr atmarpd 8 2360daemons. 2361This variable is only applicable if 2362.Va atm_arpserver_ Ns Aq Ar netif 2363is set to 2364.Dq Li local . 2365.It Va atm_pvcs 2366.Pq Vt str 2367Set to the list of ATM PVCs to be added at system 2368boot time. 2369For each whitespace separated 2370.Ar element 2371in the value, an 2372.Va atm_pvc_ Ns Aq Ar element 2373variable is assumed to exist. 2374The value of each of these variables 2375will be passed as the parameters of an 2376.Dq Nm atm Cm "add pvc" 2377command. 2378.It Va atm_arps 2379.Pq Vt str 2380Set to the list of permanent ATM ARP entries to be added 2381at system boot time. 2382For each whitespace separated 2383.Ar element 2384in the value, an 2385.Va atm_arp_ Ns Aq Ar element 2386variable is assumed to exist. 2387The value of each of these variables 2388will be passed as the parameters of an 2389.Dq Nm atm Cm "add arp" 2390command. 2391.It Va natm_interfaces 2392.Pq Vt str 2393Set to the list of 2394.Xr natm 4 2395interfaces that will also be used for HARP through 2396.Xr harp 4 . 2397If this list is not empty all interfaces in the list will be brought up 2398with 2399.Xr ifconfig 8 2400and 2401.Xr harp 4 2402will be loaded. 2403For this to work the interface drivers must be either compiled into the 2404kernel or must reside on the root partition. 2405.It Va keybell 2406.Pq Vt str 2407The keyboard bell sound. 2408Set to 2409.Dq Li normal , 2410.Dq Li visual , 2411.Dq Li off , 2412or 2413.Dq Li NO 2414if the default behavior is desired. 2415For details, refer to the 2416.Xr kbdcontrol 1 2417manpage. 2418.It Va keyboard 2419.Pq Vt str 2420If set to a non-null string, the virtual console's keyboard input is 2421set to this device. 2422.It Va keymap 2423.Pq Vt str 2424If set to 2425.Dq Li NO , 2426no keymap is installed, otherwise the value is used to install 2427the keymap file in 2428.Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd . 2429.It Va keyrate 2430.Pq Vt str 2431The keyboard repeat speed. 2432Set to 2433.Dq Li slow , 2434.Dq Li normal , 2435.Dq Li fast , 2436or 2437.Dq Li NO 2438if the default behavior is desired. 2439.It Va keychange 2440.Pq Vt str 2441If not set to 2442.Dq Li NO , 2443attempt to program the function keys with the value. 2444The value should 2445be a single string of the form: 2446.Dq Ar funkey_number new_value Op Ar funkey_number new_value ... . 2447.It Va cursor 2448.Pq Vt str 2449Can be set to the value of 2450.Dq Li normal , 2451.Dq Li blink , 2452.Dq Li destructive , 2453or 2454.Dq Li NO 2455to set the cursor behavior explicitly or choose the default behavior. 2456.It Va scrnmap 2457.Pq Vt str 2458If set to 2459.Dq Li NO , 2460no screen map is installed, otherwise the value is used to install 2461the screen map file in 2462.Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value . 2463.It Va font8x16 2464.Pq Vt str 2465If set to 2466.Dq Li NO , 2467the default 8x16 font value is used for screen size requests, otherwise 2468the value in 2469.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2470is used. 2471.It Va font8x14 2472.Pq Vt str 2473If set to 2474.Dq Li NO , 2475the default 8x14 font value is used for screen size requests, otherwise 2476the value in 2477.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2478is used. 2479.It Va font8x8 2480.Pq Vt str 2481If set to 2482.Dq Li NO , 2483the default 8x8 font value is used for screen size requests, otherwise 2484the value in 2485.Pa /usr/share/syscons/fonts/ Ns Aq Ar value 2486is used. 2487.It Va blanktime 2488.Pq Vt int 2489If set to 2490.Dq Li NO , 2491the default screen blanking interval is used, otherwise it is set 2492to 2493.Ar value 2494seconds. 2495.It Va saver 2496.Pq Vt str 2497If not set to 2498.Dq Li NO , 2499this is the actual screen saver to use 2500.Li ( blank , snake , daemon , 2501etc). 2502.It Va moused_nondefault_enable 2503.Pq Vt str 2504If set to 2505.Dq Li NO , 2506the mouse device specified on 2507the command line is not automatically treated as enabled by the 2508.Pa /etc/rc.d/moused 2509script. 2510Having this variable set to 2511.Dq Li YES 2512allows a 2513.Xr usb 4 2514mouse, 2515for example, 2516to be enabled as soon as it is plugged in. 2517.It Va moused_enable 2518.Pq Vt str 2519If set to 2520.Dq Li YES , 2521the 2522.Xr moused 8 2523daemon is started for doing cut/paste selection on the console. 2524.It Va moused_type 2525.Pq Vt str 2526This is the protocol type of the mouse connected to this host. 2527This variable must be set if 2528.Va moused_enable 2529is set to 2530.Dq Li YES . 2531The 2532.Xr moused 8 2533daemon 2534is able to detect the appropriate mouse type automatically in many cases. 2535Set this variable to 2536.Dq Li auto 2537to let the daemon detect it, or 2538select one from the following list if the automatic detection fails. 2539.Pp 2540If the mouse is attached to the PS/2 mouse port, choose 2541.Dq Li auto 2542or 2543.Dq Li ps/2 , 2544regardless of the brand and model of the mouse. 2545Likewise, if the 2546mouse is attached to the bus mouse port, choose 2547.Dq Li auto 2548or 2549.Dq Li busmouse . 2550All other protocols are for serial mice and will not work with 2551the PS/2 and bus mice. 2552If this is a USB mouse, 2553.Dq Li auto 2554is the only protocol type which will work. 2555.Pp 2556.Bl -tag -width ".Li x10mouseremote" -compact 2557.It Li microsoft 2558Microsoft mouse (serial) 2559.It Li intellimouse 2560Microsoft IntelliMouse (serial) 2561.It Li mousesystems 2562Mouse systems Corp.\& mouse (serial) 2563.It Li mmseries 2564MM Series mouse (serial) 2565.It Li logitech 2566Logitech mouse (serial) 2567.It Li busmouse 2568A bus mouse 2569.It Li mouseman 2570Logitech MouseMan and TrackMan (serial) 2571.It Li glidepoint 2572ALPS GlidePoint (serial) 2573.It Li thinkingmouse 2574Kensington ThinkingMouse (serial) 2575.It Li ps/2 2576PS/2 mouse 2577.It Li mmhittab 2578MM HitTablet (serial) 2579.It Li x10mouseremote 2580X10 MouseRemote (serial) 2581.It Li versapad 2582Interlink VersaPad (serial) 2583.El 2584.Pp 2585Even if the mouse is not in the above list, it may be compatible 2586with one in the list. 2587Refer to the manual page for 2588.Xr moused 8 2589for compatibility information. 2590.Pp 2591It should also be noted that while this is enabled, any 2592other client of the mouse (such as an X server) should access 2593the mouse through the virtual mouse device, 2594.Pa /dev/sysmouse , 2595and configure it as a 2596.Dq Li sysmouse 2597type mouse, since all 2598mouse data is converted to this single canonical format when 2599using 2600.Xr moused 8 . 2601If the client program does not support the 2602.Dq Li sysmouse 2603type, 2604specify the 2605.Dq Li mousesystems 2606type. 2607It is the second preferred type. 2608.It Va moused_port 2609.Pq Vt str 2610If 2611.Va moused_enable 2612is set to 2613.Dq Li YES , 2614this is the actual port the mouse is on. 2615It might be 2616.Pa /dev/cuad0 2617for a COM1 serial mouse, 2618.Pa /dev/psm0 2619for a PS/2 mouse or 2620.Pa /dev/mse0 2621for a bus mouse, for example. 2622.It Va moused_flags 2623.Pq Vt str 2624If 2625.Va moused_type 2626is set, these are the additional flags to pass to the 2627.Xr moused 8 2628daemon. 2629.It Va mousechar_start 2630.Pq Vt int 2631If set to 2632.Dq Li NO , 2633the default mouse cursor character range 2634.Li 0xd0 Ns - Ns Li 0xd3 2635is used, 2636otherwise the range start is set 2637to 2638.Ar value 2639character, see 2640.Xr vidcontrol 1 . 2641Use if the default range is occupied in the language code table. 2642.It Va allscreens_flags 2643.Pq Vt str 2644If set, 2645.Xr vidcontrol 1 2646is run with these options for each of the virtual terminals 2647.Pq Pa /dev/ttyv* . 2648For example, 2649.Dq Fl m Cm on 2650will enable the mouse pointer on all virtual terminals 2651if 2652.Va moused_enable 2653is set to 2654.Dq Li YES . 2655.It Va allscreens_kbdflags 2656.Pq Vt str 2657If set, 2658.Xr kbdcontrol 1 2659is run with these options for each of the virtual terminals 2660.Pq Pa /dev/ttyv* . 2661For example, 2662.Dq Fl h Li 200 2663will set the 2664.Xr syscons 4 2665scrollback (history) buffer to 200 lines. 2666.It Va cron_enable 2667.Pq Vt bool 2668If set to 2669.Dq Li YES , 2670run the 2671.Xr cron 8 2672daemon at system boot time. 2673.It Va cron_program 2674.Pq Vt str 2675Path to 2676.Xr cron 8 2677(default 2678.Pa /usr/sbin/cron ) . 2679.It Va cron_flags 2680.Pq Vt str 2681If 2682.Va cron_enable 2683is set to 2684.Dq Li YES , 2685these are the flags to pass to 2686.Xr cron 8 . 2687.It Va cron_dst 2688.Pq Vt bool 2689If set to 2690.Dq Li YES , 2691enable the special handling of transitions to and from the 2692Daylight Saving Time in 2693.Xr cron 8 2694(equivalent to using the flag 2695.Fl s ) . 2696.It Va lpd_program 2697.Pq Vt str 2698Path to 2699.Xr lpd 8 2700(default 2701.Pa /usr/sbin/lpd ) . 2702.It Va lpd_enable 2703.Pq Vt bool 2704If set to 2705.Dq Li YES , 2706run the 2707.Xr lpd 8 2708daemon at system boot time. 2709.It Va lpd_flags 2710.Pq Vt str 2711If 2712.Va lpd_enable 2713is set to 2714.Dq Li YES , 2715these are the flags to pass to the 2716.Xr lpd 8 2717daemon. 2718.It Va chkprintcap_enable 2719.Pq Vt bool 2720If set to 2721.Dq Li YES , 2722run the 2723.Xr chkprintcap 8 2724command before starting the 2725.Xr lpd 8 2726daemon. 2727.It Va chkprintcap_flags 2728.Pq Vt str 2729If 2730.Va lpd_enable 2731and 2732.Va chkprintcap_enable 2733are set to 2734.Dq Li YES , 2735these are the flags to pass to the 2736.Xr chkprintcap 8 2737program. 2738The default is 2739.Dq Li -d , 2740which causes missing directories to be created. 2741.It Va mta_start_script 2742.Pq Vt str 2743This variable specifies the full path to the script to run to start 2744a mail transfer agent. 2745The default is 2746.Pa /etc/rc.sendmail . 2747The 2748.Va sendmail_* 2749variables which 2750.Pa /etc/rc.sendmail 2751uses are documented in the 2752.Xr rc.sendmail 8 2753manual page. 2754.It Va dumpdev 2755.Pq Vt str 2756Indicates the device (usually a swap partition) to which a crash dump 2757should be written in the event of a system crash. 2758If the value of this variable is 2759.Dq Li AUTO , 2760the first suitable swap device listed in 2761.Pa /etc/fstab 2762will be used as dump device. 2763Otherwise, the value of this variable is passed as the argument to 2764.Xr dumpon 8 . 2765To disable crash dumps, set this variable to 2766.Dq Li NO . 2767.It Va dumpdir 2768.Pq Vt str 2769When the system reboots after a crash and a crash dump is found on the 2770device specified by the 2771.Va dumpdev 2772variable, 2773.Xr savecore 8 2774will save that crash dump and a copy of the kernel to the directory 2775specified by the 2776.Va dumpdir 2777variable. 2778The default value is 2779.Pa /var/crash . 2780Set to 2781.Dq Li NO 2782to not run 2783.Xr savecore 8 2784at boot time when 2785.Va dumpdir 2786is set. 2787.It Va savecore_flags 2788.Pq Vt str 2789If crash dumps are enabled, these are the flags to pass to the 2790.Xr savecore 8 2791utility. 2792.It Va enable_quotas 2793.Pq Vt bool 2794Set to 2795.Dq Li YES 2796to turn on user disk quotas on system startup via the 2797.Xr quotaon 8 2798command. 2799.It Va check_quotas 2800.Pq Vt bool 2801Set to 2802.Dq Li YES 2803to enable user disk quota checking via the 2804.Xr quotacheck 8 2805command. 2806.It Va accounting_enable 2807.Pq Vt bool 2808Set to 2809.Dq Li YES 2810to enable system accounting through the 2811.Xr accton 8 2812facility. 2813.It Va ibcs2_enable 2814.Pq Vt bool 2815Set to 2816.Dq Li YES 2817to enable iBCS2 (SCO) binary emulation at system initial boot 2818time. 2819.It Va ibcs2_loaders 2820.Pq Vt str 2821If not set to 2822.Dq Li NO 2823and if 2824.Va ibcs2_enable 2825is set to 2826.Dq Li YES , 2827this specifies a list of additional iBCS2 loaders to enable. 2828.It Va linux_enable 2829.Pq Vt bool 2830Set to 2831.Dq Li YES 2832to enable Linux/ELF binary emulation at system initial 2833boot time. 2834.It Va svr4_enable 2835.Pq Vt bool 2836If set to 2837.Dq Li YES , 2838enable SysVR4 emulation at boot time. 2839.It Va sysvipc_enable 2840.Pq Vt bool 2841If set to 2842.Dq Li YES , 2843load System V IPC primitives at boot time. 2844.It Va clear_tmp_enable 2845.Pq Vt bool 2846Set to 2847.Dq Li YES 2848to have 2849.Pa /tmp 2850cleaned at startup. 2851.It Va clear_tmp_X 2852.Pq Vt bool 2853Set to 2854.Dq Li NO 2855to disable removing of X11 lock files, 2856and the removal and (secure) recreation 2857of the various socket directories for X11 2858related programs. 2859.It Va ldconfig_paths 2860.Pq Vt str 2861Set to the list of shared library paths to use with 2862.Xr ldconfig 8 . 2863NOTE: 2864.Pa /usr/lib 2865will always be added first, so it need not appear in this list. 2866.It Va ldconfig32_paths 2867.Pq Vt str 2868Set to the list of 32-bit compatibility shared library paths to 2869use with 2870.Xr ldconfig 8 . 2871.It Va ldconfig_paths_aout 2872.Pq Vt str 2873Set to the list of shared library paths to use with 2874.Xr ldconfig 8 2875legacy 2876.Xr a.out 5 2877support. 2878.It Va ldconfig_insecure 2879.Pq Vt bool 2880The 2881.Xr ldconfig 8 2882utility normally refuses to use directories 2883which are writable by anyone except root. 2884Set this variable to 2885.Dq Li YES 2886to disable that security check during system startup. 2887.It Va ldconfig_local_dirs 2888.Pq Vt str 2889Set to the list of local 2890.Xr ldconfig 8 2891directories. 2892The names of all files in the directories listed will be 2893passed as arguments to 2894.Xr ldconfig 8 . 2895.It Va ldconfig_local32_dirs 2896.Pq Vt str 2897Set to the list of local 32-bit compatibility 2898.Xr ldconfig 8 2899directories. 2900The names of all files in the directories listed will be 2901passed as arguments to 2902.Dq Nm ldconfig Fl 32 . 2903.It Va kern_securelevel_enable 2904.Pq Vt bool 2905Set to 2906.Dq Li YES 2907to set the kernel security level at system startup. 2908.It Va kern_securelevel 2909.Pq Vt int 2910The kernel security level to set at startup. 2911The allowed range of 2912.Ar value 2913ranges from \-1 (the compile time default) to 3 (the 2914most secure). 2915See 2916.Xr init 8 2917for the list of possible security levels and their effect 2918on system operation. 2919.It Va sshd_program 2920.Pq Vt str 2921Path to the SSH server program 2922.Pa ( /usr/sbin/sshd 2923is the default). 2924.It Va sshd_enable 2925.Pq Vt bool 2926Set to 2927.Dq Li YES 2928to start 2929.Xr sshd 8 2930at system boot time. 2931.It Va sshd_flags 2932.Pq Vt str 2933If 2934.Va sshd_enable 2935is set to 2936.Dq Li YES , 2937these are the flags to pass to the 2938.Xr sshd 8 2939daemon. 2940.It Va ftpd_program 2941.Pq Vt str 2942Path to the FTP server program 2943.Pa ( /usr/libexec/ftpd 2944is the default). 2945.It Va ftpd_enable 2946.Pq Vt bool 2947Set to 2948.Dq Li YES 2949to start 2950.Xr ftpd 8 2951as a stand-alone daemon at system boot time. 2952.It Va ftpd_flags 2953.Pq Vt str 2954If 2955.Va ftpd_enable 2956is set to 2957.Dq Li YES , 2958these are the additional flags to pass to the 2959.Xr ftpd 8 2960daemon. 2961.It Va watchdogd_enable 2962.Pq Vt bool 2963If set to 2964.Dq Li YES , 2965start the 2966.Xr watchdogd 8 2967daemon at boot time. 2968This requires that the kernel have been compiled with a 2969.Xr watchdog 4 2970compatible device. 2971.It Va watchdogd_flags 2972.Pq Vt str 2973If 2974.Va watchdogd_enable 2975is set to 2976.Dq Li YES , 2977these are the flags passed to the 2978.Xr watchdogd 8 2979daemon. 2980.It Va performance_cx_lowest 2981.Pq Vt str 2982CPU idle state to use while on AC power. 2983The string 2984.Dq Li LOW 2985indicates that 2986.Xr acpi 4 2987should use the lowest power state available while 2988.Dq Li HIGH 2989indicates that the lowest latency state (less power savings) should be used. 2990.It Va performance_cpu_freq 2991.Pq Vt str 2992CPU clock frequency to use while on AC power. 2993The string 2994.Dq Li LOW 2995indicates that 2996.Xr cpufreq 4 2997should use the lowest frequency available while 2998.Dq Li HIGH 2999indicates that the highest frequency (less power savings) should be used. 3000.It Va economy_cx_lowest 3001.Pq Vt str 3002CPU idle state to use when off AC power. 3003The string 3004.Dq Li LOW 3005indicates that 3006.Xr acpi 4 3007should use the lowest power state available while 3008.Dq Li HIGH 3009indicates that the lowest latency state (less power savings) should be used. 3010.It Va economy_cpu_freq 3011.Pq Vt str 3012CPU clock frequency to use when off AC power. 3013The string 3014.Dq Li LOW 3015indicates that 3016.Xr cpufreq 4 3017should use the lowest frequency available while 3018.Dq Li HIGH 3019indicates that the highest frequency (less power savings) should be used. 3020.It Va jail_enable 3021.Pq Vt bool 3022If set to 3023.Dq Li NO , 3024any configured jails will not be started. 3025.It Va jail_list 3026.Pq Vt str 3027A space separated list of names for jails. 3028This is purely a configuration aid to help identify and 3029configure multiple jails. 3030The names specified in this list will be used to 3031identify settings common to an instance of a jail. 3032Assuming that the jail in question was named 3033.Li vjail , 3034you would have the following dependent variables: 3035.Bd -literal 3036jail_vjail_hostname="jail.example.com" 3037jail_vjail_ip="192.168.1.100" 3038jail_vjail_rootdir="/var/jails/vjail/root" 3039.Ed 3040.Pp 3041.It Va jail_flags 3042.Pq Vt str 3043Unset by default. 3044When set, use as default value for 3045.Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3046for every jail in 3047.Va jail_list . 3048.It Va jail_interface 3049.Pq Vt str 3050Unset by default. 3051When set, use as default value for 3052.Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3053for every jail in 3054.Va jail_list . 3055.It Va jail_fstab 3056.Pq Vt str 3057Unset by default. 3058When set, use as default value for 3059.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3060for every jail in 3061.Va jail_list . 3062.It Va jail_mount_enable 3063.Pq Vt bool 3064Set to 3065.Dq Li NO 3066by default. 3067When set to 3068.Dq Li YES , 3069sets 3070.Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3071to 3072.Dq Li YES 3073by default for every jail in 3074.Va jail_list . 3075.It Va jail_devfs_ruleset 3076.Pq Vt str 3077Unset by default. 3078When set, sets 3079.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3080to given value for every jail in 3081.Va jail_list . 3082.It Va jail_devfs_enable 3083.Pq Vt bool 3084Set to 3085.Dq Li NO 3086by default. 3087When set to 3088.Dq Li YES , 3089sets 3090.Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3091to 3092.Dq Li YES 3093by default for every jail in 3094.Va jail_list . 3095.It Va jail_fdescfs_enable 3096.Pq Vt bool 3097Set to 3098.Dq Li NO 3099by default. 3100When set to 3101.Dq Li YES , 3102sets 3103.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3104to 3105.Dq Li YES 3106by default for every jail in 3107.Va jail_list . 3108.It Va jail_procfs_enable 3109.Pq Vt bool 3110Set to 3111.Dq Li NO 3112by default. 3113When set to 3114.Dq Li YES , 3115sets 3116.Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3117to 3118.Dq Li YES 3119by default for every jail in 3120.Va jail_list . 3121.It Va jail_exec_start 3122.Pq Vt str 3123Unset by default. 3124When set, use as default value for 3125.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3126for every jail in 3127.Va jail_list . 3128.It Va jail_exec_afterstart Ns Aq Ar N 3129.Pq Vt str 3130Unset by default. 3131When set, use as default value for 3132.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3133for every jail in 3134.Va jail_list . 3135.It Va jail_exec_stop 3136Unset by default. 3137When set, use as default value for 3138.Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3139for every jail in 3140.Va jail_list . 3141.It Va jail_ Ns Ao Ar jname Ac Ns Va _rootdir 3142.Pq Vt str 3143Unset by default. 3144Set to the root directory used by jail 3145.Va jname . 3146.It Va jail_ Ns Ao Ar jname Ac Ns Va _hostname 3147.Pq Vt str 3148Unset by default. 3149Set to the fully qualified domain name (FQDN) assigned to jail 3150.Va jname . 3151.It Va jail_ Ns Ao Ar jname Ac Ns Va _ip 3152.Pq Vt str 3153Unset by default. 3154Set to the IP address assigned to jail 3155.Va jname . 3156.It Va jail_ Ns Ao Ar jname Ac Ns Va _flags 3157.Pq Vt str 3158Set to 3159.Dq Li -l -U root 3160by default. 3161These are flags to pass to 3162.Xr jail . 3163.It Va jail_ Ns Ao Ar jname Ac Ns Va _interface 3164.Pq Vt str 3165Unset by default. 3166When set, sets the interface to use when setting IP address alias. 3167Note that the alias is created at jail startup and removed at jail shutdown. 3168.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3169.Pq Vt str 3170Set to 3171.Pa /etc/fstab. Ns Aq Ar jname 3172by default. 3173This is the file system information file to use for jail 3174.Va jname . 3175.It Va jail_ Ns Ao Ar jname Ac Ns Va _mount_enable 3176.Pq Vt bool 3177Set to 3178.Dq Li NO 3179by default. 3180When set to 3181.Dq Li YES , 3182mount all file systems from 3183.Va jail_ Ns Ao Ar jname Ac Ns Va _fstab 3184at jail startup. 3185.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_ruleset 3186.Pq Vt str 3187Unset by default. 3188When set, defines the device file system ruleset file to use for jail 3189.Va jname . 3190.It Va jail_ Ns Ao Ar jname Ac Ns Va _devfs_enable 3191.Pq Vt bool 3192Set to 3193.Dq Li NO 3194by default. 3195When set to 3196.Dq Li YES , 3197mount the device file system inside jail 3198.Ar jname 3199at jail startup. 3200.It Va jail_ Ns Ao Ar jname Ac Ns Va _fdescfs_enable 3201.Pq Vt bool 3202Set to 3203.Dq Li NO 3204by default. 3205When set to 3206.Dq Li YES , 3207mount the file-descriptor file system inside jail 3208.Ar jname 3209at jail startup. 3210.It Va jail_ Ns Ao Ar jname Ac Ns Va _procfs_enable 3211.Pq Vt bool 3212Set to 3213.Dq Li NO 3214by default. 3215When set to 3216.Dq Li YES , 3217mount the process file system inside jail 3218.Ar jname 3219at jail startup. 3220.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_start 3221.Pq Vt str 3222Set to 3223.Dq Li /bin/sh /etc/rc 3224by default. 3225This is the command executed at jail startup. 3226.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_afterstart Ns Aq Ar N 3227.Pq Vt str 3228Unset by default. 3229This is the command run as 3230.Ar N Ns 3231th command 3232after jail startup, where 3233.Ar N 3234is 1, 2, and so on. 3235.It Va jail_ Ns Ao Ar jname Ac Ns Va _exec_stop 3236.Pq Vt str 3237Set to 3238.Dq Li /bin/sh /etc/rc.shutdown 3239by default. 3240This is the command executed at jail shutdown. 3241.It Va jail_set_hostname_allow 3242.Pq Vt bool 3243If set to 3244.Dq Li NO , 3245do not allow the root user in a jail to set its hostname. 3246.It Va jail_socket_unixiproute_only 3247.Pq Vt bool 3248If set to 3249.Dq Li YES , 3250do not allow any sockets, 3251besides UNIX/IP/route sockets, 3252to be used within a jail. 3253.It Va jail_sysvipc_allow 3254.Pq Vt bool 3255If set to 3256.Dq Li YES , 3257allow applications within a jail to use System V IPC. 3258.\" ----- ISDN settings --------------------------------- 3259.It Va isdn_enable 3260.Pq Vt bool 3261Set to 3262.Dq Li NO 3263by default. 3264When set to 3265.Dq Li YES , 3266starts the 3267.Xr isdnd 8 3268daemon 3269at system boot time. 3270.It Va isdn_flags 3271.Pq Vt str 3272Set to 3273.Dq Fl d Ns Cm n Fl d Ns Li 0x1f9 3274by default. 3275Additional flags to pass to 3276.Xr isdnd 8 3277(but see 3278.Va isdn_fsdev 3279and 3280.Va isdn_ttype 3281for certain tunable parameters). 3282.It Va isdn_ttype 3283.Pq Vt str 3284Set to 3285.Dq Li cons25 3286by default. 3287The terminal type of the output device when 3288.Xr isdnd 8 3289operates in full-screen mode. 3290.It Va isdn_screenflags 3291.Pq Vt str 3292Set to 3293.Dq Li NO 3294by default. 3295The video mode for full-screen mode (only for 3296.Xr syscons 4 3297console driver, see 3298.Xr vidcontrol 1 3299for valid modes). 3300.It Va isdn_fsdev 3301.Pq Vt str 3302Set to 3303.Dq Li NO 3304by default. 3305The output device for 3306.Xr isdnd 8 3307in full-screen mode (or 3308.Dq Li NO 3309for daemon mode). 3310.It Va isdn_trace 3311.Pq Vt bool 3312Set to 3313.Dq Li NO 3314by default. 3315When set to 3316.Dq Li YES , 3317enables the ISDN protocol trace utility 3318.Xr isdntrace 8 3319at system boot time. 3320.It Va isdn_traceflags 3321.Pq Vt str 3322Set to 3323.Dq Fl f Pa /var/tmp/isdntrace0 3324by default. 3325Flags for 3326.Xr isdntrace 8 . 3327.\" ----------------------------------------------------- 3328.It Va harvest_interrupt 3329.Pq Vt bool 3330Set to 3331.Dq Li YES 3332to use hardware interrupts as an entropy source. 3333Refer to 3334.Xr random 4 3335for more information. 3336.It Va harvest_ethernet 3337.Pq Vt bool 3338Set to 3339.Dq Li YES 3340to use LAN traffic as an entropy source. 3341Refer to 3342.Xr random 4 3343for more information. 3344.It Va harvest_p_to_p 3345.Pq Vt bool 3346Set to 3347.Dq Li YES 3348to use serial line traffic as an entropy source. 3349Refer to 3350.Xr random 4 3351for more information. 3352.It Va entropy_dir 3353.Pq Vt str 3354Set to 3355.Dq Li NO 3356to disable caching entropy via 3357.Xr cron 8 . 3358Otherwise set to the directory used to store entropy files in. 3359.It Va entropy_file 3360.Pq Vt str 3361Set to 3362.Dq Li NO 3363to disable caching entropy through reboots. 3364Otherwise set to the filename used to store cached entropy through 3365reboots. 3366This file should be located on the root file system to seed the 3367.Xr random 4 3368device as early as possible in the boot process. 3369.It Va entropy_save_sz 3370.Pq Vt int 3371Size of the entropy cache files saved by 3372.Nm save-entropy 3373periodically. 3374.It Va entropy_save_num 3375.Pq Vt int 3376Number of entropy cache files to save by 3377.Nm save-entropy 3378periodically. 3379.It Va ipsec_enable 3380.Pq Vt bool 3381Set to 3382.Dq Li YES 3383to run 3384.Xr setkey 8 3385on 3386.Va ipsec_file 3387at boot time. 3388.It Va ipsec_file 3389.Pq Vt str 3390Configuration file for 3391.Xr setkey 8 . 3392.It Va dmesg_enable 3393.Pq Vt bool 3394Set to 3395.Dq Li YES 3396to save 3397.Xr dmesg 8 3398to 3399.Pa /var/run/dmesg.boot 3400on boot. 3401.It Va rcshutdown_timeout 3402.Pq Vt int 3403If set, start a watchdog timer in the background which will terminate 3404.Pa rc.shutdown 3405if 3406.Xr shutdown 8 3407has not completed within the specified time (in seconds). 3408Notice that in addition to this soft timeout, 3409.Xr init 8 3410also applies a hard timeout for the execution of 3411.Pa rc.shutdown . 3412This is configured via 3413.Xr sysctl 8 3414variable 3415.Va kern.init_shutdown_timeout 3416and defaults to 120 seconds. 3417Setting the value of 3418.Va rcshutdown_timeout 3419to more than 120 seconds will have no effect until the 3420.Xr sysctl 8 3421variable 3422.Va kern.init_shutdown_timeout 3423is also increased. 3424.It Va virecover_enable 3425.Pq Vt bool 3426Set to 3427.Dq Li NO 3428to prevent the system from trying to 3429recover pre-maturely terminated 3430.Xr vi 1 3431sessions. 3432.It Va ugidfw_enable 3433.Pq Vt bool 3434Set to 3435.Dq Li YES 3436to load the 3437.Xr mac_bsdextended 4 3438module upon system initialization and load a default 3439ruleset file. 3440.It Va bsdextended_script 3441.Pq Vt str 3442The default 3443.Xr mac_bsdextended 4 3444ruleset file to load. 3445The default value of this variable is 3446.Pa /etc/rc.bsdextended . 3447.It Va newsyslog_enable 3448.Pq Vt bool 3449If set to 3450.Dq Li YES , 3451run 3452.Xr newsyslog 8 3453command at startup. 3454.It Va newsyslog_flags 3455.Pq Vt str 3456If 3457.Va newsyslog_enable 3458is set to 3459.Dq Li YES , 3460these are the flags to pass to the 3461.Xr newsyslog 8 3462program. 3463The default is 3464.Dq Li -CN , 3465which causes log files flagged with a 3466.Cm C 3467to be created. 3468.It Va mdconfig_md Ns Aq Ar X 3469.Pq Vt str 3470Arguments to 3471.Xr mdconfig 8 3472for 3473.Xr md 4 3474device 3475.Ar X . 3476At minimum a 3477.Fl t Ar type 3478must be specified and either a 3479.Fl s Ar size 3480for malloc or swap backed 3481.Xr md 4 3482devices or a 3483.Fl f Ar file 3484for vnode backed 3485.Xr md 4 3486devices. 3487Note that 3488.Va mdconfig_md Ns Aq Ar X 3489variables are evaluated until one variable is unset or null. 3490.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _newfs 3491.Pq Vt str 3492Optional arguments passed to 3493.Xr newfs 8 3494to initialize 3495.Xr md 4 3496device 3497.Ar X . 3498.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _owner 3499.Pq Vt str 3500An ownership specification passed to 3501.Xr chown 8 3502after the specified 3503.Xr md 4 3504device 3505.Ar X 3506has been mounted. 3507Both the 3508.Xr md 4 3509device and the mount point will be changed. 3510.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _perms 3511.Pq Vt str 3512A mode string passed to 3513.Xr chmod 1 3514after the specified 3515.Xr md 4 3516device 3517.Ar X 3518has been mounted. 3519Both the 3520.Xr md 4 3521device and the mount point will be changed. 3522.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _files 3523.Pq Vt str 3524Files to be copied to the mount point of the 3525.Xr md 4 3526device 3527.Ar X 3528after it has been mounted. 3529.It Va mdconfig_md Ns Ao Ar X Ac Ns Va _cmd 3530.Pq Vt str 3531Command to execute after the specified 3532.Xr md 4 3533device 3534.Ar X 3535has been mounted. 3536Note that the command is passed to 3537.Ic eval 3538and that both 3539.Va _dev 3540and 3541.Va _mp 3542variables can be used to reference respectively the 3543.Xr md 4 3544device and the mount point. 3545Assuming that the 3546.Xr md 4 3547device is 3548.Li md0 , 3549one could set the following: 3550.Bd -literal 3551mdconfig_md0_cmd="tar xfzC /var/file.tgz \e${_mp}" 3552.Ed 3553.It Va ramdisk_units 3554.Pq Vt str 3555A list of one or more ramdisk units to configure with 3556.Xr mdconfig 8 3557and 3558.Xr newfs 8 3559in time to be mounted from 3560.Xr fstab 5 . 3561Each listed unit 3562.Ar X 3563must specify at least a 3564.Ar type 3565in a 3566.Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 3567variable. 3568Note that this way to configure ramdisks has been deprecated 3569in favor of new 3570.Va mdconfig_md* 3571variables (see above). 3572.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _config 3573.Pq Vt str 3574Arguments to 3575.Xr mdconfig 8 3576for ramdisk 3577.Ar X . 3578At minimum a 3579.Fl t Ar type 3580must be specified, where 3581.Ar type 3582must be one of 3583.Cm malloc 3584or 3585.Cm swap . 3586.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _newfs 3587.Pq Vt str 3588Optional arguments passed to 3589.Xr newfs 8 3590to initialize ramdisk 3591.Ar X . 3592.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _owner 3593.Pq Vt str 3594An ownership specification passed to 3595.Xr chown 8 3596after the specified ramdisk unit 3597.Ar X 3598has been mounted. 3599Both the 3600.Xr md 4 3601device and the mount point will be changed. 3602.It Va ramdisk_ Ns Ao Ar X Ac Ns Va _perms 3603.Pq Vt str 3604A mode string passed to 3605.Xr chmod 1 3606after the specified ramdisk unit 3607.Ar X 3608has been mounted. 3609Both the 3610.Xr md 4 3611device and the mount point will be changed. 3612.It Va autobridge_interfaces 3613.Pq Vt str 3614Set to the list of bridge interfaces that will have newly arriving interfaces 3615checked against to be automatically added. 3616If not set to 3617.Dq Li NO 3618then for each whitespace separated 3619.Ar element 3620in the value, a 3621.Va autobridge_ Ns Aq Ar element 3622variable is assumed to exist which has a whitespace separated list of interface 3623names to match, these names can use wildcards. 3624For example: 3625.Bd -literal 3626autobridge_interfaces="bridge0" 3627autobridge_bridge0="tap* dc0 vlan[345]" 3628.Ed 3629.It Va mixer_enable 3630.Pq Vt bool 3631If set to 3632.Dq Li YES , 3633enable support for sound mixer. 3634.El 3635.Sh FILES 3636.Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact 3637.It Pa /etc/defaults/rc.conf 3638.It Pa /etc/rc.conf 3639.It Pa /etc/rc.conf.local 3640.El 3641.Sh SEE ALSO 3642.Xr catman 1 , 3643.Xr chmod 1 , 3644.Xr gdb 1 , 3645.Xr info 1 , 3646.Xr kbdcontrol 1 , 3647.Xr makewhatis 1 , 3648.Xr sh 1 , 3649.Xr vi 1 , 3650.Xr vidcontrol 1 , 3651.Xr bridge 4 , 3652.Xr ip 4 , 3653.Xr ipf 4 , 3654.Xr ipfw 4 , 3655.Xr ipnat 4 , 3656.Xr kld 4 , 3657.Xr pf 4 , 3658.Xr pflog 4 , 3659.Xr pfsync 4 , 3660.Xr tcp 4 , 3661.Xr udp 4 , 3662.Xr exports 5 , 3663.Xr ipf 5 , 3664.Xr ipnat 5 , 3665.Xr motd 5 , 3666.Xr newsyslog.conf 5 , 3667.Xr pf.conf 5 , 3668.Xr accton 8 , 3669.Xr amd 8 , 3670.Xr apm 8 , 3671.Xr atm 8 , 3672.Xr chkprintcap 8 , 3673.Xr chown 8 , 3674.Xr cron 8 , 3675.Xr dhclient 8 , 3676.Xr ftpd 8 , 3677.Xr geli 8 , 3678.Xr ifconfig 8 , 3679.Xr inetd 8 , 3680.Xr ipf 8 , 3681.Xr ipfw 8 , 3682.Xr ipnat 8 , 3683.Xr isdnd 8 , 3684.Xr isdntrace 8 , 3685.Xr jail 8 , 3686.Xr kldxref 8 , 3687.Xr lpd 8 , 3688.Xr mdconfig 8 , 3689.Xr mdmfs 8 , 3690.Xr mixer 8 , 3691.Xr mountd 8 , 3692.Xr moused 8 , 3693.Xr mrouted 8 , 3694.Xr named 8 , 3695.Xr newfs 8 , 3696.Xr newsyslog 8 , 3697.Xr nfsd 8 , 3698.Xr ntpd 8 , 3699.Xr ntpdate 8 , 3700.Xr pcnfsd 8 , 3701.Xr pfctl 8 , 3702.Xr pflogd 8 , 3703.Xr powerd 8 , 3704.Xr quotacheck 8 , 3705.Xr quotaon 8 , 3706.Xr rc 8 , 3707.Xr rc.sendmail 8 , 3708.Xr route 8 , 3709.Xr routed 8 , 3710.Xr rpcbind 8 , 3711.Xr rpc.lockd 8 , 3712.Xr rpc.statd 8 , 3713.Xr rwhod 8 , 3714.Xr savecore 8 , 3715.Xr sshd 8 , 3716.Xr swapon 8 , 3717.Xr sysctl 8 , 3718.Xr syslogd 8 , 3719.Xr timed 8 , 3720.Xr yp 8 , 3721.Xr ypbind 8 , 3722.Xr ypserv 8 , 3723.Xr ypset 8 3724.Sh HISTORY 3725The 3726.Nm 3727file appeared in 3728.Fx 2.2.2 . 3729.Sh AUTHORS 3730.An Jordan K. Hubbard . 3731