4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
13 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND
14 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE
17 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 .\" $FreeBSD: src/share/man/man5/rc.conf.5,v 1.197 2003/07/28 13:56:00 mbr Exp $
26 .\" $DragonFly: src/share/man/man5/rc.conf.5,v 1.42 2007/07/10 22:36:01 swildner Exp $
32 .Nd system configuration information
36 contains descriptive information about the local host name, configuration
37 details for any potential network interfaces and which services should be
38 started up at system initial boot time.
39 In new installations, the
41 file is generally initialized by the installer.
45 is not to run commands or perform system startup actions directly.
46 Instead, it is included by the various generic startup scripts in
48 which conditionalize their
49 internal actions according to the settings found there.
53 file is included from the file
54 .Pa /etc/defaults/rc.conf ,
55 which specifies the default settings for all the available options.
56 Options need only be specified in
58 when the system administrator wishes to override these defaults.
60 .Pa /etc/rc.conf.local
61 is used to override settings in
63 for historical reasons.
68 The following list provides a name and short description for each
69 variable that can be set in the
72 .Bl -tag -width indent-two
77 enable output of debug messages from rc scripts.
78 This variable can be helpful in diagnosing mistakes when
79 editing or integrating new scripts.
80 Beware that this produces copious output to the terminal and
86 disable informational messages from the rc scripts.
87 Informational messages are displayed when
88 a condition that is not serious enough to warrant a warning or an error occurs.
93 no swapfile is installed, otherwise the value is used as the full
94 pathname to a file to use for additional swap space.
99 enable support for Automatic Power Management with the
106 to handle APM event from userland.
107 This also enables support for APM.
114 these are the flags to pass to the
120 to monitor the status of batteries present in the system.
121 This also enables support for APM.
128 these are the flags to pass to the
131 .It Va pccard_ifconfig
133 List of arguments to be passed to
135 at boot time or on insertion of the card (e.g.\&
136 .Dq Cm inet Li 192.168.1.1 Cm netmask Li 255.255.255.0
137 for a fixed address or
140 .It Va pccard_ether_delay
142 Set the delay before starting
145 .Pa /etc/pccard_ether
147 This defaults to 5 seconds to work around a bug in the
149 driver which can lead to system hangs when using some newer
152 .It Va removable_interfaces
154 List of removable network interfaces to be supported by
155 .Pa /etc/pccard_ether .
158 List of directories to search for startup script files.
159 .It Va script_name_sep
161 The field separator to use for breaking down the list of startup script files
162 into individual filenames.
163 The default is a space.
164 It is not necessary to change this unless there are startup scripts with names
166 .It Va hostapd_enable
175 The fully qualified domain name (FQDN) of this host on the network.
176 This should almost certainly be set to something meaningful, even if
177 there is no network connection.
180 is used to set the hostname via DHCP,
181 this variable should be set to an empty string.
184 Enable support for IPv6 networking.
185 Note that this requires that the kernel have been compiled with
186 .Cd "options INET6" .
189 The NIS domain name of this host, or
192 .It Va dhclient_program
194 Path to the DHCP client program
195 .Pa ( /sbin/dhclient ,
196 the ISC DHCP client, is the default).
197 .It Va dhclient_flags
199 Additional flags to pass to the DHCP client program.
200 For the ISC DHCP client, see the
202 manpage for a description of the command line options available.
203 .\".It Va background_dhclient
207 .\"to start the DHCP client in background.
208 .\"This can cause trouble with applications depending on
209 .\"a working network, but it will provide a faster startup in many cases.
217 .It Va dhcrelay_enable
230 If the kernel was not built with
234 kernel module will be loaded.
238 .Va ipfilter_enable .
243 ruleset definition file.
254 these are the flags to pass to
256 when loading the ruleset.
263 which logs packets from
271 this specifies the path of the log file.
282 these are the flags to pass to
284 .It Va firewall_enable
288 to load firewall rules at startup.
289 If the kernel was not built with
290 .Cd "options IPFIREWALL" ,
293 kernel module will be loaded.
297 .Va ipfilter_enable .
298 .It Va ipv6_firewall_enable
300 The IPv6 equivalent of
301 .Va firewall_enable .
304 to load IPv6 firewall rules at startup.
305 If the kernel was not built with
306 .Cd "options IPV6FIREWALL" ,
309 kernel module will be loaded.
310 .It Va firewall_script
312 This variable specifies the full path to the firewall script to run.
314 .Pa /etc/rc.firewall .
315 .It Va ipv6_firewall_script
317 The IPv6 equivalent of
318 .Va firewall_script .
321 Names the firewall type from the selection in
322 .Pa /etc/rc.firewall ,
323 or the file which contains the local firewall ruleset.
324 Valid selections from
328 .Bl -tag -width ".Li simple" -compact
330 unrestricted IP access
332 all IP services disabled, except via
335 basic protection for a workstation on a LAN
341 If a filename is specified, the full path must be given.
342 .It Va firewall_trusted_nets
344 List of trusted networks (if
348 .It Va firewall_trusted_interfaces
350 List of trusted network interfaces (if
354 .It Va firewall_allowed_icmp_types
356 List of allowed ICMP types (if
360 .It Va firewall_open_tcp_ports
362 List of TCP ports to open (if
366 .It Va firewall_open_udp_ports
368 List of UDP ports to open (if
372 .It Va ipv6_firewall_type
374 The IPv6 equivalent of
376 .It Va firewall_quiet
380 to disable the display of firewall rules on the console during boot.
381 .It Va ipv6_firewall_quiet
383 The IPv6 equivalent of
385 .It Va firewall_logging
389 to enable firewall event logging.
390 This is equivalent to the
391 .Dv IPFIREWALL_VERBOSE
393 .It Va ipv6_firewall_logging
395 The IPv6 equivalent of
396 .Va firewall_logging .
397 .It Va firewall_flags
403 specifies a filename.
404 .It Va ipv6_firewall_flags
406 The IPv6 equivalent of
423 sockets must be enabled in the kernel.
424 .It Va natd_interface
426 This is the name of the public interface on which
429 The interface may be given as an interface name or as an IP address.
434 flags should be placed here.
439 flag is automatically added with the above
442 .\" ----- ipfilter_enable setting --------------------------------
443 .It Va ipfilter_enable
454 Typical usage will require putting
456 ipfilter_enable="YES"
474 can be enabled independently.
478 both require at least one of
488 options IPFILTER_DEFAULT_BLOCK
491 in the kernel configuration file is a good idea, too.
495 .Va firewall_enable .
496 .\" ----- ipfilter_program setting ------------------------------
497 .It Va ipfilter_program
503 .\" ----- ipfilter_rules setting --------------------------------
504 .It Va ipfilter_rules
509 This variable contains the name of the filter rule definition file.
510 The file is expected to be readable for the
513 .\" ----- ipv6_ipfilter_rules setting ---------------------------
514 .It Va ipv6_ipfilter_rules
519 This variable contains the IPv6 filter rule definition file.
520 The file is expected to be readable for the
523 .\" ----- ipfilter_flags setting --------------------------------
524 .It Va ipfilter_flags
527 This variable contains flags passed to the
530 .\" ----- ipnat_enable setting ----------------------------------
540 network address translation.
543 for a detailed discussion.
544 .\" ----- ipnat_program setting ---------------------------------
551 .\" ----- ipnat_rules setting -----------------------------------
557 This variable contains the name of the file
558 holding the network address translation definition.
559 This file is expected to be readable for the
562 .\" ----- ipnat_flags setting -----------------------------------
566 This variable contains flags passed to the
569 .\" ----- ipmon_enable setting ----------------------------------
584 Setting this variable needs setting
591 for a detailed discussion.
592 .\" ----- ipmon_program setting ---------------------------------
599 .\" ----- ipmon_flags setting -----------------------------------
605 This variable contains flags passed to the
608 Another typical example would be
609 .Dq Fl D Pa /var/log/ipflog
612 log directly to a file bypassing
615 .Pa /etc/newsyslog.conf
616 in such case like this:
618 /var/log/ipflog 640 10 100 * Z /var/run/ipmon.pid
620 .\" ----- ipfs_enable setting -----------------------------------
630 saving the filter and NAT state tables during shutdown
631 and reloading them during startup again.
632 Setting this variable needs setting
641 for a detailed discussion.
646 cannot be used because the raised securelevel will prevent
648 from saving the state tables at shutdown time.
649 .\" ----- ipfs_program setting ----------------------------------
656 .\" ----- ipfs_flags setting ------------------------------------
660 This variable contains flags passed to the
663 .\" ----- end of added ipf hook ---------------------------------
664 .It Va tcp_extensions
671 disables certain TCP options as described by
677 might help remedy such problems with connections as randomly hanging
678 or other weird behavior.
679 Some network devices are known to be broken with respect to these options.
686 .Va net.inet.tcp.log_in_vain
688 .Va net.inet.udp.log_in_vain ,
693 are set to the given value.
701 will disable probing idle TCP connections to verify that the
702 peer is still up and reachable.
703 .It Va tcp_drop_synfin
710 will cause the kernel to ignore TCP frames that have both
711 the SYN and FIN flags set.
712 This prevents OS fingerprinting, but may break some legitimate applications.
713 This option is only available if the kernel was built with the
716 .It Va icmp_drop_redirect
723 will cause the kernel to ignore ICMP REDIRECT packets.
726 for more information.
727 .It Va icmp_log_redirect
734 will cause the kernel to log ICMP REDIRECT packets.
736 the log messages are not rate-limited, so this option should only be used
737 for troubleshooting networks.
740 for more information.
741 .It Va icmp_bmcastecho
745 to respond to broadcast or multicast ICMP ping packets.
748 for more information.
749 .It Va ip_portrange_first
753 this is the first port in the default portrange.
756 for more information.
757 .It Va ip_portrange_last
761 this is the last port in the default portrange.
764 for more information.
765 .It Va network_interfaces
767 Set to the list of network interfaces to configure on this host.
768 For example, if the only network devices in the system are the loopback device
772 driver, this could be set to
775 .Va ifconfig_ Ns Aq Ar interface
776 variable is also assumed to exist for each value of
778 It is also possible to add IP alias entries here in cases where
779 multiple IP addresses registered against a single interface are desired.
780 Assuming that the interface in question was
782 it might look something like this:
784 ifconfig_ed0_alias0="inet 127.0.0.253 netmask 0xffffffff"
785 ifconfig_ed0_alias1="inet 127.0.0.254 netmask 0xffffffff"
790 .Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
791 entry that is found, its contents are passed to
793 Execution stops at the first unsuccessful access, so if
794 something like this is present:
796 ifconfig_ed0_alias0="inet 127.0.0.251 netmask 0xffffffff"
797 ifconfig_ed0_alias1="inet 127.0.0.252 netmask 0xffffffff"
798 ifconfig_ed0_alias2="inet 127.0.0.253 netmask 0xffffffff"
799 ifconfig_ed0_alias4="inet 127.0.0.254 netmask 0xffffffff"
802 Then note that alias4 would
804 be added since the search would stop with the missing alias3 entry.
807 .Pa /etc/start_if. Ns Aq Ar interface
808 file is present, it is read and executed by the
810 interpreter before configuring the interface as specified in the
811 .Va ifconfig_ Ns Aq Ar interface
813 .Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
816 It is possible to bring up an interface with DHCP by adding
819 .Va ifconfig_ Ns Aq Ar interface
821 For instance, to initialize the
823 device via DHCP, it is possible to use something like:
828 Also, if your interface needs WPA authentication, it is possible to add
831 .Va ifconfig_ Ns Aq Ar interface
836 options in this variable, in addition to the
837 .Pa /etc/start_if. Ns Aq Ar interface
839 For instance, to initialize the
841 device via DHCP, using WPA authentication and 802.11b mode, it is
842 possible to use something like:
844 ifconfig_wi0="up DHCP WPA mode 11b"
847 It is also possible to rename interface by doing:
849 ifconfig_ed0_name="net0"
850 ifconfig_net0="inet 10.0.0.1 netmask 0xffff0000"
852 .It Va ipv6_network_interfaces
854 This is the IPv6 equivalent of
855 .Va network_interfaces .
856 Instead of setting the ifconfig variables as
857 .Va ifconfig_ Ns Aq Ar interface
858 they should be set as
859 .Va ipv6_ifconfig_ Ns Aq Ar interface .
860 Aliases should be set as
861 .Va ipv6_ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n .
862 .Va ipv6_prefix_ Ns Aq Ar interface
864 Interfaces that do not have a
865 .Va ipv6_ifconfig_ Ns Aq Ar interface
866 setting will be auto configured by
869 .Va ipv6_gateway_enable
872 Note that the IPv6 networking code does not support the
873 .Pa /etc/start_if. Ns Aq Ar interface
875 .It Va ipv6_default_interface
879 this is the default output interface for scoped addresses.
880 Now this works only for IPv6 link local multicast addresses.
881 .It Va cloned_interfaces
883 Set to the list of clonable network interfaces to create on this host.
885 .Va cloned_interfaces
886 are automatically appended to
887 .Va network_interfaces
889 .It Va gif_interfaces
893 tunnel interfaces to configure on this host.
895 .Va gifconfig_ Ns Aq Ar interface
896 variable is assumed to exist for each value of
898 The value of this variable is used to configure the link layer of the
899 tunnel according to the syntax of the
903 Additionally, this option ensures that each listed interface is created via the
907 before attempting to configure it.
908 .It Va sppp_interfaces
912 interfaces to configure on this host.
914 .Va spppconfig_ Ns Aq Ar interface
915 variable is assumed to exist for each value of
917 Each interface should also be configured by a general
918 .Va ifconfig_ Ns Aq Ar interface
922 for more information about available options.
932 Mode in which to run the
941 See the manual for a full description.
946 enables network address translation.
947 Used in conjunction with
949 allows hosts on private network addresses access to the Internet using
950 this host as a network address translating router.
953 The name of the profile to use from
954 .Pa /etc/ppp/ppp.conf .
957 The name of the user under which
966 This option is used to specify a list of files that will override
968 .Pa /etc/defaults/rc.conf .
969 The files will be read in the order in which they are specified and should
970 include the full path to the file.
971 By default, the files specified are
974 .Pa /etc/rc.conf.local
982 flag if the initial preen of the file systems fails.
985 List of file system types that are network-based.
986 This list should generally not be modified by end users.
988 .Va extra_netfs_types
990 .It Va extra_netfs_types
992 If set to something other than
994 (the default), this variable extends the list of file system types
995 for which automatic mounting at startup by
997 should be delayed until the network is initialized.
999 a whitespace-separated list of network file system descriptor pairs,
1000 each consisting of a file system type as passed to
1002 and a human-readable, one-word description, joined with a colon
1004 Extending the default list in this way is only necessary
1005 when third party file system types are used.
1006 .It Va syslogd_enable
1013 .It Va syslogd_program
1018 .Pa /usr/sbin/syslogd ) .
1019 .It Va syslogd_flags
1025 these are the flags to pass to
1034 .It Va inetd_program
1039 .Pa /usr/sbin/inetd ) .
1046 these are the flags to pass to
1055 .It Va named_program
1060 .Pa /usr/sbin/named ) .
1067 these are the flags to pass to
1069 .It Va named_pidfile
1071 This is the default path to the
1074 Change it if you change the location in
1075 .Pa /etc/namedb/named.conf .
1076 .It Va named_chrootdir
1078 The root directory for a name server run in a
1083 will not be run in a
1086 .It Va kerberos5_server_enable
1090 to start a Kerberos 5 authentication server at boot time.
1091 .It Va kerberos5_server_program
1094 .Va kerberos5_server_enable
1097 this is the path to Kerberos 5 Authentication Server.
1098 .It Va kadmind5_server_enable
1104 the Kerberos 5 Administration Daemon; set to
1107 .It Va kadmind5_server_program
1110 .Va kadmind5_server_enable
1113 this is the path to Kerberos 5 Administration Daemon.
1114 .It Va kpasswdd_server_enable
1120 the Kerberos 5 Password-Changing Daemon; set to
1123 .It Va kpasswdd_server_program
1126 .Va kpasswdd_server_enable
1129 this is the path to Kerberos 5 Password-Changing Daemon.
1136 daemon at boot time.
1143 these are the flags to pass to it.
1150 daemon at boot time.
1157 these are the flags to pass to it.
1160 manpage for more information.
1161 .It Va amd_map_program
1163 If set, the specified program is run to get the list of
1168 maps are stored in NIS, one can set this to run
1180 will be updated at boot time to reflect the kernel release being run.
1184 will not be updated.
1185 .It Va nfs_client_enable
1189 run the NFS client daemons at boot time.
1190 .It Va nfs_client_flags
1193 .Va nfs_client_enable
1196 these are the flags to pass to the
1199 .It Va nfs_access_cache
1202 .Va nfs_client_enable
1207 to disable NFS ACCESS RPC caching, or to the number of seconds for which
1208 NFS ACCESS results should be cached.
1209 A value of 2-10 seconds will substantially reduce network traffic for
1210 many NFS operations.
1211 The default is 5 seconds.
1212 Note that the attribute cache holds stat information only.
1213 The NFS data cache is independent of the attribute cache and is only
1214 invalidated when the client detects that the server has modified the
1216 This value specifies a maximum timeout.
1217 The NFS client will automatically use a shorter timeout for files which
1218 have been recently modified.
1219 .It Va nfs_neg_cache
1222 .Va nfs_client_enable
1227 to disable the caching of NEGATIVE LOOKUPS (lookups of non-existent
1228 filenames), or to the number of seconds for which negative lookups should
1230 A value of 2-10 seconds will substantially reduce network
1231 traffic for many NFS operations, especially source code builds.
1232 The default is 3 seconds.
1233 .It Va nfs_server_enable
1237 run the NFS server daemons at boot time.
1238 .It Va nfs_server_flags
1241 .Va nfs_server_enable
1244 these are the flags to pass to the
1247 .It Va mountd_enable
1252 .Va nfs_server_enable
1258 It is commonly needed to run CFS without real NFS used.
1265 these are the flags to pass to the
1268 .It Va weak_mountd_authentication
1272 allow services like PCNFSD to make non-privileged mount requests.
1273 .It Va nfs_reserved_port_only
1277 provide NFS services only on a secure port.
1278 .It Va nfs_bufpackets
1280 If set to a number, indicates the number of packets worth of
1281 socket buffer space to reserve on an NFS client.
1282 The kernel default is typically 4.
1283 Using a higher number may be useful on gigabit networks to improve performance.
1284 The minimum value is 2 and the maximum is 64.
1285 .It Va rpc_umntall_enable
1289 (default) and we are also an NFS client, run
1291 at boot time to clear out old mounts on remote servers.
1296 will not be run at boot time.
1297 .It Va rpc_lockd_enable
1301 and also an NFS server, run
1304 .It Va rpc_statd_enable
1308 and also an NFS server, run
1311 .It Va rpcbind_program
1316 .Pa /usr/sbin/rpcbind ) .
1317 .It Va rpcbind_enable
1323 service at boot time.
1324 .It Va rpcbind_flags
1330 these are the flags to pass to the
1333 .It Va keyserv_enable
1339 daemon on boot for running Secure RPC.
1340 .It Va keyserv_flags
1346 these are the flags to pass to
1349 .It Va pppoed_enable
1355 daemon at boot time to provide PPP over Ethernet services.
1356 .It Va pppoed_provider
1359 listens to requests to this provider and ultimately runs
1363 argument of the same name.
1366 Additional flags to pass to
1368 .It Va pppoed_interface
1370 The network interface to run
1373 This is mandatory when
1383 service at boot time.
1384 This command is intended for networks of machines where a consistent
1386 for all hosts must be established.
1387 This is often useful in large NFS environments where time stamps on
1388 files are expected to be consistent network-wide.
1395 these are the flags to pass to the
1404 command at boot time.
1410 .Pa /usr/sbin/ntpd ) .
1417 these are the flags to pass to the
1422 by default which sets the time immediately at startup if the
1423 local clock is off by more than 180 seconds.
1426 from doing this, set
1436 at system boot time.
1437 .It Va dntpd_program
1442 .Pa /usr/sbin/dntpd ) .
1449 these are the flags to pass to the
1452 .It Va nis_client_enable
1458 service at system boot time.
1459 .It Va nis_client_flags
1462 .Va nis_client_enable
1465 these are the flags to pass to the
1468 .It Va nis_ypset_enable
1474 daemon at system boot time.
1475 .It Va nis_ypset_flags
1478 .Va nis_ypset_enable
1481 these are the flags to pass to the
1484 .It Va nis_server_enable
1490 daemon at system boot time.
1491 .It Va nis_server_flags
1494 .Va nis_server_enable
1497 these are the flags to pass to the
1500 .It Va nis_ypxfrd_enable
1506 daemon at system boot time.
1507 .It Va nis_ypxfrd_flags
1510 .Va nis_ypxfrd_enable
1513 these are the flags to pass to the
1516 .It Va nis_yppasswdd_enable
1522 daemon at system boot time.
1523 .It Va nis_yppasswdd_flags
1526 .Va nis_yppasswdd_enable
1529 these are the flags to pass to the
1532 .It Va rpc_ypupdated_enable
1538 daemon at system boot time.
1539 .It Va defaultrouter
1543 create a default route to this host name or IP address
1544 (use an IP address if this router is also required to get to the
1546 .It Va ipv6_defaultrouter
1548 The IPv6 equivalent of
1550 .It Va static_routes
1552 Set to the list of static routes that are to be added at system boot time.
1555 then for each whitespace separated
1558 .Va route_ Ns Aq Ar element
1559 variable is assumed to exist whose contents will later be passed to a
1562 .It Va ipv6_static_routes
1564 The IPv6 equivalent of
1568 then for each whitespace separated
1571 .Va ipv6_route_ Ns Aq Ar element
1572 variable is assumed to exist whose contents will later be passed to a
1573 .Dq Nm route Cm add Fl inet6
1575 .It Va gateway_enable
1579 configure host to act as an IP router, e.g. to forward packets
1581 .It Va ipv6_gateway_enable
1583 The IPv6 equivalent of
1584 .Va gateway_enable .
1585 .It Va router_enable
1589 run a routing daemon of some sort, based on the settings of
1593 .It Va ipv6_router_enable
1595 The IPv6 equivalent of
1599 run a routing daemon of some sort, based on the settings of
1600 .Va ipv6_router_program
1602 .Va ipv6_router_flags .
1603 .It Va router_program
1609 this is the name of the routing daemon to use.
1610 .It Va ipv6_router_program
1612 The IPv6 equivalent of
1613 .Va router_program .
1620 these are the flags to pass to the routing daemon.
1621 .It Va ipv6_router_flags
1623 The IPv6 equivalent of
1625 .It Va mrouted_enable
1629 run the multicast routing daemon,
1631 .It Va mroute6d_enable
1633 The IPv6 equivalent of
1634 .Va mrouted_enable .
1637 run the IPv6 multicast routing daemon.
1638 Note that no IPv6 multicast routing daemon is included in the
1642 can be installed from the
1645 .It Va mrouted_flags
1651 these are the flags to pass to the
1654 .It Va mroute6d_flags
1656 The IPv6 equivalent of
1662 these are the flags passed to the IPv6 multicast routing daemon.
1663 .It Va mroute6d_program
1669 this is the path to the IPv6 multicast routing daemon.
1670 .It Va rtadvd_enable
1676 daemon at boot time.
1679 .Va ipv6_gateway_enable
1684 utility sends router advertisement packets to the interfaces specified in
1685 .Va rtadvd_interfaces .
1687 and should only be enabled with great care.
1688 You may want to fine-tune
1690 .It Va rtadvd_interfaces
1696 this is the list of interfaces to use.
1697 .It Va ipxgateway_enable
1701 enable the routing of IPX traffic.
1702 .It Va ipxrouted_enable
1708 daemon at system boot time.
1709 .It Va ipxrouted_flags
1712 .Va ipxrouted_enable
1715 these are the flags to pass to the
1722 enable global proxy ARP.
1723 .It Va forward_sourceroute
1731 source-routed packets are forwarded.
1732 .It Va accept_sourceroute
1736 the system will accept source-routed packets directed at it.
1743 daemon at system boot time.
1750 these are the flags to pass to the
1753 .It Va bootparamd_enable
1759 daemon at system boot time.
1760 .It Va bootparamd_flags
1763 .Va bootparamd_enable
1766 these are the flags to pass to the
1769 .It Va stf_interface_ipv4addr
1773 this is the local IPv4 address for 6to4 (IPv6 over IPv4 tunneling interface).
1774 Specify this entry to enable the 6to4 interface.
1775 .It Va stf_interface_ipv4plen
1777 Prefix length for 6to4 IPv4 addresses, to limit peer address range.
1778 An effective value is 0-31.
1779 .It Va stf_interface_ipv6_ifid
1781 IPv6 interface ID for
1785 .It Va stf_interface_ipv6_slaid
1787 IPv6 Site Level Aggregator for
1789 .It Va ipv6_faith_prefix
1793 this is the faith prefix to enable a FAITH IPv6-to-IPv4 TCP translator.
1797 .It Va ipv6_ipv4mapping
1801 this enables IPv4 mapped IPv6 address communication (like
1802 .Li ::ffff:a.b.c.d ) .
1807 to enable the configuration of ATM interfaces at system boot time.
1808 For all of the ATM variables described below, please refer to the
1810 man page for further details on the available command parameters.
1811 Also refer to the files in
1812 .Pa /usr/share/examples/atm
1813 for more detailed configuration information.
1814 .It Va atm_netif_ Ns Aq Ar intf
1816 For the ATM physical interface
1818 this variable defines the name prefix and count for the ATM network
1819 interfaces to be created.
1820 The value will be passed as the parameters of an
1821 .Dq Nm atm Cm "set netif" Ar intf
1823 .It Va atm_sigmgr_ Ns Aq Ar intf
1825 For the ATM physical interface
1827 this variable defines the ATM signalling manager to be used.
1828 The value will be passed as the parameters of an
1829 .Dq Nm atm Cm attach Ar intf
1831 .It Va atm_prefix_ Ns Aq Ar intf
1833 For the ATM physical interface
1835 this variable defines the NSAP prefix for interfaces using a UNI signalling
1839 the prefix will automatically be set via the
1842 Otherwise, the value will be passed as the parameters of an
1843 .Dq Nm atm Cm "set prefix" Ar intf
1845 .It Va atm_macaddr_ Ns Aq Ar intf
1847 For the ATM physical interface
1849 this variable defines the MAC address for interfaces using a UNI signalling
1853 the hardware MAC address contained in the ATM interface card will be used.
1854 Otherwise, the value will be passed as the parameters of an
1855 .Dq Nm atm Cm "set mac" Ar intf
1857 .It Va atm_arpserver_ Ns Aq Ar netif
1859 For the ATM network interface
1861 this variable defines the ATM address for a host which is to provide ATMARP
1863 This variable is only applicable to interfaces using a UNI signalling manager.
1866 this host will become an ATMARP server.
1867 The value will be passed as the parameters of an
1868 .Dq Nm atm Cm "set arpserver" Ar netif
1870 .It Va atm_scsparp_ Ns Aq Ar netif
1874 SCSP/ATMARP service for the network interface
1876 will be initiated using the
1881 This variable is only applicable if
1882 .Va atm_arpserver_ Ns Aq Ar netif
1887 Set to the list of permanent ATM ARP entries to be added at system boot time.
1888 For each whitespace separated
1891 .Va atm_arp_ Ns Aq Ar element
1892 variable is assumed to exist.
1893 The value of each of these variables will be passed as the parameters of an
1894 .Dq Nm atm Cm "add arp"
1898 The keyboard bell sound.
1905 if the default behavior is desired.
1906 For details, refer to the
1913 no keymap is installed, otherwise the value is used to install
1915 .Pa /usr/share/syscons/keymaps/ Ns Ao Ar value Ac Ns Pa .kbd .
1918 The keyboard repeat speed.
1925 if the default behavior is desired.
1930 attempt to program the function keys with the value.
1931 The value should be a single string of the form:
1932 .Dq Ar funkey_number new_value Op Ar funkey_number new_value ... .
1935 Can be set to the value of
1938 .Dq Li destructive ,
1941 to set the cursor behavior explicitly or choose the default behavior.
1946 no screen map is installed, otherwise the value is used to install
1947 the screen map file in
1948 .Pa /usr/share/syscons/scrnmaps/ Ns Aq Ar value .
1953 the default 8x16 font value is used for screen size requests, otherwise
1955 .Pa /usr/share/syscons/fonts/ Ns Aq Ar value
1961 the default 8x14 font value is used for screen size requests, otherwise
1963 .Pa /usr/share/syscons/fonts/ Ns Aq Ar value
1969 the default 8x8 font value is used for screen size requests, otherwise
1971 .Pa /usr/share/syscons/fonts/ Ns Aq Ar value
1977 the default screen blanking interval is used, otherwise it is set to
1984 this is the actual screen saver to use
1985 .Li ( blank , snake , daemon ,
1987 .It Va moused_enable
1993 daemon is started for doing cut/paste selection on the console.
1996 This is the protocol type of the mouse connected to this host.
1997 This variable must be set if
2004 is able to detect the appropriate mouse type automatically in many cases.
2005 Set this variable to
2007 to let the daemon detect it, or
2008 select one from the following list if the automatic detection fails.
2010 If the mouse is attached to the PS/2 mouse port, choose
2014 regardless of the brand and model of the mouse.
2015 Likewise, if the mouse is attached to the bus mouse port, choose
2019 All other protocols are for serial mice and will not work with
2020 the PS/2 and bus mice.
2021 If this is a USB mouse,
2023 is the only protocol type which will work.
2025 .Bl -tag -width ".Li x10mouseremote" -compact
2027 Microsoft mouse (serial)
2029 Microsoft IntelliMouse (serial)
2031 Mouse systems Corp. mouse (serial)
2033 MM Series mouse (serial)
2035 Logitech mouse (serial)
2039 Logitech MouseMan and TrackMan (serial)
2041 ALPS GlidePoint (serial)
2042 .It Li thinkingmouse
2043 Kensington ThinkingMouse (serial)
2047 MM HitTablet (serial)
2048 .It Li x10mouseremote
2049 X10 MouseRemote (serial)
2051 Interlink VersaPad (serial)
2054 Even if the mouse is not in the above list, it may be compatible
2055 with one in the list.
2056 Refer to the man page for
2058 for compatibility information.
2060 It should also be noted that while this is enabled, any
2061 other client of the mouse (such as an X server) should access
2062 the mouse through the virtual mouse device,
2064 and configure it as a
2066 type mouse, since all
2067 mouse data is converted to this single canonical format when using
2069 If the client program does not support the
2074 It is the second preferred type.
2081 this is the actual port the mouse is on.
2084 for a COM1 serial mouse,
2088 for a bus mouse, for example.
2093 is set, these are the additional flags to pass to the
2096 .It Va mousechar_start
2100 the default mouse cursor character range
2101 .Li 0xd0 Ns - Ns Li 0xd3
2102 is used, otherwise the range start is set to
2106 Use if the default range is occupied in the language code table.
2109 Set the size of the history (scrollback) buffer in lines.
2110 .It Va allscreens_flags
2114 is run with these options for each of the virtual terminals
2118 will enable the mouse pointer on all virtual terminals if
2122 .It Va allscreens_kbdflags
2126 is run with these options for each of the virtual terminals
2132 scrollback (history) buffer to 200 lines.
2139 daemon at system boot time.
2145 .Pa /usr/sbin/cron ) .
2152 these are the flags to pass to
2159 .Pa /usr/sbin/lpd ) .
2166 daemon at system boot time.
2173 these are the flags to pass to the
2182 settings across reboots.
2183 .It Va mta_start_script
2185 This variable specifies the full path to the script to run to start
2186 a mail transfer agent.
2188 .Pa /etc/rc.sendmail .
2192 .Pa /etc/rc.sendmail
2193 uses are documented in the
2198 Indicates the device (usually a swap partition) to which a crash dump
2199 should be written in the event of a system crash.
2200 The value of this variable is passed as the argument to
2202 To disable crash dumps, set this variable to
2206 When the system reboots after a crash and a crash dump is found on the
2207 device specified by the
2211 will save that crash dump and a copy of the kernel to the directory
2215 The default value is
2224 .It Va savecore_flags
2226 If crash dumps are enabled, these are the flags to pass to the
2229 .It Va enable_quotas
2233 to turn on user disk quotas on system startup via the
2240 to enable user disk quota checking via the
2243 .It Va accounting_enable
2247 to enable system accounting through the
2254 to enable Linux/ELF binary emulation at system initial boot time.
2255 .It Va sysvipc_enable
2259 load System V IPC primitives at boot time.
2260 .\" ----- cleanvar_enable setting--------------------------------
2261 .It Va cleanvar_enable
2269 .Pa /var/spool/uucp/.Temp/*
2271 .\" ----- clear_tmp_enable setting-------------------------------
2272 .It Va clear_tmp_enable
2279 .\" ----- ldconfig_paths setting --------------------------------
2280 .It Va ldconfig_paths
2282 Set to the list of shared library paths to use with
2286 will always be added first, so it need not appear in this list.
2287 .It Va ldconfig_insecure
2291 utility normally refuses to use directories
2292 which are writable by anyone except root.
2293 Set this variable to
2295 to disable that security check during system startup.
2296 .It Va kern_securelevel
2298 The kernel security level to set at startup.
2299 The allowed range of
2301 ranges from \-1 (the compile time default) to 3 (the most secure).
2304 for the list of possible security levels and their effect on system operation.
2311 at system boot time.
2318 at system boot time.
2321 Path to the SSH server program
2322 .Pa ( /usr/sbin/sshd
2330 these are the flags to pass to the
2339 at system boot time.
2346 these are the flags to pass to the
2355 daemon at boot time.
2362 these are the flags passed to
2365 .It Va watchdogd_enable
2371 daemon at boot time.
2372 This requires that the kernel have been compiled with
2373 .Cd "options WATCHDOG" .
2378 any configured jails will not be started.
2381 A space separated list of names for jails.
2382 This is purely a configuration aid to help identify and
2383 configure multiple jails.
2384 The names specified in this list will be used to
2385 identify settings common to an instance of a jail.
2386 Assuming that the jail in question was named
2388 you would have the following dependent variables:
2390 jail_vjail_hostname="jail.example.com"
2391 jail_vjail_ip="192.168.1.100"
2392 jail_vjail_rootdir="/var/jails/vjail/root"
2393 jail_vjail_exec="/bin/sh /etc/rc"
2396 The last one is optional.
2400 .It Va jail_set_hostname_allow
2404 do not allow the root user in a jail to set its hostname.
2405 .It Va jail_socket_unixiproute_only
2409 do not allow any protocol, besides TCP/IP, to be used within a jail.
2410 .It Va jail_sysvipc_allow
2414 allow applications within a jail to use System V IPC.
2415 .It Va resident_enable
2419 make the dynamic binaries listed in
2420 .Pa /etc/resident.conf
2422 .It Va varsym_enable
2427 .Pa /etc/varsym.conf
2428 to set system-wide variables for variant symlinks.
2433 or a whitespace separated list of IRQ numbers which will be used as a source of
2435 .\" ----- isdn settings ---------------------------------
2445 daemon at system boot time.
2449 .Dq Fl d Ns Cm n Fl d Ns Li 0x1f9
2451 Additional flags to pass to
2457 for certain tunable parameters).
2463 The terminal type of the output device when
2465 operates in full-screen mode.
2466 .It Va isdn_screenflags
2471 The video mode for full-screen mode (only for
2481 The output device for
2483 in full-screen mode (or
2493 enables the ISDN protocol trace utility
2495 at system boot time.
2496 .It Va isdn_traceflags
2499 .Dq Fl f Pa /var/tmp/isdntrace0
2503 .\" -----------------------------------------------------
2508 to disable caching entropy via
2510 Otherwise set to the directory used to store entropy files in.
2515 to disable caching entropy through reboots.
2516 Otherwise set to the filename used to store cached entropy through reboots.
2517 This file should be located on the root file system to seed the
2519 device as early as possible in the boot process.
2520 .It Va entropy_save_sz
2522 Size of the entropy cache files saved by
2525 .It Va entropy_save_num
2527 Number of entropy cache files to save by
2541 Configuration file for
2550 .Pa /var/run/dmesg.boot
2552 .It Va rcshutdown_timeout
2554 If set, start a watchdog timer in the background which will terminate
2558 has not completed within the specified time (in seconds).
2561 .Bl -tag -width ".Pa /etc/defaults/rc.conf" -compact
2562 .It Pa /etc/defaults/rc.conf
2564 .It Pa /etc/rc.conf.local
2582 .Xr resident.conf 5 ,
2642 .An Jordan K. Hubbard .
projects / dragonfly.git / blob